t\x00', &(0x7f0000000480), 0x24, 0x0) 02:55:57 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$VIDIOC_ENUMAUDIO(r0, 0xc0345641, &(0x7f0000000000)={0x8, "9ccc81fddd58a372d1f7557fb5cee626a5313b5ace6f3fb09a5848aa52c027da", 0x1, 0x1}) [ 293.697785] x86/PAT: syz-executor.3:11170 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 293.754344] FAULT_INJECTION: forcing a failure. [ 293.754344] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 293.782268] CPU: 0 PID: 11170 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 293.790021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.799387] Call Trace: [ 293.801993] dump_stack+0x138/0x197 [ 293.805642] should_fail.cold+0x10f/0x159 [ 293.809811] ? __might_sleep+0x93/0xb0 [ 293.813716] __alloc_pages_nodemask+0x1d6/0x7a0 [ 293.818404] ? __alloc_pages_slowpath+0x2930/0x2930 [ 293.823431] ? rcu_read_lock_sched_held+0x110/0x130 [ 293.828474] copy_process.part.0+0x26a/0x6a00 [ 293.832987] ? save_trace+0x290/0x290 [ 293.836799] ? proc_fail_nth_write+0x7d/0x180 [ 293.841317] ? proc_cwd_link+0x1b0/0x1b0 [ 293.845387] ? __f_unlock_pos+0x19/0x20 [ 293.849379] ? find_held_lock+0x35/0x130 [ 293.853548] ? __cleanup_sighand+0x50/0x50 [ 293.857793] ? lock_downgrade+0x6e0/0x6e0 [ 293.861962] _do_fork+0x19e/0xce0 [ 293.865431] ? fork_idle+0x280/0x280 [ 293.869160] ? fput+0xd4/0x150 [ 293.872363] ? SyS_write+0x15e/0x230 [ 293.876093] SyS_clone+0x37/0x50 [ 293.879501] ? sys_vfork+0x30/0x30 [ 293.883053] do_syscall_64+0x1e8/0x640 [ 293.886952] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 293.891825] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 293.897059] RIP: 0033:0x4598e9 02:55:57 executing program 5 (fault-call:5 fault-nth:3): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 293.900236] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 293.907932] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 293.915188] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 293.922617] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 293.929976] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 293.937245] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:55:57 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000000)={[{0x6fd, 0x1000, 0x400, 0x0, 0x10000, 0x7, 0xff, 0x2, 0xffffffffffffff25, 0x7, 0x1, 0x7, 0x7fffffff}, {0x4, 0x2, 0x8dc, 0x1, 0x5, 0x8, 0x5, 0x7f, 0x3, 0x81, 0x9, 0x1, 0x5a2062c6}, {0xcf17, 0x61704816, 0x80, 0xac79, 0x2, 0x4, 0x3, 0x1000, 0xdd17116, 0x80, 0x4, 0x80000001, 0x100000001}], 0x4}) [ 294.007553] FAULT_INJECTION: forcing a failure. [ 294.007553] name failslab, interval 1, probability 0, space 0, times 0 [ 294.019083] CPU: 1 PID: 11182 Comm: syz-executor.5 Not tainted 4.14.143 #0 [ 294.026675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.038753] Call Trace: [ 294.041451] dump_stack+0x138/0x197 [ 294.045102] should_fail.cold+0x10f/0x159 [ 294.049263] should_failslab+0xdb/0x130 [ 294.049279] kmem_cache_alloc+0x47/0x780 02:55:57 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = geteuid() r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r5, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r5}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)={{}, {}, [{0x2, 0x2, 0xee01}, {0x2, 0x5, r1}, {0x2, 0x4, 0xee01}, {0x2, 0xc, r5}], {}, [], {0x10, 0x4}}, 0x44, 0x0) [ 294.049300] fib6_add+0x1683/0x27d0 [ 294.049312] ? lock_acquire+0x16f/0x430 [ 294.063239] x86/PAT: syz-executor.3:11170 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 294.065095] ? __ip6_ins_rt+0x59/0xa0 [ 294.065110] __ip6_ins_rt+0x6e/0xa0 [ 294.065124] ip6_route_add+0xf8/0x110 [ 294.065134] ? icmp6_dst_alloc+0x580/0x580 [ 294.065150] ipv6_route_ioctl+0x1e5/0x270 [ 294.065160] ? rt6_purge_dflt_routers+0x470/0x470 [ 294.065169] ? get_pid_task+0x98/0x140 [ 294.065200] inet6_ioctl+0x102/0x1b0 [ 294.077648] sock_do_ioctl+0x64/0xb0 [ 294.077661] sock_ioctl+0x2a6/0x470 [ 294.077671] ? dlci_ioctl_set+0x40/0x40 [ 294.077682] do_vfs_ioctl+0x7ae/0x1060 [ 294.077694] ? selinux_file_mprotect+0x5d0/0x5d0 [ 294.109730] x86/PAT: syz-executor.3:11170 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 294.110369] ? lock_downgrade+0x6e0/0x6e0 [ 294.110384] ? ioctl_preallocate+0x1c0/0x1c0 [ 294.110398] ? __fget+0x237/0x370 [ 294.110412] ? security_file_ioctl+0x89/0xb0 [ 294.110422] SyS_ioctl+0x8f/0xc0 [ 294.110430] ? do_vfs_ioctl+0x1060/0x1060 [ 294.110454] do_syscall_64+0x1e8/0x640 [ 294.110463] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.110480] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 294.110488] RIP: 0033:0x4598e9 [ 294.110494] RSP: 002b:00007f3c6a9e8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.110505] RAX: ffffffffffffffda RBX: 00007f3c6a9e8c90 RCX: 00000000004598e9 [ 294.110510] RDX: 0000000020000000 RSI: 000000000000890b RDI: 0000000000000005 02:55:57 executing program 3 (fault-call:8 fault-nth:2): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:55:57 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYPTR64=&(0x7f0000000000)=ANY=[@ANYRES64], @ANYRESHEX, @ANYRES64], @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="0800000053bb9dd2734aa7d00e5054039822c9bc1bab02a29a2a1c575cbf0f9beff5c3bd0303b2075219d88afc84496d118b301f31617071b096bcd53fd3aa4e3faf7ea613a04c457ca968a5e6032104eb1d030e1d1e3835086680207d0000000000000000001000000000008ade9e035c", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x9, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x400, 0x0) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000100)=0x4) [ 294.110515] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 294.110520] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c6a9e96d4 [ 294.110525] R13: 00000000004c5863 R14: 00000000004d9fc0 R15: 0000000000000006 [ 294.236841] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:55:57 executing program 1: r0 = open(&(0x7f0000000000)='./file0\x00', 0x422080, 0x0) getegid() ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='sxstem.po{ix_ccl_default\x00', &(0x7f0000000040)={{}, {0x1, 0x2}, [], {}, [], {}, {0x20, 0x7}}, 0x24, 0x0) 02:55:57 executing program 4: r0 = socket$inet(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="24000000210007041dfffd946f610500810000e8fe02080100010800080010000400ff7e", 0x24}], 0x1}, 0x0) [ 294.402024] x86/PAT: syz-executor.3:11207 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 294.436698] FAULT_INJECTION: forcing a failure. [ 294.436698] name failslab, interval 1, probability 0, space 0, times 0 02:55:57 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x200, 0x100) 02:55:57 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4) r1 = socket(0x11, 0x800000003, 0x81) bind(r1, &(0x7f0000000000)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) write$binfmt_aout(r1, &(0x7f0000000680)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffca88}, "e890"}, 0x618e) 02:55:57 executing program 5 (fault-call:5 fault-nth:4): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 294.492297] CPU: 1 PID: 11207 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 294.499363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.508717] Call Trace: [ 294.508737] dump_stack+0x138/0x197 [ 294.508755] should_fail.cold+0x10f/0x159 [ 294.508770] should_failslab+0xdb/0x130 [ 294.523099] kmem_cache_alloc+0x2d7/0x780 [ 294.527255] ? creds_are_invalid+0x48/0x110 [ 294.531589] ? __validate_process_creds+0x14c/0x200 [ 294.536706] prepare_creds+0x3e/0x380 02:55:57 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000b0000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r3 = socket$inet(0xa, 0x801, 0x84) r4 = syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0x5c3, 0x129040) ioctl$VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f0000000300)={0x0, 0x7, 0x4, 0x334550b07d6fffb1, {0x0, 0x7530}, {0x2, 0x8, 0x8, 0xaf6, 0x0, 0x5, "fff28f28"}, 0x9, 0x1, @planes=&(0x7f0000000240)={0x100, 0xfffffffffffffff7, @userptr=0x1d7b}, 0x4}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000000c0)={r6, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000580)={r6, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000000)={r6, 0x6e, "3e6ab7a1e9a18b686b2795e5ce5610e55d788fc26c0226855f73fda1398c4c7f576498971d4db605e2745c35b8e77fcfeae4138e1c04c947345e7f19fba9c78a317d91a92a5dfdb11859b48aec78f5fb7e4895cbb866ea211ad669faaa9491c56b6bb6b3c4a0ee054c64a4afcc4b"}, &(0x7f00000000c0)=0x76) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={r7, @in6={{0xa, 0x4e20, 0x8000000000000000, @mcast2, 0x6a4b}}, 0xffffffffffff8001, 0x725, 0x1, 0x9, 0x8}, &(0x7f00000001c0)=0x98) [ 294.540570] copy_creds+0x7b/0x4f0 [ 294.544117] ? lockdep_init_map+0x9/0x10 [ 294.548182] copy_process.part.0+0x868/0x6a00 [ 294.548201] ? save_trace+0x290/0x290 [ 294.548214] ? proc_fail_nth_write+0x7d/0x180 [ 294.560988] ? proc_cwd_link+0x1b0/0x1b0 [ 294.565059] ? __f_unlock_pos+0x19/0x20 [ 294.569055] ? __cleanup_sighand+0x50/0x50 [ 294.573416] ? lock_downgrade+0x6e0/0x6e0 [ 294.578094] _do_fork+0x19e/0xce0 [ 294.581562] ? fork_idle+0x280/0x280 [ 294.585301] ? fput+0xd4/0x150 [ 294.588508] ? SyS_write+0x15e/0x230 02:55:58 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x1, 0x80000) ioctl$VIDIOC_G_ENC_INDEX(r1, 0x8818564c, &(0x7f0000000540)) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000000040)=0x5) [ 294.592245] SyS_clone+0x37/0x50 [ 294.595624] ? sys_vfork+0x30/0x30 [ 294.599333] do_syscall_64+0x1e8/0x640 [ 294.603226] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.608078] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 294.613428] RIP: 0033:0x4598e9 [ 294.616615] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 294.624334] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 294.631599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 294.631605] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 294.631610] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 294.631616] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 294.686636] FAULT_INJECTION: forcing a failure. [ 294.686636] name failslab, interval 1, probability 0, space 0, times 0 [ 294.698205] CPU: 0 PID: 11226 Comm: syz-executor.5 Not tainted 4.14.143 #0 [ 294.705231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.714594] Call Trace: [ 294.717194] dump_stack+0x138/0x197 [ 294.720842] should_fail.cold+0x10f/0x159 [ 294.725000] ? fib6_add_1+0x210/0xde0 [ 294.728821] should_failslab+0xdb/0x130 [ 294.732817] kmem_cache_alloc+0x47/0x780 [ 294.736893] ? fib6_add+0x1683/0x27d0 [ 294.740708] fib6_add_1+0x858/0xde0 [ 294.744351] fib6_add+0x17cb/0x27d0 [ 294.747992] ? lock_acquire+0x16f/0x430 [ 294.751970] ? __ip6_ins_rt+0x59/0xa0 [ 294.755810] __ip6_ins_rt+0x6e/0xa0 [ 294.759449] ip6_route_add+0xf8/0x110 [ 294.763259] ? icmp6_dst_alloc+0x580/0x580 [ 294.767506] ipv6_route_ioctl+0x1e5/0x270 [ 294.771662] ? rt6_purge_dflt_routers+0x470/0x470 [ 294.776513] ? get_pid_task+0x98/0x140 [ 294.780440] inet6_ioctl+0x102/0x1b0 [ 294.784254] sock_do_ioctl+0x64/0xb0 [ 294.787981] sock_ioctl+0x2a6/0x470 [ 294.791649] ? dlci_ioctl_set+0x40/0x40 [ 294.795628] do_vfs_ioctl+0x7ae/0x1060 [ 294.799525] ? selinux_file_mprotect+0x5d0/0x5d0 [ 294.804294] ? lock_downgrade+0x6e0/0x6e0 [ 294.808478] ? ioctl_preallocate+0x1c0/0x1c0 [ 294.812895] ? __fget+0x237/0x370 [ 294.813381] x86/PAT: syz-executor.3:11207 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 294.816352] ? security_file_ioctl+0x89/0xb0 [ 294.816366] SyS_ioctl+0x8f/0xc0 [ 294.832818] ? do_vfs_ioctl+0x1060/0x1060 [ 294.836984] do_syscall_64+0x1e8/0x640 [ 294.837154] x86/PAT: syz-executor.3:11207 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 294.840868] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.840884] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 294.840892] RIP: 0033:0x4598e9 [ 294.840897] RSP: 002b:00007f3c6a9e8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 294.870481] RAX: ffffffffffffffda RBX: 00007f3c6a9e8c90 RCX: 00000000004598e9 [ 294.877757] RDX: 0000000020000000 RSI: 000000000000890b RDI: 0000000000000005 02:55:58 executing program 3 (fault-call:8 fault-nth:3): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 294.885028] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 294.892306] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c6a9e96d4 [ 294.899578] R13: 00000000004c5863 R14: 00000000004d9fc0 R15: 0000000000000006 02:55:58 executing program 4: syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000100)=[{&(0x7f0000000380)="800000003804000019000300e60100006c00000000000000010000000100000000400000004000007fffde00000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x0, 0x0) [ 295.022251] x86/PAT: syz-executor.3:11237 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 295.060010] FAULT_INJECTION: forcing a failure. [ 295.060010] name failslab, interval 1, probability 0, space 0, times 0 [ 295.085172] CPU: 0 PID: 11237 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 295.092338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.101708] Call Trace: [ 295.101730] dump_stack+0x138/0x197 [ 295.101745] should_fail.cold+0x10f/0x159 [ 295.101759] should_failslab+0xdb/0x130 [ 295.101770] kmem_cache_alloc+0x2d7/0x780 [ 295.101784] ? creds_are_invalid+0x48/0x110 [ 295.124836] ? __validate_process_creds+0x14c/0x200 [ 295.129874] prepare_creds+0x3e/0x380 [ 295.133700] copy_creds+0x7b/0x4f0 [ 295.137247] ? lockdep_init_map+0x9/0x10 [ 295.141317] copy_process.part.0+0x868/0x6a00 [ 295.145829] ? save_trace+0x290/0x290 [ 295.149667] ? proc_fail_nth_write+0x7d/0x180 [ 295.154170] ? proc_cwd_link+0x1b0/0x1b0 [ 295.158257] ? __f_unlock_pos+0x19/0x20 [ 295.162254] ? __cleanup_sighand+0x50/0x50 [ 295.166843] ? lock_downgrade+0x6e0/0x6e0 [ 295.171014] _do_fork+0x19e/0xce0 [ 295.174474] ? fork_idle+0x280/0x280 [ 295.178197] ? fput+0xd4/0x150 [ 295.181417] ? SyS_write+0x15e/0x230 [ 295.185152] SyS_clone+0x37/0x50 [ 295.188546] ? sys_vfork+0x30/0x30 [ 295.192093] do_syscall_64+0x1e8/0x640 [ 295.195983] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.200838] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 295.206122] RIP: 0033:0x4598e9 [ 295.209322] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:55:58 executing program 5 (fault-call:5 fault-nth:5): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 295.217035] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 295.224310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 295.231582] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 295.238959] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 295.246410] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 295.256321] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 295.271959] x86/PAT: syz-executor.3:11237 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 295.298324] EXT4-fs (loop4): invalid inodes per group: 16384 [ 295.298324] [ 295.306952] FAULT_INJECTION: forcing a failure. [ 295.306952] name failslab, interval 1, probability 0, space 0, times 0 [ 295.318318] CPU: 0 PID: 11244 Comm: syz-executor.5 Not tainted 4.14.143 #0 [ 295.325339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.334695] Call Trace: [ 295.337298] dump_stack+0x138/0x197 [ 295.340947] should_fail.cold+0x10f/0x159 [ 295.345116] should_failslab+0xdb/0x130 [ 295.349115] kmem_cache_alloc_node+0x56/0x780 [ 295.353618] ? __atomic_notifier_call_chain+0xc2/0x150 [ 295.358996] __alloc_skb+0x9c/0x500 [ 295.362640] ? skb_scrub_packet+0x4b0/0x4b0 [ 295.366969] ? lwtunnel_get_encap_size+0x50/0x2a0 [ 295.371826] ? rt6_nlmsg_size.isra.0+0x79/0x120 [ 295.376622] inet6_rt_notify+0xf6/0x290 [ 295.380794] fib6_add+0x18d0/0x27d0 [ 295.384438] ? lock_acquire+0x16f/0x430 [ 295.388431] ? __ip6_ins_rt+0x59/0xa0 [ 295.392262] __ip6_ins_rt+0x6e/0xa0 [ 295.395901] ip6_route_add+0xf8/0x110 [ 295.399709] ? icmp6_dst_alloc+0x580/0x580 [ 295.404045] ipv6_route_ioctl+0x1e5/0x270 [ 295.408219] ? rt6_purge_dflt_routers+0x470/0x470 [ 295.413066] ? get_pid_task+0x98/0x140 [ 295.416999] inet6_ioctl+0x102/0x1b0 [ 295.420724] sock_do_ioctl+0x64/0xb0 [ 295.424471] sock_ioctl+0x2a6/0x470 [ 295.428197] ? dlci_ioctl_set+0x40/0x40 [ 295.432181] do_vfs_ioctl+0x7ae/0x1060 [ 295.436102] ? selinux_file_mprotect+0x5d0/0x5d0 [ 295.440898] ? lock_downgrade+0x6e0/0x6e0 [ 295.445082] ? ioctl_preallocate+0x1c0/0x1c0 [ 295.449499] ? __fget+0x237/0x370 [ 295.452963] ? security_file_ioctl+0x89/0xb0 [ 295.457410] SyS_ioctl+0x8f/0xc0 [ 295.460793] ? do_vfs_ioctl+0x1060/0x1060 [ 295.464954] do_syscall_64+0x1e8/0x640 [ 295.468854] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.473716] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 295.478912] RIP: 0033:0x4598e9 [ 295.482100] RSP: 002b:00007f3c6a9e8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 295.489813] RAX: ffffffffffffffda RBX: 00007f3c6a9e8c90 RCX: 00000000004598e9 [ 295.497090] RDX: 0000000020000000 RSI: 000000000000890b RDI: 0000000000000005 [ 295.504629] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 295.512007] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c6a9e96d4 02:55:58 executing program 1: getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r0) lstat(&(0x7f00000017c0)='./file0\x00', &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f00000002c0)=[r1]) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r5, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r5}) syz_mount_image$ntfs(&(0x7f0000000100)='ntfs\x00', &(0x7f0000000140)='./file0\x00', 0xffffffff7fffffff, 0x4, &(0x7f0000001900)=[{&(0x7f0000000540)="f0ef3c909560d952b0ea6396554ad113c1ee4be7575e960510a89e8f1396226e616c8a1c93aff46b1639f3e16eb5ae7bf44838ce22c153f11327927139430c2d819ba8cad4b3b53c39129dd64297375c5a6195841a29ced6dd8f45d115b49c5f6cf64c6261f67f94ba412b7990bdfdda1dafce30d2f8bf4fc1199fb96d709432869874391f879f6e1e5bbc4100017b3552a08abb10aef7633fd382682cb769920fcb5517ba0ee9a2c65df93a7c4a5c108a8b37bdc3caebffbcafd49341a4d7ee9c8986aa249867eb2f64036dd5b1d3e4bb385d9e37d5d3c6d3b1036738fc06d0618a7d555f94a1b5ef31106b89587a490e865db5b743dbd5f95f5bf79c4c65ca7eb40ea2ad0e25c278ae5cc2232c20a198d2ccefb14f6e5f49d2a4b3dc9b38d88516a6368336d4cdef7743e5d19078bd877392d6cb5a9bdc7cdffd095195d29e12bddb8c2ef468c26dd5e3f77bcd361c5391f68963085db3b3c2528dc39dc9421402c3ca9ae71f15323d661ebd29dc7b7db688ea0d3cc419a947af2b663a7565a06a0b0742024ff0af67a36a7b48481d52b91129f388e7075f68f6899652d233fb985eed2208600661956656ee62a24111c20c678750de11a87be46622b165b6c2e8fa73056136fbb5130857a14c00d8ad19bd25a67caf9c022329adffbe425b4fa80a8df74a01f897efb23ed036d57243c6c57f6ee0b9c20ba9f39e12f692ad99d2070e4f8b15ea66b13c8171d0ff31e517ecf33824579780c245eb3611c4758819830910d0830a5fa454e974d42d49ab6da266f1fe535e899c4b17f93e37f616670831606b121b1ea6e8c76ecc3f87a2079fe59323df582c5b312ed7173a270c90218bea3c5b0d9e1658a7d794b18b3160ea1a2930ec30bdd1cd7ab5e0983ee707d31c9a01a7da529c291de114b569add9392dc895f4621842d8dcae8776cab9fb84e5dca9c4201afd3e3920cdae2c95901d7817f0de3d95a6667c0b8bc20e385d246d5d07e59952d4f474241f8b83669119cd6cc4b1f71455cc75c8357f87712153ddac46ebcef8be652aaf7bf494fcda631a3beead40cc1a57dff53ac8e53d98dd7f8d58837f2005e46fe96e071c39d190cad83b8ad1993a457e2548bf9bbb6bc1118ca00f87fc842f1b9c09f67faee5b7badfe39656bc630b8de67ba58fd429c301fa92b3428f9907d46f7388457d741cbf743b400c7b7a9d8514d497be3bb1a94df3b8e65807881e545bf7b8d2fad87fd3db589ca5e042ca3542106c36a1d8966e50fdfddca701b79e0a2d9e20b17ade9e7635de24ba50a67ab3b4b3c7278866682231586138fb3953a9e5a3c95baf84e8ee395c78e26c8a01d6ea0fc32f585bb7603706117afbc524a5e7063fc5c04732a921208ee101005baf9a852cee71985cd0bbb5605fb7c047be1053d141824b4765934e4b36ee47fb7c81aef02d5ac786229cf40ed632704641987cd9a74aff65d06c692cfa046b06214e25ca053344952b0e3640e5a191e6cb26216db57890688e3b3c11aa25312fd9de654528b872ae04e0db2e456ea1dcc3bcede85699a831e2b455bfec833819cb0121221784836c4a8a25a7beb7fb0e5613067cd528a5e2724a50661a4c7354651f6c40ec7de290a35f63fb4a352c3e0a705918a3433e876ca45c8678f319b0dd4123b587b9ac3e098951fdcaa3171547f33b56cfc76ef98c018984bc692a106ae30cb05a7d3b6f254a47fa8e3b146296877541231a7384e74c67c4e247767a043e26ee4798dce13450fc732b0a1fe17064043206279f61f1c41dcda237936fcf35da0cccc56827f02ab46948752768c92bae43814ad3de7701d989b53dae7bd104a7b437ccb85d6cb506bb00ef799026acd28b5b1e01b15adc064b95b217591c4aad938f08563daf7a0a35d01050e1aace7361208cd3ae9db221a8499c4e97168ca12b8034193689653475c4d0f32188d21e5af3a84f5ba7d55cbfe20436215715afc1e89639318281d14ceb4a670f5d5b9f1b26a337c2733ab51f5e55c213baaf002e426644391a20e6eb2080c889246687a029a379207a4996cc7767282be9deb17608791461b2735a900cdabd850723b60689da5017c7c2ef273d5870577303bd1719b988c482e5290fc59ae680a7a25ed769253753171375b6c4d184d295232c2bbb6c90c192492556c9db8b3d5473fe35bc51ae57604ca296d5d377fe53d9eede9cdc0233167d1254857a615463d7436c747fff617e8d43e7bd004a292aabd9c0fdf47ad16c0f3d660256fad66a6f1bef16da4fbcd1fec54023180bcc6358bea1bce712f54a91c0f7dab9e2903092664976809ae9a3f2912f7a30d7146fae9c238e383d7a6add15426173ea01477982643a79ffc86cbf937c721c7941eec3a1c7d399523ba24f69fa8e003186cfa89757c7ea9827ed6fdfd36f589a938a45889f25ac0fc4ab9ff1548472767e3fef5a869ead5b86ac02da75dd802f23a57463a2846b6af4762abd395d6a977ac8cd1c615a5841f468de6ca102de4ac4c2cb58e591156340dc68103f59dbe6cbc5d17afcf22a651cc31ccde2bff3ecf620612359b3f7c0d4a1a84731d1ea360d86c91a12f81061ea807d42f59bfbf5669289c68a05516034b27b016ff1dce2ba8e2fdedfe89d566c958adde09d96c6c90b447ce8b47e013fe685670db64b80d4f7119c3fec8fc68af7231b76348934b494d7469d162edd079ea9ae911ef4c0fec1423af8428fe998577128abf478cd074cf50c116d90b6af4276f4638cc2fd240f6225c153a647efedc3f7b297dc98481371d4188be021218c21e5a4a462792366a9a07c477408b799085fd359ba94cd93efb1431dd8dede087e4fc5bf45908c7e448f8a45bb2ddd2e2b491c8f207d522ac8fb5ec89f915c154fca8c22ca676f2b4a6c81890b36de8a723487a78207d0a976488275078b188f1daddabd7c79f319d768ac33030e889691cf858a4241a91143e034cc80d4e3cfa98c0790827c9c09f0612faf3da478472731c54076ae77debb5a9a4b785ee8b6bbe0a6bc29d31a3c0a7a383a63d6628c881b3de02d49d4aee6ef391beec3dd070a78a1f196dd988bd744ba1d15905c94e2916c92691deba99a0238edbc6156a795d72b01ee4e387768e422ebbc4c88ad07b7187b988f607dce04e1a9669c9280aebbd26b7a6cc8da79bb4a9925cac4141d5160d47b77e9d103cc2eb484ef7394ae4ac04744bcdb471653ebbc1ca04b9e9cfbc1e139867e50200c632397f7d02d9826d81cc1a74cfac21fc34960c67fcbf4223ae5bc5ef2b4b3e9912e98cfe17e7bc7b9fa1d0047bf04fce72fd18e381a69928a5aeca01f687d79ed189df885b353cb2def21bd09762da53a8c0e753cc23c4b8fe6db473f6761d5f244137d80e057678ba12741744958b74dc4b1952205849da09aa81ff47c60632d30fa37780ad4baed27163bcf9dc8f9e7497dd9435a4aff149ce6fc702152614a0b7d4a43d7965182497424ab1b887aead54329f6e1857575c2c7b85a7cf35099a1edfc330d14156e63fc6d8672190df07170f093b69c25ef5ca02e00a02017d179762c696ec3af6f549579382b0cfb0ebe9d1d47e4bd5a3e38154b08d15327c07c73cbe3c293ff8784df5e96e175e1600a6a87e593244abeb4b509babecedaaba36a8253a1b199c79d5edfc49c542f3006374f69e9dd4e20748eeb9436714719bf0eaf97b66a2f52cfea791e63f807bfa8467a27b0fc705a4d6c73e7d2728b6dda1d6a8a8b8dc96d5a4e4a7289d4e35ffd7bf108f315df0e0da8f7ebea91db2c5550c9253fb25e5a1d149c39cbe50d96313f83cd09da59443069c04c137dfcc5681d60a8ece75290961982056082811187b0f6916b095b92f9f8ec03667522c663332cdfb1c22c319f95e2f564f72c8bfd775089bc2951f69badd01b6d625329df354df89d2e3d16863a39bad8e4db34e709d3c14cff2f41d9728123d32e44e9cb1ff4c5dcbce85b2d874dc270b576137dc9fb78eb79ab7b201340db64e5578bc6a6fd07944ef7b638217de333791974d06e2f9670f2116e431448b1c86883e4b5f5aae417339d9665306a32aa8a5d033660594d33b22b108c5669c93e705c2b56a016a7bfd7d58d1cf4b96ea9f235d4cda19d357faec7ae29b840fe26736512f7cd5d6f84bbcfd92c0df0b7efe6780bfde488e48fd23db947bd3304b745d2253329c43621d4084966ed733779b8b888d3dd5a23e53877386bde59ea673675c6250531d6e8d294fdb93a6c355c1ec3e778f95631644f62c7d9bf8a5f56c7245c8634ef5a5e7616790dd67d6de4664a9ca6b878a8429d42d9fc82aa5b0d3a2ee7b2314cab579d8279b5fe1e9cab4d19192cf516d54a5231aa23e5e1c9b6c14f17007afd098d00e80f788d9ab3f472d6c8fbb73ab3a3b93e535767211d044a4a92ebfdd79e5a20626604bd4d74bec3774282d23c8ea27172d6abb0393b86d14ada7701441be1333ab0f0eaed4b3f20d06696dd86a9cc0a95894225ae773c849dd93f4ff43ee71876640d097ddc5356a36b494736464dd2dc436818a1262837003819ad7b3f4ebe250ca4c0db97fdbf047b6bae507533912f55b6d9d545a9042592a63d68e6b0afa5d186b550e3bf4a957341170d24ecc7e1a1a5b12557c6374a1837421e96e3c3aa7fdb75f85644635d569c0902f835b8ba46e2cd2391ebe02cb2ba07616590942dd9f37f880bdd8e4bb697a8c2b8b4b3307b71a1018512ce147d4d58d5c8987683d04006db46c1e34c4c8e5103b932def783bd49a90815489bb5fd48b0d8e1e0d0c48e9022f902df7e329bbebf239e8a623cd985e020a202ad43627697194b8bcd9f5df873aaf1fce5c8a3737a2f958caf5ac331c6513096ab970d93e51af8c4c1cdaabf09e2f055f86e476ee66531f887b97956bb4545d73a5961f32c4e7aea684173d24a4bb0863b369873fbaef17acfb2630d8a1a0759ea5b1b8156104c081e4b4a6f477f38dfd9f3344473e795775dcf8ac7b47756255c8d409e8791e0bba10daf9668153d3e4348fcbf26ae69207cf13c0f7aaf9b17889080613f23cd3d01213455049c4aa3690090142a469d07cd99b74c6aef42535571bbc87eab8a48b0eab6ded75da3d6b58c76a38a3917fb3d5d8fcb65310de640d3817eac61304858045a3bb78d6f60e4416d76f1f37624bacd4738eb2f3431c73063e86917c12003183af7228c6ebc1cd939784ce26b7c36f1853fc2296c4113e642a17c07307d9c27e85ee5bac3065fa74e474689d437171835ccdd0e2c3be8e36c1f0c4085945f8b76c6ca7909bd1abc2c9e82cec0edc014f2ad0ed11dfb60b238dc8edce22b2ac09d5058c93bd8bf8039a12b221ae2926071f9e78403d5b9184228835a000bdc6bd908a407cdfa91a6d577e5d464bcfe092550bc914c3e765df578ff756c8e2d20b218a6786e9f92f43fd1d673b5fd93b7fa0a9baea17036103ef8fadaf543d8544e082f2a3ad8c69689c9ed6b736cea569bdc359d95eeefecce95396dfcc17b19d38822aa946a3cdcdc8377e119eb8f3ad27dcca26e9b139f48cedc8187a4fdae4dcf44c9bd7fe75ed826a01ecaf19c75ba3b7d345a823969320e41e558ef4d76f76185830db98da237465aaee6270159719166fb025fbc5df0ff1f286aa5fca5a957c6dfeeab6e83a22b42aacae8d0381057e76d7cb7017c33c3b7cd598e8d1e0c655700cd02c40425b20c24689186eef163a28960e76fcc131ebc24e6dbb03d207bdbd7dafc440086298eb45387c455c1944deadf0753f2", 0x1000, 0x8}, {&(0x7f0000000180)="72dc709c6d1787740fd0f027f0ef3c41912e3d33aed159fbae7595e1237bd348de264289d38e7a636a55b2e08f525313631c027f864f97650735105acd26157999ed04f273dcd836ecacf543a28e79b2b8284e38bec11dfbbc3d1ca6441f1b0cc490d71a1746d89ca3b372157a88553db5fbb8bf861d13f1a32757d22b677bdb53539198210a100faf0dbd4758e0964ddd425d9293694d8c0e20e3a78bf73e2c5b94291ed55be7a029d3e1f2964c257343de9586fa11b5dcd26c0c4203cbce000a3032e3552998903af580a5224a8f7f125dce8fc441e1e806a5a2ba3ca104b96e4dd71e6690bf8ebe145aa8915cfef4e509fe890813c2e0b01f93691448", 0xfe, 0x3ff}, {&(0x7f0000000380)="c47f901dd0854d7fe1f020eb41ba69783aadec5ecd091c1afcdfe186076f8691d9344fa1b7fc050d34b9d80dc78da84793a693d80de09b2ebfec6bc10a4c80e03d3b7e1ae5bf8a251e9feaa9963eb153352c64ab6bb031bc9965d0cfc6a75e54113a8e138f5b41b3d207ce2b85bc877ce8db9cae4d0bbd61aa8bbd2ae2f95ee4a97a6c14c3459751d2772f882e2d0ffafcde45462b44195bb02066640827fda629689198c4c1768779fed961cb8c716e86e9f8b0627a3a49d3c013225f447af813b4f80d2a0df56843ba45ae673ed86301c3483665fe1298067774e3529c7dce84204dff50a164a25e2affb3d221c54c1c7ebd3482123658a4", 0xf9, 0x7}, {&(0x7f0000001540)="4682db623e34fc18eb229202fa8a0ea975f74348ea2a14db9eed5578eb0fbd2d7c6060f983369aa209ee4384106756f55eed520cc69ed8b54a5535b4e5a189ed481acf228c61685f838180b9abea54d4d2d73d447ba48c8998fb108717aec62662051d8b9b5aec734dc8a2047d9800590287d06f370a2f8a91f94a58fe1437eae6", 0x81, 0x5}], 0x4, &(0x7f0000001680)={[{@utf8='utf8'}, {@case_sensitive_yes='case_sensitive=yes'}, {@errors_recover='errors=recover'}, {@utf8='utf8'}, {@dmask={'dmask', 0x3d, 0x9}}, {@disable_sparse_yes='disable_sparse=yes'}, {@disable_sparse_yes='disable_sparse=yes'}, {@errors_continue='errors=continue'}, {@show_sys_files_yes='show_sys_files=yes'}], [{@smackfsroot={'smackfsroot', 0x3d, 'system.posix_acl_default\x00'}}, {@measure='measure'}, {@obj_role={'obj_role', 0x3d, 'system.posix_acl_default\x00'}}, {@subj_type={'subj_type', 0x3d, 'em0+wlan0'}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@fowner_eq={'fowner', 0x3d, r5}}]}) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r7 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000208000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r9) fsetxattr$system_posix_acl(r8, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0xb}], {}, [{}, {}, {0x8, 0x0, r9}]}, 0x44, 0x0) lookup_dcookie(0x7, &(0x7f0000001880)=""/73, 0x49) ioctl$ASHMEM_SET_PROT_MASK(r7, 0x40087705, &(0x7f0000000040)={0x7fffffff, 0x2}) set_mempolicy(0x1, &(0x7f0000000000)=0x4, 0x8) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:55:58 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup(r6) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r8, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r5, 0x89e1, &(0x7f0000000080)={0x3, @default, r8}) r9 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r10 = socket$inet6_tcp(0xa, 0x1, 0x0) r11 = dup(r10) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r12, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r9, 0x89e1, &(0x7f0000000080)={0x3, @default, r12}) setresuid(r4, r8, r12) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 295.519283] R13: 00000000004c5863 R14: 00000000004d9fc0 R15: 0000000000000006 [ 295.536359] x86/PAT: syz-executor.3:11237 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:55:59 executing program 3 (fault-call:8 fault-nth:4): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 295.566959] ntfs: (device loop1): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 295.573156] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 295.577365] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem 02:55:59 executing program 5 (fault-call:5 fault-nth:6): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 295.643486] EXT4-fs (loop4): invalid inodes per group: 16384 [ 295.643486] 02:55:59 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000000)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 295.743452] x86/PAT: syz-executor.3:11268 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 295.755633] FAULT_INJECTION: forcing a failure. [ 295.755633] name failslab, interval 1, probability 0, space 0, times 0 02:55:59 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$DRM_IOCTL_GET_MAGIC(r2, 0x80046402, &(0x7f0000000080)=0x5) 02:55:59 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_sys\x00\xc7\xec\xac\xd9&{\x0f\x96\xad\xd1\x8fl![\x8f\xb9\f\xca\x1d\xc2{\xee\xb7\x03K\x0f\xa6\xaa;\xf6\x89\xf7b^\xa5\xafI\r\xc4\x9f\v\xf2\x1c\xdc\xddp2\xb7\xbb\x1b\xfev\xea\xed\xe0\xaa\xe8\xceR`\xbb\xf2\xed;pC\x19\xbfn\x16\xaa\x199\xfe.Q\xebvB\xd2\x19&\xdbA\x1bn\xbcSv\x91->y\xfe\xfa\xfb/\x18g\x80y\xfe\x89\xab\x0e\xab\xac\b\'\xcd', 0x26e1, 0x0) close(r0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") read$alg(r0, &(0x7f00000000c0)=""/234, 0xea) close(r1) close(r2) [ 295.825055] ntfs: (device loop1): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 295.882138] CPU: 0 PID: 11268 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 295.889191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.898551] Call Trace: [ 295.898572] dump_stack+0x138/0x197 [ 295.898589] should_fail.cold+0x10f/0x159 [ 295.898605] should_failslab+0xdb/0x130 [ 295.913130] __kmalloc_track_caller+0x2ec/0x790 [ 295.913142] ? check_preemption_disabled+0x3c/0x250 [ 295.913155] ? prepare_creds+0x3e/0x380 [ 295.926789] ? selinux_cred_prepare+0x49/0xb0 02:55:59 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="2290af4220aa6133a646ef909ac24e2956a6794999c8ad494e62c53d7948fba18b881ae0b7f19a17eaa8513990513921e28ed1fed99f3a72e8c5206cc489aea333da6a94ca21007127363fa3176fbed5d16d5445e7ef998a97e530be1687cc0903449bc18d61343cc5", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) [ 295.931295] kmemdup+0x27/0x60 [ 295.934493] selinux_cred_prepare+0x49/0xb0 [ 295.938820] security_prepare_creds+0x7d/0xb0 [ 295.943326] prepare_creds+0x2cf/0x380 [ 295.947234] copy_creds+0x7b/0x4f0 [ 295.950778] ? lockdep_init_map+0x9/0x10 [ 295.954934] copy_process.part.0+0x868/0x6a00 [ 295.959440] ? save_trace+0x290/0x290 [ 295.963271] ? proc_fail_nth_write+0x7d/0x180 [ 295.967780] ? proc_cwd_link+0x1b0/0x1b0 [ 295.972000] ? __f_unlock_pos+0x19/0x20 [ 295.975997] ? __cleanup_sighand+0x50/0x50 [ 295.980595] ? lock_downgrade+0x6e0/0x6e0 [ 295.984778] _do_fork+0x19e/0xce0 [ 295.988281] ? fork_idle+0x280/0x280 [ 295.992007] ? fput+0xd4/0x150 [ 295.995206] ? SyS_write+0x15e/0x230 [ 295.998930] SyS_clone+0x37/0x50 [ 296.002303] ? sys_vfork+0x30/0x30 [ 296.006027] do_syscall_64+0x1e8/0x640 [ 296.010531] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.015414] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 296.020603] RIP: 0033:0x4598e9 [ 296.023818] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 296.031536] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 296.038813] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 296.046091] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 296.053366] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 296.060940] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:55:59 executing program 5: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={0xffffffffffffffff}) setsockopt$sock_timeval(r0, 0x1, 0x42, &(0x7f00000000c0), 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:55:59 executing program 1: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x200000, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000040)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) [ 296.128181] x86/PAT: syz-executor.3:11268 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 296.157125] x86/PAT: syz-executor.3:11268 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:55:59 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_sys\x00\xc7\xec\xac\xd9&{\x0f\x96\xad\xd1\x8fl![\x8f\xb9\f\xca\x1d\xc2{\xee\xb7\x03K\x0f\xa6\xaa;\xf6\x89\xf7b^\xa5\xafI\r\xc4\x9f\v\xf2\x1c\xdc\xddp2\xb7\xbb\x1b\xfev\xea\xed\xe0\xaa\xe8\xceR`\xbb\xf2\xed;pC\x19\xbfn\x16\xaa\x199\xfe.Q\xebvB\xd2\x19&\xdbA\x1bn\xbcSv\x91->y\xfe\xfa\xfb/\x18g\x80y\xfe\x89\xab\x0e\xab\xac\b\'\xcd', 0x26e1, 0x0) close(r0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") read$alg(r0, &(0x7f00000000c0)=""/234, 0xea) close(r1) close(r2) 02:55:59 executing program 3 (fault-call:8 fault-nth:5): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:55:59 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x94900, 0x0) accept4$tipc(r2, 0x0, &(0x7f00000000c0), 0x140000) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:55:59 executing program 1: r0 = open(&(0x7f00000000c0)='./file0\x00', 0xf56f9daa1f08732d, 0x69) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=r4, @ANYBLOB="a659c4d00432d9480800000093828b94836f3b48", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) 02:55:59 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x185081, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_RESET_STATS(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x18, r4, 0x66cf1d5f05ef94f7, 0x0, 0x0, {0x5}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0) sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x100, r4, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x98, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5ea, @mcast1, 0x3}}, {0x14, 0x2, @in={0x2, 0x4e23, @remote}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x6, @rand_addr="6dea7871a2286c11b50bd862d17a89bc", 0x8}}, {0x14, 0x2, @in={0x2, 0x4e20, @rand_addr=0x6}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x10001}]}, @TIPC_NLA_MEDIA={0x54, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffff001}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x24004844}, 0x20000000) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:55:59 executing program 4: openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x40000000000010, 0x2, 0x0) write(0xffffffffffffffff, 0x0, 0x0) getsockname(r0, 0x0, &(0x7f0000000140)) 02:55:59 executing program 2: kexec_load(0x89, 0x0, 0x0, 0x1) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000380)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f00000000c0)) openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x40, 0x0) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x4}], {0x4, 0x2}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(0xffffffffffffffff, 0x110, 0x3) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000100)={0x4, 0x0, [{0x80000007, 0x1, 0x2, 0xffffffffffffffe0, 0x3}, {0x80000002, 0x5, 0x7, 0x3, 0x8}, {0x40000001, 0x9, 0x2, 0xb9b3}, {0x8000000c, 0xff, 0x800, 0x10001}]}) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) restart_syscall() fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000004f02000063020000000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="018d96cebbc7dd8a1632176c08e29a5d02677c5491fd3b052c02454e782fcf766529d00bc2b92bac47317a90828fd757e14dc9adc49234242d88a7a42682171cff69b0c848b94828510356b4815f58c2847ee90f4f09697bc51827c11096aa46af516ed4a99959b430974417a0e183a7b329e4cdf723c023966556f79d2934fc5db2363de025b1dfe126b19ed7b0b2f0c0a168c2", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000da7cfdcee8236f93ab97705280ad3182520d7c98543d5df22d131ea148ba373dcc9c9e7cb01a4d87053d5218ff1f04690ec8861b7b7ac848d9a98b9c1bd89d4aebc69ca1a6dea4f59755bc8e3653f8396edb91fb8227eaac6bc388b4b5ff59991af2e1b2dee7ee5cdd1f43546be1d96900f7fc945aa40cb5f6392122e408a89763faa4103001beb34980e09a120c350576b3808ea61e63f98cf1fb4ecdd3cbe37773d3e2ecee9a0e0b79995ec75c077815b9f3b8137fba7baa4c9c4f64ee4020f9c3fd5a00f6ba16f4ccc674538a1526024e73e74822"], 0x9, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000040)={0x0, 0x80000, r3}) ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000080)={r4}) [ 296.370329] x86/PAT: syz-executor.3:11313 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 296.390435] FAULT_INJECTION: forcing a failure. [ 296.390435] name failslab, interval 1, probability 0, space 0, times 0 [ 296.413788] ntfs: (device loop1): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 296.431234] CPU: 1 PID: 11313 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 296.438285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.447774] Call Trace: [ 296.450434] dump_stack+0x138/0x197 [ 296.454075] should_fail.cold+0x10f/0x159 [ 296.458241] should_failslab+0xdb/0x130 [ 296.462222] kmem_cache_alloc+0x2d7/0x780 [ 296.466377] ? creds_are_invalid+0x48/0x110 [ 296.470702] ? selinux_is_enabled+0x9/0x50 [ 296.474941] ? creds_are_invalid+0x48/0x110 [ 296.479268] __delayacct_tsk_init+0x20/0x80 [ 296.483593] copy_process.part.0+0x1a6c/0x6a00 [ 296.488187] ? save_trace+0x290/0x290 [ 296.491993] ? proc_fail_nth_write+0x7d/0x180 [ 296.496496] ? proc_cwd_link+0x1b0/0x1b0 [ 296.500563] ? __f_unlock_pos+0x19/0x20 [ 296.504543] ? __cleanup_sighand+0x50/0x50 [ 296.508781] ? lock_downgrade+0x6e0/0x6e0 [ 296.512935] _do_fork+0x19e/0xce0 [ 296.516393] ? fork_idle+0x280/0x280 02:55:59 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) 02:55:59 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) [ 296.520111] ? fput+0xd4/0x150 [ 296.523826] ? SyS_write+0x15e/0x230 [ 296.527544] SyS_clone+0x37/0x50 [ 296.530917] ? sys_vfork+0x30/0x30 [ 296.534584] do_syscall_64+0x1e8/0x640 [ 296.538468] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.543316] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 296.548498] RIP: 0033:0x4598e9 [ 296.551684] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 296.559389] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 02:56:00 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) r3 = creat(&(0x7f0000000080)='./file0\x00', 0x20) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, r4, 0x0, 0xa, &(0x7f00000000c0)='^^selinux\x00', 0xffffffffffffffff}, 0x30) getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f0000000180)={'icmp6\x00'}, &(0x7f00000001c0)=0x1e) write$P9_RGETLOCK(r3, &(0x7f0000000140)={0x25, 0x37, 0x2, {0x0, 0xd6d6, 0x80000000, r5, 0x7, '[cgroup'}}, 0x25) 02:56:00 executing program 2: kexec_load(0x0, 0x14d, 0x0, 0x2a0000) r0 = open(&(0x7f0000000080)='.\x00', 0x320000, 0x100) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x7}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000000)=0x1ff, &(0x7f0000000040)=0x4) ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) [ 296.566751] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 296.574021] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 296.581288] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 296.581297] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:00 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [], {}, [{}, {0x8, 0x0, r1}, {0x8, 0x4}]}, 0x3c, 0x1) 02:56:00 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) 02:56:00 executing program 3 (fault-call:8 fault-nth:6): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:00 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x800c0) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000000)=0xb, 0x4) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) pwrite64(r1, &(0x7f0000000080)="6ee5719d06c382ce22a7bcfbe50de62f530d1f92c89583680ea01503c53f885efaeffda5e3251fbe334785a8cb24cebf61f066ed17ffcb8400b6ea1a2af51c43f7d32ec132cb8b04a7f0296f51c3dea86cac122ee9977983352a300106ecd81cb8950e6035819b64445900a97e0306a5d975355eca095d3a189a2e18665d20b535f0d18ee0d764085b02e523e374c5061302bd9d51cd597dd3e7dd6701a38ce65e07c5d024d17271d75762", 0xab, 0x0) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:00 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000080)={0x8, 0x120, 0xfa00, {0x0, {0x6, 0xca6, "2bcc15c7f5c1fc2a021cf9cfdeea62491755f28f032d8221ebf7c2b24f3b888e8b90e156e82c8e88050acdea1373d4f5cd0747ca1ad35073e02bd59452b62af73d0c45000ef3d62b889a20caacabfa6125f7cda4bfd56774c9541deecc04b85fc6ba5bf3d7629c8530228e680eb27487dd2982f6d214c2ade243e9155c8375a12cf5e4cce966e352ac1ddce26e16087e54428c0a639ee67fcca00aa6018b13c1b40aed291abce075cb5964e2285a6ccbb19cf013f23f27b172c804cde0fe25c8eca5955d33723401e4d063a3acae8a37d3b549c8f3a7f5c7325fa962bfe0d3ec9fef7f03b18e61b24e488bea661ded238f2f7e9f7811e39d2723add9f784c9d7", 0xcd, 0x2, 0x4, 0x3f, 0x5bf, 0x1, 0x590a}}}, 0x128) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:00 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x20000, 0x61) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) [ 296.737352] x86/PAT: syz-executor.3:11349 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 296.776407] x86/PAT: syz-executor.3:11349 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:00 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = syz_open_dev$swradio(&(0x7f0000000140)='/dev/swradio#\x00', 0x1, 0x2) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00') sendmsg$FOU_CMD_GET(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f00000007c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00022abd7000fcdbdf250300000008000b00", @ANYRES32=0x0, @ANYBLOB="0800020000000008000300100000001400071200000000000000200000826005d5f5d935d1ba00000000000000ca317f4ab91b93404c85fbd44866e4c55dc00018423a99c022aecb58e8d503deadcd370a67c86dbc3aceb3c01c00989eb896077c7baf5517fa20bf86d48230f14cb14da92a7ed1c5c0f4369b7d8546c2c017cb2369943a213d1fd2344e8fdc7711ffa25165578da17b6012b58de33bb0120daa2b5d97e6da3833db"], 0x5}, 0x1, 0x0, 0x0, 0x4000010}, 0x8800) getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14) sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x70, r3, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@FOU_ATTR_AF={0x8, 0x2, 0x14}, @FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e23}, @FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={[], [], @rand_addr=0x6}}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x3a}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x33}, @FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e23}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e23}, @FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}, @FOU_ATTR_IFINDEX={0x8, 0xb, r4}, @FOU_ATTR_TYPE={0x8, 0x4, 0x3}]}, 0x70}, 0x1, 0x0, 0x0, 0x24000041}, 0xd1) mount(&(0x7f0000000000)=@nullb='/dev/nullb0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x2e7b41a54c985e1d, 0x0) 02:56:00 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000)) 02:56:00 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB=' ', @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) 02:56:00 executing program 2: kexec_load(0x800000010001, 0xfffffffffffffd7e, 0x0, 0x2) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="080000c74e0731edd8573e00", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000080)) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000040)={0x95, 0x6}) 02:56:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) [ 296.896146] x86/PAT: syz-executor.3:11374 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:00 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f00000000c0)) r2 = socket$kcm(0xa, 0x5, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="0800000064be44ed07d800a198d2303ee15e485200196d91000000000000000134eef7c0b8b686fdd42e0e57931a1cb14e4aa9fb67342b5e65862ffbfbb473e39c92c2e1cf522b95908c4bac2e83308c9c6f5c5608b34abe452c5fb0e52f17036948d88f356d50dd5a91a3d41afeef051770d88ea38d2b5a6fc600091f49732be623972e8eaecc08a4a474cf98ed5b9f0be371d3bc3aaa90925eac7ec4a21337fa6e4af36fd248bc12295f6cfb8430a8dd5bcbaa9a588e8655ce2fb18fd4a4e5c0", @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000100)=0x3f, 0x4) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) r4 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000140)) setsockopt$bt_hci_HCI_TIME_STAMP(r4, 0x0, 0x3, &(0x7f0000000180)=0x5, 0x4) 02:56:00 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="0f46b222", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet(0x2, 0x80000, 0x4) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@mcast1, @in=@remote}}, {{@in=@remote}, 0x0, @in6=@ipv4={[], [], @initdev}}}, &(0x7f0000000040)=0xe8) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000140)=0xc) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000180)={{}, {}, [], {0x4, 0x4}}, 0x24, 0x0) [ 296.990277] FAULT_INJECTION: forcing a failure. [ 296.990277] name failslab, interval 1, probability 0, space 0, times 0 [ 297.028000] CPU: 0 PID: 11384 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 297.035059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.044424] Call Trace: [ 297.047022] dump_stack+0x138/0x197 [ 297.050694] should_fail.cold+0x10f/0x159 [ 297.054843] should_failslab+0xdb/0x130 [ 297.058804] kmem_cache_alloc_trace+0x2e9/0x790 [ 297.063490] ? lock_downgrade+0x6e0/0x6e0 [ 297.067652] alloc_fdtable+0x7f/0x280 [ 297.071439] dup_fd+0x693/0xa40 [ 297.074704] copy_process.part.0+0x1b5a/0x6a00 [ 297.079283] ? save_trace+0x290/0x290 [ 297.083096] ? proc_fail_nth_write+0x7d/0x180 [ 297.087584] ? proc_cwd_link+0x1b0/0x1b0 [ 297.091637] ? __cleanup_sighand+0x50/0x50 [ 297.095865] ? lock_downgrade+0x6e0/0x6e0 [ 297.100020] _do_fork+0x19e/0xce0 [ 297.103477] ? fork_idle+0x280/0x280 [ 297.107209] ? fput+0xd4/0x150 [ 297.110386] ? SyS_write+0x15e/0x230 [ 297.114084] SyS_clone+0x37/0x50 [ 297.117436] ? sys_vfork+0x30/0x30 [ 297.121011] do_syscall_64+0x1e8/0x640 [ 297.125063] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.129900] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 297.135080] RIP: 0033:0x4598e9 02:56:00 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000000), &(0x7f0000000040)=0x4) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) [ 297.138261] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 297.145954] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 297.153210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 297.160464] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 297.167715] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 297.174981] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 297.182731] bridge0: port 2(bridge_slave_1) entered disabled state 02:56:00 executing program 3 (fault-call:8 fault-nth:7): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:00 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1000dc40bf876e2d52ad000000000000b16168604ce0ee0778c854881f9a821818ad4f"], 0x44, 0x0) [ 297.192861] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.218292] x86/PAT: syz-executor.3:11368 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 297.233232] x86/PAT: syz-executor.3:11368 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:00 executing program 2: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/pro\x84/capi/capi\x00', 0x0, 0x0) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000040)={0x9, 0x9, 0x9}) getsockopt$inet_mreqsrc(r0, 0x0, 0x6b, &(0x7f0000000000)={@multicast2, @local, @remote}, &(0x7f0000000080)=0xc) kexec_load(0x0, 0xfffffffffffffdbf, 0x0, 0x30000) 02:56:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) 02:56:00 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x8402, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x1, 0x70, 0xfff, 0x0, 0x8000, 0x7f, 0x0, 0x7, 0x2, 0x0, 0x7fff, 0x0, 0xc4, 0x8, 0x9, 0x100000000, 0x10000, 0x0, 0x20, 0x101, 0x5ff, 0x5, 0x0, 0xff, 0x5, 0x8e, 0x3, 0x4, 0x10001, 0x800, 0x9b, 0x4, 0x6, 0x7, 0x7, 0x1f, 0x0, 0x9, 0x0, 0x7, 0x4, @perf_bp={&(0x7f0000000080), 0x1b}, 0x20000, 0x2, 0x7, 0x4, 0x7fffffff, 0x874, 0x7}, r3, 0x10, r1, 0x4) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) ioctl$VIDIOC_ENUMAUDOUT(r3, 0xc0345642, &(0x7f0000000180)={0xf843, "32dd0fbe358c3c7b9e692d9ef14da7660a37592219d71564924c3cee3fe176b4", 0x0, 0x2}) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") accept(r4, 0x0, &(0x7f00000001c0)) [ 297.292613] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:00 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x111041, 0x1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {0x8, 0x8}, {}]}, 0x44, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = syz_open_dev$vcsn(&(0x7f0000000240)='/dev/vcs#\x00', 0x2, 0x10400) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f00000006c0)=""/4096) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") syz_mount_image$ntfs(&(0x7f0000000080)='ntf\x03\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x200002, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r1, @ANYRESHEX=r5, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r5}) mount$9p_virtio(&(0x7f0000000000)='cpuset1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0xa020, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=virtio,fscache,uname=,msize=0x000000005e4384df,aname=system.posix_acl_access\x00,access=any,fscache,mask=^MAY_APPEND,fscontext=unconfined_u,func=PATH_CHECK,appraise_type=imasig,measure,uid>', @ANYRESDEC=r5, @ANYBLOB="3c10"]) 02:56:00 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x40140, 0x0) r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x0, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r1, 0x8004e500, &(0x7f0000000100)=r2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0, 0xd0ce54b7463bed30}}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x2) r3 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)) [ 297.379923] Unknown ioctl -1070311870 [ 297.386281] Unknown ioctl -1070311870 02:56:00 executing program 5: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) sendto$x25(r2, &(0x7f0000000300)="5614927fdc0d2859696ab5c70bf9456216e3b37000dbed6eb18221f7464611930d3937a0c42a72413a9d7a6dcf6152decfad9f5fdd8305b1dc59a5ac0018c7b7794983f8e98de8d4a0292819db9c6ee91ddc44e892222cf1633ec42cdc773ef5d5ce154b0b7fc943ef37eeee166b56042875ed40da86d876b1d8077bd6e27da3eefd806cf5bd46bf0cdcb4f7067d021e8342908d526fdd6973f84061371430553af52be2d19472bd8729e5317fa4169a72068156072d3712d5f9b6c3e2764e0bdf2e6c2e892a2f7af04da05b1f73009c734c4ddf0591a898018a68cc10e3f7537942e38bd4c903975abfc8ac69c5ce5f5c799a682fac2aa73c6b99fa74ca6dbef2ad629b2fae9058b3241364af563edd80f57409a4bfe8cf4d94c068b27925b29a4223023a0470cb96a5aa99d810699b42081ba1ce93a71fcd54fda2e7448cdfef0bc50f4df8922c2d2ee3f7e39086ae6467a116280e4ec0061fbebd8332910c2bbe83f3116c2b4242c7d8932e5529f202da685dffd23ae7fca61ef1e1707d2ba15e6a336095e07416b44e8fabd75a2b707bde636890bfb4f71e7fe593464c28ad215897d07382cc0d88759639ffeb9a70851e50ecc83742b43e6d0c9ae5f3b06c1b1b29581291585e42f249187b71c1858782e61083ca53d7233834d04347c20a8e2e23dbe30b8e60f45b8719c760a9643000986c871c5a4065c62ba4fad3e39030c2892caa4b35ddf70a651a49e535f8b7fd3c0103d4b1f73d1bf5ef5b0fb7b5e80b6072d55892cab611c200ea3a1b04d0e1c86c80ef7827422e4d6d117c8f123d57aa9ccd4768e0d0929e982523c84fcb3cb2306341d908908b8195883eddc3f6e67e235167b72bbce6cab6c894a8efdf2f83cefedbdcc463bf1fd93fe9372b397a2d87711374857713ed53334f4cd941be48b66546bccebc614ea7738ed375f374c7f0506560de20375b8102306904f109eab9fc64e60ad2b5510d77f5c16885d029d0b60b277aa22c8478f1e91b26595bf5b03189423066bec82b951e60bf05f377a35643d7308b1b3eb2d261cb049b1c8093b94d7f86a156929c4a1d9b9e9013d22dde44a383259746cfbb9546e91286c9b763bc212e94bbeddb6954c56465e68667317dc5ff98983b69f0f8830303c711f11b6e5a1d338322a6f73eb35de75bb59270174938efee98123b70d808aca58757c67484d479cb066906e41576b1666c61c0bbf4fd1bf53ad8d465bed338008b3d0c21b54ceb249943db7b2eeb12e269873eca72826efd973043db2b3f47da49c12f91e1c88219fb32df123e589e500c40489273ebb2b445df2e22f33b170a9cd63f116c7f9cddba8d130e5c2888e41b57e43ea6aee365e3a6376af79bd1e3d0fc0a9d08cd98940ef5f61d8b7a918cbb8b90a5a0f77ef56aa086c18edc9d695c08630b3bf5b070af85fefb0fed5d32ecf316855b07fb378f9288e48d21bce0ff9a6521f9e1f132322bc26b0161043cdfdc48bb1b6320ded3694d2bda4ce64bf60a328455e937cd687eb0b202123227a3f5fda9cf4e78ba9ce907a0a3e45e7fc83caeca58afff1b9392e61e0108cb36d131a2fb527cdedfe64f4f3cddcd73ee68703672b3321911e496e88b1aa7df987261969feb6c5dad24847df77fffccdb4fea77b7f1b4b1bc6aa8acd3ee6897f27716099772b15b21b22155a8610a9551816f82229a03763349cd1d0ce5ea21952ded3ef73c286666938322bcfe3b570bb31933c103096d023f238f6e953116ff6b41107e227fe186e8414442f6cc38d94321d14d735c59cd9cdd2f5a3682506559ad6dc4e95b2c0bf2b1b568ff00f748ece857fc902ebc4d450787494c13f2e6b0b5a58c9b9c0e75aa2315de925abcfaec10658beb8122e90a6988aeeadf405eef4d4d09b4e105767f3be07cb69d2eb2ba5c437d2f70a50a56e607a33e33f730ada781524e7e4646ea4e272d08138f95ed34eec32ae737ccbb4fa414a042b3fa5599eefc714cca557ad58e6b8f1e6ef08a8dcff0bc1eef80541cc23155665b826ebf02c0efe1a349cfa61884db9a0e1e493d8a8d6bec7d618bb8056b1e137002b3422b7720b6f8b00c1d32dcdf1deaadd2390ef343284c00aa6ffe51a7101ec193f1e3a5447207043282ffbbaedd0c5fc09ad3f147a598dcb8c854839b941d441a8cb3453825109eaccbff23954d8ced3b99bed9438538e79906bf119088e512a0d127feab7393a0f47c717ee51ef7c2e2ba53ad5a33311c6aa041a15823e778857cb605836a768c8a902a168b87489c66525889fe6452b4fb7e36ef6914d01aa6d0e29f842ba8349cdecb94c4fa13f7ca12c87b333fb07872adba298e0d4f6e7136f009274ac50b36097a7e61878daa04871e43e5a91932d32b87917ec14511e688379e3f34d88c695bbc6615b3e623bf1d8a5a70effc36dbb5c51a8da6d1df4feb39dd0a4acb63b0daf5e2389201d972e9b4dfa939c7dd47f4a94c83beb65c0e68d9fa5fa1d5718528667e5073ec6eac0aa9d559f52e71acdf56ed2345cf8375ca3245a3a2c74bfe0e70b68d30e69eb39dae4e49af595a6bcad7e50db6e2b9db7990fb02aaeccb6abbc2be4de894982bd3922a071876d3c384eb07affb1d6203f338762d3bba195eafe3376d90fd2a9957ca2961dd371369b9eb6099dceca249d41642e42b704466b0e736f0605cbc03fdcd72cd4178ed3c232817a8b6e0c3ad709e641842b45b9c878c4d834b073b7fd6c2db8b4933d075beb7645da1e57df75291d225ea1f996db4a73e2fac74ff6e2a05670fe43f2f7370fffa990de493cb416fd8d8b635e78503e2cd2d1c3cbf143daf63c4411786b254ef9625ec8c577360e5262b738e41b2d560386bf2af41eadd5995184e212a8d4859bbe5abf65a2daecb99b7fc3efd17c5643188316318c100589e3120035204037a8fcafe3399e0df15ce04416065789da6b702f764b5f3e96dd3234fab973a690d69cf6baa278a0f78d69c0e1ca956c23f99e5bb5bdefdd7e47f1cc61873e2b3327fcc8ad418b64d9c024f727be4df69dd80ae25c9283b07ae5ac81c12094b26c177bed672fc8d2afb78e661e26d6aaea20d369f78c37e001ef9984a5e1ffcde28e4706bc48db835dc464601d6be609fd443eca63e4cd050db9037779f1a18a3a41052ffc61ad050c98a92b719dc0e3e05c3f5ac04aea694bca317892fa795402d71da7d8badf60447d7ae8a4d4d902dd3501db29690df91a4cbcf45a6626c3a67def9b00496c9217c98caf1da8b864aae6f6fcccfb578b8083b88b3331ab3dde0f1d85911b304fadd62e8fd83b42cf9e6b222ccd8a58295bebe08cb1fa75a21ea2a76b954721dcde4cc74f9c131bfa1e85dddbbda563233e5d2ccca80c988acaf62dfb43ed1a82f1c8821e31116815269c0b0b22888b5659be5b2a9cde7aeb74eea3790dfa4a1cb02b005b4e87dc50de40f60526f9ed0205503905c34a5f155b6510953027cb6b6774b345263bdcedf1596756e955ee4825e3e237e1540784b006e1fd8498720e692bfbba7bc05caffd99471afbbca189ec297cc0ba555003655ad79d670b11f45f8d5e5cce4cc2f218db1bde2b80a84b8e0d221e25ac20b489130f103308ee37063c9b6efdf13171478968a6eaf72c0cf888b7c0a214efc8544487c535f9af6e790e1f2bd9bb81e96aa0d0e141825f0b45ea2a3008336091c8f0b9eae234b0668bbe932970cd27dba59551c25fa3e507663fc1b96234e79195ccd09d3160805fecc9cce0ac8988fecde379443cdffd100cd4ea82535151afbe233bee34b0967ca339f27120e4584556e51e19b45d38e0f9f26ffb14c23e7d277b37b0b7af9ae49f7f112ad058a6730ef9c0d6431ff539b3693114dc54570015ee12149864cab8085aeb09f62f4a955ccaf93e801848fce415adbceb1072b8c77986ae3ac48f51416a9f8ae780f04a2438c4df199eeb23d3e901f44ece0aa5806fe1c826f713f61ff26d3f7a0bb62e08b7ed72f5000debe009b415509f7b7bb25cb96518880c38a5a1b4395e62f8c01483af48101062fb38ba86a226531f84b08858a9ac20e2a388b0c2cf14e1463dc6cadbe353f02dcab338b2fd8fa790ce499530521bcc45fcc0f2eeef621a9982889cc99d8888ec00d3a555001247b756fddb691a6f6d2faaf62b64b2cd9620e00ae04ff9789ce9e25893b6a46b969666f7fe40a350e63a072db141fc1e20cc4cf2f546e5562ad2d931bc3bc92778d361793ce504c35d92e7023587623634798dac10e944ad23cb1466637577d8611abf83f033f738da350927f470fc34c76150f9bd8ead9827c684a17a7052d546964bbf44cdf4f6e4fa52a8872e28302bac0c0ee7b6cb2e054f39e9f23a5e9381807634eaa5620b770e7707dbc43fd5ad4f7904f967a511ca01e85212727e8ebe765e2afc2106533214b278871754eef945385fcc56843a447c70a0aadee87b3595cf50d5eb0eec322734075e97a0eeb118d857b23c1b5937c93e8588b380f441d2fdd70051ff9737f7650ef2d13ebba4212207deccbaacbe786585106b7cf62e27e9e0b4db323e28f365a0fbbd377183623c0c49c0a04735eda036ff6aa420f5c25219c3828855d67abf92feacd852b067a144f28111e4b07dafcbecc7dac387d437b0e80f2df533906e4e58d4966c30b671a49219f85461bb2f0b87ff95be733488cc217e364d330c55f3c2a550bb8bc9a545701b0114ec1ebdbbd9abfa8c972bc1ea210c5f3fe8bd5784c50c208dde16dd312e29358a5463f29cb598bf40585616e29ba7a269a11b5352e1ad6a0f7f089a96efcb3a954e65e89b7a8b6612e9aec59841847d7b4e4a8c731dea58e42153ae773e48e00eea2e174dbb63f8406a2ccb35011754a365707ee049b211f3fd01f7718658721ffa23302f9594f781cb28e1aa508868eb8f51f12647df705e3c5bfeb4bc983f326be3b6ae53e94cdf1251abc14cabdc7c9d32be9325eeccceca884aeed3611b1141d75e64f7fecf201a07657cbe0ce08f046b63cb20af9570e477ef2800d177badf15f902050d403cf2a7ae6ff5456ade8e78e8d04d740db67ab0278e1316c461200c3e022f9bdcc99efd32d22a84de6ea7d310f3434bd23f0624d7d2d365a972fafd23bb0a3ce491989daadd7515620fbf5d9bf70da1dd76b1a94fd461394fca3035ccddd34472a0a5cab7ef54d4b21f9f910e6fc9a2bb81cee5adbd5f0ca272ba78247ead6c7dda749788991ca054571d6135f301eb49959fd331c49ca6291eb54dd28152b840c06a5b2cf3928caba424bc9bb736ea83f0d70388adf0d4b2bd5800029c05304aa5f3fbacc49fbb8471599feb054604d80de7faa95e0d68051445cbc83756a6e31ea1b86f4b40c2f84318b6e6413626ba63513c0f344978a99ef779e074269d95b3a8de5893f3331f90ae44c6e4cf3c8ed39f3ea3f820a58ca0bc3ebfd84af1a50388dcd9fb109b7caadbdfaf3cbf07ee8d31304235534c699edc479f0dcb1e0f6a133dd5bfe1f16aed13694b8c9fa09915480a424ce76d79d3cade6913e6a36040ab4a657142a78672d686398f7334000e6a4b1027fa65e9ae3e5d5ce80bc43f52bd80dfceb9ae3c8b30020cf98addea5bf141d8b6c2522aa8cb1ffdeb8bc13b91eba6b5cd6c4f0fda3a08a0c43ebcc7cfd904e20cbedd21ea0a0d481642acfd7d9facabca227e5000f7e47310865e247c099262eb1d8fca6e9f60dd96793e55323aa32faa75620b6a84b4bc11f9689ad0109939f5a3b2e2f26648d67be63db8859c32d66fcca26", 0x1000, 0x8000, &(0x7f00000000c0)={0x9, @remote={[], 0x1}}, 0x12) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 297.469101] x86/PAT: syz-executor.3:11429 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 297.505898] FAULT_INJECTION: forcing a failure. [ 297.505898] name failslab, interval 1, probability 0, space 0, times 0 [ 297.530624] CPU: 1 PID: 11429 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 297.537927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.537933] Call Trace: [ 297.537951] dump_stack+0x138/0x197 [ 297.537968] should_fail.cold+0x10f/0x159 [ 297.558615] should_failslab+0xdb/0x130 [ 297.558630] kmem_cache_alloc_trace+0x2e9/0x790 [ 297.558645] ? lock_downgrade+0x6e0/0x6e0 [ 297.558657] alloc_fdtable+0x7f/0x280 [ 297.558668] dup_fd+0x693/0xa40 [ 297.558689] copy_process.part.0+0x1b5a/0x6a00 [ 297.567351] ? save_trace+0x290/0x290 [ 297.567362] ? proc_fail_nth_write+0x7d/0x180 [ 297.567370] ? proc_cwd_link+0x1b0/0x1b0 [ 297.567396] ? __cleanup_sighand+0x50/0x50 [ 297.567405] ? lock_downgrade+0x6e0/0x6e0 [ 297.567422] _do_fork+0x19e/0xce0 [ 297.608012] ? fork_idle+0x280/0x280 [ 297.611756] ? fput+0xd4/0x150 [ 297.614946] ? SyS_write+0x15e/0x230 [ 297.619099] SyS_clone+0x37/0x50 [ 297.622472] ? sys_vfork+0x30/0x30 [ 297.626019] do_syscall_64+0x1e8/0x640 [ 297.629908] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.635718] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 297.640931] RIP: 0033:0x4598e9 [ 297.644120] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 297.651831] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 297.659107] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 297.666403] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 297.673680] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 02:56:00 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x111100, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, r5, {}, {}, {0x0, 0xfff6}}}, 0x24}}, 0x0) connect$packet(r0, &(0x7f0000000040)={0x11, 0x8, r5, 0x1, 0xfffffffffffffffe}, 0x14) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) [ 297.680955] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:01 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000000)={0x6, 0x1, 0x81}) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000040)=0x1000, 0x4) openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x80021, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 297.858354] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=11448 comm=syz-executor.2 [ 297.895757] x86/PAT: syz-executor.3:11429 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:01 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="020000000100020000da31f559000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$binfmt_elf32(r1, &(0x7f00000000c0)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x9, 0x2, 0x8, 0x5, 0x3, 0x18693c061a758a4e, 0x6a6, 0x21d, 0x38, 0x10a, 0x0, 0x6, 0x20, 0x2, 0x6, 0x6, 0x9}, [{0x7474e55b, 0x4e96, 0x2f, 0xc20, 0x8, 0xc142531, 0x1, 0x2}, {0x60000000, 0x10001, 0x7476, 0x7, 0x6, 0x2, 0x401, 0x1}], "22930898e8ba939280d3d6f1fa5ce871306e11bdcc8371cc0c7bffb359ef6ff1da382cc07b82aac86d8c1b1be93322c276f3b4a65ee9a845b3d78b19f0c9e986f36657245934ab83a9b73c244c791ff5747d219abf2df127ba545d5f0e84c1358cb3b7d89a0e89d023db2be251bc8e835ba77260dc19c7ec9091257b5e3d19f806e32cc0cd7568", [[], []]}, 0x2ff) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x1, 0x2) 02:56:01 executing program 3 (fault-call:8 fault-nth:8): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 297.914738] x86/PAT: syz-executor.3:11429 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:01 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="04090000009bf586e985e75aee7382c6ad165a6f16", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) ioctl$CAPI_NCCI_GETUNIT(r2, 0x80044327, &(0x7f0000000100)=0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0xb, 0x1}, 0x14) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x1b5f1efad9ea1eee, 0x0) getdents64(r3, &(0x7f00000000c0)=""/31, 0x1f) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:01 executing program 0: fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x2, 0x2) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e20, @multicast2}}}, &(0x7f00000000c0)=0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100)={r2, 0x400, 0x20}, 0xc) 02:56:01 executing program 2: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x0, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(r0, 0x5382, &(0x7f00000000c0)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x800) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r2, &(0x7f0000000000)='net/l2cap\x00') rt_sigqueueinfo(r2, 0x10, &(0x7f0000000000)={0x20, 0x7, 0xea}) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:01 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x10082, 0x0) getresgid(&(0x7f0000000280)=0x0, &(0x7f00000002c0), &(0x7f0000000300)) mount$9p_xen(&(0x7f00000001c0)='\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='9p\x00', 0xe0000, &(0x7f0000000340)={'trans=xen,', {[{@cachetag={'cachetag', 0x3d, 'cpuset^!eth1:'}}, {@cache_loose='cache=loose'}, {@mmap='mmap'}, {@dfltgid={'dfltgid', 0x3d, r1}}, {@nodevmap='nodevmap'}, {@cachetag={'cachetag', 0x3d, '&-{procvboxnet1'}}], [{@measure='measure'}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@fsuuid={'fsuuid', 0x3d, {[0x50, 0x64, 0x63, 0x31, 0x35, 0x31, 0x66, 0x61], 0x2d, [0x36, 0x69, 0x31, 0x61], 0x2d, [0x35, 0x65, 0x34, 0x38], 0x2d, [0x34, 0x63, 0x36, 0x34], 0x2d, [0x62, 0x35, 0x38, 0xc8, 0x37, 0x9342c610204df8c9, 0x31, 0x36]}}}, {@obj_role={'obj_role', 0x3d, 'system.posix_acl_default\x00'}}, {@fsmagic={'fsmagic'}}, {@context={'context', 0x3d, 'staff_u'}}, {@smackfsroot={'smackfsroot', 0x3d, 'system.posix_acl_default\x00'}}]}}) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) statx(r0, &(0x7f0000000040)='./file0\x00', 0x3800, 0x1, &(0x7f00000000c0)) 02:56:01 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000000000)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 298.119685] x86/PAT: syz-executor.3:11480 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:01 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) fdatasync(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) [ 298.183411] FAULT_INJECTION: forcing a failure. [ 298.183411] name failslab, interval 1, probability 0, space 0, times 0 [ 298.216165] CPU: 1 PID: 11490 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 298.223219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.232590] Call Trace: [ 298.235205] dump_stack+0x138/0x197 [ 298.238845] should_fail.cold+0x10f/0x159 [ 298.243003] should_failslab+0xdb/0x130 [ 298.246988] kmem_cache_alloc_node_trace+0x280/0x770 [ 298.252106] ? kasan_unpoison_shadow+0x35/0x50 [ 298.256843] __kmalloc_node+0x3d/0x80 [ 298.261022] kvmalloc_node+0x4e/0xe0 [ 298.264746] alloc_fdtable+0x13b/0x280 [ 298.268642] dup_fd+0x693/0xa40 [ 298.271938] copy_process.part.0+0x1b5a/0x6a00 [ 298.276537] ? save_trace+0x290/0x290 [ 298.280348] ? proc_fail_nth_write+0x7d/0x180 [ 298.284848] ? proc_cwd_link+0x1b0/0x1b0 [ 298.288924] ? __cleanup_sighand+0x50/0x50 [ 298.293173] ? lock_downgrade+0x6e0/0x6e0 [ 298.297331] _do_fork+0x19e/0xce0 [ 298.301048] ? fork_idle+0x280/0x280 [ 298.304765] ? fput+0xd4/0x150 [ 298.307964] ? SyS_write+0x15e/0x230 [ 298.311791] SyS_clone+0x37/0x50 [ 298.315681] ? sys_vfork+0x30/0x30 [ 298.319241] do_syscall_64+0x1e8/0x640 [ 298.323132] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.327986] entry_SYSCALL_64_after_hwframe+0x42/0xb7 02:56:01 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r1) socket$inet6(0xa, 0x2, 0x9) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'netdevsim0\x00', 0x800}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002a70500", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=r1, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) 02:56:01 executing program 2: kexec_load(0x8, 0x0, 0x0, 0x2424e45fa5e61730) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r0 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) shmctl$SHM_LOCK(r0, 0xb) shmctl$IPC_RMID(r0, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x100) setsockopt$inet_dccp_int(r1, 0x21, 0x5, &(0x7f0000000080)=0x65, 0x4) shmctl$SHM_STAT(r0, 0xd, &(0x7f00000000c0)=""/118) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000000)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431) [ 298.333177] RIP: 0033:0x4598e9 [ 298.336367] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 298.344081] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 298.351359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 298.358638] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 298.365913] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 298.373178] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 298.434219] device bridge_slave_1 left promiscuous mode [ 298.439881] bridge0: port 2(bridge_slave_1) entered disabled state [ 298.469766] x86/PAT: syz-executor.3:11490 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 298.495305] x86/PAT: syz-executor.3:11490 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 298.508508] device bridge_slave_0 left promiscuous mode [ 298.515574] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.723818] device hsr_slave_1 left promiscuous mode [ 298.773814] device hsr_slave_0 left promiscuous mode [ 298.813964] team0 (unregistering): Port device team_slave_1 removed [ 298.834779] team0 (unregistering): Port device team_slave_0 removed [ 298.861988] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 298.915541] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 299.025816] bond0 (unregistering): Released all slaves [ 300.821557] IPVS: ftp: loaded support on port[0] = 21 [ 301.627798] chnl_net:caif_netlink_parms(): no params data found [ 301.666217] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.673166] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.688134] device bridge_slave_0 entered promiscuous mode [ 301.695344] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.702079] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.709546] device bridge_slave_1 entered promiscuous mode [ 301.729102] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 301.738999] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 301.761069] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 301.768656] team0: Port device team_slave_0 added [ 301.774891] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 301.782748] team0: Port device team_slave_1 added [ 301.789196] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 301.797362] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 301.852806] device hsr_slave_0 entered promiscuous mode [ 301.890373] device hsr_slave_1 entered promiscuous mode [ 301.930767] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 301.938633] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 301.953862] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.960792] bridge0: port 2(bridge_slave_1) entered forwarding state [ 301.968085] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.974949] bridge0: port 1(bridge_slave_0) entered forwarding state [ 302.008337] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 302.015532] 8021q: adding VLAN 0 to HW filter on device bond0 [ 302.025311] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 302.038722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 302.046271] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.053345] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.064698] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 302.072580] 8021q: adding VLAN 0 to HW filter on device team0 [ 302.081639] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 302.089904] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.096476] bridge0: port 1(bridge_slave_0) entered forwarding state [ 302.119149] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 302.129893] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 302.141746] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 302.148721] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 302.157142] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.163742] bridge0: port 2(bridge_slave_1) entered forwarding state [ 302.170956] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 302.179021] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 302.187705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 302.196134] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 302.204352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 302.211564] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 302.225733] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 302.238065] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 302.611179] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 02:56:06 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) 02:56:06 executing program 0: setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="00fbf40109109863c5e5d63d38d39d447588b6bcac939e45f53e2ab6cb8ccf3c9cf1f7e25efd1b29c5882675a0af3a82af1e1a10bd1f116ed1a0893ae2f08935d4f3d0c1ffa0910623dfad973f31c07c0e715393c9c81680b106f49121ceaff89161aae2c69e9ffd21e3548a65754c2afa39920e15ea43313b4dde826aa4d3198b7cf755d1d729239d41e57459c2fb27d6b2a36c935925c132940d06941ffde00c175e697a9e65266b3c9d97e5d54bd41cb37a0b4e6566855c03d8572928441370620b1e3bcb00a9a1dce2407d29a2c6f5fd7a17d09489417203f1b5e1f08aaab2945b033f82f97c72d10ea36fa8f80a99fd1f302eb16ddfee0fab8e352c0ff1a0c0d00f365cc93eca2cec64d834c695e03a8876a1d78d0f3cfabd825324609df6238d5892ff201334a5f59b7a2b483ea6de38f85d549a9e9af0acabbca0f2dd91d502f15d965fe57563d22c98da2b6c987cabf2308fbefb1450465513ae5841045c2d3282e80c21012ddc91cd1b70cd7c6e2b5c1091d171a21fc905796e875815189a50df01b362120870734f1436ec2607db18c10e0e2d1fb48d99f5f0bd13be796a1277c994f74864af73867f9120953d415a340659bd29a2a3bff7f2a69456e1648be42dc61b35717db6e3c550348abd59044f718c6023e8603e6dfe5b63c6114d4d9e12088bc19f9b437f4b0681"], 0xf4, 0x3) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000e59158b145994f8d3a9741d4017fe58f2b83abe7eb54d22e7f4d4715852b5c2478248f726a599c15e3dc4d715d970f8ef97cf47bf9435fc2036a99334db54c31f8dedbf5885c64eefc47d504713474f9675898151d04f3ba6fd20abc9d2083715486ef45eca3402dd18461b38c039dd721001baac5898434e01c7c210ff462bd5c128d4688cbaef609947dfd7bae8784c10606ca36bf9d1ab73224fbfc39859e1c4dff2b3117836799e9b7719cef53745f73dfa03d801aa3b217543590d403e765a591781fb73a21d2c5a6e5424e8711f9624c7f015d88935f051a04e8", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:06 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000d30e1e9c29f3e058a4000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x9, 0x181100) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r4 = socket$inet(0xa, 0x801, 0x84) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000000c0)={r6, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x73, &(0x7f0000000580)={r6, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000040)={0x8, 0x4, 0x3, 0x2, r6}, &(0x7f00000000c0)=0x10) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={r7, 0x800}, 0x8) 02:56:06 executing program 3 (fault-call:8 fault-nth:9): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:06 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, r1, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000003c0)=ANY=[], 0x0, 0x2) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getgid() ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000440)={0x200000000000000, 0xd000, 0x3, 0x0, 0x4}) ioctl$IOC_PR_RELEASE(r3, 0x401070ca, &(0x7f0000000340)={0x7, 0x400}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r4 = socket$rds(0x15, 0x5, 0x0) sendmsg$inet(r4, &(0x7f0000000280)={&(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10, &(0x7f00000001c0)=[{&(0x7f00000000c0)="a55f83ee3be36349be3c50c9396181ee9d30ab1c01437aa5bf2d0d189491f2f235097bb82032a961a8fe749f870ee8cc728986198b558349e8b622d391c4444b66d743d8201a376fb72daef32a13c5631ee70878887c89d7416754f5d0029586976dcbea7441853ec93da9aa500032d9c7eeb6dbc8a81331e283be8337616edfdf983a74f0b4265f8e4c93e3396c8475043538eda79ccbe095f46bf6a17243c81f98756610caffc0808798c3cb02d973ec8ead934069edf0d41100cf0cfc2fbdb105cf2c438c61d600961a95efde06b9edd39277", 0xd4}], 0x1, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x54}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}], 0x48}, 0x5) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) pipe2(&(0x7f0000000300), 0x80800) r5 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r6 = socket$inet(0xa, 0x801, 0x84) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f00000003c0)={'filter\x00', 0x4}, 0x68) getsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000540), &(0x7f0000000600)=0x8) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000000c0)={r8, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000580)={r8, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000380)={0x6, 0x8200, 0x5, 0x79, r8}, 0x10) 02:56:06 executing program 2: kexec_load(0x8000000, 0xffffff6b, 0x0, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000040)={0x81, 0xe5, "2a1c84d4fe5e699f61d1718ba55e5caa6193f514e3eef79e242b68822d38ce6935a42c6b03e67cb01d5fb95591fee26064f2533bc0b44c6748fa7b000f46f07ed387765857555ed98eb9f4b86307dfff2b004cd59dc074a1f9c19bbae4a38d1d5f96ad488a537b743ff2562049795a78f61bd2de3abaedbe14e1e44ac6fe1a96bb9a354d9652b106c5e50231fc3302dde3cd61acdc6807535b068b1e29c96b2e3b37eab914e3cbca867e84e46ffe4ff777dbd432b3b3eeadb926d3eee88a1b315c0b76b577c4922b56361263568016d04f68c0c187d87f05b8d7b8a44a33d7091d4a97477d"}) [ 303.112993] bridge0: port 2(bridge_slave_1) entered disabled state [ 303.122035] bridge0: port 1(bridge_slave_0) entered disabled state 02:56:06 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x244a00) ppoll(&(0x7f00000001c0), 0x0, &(0x7f0000000200), &(0x7f0000000240)={0x3f}, 0x8) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000000100)={'nat\x00', 0x0, 0x4, 0x4d, [], 0x3, &(0x7f0000000040)=[{}, {}, {}], &(0x7f0000000080)=""/77}, &(0x7f0000000180)=0x78) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:06 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x869, 0x0) ioctl$TCSBRKP(r1, 0x5425, 0x1000000000000) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x200, 0x0) execveat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[&(0x7f0000000180)='\x00', &(0x7f00000001c0)='/dev/adsp#\x00', &(0x7f0000000200)='+\x00', &(0x7f0000000240)='em0selinuxposix_acl_accessGPL-\x00', &(0x7f0000000280)='/dev/adsp#\x00'], &(0x7f0000000400)=[&(0x7f0000000300)='trusted#posix_acl_accessproc)em1%GPL\x00', &(0x7f0000000340)='/dev/adsp#\x00', &(0x7f0000000380)='/dev/adsp#\x00', &(0x7f00000003c0)='cgrouplo\x00'], 0x800) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x284801, 0x0) write$P9_RSETATTR(r3, &(0x7f0000000440)={0x2cf, 0x1b, 0x2}, 0xd4) 02:56:06 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x402003, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 303.201648] x86/PAT: syz-executor.3:11532 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 303.228696] FAULT_INJECTION: forcing a failure. [ 303.228696] name failslab, interval 1, probability 0, space 0, times 0 02:56:06 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="08f80000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="18000200000000002000000000000000"], 0x44, 0x0) ioctl$KIOCSOUND(r0, 0x4b2f, 0x235e6df) modify_ldt$write(0x1, &(0x7f0000000140)={0x6, 0x20000000, 0x0, 0xea88, 0x401, 0x1f, 0x81, 0x5, 0x81, 0x1}, 0x10) r1 = open(&(0x7f0000000100)='./file0\x00', 0x80800, 0x3fa) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) lsetxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x0) 02:56:06 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) prctl$PR_GET_SECCOMP(0x15) getsockopt$rose(0xffffffffffffffff, 0x104, 0x6, &(0x7f0000000000), &(0x7f0000000040)=0x4) setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080), 0x4) [ 303.297047] CPU: 1 PID: 11532 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 303.304585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.314223] Call Trace: [ 303.316835] dump_stack+0x138/0x197 [ 303.321004] should_fail.cold+0x10f/0x159 [ 303.325404] should_failslab+0xdb/0x130 [ 303.329408] kmem_cache_alloc_node_trace+0x280/0x770 [ 303.335060] ? kasan_unpoison_shadow+0x35/0x50 [ 303.340153] __kmalloc_node+0x3d/0x80 02:56:06 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) io_setup(0x9, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0xfff, r0, &(0x7f0000000540)="e5c85b05b94d75cc47e68c74ed48c3523484159083f3f8212e47d83da0f1d373c0c12a26319338fa7c8643d0e31a595a09a01663c4f90ef45188f2c2d578b9179f5f6a0ed8d81bee7f6b85dfa226b8e9d53da79455bfbbc9962b71e138a8a7ecec61e93e575c22733dde141d0c0731421e2fff5c7ffa45ab8485a2d220bfcef310612c0b87850ef271de987b26102b8821b52802c3e69baf967305b52e9a7a2a9c0cd6836712a584574abd0fcc74a4f7ab49f3927cdffa3c379d246eec0a1835e7f6bd36183fd7ab59bb54f0c28985d735f5986531d6f0e3349a82e608698bafb15e23be512bcb686f5bc353ece5fa95ec9ce56ab2cd135ae8d0b948aa22b84c8b88980e572a735cec867ee50f04b0875a7093f669ce3cc70808b7545238937a4a9de61f48e6b856ef57be1293ace525b1a3d662b4ca5b1fb3a11105c2216f3d2379b3f77f1ec6e1936cd1744df2172d5ff6c1767f47f2cff90b4caca1c77eab304a4fcd1007c3a59143fbf2118c9f639da40b24613a3e58d60c0ecc645ea05e096dbd0c446c70b4dd374cee6b83d295682f7bf068fc9a670087ecc7ebab36f6a93678c7274f366dec7152f03479e41b1ce8be9e4ff9eaf7b44890a90b9d151d134278b94d6a0a7c8f98328419d790b8c1583ac3f9042fc712456955b0910f15c538986acd3c775849409a86394b094c24ef9060e9febcf97d96c7f989e635e0c36eca78c7dc2247c172c83b3a6969ff8e4028ece75179723ac72a1636fd768646d50a9a8c8b667e3da6677f3ebddb71cdbd309068a727b6ad1ad5d0ea84a88522ac27df77d33925f7ca5cfcad29c1974c86c4f24532f53da86216d9f1ed5ffcf5bafb7bc3f5143ab5867f3af4641ab32f46dbd3c00829f1ec69819be3e5005f24c8cb3db89a34bade1adcf1e6bdb8a9fe20d081065261c13ccff92166259a72f4d33e53c984eb19d285668feea4940c3350cacd87e219cd995d528b98db65d17c062615fa716c27d6c8659db13de0334d139ff7b492168e01316a5244e8cba11aed64c24807f7a0a6abc08f65db1a30caee3a5c5168ec0ecc4ef6c921b376a659fb73f7738f8214433ba5936e2ddde129b6014657c11959e5e6e1b545539e51f64c76402bbefcd32d8eb8eca0bcd4ac7bde3b3c717c6f9a18bf8c70e8ca6c8dcff07b82bb330f9712706ec1b6e51a95210716daad8b2d22f6b012061e65764d20e5941b1db88fe1c3264825dea275ba6c89b1654a00bc1d436cdbd17387de6551166523b9795f1949ab7b1547c90ab103fb2a7f0814b9e85cf0209e1356fadc22b21750a0cc34f42d0e4447147d52f968b649be9bbb54e5241f3207566d4fc556831ddbd54b88ab10944f6417383f0375882b885038c94333e494c9fb519ce9a00a20e3642447f4c54e1fd6d6167d33d195decdbee36ef7279273ac3b9cd1c36743b561ac87d6d8801e3f2a4205ce928e179ac2f05e87365cd3e4b131834bf124a2704fb1623da8f2176bfa8cd60c60a9311070455b860f1997e3687eafd29ae413490878e9d5b8dab346c5bbf217917c60516580782c8d2dd96af8a8ecc6dd03ec7fddb7cfd2ef95beeb4d708764058e48d17c6c972bcaa9ee3d7f225528bb8f77243df1b07ef9c3aaeb1a8f4ff9ac2282a6cecbe02f0c341f7b6699f04e2c5d2adaa1534139b1b3b8eccdc8d5ed4763e6a55d83950adc5743e83534737948b464310db3b0f5096ca45a266b71207f0b3256dee4ff3d7414912f334a179864cb41c5e42284f3a85d10d67b87b4fb9a0a718b2635c5e684c3bf7086fb7089720710e9a751aafc417d8e226150cfa8051431103d44c5546f36d3a9d806a8d64b99b52d94345d865dffc27196ef11b79804c39924e2c8f03fda5c6aafe35777264e0df359773cfc2cbbda27494398e09c881f709b7165f8a107d17c67783198708def57c5f4038c70c8d26dd92685cdef940533d79fd028b8d6767431a00ed85a520589fd3a696a585861dadd3bf701a39acbb395ba604a97b94f1ad4e4fcdcc99c9e046202da77427da2e1324cb48570347405872d81633062c6be0b323e230d2cf802c2151277cd039f69c6d7a92de6d265ca7b0d70cd38764776cdae4ad6729671550f574318862090a677fc54c99b60f5c1cdf8dc6d4f997eafe9d181911e4d22c12cf36aba1492070684034d6af22851ce8563a68f2060af9578cea094ff89320de688cc7065038538c11046ab4cd4c53e7dcdfda0ba41938b6ce88bfb57a224a6fd4929bcb68efa3240c6608b49bc2cdab23ce63324be2e8662e5155c47e03e811c23473d78c046fcbf6d47c4278727b248237b39e944ad849e5d7177f2910454e539dd781bcf41710008ac6f828b6275ce58c07884f03cc9588d0e92e6b7e4d32c7f9019254aff15d6c6fb8d5929ee0385da2f68a51be79b891e1292895db451bc560071f8ef4e142e929743b155fe746f5941dc20bc401e8c1b0065bd5df6a3bb2c8b6a90e36261051ca8f6f8f43c3f21f087504ca59cf740674b8126c63a97150f328d2107864b77bebec9f405f27f44c2fd4611577a3d3bf87d961e565a5e823558affbc4bad601eaef20a031e010f1e5c64185f733b982d8a9aa778e99a96002c1a6feca170f1221e32605c92e4bdcc32fae8075ff802eb14fd29359a5d42c5c3828b0b2e190d7328e1b7079f17cc5e277b7744b6a1f026844935edcb4bce6a5a9d839abb54473af140a7cb52b2836ae2a1d52773af154587fd3bd8f7fbbed0a55ec345e17850df16eaa1b0527804591773221f6c7678d085f6b1b4981b3f788679f317789c1c20eec01268e908cf18d7fb8476f6380b43d6bf295b6defbaed8c49a3582961e5a831ca30088108c5d1c762323e0fe364501f9719396f99e41fc68c9ceef87ce43f5ecbcb69acbc2c4967362f0e7c6917eb5e1ccf6ec07b4955739cb4ab1c14115e42663688421d66bf2029125423a88854bc061b61187f06835fe4c61159daab6d7a1440a6d5067a13d7010407c7900e094b30273278b5a3f467d4341887c84847c1b41fae4272b37d2eb598960475a5f78c68da4a286d7059152ddbafa832b2f48139167231b3189e446631acc37222cfeaa6caca05c2971606be0ac4caa7ab7b4e4c98fea6a31f8d43e79ab63e57a6b234db68b5a8743a38dcfeff268f287d5d5cd86f342fbc9d673c251e4defc271e3386de932ae376c6cf059a8889e0648861aced7ef82cad546f51488a714cefac6816035be45c3d0bee359c6d22f5d5fd418f539b81997e7970640de5b58a10ed558776196aec8818c4086c513efbf42415f99321f460760ed6345a878acf4d5c154ae3c15e27dd02f75c937487a43fa52d41b855f351a8e0ef854af2fd0cde110259c80b45046576d3ca9118c6c7f0bf9e5ea80765a7d01c3d8d8f9bbcc6b77c01123a985542aa609082e71e433748444f9867be84b378bdcbd2d8d4eeb30503d8f38b2001cc7b334a8a442e31db4a441024b035dbec39eca10feb55abcdd92c0787772235bf968e30fcee2b8cf3bdacf93ebd2f7cd74c261a44433b5c87f5ef19692b63a7fee16f804cfbfd99236fd6323d0294be531a24f0ec5812c27a34bc08356a7dfdb31ab7a95b85a7a2f75ae01a1332098264a1ce83205792358a83dd5cadaa9c1c359107e01095856e764c1fd957ae05aaf7de15987d50dbb5beb0328f078e4a00ef0f4fd2706add1ea92ad179b84a6bd2eb85f9781b807373beea419e9fd44f4f9192a449b8533979cb50d3febe0f63d607c9fcea36ba78de5746a6a16b54940e1a3c275609d7405dfddb9ca2657abfba2bae9d6321a72a58ccbc9304b14f7945741badbc1833ee72986adda51dfdf870696db8a35bcac0a732bcdff71297d8c1352c806ae55074d12f51554848825b4a60f7697a8a854f73e653357387e260b654dddd78f8ff3dbe87b73e03abd14e7ed988c5b5e466c834bc4f6e819eeaa3f0e8c57b8fd098a5bd3d31e9a0d1c454e72fabeef52207e88d1d627d2ed09e8c90c6072f9e7213bf85bc5f58abe3a0ed98e60c05c932f57481959580a5b7ebd8e820bdad1b3305d9bb194612df7d868676ae437ea11bfadb290d5593e77c142fc80ff6732f1488a36848bc2bd0f23a56e9cd0b0308579e09c489b8a55b75d87a4f5f208e045688f974d37b5c9f348c48f58528125cb0916210aa59f0e68627d9e6972da5faf6962fce9871e9d5bc0742caee550a32060b31fa50aa6c366d2842fdd5e041833573908898f15b3d9f19fd7f9152690df9810c3a89ac536782e1d79df5c187eb61a8c986bb2aa3ceda4667132e11a8b051ccedf1c48b90318ecbd21afa0dd350fa1297a47f005f9232d4c59029d4668a7b2644739669397018f3f9147ebddcebe44d94dc4ac95cbbec001b64dcec2274e1ae6f467bab79c2d64648ec7a568c51c52f8e97f16cc7bea74baa2b0344ad9a7445c854f0d54e4749fb833a9165ecda27c39dd383ee70a71a8696946ade799386a7be2deb2619d97b8f568c7bd4eb149edd0c8011a992fd097a82712e75b80c55313db725050b642d7e8d3705d5fb82c68daf0c3b7bd2a931f2f9c46b90a5c07a6a09eeb8d91088aa0c56d35c929fc3864084fd4b24a82a45d0ff4ac6d2ca773eae52e8cf3e92c691342817bbb8a872e53ade0915254fb8e2429b024c9224a9938c0196424f2f541d538cdc2edbcec1e33f3e865ba131ad2e863b3c88b2b12e1bbbb9ca605ef8722a0a95fbbca93f4cdaeff874c4ecb181f2733e590be737667134c07b307f3de39e4cb66f41ba651a731f6df7fdb9af249325c421753f0c70b88e634be75fee66a94a3c92f07ed47e331a030586d9761f0b9ee3b2e6805b0fe20f50ba35001d4046a7165d9c997deca6452d7a8c44d1fc7968273d98809e1d09135fa215914e4ae8e263a32edc91ec112eed56fd37e488eab4f53b7b8376167da2b7bd61ce634fbd60ba09badfbfba491dd351abe4aa02c301f523de609bf76190050eb6f07f1e03c0205f6a55d720ff372225632bddc753d92aad40cd155903484b8963060bd5e0bb28322ff28d1b40c35a99072c25ec5b5f1e7a31390ed4cc143a8f30c7d89ed67184111cca36e6a2ab4452bbbb9b988b2789274d25b739cee729812018543462c911331a93d3980f3bba7ca6d34d17290660e481ea6ab6e7611131838eea3def663fbe2f489006824f32e24c47f2203b6edb656757084fa4778d996fbf4a8f1305b2616fc36b405c76ec9a8492bc0940610bf34abf0d5f9a168ca8260506a843c255a19324d2644d98ab500edd50f695920d66e8db760632da82dd2c4c7f2e846def86a1685e9dda1b753aacd1767ed554f424e734734662084bbe78c4bd25921a8d70f8ca7439d46e1116b848ee899886314fd423612c513def472b6e8f0b46e0112f833b50dbe7b354860535af3dc7d97f94c3d5b3078549b1137317b5d0f8b1337a0cd0fd9515511285b3d9f21d6fd5bc4ae3e7417594f49413904e812dccb33f45dff6989c73adf03fa670d13676fecc5dc53f3d662410d1fdccd5276b6bb5e28fc04fab4ef526e86cd3b43b19c42ba2c871e077abc23c19934144b91d2bd169970fa6a4e23e9deb528520403d02515ebe49a62add741df11d1ac1755b56f7d14cadb0da817e070e8a61d52a99cd07e3cae19f958af2b0e392b0fd43f941d224fee4bc59a92035e008b7a36c8acd6720d507fd7740ad2ad5ab3bc912bc25ecb290be6421198b8f83d80349c1368eb95725f197e87e4d331026a80692d66bfb29", 0x1000, 0x679bfb87}]) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="2373cb002ff045ecfcd1a0791c972fc6baee2a815260945fabea85a08c704405c3ebeff067ebae01bfcf868fee02a3d2670aa168652c000453439fc0753d313d2bac912d15266b3636f950e52d812e925c2954336789f781f2bf40000000000000004ffedddba49851ed72d5bf7a9a069621974276", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1000"/16], 0x44, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x101000, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000240)={0x1fd, 0x0, 0xb000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000200)=0x1, 0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 303.344087] kvmalloc_node+0x4e/0xe0 [ 303.348194] alloc_fdtable+0x13b/0x280 [ 303.352103] dup_fd+0x693/0xa40 [ 303.355417] copy_process.part.0+0x1b5a/0x6a00 [ 303.360129] ? save_trace+0x290/0x290 [ 303.364189] ? proc_fail_nth_write+0x7d/0x180 [ 303.369145] ? proc_cwd_link+0x1b0/0x1b0 [ 303.373711] ? __cleanup_sighand+0x50/0x50 [ 303.378065] ? lock_downgrade+0x6e0/0x6e0 [ 303.382238] _do_fork+0x19e/0xce0 [ 303.385804] ? fork_idle+0x280/0x280 [ 303.389535] ? fput+0xd4/0x150 [ 303.392745] ? SyS_write+0x15e/0x230 [ 303.396658] SyS_clone+0x37/0x50 [ 303.400124] ? sys_vfork+0x30/0x30 [ 303.404835] do_syscall_64+0x1e8/0x640 [ 303.408741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 303.413875] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 303.419365] RIP: 0033:0x4598e9 [ 303.422560] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 303.430517] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 303.430522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 02:56:06 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) 02:56:06 executing program 1: open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x2, 0x4000) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f00000000c0)={0x2, 0x400, 0x10000, 0x1, 0x0, 0x2a}) fstat(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r3) fsetxattr$system_posix_acl(r0, &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x1}, [{0x2, 0x5, r2}], {}, [], {0x10, 0x1}}, 0x2c, 0x7) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x7f, 0xc, 0x1, "dc42f4bb15baad7f34348248a2c791092405871aa72a8cdde6297d3694bfba14", 0xd70103a}) 02:56:06 executing program 2: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x7fff) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) [ 303.430527] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 303.430532] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 303.430537] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:07 executing program 3 (fault-call:8 fault-nth:10): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:07 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40041, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:07 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = socket(0x10, 0x80000, 0x9) getsockopt$sock_buf(r1, 0x1, 0x1a, &(0x7f00000000c0)=""/174, &(0x7f0000000040)=0xae) r2 = geteuid() fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='sy\x03)tem.poacl_default', &(0x7f0000000000)={{}, {0x1, 0x2}, [{0x2, 0x0, r2}]}, 0x2c, 0x0) 02:56:07 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) 02:56:07 executing program 2: kexec_load(0x2, 0xfed1, 0x0, 0xb05cc82f89450dfc) 02:56:07 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'vlan0\x00', &(0x7f0000000380)=@ethtool_dump={0x3f, 0x9, 0x100000001, 0x9a, "ce0fa02ad2a0493b2f347f7ac8c670989f8dbc2d71e68025376a91386942604ae0a6fa3c792cf1f9c7e22807c0945fa161139ff97e1f59acc5a36a1b9383822d0ccb77710408b63a43aa00e871072ce534dcfb230fdc87b37b3fd2af4ad924f0d30f439dd9eef29a8f1e88ca1090f48ce0df9f6f3a7609fde97ac5bb6323db4791e9e15a748af8196c59078967e94e250c5f2ecad8130130f491"}}) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) fstat(r3, &(0x7f0000000200)) fstat(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r5) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="040000000000000008000400"/24, @ANYRES32=0xee00, @ANYBLOB="08000600", @ANYRES32=r4, @ANYBLOB='\b\x00\v\x00', @ANYRES32=r5, @ANYBLOB='\b\x00\f\x00', @ANYRES32=r4, @ANYBLOB="10000000000000002000010000000000"], 0x44, 0x0) [ 303.600509] x86/PAT: syz-executor.3:11527 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 303.609577] x86/PAT: syz-executor.3:11527 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:07 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)) 02:56:07 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000004000140000007b8a1543e52365c1a0a37d6ead21b7e08a", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x0, @local, 'bond_slave_1\x00'}}, 0x1e) 02:56:07 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x8000, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f00000000c0)=r2) r3 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)) [ 303.772907] x86/PAT: syz-executor.3:11586 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:07 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000004000000000000001000000000000000200000aa000000000b6f76848b1a57a3f4dddfcc34b4d757feb7c8bebc0a7ee6b91886bf4899da114ee5b9b427b42372d8eef907b37f7fc08dfe728860cc1a1a33b28271f845dbf00a6e58562f9a66518d54c993a778c71f954bf3deea5fcae4fdb7fe976178a35b5c045b93aaf28999b27150f1905a55cb207efafec2b9ec478ceba6e875c977f58f5c694d5075e3c115b5d5d78d2cfb4d98a2da46c85f92c0c68b9d135a9c4505638aca1ca5ea9dda43c7f3ba27fccfe00e3d2036006ba4ec90244c9393f3b46f203801a003d7a0aa04756ff1213ec264328b401acc"], 0x24, 0x0) [ 303.855792] FAULT_INJECTION: forcing a failure. [ 303.855792] name failslab, interval 1, probability 0, space 0, times 0 [ 303.923534] CPU: 0 PID: 11598 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 303.930892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.930897] Call Trace: [ 303.930917] dump_stack+0x138/0x197 [ 303.930935] should_fail.cold+0x10f/0x159 [ 303.930950] should_failslab+0xdb/0x130 [ 303.930964] kmem_cache_alloc+0x2d7/0x780 [ 303.930974] ? dup_fd+0x533/0xa40 [ 303.930987] copy_fs_struct+0x43/0x2d0 [ 303.931001] copy_process.part.0+0x3924/0x6a00 02:56:07 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$TCSBRK(r0, 0x5409, 0xd8e) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYPTR=&(0x7f0000000140)=ANY=[@ANYPTR, @ANYRES32=r1], @ANYRES32=0x0, @ANYBLOB="0400000000", @ANYRESDEC, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x9, 0x0) [ 303.931018] ? save_trace+0x290/0x290 [ 303.931028] ? proc_fail_nth_write+0x7d/0x180 [ 303.931036] ? proc_cwd_link+0x1b0/0x1b0 [ 303.931055] ? __cleanup_sighand+0x50/0x50 [ 303.931064] ? lock_downgrade+0x6e0/0x6e0 [ 303.931087] _do_fork+0x19e/0xce0 [ 303.931103] ? fork_idle+0x280/0x280 [ 303.931119] ? fput+0xd4/0x150 [ 303.931128] ? SyS_write+0x15e/0x230 [ 303.931141] SyS_clone+0x37/0x50 [ 303.931149] ? sys_vfork+0x30/0x30 [ 303.931161] do_syscall_64+0x1e8/0x640 [ 303.931169] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 303.931184] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 303.931192] RIP: 0033:0x4598e9 [ 303.931197] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 303.931208] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 303.931214] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 303.931220] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 303.931227] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 02:56:07 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000000)) [ 303.931232] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 303.958891] x86/PAT: syz-executor.3:11598 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:07 executing program 3 (fault-call:8 fault-nth:11): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:07 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000200)='sy\x9etem.\xb8\xeeT\xcb\x83\xfa\xe7\xe5K{posix_acl=denault\x00\xf4~\xb6\x7f7\xef.\xe2\x9c\x03\xa02\x99kFw\x8b\xe6\x16s\xfbs5\xef\xc3?x\xae\xcb\xdcdrR$\x12\xc8\x8e\xdd\xcc\xfd5\x15\xba\x00\xde\xfc\xdc}\x04\x91\xa3\xccW\x97\xf8\xe2\xd3!\x05\x94\x9f\xe0\x13Kk\xfd\x14\x13\xc2\x1eX\"v=\xa8=', &(0x7f0000000280)=ANY=[@ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRESHEX, @ANYBLOB="5000060000002000000000000000871c"], 0x9, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) openat$cgroup_type(r0, &(0x7f0000000000)='cgroup.type\x00', 0x2, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x1e5b00, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000140)={0x0, @reserved}) 02:56:07 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x40000, 0x0) [ 304.293911] x86/PAT: syz-executor.3:11598 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 304.430501] device bridge_slave_1 left promiscuous mode [ 304.437038] x86/PAT: syz-executor.3:11632 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 304.446413] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.467077] FAULT_INJECTION: forcing a failure. [ 304.467077] name failslab, interval 1, probability 0, space 0, times 0 [ 304.481502] device bridge_slave_0 left promiscuous mode [ 304.491795] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.508547] CPU: 1 PID: 11632 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 304.516067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 304.525930] Call Trace: [ 304.528718] dump_stack+0x138/0x197 [ 304.533245] should_fail.cold+0x10f/0x159 [ 304.538356] should_failslab+0xdb/0x130 [ 304.543143] kmem_cache_alloc+0x2d7/0x780 [ 304.547592] ? _raw_spin_unlock_irq+0x28/0x90 [ 304.552380] ? trace_hardirqs_on_caller+0x400/0x590 [ 304.557438] copy_process.part.0+0x1cd5/0x6a00 [ 304.562474] ? save_trace+0x290/0x290 [ 304.567020] ? proc_fail_nth_write+0x7d/0x180 [ 304.571983] ? proc_cwd_link+0x1b0/0x1b0 [ 304.576363] ? __cleanup_sighand+0x50/0x50 [ 304.580717] ? lock_downgrade+0x6e0/0x6e0 [ 304.584898] _do_fork+0x19e/0xce0 [ 304.588376] ? fork_idle+0x280/0x280 [ 304.592292] ? fput+0xd4/0x150 [ 304.595871] ? SyS_write+0x15e/0x230 [ 304.599700] SyS_clone+0x37/0x50 [ 304.603343] ? sys_vfork+0x30/0x30 [ 304.607603] do_syscall_64+0x1e8/0x640 [ 304.611709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 304.616689] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 304.622524] RIP: 0033:0x4598e9 [ 304.625820] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 304.633634] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 304.640924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 304.648238] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 304.655881] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 304.663676] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 304.677022] x86/PAT: syz-executor.3:11632 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 304.686793] x86/PAT: syz-executor.3:11632 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 304.767075] device hsr_slave_1 left promiscuous mode [ 304.813440] device hsr_slave_0 left promiscuous mode [ 304.834518] team0 (unregistering): Port device team_slave_1 removed [ 304.844389] team0 (unregistering): Port device team_slave_0 removed [ 304.854475] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 304.896412] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 304.955875] bond0 (unregistering): Released all slaves [ 306.861542] IPVS: ftp: loaded support on port[0] = 21 [ 307.757484] chnl_net:caif_netlink_parms(): no params data found [ 307.796404] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.804618] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.812073] device bridge_slave_0 entered promiscuous mode [ 307.819429] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.826160] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.833510] device bridge_slave_1 entered promiscuous mode [ 307.855347] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 307.864966] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 307.885323] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 307.893064] team0: Port device team_slave_0 added [ 307.899059] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 307.906461] team0: Port device team_slave_1 added [ 307.912181] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 307.920118] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 307.972790] device hsr_slave_0 entered promiscuous mode [ 308.010562] device hsr_slave_1 entered promiscuous mode [ 308.050737] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 308.058611] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 308.073824] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.080667] bridge0: port 2(bridge_slave_1) entered forwarding state [ 308.087426] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.095326] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.125467] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 308.132118] 8021q: adding VLAN 0 to HW filter on device bond0 [ 308.141566] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 308.152586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 308.160202] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.167412] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.177304] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 308.183965] 8021q: adding VLAN 0 to HW filter on device team0 [ 308.194552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 308.203297] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.210292] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.221059] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 308.228699] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.235369] bridge0: port 2(bridge_slave_1) entered forwarding state [ 308.252162] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 308.263002] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 308.274810] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 308.285981] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 308.297620] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 308.309175] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 308.315534] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 308.322838] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 308.338924] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 308.349849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 308.740521] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 02:56:12 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) 02:56:12 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) shutdown(r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:12 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000000)) 02:56:12 executing program 3 (fault-call:8 fault-nth:12): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:12 executing program 2: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, &(0x7f0000000080)={0x4, 0x8, 0xfa00, {r0, 0x1}}, 0x10) kexec_load(0x100000000c0001, 0x0, 0x0, 0x160000) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000100)) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$PPPIOCSMRRU(r2, 0x4004743b, &(0x7f00000000c0)=0x8) 02:56:12 executing program 1: socketpair$unix(0x1, 0x8000000000001, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_ifreq(r1, 0x100000089f3, &(0x7f00000028c0)={'ip6_vti0\x00', @ifru_addrs=@in={0x2, 0x4e20}}) open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@mcast1, @in6=@mcast1}}, {{@in=@multicast1}, 0x0, @in6=@local}}, &(0x7f0000000000)=0xe8) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') syz_open_dev$sndtimer(&(0x7f0000000180)='/dev/snd/timer\x00', 0x0, 0x0) setsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, 0x0, 0x1) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) r4 = accept4(r3, 0x0, 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') sendfile(r4, r5, 0x0, 0x50000000000443) sendmmsg(r4, &(0x7f0000006f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup(r6) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r8, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r8}) r9 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$NBD_DO_IT(r9, 0xab03) [ 309.300129] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.308407] bridge0: port 1(bridge_slave_0) entered disabled state 02:56:12 executing program 1: r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_DMA(r0, 0xc0406429, &(0x7f00000001c0)={r1, 0x1, &(0x7f00000000c0)=[0x8], &(0x7f0000000100)=[0xc6], 0x5, 0x1, 0xffffffffffffffe0, &(0x7f0000000140)=[0x3], &(0x7f0000000180)=[0x100, 0x71, 0x101, 0xd5, 0x5, 0x4, 0x7, 0x4]}) setxattr$trusted_overlay_redirect(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='trusted.overlay.redirect\x00', &(0x7f0000000300)='./file0\x00', 0x8, 0x5) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0xc) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {0x4, 0x7}, [{}, {}, {0x8, 0x0, r3}]}, 0x44, 0x0) 02:56:12 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) connect$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x1, @local}}, 0x1e) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r1, &(0x7f0000000000)='net/l2cap\x00') bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x0, 0x19, &(0x7f0000000040)='system.posix_acl_default\x00'}, 0x30) [ 309.384772] x86/PAT: syz-executor.3:11656 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 309.411229] FAULT_INJECTION: forcing a failure. [ 309.411229] name failslab, interval 1, probability 0, space 0, times 0 02:56:12 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000080)=0x3ff7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x5) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0x400000, 0x0) ioctl$VIDIOC_G_CTRL(r2, 0xc008561b, &(0x7f00000002c0)={0x1000, 0x9}) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0xa, 0x5, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getsockopt$IPT_SO_GET_REVISION_MATCH(r4, 0x0, 0x42, &(0x7f00000000c0)={'TPROXY\x00'}, &(0x7f0000000140)=0x1e) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r7 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r7, &(0x7f0000000300)={0x2, 0x3}, 0x2) r8 = dup2(r5, r6) connect$vsock_dgram(r8, &(0x7f0000000100)={0x28, 0x0, 0x2710, @host}, 0x10) ioctl$UI_END_FF_UPLOAD(r1, 0x406855c9, &(0x7f0000000200)={0x9, 0x5, {0x54, 0x10001, 0x5, {0x8, 0x2f}, {0x1f, 0x4}, @period={0x5d, 0x2f4, 0x3, 0x9, 0x3, {0x82a, 0x0, 0x100000001, 0x2}, 0x6, &(0x7f0000000180)=[0xffff, 0x92, 0x4, 0x6, 0xfffffffffffffffe, 0x1]}}, {0x4, 0x7, 0xffffffff7fffffff, {0x7ff, 0x20}, {0x8}, @cond=[{0x1, 0x400, 0x100000001, 0x9, 0xfffffffffffffffa, 0xffffffff}, {0xfffffffffffffffc, 0x9, 0x3, 0xfffffffffffffbff, 0x4, 0x6}]}}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)) [ 309.474302] CPU: 1 PID: 11656 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 309.481764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.491423] Call Trace: [ 309.494037] dump_stack+0x138/0x197 [ 309.497689] should_fail.cold+0x10f/0x159 [ 309.501874] should_failslab+0xdb/0x130 [ 309.505882] kmem_cache_alloc+0x2d7/0x780 [ 309.510139] ? lockdep_init_map+0x9/0x10 [ 309.514226] ? debug_mutex_init+0x2d/0x5a [ 309.518778] copy_process.part.0+0x3c75/0x6a00 [ 309.523464] ? proc_fail_nth_write+0x7d/0x180 [ 309.527978] ? proc_cwd_link+0x1b0/0x1b0 [ 309.532334] ? __cleanup_sighand+0x50/0x50 [ 309.536589] ? lock_downgrade+0x6e0/0x6e0 [ 309.540754] _do_fork+0x19e/0xce0 [ 309.544224] ? fork_idle+0x280/0x280 [ 309.548331] ? fput+0xd4/0x150 [ 309.551636] ? SyS_write+0x15e/0x230 [ 309.555669] SyS_clone+0x37/0x50 [ 309.559150] ? sys_vfork+0x30/0x30 [ 309.562714] do_syscall_64+0x1e8/0x640 [ 309.566636] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.571997] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 309.577200] RIP: 0033:0x4598e9 [ 309.580489] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 309.588294] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 309.595875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 309.603264] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 309.610638] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 02:56:13 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {0x4, 0x2}}, 0x2c, 0x0) [ 309.618303] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:13 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="0200000001000000000000000451000000000000104cdae7694800000000000000240000"], 0x24, 0x0) 02:56:13 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) r0 = getpgrp(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'}) setuid(0x0) 02:56:13 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="0080f050d0", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) r2 = accept4$bt_l2cap(r1, 0x0, &(0x7f00000000c0), 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r3) setsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000100)={0x0, 0xee01, r3}, 0xc) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="020000000100005ff300000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) bind$bt_rfcomm(r4, &(0x7f0000000080)={0x1f, {0x3, 0x8, 0x1, 0xff, 0x100000000, 0x1000}, 0x2}, 0xa) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x890b, &(0x7f0000000000)) 02:56:13 executing program 1: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x3) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:13 executing program 2: r0 = socket$bt_rfcomm(0x1f, 0x1, 0x3) r1 = getuid() r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@mcast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6}}, &(0x7f0000000140)=0xe8) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup(r5) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r7, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r4, 0x89e1, &(0x7f0000000080)={0x3, @default, r7}) r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fstat(r8, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r12 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r12, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, &(0x7f0000000380)=0xc) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r14) r15 = getegid() getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r16) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {0x1, 0x4}, [{0x2, 0x5, r1}, {0x2, 0x1, r3}, {0x2, 0x5, r7}, {0x2, 0x2, r9}, {0x2, 0x6, r10}, {0x2, 0xa65c94a3484fc905, r11}, {0x2, 0x0, r13}], {0x4, 0xd}, [{0x8, 0x1, r14}, {0x8, 0x1, r15}, {0x8, 0x2, r16}], {0x10, 0x1}}, 0x74, 0x2) kexec_load(0x1, 0x0, 0x0, 0x328000) 02:56:13 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000040)) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {0x8, 0x7}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video2\x00', 0x2, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="08001000", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000100)={0x3, r0, 0x828e86e536586224}) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400002f0000000000080000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000140)={0xfff, 0x7f3, 0x3, 0x0, 0x0, [{0xffffffffffffffff, 0x0, 0x9}, {r4, 0x0, 0x80000001}, {r5, 0x0, 0x5}]}) connect$caif(r1, &(0x7f0000000000)=@dgm={0x25, 0x5, 0x5b}, 0x18) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10050000000000002000000000000000"], 0x44, 0x0) [ 309.916115] ntfs: (device loop2): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 310.003168] ntfs: (device loop2): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 310.046447] x86/PAT: syz-executor.3:11651 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:13 executing program 3 (fault-call:8 fault-nth:13): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:13 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB='D\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VHOST_GET_VRING_BASE(r3, 0xc008af12, &(0x7f0000000100)) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="02000000010000080300000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="001140501f7b894b48ee7600", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) getpeername$netlink(r2, &(0x7f0000000080), &(0x7f00000000c0)=0xc) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 310.088501] x86/PAT: syz-executor.3:11651 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:13 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x280841, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") stat(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r3) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r6 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000480)="008106e358b6ebb35651", 0xa, 0xfffffffffffffffe) r7 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r6, r7, r6}, &(0x7f0000000540)=""/83, 0x53, 0x0) keyctl$get_keyring_id(0x0, r6, 0x1) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) r9 = getegid() fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000380)={{}, {}, [], {0x4, 0x1}, [{0x8, 0x6, r2}, {0x8, 0x3, r3}, {0x8, 0x4, r4}, {0x8, 0x6, 0xffffffffffffffff}, {0x8, 0x4, r8}, {0x8, 0x4, r9}], {0x10, 0x5}}, 0x54, 0x2) 02:56:13 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) r5 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$CAPI_NCCI_OPENCOUNT(r5, 0x80044326, &(0x7f00000000c0)=0x6) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {0x1, 0x2}, [], {}, [], {0x10, 0x1}}, 0x24, 0x0) eventfd(0x1) 02:56:13 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) socket$caif_stream(0x25, 0x1, 0x2) [ 310.212389] ntfs: (device loop1): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 310.279677] x86/PAT: syz-executor.3:11729 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 310.297215] FAULT_INJECTION: forcing a failure. [ 310.297215] name failslab, interval 1, probability 0, space 0, times 0 [ 310.319326] device bridge_slave_1 left promiscuous mode [ 310.325797] ntfs: (device loop1): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 310.327098] CPU: 0 PID: 11729 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 310.342921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.346705] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.352272] Call Trace: [ 310.352291] dump_stack+0x138/0x197 [ 310.352305] should_fail.cold+0x10f/0x159 [ 310.352319] should_failslab+0xdb/0x130 [ 310.352329] kmem_cache_alloc+0x2d7/0x780 02:56:13 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = semget$private(0x0, 0x0, 0x3e0) semctl$GETNCNT(r1, 0x4, 0xe, &(0x7f0000000540)=""/4096) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TIOCLINUX4(r2, 0x541c, &(0x7f0000000040)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x4}], {}, [{0x8, 0x667cb4553ff358e4}, {}, {0x8, 0x6}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SG_SET_KEEP_ORPHAN(r3, 0x2287, &(0x7f0000000000)=0x20) [ 310.352342] ? lockdep_init_map+0x9/0x10 [ 310.381227] ? debug_mutex_init+0x2d/0x5a [ 310.385388] copy_process.part.0+0x3c75/0x6a00 [ 310.389978] ? proc_fail_nth_write+0x7d/0x180 [ 310.394509] ? proc_cwd_link+0x1b0/0x1b0 [ 310.398586] ? __cleanup_sighand+0x50/0x50 [ 310.402827] ? lock_downgrade+0x6e0/0x6e0 [ 310.407107] _do_fork+0x19e/0xce0 [ 310.410573] ? fork_idle+0x280/0x280 [ 310.414292] ? fput+0xd4/0x150 [ 310.417660] ? SyS_write+0x15e/0x230 [ 310.421382] SyS_clone+0x37/0x50 [ 310.424746] ? sys_vfork+0x30/0x30 [ 310.428287] do_syscall_64+0x1e8/0x640 [ 310.432176] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 310.437033] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 310.442220] RIP: 0033:0x4598e9 [ 310.445409] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 310.453124] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 310.460433] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 310.467796] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 02:56:13 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 310.475066] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 310.482345] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 310.504843] device bridge_slave_0 left promiscuous mode [ 310.529888] bridge0: port 1(bridge_slave_0) entered disabled state [ 310.681091] x86/PAT: syz-executor.3:11729 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 310.699960] x86/PAT: syz-executor.3:11729 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 310.766048] device hsr_slave_1 left promiscuous mode [ 310.823627] device hsr_slave_0 left promiscuous mode [ 310.863991] team0 (unregistering): Port device team_slave_1 removed [ 310.875185] team0 (unregistering): Port device team_slave_0 removed [ 310.886694] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 310.946159] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 311.027069] bond0 (unregistering): Released all slaves [ 312.792073] IPVS: ftp: loaded support on port[0] = 21 [ 313.574389] chnl_net:caif_netlink_parms(): no params data found [ 313.612513] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.618990] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.626178] device bridge_slave_0 entered promiscuous mode [ 313.633376] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.639837] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.647102] device bridge_slave_1 entered promiscuous mode [ 313.665832] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 313.675244] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 313.695136] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 313.702667] team0: Port device team_slave_0 added [ 313.708300] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 313.715679] team0: Port device team_slave_1 added [ 313.721149] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 313.728545] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 313.782477] device hsr_slave_0 entered promiscuous mode [ 313.820395] device hsr_slave_1 entered promiscuous mode [ 313.860814] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 313.867958] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 313.881615] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.888036] bridge0: port 2(bridge_slave_1) entered forwarding state [ 313.895121] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.901685] bridge0: port 1(bridge_slave_0) entered forwarding state [ 313.933720] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 313.939986] 8021q: adding VLAN 0 to HW filter on device bond0 [ 313.948370] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 313.957119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 313.965265] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.972153] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.982121] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 313.988372] 8021q: adding VLAN 0 to HW filter on device team0 [ 313.996997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 314.004710] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.011151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 314.031412] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 314.039185] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.045569] bridge0: port 2(bridge_slave_1) entered forwarding state [ 314.053491] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 314.061647] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 314.069260] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 314.077072] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 314.088198] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 314.097298] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 314.103561] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 314.118400] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 314.129884] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 314.560564] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 02:56:18 executing program 4: 02:56:18 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="4ffb368a6e6af1462000000000000000"], 0x44, 0x0) 02:56:18 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40000, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000080)={@rand_addr, 0x0}, &(0x7f00000000c0)=0x14) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000100)={r2, 0x8, 0x4, 0x1, 0xc0a, 0x8, 0x3}) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000040)=0x200, 0x4) 02:56:18 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) exit(0xa0db) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:18 executing program 3 (fault-call:8 fault-nth:14): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:18 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$sock_ifreq(r2, 0x6bd7038331bd8f2e, &(0x7f0000000180)={'ifb0\x00', @ifru_data=&(0x7f0000000140)="e79f8ffaab16246a470fe4a2534b34236cbcff9ddb8751b55cf6c8574391a6ad"}) connect$rds(r1, &(0x7f0000000080)={0x2, 0x4e22, @broadcast}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) ioctl$UI_END_FF_UPLOAD(0xffffffffffffffff, 0x406855c9, &(0x7f00000000c0)={0xf, 0x40000000800000, {0x52, 0x8, 0x2, {0x80000000, 0x20}, {0x7, 0x7}, @const={0x100, {0x4, 0x2, 0x80, 0x9}}}, {0x55, 0x7fffffff, 0x7, {0x48, 0x8}, {0x9}, @ramp={0xfffffffffffffeff, 0x3, {0x3, 0x80000000, 0x1, 0x7f}}}}) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)) [ 315.212052] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.220171] bridge0: port 1(bridge_slave_0) entered disabled state 02:56:18 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r1) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = getpid() accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x80000) sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r4, &(0x7f0000000000)='net/l2cap\x00') fcntl$setownex(r3, 0xf, &(0x7f0000000000)={0x1, r4}) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r2) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {0x8, 0x0, r2}], {0x10, 0x8b9b9cdf36953847}, {0x20, 0x1}}, 0xfffffffffffffebe, 0x7) [ 315.288491] x86/PAT: syz-executor.3:11770 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 315.298763] FAULT_INJECTION: forcing a failure. [ 315.298763] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 315.312532] CPU: 0 PID: 11770 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 315.319573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.328934] Call Trace: [ 315.332324] dump_stack+0x138/0x197 [ 315.335977] should_fail.cold+0x10f/0x159 [ 315.340283] ? __might_sleep+0x93/0xb0 [ 315.344171] __alloc_pages_nodemask+0x1d6/0x7a0 [ 315.349017] ? fs_reclaim_acquire+0x20/0x20 [ 315.353334] ? __alloc_pages_slowpath+0x2930/0x2930 [ 315.358435] ? check_preemption_disabled+0x3c/0x250 [ 315.363664] alloc_pages_current+0xec/0x1e0 [ 315.367999] __get_free_pages+0xf/0x40 [ 315.371886] pgd_alloc+0x25/0x2b0 [ 315.375452] ? lockdep_init_map+0x9/0x10 [ 315.379513] mm_init+0x578/0x970 [ 315.382866] copy_process.part.0+0x3ccd/0x6a00 [ 315.387440] ? proc_fail_nth_write+0x7d/0x180 [ 315.391927] ? proc_cwd_link+0x1b0/0x1b0 [ 315.395990] ? __cleanup_sighand+0x50/0x50 [ 315.400227] ? lock_downgrade+0x6e0/0x6e0 [ 315.404361] _do_fork+0x19e/0xce0 [ 315.407798] ? fork_idle+0x280/0x280 [ 315.411508] ? fput+0xd4/0x150 [ 315.414808] ? SyS_write+0x15e/0x230 [ 315.418507] SyS_clone+0x37/0x50 [ 315.421852] ? sys_vfork+0x30/0x30 [ 315.425377] do_syscall_64+0x1e8/0x640 [ 315.429252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.434186] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 315.439373] RIP: 0033:0x4598e9 [ 315.442554] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 315.450250] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 315.457510] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 315.464761] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.472119] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 315.479461] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:18 executing program 2: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x24000, 0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000040)) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:18 executing program 3 (fault-call:8 fault-nth:15): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 315.502122] x86/PAT: syz-executor.3:11770 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 315.513550] x86/PAT: syz-executor.3:11770 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:18 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x2, 0x0) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_GET(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB=':\x00\x00i', @ANYRES16=r3, @ANYBLOB="040027bd7000fcdbdf25030000000800040004000000080008007f000001"], 0x24}, 0x1, 0x0, 0x0, 0x24004000}, 0x40000) 02:56:18 executing program 4: 02:56:19 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000107220bb32a983f9f283e8b63ce43d32b6cf66cc746611a4a26602bb0ede901e94646a37f516ed53e95ecb075ed985b4c9390e5176aa2b209c5e753b4261910367cc1eedf0b8704f913632f5a7b114f3649385548cda2dc1322c6b87721f408e907a4d6a2bceda05ca7c985f5e609885c244c71e8edfdd144c85282ba721230877df", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) 02:56:19 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1000, 0x10000) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000040)=0xfffffffffffffffb, 0x4) [ 315.699175] x86/PAT: syz-executor.3:11799 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 315.721203] FAULT_INJECTION: forcing a failure. [ 315.721203] name failslab, interval 1, probability 0, space 0, times 0 [ 315.733924] CPU: 0 PID: 11799 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 315.741051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.750435] Call Trace: [ 315.753033] dump_stack+0x138/0x197 [ 315.756678] should_fail.cold+0x10f/0x159 [ 315.760842] should_failslab+0xdb/0x130 [ 315.764834] kmem_cache_alloc+0x2d7/0x780 [ 315.769122] ? _raw_spin_unlock+0x2d/0x50 [ 315.773373] ? __khugepaged_enter+0x26c/0x340 [ 315.777888] copy_process.part.0+0x444f/0x6a00 [ 315.782504] ? __cleanup_sighand+0x50/0x50 [ 315.786864] ? lock_downgrade+0x6e0/0x6e0 [ 315.791124] _do_fork+0x19e/0xce0 [ 315.794604] ? fork_idle+0x280/0x280 [ 315.798335] ? fput+0xd4/0x150 [ 315.801538] ? SyS_write+0x15e/0x230 [ 315.805350] SyS_clone+0x37/0x50 [ 315.810607] ? sys_vfork+0x30/0x30 [ 315.814296] do_syscall_64+0x1e8/0x640 [ 315.818282] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.823145] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 315.828429] RIP: 0033:0x4598e9 [ 315.831619] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 315.839618] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 02:56:19 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) close(r2) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r4}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000280)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000080)=[{0x14, 0x0, [0x4, 0x8, 0x8, 0x8, 0x4, 0x7, 0x7ff, 0x0, 0x5, 0x10000, 0x100, 0xfff, 0x3, 0x401, 0x3, 0x8001]}, {0xa, 0x0, [0x5d, 0xfffffffffffff000, 0xfffffffffffff801, 0x7, 0xa1, 0x7, 0x9, 0x8, 0x0, 0x9, 0x10000, 0x2, 0x1, 0x8000, 0x6, 0x2]}, {0x10, 0x0, [0x9, 0x8, 0x8, 0x1, 0x7, 0x0, 0x3f, 0x3, 0x9, 0x81, 0x8, 0x800, 0x7fff, 0x5, 0xffffffffffffffff, 0x2]}, {0x2, 0x0, [0x8, 0x303, 0x6934, 0x8001, 0x3, 0x7, 0x2, 0x200, 0x5, 0x4, 0x1, 0x8, 0x3, 0x21, 0xb043, 0x77]}, {0x1d, 0x0, [0x6, 0xfffffffffffffff9, 0x5, 0x8292, 0x10000, 0x3615cef1, 0x10001, 0x3, 0xb2, 0x5, 0x4, 0x6, 0x5, 0x1, 0x1, 0x7f]}, {0x11, 0x0, [0x489, 0x1ff, 0x1, 0x4, 0x4, 0xff, 0x10000, 0x3, 0x8, 0x7, 0x1000, 0x7ff, 0xffffffffffff8001, 0x21bdf42b, 0x3f, 0x6]}, {0x9, 0x0, [0x1, 0x4, 0x52, 0x5, 0x9, 0x5, 0x1, 0x8, 0x2, 0x10000, 0x0, 0x3, 0x10001, 0x5ccb, 0xa93, 0x3]}], r4, 0x1, 0x1, 0x1f8}}, 0x20) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x890b, &(0x7f0000000000)) 02:56:19 executing program 2: write$P9_RFLUSH(0xffffffffffffffff, &(0x7f0000000040)={0xffffffffffffffbc, 0x6d, 0x2}, 0x7) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) [ 315.846986] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 315.854358] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.861732] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 315.869102] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 315.909526] x86/PAT: syz-executor.3:11799 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 315.941483] x86/PAT: syz-executor.3:11799 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:19 executing program 3 (fault-call:8 fault-nth:16): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:19 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xc) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SG_GET_TIMEOUT(r2, 0x2202, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=r1, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000010000000000"], 0x44, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xbd, 0x402e02) 02:56:19 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:19 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0xa2a, 0x73, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40047, @perf_bp={0x0}, 0x208, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:19 executing program 0: fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000000)='trusted.overlay.nlink\x00', &(0x7f0000000040)={'L+', 0x8}, 0x28, 0x1) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {0x8, 0x0, r1}]}, 0x3c, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:19 executing program 2: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x20, 0xd205195459dfb1fe) mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x0) 02:56:19 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40043, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) select(0x40, &(0x7f0000000080)={0x0, 0xf7b, 0x3ca, 0x8, 0x200, 0x545, 0x401, 0x1}, &(0x7f00000000c0)={0x8, 0xfff, 0x3494, 0x9, 0x49, 0x329, 0x5, 0x3}, &(0x7f0000000100)={0x0, 0x6, 0x1, 0x3ff, 0x4, 0x7, 0xfffffffffffffff8, 0x3}, &(0x7f0000000140)={0x0, 0x7530}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 316.196426] x86/PAT: syz-executor.3:11826 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 316.230016] FAULT_INJECTION: forcing a failure. [ 316.230016] name failslab, interval 1, probability 0, space 0, times 0 [ 316.270511] CPU: 0 PID: 11826 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 316.277561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.286927] Call Trace: [ 316.289528] dump_stack+0x138/0x197 [ 316.293291] should_fail.cold+0x10f/0x159 [ 316.297458] should_failslab+0xdb/0x130 [ 316.301537] kmem_cache_alloc+0x2d7/0x780 [ 316.305704] copy_process.part.0+0x444f/0x6a00 [ 316.310311] ? __cleanup_sighand+0x50/0x50 [ 316.314550] ? lock_downgrade+0x6e0/0x6e0 [ 316.318714] _do_fork+0x19e/0xce0 [ 316.322175] ? fork_idle+0x280/0x280 [ 316.325896] ? fput+0xd4/0x150 [ 316.329094] ? SyS_write+0x15e/0x230 [ 316.332813] SyS_clone+0x37/0x50 [ 316.336175] ? sys_vfork+0x30/0x30 [ 316.339721] do_syscall_64+0x1e8/0x640 [ 316.343611] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.348561] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 316.354020] RIP: 0033:0x4598e9 [ 316.357206] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 316.364920] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 316.372199] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.379473] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 316.386742] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 316.394016] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 316.419866] x86/PAT: syz-executor.3:11826 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 316.449965] x86/PAT: syz-executor.3:11826 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 316.660439] device bridge_slave_1 left promiscuous mode [ 316.666136] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.720934] device bridge_slave_0 left promiscuous mode [ 316.726587] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.874167] device hsr_slave_1 left promiscuous mode [ 316.924155] device hsr_slave_0 left promiscuous mode [ 316.993072] team0 (unregistering): Port device team_slave_1 removed [ 317.006487] team0 (unregistering): Port device team_slave_0 removed [ 317.016620] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 317.054235] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 317.114712] bond0 (unregistering): Released all slaves [ 318.941465] IPVS: ftp: loaded support on port[0] = 21 [ 319.747943] chnl_net:caif_netlink_parms(): no params data found [ 319.784922] bridge0: port 1(bridge_slave_0) entered blocking state [ 319.791494] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.798637] device bridge_slave_0 entered promiscuous mode [ 319.805610] bridge0: port 2(bridge_slave_1) entered blocking state [ 319.812436] bridge0: port 2(bridge_slave_1) entered disabled state [ 319.819931] device bridge_slave_1 entered promiscuous mode [ 319.840616] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 319.850358] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 319.869467] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 319.876829] team0: Port device team_slave_0 added [ 319.882494] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 319.889621] team0: Port device team_slave_1 added [ 319.895071] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 319.902415] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 319.962542] device hsr_slave_0 entered promiscuous mode [ 320.010466] device hsr_slave_1 entered promiscuous mode [ 320.060717] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 320.067709] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 320.081813] bridge0: port 2(bridge_slave_1) entered blocking state [ 320.088810] bridge0: port 2(bridge_slave_1) entered forwarding state [ 320.095667] bridge0: port 1(bridge_slave_0) entered blocking state [ 320.102104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 320.133956] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 320.140532] 8021q: adding VLAN 0 to HW filter on device bond0 [ 320.150610] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 320.159614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 320.167911] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.174993] bridge0: port 2(bridge_slave_1) entered disabled state [ 320.185991] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 320.192184] 8021q: adding VLAN 0 to HW filter on device team0 [ 320.200789] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 320.208331] bridge0: port 1(bridge_slave_0) entered blocking state [ 320.214725] bridge0: port 1(bridge_slave_0) entered forwarding state [ 320.225425] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 320.233649] bridge0: port 2(bridge_slave_1) entered blocking state [ 320.240069] bridge0: port 2(bridge_slave_1) entered forwarding state [ 320.261563] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 320.269273] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 320.276970] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 320.284576] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 320.292848] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 320.301936] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 320.308223] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 320.323654] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 320.334759] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 320.730540] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 02:56:24 executing program 4: 02:56:24 executing program 0: open(&(0x7f0000000040)='./file0\x00', 0x1, 0x643b24014f1c09f) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='sys\x00\x00\x00\x00\x00\x00\x00\x00Btem.posi\xb3\x04\x00\x00l_Aefault\x00', &(0x7f0000000480)={{}, {0x1, 0x3}, [], {}, [{0x8, 0x1, 0xee00}, {0x8, 0x6}, {0x8, 0x9fdeeeab3dc85ea3}], {}, {0x20, 0x1}}, 0x3c, 0x2) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") accept(r1, &(0x7f00000000c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000140)=0x80) 02:56:24 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x200000, 0x46) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:24 executing program 2: kexec_load(0x200000000006, 0x0, 0x0, 0x170000) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x5, 0x4005) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000040)='\x00') 02:56:24 executing program 3 (fault-call:8 fault-nth:17): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:24 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) alarm(0x100000000) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:24 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000510500000000000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) 02:56:24 executing program 0: fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 321.561816] x86/PAT: syz-executor.3:11869 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:25 executing program 4: [ 321.629775] FAULT_INJECTION: forcing a failure. [ 321.629775] name failslab, interval 1, probability 0, space 0, times 0 [ 321.700744] CPU: 1 PID: 11878 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 321.707889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.717293] Call Trace: [ 321.719905] dump_stack+0x138/0x197 [ 321.723631] should_fail.cold+0x10f/0x159 [ 321.727802] should_failslab+0xdb/0x130 [ 321.731799] kmem_cache_alloc+0x47/0x780 [ 321.735872] ? __lock_is_held+0xb6/0x140 [ 321.739938] ? check_preemption_disabled+0x3c/0x250 [ 321.744963] anon_vma_clone+0xde/0x470 [ 321.748869] anon_vma_fork+0x87/0x4d0 [ 321.752767] copy_process.part.0+0x45e2/0x6a00 [ 321.757378] ? __cleanup_sighand+0x50/0x50 [ 321.761620] ? lock_downgrade+0x6e0/0x6e0 [ 321.765809] _do_fork+0x19e/0xce0 [ 321.769270] ? fork_idle+0x280/0x280 [ 321.773111] ? fput+0xd4/0x150 [ 321.776399] ? SyS_write+0x15e/0x230 [ 321.776417] SyS_clone+0x37/0x50 [ 321.776426] ? sys_vfork+0x30/0x30 [ 321.776438] do_syscall_64+0x1e8/0x640 [ 321.776445] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.776461] entry_SYSCALL_64_after_hwframe+0x42/0xb7 02:56:25 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r2, 0x5, 0x0, 0x0, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x60, @media='ib\x00'}}}}, 0x68}}, 0x0) sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200006}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x300, 0x70bd28, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x24008080) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="020000000100000000000000020004006a6d6ca32acfc609b3610ae42f7f207847301cb636b9b0e0422d7118d119d1ed6f1a862e681319d2f6c19be21cb6d9656e79e1edcca8d7c8602783e2e0baeba072028dcd1c3d12d57307f14aaaf2da56f644928872158a3cce4513bd465d30ba74", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) ioctl$PPPIOCSMRU1(r0, 0x40047452, &(0x7f0000000600)=0x76a51df6) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000)=0x7, 0x4) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000001c0)) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000640)="10122735dc1021a8418434e6f2899abea5ffdf1dbf3deb0a6569aea8ed30f058aa3abd924c91b6c33442d7769ae9bd2fc51b4ef38cb424be53e7fb86e4029a95f67c130b7b6c801d06b4a1f0d8d0555a8c1f9270c2c4e1e0064a0ad9ca7e0c42aeb51e2e952587aa6684f2996c59495350f0fa6ab12fb7db9a4c170c83b12f63ee12433dffa165851a321657d377eedcd877f03fb68f335a653039dfdea23d641b5f5199b97bb35ff8f2c1a258c01a03d801595b072c8566a6b3b9b56efc9a227474d850cb4e60d778443ddb867b117971e9c39c5eb955cda4b51f18fef89f10046f8698e33df138e0851d1bf6761454823f", 0xf2) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000400)={0x3, 0x9, 0x8004, 0x6, 0x17, 0x4303, 0x8, 0x2, 0x0}, &(0x7f0000000440)=0x20) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r4, 0x84, 0x5, &(0x7f0000000540)={r5, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x84) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\bV\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x3}}, 0x44, 0x0) r7 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$DRM_IOCTL_AGP_FREE(r7, 0x40206435, &(0x7f00000003c0)={0xff, 0x0, 0x2, 0x101}) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fcntl$dupfd(r3, 0x406, r6) 02:56:25 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = getgid() fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {0x8, 0x0, r1}]}, 0x44, 0x0) 02:56:25 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x23, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="020000000100000000000000040011f7c226cf70e8000000000000100000000000000020000400"], 0x1, 0x3) getsockopt$nfc_llcp(r0, 0x118, 0x4, &(0x7f00000001c0)=""/81, 0x51) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vga_arbiter\x00', 0x20000, 0x0) ioctl$BLKPBSZGET(r4, 0x127b, &(0x7f0000000280)) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KDGKBMETA(r5, 0x4b62, &(0x7f00000002c0)) sendmsg$TIPC_CMD_SHOW_STATS(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x90689b5443b17fb5}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x312, 0x70bd2a, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2004c800}, 0x4000c00) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r6, 0x84, 0x12, &(0x7f0000000180), &(0x7f0000000340)=0x4) 02:56:25 executing program 4: [ 321.776468] RIP: 0033:0x4598e9 [ 321.776473] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 321.776485] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 321.819254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 321.819261] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 321.819266] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 321.819272] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 321.860438] audit: type=1400 audit(1568429785.253:64): avc: denied { ioctl } for pid=11888 comm="syz-executor.2" path="socket:[44737]" dev="sockfs" ino=44737 ioctlcmd=0x8904 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 02:56:25 executing program 4: 02:56:25 executing program 5: r0 = open(&(0x7f00000018c0)='./file0\x00', 0xa08200, 0x48) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000280)=0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0xc000, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000140)=0x0) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000001540)=ANY=[@ANYBLOB="02000000000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040200000000000008009f007c784121e12d5a93ce142b9f27ec6f4e72941d9ac71e60c86578c79e5cc3da684265dfad43296b5397ceedc273", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) fstat(r5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_generic(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1c0d2e25b99b6d36}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)={0x1220, 0x18, 0x400, 0x70bd2b, 0x25dfdbfc, {0x12}, [@typed={0xc, 0x45, @u64=0xaa}, @nested={0x8c, 0x85, [@generic="d92676f63c6f8c6994b25d3c3544a63bab459b29e40b614437ffe7c34c2d9670ffbb5c319b6c16f0e9d91dd3f65a8e756fca6f089c0f385f8e4bb8271145939dc1ab0bf9d10af0aceb19ea847afb7a715514ee2c735761ef67004cbbd0ba6a21441c1315e2811fba7dd91670e5033feec7c8d636c8e098d088b7323e6b8d1a1f7588fde2f3"]}, @nested={0x1168, 0x83, [@typed={0x8, 0x28, @pid=r4}, @typed={0xfc, 0x70, @binary="a632e958b39365c274f62ce933311c4fba62308b086d73c428df917d320d7951e231efe7b66ce371e64795e0fb01d01a411c0e6b0235115cfba8fa65be8bde682230fbd92cb9c0504a5042f8ca8edf8c13d20b380f128b69585a23855034a20885d5c687fd118d120cc59e8f0f6b7d27858056ad7cf26423df51fd0ec064d69b0928e39fd0d9ad6de03f922adee6906d77548ab447a242f820e2661b49f0c6cea60fcdb09ebc308918495a9f195a861c26adb704379ed53bca4bddc191b26ea2bae8f45ff1fc8ac0aceb8650117f841542dc43d2dbbec0cb30e0d38f0d9c10dfaf5671de72663e98d156e9625b4f8dc1dbf00b4a7c135467"}, @typed={0x14, 0x35, @ipv6=@mcast2}, @generic="dccd10a107fb701645a738727e97c969be66363a43bfb7a03245c471c6950109e9886a4bec7fd692a2efd5bc6dda21e943168d2504595289bd0853dc36eb82fabe6e9a502f2caae8bcf0be9b37fc690f754faf160a44b114afa5701636bbcaa0bc887224dbe425962a863990abc00e5e5e6194d7fd0d55fa59d84029d1d4da40ea1a5c1e124c1473f8cefbc290ddb50e1da31fada39febfc57e162b914f2aa7b3059a487665ea69485ee114eec60c8f7249556000e85c92b82ee387a62e3fcab724a1bd6f330e823d5e96e897e3521f662fb451ddd86f36602685d3215d29e61502d8b3a387de3c76c2b5b97d667b6710f28eaa3ca28f352083ba7ac5f6b07c4ed6968556fc7e749164afde2fb72615c9921e923b7ea7d8fd1c3814fe2639a0857862f0d710c9f5071bafdf7af32231b285e11682de00bda6765ff4e7597e11c0a9943442aed1d5894e01d8261d7941ab1e1016ece1f6ce15fb497f08590b0fd7537c4a643f478e230ff60d346c2c4371381b152b5591632107b686b8093777b42cf48dc6cde0857cb741a5c383dd6105247150418770a9f5261f12cbd690a6fcf6eee6fef9c697adce3f435c44d01bc0699b1feaaebafdb368e74e715735eda8437a21c9e9d9535a8aa74b9d1105fee0f962a6dd301f04cf971f3966c1e06fba4d0dc85b00865d9f670e0b1bdca1a40a3484d6da154c7d38e3bd26b65870673a1994033fd69424ed92562556364a2a69a2833b332315999b7b805e6d75b645de75acdd5aa07fbfc13e6055d92b53f58c923b710e000193c60516953698da48959c12f6851903b5b672841ef5ac013f57071dd97d4131500552a20bf29535071e8c18209693e36b289982715874ef96e64ac720865fb95aa28f470276947ccadc07ecc9dd18cecb922e538d545a17cbb91cff54c35be67c65f1e515048ba37957eec974430c260c69011fc282927797fbf7e84f8b4a1b019204cfa2af18eedbe4579be8de3cf82d961701f20a824d2bd3c180e9f29f398ee0ee9d4468dab5049086cb43cbae875e81bf5338373222c249fc37e7f249b04bdbb5929f5a467454b9948d0b4cc47e94dc29f8abfcc2e7e2b08f8994fb9c694c43d119fc4385f0f14f0b6ff26e31b552f832642841bf951c7592d78ab5c9d6dfe6571191b3031168f86545def8dc3c88668bce940bb20ffb4b24464f99045e343960fd4a15b6285015fd8c64d5fbc5c2b4b520c1b328bb0e992d2e43af3e7ce07760ae80979225651f493b9e314054b076525ec205a8c63f50bd1e6fa7edc66531f2134ae6d27bd8754d414203a5316fba67da1b328dcd4e976805b66649da4bf7b280181b9d924efb68324c8ed2c84e018802040edb5c6003ff6cc74e6f9029255c9dba0b31f9f158d84f47b7e324a636328460c8364bba2911e70cdb4c488c8490c22f0ed7e92fb928d336e1b8e16e1a1af8eed42a6244ce44a477aa07b2220dc36869f322b080262aa1437ec4efc3c6fb1ca70d4974d1fab1b23d328d3684fa076bcafa221f5f69735b228b3c277646e4623d7e54b71bad8d4c1fe44549756c23b274fc7c193a04ef2776163d293bc69f8643706fd091f29928cf97eb95614e45138e47696e897445fa78f41efe3e2ee7b687abfb87b2074aba49ae42e42ac58cf7955adff16bdb63a39388bb938ce7b60118f6e801d2df8326ce9334f546b25c63dca06784ebdaaf989c5a59a502d58a23d89cfb247889c288b89c382d7acd589a78988b962867e0c949d00d2b224788d9f214130db30e482d12a39e5f8aa81b5798ec6bbf93a8f2963a18f148b18d946354b1766fd517a1786e70fcba8362e9bd97f7c2f646ac6a3d72a4922558390fb562fc305e8441b714a3d2b843d0a2643f8571c25e1568b6057ddbb9dbc8345d4f930d1cf4694b916b4d7c4b87f32bd973bc73f2a960b03a8888e452da259f54cfaf37d45ed9c99e8413128f797d0cd08bd9c961612fad629b97014d4e8d93a27d554ddc85d42c4bc0b032cafee4954089798abd6470174d19b315eacb4aa69420f3475adb3c8011a34ca7e6efdcfdd4f026cf2f3827d05bf7fcca5907b9fbe32e26f56b762e08f8f337dac74a1c63840acb6ab26033b1c560c9f8f0f8a3cd2c1a90115ebae6d576506127a6725d146ad3b0d49feb73005f9a20b7e50e19e272268a16b9ba46fbaeb8fc73f34d40740dac7ee243c56b4d49edf741393abc0b64edbc7344230a3609217be244cb5ab4d6b9b094e621a75c910ecc87075e8a1336c4f7bbbd7c87274fc2d0ca24365069067c5e6ae63cad822ec84d065da9920e14b857e6e63777b554b23280a684e7e8f7cec2d1f85484f47ad202e802434068298799234e335bd15f9fce2447d238950f7d67876d2bff57777e4bec5a3135c9077df7ce31d9120d535d0e086f50377e69091d7f6094d02bb797b979c112b66c842870869fb13ab1092b8fe85fca460f1f71658063e4fa640371e746c90579042a0bb6c6f264677e7c0f0f1cdd1bce30b4b1757002ca864a8919d92cbb235a032573daa8e662caf6272e2d55bd2bc076565ed6f1ab9584f6843b035618f622caa7e6397a16bc5f2dd5f28a3f7ea40814a5ed7648097c8afaff42f1890d6702d39ed8ddd3a2a93fff79a3a25ae68206956adfa1637b512589bd79dbd202d5c3f4cc5b2dd4dacb444f0a9d4939c0e10c7bbbbcb01aed2cd3d1e2d756d4a5fecde7ae6abaf3207c964c191eb4bb3bd2f5a4a7af095b8153ac11e6dd7b77f0000685e4a28a747bc67780b2c4ea97645d5d1f4cb3f1ea7792894c85ec4160e284ef9c3e0840e1de3a5e7eafdaaa48e34e2f86f85df1d1e7cf6e9d4c902cdd26ed6df87c64cf421648014634b3a4a245adaab98d9386742b728bb4982f24f9e827c25251b7f8d04b4f4a97edc5b1c00c98113f034c42f9e10e4326fe13f8865d6727a3947d543277c9ae8de9bc05da903569a6d57350fbea4a7e148eafeb7b281271242f35fed4f2e052015b606aa7fb6a8b6db75fad6dcf15a99f89aa6b9768f06488cbf4f66b1db24cc442b9fddf2f5359c1913b4d619a36089e3d01de82748cfc71597820044de762ecf35eb9ab9ff0b394a16f0fa124c7c9274ae5a5bc19b5f63c699f6ac6d8188aebe4c7979fae50691cf2330d70b11958a6590fcb4830f65b61d7a4aad821ef47edfec86ce7e5ca7de76af0da3936633ec950b2b2ac9c33b6591e818130154390be3d0ac464bf6f826d65d3ec2c7e05af88b480a00ee37b76a2278561c84d3d7fdf119627844a1f962b6b6f3759652b6af22fa73f82d2b304956773d2e2bb2bbf4c428e0c5840a36647250a0db827623db1ffd102ded0194983a28c3a435051c8ea239dbcc896e64335d5a4a6019f792adb1b349d25cb556db0e181f883d08a1bd0cda70018c32966bad7a2e691f0a2a8d0ff461006c5422df1b7dab5542de963ee80c7315d268c91925edfb02970c8e2622ff4d7c70292d4427d7f32a24a64b742dafd309c4e104b610c1af2d617fda24865b099aa75624525782007e83c0568534392499c294d62171e87cf880505b13ab5559d12e6a3a21c4215f3fab5dcaf47e8056dfe8f91d85e0827dd0293b165879bb882c464c5e5670fe05867e2e596624daf18045c309ac366296fd96ad67a05bb52f71a1939abd423bc510593c39a1adcd9e022c10249fcf35955baa219c90bdc6f6b2335ae9be2abe45c13f038b86275a483488c8ac2d72738f055b5dc0651194887a4e0593894fdde74e150ea1118a0ccf4a9cdec84710d348be98213a109e4b62d6d8ffadd0b382bd56e5baf30929d0520b04c2ee8f37508c69fae9c0de28e7c32696fa7b0c0c85db4b319d2ca3dd29a9cd3219e008b922aecf1b7f40440ed3684a99ca2991755f286109864b1e4f2538fb90ddf33e660b581a22e4493a5652214ce1915becb8f3e8c0d7f77e2b4997ef12d139a48537b51c718c28f03fa2d9dc177a485ce41fd72eea52b1e9d4a4f33483114ddd2e7aa1d6109713b9bff6218e7590ab7926268010181c8b2b478ce283aecd4971106c4fde59768c28ceadd8f867c56876b687e74896b0e42d7f616a0d41a82c81c01b69800ca299fc16cf315b366c4032cfa5c89014d8325bb17e740dcd1b48674a4042537ea0ccbec40bfe05fd76cc281ebe4d0174705415ff387f10e7e00f631f21535d40cc0996120639fe3f0c985b29b7faf5c26e1678621704b34c94fa2dd96657e6f543c34bde5626fc068289f4ef20d8aaecd8bd3c4c1e7ed5f57c2f36d60ba4c9486c33135b13b126a550b2bd0fbc11619bf9b8233146c967f4b4aaaa81dab4f680cd661da12a9614603cff7dcb5d2bdf4118d89c1eee76e2a0f97ffe6da6cf0590692cd57030ad8ddcda36a034b07b2059d0ee99edf91aba500967cceb0fa2799168789ed79de5b4b118086a3632cc8f8ab64181a74f03b7e060e3ed563805b871d2c63ca63aea96548d0782f2bf20efff3bfcff20f0c0b2a0fa76ec69313bc526c140d3b766aee5af60b605a9850652acbad96d6b91aa00310d9b6cf75453a9ab950ce5d3c62e314441cacd8dde66159d44578fbd6d4f6e8608b8c5cd9d47ff50202f7b89f69f7e025228847db64ea5fb03e4d5d5eb257199e44bd004c26997430d13cddb988154adf42900e959c9faae025f3d3c2c65bc2a683f42f45f487b5b84b9964b180af0fdef2fb7b606b5ff271dfa09fbcbd46446791c0736ed0bfbfbc0581cabf157c17b6b221074ccce310e16b54a259569a91db9ce7507400995423e1928ef3f1b669ce1645385dff8625088e6a3e76f8cf785eabd8da2eb4f3d1bb2a78024802b1b3229bdc80c2d66f00a23bc9be0996f6da7a16a36fc9495318713f4bbf6427e35424c739c12e94254e1b1ec885f9aea5cb3f8d2c771f9645fc939e3a81b448912c6998351f4df9cea5990c38c463dd370da70c38be9f75f72b837406e5eefc886dbc63a886a952d5bd8837ce1fafe046c9a4ab972c5bf09cc46c7c1a8e1d4f022e7650c698f52c3dd07982312065aa86835bd5749213db609c7b7987243762aa5c8c3c368faee550bea72fd1cae4fcc5785f81d081d0eecaa42eb69d86022c7dae6cf6e0c280f98f7d3b8fda43b29c74c3daba2f91b1895169d422a105dd6bb0efad077dd3118a1a48ffb614b6fb9a60f1a478be52e39d57930b6a688ce7e83ec33846889eacdcb9056f34fc56f9b63cc14b1272a6edc32f75a36f92ccb8e274c47de429fe778b4ef0176ace1b410fdcf3eaa185facb563d3bc594fc325444e9c75bb6209fa3d88ee160bbb8bf71efc6a73aa87da89f9970ebc20cc6ac730d327fde2f3b54a0ae75eadb437615f1fa2698051b3a3baa65b531c19563447a8e4b3cd504f63f7cb12b68720352d3a8bd5223082d204bde3fb6f73147ef7d9358cedaa008ae5278852544e1f4756df93e5b1ad8188910541eea52b19ee87124ecdcfa9ad7d9abf6cb3e8ae26c03ec3869360bf31a073ce91a6dc05e786d83cbd7e744166ac8c52e5134419fc7f663dc293e57739126b3d7a94fd294892ad6479a9a3ff4afe42ece438fc962ac0a153a2e2c966508c9e77f6c8c651ae10fab7c75cdf3837c19bf73d0d410d0f801ec134384506155349dff10df72e1b9f9c20cf7699b0a3fd9d3ea418b35ba3fd3733b23cd386324904f5497ba4a0bd8cdf0b233a2e9331729407f0eaa13278bbad04369e7bc96819f049e03b6e71a26f2da3de55e4b5f3eec58dfcfa3d0509a2b5ce320597aba017c15d5c2bdcef6bc85072", @typed={0x14, 0x91, @ipv6=@empty}, @generic="aca6665e1e8b74dc87fb0a8b8e8da646a819c177e709f327329dc729a8fae88517bb671962204359c839faaf70cfa113b4a97ac6cc"]}, @typed={0x8, 0x42, @uid=r6}, @typed={0x4, 0x63}]}, 0x1220}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x0) r7 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r8 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) r9 = socket$inet(0xa, 0x801, 0x84) r10 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000000c0)={r11, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r8, 0x84, 0x73, &(0x7f0000000580)={r11, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r7, 0x84, 0x70, &(0x7f00000015c0)={r11, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}, [0x10001, 0x4, 0x1, 0x6, 0x5, 0x53, 0xebd9, 0x6a4c9fd6, 0x3, 0x7, 0x6, 0x3, 0x8, 0x7, 0x8]}, &(0x7f00000016c0)=0x100) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000001700)={r12, 0xbba}, &(0x7f0000001740)=0xc) r13 = socket$kcm(0xa, 0x5, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x337a580265a4699a, 0x0) r14 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r14, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") open_by_handle_at(r14, &(0x7f0000001780)={0xdc, 0x3, "5b93c77c78118b8f1a6c5e9d6a207fd29156b49d8e72d0a8b97a48bde8c93d5edadecb5486a4f72cb1a893b24d77b80a1c0c77fd233941f063cffd02a750f8e2aff788439f226ddac8defe624481c626fbd14e5941a6dff4064ff8b0c7c00daaab65e1cb76c3ba255d7899cc8e502ffd7188d25b602327b4a3c83e61a38812b7fc4fdaaa5f36520fb61fc7d3b1d2edb2f6cad860438f428dbba2b36eae5761baa0c20a6e779aec39c7c02426b2e2d9ad3be7e3a2fa530b31676f520e492ad7b92bb6fe47e56ad6f2b924fa9b0b67797f2de33ce6"}, 0x86003) ioctl$sock_kcm_SIOCKCMCLONE(r13, 0x890b, &(0x7f0000000000)) 02:56:25 executing program 3 (fault-call:8 fault-nth:18): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:25 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r0, r1) write$UHID_SET_REPORT_REPLY(r2, 0x0, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shutdown(r0, 0x0) [ 321.920599] x86/PAT: syz-executor.3:11897 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 321.934753] x86/PAT: syz-executor.3:11897 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:25 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x1, r4}], {}, [{}, {}, {}], {0x10, 0x3}}, 0x28, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {0x4, 0x1}}, 0x24, 0x0) 02:56:25 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) r3 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000480)="008106e358b6ebb35651", 0xa, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) keyctl$read(0xb, r4, &(0x7f0000000300)=""/4096, 0x1000) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r5, 0x89e1, &(0x7f0000000080)={r0}) 02:56:25 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r1) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r2) getgroups(0x9, &(0x7f0000000000)=[0xee01, 0xee00, 0xffffffffffffffff, r1, 0xee00, r2, 0x0, 0xffffffffffffffff, 0xee00]) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)={{}, {0x1, 0x2}, [{}], {}, [{}, {0x8, 0x0, r3}, {}]}, 0x44, 0x0) 02:56:25 executing program 2: kexec_load(0xfffffffffffffffe, 0x0, 0x0, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x101, @mcast2, 0x1}, 0x1c) [ 322.046236] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:25 executing program 2: socket$vsock_dgram(0x28, 0x2, 0x0) 02:56:25 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000480)="008106e358b6ebb35651", 0xa, 0xfffffffffffffffe) r3 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) keyctl$describe(0x6, r2, &(0x7f0000000080)=""/121, 0x79) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 322.086734] x86/PAT: syz-executor.3:11918 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:25 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x0, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffd9c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:56:25 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000640)='nbd\x00') sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x20, r2, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0xfffffffffffff61d}]}, 0x20}}, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="020000000100020000000000040000000000000008000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="08000100f08762c7807bb294ad70bb7390b363c5d46450671216d570fcc6b3675ef504fd64ef97fe22e864ff50d8b3173c8f311b3e4cbb5df7abfd1548ced2879bcdf9b9c24e6a4a6e98349202248d1a858e1027d9aeca368d6b95f14101444da55a4437e140b9f55a475efe4de9fdc7ae9403f9b41fb0b1fee774871177d205c4ebf800000000000000000000000000001fb4962005fb77875147800201b98858054e567e23f3a382070fa7268dd21bb8f45a70c4f4e0996c5f6c54f9afc7de437676274141a0408ac2bfb5dbe34411548a0a0268b874e05f45ae526e5c21f1c675783cf13fffec40a07d89afd2bb27476a97ac32cc4c1c577e12e04fc021ad87c6b612fb0d0d104a514ed9b550dc623f82dd966ed5c8b14269bfa2dae86b8b19d165e0f095495f76fe5210a40714e637fbfe4f1fe435915f3f1dbd0ace350962cb98b5748d45dc063262cd55f3d409a9f5761af4cf461b59ea79a4cbdd32047b320838c1866106cac0303f90921b2930ef97", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x3c, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000580)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="e5ffff420711d8549a2836eb18da5bef303fff", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000540)={0x7c, 0x0, &(0x7f0000000380)=[@exit_looper, @register_looper, @dead_binder_done, @acquire={0x40046305, 0x2}, @acquire={0x40046305, 0x2}, @dead_binder_done, @reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000002c0)={@fd={0x66642a85, 0x0, r0}, @flat=@handle={0x73682a85, 0x100}, @fd={0x66642a85, 0x0, r4}}, &(0x7f0000000340)={0x0, 0x18, 0x30}}}], 0x6c, 0x0, &(0x7f0000000400)="6aea5964f092efcf2547770cf2f7d9c696f25b5b029cabb4e01565bb3e65c07008bf8fe7a89105917eca83dafa4652544e8ca35636302cfe9d786e3c938891ca5e25cc04946dad9125d13452fb7b1776ae581895e0ef860fe4d58b08098ba55caffd2a364dfddfcd86dbb86c"}) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r6 = accept$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) socket$inet(0x2, 0x800, 0x0) sendfile(r6, r0, &(0x7f00000000c0), 0x400) 02:56:25 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000000)={'security\x00', 0x2, [{}, {}]}, 0x48) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0xff, 0x2, 0x64945fffdd272591, 0xaea5cc72dcd46066, 0x8, 0x1ca3730d5f2bbbab, 0x6, 0x5}}) [ 322.177200] FAULT_INJECTION: forcing a failure. [ 322.177200] name failslab, interval 1, probability 0, space 0, times 0 [ 322.250662] CPU: 0 PID: 11933 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 322.257841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.269991] Call Trace: [ 322.272580] dump_stack+0x138/0x197 [ 322.276224] should_fail.cold+0x10f/0x159 [ 322.280366] should_failslab+0xdb/0x130 [ 322.284330] kmem_cache_alloc+0x47/0x780 [ 322.288385] ? anon_vma_chain_link+0x142/0x1a0 [ 322.292963] anon_vma_clone+0xde/0x470 [ 322.296839] anon_vma_fork+0x87/0x4d0 [ 322.300628] copy_process.part.0+0x45e2/0x6a00 [ 322.305207] ? __cleanup_sighand+0x50/0x50 [ 322.309426] ? lock_downgrade+0x6e0/0x6e0 [ 322.313563] _do_fork+0x19e/0xce0 [ 322.317013] ? fork_idle+0x280/0x280 [ 322.320713] ? fput+0xd4/0x150 [ 322.323888] ? SyS_write+0x15e/0x230 [ 322.327597] SyS_clone+0x37/0x50 [ 322.330944] ? sys_vfork+0x30/0x30 [ 322.334471] do_syscall_64+0x1e8/0x640 [ 322.338349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 322.343193] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 322.348364] RIP: 0033:0x4598e9 [ 322.351544] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 322.359756] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 322.367010] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 322.374266] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 322.381595] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 322.388859] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:25 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000140)=0x0) write$cgroup_pid(r2, &(0x7f0000000180)=r3, 0x12) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="f6ffffb4ce6c87b30134c10002000002", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="0331e9daf0488aa02a2bc7291af418bcc05b5c4f397d6bae1bf2a7c461ea23c59e13c8729054fc51615d81e72d360577d95753a88551ccffffffff0000000092813104fa6d0ee1ad9d1f15d706de3a7906957d47baa6d2405729949b82e0ab1364be43cf534a690c1ac29c9d71f8fd1025b919", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r5 = fcntl$dupfd(r1, 0x406, r4) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r5, 0xc0bc5310, &(0x7f0000000080)) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x890b, &(0x7f0000000000)) 02:56:26 executing program 3 (fault-call:8 fault-nth:19): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:26 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r1 = accept(0xffffffffffffffff, 0x0, 0x0) r2 = syz_genetlink_get_family_id$ipvs(0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000180)={0x6}) sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c000800a0456b1ae3d95a3df1489211a34b0d60b7d6da070dbfd49ac54c699733b68fec10cbe4965673ac2978441a0d74003aa4ab7589e8c208e9583d495d1aafd74f64ac60765fc4c4df7ded4e60b6cea1ef4ad7875872a96d9e89bdfbda3692a5f00b7bf3a882f8e42ec1cd8c05f04a79367fdeb17b21d7d5c560edcacbf28188bf846dbfbd6974c6fe583d9cc2ff14af16f7189957bed44ee0cf311285a78188bf55914f9dd175e4a92253a67f496c495d143537cfa276384073fe611d0d0d9c37752bb3f5a257", @ANYRES16=r2, @ANYBLOB="000800000000fedbdf25030000000c000300080001001aa2ab1a080004000101000008000500feffffff0c0001000800010002000000"], 0x3}, 0x1, 0x0, 0x0, 0x40001}, 0x4) openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/current\x00', 0x2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getresuid(&(0x7f0000000280), &(0x7f00000002c0)=0x0, &(0x7f0000000300)) setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000580)={{{@in6=@mcast2, @in=@multicast1, 0x4e23, 0x0, 0x4e23, 0x1, 0xa, 0xa0, 0x80, 0x8, 0x0, r4}, {0x7f, 0xffffffffffffffa1, 0x7, 0x8000, 0x91e4, 0x9, 0x6, 0x101}, {0xbc, 0x1000, 0x400, 0x10000}, 0x9, 0x6e6bc0, 0x0, 0x0, 0x2, 0x1}, {{@in=@multicast1, 0x4d6, 0x32}, 0xe, @in=@loopback, 0x3502, 0x1, 0x1, 0x8000, 0x4, 0xffffffff, 0x2}}, 0xe8) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x841}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x3c, r2, 0xeeef65300d6e43b8, 0x70bd22, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3ff}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000340)=0x4a4c, 0x4) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000680)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="08000000a775fe63593746ee65397c79b728aaa00c68d8804111b3badefa4d1427f5c2c61d6412568fad89db41793fc2898ec6cef4fab52c3735c128cc0baae424a5b33905b66813f796069c54513e9f0de13b69506c01c0d2670b910ed8eb48ff1381ba134affb12763e6cbd4fe5f10f6b2d46ef055be71545fc01439a52c7529a07daf61ca0118b2a8944515fb51", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r6 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000200)='/proc/capi/capi20ncci\x00', 0x600002, 0x0) fanotify_mark(r5, 0x38, 0x43, r6, &(0x7f0000000240)='./file0\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200008}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r2, 0x400, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x84) 02:56:26 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x80000, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:26 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r2) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{0x8, 0x0, r2}, {}, {0x8, 0x1}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$EVIOCSABS20(r1, 0x401845e0, &(0x7f0000000000)={0xff, 0xfff, 0x5, 0x7f, 0xfffffffffffffea1, 0x5}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='s.posix_acm_default\x00', &(0x7f0000000480)={{}, {0x1, 0x4}, [{0x2, 0x2}], {}, [{}, {}, {}]}, 0x3d, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="08000f00", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/btrfs-control\x00', 0x80, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f0000000380)={'nat\x00', 0x0, 0x3, 0x82, [], 0x3, &(0x7f0000000140)=[{}, {}, {}], &(0x7f0000000180)=""/130}, &(0x7f0000000240)=0x78) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$X25_QBITINCL(r3, 0x106, 0x1, &(0x7f0000000040), &(0x7f00000000c0)=0x4) 02:56:26 executing program 4: syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x32, 0x0, @remote={0xac, 0x223}, @dev}, @icmp=@parameter_prob={0x4, 0x4, 0x0, 0x0, 0x0, 0x8, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x223}, @dev={0xac, 0x70}}}}}}}, 0x0) 02:56:26 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x6, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_config_ext={0x81, 0x100}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0xfffffffffffffd92) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 322.605641] x86/PAT: syz-executor.3:11912 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 322.615017] x86/PAT: syz-executor.3:11912 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:26 executing program 4: seccomp(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x800006, 0x0, 0x0, 0xffffff7f7ffffffe}]}) ustat(0x7, &(0x7f0000000240)) 02:56:26 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [], {0x10, 0x1}, {0x20, 0x4}}, 0x2c, 0x0) 02:56:26 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r2 = dup3(r1, r0, 0x100000) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000080)={r3}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0xa, 0xf, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="0200010001000000000000000200000066c0053636a0ab9e2300"/35, @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) setsockopt$inet6_tcp_buf(r5, 0x6, 0xcd005b82c7000e30, &(0x7f00000000c0)="144cf8fbbb79ac747569d40a7b7c109e7f53bd91", 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000)) [ 322.743242] x86/PAT: syz-executor.3:11990 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:26 executing program 2: kexec_load(0x0, 0xffffffffffffff6a, 0x0, 0x2424e45fa5e61730) [ 322.810875] FAULT_INJECTION: forcing a failure. [ 322.810875] name failslab, interval 1, probability 0, space 0, times 0 [ 322.848296] CPU: 0 PID: 12000 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 322.855523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.864967] Call Trace: [ 322.867565] dump_stack+0x138/0x197 [ 322.871186] should_fail.cold+0x10f/0x159 [ 322.875326] should_failslab+0xdb/0x130 [ 322.879372] kmem_cache_alloc+0x47/0x780 [ 322.883420] ? anon_vma_chain_link+0x142/0x1a0 [ 322.888014] anon_vma_clone+0xde/0x470 [ 322.891900] anon_vma_fork+0x87/0x4d0 [ 322.895688] copy_process.part.0+0x45e2/0x6a00 [ 322.900279] ? __cleanup_sighand+0x50/0x50 [ 322.904497] ? lock_downgrade+0x6e0/0x6e0 [ 322.908632] _do_fork+0x19e/0xce0 [ 322.912074] ? fork_idle+0x280/0x280 [ 322.915773] ? fput+0xd4/0x150 [ 322.918953] ? SyS_write+0x15e/0x230 [ 322.922667] SyS_clone+0x37/0x50 [ 322.926113] ? sys_vfork+0x30/0x30 [ 322.929639] do_syscall_64+0x1e8/0x640 [ 322.933514] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 322.938440] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 322.943623] RIP: 0033:0x4598e9 [ 322.946797] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 322.954490] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 322.961740] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 322.969707] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 322.977060] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 322.984418] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:26 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000280), &(0x7f00000002c0)=0x4) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100002004000ed002000000000000000330bcb07a79cdf6a6d8ba29db9e99a103a798872c388116346f1a364dc9c3209bb0b26f4f4ee3fb19d3f1c22459b024123e0795b41a2711b3f275a83307cbd1e15c38e4b326e62fcc5005bf633037e5136db77b1d72bfddd8f3265a32f4c90ef275489d59e4f58fbf4a94c3c5860b9e103c5e70f03f01b60bee2cdcfc741087481a93e650a5c528775ff31c6"], 0x44, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000000)) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f00000001c0)) prctl$PR_GET_DUMPABLE(0x3) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x3, 0xffffffff, 0x3, 0x9}]}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {0x4, 0x2}, [{}, {}, {}]}, 0x44, 0x0) 02:56:26 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r3 = socket$kcm(0x29, 0x0, 0x0) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f00000000c0)=0xfff, 0x4) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fchmod(r5, 0x118) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000080)=0x100, 0x4) r6 = getpid() sched_setattr(r6, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r6, &(0x7f0000000000)='net/l2cap\x00') r7 = getpid() sched_setattr(r7, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r7, &(0x7f0000000000)='net/l2cap\x00') r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") kcmp(r6, r7, 0x2, r3, r8) 02:56:26 executing program 3 (fault-call:8 fault-nth:20): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:26 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0xd) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000001700)) 02:56:26 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000000e5c300000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000080)={0x9, 0x4, 0x4, 0x0, {0x77359400}, {0x5, 0x0, 0x3, 0x1ff, 0x4, 0x0, "cab563a3"}, 0x7, 0x1, @offset=0x2, 0x4}) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x4e21, 0x4, @empty, 0x7}, {0xa, 0x4e22, 0xc1, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4a4d}, 0x976, [0x7ff, 0x95d, 0x1000, 0xb5, 0x3f, 0x100, 0x0, 0x2]}, 0x5c) 02:56:26 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="797abf51f01d4f001be6c70049f321d69e5cd8041a00465ded2c9f8207a7337e450f731295cb14b32b609dfc4648f039b9872bc6cf108bcbc7cc957b74ee3c6cdea2c44502d1f52fd4426e0caa0cb3343429ce681ddffd874ef7f7c846c2d54640cb649086fbf127700b4920daf652180f571ad291e4c9ad1c07e2bf42970daa969a6f0b1741fd235518a9a82186ce42e1aca050127d8319b0eb67b4c630fc72bafac57185967bb463b1227abd5d8a9a66def6910692f7f790696941afea91121db1da23a4a2388058cf299c155939a4c5fbf4eb9a70dd6b2b99d5722fa9176b2359aef9449a02ce643db2bb2f94863c22ff1280af6b206bd2e7799b8c", @ANYRES32=0x0, @ANYBLOB="10000100000000002000000000000000"], 0x44, 0x0) 02:56:26 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000000c0)={{{@in, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f0000000000)=0xe8) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r4) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r5) r6 = getegid() getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r7) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000380)={{}, {}, [{0x2, 0x0, r2}], {}, [{0x8, 0x4, r3}, {0x8, 0xd9ff7294df8e85bc, r5}, {0x8, 0x7, r7}, {0x8, 0x4, r5}, {0x8, 0x6, r6}], {0x10, 0x4}}, 0x54, 0x1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:26 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") listen(r1, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x6, 0x400000) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) [ 323.133961] x86/PAT: syz-executor.3:12021 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 323.158011] x86/PAT: syz-executor.3:12021 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:26 executing program 2: kexec_load(0x0, 0x8d, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000001040)=0xfffffffffffffffd, 0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000001280)='/dev/qat_adf_ctl\x00', 0x2400, 0x0) sendmsg$alg(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000000)="6f4a4710e460f72678c886f68a2234a7", 0x10}, {&(0x7f0000000040)="c21816d27da4f6b631c43f5de294e815490009167e5b2f37bd462365c9f065e93814a30f87d6934113e47c09d4b24b713ca8a8d533db8ac24e10712c8e08ae127ea4272371d35bfa103a2fad748c6040612156139cdcc106883f25eb03d8bdec5e98ae5add3abb8df6a96718ee3ed45ff982c4066cad7cd851150a77d87554315ec6e5ffb4be50fbb8cc5020169690feadb5c5dc81dd192658f6431050ac9a6235eb8c31eca80bd0a64b7bed4e24a26a533334d0526aef78115e11242be45429b15157bc55b01fa968021de4474bbf215b12102b47a0e0fbe60d360ec0ece1828a607f4ab6cb869c5c01343e5961184351aa52e33dde275a98ae74e86d70cb9d7e66dcb08e523a7f2b57c427068727b7a8b35d8dacfc05b00c95fb0d2c05e19f9b6f2ebc12dca8e9bfbb3db4878885f48a5c8f0fbf29151afa34da354ad7527afa297748c57a5b7b25c49b009a6d7308a077bcbf5c517296860650b61c24f58d6daacc18dec9d5cc60bdcc3b638f389c0ed0161312c775803f43741bc200c95ccca455b452832b4366d6bdd720c0d5f6890ebbca2c605e78d59ad4467ebf958b61cfd42385e5a3cdf6602fac11ca4ce4e9f7808edaaa8f99ab6a461b94b01adc2f572652c0abac1a607f142d451cc9e06e7ee87045ebf9ef53bca78c289b8846a6a742a307b9a10acf73d9b71631c75546ae5c9ac675a661def628df74ae3819ee51755cdde66f799baaa7b7b09c7787e0f9fac936850eec282c824a08dd11e6d6e59f30f58f2a55cee9c4376669ea458062b7ef6383708502be528e8d6322043c28968598c961c368ab74eba5941f635e5a209dc18e01510548f9434490323520b64939635307a35ac663334a053a3f8d76c14b730e0193128323952cc87870b0b2e09deaa5098865bc4c49cd0e720504747a8890dd467a53d7024be0ced2539ab0312d9d875b6fb3054849d3df00f6adb7e371ff47ec2c0d1c4b3384ceb6ab7d97515dc9953786421383355a680f145ef35d93ff3d83fe306bf7eda39a4e28a6547e9d2e95e6b1bca3dcbd23b99a35fb6b83c48020e0fa0013832963b094fd41d3e04943d1464dac5ae4770416198b4d2221c8c6cd5e81d8adcfd29b04c529d838b5507a552e76ef4610ca95c8ff6cf9e610e7d1d58b116305f7842347ec75a5ffad6ebae91fcc8636fcacefa6a673ae8f0bd363bf23f972dc93e25c70329dca3b0baff0fc0e2da8ca70ffca6c48dae87e44f6366903143855d490382ba4d5aebb32d3271cf8c04e5038ab1db1bc02cc40c1a0c7ffc003bc3ff1972020886c2f7cbd4003eb586c3eeed89cb854d673ca57708d7e0f1de17504bb646ec86c6da079d0c13ad5134cead958afc2bd6ac57c93aa64243e1677c9b72e453523c5dcb8b4a8b0172b80e9d4ed4317ad7890d836621eaafd8d0ebb4c91ea5b7db844fc05d08e09aa24eed75b30c095f3b0957ef4c162baf3d36bf2b7f27578271ff348e37474e27373e7bf01ecda14ef65e534a8c1a8fa3b7345813396d338661d0ea6133c8a18a173df5b843cbc0db6eb9d3224029a74e3614afdc3af15705a28c095c523ebe9bad339bfa31993447ed4f71396c4044134fee837592b1479dddb531ec088ae398561bed2fdfc8d3af92371243866ab965697a1fa7fa0dfc60f40b5f92b63c5596a28c328af312b962c4084e7c750197fce043d5eb538321d2deb89f72a1490d4e186b278a7d9370569a907fae362c544cf3c6826d00d6f84783b2d1b775d31940a2ec77b331600fc53a729ca51323d388d5da6d4c1d73923e580cb2b89678fbb3158fcc1c094dabd3b7daff2b4e8418e509651fbf3a7634563aa5c1215461f2b502b59ae053a27cfe13633523c41087420f671182af8da7daf3d8d8c88265ed790222501251054f6f200530a1297000b39826de06f086620be4be8df05054bdd4629aef758a726198774b40eb7e7ebb2b61955116c72ec2f4844fed04b4c157e976275d87d69f5aa41dd474c05d170800f117222d7f581b082e5991724e5d46580756428317b4dcf6db6b46489373729198e213505421387065edd4e22d2ff097bdc31e5282537fc8975c672756e0ac73ee49bebcd7b696f310e7eb6b61635ec60c7fcb77608b98d36353dfa5b38fdf994ca3183bb25ad211ddb1459460f724023e6cae5c29973f177bcf49682f9f50ecb4f3a72c67cf84986a8ea506c84a97c6463e33bd44c562602ce70d8a6c0aa436a66a22366337f5df3a612eb07e5f21fa0a0e046056d0f88f63f15c4eea7d15c649fde71930f6bd2af36fd58daa0a1ab2f2759c9102f9d59d154c9dda068c03fb1b11b65eacd1f4d387bbc98822cca5f259ed956fe4787dc942d79a692f44750f2dce4a86f50a25bc850835b888fe911f3ef6cf75e9403389c2018bd19be59b8c7cb7328d746eca8f82d4b79887420f2fc524dc54f9887925cfe7174132614340864148b113d9f15d8dc9486fb24a79028fdb699e85ab66293a232b71c61ac8b8401c27b5855cec8cdec2f695d2192672158f3e0b4e6bcd961a2c2dba9608e414560447f1df5b6a1dd01b31eaa13cdd6957ec7e24bfd8162f28da2ceb231c879b8cd8ab34844d0cf612feae736d854b57231e1d6396730d3051d71641e441d807c4674a11d3e91f508c26b9e2b7e6303b561609f056ecda74f5e29b1401c2ff14281234d70747401042d66de23bf93106a0b6021a0129d01846ccdf9da8aa1ea5597b6034ed8c5361922ba01cdf1ccd87317de09b8c447945c1b5a96f3889b229361cfdcffc4b4c28484ff1ec3659c9fe275c2cbd0fe60741cac3c03617427d70b5164b9383cc7cfd75acebdc128a5ab977d3c91f407e7e1f3202899576ba4b6a29b1f8e8f6a0b39482cba579cf1c72d00e929f3f7a5243b7e8150b8a0954aacf5438df823c86ec3383ff0e5ada96a0a1e77466da455f24017a373298cb4da0bbb3069955db46db370714458e4e71e2841b58400bc02d107049f2a462033d1e97fa3b59dfce7884eaf1976b87391854166472c373b913009b2fd58ed98218d2e52efd3261bfeb7534f3aae9536ea98945525bcf799c79a76d074060c9fce03fe770d2ec7551f7090a79757d4deccaa428b35debc715e60bb762fe6a9a99e4d3077518971192496f6cb5a7335369434cb49ec2ae00b9c1e85164d62a08683a54d51fedbad98f04c99f0d945bf2f2bd34d75e4a76201c0185cfd500060b2087997877b25ace29763b031777cb029417c98a50e927d2292a2a75960ead416f6a98ef87311013ae44d1d69c9fbd92dc08746fe4309dd91aa5acac1aab4040bc2dd726e320258ab446aca1cab2a6f4d3345030871ca52f014160056a32861ba9172a32a0331dd568bca9ef433088767b39af24173836983b8c1eaf072f51f1801d2cba2abc6492df2330d0a661b020166f822ad1ad11e249c60aae1f10860c6fe635161dfd9053c6a96fba6ba5c3ce4f383753059e4682e85f375ad18fb7619fc4d2789ffd6fbfa0354697de2ce12270ca20292d8f08edfe7cbe654f40bb4516686764c6c3a9b54809d23b37d2c86601a941059b11f7bbf35f1d005bdd21f4ad11528e52ce8f63ac6f6327fb752ce517ee1ecaf6584dd702a2bc0cb8b0d6f39c46310f975ea9242d655272c587fad39b2958b04bb3fe1ff9a596ac9a6cc5c4d5498929862fc411a597a32249067752db06d74f0abc4f76092255deb454582daf1eae79f280059bcfb4d5f2c10fac55281be738c53f628827bc6482044eca81cb15f9036cf6ba631f27bf92ae157a3c8820bf142e9196a9e1f324ab17e8fa7b7dc72b35316af2fd29150d01b254aed47e526a406e6e095070d719a9bd1017d70b6dd0319e5f6e04fb7d4a28f23d06e079f3eb46eb537128d2b0c0666d5d06734b53bf5f165ff0b8d973b1a21038a419eeafadc9b0864d362eff76d97b98acb5564180b1e8778749b2fc698685d92b1ecf413a05dc3e85a549b816d626560fb6d9faf583e38d79e020620f71a3fc044046d90adfc2455f62e605c6b758ff90531df00e789df68d8d14c3449430f65fc8720a10e7740c5fe0132b5778225f01a7ea648f5ef1557a68ec34356d467f56fc3578a90f632a522ec5fa3a6c017e410bbfc10b7e79e55310dd09830111b1d1969a4f85ed33fadfc518cbd3ca3dee56365a6f57a244542c4ae08ea4ff5dceddcdbfce07a251e699f43e992a6744487047fba8850a837c33620d1ab66cea35868300ba91f769c4f799910a1c5158443e970da6ae16034fe6404c039176c81d8d1cd2cd8e80fc38323a8ed411c0c2a635140023b5bbc750ea03ef9eb9e28f4f66fbfd8d9496403efa7fa8ea574b163d3acad3a1b9ca034bfe35da904ff4f317888070fa141312ec7b685cded75eb26f312aa8be4dc1a37bfaa76cc830fe9a1155920c5f05998a95b280ec31c3906152fafcd9c48863a603700c4f865342fd4f342985f93f75b74f3c8d0b9840ee2e1d72f3327678405e1c4e8f94186d0ff3fc41ec351881472268054cb663a62d6de786b6e013791c1d081c756cbbfe2cd0b541214d21ae525e83ca257d466d5943b5ec8cec5e47fa22577259b9049beb66e09d9863e2d15a49f6046b2e719ccaaba4b751a909bdfeee243816c140acca66c270c6c7ccbacca799f9c84370aea95fb288fad3fdf2cffbef256b5f8be5c425617ab3667a741429c0b15aeb093866f297166259ddcf32e5ae33f5ece31349782d2da4bebee8951d8474c0e6aaf6ad52098ad3d430493a63039544dc0e70e78756792fca56780e47f0b22996e3a1bc9736d6abd39d10ee1111df658d45b849699c71ca4e13da64a22bb8c9b4666c79a90cf60e148b8d12f3212f5cef1b09e4ea326dc9dc4d464a85bd8f34855adfb60f845f5fdc33812f4dbfe52a0ffaf7d713bdaff8b0f0fafd286ce82f90b434107be25d3b95cc70afb7d8fca669a2a3b3d8aaa221f5856dbb1484764843f3709d69a7fc4d597f515b4f9d06d164a182be7c8d4b51a13ee6f1f9bdf950d2951adab8cd08db361f6eff20c3d4ea56e8700c683d8048c8eba054a685e3540479e32a0c95b9666bfb84f7905d32be75a166229c892a271cebc53907ed47c50009347b9db6b42b4b5cc4ebe503d4c0c47811cecadf166d9162c13562a54e2428fddf438dcc6a895370023f5f220491b850c6310bfe22d4397823611d1b91785fd480de869457456bf7ddddb09061935a045b5f91318d7708389ea00f6e998c3bc669cc442b5d06781a0ef9b68054fc0cc65969d755265bbed1dd1bb4f030c15bd39b693a1eba89cd4964a0f0986927b5f407216fb00be334d53227eef456084eaa80c1d15b9de4986dd5bbc753041a50b1036489ab842165dac683b354e9cd451adee0a603342b751a5af3fa0623560cd0b1eb8009fe45fcd471cd82eaf94220c441b3b254ca7ca700d5d2ac18efac6890655a1aaa3e1d494d55cefd94b85130126c11d753dad320cadab35d3ff41915acc3ab3e0e8d8be806297c75decc18317321718153c9fa5b9422bd248810ada01eb204a5088fd0f3c7943bf0008cef9af0b7b8d812607ca208ab190f51017e6b632e08fba4491604449cfb622551483e40a1bd591c0561b7417301b3a4b3658abcbdf122cd4b275ce01856fa68a9fbdfae82f090ae00f9e8cfcffe3d8465ce17142d0505abd8f89da7be06ccb9522d9e126db02e55ce207ec1f825591e514513588f7b043f156a21eea85b7946979965306702f8d90b6064e6fa0433a88ef9c83ce1e2ae45fbf", 0x1000}, {&(0x7f0000001040)}], 0x3, &(0x7f00000010c0)=[@assoc={0x18, 0x117, 0x4, 0x4}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x1f}, @iv={0x108, 0x117, 0x2, 0xef, "206f7978caa98956bf4762d02b2c0e8af12b58c1207ccd4715680d6ae30778c7836d9b3ab47054a405ab922f0a17f89bf019c82d60be8c94317ec15179348ce9a5e7efbcc78cf248932cef2810113543202497d587731a2f657260177afdebbcfbfcf8472d92071ff36e625c0401f7c8c7f89a6c47886d5b6f1c8ec5369f03bcd9d469ea76f2f7788ff0a625c95ef8efec3824a720c20dd09cf0cb5a297f2a3995cf134f07b856ea72e4cac21f971fee1bbdcd6690d620793e2aa8d1b8d14d39651458d7420e86edbde42946fceaa3e681f24ca4241f2bf047479dadd53a62bf168dfc93e8111080bca09ebb811624"}], 0x168, 0x28000000}, 0x0) 02:56:26 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/member\x00', 0x2, 0x0) 02:56:26 executing program 1: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x8, 0x0) ioctl$PPPIOCATTCHAN(r0, 0x40047438, &(0x7f0000000040)=0x2) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VIDIOC_S_PRIORITY(r1, 0x40045644, 0x2) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)={{}, {0x1, 0x2}, [{0x2, 0x4}], {}, [{0x8, 0x1}, {}, {}]}, 0x44, 0x0) 02:56:26 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x23, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="020000000100000000000000040011f7c226cf70e8000000000000100000000000000020000400"], 0x1, 0x3) getsockopt$nfc_llcp(r0, 0x118, 0x4, &(0x7f00000001c0)=""/81, 0x51) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vga_arbiter\x00', 0x20000, 0x0) ioctl$BLKPBSZGET(r4, 0x127b, &(0x7f0000000280)) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KDGKBMETA(r5, 0x4b62, &(0x7f00000002c0)) sendmsg$TIPC_CMD_SHOW_STATS(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x90689b5443b17fb5}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x312, 0x70bd2a, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2004c800}, 0x4000c00) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r6, 0x84, 0x12, &(0x7f0000000180), &(0x7f0000000340)=0x4) 02:56:26 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="09000100", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getsockname(r3, &(0x7f0000000100)=@nfc, &(0x7f0000000180)=0x80) write$P9_RFLUSH(r2, &(0x7f00000000c0)={0x7, 0x6d, 0x2}, 0x7) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000010000000000000002000000f3070000000000000004d1285e6d74615785d0aa426f41890639e3bfe5bd716772add687eb57168161ae632c47b5b219d16f61f09db76ea21bfbe9cff4", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) ioctl$PPPIOCSMRRU(r1, 0x4004743b, &(0x7f0000000080)=0x100) r4 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000)) [ 323.325197] x86/PAT: syz-executor.3:12049 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 323.341820] FAULT_INJECTION: forcing a failure. [ 323.341820] name failslab, interval 1, probability 0, space 0, times 0 02:56:26 executing program 2: kexec_load(0x0, 0x3c8, 0x0, 0x160000) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/l2cap\x00') r2 = perf_event_open(&(0x7f00000009c0)={0x5, 0x70, 0x4, 0x3f, 0x6, 0x80000000, 0x0, 0xb63, 0x1000, 0xb9f4f41be5ec2cad, 0x8, 0x3a, 0x2, 0x1f, 0xffffffffffffc480, 0x2, 0xfffffffffffffffa, 0x7, 0x2, 0x7fffffff, 0x0, 0x5, 0x1, 0x4, 0xe0000000000000, 0x7ff, 0xbe0f, 0x5, 0x9, 0x1, 0x6, 0x3, 0x9, 0x20, 0x3, 0x3ff, 0x9, 0x8, 0x0, 0x5, 0x2, @perf_bp={&(0x7f0000000980), 0x6}, 0x18400, 0x0, 0x9, 0x0, 0x58, 0x826, 0xd7}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x2) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r4 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x40, 0x4e6000) sendmmsg$unix(r4, &(0x7f0000000100), 0x0, 0x240400d0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$EVIOCGMTSLOTS(r3, 0x8040450a, &(0x7f0000001280)=""/4096) perf_event_open(&(0x7f0000000900)={0x4, 0x70, 0x6, 0xfb84, 0x5, 0x0, 0x0, 0x6, 0x10088, 0x3, 0x9, 0x1, 0x7, 0x4, 0x9a42, 0x1, 0xfff, 0x0, 0x6, 0x80000001, 0xf2, 0x3, 0x40, 0x5, 0x2, 0x0, 0x10000, 0x4, 0x6, 0x6, 0x9, 0x4, 0x6, 0x4f6, 0x0, 0x7ff, 0xfe9, 0xffffffff, 0x0, 0x2, 0x4, @perf_bp={&(0x7f00000008c0), 0xa}, 0x20000, 0x3f, 0x8, 0x4, 0x2, 0x3f, 0xef}, r0, 0x1, r2, 0x1) openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000880)='/selinux/avc/hash_stats\x00', 0x0, 0x0) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x47a600, 0x0) ioctl$VIDIOC_G_ENC_INDEX(r1, 0x8818564c, &(0x7f0000000a40)) [ 323.433555] CPU: 1 PID: 12049 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 323.440620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.450070] Call Trace: [ 323.452675] dump_stack+0x138/0x197 [ 323.456326] should_fail.cold+0x10f/0x159 [ 323.460486] ? anon_vma_clone+0xde/0x470 [ 323.464564] should_failslab+0xdb/0x130 [ 323.468576] kmem_cache_alloc+0x47/0x780 [ 323.472649] ? anon_vma_chain_link+0x142/0x1a0 [ 323.477504] anon_vma_clone+0xde/0x470 [ 323.481548] anon_vma_fork+0x87/0x4d0 [ 323.485363] copy_process.part.0+0x45e2/0x6a00 [ 323.489976] ? __cleanup_sighand+0x50/0x50 [ 323.494221] ? lock_downgrade+0x6e0/0x6e0 [ 323.498383] _do_fork+0x19e/0xce0 [ 323.501834] ? fork_idle+0x280/0x280 [ 323.501915] ? fput+0xd4/0x150 [ 323.501924] ? SyS_write+0x15e/0x230 [ 323.501937] SyS_clone+0x37/0x50 [ 323.501945] ? sys_vfork+0x30/0x30 [ 323.501957] do_syscall_64+0x1e8/0x640 [ 323.501966] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.519541] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 323.528266] RIP: 0033:0x4598e9 [ 323.528272] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 323.528282] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 323.528287] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 323.528293] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 323.528298] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 323.528304] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:27 executing program 3 (fault-call:8 fault-nth:21): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:27 executing program 4: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, &(0x7f0000000080)={0x4, 0x8, 0xfa00, {r0, 0x1}}, 0x10) kexec_load(0x100000000c0001, 0x0, 0x0, 0x160000) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000100)) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$PPPIOCSMRRU(r2, 0x4004743b, &(0x7f00000000c0)=0x8) 02:56:27 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="82689fa7", @ANYRES32=0x0, @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRES32=r1], @ANYBLOB="48e4ae6d9e7649c884c8eeb9a224480d7482c28affa67e1fca71373acd46e36f8826fd1238399e1787135a573bdd8e0ed6c5aec1b400c2e4922551ba3f940b03917cdd9f8baa7b2cec9b40057b3860b059c39a31f763200c1e4f7687101407758daa50834256f8e8e9574478411e45ef04e808fc0859938ca77468485ee0", @ANYRESHEX=r0]], 0x9, 0x0) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000000)={0x30, 0x5, 0x0, {0x0, 0x1, 0x3, 0x1}}, 0x30) ioctl$SIOCX25GCAUSEDIAG(r0, 0x89e6, &(0x7f0000000040)={0x6, 0xe938}) 02:56:27 executing program 2: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="08001000", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000000)) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:27 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x40, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, r2, 0x0, 0x1}, 0x14) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x80000, 0x0) write$P9_RLINK(r3, &(0x7f0000000100)={0x7, 0x47, 0x1}, 0x7) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 323.552914] x86/PAT: syz-executor.3:12049 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 323.608686] x86/PAT: syz-executor.3:12049 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:27 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) io_setup(0x47a, &(0x7f00000000c0)=0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r7 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r8 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000440)='/proc/capi/capi20\x00', 0x2000, 0x0) r9 = dup3(r0, r0, 0x80000) r10 = timerfd_create(0x5, 0x80000) r11 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r11, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r11, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r12 = socket$bt_cmtp(0x1f, 0x3, 0x5) r13 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r13, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r13, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r14 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r14, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r14, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) io_submit(r1, 0x9, &(0x7f00000009c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x7, 0x7, r2, &(0x7f0000000100)="179f30aa73c62f4da31bc4776f", 0xd, 0x5, 0x0, 0x0, r3}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x7, r0, &(0x7f0000000180)="7aee29cc8f7ac0d00d36bda0aac346", 0xf, 0x3ff, 0x0, 0x1, r4}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0xffffffff80000000, r5, &(0x7f0000000200)="d4505646444185a88e271ba5a213d891568d45d44bb89ceac4cc655e8c3d20c556f2d2a4a8a086f503c0a852aa6849b2410b708561de1e9c78f8a11c251a3da989130408f8928910eebc6f09bf699d15e14e859263f8071f14fba127a949ed7d0c326815bfb96caf570cadc28ca3f5e7b358a29be0a7d9b393cfb51adabf5dedb031f279ed8bc38273ada9885502565d3543e4d04b1965bd7be47a7adef9c4d0bc8040262356ea095e872f20a6b33c181c2f49a81425", 0xb6, 0x100000001, 0x0, 0x3, r6}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x1567, r0, &(0x7f0000000300)="b05c4ab03c4a31b088449b04e2bbabb859d214728aaaa3fb887aab754a2ae7", 0x1f, 0x35, 0x0, 0x1, r7}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x6, 0x8, r0, &(0x7f0000000380)="b7ad418282589c5920d05d0aecfc1aedced518fa3f9a5a85957336316c9e0e748b4ffa319e59add8d48cec021950e908dbb4aeb0d9aba55c6985a0b3e7df2a73f79b4750b8bce4f8b8a6fb9cb761e2739d1b4df0275b6b83a4468ab3c26c048514530a430cb4c2f8b118c5374769290f4f48f288bf4ce1e1363302d4b2f8b40af92f756aed660172e07a8996fc7659415dd0fb03", 0x94, 0x100000001, 0x0, 0x0, r8}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x2, 0x9, 0xffffffffffffffff, &(0x7f0000000580)="3f5d063f9374f11be29bda94d9b648052f09c2161afde9bc46c4c9c2e61e9e93eef54387243e147824df30ba23e10960df0d8461ceee308eb4d67b9e4e10888f56f39ccdce258603346bea22e7b6920878ae255c920f4ec57ffe1836d56bad42b95d96a61b04b19eace138672b6bfaea2e961618fd915416acc7f55dffe56682d03009469116ea1d4bbe7f8b18907a62860f1dc547d3b0721fc4c73d93c05d20236154a62e0a57158a747615591bf4c3e0572fb181dfde35b54cc07f5af7eac3", 0xc0, 0x81, 0x0, 0x2, r9}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x3, 0x9, r10, &(0x7f0000000680)="6bbc7a03ad212f6b947f0c4fb1274cd68f884fd06a3cdd3bc117130af884a72b192982b8ae28d649afa21a0e9a8e9e82f27faab14a82c2824490a57a5b4315fbefb7a02458637664385ea96b2da9783c0e89fa076b4b02d5d868d32d16624737eb0c1b9abaef8ea52d7199f14f97b5f1492a52116d688273d095bd2a047693e8fda58ff70066be99bba5fdeddebca4f9c0454647b44e5cdca3aeaa2c686ad8b10fcc253110c892a01de42cd0427cceb439aeae2cf63c5c9440888fec89c0a5e2b4688f7f12da89ce0a2eb8b3c1a24fd9d043ffc67787502896", 0xd9, 0x5, 0x0, 0x2, r11}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x6, 0x100000001, r12, &(0x7f00000007c0)="9d47c4c0ec3cfcfdc4696d521c1e9d58cbdfef191d75460685d1656667677ea0ade0a2fce11c08a7a044a0b6b88be22c5bb92c000b52dc9e1ac71c14204471d5a089dba538341ce26de24be03353fc6a0514e99c2f90428cf2bb60ddc10a9469afc85838de5778d044453fb9d0f72e580bb0bf362315fd0d05db1d32a860eb7dbbf43434cb9a7ccd4dd4982dff895ae79fd4f60688680d80ff378ed17043c868fd13c8ecca236a052eacf946e989619c70a7cf8c737f9489a46603d4388f623e8bfb65c72692d726d0ab2ce17e5d5a7d83cf84500dc6f183d56646e0e86b67d04e7ac32aac17b94c54ac817d30263a1d62bcb65a1354e514e672", 0xfa, 0x7, 0x0, 0x0, r13}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x6, 0xcd, r0, &(0x7f0000000900)="dae0dfe61e37e3334b17af159227bbc2d8d505c37692eb21a5705cacb094fd2c857226963c1ee52cad4ee4a0d547295ac15da3fb31b2ef93ed344286a806e22246", 0x41, 0x1ff, 0x0, 0x1, r14}]) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000000)={0xe, 0x0, 0x37e, 0x2, 0x66, "12458f98ba7a457f0eaef9d42d763b9e45fc14a1b95860f73c8fb8dd1d0dd5f9d1aa68e814ca0a6351fbb23f324ec490213c6cced204151885f6611f35e4298586ae62ac47d30245ac1803f5d4a35a9e273262d3838942a33444991711b9bb1c17c5b8e29dc0"}, 0x72) 02:56:27 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000040)='system.posix_acl_default\x00', 0x19) r1 = open(&(0x7f0000000000)='./file0\x00', 0x80000, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:27 executing program 4: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, &(0x7f0000000080)={0x4, 0x8, 0xfa00, {r0, 0x1}}, 0x10) kexec_load(0x100000000c0001, 0x0, 0x0, 0x160000) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000100)) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$PPPIOCSMRRU(r2, 0x4004743b, &(0x7f00000000c0)=0x8) 02:56:27 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 323.785699] x86/PAT: syz-executor.3:12091 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:27 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x98c84d931596ff87, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r2 = socket$inet(0xa, 0x801, 0x84) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={r4, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000580)={r4, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000040)={r4, 0x7fff}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000000c0)={r5, 0x7}, &(0x7f0000000100)=0x8) 02:56:27 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) io_setup(0x9, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0xfff, r0, &(0x7f0000000540)="e5c85b05b94d75cc47e68c74ed48c3523484159083f3f8212e47d83da0f1d373c0c12a26319338fa7c8643d0e31a595a09a01663c4f90ef45188f2c2d578b9179f5f6a0ed8d81bee7f6b85dfa226b8e9d53da79455bfbbc9962b71e138a8a7ecec61e93e575c22733dde141d0c0731421e2fff5c7ffa45ab8485a2d220bfcef310612c0b87850ef271de987b26102b8821b52802c3e69baf967305b52e9a7a2a9c0cd6836712a584574abd0fcc74a4f7ab49f3927cdffa3c379d246eec0a1835e7f6bd36183fd7ab59bb54f0c28985d735f5986531d6f0e3349a82e608698bafb15e23be512bcb686f5bc353ece5fa95ec9ce56ab2cd135ae8d0b948aa22b84c8b88980e572a735cec867ee50f04b0875a7093f669ce3cc70808b7545238937a4a9de61f48e6b856ef57be1293ace525b1a3d662b4ca5b1fb3a11105c2216f3d2379b3f77f1ec6e1936cd1744df2172d5ff6c1767f47f2cff90b4caca1c77eab304a4fcd1007c3a59143fbf2118c9f639da40b24613a3e58d60c0ecc645ea05e096dbd0c446c70b4dd374cee6b83d295682f7bf068fc9a670087ecc7ebab36f6a93678c7274f366dec7152f03479e41b1ce8be9e4ff9eaf7b44890a90b9d151d134278b94d6a0a7c8f98328419d790b8c1583ac3f9042fc712456955b0910f15c538986acd3c775849409a86394b094c24ef9060e9febcf97d96c7f989e635e0c36eca78c7dc2247c172c83b3a6969ff8e4028ece75179723ac72a1636fd768646d50a9a8c8b667e3da6677f3ebddb71cdbd309068a727b6ad1ad5d0ea84a88522ac27df77d33925f7ca5cfcad29c1974c86c4f24532f53da86216d9f1ed5ffcf5bafb7bc3f5143ab5867f3af4641ab32f46dbd3c00829f1ec69819be3e5005f24c8cb3db89a34bade1adcf1e6bdb8a9fe20d081065261c13ccff92166259a72f4d33e53c984eb19d285668feea4940c3350cacd87e219cd995d528b98db65d17c062615fa716c27d6c8659db13de0334d139ff7b492168e01316a5244e8cba11aed64c24807f7a0a6abc08f65db1a30caee3a5c5168ec0ecc4ef6c921b376a659fb73f7738f8214433ba5936e2ddde129b6014657c11959e5e6e1b545539e51f64c76402bbefcd32d8eb8eca0bcd4ac7bde3b3c717c6f9a18bf8c70e8ca6c8dcff07b82bb330f9712706ec1b6e51a95210716daad8b2d22f6b012061e65764d20e5941b1db88fe1c3264825dea275ba6c89b1654a00bc1d436cdbd17387de6551166523b9795f1949ab7b1547c90ab103fb2a7f0814b9e85cf0209e1356fadc22b21750a0cc34f42d0e4447147d52f968b649be9bbb54e5241f3207566d4fc556831ddbd54b88ab10944f6417383f0375882b885038c94333e494c9fb519ce9a00a20e3642447f4c54e1fd6d6167d33d195decdbee36ef7279273ac3b9cd1c36743b561ac87d6d8801e3f2a4205ce928e179ac2f05e87365cd3e4b131834bf124a2704fb1623da8f2176bfa8cd60c60a9311070455b860f1997e3687eafd29ae413490878e9d5b8dab346c5bbf217917c60516580782c8d2dd96af8a8ecc6dd03ec7fddb7cfd2ef95beeb4d708764058e48d17c6c972bcaa9ee3d7f225528bb8f77243df1b07ef9c3aaeb1a8f4ff9ac2282a6cecbe02f0c341f7b6699f04e2c5d2adaa1534139b1b3b8eccdc8d5ed4763e6a55d83950adc5743e83534737948b464310db3b0f5096ca45a266b71207f0b3256dee4ff3d7414912f334a179864cb41c5e42284f3a85d10d67b87b4fb9a0a718b2635c5e684c3bf7086fb7089720710e9a751aafc417d8e226150cfa8051431103d44c5546f36d3a9d806a8d64b99b52d94345d865dffc27196ef11b79804c39924e2c8f03fda5c6aafe35777264e0df359773cfc2cbbda27494398e09c881f709b7165f8a107d17c67783198708def57c5f4038c70c8d26dd92685cdef940533d79fd028b8d6767431a00ed85a520589fd3a696a585861dadd3bf701a39acbb395ba604a97b94f1ad4e4fcdcc99c9e046202da77427da2e1324cb48570347405872d81633062c6be0b323e230d2cf802c2151277cd039f69c6d7a92de6d265ca7b0d70cd38764776cdae4ad6729671550f574318862090a677fc54c99b60f5c1cdf8dc6d4f997eafe9d181911e4d22c12cf36aba1492070684034d6af22851ce8563a68f2060af9578cea094ff89320de688cc7065038538c11046ab4cd4c53e7dcdfda0ba41938b6ce88bfb57a224a6fd4929bcb68efa3240c6608b49bc2cdab23ce63324be2e8662e5155c47e03e811c23473d78c046fcbf6d47c4278727b248237b39e944ad849e5d7177f2910454e539dd781bcf41710008ac6f828b6275ce58c07884f03cc9588d0e92e6b7e4d32c7f9019254aff15d6c6fb8d5929ee0385da2f68a51be79b891e1292895db451bc560071f8ef4e142e929743b155fe746f5941dc20bc401e8c1b0065bd5df6a3bb2c8b6a90e36261051ca8f6f8f43c3f21f087504ca59cf740674b8126c63a97150f328d2107864b77bebec9f405f27f44c2fd4611577a3d3bf87d961e565a5e823558affbc4bad601eaef20a031e010f1e5c64185f733b982d8a9aa778e99a96002c1a6feca170f1221e32605c92e4bdcc32fae8075ff802eb14fd29359a5d42c5c3828b0b2e190d7328e1b7079f17cc5e277b7744b6a1f026844935edcb4bce6a5a9d839abb54473af140a7cb52b2836ae2a1d52773af154587fd3bd8f7fbbed0a55ec345e17850df16eaa1b0527804591773221f6c7678d085f6b1b4981b3f788679f317789c1c20eec01268e908cf18d7fb8476f6380b43d6bf295b6defbaed8c49a3582961e5a831ca30088108c5d1c762323e0fe364501f9719396f99e41fc68c9ceef87ce43f5ecbcb69acbc2c4967362f0e7c6917eb5e1ccf6ec07b4955739cb4ab1c14115e42663688421d66bf2029125423a88854bc061b61187f06835fe4c61159daab6d7a1440a6d5067a13d7010407c7900e094b30273278b5a3f467d4341887c84847c1b41fae4272b37d2eb598960475a5f78c68da4a286d7059152ddbafa832b2f48139167231b3189e446631acc37222cfeaa6caca05c2971606be0ac4caa7ab7b4e4c98fea6a31f8d43e79ab63e57a6b234db68b5a8743a38dcfeff268f287d5d5cd86f342fbc9d673c251e4defc271e3386de932ae376c6cf059a8889e0648861aced7ef82cad546f51488a714cefac6816035be45c3d0bee359c6d22f5d5fd418f539b81997e7970640de5b58a10ed558776196aec8818c4086c513efbf42415f99321f460760ed6345a878acf4d5c154ae3c15e27dd02f75c937487a43fa52d41b855f351a8e0ef854af2fd0cde110259c80b45046576d3ca9118c6c7f0bf9e5ea80765a7d01c3d8d8f9bbcc6b77c01123a985542aa609082e71e433748444f9867be84b378bdcbd2d8d4eeb30503d8f38b2001cc7b334a8a442e31db4a441024b035dbec39eca10feb55abcdd92c0787772235bf968e30fcee2b8cf3bdacf93ebd2f7cd74c261a44433b5c87f5ef19692b63a7fee16f804cfbfd99236fd6323d0294be531a24f0ec5812c27a34bc08356a7dfdb31ab7a95b85a7a2f75ae01a1332098264a1ce83205792358a83dd5cadaa9c1c359107e01095856e764c1fd957ae05aaf7de15987d50dbb5beb0328f078e4a00ef0f4fd2706add1ea92ad179b84a6bd2eb85f9781b807373beea419e9fd44f4f9192a449b8533979cb50d3febe0f63d607c9fcea36ba78de5746a6a16b54940e1a3c275609d7405dfddb9ca2657abfba2bae9d6321a72a58ccbc9304b14f7945741badbc1833ee72986adda51dfdf870696db8a35bcac0a732bcdff71297d8c1352c806ae55074d12f51554848825b4a60f7697a8a854f73e653357387e260b654dddd78f8ff3dbe87b73e03abd14e7ed988c5b5e466c834bc4f6e819eeaa3f0e8c57b8fd098a5bd3d31e9a0d1c454e72fabeef52207e88d1d627d2ed09e8c90c6072f9e7213bf85bc5f58abe3a0ed98e60c05c932f57481959580a5b7ebd8e820bdad1b3305d9bb194612df7d868676ae437ea11bfadb290d5593e77c142fc80ff6732f1488a36848bc2bd0f23a56e9cd0b0308579e09c489b8a55b75d87a4f5f208e045688f974d37b5c9f348c48f58528125cb0916210aa59f0e68627d9e6972da5faf6962fce9871e9d5bc0742caee550a32060b31fa50aa6c366d2842fdd5e041833573908898f15b3d9f19fd7f9152690df9810c3a89ac536782e1d79df5c187eb61a8c986bb2aa3ceda4667132e11a8b051ccedf1c48b90318ecbd21afa0dd350fa1297a47f005f9232d4c59029d4668a7b2644739669397018f3f9147ebddcebe44d94dc4ac95cbbec001b64dcec2274e1ae6f467bab79c2d64648ec7a568c51c52f8e97f16cc7bea74baa2b0344ad9a7445c854f0d54e4749fb833a9165ecda27c39dd383ee70a71a8696946ade799386a7be2deb2619d97b8f568c7bd4eb149edd0c8011a992fd097a82712e75b80c55313db725050b642d7e8d3705d5fb82c68daf0c3b7bd2a931f2f9c46b90a5c07a6a09eeb8d91088aa0c56d35c929fc3864084fd4b24a82a45d0ff4ac6d2ca773eae52e8cf3e92c691342817bbb8a872e53ade0915254fb8e2429b024c9224a9938c0196424f2f541d538cdc2edbcec1e33f3e865ba131ad2e863b3c88b2b12e1bbbb9ca605ef8722a0a95fbbca93f4cdaeff874c4ecb181f2733e590be737667134c07b307f3de39e4cb66f41ba651a731f6df7fdb9af249325c421753f0c70b88e634be75fee66a94a3c92f07ed47e331a030586d9761f0b9ee3b2e6805b0fe20f50ba35001d4046a7165d9c997deca6452d7a8c44d1fc7968273d98809e1d09135fa215914e4ae8e263a32edc91ec112eed56fd37e488eab4f53b7b8376167da2b7bd61ce634fbd60ba09badfbfba491dd351abe4aa02c301f523de609bf76190050eb6f07f1e03c0205f6a55d720ff372225632bddc753d92aad40cd155903484b8963060bd5e0bb28322ff28d1b40c35a99072c25ec5b5f1e7a31390ed4cc143a8f30c7d89ed67184111cca36e6a2ab4452bbbb9b988b2789274d25b739cee729812018543462c911331a93d3980f3bba7ca6d34d17290660e481ea6ab6e7611131838eea3def663fbe2f489006824f32e24c47f2203b6edb656757084fa4778d996fbf4a8f1305b2616fc36b405c76ec9a8492bc0940610bf34abf0d5f9a168ca8260506a843c255a19324d2644d98ab500edd50f695920d66e8db760632da82dd2c4c7f2e846def86a1685e9dda1b753aacd1767ed554f424e734734662084bbe78c4bd25921a8d70f8ca7439d46e1116b848ee899886314fd423612c513def472b6e8f0b46e0112f833b50dbe7b354860535af3dc7d97f94c3d5b3078549b1137317b5d0f8b1337a0cd0fd9515511285b3d9f21d6fd5bc4ae3e7417594f49413904e812dccb33f45dff6989c73adf03fa670d13676fecc5dc53f3d662410d1fdccd5276b6bb5e28fc04fab4ef526e86cd3b43b19c42ba2c871e077abc23c19934144b91d2bd169970fa6a4e23e9deb528520403d02515ebe49a62add741df11d1ac1755b56f7d14cadb0da817e070e8a61d52a99cd07e3cae19f958af2b0e392b0fd43f941d224fee4bc59a92035e008b7a36c8acd6720d507fd7740ad2ad5ab3bc912bc25ecb290be6421198b8f83d80349c1368eb95725f197e87e4d331026a80692d66bfb29", 0x1000, 0x679bfb87}]) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="2373cb002ff045ecfcd1a0791c972fc6baee2a815260945fabea85a08c704405c3ebeff067ebae01bfcf868fee02a3d2670aa168652c000453439fc0753d313d2bac912d15266b3636f950e52d812e925c2954336789f781f2bf40000000000000004ffedddba49851ed72d5bf7a9a069621974276", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1000"/16], 0x44, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x101000, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000240)={0x1fd, 0x0, 0xb000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000200)=0x1, 0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 323.843124] FAULT_INJECTION: forcing a failure. [ 323.843124] name failslab, interval 1, probability 0, space 0, times 0 02:56:27 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@empty}}, &(0x7f0000000340)=0xe8) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, r6, {}, {}, {0x0, 0xfff6}}}, 0x24}}, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001600)={{{@in, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000001700)=0xe8) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000540)="e9b66cd706dd53c76d3bb35e5fc327b4d44636e1b0b9e4b21b43bf2c0100c5cd76d87e739378c3182a925c2a8af85b2bc5df4fd9db26f89c797392a717fa6a1239f27adb25da573b616501ebc8a6dd2d52127d302797f94d94293fa2810c717d0f15876639430cddcc5159dbdceaac0b80cb0c96d1eab41180c132f1d8266a2fdc34ed247b79849e783c63f268b35a0d734e324e0d3a354270dcf27aa83dbc9293bc12292363d68e927fc5a7ab2143dd6788e360734c01e0361813254a88e9ff5f398e096a44c241dc417267277574b85a017742f5705d8aef985a05dcfce34469b6e376b2578b33d548aeaf40c56fe81f4930d9790cbf3b686f50521e091e7dc137d0c3137b54afef9ea05525b61964c7166425bc22bb9ace2c807c44571949765c358105bfddd38bbb4b3c65bba23144e9a881716173bc952f41b20d6de4ce1525e55c64a7dd88e84ccf2251869363bed8fb94125dadc935a3e724163f5df101bee75de3dd0bf81e16e31eed675cf924dd91c46264e7ea5d5bca4aec23bfa17903ed5a6db827042ae91e609e224bf7f40041ff2dc5a4820ec296ad834043cab265a9822381136f829535e657c95fa1665c0d07878f1b0ec5cef2c850ae254e67ff27296e58d216131d961b7c642cdd318fd6cea3c275d4d45d92b8726d344d3226acf338deaaf94d3b090e0224022ea81091942681663c7c0bccf9724b795e20e218e2808db44d567ee467811715575e5ddf6e451a7c6b895ac3211fa2e8da47342004b943efd0dbce980f74105ad3eb87926d47d12e34272405c578f3c8cecc5b641f9fb8170530e8eaaece31d51e2c1b85643b584be5aac37c8909b5b37c1a2aaf017165241b05e90246e73ef3313837a09816c88f273bdd42e41fb334d3d1a351243c257c127db9855543484f8480c8ddc8816555a177bc90365a083585e96edb67d9840006e70fae5f53606e96dd3095d01a1dcea798c238b6f2c9476fb6edc2474a946ce8601eaacfb2fcbaa51a7395f914236a52d8450f6e41e69409121fb452482861ed113850fa6ccc7aa89b6474b92d6d201bd63fb5b24bbeb696ebbb3ab4f8fc0ff8bb41b3771bb629e0e703438b2f826eeb6669a32ef06a177590ec664ab3075c58adfcc2eb97945b42dbbf77157417cedf6936d4750c5855c48acefe45c5d205037dd5d3458be8dce817fc34dd2b5ef37f75813b08b8edaf9756fcdf99e090083a834b18a13f231a7a927e506c242d00f3478666469e00876a8d6eb9a657f39c1be2871aa89fc1e579bd7924c386b0e21142be6b93c2281665aa662541705fee3dee47dee2bced6cf35ee402eec5874e36a9ce33c49eb1526f55c48d78ae2515ecbe7be1251e4fc36c4d48b125ab327fc9432b6896f2719d33a907ce03b13b27943cf6a6ae918dde8809541ee117edaa6fb0a8e5d33bb0972c0d44e6983a41dca3b10b250d7cab601df2f9c3c144130bd4c7ae090425400490df0e2db1e401998109fc8420931d48490467bb0a0c29db30b53fb53558cce18d6988b2aff41f111b1a7244d6990f87fdd51b6325c62b0f810e49cf46900447fdca2fdfb56adfac4afd59e8bc20cd440df4356b24b45cfb9295466d384427fd61aeb38309b013fddbc1e095db57f8d473f220db00778528c340e74c939c678fb1d42198c47b9db512fa2c6d3ac49846438030ca619abb4498016ad0e897706a861d0ee67454e9a2541fab151a0292e38aa7f55ca3413e4d51ca015f00d95222940f9e6dee4b2844fc82c980acde41f61efc86d04f6807dd9e51cd2c00b7c613c7f7e5bbf86618f3927f5f073934a946745da31400b608e97565e9c218d7c41a160ab5400d56b0fc6bf3717dbc00dfe61f04750742d44e5371c6186bc60727265b68b8b903326e17ec69053a2202d3747cf2dd42df1c143be75bd0258f9550a572b90fd05b22d624cbc3c2c0eafcbae42e010eba0e38d9cb13b4a087d9273842d5fa5a7f1f2c10b4a88e583204cca06ad92026c9f7217ff266119655a233acbd5e41f065a0d27d88a599142dd87b784fa7ae09fec4226f1c2a9436352527742f9c405fc9aaf1a2f6c7e4190c100cb1eafd056e7b0aa154ddeada85f2b31b8afd71f8609bb397dd592fd8e5a9ffc2becbe00e3462f49e2d3a86bbee5c43d4f5a7a08422c740af5645cbe530afe9ee23b972acfad3817fb44e9c60b224a5ea86199c39ea1cc326cbf5a7f0460fe0679a30685fbcdbec40d5793f965c08702d9e138f27d278b97efbe38f686dc6fc54e5af2faf8799d0f0dcdec8944ed975d2990082c1d8767c21f9b8ecf380dda13af56d986b7cd1146f2daaeb79ccc6e62a014bc43c2fbf9e10d15ad40f38c11bf67082463cb5658c4908416ae8448d8ad1ae2ed362d3d5bd17329a0dd9566ceeb1baaa927aa5152bcbe1fe97ee685abddcc2761ad68dbf69a4cfb91a847cf256f36c8123d1ac847e07ec348b0e525250380a1399b088782b1d9e309fca706149aceffdef91d3611338c0a19a1725784667516fa001a7f8dd92544035b2282920db1a3927d14e8361fcf3ef4635b518465958a9d780926f276a22096e4876cd2737ce11c091958e5d01731dc0a85047e8338a2e3f06ccaa261584d2fc081708e7b223bc1016f722e1c15b99345c946d7ec268ada7146b7f00e9e46e5d279b880d1f190e5d26d5d92c850a6e1dd6b598b465550c784dac8a27c56c999e5df789c6c611204f39447194ec634321ed7affc8421ccbeafff6b997fb60f4aa702266905e462a20b1a4b3f2d1531af5ddfee5023f562d63a24b013702f0acc159af525678c1f17728919cf7426fe26dbb0c56198e35427c7e51ccb08ebc95c3e440561ef1a2e334bf798099aa100542351f1294f56a4e3fe0f6743391c1653aae44fdf3bfb7f91daa006b1a4caf7fd46be74e50940ab67a879af97404f2bbd46041c625f84455af45fc9d107c480ce3f43a2ae8b1343f09212d49263b5ba3f5a5524f09a7ff6b3d7469c04954500a8eeb645adcdd59c44032dd38d13806267f640c7e5ca17bda59a2e8ecffb53880cf0f4b41739438b54748429900f87bb15f64e596004e95bd6b342999cafd3fab30fa6567b665daa04822b2feef8fd0f3ab8eb47754adf24c7b7199c6aa74d92989f9499739295ec8ebf92720d4eb8a400d76bb9f20f7acef98e073607165acdb268e20957d57c3852ea6e82fadc99d44f1a67c274c89107c7f31e3de15b8d0267d0772cb28cc20764507953698cc451ddf98a10ec34f9ffdc9e5f62240158f5954a30801d9b635d1cfab696a10ea06c903515d3d41bd162d88260b190161387ec926b292fe2f0cdd0637bd27bbaface7d7535583d7d8af24d0dd824182e6dcf5ba1b1d98b75b16a06ce56c46539d9485bdb7158535f71780958fb53f34c5284d5c357d53d7b54b535bec11105721bea6c946dd727941a5f947ddd69f9a74153b59afabcec98b7dd5c437de4faf4fcf3cb447024d19da22eab73f4594bf4b29045040fc3239bc5a9961e7f199b08ee33650258257b75238bbeec1d254a6de59a716c30f70057503243d456a9b25ddfe4b381e17e75c8e7813bf72187c1c100cbe316ca644696955fb7c75eb7bd976ad7a969f6e02296ef74028eaba8708ebe63bfbdd7ea34d1a7c029f15e62e2430c251b204f65f7a9aa7adfa614861ad80cc73850fa777cc77ff92acd9f3bba8bdf6fc620a7dd184a113409d7fb857d2cbb5ee1cf666ea784227ef04c751b6d2444c17a4fe1811576e54344a6d518793021d69f0a505661a40ae9107308929432680fcad9efba24b1b0bfa98578a228ca02ea19b0371c624ad80af1b7527fddbf6170be1acffb475c9f6bb492df827a3ff5a5d2719a1df2a739f621d957817cdc572a8695cbe58d3b596b43c49d4f04ee80fb3469c67f5ecef088003315ad34c218fb90cfc590fbf9b336e5966df359865892e459e85ce4c362fc0357270080cec04b74ce6e3faf25bb5d06d153c95efb29f3774e037a72c8736e3394f0a8e72922bf4b2b67d9f9bf90915e313755893d10be9dfd39a73b73e20d654e391f52a4ac4bd190136f401ddf37fc48fb7087478e37404d5d6a59ea418594733b5502318e99487be042939183ff0d4fbea92cc629da1baad00f2c88c4024e0b4d8617199cb20bb4ee24723306e36b8124a8a8a7ca44a226030f9d157f91132567f45d2398705f5f187489ed4d2518d9eb7a9e4b7ebd226fe44b6108c6963a0b6744bc5388417143c9ed7d641f335f2d3d4addcf512cfdde6af960e1f08f2a04e5a2b110d8ed8f9230fe03691e9505edad0f547615de969b8ca239b3c71f7a637b58e8468a13d7548eb9fa96e21e7007a062f5435f155f748181db74cf517b75eafec24d3e9f05df637eefa654325a50ca3b16dcc3a42b7c12682149f1e465b4daf9b35921c4407f7baf6023051df486c5fae063609f62abf469f5d56d870f4b00b917f22f37a1472d7ff1395e4404302bbbe3b0a54e47106625144b51bde06bb290ec28fb350a5b00d7a8d70393a85291585e13d0c513062c5afbe23c31a10abcef247817907559f31b59be5979790eaae52118728a4fb5bdb008ac6c3d718df548aee30ce90d03f109b2564c0b4d0f13d074ee2a275bc1aa2b91784d3fb657bfd18d35df1c06dd889fbb1191aa1492a70e6cc3fae2adc6ae9338eb74104c685d8abeb5f6c3e95696d3fec91f8ba249f5f598ddec6c9561727161249d13e7c7992d3f5c6de5ab2b6a1ecd24d0131618b4efed433862f8cc4eb23de03e54757ffdff0d2fd86473e11d0e61d480e77ad3a834800bfc062e38dc5062d32f08651b9756b9b0bee55dc0dba38fa132746853045fb431e5a685a4b1a04874a791e904e912e5067ff069beea5fd4b4ecbfef27b14bde0ce7893233f24c4b8ae468e1e161f40d0a6fb26526656c78cb2a288aac8b4436b2bf57ddc2b44cf59b33edfcb463ad26afb1baf6200851418cab698d2027121ec8bd2883dd032d8286588a168a853aea11a035dc39f61c6e985bb8b0eaf06889578a814209ed25b53ab2a4cf8c870421f5344a41b63b388076008cea37d2fbc63d731933dda1f7dcb56f4987198ea259211f6da05f5eefe58067ec41150266fc80895bb41624caf0bdb40a17fbbb7600b630c80539ba522b5c853432228f527512fe6efff09346b238e3fb4af62c807b0a1fc36aacf2c6f754e19f10158e9c9a18c61e69ef42b7185f02adea4341d6ace2c0eb75e913a1469cb701e2b34fffefa8aaab6c7c271ba9c6a95264ba117494ffd127f8add3626f40a8d8ffa7dc42677d99c25e69906b41d65229638b55933655ea509f0b42b57653ef381e2860476dcbfe08db5c451caca33a8bc54fb1133b0a0db77384a4bc04962a00eca7e2e34ecae6b33c0894e1fe9ada0cb37dda24e090e80feb352536d40ea43bb37a61a81ca47f740fff6633e4ecb3721aef7081ded326702d34d7644e18c0bc58aaea039083586b2f5a8ae06822c01e4400e68f9ccbac90394ca5dfec8257d89ccf0a2839fb98de9eb3dcf33daf7cd1ac9fad4e187be6e7c586d4821fd1b4964530fbc56e6776a534ed1e53fb8478c956a942bdf8f7fe7139c40e1fdbf86218c6af332f19e555c9b7c4ab519174e12c71e0b24d2fb81d1e9c798a88e02aae24260cee91708105ff50d50e46359e591df486fe95f31652f7933a0d201c745aba8c77eb09c52bfc6ff550ab8b3a2df5d83cf73b455dedcc57b7b5ac29d1895319b3868b8f2012834feb75c0f046e8ff0be24", 0x1000}], 0x1, &(0x7f0000000380)=[@ip_ttl={{0x14, 0x0, 0x2, 0x80000001}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @rand_addr=0x6, @broadcast}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x50000}}], 0x50}}, {{&(0x7f0000000400)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000015c0)=[{&(0x7f0000000440)="b0a9f37275513d33c1d7e45ea84c9ec5d794e3c67098f8b737b8b852ab5678ea1478f2b4ba", 0x25}, {&(0x7f0000001540)="4f67dc5170483ccf3e45360b9ee69003f4e7253b2876e8efecd9ff28a14822533d55abd5af36216d6ae26b9234ef13327602e270d1", 0x35}, {&(0x7f0000001580)="cb1d415f", 0x4}], 0x3, &(0x7f0000001740)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @loopback, @broadcast}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @empty, @empty}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}], 0x70}}], 0x2, 0x80) [ 323.906115] CPU: 0 PID: 12104 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 323.913183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.913188] Call Trace: [ 323.913206] dump_stack+0x138/0x197 [ 323.913224] should_fail.cold+0x10f/0x159 [ 323.913241] should_failslab+0xdb/0x130 [ 323.913254] kmem_cache_alloc+0x2d7/0x780 [ 323.913265] ? anon_vma_clone+0x310/0x470 [ 323.913281] anon_vma_fork+0x1ce/0x4d0 [ 323.913296] copy_process.part.0+0x45e2/0x6a00 [ 323.913324] ? __cleanup_sighand+0x50/0x50 [ 323.937145] ? lock_downgrade+0x6e0/0x6e0 [ 323.937165] _do_fork+0x19e/0xce0 [ 323.937178] ? fork_idle+0x280/0x280 [ 323.937191] ? fput+0xd4/0x150 [ 323.973863] ? SyS_write+0x15e/0x230 [ 323.977806] SyS_clone+0x37/0x50 [ 323.981186] ? sys_vfork+0x30/0x30 [ 323.984716] do_syscall_64+0x1e8/0x640 [ 323.988599] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.993451] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 323.998846] RIP: 0033:0x4598e9 [ 324.002027] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 324.009732] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 324.016995] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 324.024256] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 324.031513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 324.038769] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 324.067966] x86/PAT: syz-executor.3:12104 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 324.077817] x86/PAT: syz-executor.3:12104 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:27 executing program 3 (fault-call:8 fault-nth:22): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:27 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x6b4084b6d5561885}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r2, &(0x7f0000000180)={0x10, 0x30, 0xfa00, {&(0x7f00000000c0), 0x1, {0xa, 0x4e22, 0x1, @loopback, 0xffff}, r3}}, 0x38) 02:56:27 executing program 0: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x0, 0x0) getpeername(r0, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, &(0x7f0000000040)=0x80) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) socket$packet(0x11, 0x2, 0x300) 02:56:27 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000d30e1e9c29f3e058a4000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x9, 0x181100) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r4 = socket$inet(0xa, 0x801, 0x84) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000000c0)={r6, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x73, &(0x7f0000000580)={r6, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000040)={0x8, 0x4, 0x3, 0x2, r6}, &(0x7f00000000c0)=0x10) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={r7, 0x800}, 0x8) 02:56:27 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="020000ff00000029d6588a399a75fe25c500000040f3fbb45f132242567b5dc33c71b231ce003dc2954476d5745a20b4c1090b746e9a", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000000)={0x401}, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) read(r2, &(0x7f0000000540)=""/4096, 0x1000) syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x1, 0x800) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x1}, [{}], {0x4, 0x2}, [{}, {}, {}]}, 0x44, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x800, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) sendfile(r1, r4, 0x0, 0x5) [ 324.162214] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=12118 comm=syz-executor.1 02:56:27 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x4}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:27 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@empty}}, &(0x7f0000000340)=0xe8) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, r6, {}, {}, {0x0, 0xfff6}}}, 0x24}}, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001600)={{{@in, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000001700)=0xe8) sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000540)="e9b66cd706dd53c76d3bb35e5fc327b4d44636e1b0b9e4b21b43bf2c0100c5cd76d87e739378c3182a925c2a8af85b2bc5df4fd9db26f89c797392a717fa6a1239f27adb25da573b616501ebc8a6dd2d52127d302797f94d94293fa2810c717d0f15876639430cddcc5159dbdceaac0b80cb0c96d1eab41180c132f1d8266a2fdc34ed247b79849e783c63f268b35a0d734e324e0d3a354270dcf27aa83dbc9293bc12292363d68e927fc5a7ab2143dd6788e360734c01e0361813254a88e9ff5f398e096a44c241dc417267277574b85a017742f5705d8aef985a05dcfce34469b6e376b2578b33d548aeaf40c56fe81f4930d9790cbf3b686f50521e091e7dc137d0c3137b54afef9ea05525b61964c7166425bc22bb9ace2c807c44571949765c358105bfddd38bbb4b3c65bba23144e9a881716173bc952f41b20d6de4ce1525e55c64a7dd88e84ccf2251869363bed8fb94125dadc935a3e724163f5df101bee75de3dd0bf81e16e31eed675cf924dd91c46264e7ea5d5bca4aec23bfa17903ed5a6db827042ae91e609e224bf7f40041ff2dc5a4820ec296ad834043cab265a9822381136f829535e657c95fa1665c0d07878f1b0ec5cef2c850ae254e67ff27296e58d216131d961b7c642cdd318fd6cea3c275d4d45d92b8726d344d3226acf338deaaf94d3b090e0224022ea81091942681663c7c0bccf9724b795e20e218e2808db44d567ee467811715575e5ddf6e451a7c6b895ac3211fa2e8da47342004b943efd0dbce980f74105ad3eb87926d47d12e34272405c578f3c8cecc5b641f9fb8170530e8eaaece31d51e2c1b85643b584be5aac37c8909b5b37c1a2aaf017165241b05e90246e73ef3313837a09816c88f273bdd42e41fb334d3d1a351243c257c127db9855543484f8480c8ddc8816555a177bc90365a083585e96edb67d9840006e70fae5f53606e96dd3095d01a1dcea798c238b6f2c9476fb6edc2474a946ce8601eaacfb2fcbaa51a7395f914236a52d8450f6e41e69409121fb452482861ed113850fa6ccc7aa89b6474b92d6d201bd63fb5b24bbeb696ebbb3ab4f8fc0ff8bb41b3771bb629e0e703438b2f826eeb6669a32ef06a177590ec664ab3075c58adfcc2eb97945b42dbbf77157417cedf6936d4750c5855c48acefe45c5d205037dd5d3458be8dce817fc34dd2b5ef37f75813b08b8edaf9756fcdf99e090083a834b18a13f231a7a927e506c242d00f3478666469e00876a8d6eb9a657f39c1be2871aa89fc1e579bd7924c386b0e21142be6b93c2281665aa662541705fee3dee47dee2bced6cf35ee402eec5874e36a9ce33c49eb1526f55c48d78ae2515ecbe7be1251e4fc36c4d48b125ab327fc9432b6896f2719d33a907ce03b13b27943cf6a6ae918dde8809541ee117edaa6fb0a8e5d33bb0972c0d44e6983a41dca3b10b250d7cab601df2f9c3c144130bd4c7ae090425400490df0e2db1e401998109fc8420931d48490467bb0a0c29db30b53fb53558cce18d6988b2aff41f111b1a7244d6990f87fdd51b6325c62b0f810e49cf46900447fdca2fdfb56adfac4afd59e8bc20cd440df4356b24b45cfb9295466d384427fd61aeb38309b013fddbc1e095db57f8d473f220db00778528c340e74c939c678fb1d42198c47b9db512fa2c6d3ac49846438030ca619abb4498016ad0e897706a861d0ee67454e9a2541fab151a0292e38aa7f55ca3413e4d51ca015f00d95222940f9e6dee4b2844fc82c980acde41f61efc86d04f6807dd9e51cd2c00b7c613c7f7e5bbf86618f3927f5f073934a946745da31400b608e97565e9c218d7c41a160ab5400d56b0fc6bf3717dbc00dfe61f04750742d44e5371c6186bc60727265b68b8b903326e17ec69053a2202d3747cf2dd42df1c143be75bd0258f9550a572b90fd05b22d624cbc3c2c0eafcbae42e010eba0e38d9cb13b4a087d9273842d5fa5a7f1f2c10b4a88e583204cca06ad92026c9f7217ff266119655a233acbd5e41f065a0d27d88a599142dd87b784fa7ae09fec4226f1c2a9436352527742f9c405fc9aaf1a2f6c7e4190c100cb1eafd056e7b0aa154ddeada85f2b31b8afd71f8609bb397dd592fd8e5a9ffc2becbe00e3462f49e2d3a86bbee5c43d4f5a7a08422c740af5645cbe530afe9ee23b972acfad3817fb44e9c60b224a5ea86199c39ea1cc326cbf5a7f0460fe0679a30685fbcdbec40d5793f965c08702d9e138f27d278b97efbe38f686dc6fc54e5af2faf8799d0f0dcdec8944ed975d2990082c1d8767c21f9b8ecf380dda13af56d986b7cd1146f2daaeb79ccc6e62a014bc43c2fbf9e10d15ad40f38c11bf67082463cb5658c4908416ae8448d8ad1ae2ed362d3d5bd17329a0dd9566ceeb1baaa927aa5152bcbe1fe97ee685abddcc2761ad68dbf69a4cfb91a847cf256f36c8123d1ac847e07ec348b0e525250380a1399b088782b1d9e309fca706149aceffdef91d3611338c0a19a1725784667516fa001a7f8dd92544035b2282920db1a3927d14e8361fcf3ef4635b518465958a9d780926f276a22096e4876cd2737ce11c091958e5d01731dc0a85047e8338a2e3f06ccaa261584d2fc081708e7b223bc1016f722e1c15b99345c946d7ec268ada7146b7f00e9e46e5d279b880d1f190e5d26d5d92c850a6e1dd6b598b465550c784dac8a27c56c999e5df789c6c611204f39447194ec634321ed7affc8421ccbeafff6b997fb60f4aa702266905e462a20b1a4b3f2d1531af5ddfee5023f562d63a24b013702f0acc159af525678c1f17728919cf7426fe26dbb0c56198e35427c7e51ccb08ebc95c3e440561ef1a2e334bf798099aa100542351f1294f56a4e3fe0f6743391c1653aae44fdf3bfb7f91daa006b1a4caf7fd46be74e50940ab67a879af97404f2bbd46041c625f84455af45fc9d107c480ce3f43a2ae8b1343f09212d49263b5ba3f5a5524f09a7ff6b3d7469c04954500a8eeb645adcdd59c44032dd38d13806267f640c7e5ca17bda59a2e8ecffb53880cf0f4b41739438b54748429900f87bb15f64e596004e95bd6b342999cafd3fab30fa6567b665daa04822b2feef8fd0f3ab8eb47754adf24c7b7199c6aa74d92989f9499739295ec8ebf92720d4eb8a400d76bb9f20f7acef98e073607165acdb268e20957d57c3852ea6e82fadc99d44f1a67c274c89107c7f31e3de15b8d0267d0772cb28cc20764507953698cc451ddf98a10ec34f9ffdc9e5f62240158f5954a30801d9b635d1cfab696a10ea06c903515d3d41bd162d88260b190161387ec926b292fe2f0cdd0637bd27bbaface7d7535583d7d8af24d0dd824182e6dcf5ba1b1d98b75b16a06ce56c46539d9485bdb7158535f71780958fb53f34c5284d5c357d53d7b54b535bec11105721bea6c946dd727941a5f947ddd69f9a74153b59afabcec98b7dd5c437de4faf4fcf3cb447024d19da22eab73f4594bf4b29045040fc3239bc5a9961e7f199b08ee33650258257b75238bbeec1d254a6de59a716c30f70057503243d456a9b25ddfe4b381e17e75c8e7813bf72187c1c100cbe316ca644696955fb7c75eb7bd976ad7a969f6e02296ef74028eaba8708ebe63bfbdd7ea34d1a7c029f15e62e2430c251b204f65f7a9aa7adfa614861ad80cc73850fa777cc77ff92acd9f3bba8bdf6fc620a7dd184a113409d7fb857d2cbb5ee1cf666ea784227ef04c751b6d2444c17a4fe1811576e54344a6d518793021d69f0a505661a40ae9107308929432680fcad9efba24b1b0bfa98578a228ca02ea19b0371c624ad80af1b7527fddbf6170be1acffb475c9f6bb492df827a3ff5a5d2719a1df2a739f621d957817cdc572a8695cbe58d3b596b43c49d4f04ee80fb3469c67f5ecef088003315ad34c218fb90cfc590fbf9b336e5966df359865892e459e85ce4c362fc0357270080cec04b74ce6e3faf25bb5d06d153c95efb29f3774e037a72c8736e3394f0a8e72922bf4b2b67d9f9bf90915e313755893d10be9dfd39a73b73e20d654e391f52a4ac4bd190136f401ddf37fc48fb7087478e37404d5d6a59ea418594733b5502318e99487be042939183ff0d4fbea92cc629da1baad00f2c88c4024e0b4d8617199cb20bb4ee24723306e36b8124a8a8a7ca44a226030f9d157f91132567f45d2398705f5f187489ed4d2518d9eb7a9e4b7ebd226fe44b6108c6963a0b6744bc5388417143c9ed7d641f335f2d3d4addcf512cfdde6af960e1f08f2a04e5a2b110d8ed8f9230fe03691e9505edad0f547615de969b8ca239b3c71f7a637b58e8468a13d7548eb9fa96e21e7007a062f5435f155f748181db74cf517b75eafec24d3e9f05df637eefa654325a50ca3b16dcc3a42b7c12682149f1e465b4daf9b35921c4407f7baf6023051df486c5fae063609f62abf469f5d56d870f4b00b917f22f37a1472d7ff1395e4404302bbbe3b0a54e47106625144b51bde06bb290ec28fb350a5b00d7a8d70393a85291585e13d0c513062c5afbe23c31a10abcef247817907559f31b59be5979790eaae52118728a4fb5bdb008ac6c3d718df548aee30ce90d03f109b2564c0b4d0f13d074ee2a275bc1aa2b91784d3fb657bfd18d35df1c06dd889fbb1191aa1492a70e6cc3fae2adc6ae9338eb74104c685d8abeb5f6c3e95696d3fec91f8ba249f5f598ddec6c9561727161249d13e7c7992d3f5c6de5ab2b6a1ecd24d0131618b4efed433862f8cc4eb23de03e54757ffdff0d2fd86473e11d0e61d480e77ad3a834800bfc062e38dc5062d32f08651b9756b9b0bee55dc0dba38fa132746853045fb431e5a685a4b1a04874a791e904e912e5067ff069beea5fd4b4ecbfef27b14bde0ce7893233f24c4b8ae468e1e161f40d0a6fb26526656c78cb2a288aac8b4436b2bf57ddc2b44cf59b33edfcb463ad26afb1baf6200851418cab698d2027121ec8bd2883dd032d8286588a168a853aea11a035dc39f61c6e985bb8b0eaf06889578a814209ed25b53ab2a4cf8c870421f5344a41b63b388076008cea37d2fbc63d731933dda1f7dcb56f4987198ea259211f6da05f5eefe58067ec41150266fc80895bb41624caf0bdb40a17fbbb7600b630c80539ba522b5c853432228f527512fe6efff09346b238e3fb4af62c807b0a1fc36aacf2c6f754e19f10158e9c9a18c61e69ef42b7185f02adea4341d6ace2c0eb75e913a1469cb701e2b34fffefa8aaab6c7c271ba9c6a95264ba117494ffd127f8add3626f40a8d8ffa7dc42677d99c25e69906b41d65229638b55933655ea509f0b42b57653ef381e2860476dcbfe08db5c451caca33a8bc54fb1133b0a0db77384a4bc04962a00eca7e2e34ecae6b33c0894e1fe9ada0cb37dda24e090e80feb352536d40ea43bb37a61a81ca47f740fff6633e4ecb3721aef7081ded326702d34d7644e18c0bc58aaea039083586b2f5a8ae06822c01e4400e68f9ccbac90394ca5dfec8257d89ccf0a2839fb98de9eb3dcf33daf7cd1ac9fad4e187be6e7c586d4821fd1b4964530fbc56e6776a534ed1e53fb8478c956a942bdf8f7fe7139c40e1fdbf86218c6af332f19e555c9b7c4ab519174e12c71e0b24d2fb81d1e9c798a88e02aae24260cee91708105ff50d50e46359e591df486fe95f31652f7933a0d201c745aba8c77eb09c52bfc6ff550ab8b3a2df5d83cf73b455dedcc57b7b5ac29d1895319b3868b8f2012834feb75c0f046e8ff0be24", 0x1000}], 0x1, &(0x7f0000000380)=[@ip_ttl={{0x14, 0x0, 0x2, 0x80000001}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @rand_addr=0x6, @broadcast}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x50000}}], 0x50}}, {{&(0x7f0000000400)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000015c0)=[{&(0x7f0000000440)="b0a9f37275513d33c1d7e45ea84c9ec5d794e3c67098f8b737b8b852ab5678ea1478f2b4ba", 0x25}, {&(0x7f0000001540)="4f67dc5170483ccf3e45360b9ee69003f4e7253b2876e8efecd9ff28a14822533d55abd5af36216d6ae26b9234ef13327602e270d1", 0x35}, {&(0x7f0000001580)="cb1d415f", 0x4}], 0x3, &(0x7f0000001740)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @loopback, @broadcast}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @empty, @empty}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}], 0x70}}], 0x2, 0x80) [ 324.279199] x86/PAT: syz-executor.3:12135 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:27 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = socket$inet_udplite(0x2, 0x2, 0x88) openat$usbmon(0xffffffffffffff9c, &(0x7f0000000140)='/dev/usbmon0\x00', 0x400000, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000180)={'HL\x00'}, &(0x7f00000001c0)=0x1e) r2 = accept$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000040)=0x10) syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x100) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0x2, 0x0) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000080)) 02:56:27 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") write$binfmt_script(r1, &(0x7f00000000c0)={'#! ', './file0', [{0x20, 'system.posix_acl_default\x00'}, {0x20, '('}, {0x20, 'system.posix_acl_default\x00'}, {0x20, 'system.posix_acl_default\x00'}, {0x20, 'bdev[\x06#+'}, {0x20, 'mime_type^#,bdev!eth1'}, {0x20, 'system.posix_acl_default\x00'}], 0xa, "a42484e329769ebc02599e94e0d95ea012eaf7a606768791e30527c89984861b0596d01d315d68b94b1891dd8941459d8924780ef55e25eb0178d84845c125c8a49c17418b3f539cacf20dd71ea24a6c017e5a52472fff2ec5f7c745cfe5b0d048614a14"}, 0xfecb) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r5, @ANYBLOB=',\x00']) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000380)={0x40, 0x0, &(0x7f0000000340)=[@increfs_done={0x40106308, 0x1}, @free_buffer, @acquire_done={0x40106309, 0x3}, @dead_binder_done], 0x1000, 0x0, &(0x7f00000006c0)="31ba1e310dad9a907fe1d96e3f17a56ac1bbdbbe3df5833016526c946b30656974f7bfaa6ef837de5b9260411ed74ba8209d4980e0ae5298663e1e08d720a5b49d6ece73a68f72019ca81e109bfe3c0a81323555d29d84908320d1f2c27d1424580820b4db9111f8cc6e2bf0d2e7fd28dad7983ffed8b78970c820cf499e0af41c21dc59090bf86388160204bc3500b9f66bbf55c2967040c6cfbdc584f283be2c17b905dcebbf2706b8b4c4d833ed28fa4486aea9150a59bfb12ae47e893fecfb42ab3a249ebac4ec2475b326de5b95aeed1c6e8169b6bfa84642feecee7b0a6361081ccd0f2cb8e9f23b9ae4c568de7812d90d9457cf9e373c99786219c305dd1f5613cbf2a9bfeaf0fbb72f827d72c0bdc09d6b60b8121c8f1c3573cd7a94b30e809bb66451906d38f9e5a7fc4447fb8dd0082acd3628d8865af9cbc37c4e718cea3fa57d8cebc0519c1da4e34fed2b15b79034602d8353f86b234f61abe8d46c68e82f49ec53358402e07981f49fc43f94e0c1b0164498affa90c333aca1203800bac16fc2ac16fc571f53260dc390cf574df983a304601584a02fb828582f3b83057c0419ed5d4f6fa64c49fcf9de38d0e818c198be858237c7fd0b996cbd214ede81c3866dd2bad51f4f401ccc9a8354a0a461fd2622a72576596a86d852b957c3282938c0b5737170fab2c80ba6d8a782af36199de1687568b15f5568c80430f6d719bbe90aec4ff29789a6e3a375f592b66acc3b3cfb3eff16d47f0c4fe5d2be45b4b4a1381da9a093f74fd7d073c39507591c2d5288d76dbeffc57d4c45402ffd827e64f02dfefe2cd62e0965a55af1a72850bf7afadf2d142e3180a74947c53dcef0ad652c67aa3bf4cb6ca4af2ba6ddb37903a5a1186e10deea689783e903d8f88e71d7f8f119670edbcc3f69b9e168130828ea35042e3ff9daaa325e42fedc6b853fad7f261f9f6cc3a98b659056a201959c0d2e423124606d5401feecac7a2ab9642cb17209aefa33734356604db6394df736f38a1fbe5a3438ee77dc5dac9cc5863c24abe2ac5a237d44110e1a5a996afe907238f5637d70f52260de836d6f5d1f56952c4e9b9f884fad4eb3d90ce1727a9b35d0cd7cd775a1264eaf1930712fb85fb1ae64de72692efa6c545427fb735de77a1c968f0f02b238d88f91a4331106208e22bb3226de3d902653d586cc20b5a18aa66117efdb0b29bbb925e351e73aaf76b10fb091a1f23d67e6b326f6e00d3c8162db78b6897f7a244be20a2f44e73b9f87c06b5526e6f6688b13d10f2066f832f1bddce45d4c592aa85f5ef4ffc8798653a8128fe605bfeaef765e0aefd83818a375814a549716f34ec09f8f54ca21100fbbb31900319396dfae5c906e51142741363d5a9c54ac441021bd79e564f38e13de45cb1ec50745c4d5e14fa1269bc1c4db9ad5b353b8c7168b1f7386c74eff18843e5f764f2df348f644052de3a28d5d2959350b4570fb2d359d924f45357055200d98a310247aef537b2e975160842708cf644bbbe752307d7d5fbc29d059eb1648581aa88bdf5a3fc7bed1f36e96f6d41a888fa642c01c2aee42b62ba1f07d3eeabed37e811e4d6f90af8d2335ed76c8e32f9ef0d710262c67da97182ae522f6d3c78d59f23eba523b275d9770120c45bf30d2732c379788954f741194f6311e930aeec2f2b31c5088aeb47ac359b467d7430f8e4f07af2d454fb75505a0c3df6a4cb6f94641992c741992fa6c397f1f9a9e8298b47c99b8a6ea0246490640a9451827dcbd66257935c5a1cf99f8bc53d7207650244a43a141668f4fa6c1e163485d7e3eb9491db98db41093f690313de5abb3774e1aa0c220fe6a5a9514960b238da94f9cd149e46eea8a8538bf90137b42d0918701d89bf041b4d4750c67d462f3e18fccf66c8a16e85e4c9b084e4f93b94e3d096a63c8ae24dd27899ae49273a2d73cf5f69a290b61bc516072bef915605ffacd30387ee1c068ecd4e452543b4d5e995d2b644d28db377f93477cb205d57ac63281cf5f864d2d7e2592ce3f6c9d6e63997f0c1e55b604169b3a57490e6e16177eabd9ffa26fe863f0756864f878354df635bad523265cf3d6687c3c95f3cc301e9223a45bb801ce99f3faea74c1857800408f6ac7c751fa793bc31d8da265810666c6836d348e1a56eda1cfe2be26363b13c1a2ac313fc867493762ae9cf594320709bc48e27f31a4054be456e6dd470e2dc8fd538f4f7e81d74bd366c0e15694adf3065d534e7d134c9ed5df9907d8d64cd6b9eb926750963ae801a915469a56e3828bfe9cafac4cb48d8caf0a087b315160a8cddb087fb4e6c43dc87fe84838222b37bb5ba7f2c2b592cb92b8718474bd84b3ad7811c971fcec21b9860946eb8da8e2ade50408d97f5dc50a207e06a68dc0961d57409c141c67e8c7fb44b124b6a9fb600ce1a60718784207e1ed9736cc1b6aaf2f931e51673e4c9497690d5d1c6221b0bb3f87d9f95f4f03234cbe6ed8e45ecbb94f71e1a639ba1a4734b1af97c925ba3cd8e5f1aa5a56287b64583522b64e3222af51730a547813f14d753dea4006f1638644682b29a1af64963cd6cc337ed5dbdceb6b2325e682d87e92c3a7e56fe756d69984c28090ec8e9c9ebcb92628cbfe23e875d09f75f555ea2b231aed18207be10e12779e305f2854ffe3749d0f400e30a63c7df1733863825696d11481a637359d944bf1e8cb71ce85198106992146e0e0b153c90d0e6349f9864d5975f5614d87d6d9d04f149b16d63d5818bfca0b319f1027cff17e585d877009556fbbfb7ec937f8afda8b9f3739a7bedfb55c1c5e4218c5128ea367dcbbc86e4afc2a181c6802a3bb7999f230c739c2698bfde83bd3ce56ac65257eea7f403e376aacf8377503afe6a55889aacd30bbb51fdcbe52742049f368c53e93e3040e2258bd1a859fc7dc6f4df1493e43abf7c0632d4e575dade467bf957b95b4cef9708f37d6a976df660d9aa707507fd25212ad3639504fd547df0e32520fa304823d945d591979d5179f81341b8b253fe4bc99495f4349574ada4ccd54bd8606ed30e5f1c040d4ab8861475915aa90845fce6811f6b6b774df1f58a8acc762320c8763ed6fc3f32c4f28a9a7153b20455d0645075cb2e4c2beda79645a356cb9bfe4165b7ab87e549eb47efb87d48ed9d1b1234ac47b32affb36775a74e76f5bd3f69b11040f21f8ab91a44615eb50784c22f7753ce28e64efc475ffa3391c55e2a4177001f014522c1bb685a385900c01d555c2ec954b926a98ada19c3ace84dab7162bbd65598d988cfa4ab3d6c9af1f79d1885138d607052803e55b569c600d19711f6cd631570c346be2e23a048cb3583b4987478a1d182028e1dcb900179c78cce90f1e42f92f9e088a97aa44c5bbd070b60cab8d842990b2728191c81080ebaefdd0a4ac7481ec8ab1639193523a6b06c1ceacacf8d16fe420d8a76d3869ceb6bee78f3b79f5700be6454b841c58355361105739c3cbc51efe92415f3a337526c0e96ac55b61ef3aa2b85a19e056cf25258c20f4fc4511ede17dde6b60ee52585b8061107da1e301e928f901f0616c17e1f1e4c174c2b99f07900e729dd2c21759c3c4b867353ed910157976746da16e22a2a1013b211d9a0fe32bf5996270915040b6cc444145244dd8d5e28d639013338a007e1f9f273061266e9e37f91ca4eaa4b93b79c37ec2f61522905eca9816595a3fa487037159eacd617a42c41d043480fc4b3a03be78b18caae9bccdbb548b3c833e8ced9864461d7aaf53e7148e8a3bac7269f47781fbb1c53cc0d0e418fd552d5191dc40810546175f8cc2c9a3dd6a458c12056b17ec71577ac04a1705ef0f3665835903a35ef6e850075aec93ad7b8a2d50634cfa3a8ab78144f6ccbf860332c20f36adbc8f5f3f6107113cc1e56561cc7d5d8d6b028b0d63ca2e56634e1137d6f09cf98caeb18b2b0e78c55987a4e510119c6b61b543b053cfa417ca740ca7877742afa334458233365884fde9da20f59ff09f1922e47104c74b85bb55cc7266c77bb99f98344831b583fea11742abf92ab0436d454d77e7eb5af192e1cc321d2b3e387e662f32777203e10818496e91d1a3baf6fd6f5d6e7c171ae0f1c9cc8eb6d2b15f15ec5b2ec473e3e712f19610d718e7e2171de62acfcdb99cdfc312b37892f75cdc524e2549d9410385d386845dc5482363404aa412e4fe122a24f562a4322e4cf3a5716f16381701140e52309421618d3a093bae0bd8caa39f58080f56e016bf7bcb52c7012fa5ca8f2aafa744fbc05f1f20f2919b7317fd8f9212599dec42ad43aaf846cd99e5154bde4cb0cb60a8e0d1fa35a88443cb276adfdea9dcd6bb69f3f6a2eb8644cbd7b3dfd103e8667c515c8e5f638a057da98a09cf1c3bb1dd8197014fd2f319a3e03bb6dcf008ab7da2c892353893219be093fc031fbbe34f4bfe53bf15baad714a55a68499536a174894dfa6a7e5147104aaba4aaab3ee3ec9d92865f6d0eca86b20a79511d0fbf6fe37eacee89155871671126fb5affe48490986bc1e24eb72a34099ff8c76f655ee72ffe2acefe2f09b5dc4780e87cf1f32f0c5bb8c6930e9329326702f6563abe0d99d8f2e3cd18ca33d974dde1d2c85a8abb5b88f95206755df4ccb7103cd62127040071398e548a21fbc7c4184847dc6a537807f546516f468d41e245f08032e1e9b25b991e49ed4248143cf09cf0306d6ba4a3d0271d678a2f40c2f0c28d0f5f3aa78e6e2530451dbe6a1e03a96220bb09bef6674c7c6630febd64d7ac81ce00ca5641a00497df1f2728dcc8d02372b5354be43b1587b2284780c14bc2645048eafa78eb9d178e656fd2dfcdc020d4b8e1713dcff69125bdfcbb0ea9a530860ae4b2d2c4156a7fd37930d5d8c899b8f33801c836c90f79f581c0c9a65f36c8e97806da779157d537073b72acbae75bb1ea47655afd1ea09e4cc5549b142c51ca24d3337a48310dafc5fb5260217c2c0cc34cb54a11fb89f95d3a824f6050f9dc592e0875c4fbc4718f1004304fb293f65be6651eddae9cd75a641d906cca8e006f0dc9264527840195d37c3578d55f6d48f0a3bf1a9e5b2e377b2d7f16b5d3e0f11685615cd1476d1aa03631023e84cc146727a16871e937c8b8ee5dcfaf5422ca32c8bd98cc456f621457339bc75608a05eb31b3e55ec8cf3e23582c35e2092589fc42877c7fe6026321e8eb779038fb309a2ed385a92bc52800166258546adaed7a9de17d129c64aee7eb9b77d49f61fe1d2046e536e3b413841608092b642168b8afa507708a9b5c3bc77db43e6ae257962755eb60d3f9f50d0a95e3f70a9bc44b5b6921d595c42f760938ef0b9f45074403244cee318192718522f915faab9a1d5da929362ab2058957233f4e182381b10473cef3fce0187e773a59e99c3e476b5633dd754691eeb5c9a825fe99a5c27d46c34d850b668a8d9c26026d2e9463bd460d7e4c23493055cf04771308f3c7a0fe767c22f4c39c1b06317235598dc95a0a605e293d50f8cc126a59c09b7aac2280f0ef812c2a1446a47c3deb93fbb0be7c1651ba834a120e2d27303cb8c370c6ffb45ef421da0e922e11bc6d83e373177c82d7d7851166083aac84640505ca54ef64a8e122883bfb62b3b857e044c6181e6ac4d7285641df11183f357eb8dfac6907212af503a770f8edc3b9cd1a8ae64ff9ced1b7d027f1e90da32e8521aea04bc57b7cb460741a105c4050baeb72348659cc4a25c48feffd0fbd88487ac71e89"}) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) epoll_pwait(r6, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x4, 0x174f, &(0x7f0000000400)={0x800}, 0x8) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r5}) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000240)={{{@in=@empty, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f00000001c0)=0xe8) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{0x2, 0x0, r7}]}, 0x2c, 0x2) setpriority(0x1, 0x0, 0xfc) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) 02:56:27 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x800, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x620, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) ioperm(0x3, 0x9, 0x9) 02:56:27 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x2, 0x0) [ 324.362784] FAULT_INJECTION: forcing a failure. [ 324.362784] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 324.403571] CPU: 0 PID: 12146 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 324.410630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.419988] Call Trace: [ 324.422587] dump_stack+0x138/0x197 [ 324.426207] should_fail.cold+0x10f/0x159 [ 324.430363] ? __might_sleep+0x93/0xb0 [ 324.434409] __alloc_pages_nodemask+0x1d6/0x7a0 [ 324.439438] ? save_stack+0xa9/0xd0 [ 324.443194] ? __alloc_pages_slowpath+0x2930/0x2930 [ 324.448207] ? anon_vma_fork+0x1ce/0x4d0 [ 324.452256] ? copy_process.part.0+0x45e2/0x6a00 [ 324.456999] ? _do_fork+0x19e/0xce0 [ 324.460711] ? __lock_acquire+0x5f7/0x4620 [ 324.464973] alloc_pages_current+0xec/0x1e0 [ 324.464990] __get_free_pages+0xf/0x40 [ 324.465003] get_zeroed_page+0x11/0x20 [ 324.473277] __pud_alloc+0x3b/0x200 [ 324.473286] pud_alloc+0xc9/0x130 [ 324.473296] copy_page_range+0x2de/0x1bd0 [ 324.473310] ? find_held_lock+0x35/0x130 [ 324.473324] ? find_held_lock+0x35/0x130 [ 324.473349] ? __pmd_alloc+0x410/0x410 [ 324.500825] ? __vma_link_rb+0x247/0x340 [ 324.504880] copy_process.part.0+0x4764/0x6a00 [ 324.509465] ? __cleanup_sighand+0x50/0x50 [ 324.513688] ? lock_downgrade+0x6e0/0x6e0 [ 324.517910] _do_fork+0x19e/0xce0 [ 324.521372] ? fork_idle+0x280/0x280 [ 324.525073] ? fput+0xd4/0x150 [ 324.528263] ? SyS_write+0x15e/0x230 [ 324.531976] SyS_clone+0x37/0x50 [ 324.535338] ? sys_vfork+0x30/0x30 [ 324.539038] do_syscall_64+0x1e8/0x640 [ 324.542918] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.547760] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 324.552945] RIP: 0033:0x4598e9 [ 324.556174] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 324.563870] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 324.571129] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 324.578578] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 324.585834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 324.593090] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:28 executing program 4: setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="00fbf40109109863c5e5d63d38d39d447588b6bcac939e45f53e2ab6cb8ccf3c9cf1f7e25efd1b29c5882675a0af3a82af1e1a10bd1f116ed1a0893ae2f08935d4f3d0c1ffa0910623dfad973f31c07c0e715393c9c81680b106f49121ceaff89161aae2c69e9ffd21e3548a65754c2afa39920e15ea43313b4dde826aa4d3198b7cf755d1d729239d41e57459c2fb27d6b2a36c935925c132940d06941ffde00c175e697a9e65266b3c9d97e5d54bd41cb37a0b4e6566855c03d8572928441370620b1e3bcb00a9a1dce2407d29a2c6f5fd7a17d09489417203f1b5e1f08aaab2945b033f82f97c72d10ea36fa8f80a99fd1f302eb16ddfee0fab8e352c0ff1a0c0d00f365cc93eca2cec64d834c695e03a8876a1d78d0f3cfabd825324609df6238d5892ff201334a5f59b7a2b483ea6de38f85d549a9e9af0acabbca0f2dd91d502f15d965fe57563d22c98da2b6c987cabf2308fbefb1450465513ae5841045c2d3282e80c21012ddc91cd1b70cd7c6e2b5c1091d171a21fc905796e875815189a50df01b362120870734f1436ec2607db18c10e0e2d1fb48d99f5f0bd13be796a1277c994f74864af73867f9120953d415a340659bd29a2a3bff7f2a69456e1648be42dc61b35717db6e3c550348abd59044f718c6023e8603e6dfe5b63c6114d4d9e12088bc19f9b437f4b0681"], 0xf4, 0x3) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000e59158b145994f8d3a9741d4017fe58f2b83abe7eb54d22e7f4d4715852b5c2478248f726a599c15e3dc4d715d970f8ef97cf47bf9435fc2036a99334db54c31f8dedbf5885c64eefc47d504713474f9675898151d04f3ba6fd20abc9d2083715486ef45eca3402dd18461b38c039dd721001baac5898434e01c7c210ff462bd5c128d4688cbaef609947dfd7bae8784c10606ca36bf9d1ab73224fbfc39859e1c4dff2b3117836799e9b7719cef53745f73dfa03d801aa3b217543590d403e765a591781fb73a21d2c5a6e5424e8711f9624c7f015d88935f051a04e8", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 324.735855] x86/PAT: syz-executor.3:12146 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:28 executing program 3 (fault-call:8 fault-nth:23): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:28 executing program 2: getresgid(&(0x7f0000000400), &(0x7f0000000440), &(0x7f0000001540)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001580)={{{@in6=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, &(0x7f0000001680)=0xe8) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000001900)='syz1\x00', 0x1ff) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r3 = accept4$inet(r2, &(0x7f0000001940)={0x2, 0x0, @broadcast}, &(0x7f0000001980)=0x10, 0x800) fstat(r3, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup(r6) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r8, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r5, 0x89e1, &(0x7f0000000080)={0x3, @default, r8}) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000000c0)='./file0\x00', 0x101, 0x5, &(0x7f0000000380)=[{&(0x7f0000000100)="f360ff960a6b17bb74db7e64501cef407d4f3452860c3397d4a1d15458470be821a94e39a118f1ac7e853dcc730497e9c4a5b3d6659e4db81bdb5b762f631384c7ce006a1243e92c", 0x48, 0x3}, {&(0x7f0000000540)="048badd2c49da2afbf6a42fb5fa180f4275ca0492ed0b1c4ddf5a86b67e4088903b2b7fba35842d80935065c1b8bded4222b7ea5a6dc3114684cac6e513925d0c6f41a9d5ff0302493e420736a94643cc04f06d055cf54fc821c7dc5cbb5800c84e685433bb3406f942990905f0dba2cb2bd1a7d8fdbd1e3fc75b761996d7d63cfff78202c0f2567305bdc104530266bb2c19ae72690cbceec15b9d0d2524473c705833286868dfd5e702fd7900ef1ed7877a5c0ab0a065bd70a46b3675fff7cdbdef54078f44b255c43ee99cdd3b2be01d1ac357bd8470c3e86b548da716d016caddb7ef702b45887f89388eacc4d1a601a5a0f5e7ba2fd14a720f6e473af271707042f910bce3e99a4bade1917ce3d1ce957a2ffb8916c24599d27e677e5540a0a0c9d05ec60a425512ec05bf313dc97c7de6d03eb5a85031c4dc7bcafa018e68449000ad257b14f3b43c56f55ed6e497a33e296980b5560fecf2f19a9f67be25bc901843c51ca7a0bf3946a955ac37159ac57d2046e4653dbefac5664081e93039eb8593dbe58ddc8f217bf302987bea2afc33c990fbb9ca678b367bb7258292c2fa0acea480902b8e1579740365bd268eb0172a05b5788b87e5ad943ffb85b016dd2623496ec3ce818fc0368a3b434e40f62c3fec01b3a6af25c447a3364cde57ebc698ee402b5833db57c849c74d91ce3f28d2a1aef288f6e907fae34455f39008be875ae2c18a945d3bf205cf71a77069a39fc2389b275221e2e35070eba6c1da9280cec2840c62bf1802d82ce75b359453f1edd0c22ab8efa34608bfca13c7bb4d2a13813a0df77c4f61fc224e0b584b4124ebb8472fbc0aa858bb9f2faf74df8803848cac0a2fa2ed0999d1ed882a5f8d136002ebf23775a79731e5e75285550b015dd787c59380b3834392b4911a845958a5227a58a364350e401f07cd8400fb36dbda29fbc19e347ccf733a72ffc846f01e7ca267f7eac0d184cbb4258ac26b5b30fef801848de679370b275767efdae33189261f34ab16a81cc73b4ac053c71e865f177167a388c6ae6e52567cda54d355dd1176f530f07c0f864795c4e69791b28785f5867fe9e709cadbd04f9ab95efd086375e5dad32be9c37d510b87e8f84227fcca10ef0f1e1f308e067a1998270182baff60f0562ed2fef7b50325048f3776405b63479c7817bec16fc4bd930749f4dbac1d65c37a646da2ce5e416bfe08c54282cdadac253c8d5db51994db111a46c245dcae0a5b6eea728e420abe432db2680ede3d24e8c4fb5255496593b0a9be194ca21f4bbd94d20af9311b217ec3ba262e84fa6993e534a6ab0bbd6a7bec31ea16eeb328c3e48d98e713081c1c1cb61d61913e84168dbbe15eeaf7f2a24f962cb70c59f4370b203b5132ed73b6d8cf65a530b0ae294098a15646f41d681a40197f0c9e2f3ffc3101155087a8f963e5f89f9c7eb503e1ccbcd645ec10ad472b031deb240429e28f8ae2bd75be02cdb0d6f4f5b6016d673d01ce5737c7d50a05ce9bffe526b2445c1ee5f240a286772cdaeecab8b8aff61080b5e43c07a62e29ff47346b328fbc7da251788344fdea1b7f60094957c949d615233801e12e26a3fc94b4a080fc9628342f8fac2599e3ae5334f4e4a0e2885635a82295fc9c23efdd10fe81833d988f1f1a10968fa741d3bc00c8e18137dfd2ed634472400d270ad9d2292d43152304d42b8a93c0ff08983c19c9cbccc295c205c336902b8c2f08b844d738c5b60c751e76a3f5f94089c76bc037cfdd37c9bfc155e59c3618d94318191975beee3848563557322af932443bdb0d311afeb326a3f0ed9787b766164df07a6d5039cf95e23798a147419c4f3c879bc1ad4b2509e6e2d28868ff9be3c01b900c6e1e249277d2122e464e241177364f88bbc52096b29bc04713f85388a3d02fcb24c8263db655ac8bcdba2db42f85c71e524c4a885de1fc21d232065d81654aec75419cb72710ab20fa3356237e0d83c3ce903d242eae3927d3271caeadb4255b0383e1700b48dd27153402744b40588af9aaec69fed3d7b39dd9ac1d8fd9769c6be5a582a13bb4a07048d2799d978fd5427fa280c9edc065a4eb45dade08b7c4272bad085057cde4e3593e871786820c219ab16eca57dc37a6a30e93140ddf737d6219c4b8f271170b09d30f619d037309a422eef351f2c1be172b2c5b1a9e35f50f8c5c1db708f9b3a46d8377df2f0e83dde5a0f4dd3f9b5386e7c8f638e19ff8b86b506b29d0563f31bf0198f0cc3e25aeb6d5e8bec63f86609e4d8073d47eb8a80621ac0313693077ee4c28305ed4cf1684d3040c41cd3914e520c20ab9cb4834dbd56b1b67aa34aff2dd42772b4c59dc7eae758e4872f6043914bf6de2aa8602fc4c1a20eeebae4a43f78d786cddfb09a46235ff84d4dd436e01bb7fab9b0ab6288ebb67672ca187e51b7d9922ce55a5bbbaa5d93d95dea6fcdf1e523800c1e8a7d6a05999e60f9899a90fd2fd68b6af81e2b072fdba8107491ba806181539ba19c088eaee5beee886caa3ecff50bb5d44f737fd64b1242214acd19aca56982cb8f70a8de5b3c0b6af573614e65af89ac1821f54573485d2ad15d85f17f4b48042f42798c328dbed4e43892df8bed7c2782cb640b6167f1874c71aa2768b2c6df70d1b4fe0f138c8a4ca289db4ef6d7bdeaa2289aaab10a68e2c3ca29daf0e9ebc771aacbd890ec55411b86ddc57166d3eb2c84da3c099c083b2e8e283996a8e6ee67097ac9eb12a15b05b0ee6ae7fa6a9aed7da6802e401c2e7d7bd33919621475ac7e28b428f0b078d87729dfdd7553e7670b799496eb7d57680b875981ff25ce2cb50fa37c924ca6adc921606a10f1cd684e9716d1d2c37376d352e00ec982f9d3b9daa02fe837b845bf08101b0161418a4509e7c358af606941a795b3660dff632ecadd509f6abb23451601cd64abd72e4cae39aaf06918d6fede90d86a5a311e9dd493a9db459b4ac6a5b398f65ef1d4bf3d079dbea70625168a16620e197212f2767b1104217e6642e25702f4f4cea6f0e01af1853e50fe4b6c3b9eee9d7ec613b835e4f8e2a060b6ba1218cf44fa1444a38011ff68e4a5aa9fdc50f71cd99ec9893e2f258d21cb3b510b948116457a546d722ff5f67a6242f7daf4675c855b1fb33988ac24dfb282681f2b82b044b6709afb457643bd998314dd622b32aa991d851cde9519527edbc04df748e90d26113c3f04c024989c8cf4c9c199d5b26f773c52fa75113c4bfca13290a910a558cb07287565c8536f4079b9bb7d8a4df700b8d40042aa673afb6e8def0e21b85cf60827c7bf6c5ba047c6231f57e115dcc7eb0f33338bfa1505d56afbd18986394d797ca41d6d001bac47f84f3a93677f83a4fcf5252a5244f50c96cc375e8cf2e93d88be334eef9712e74bdacd836477854c1c265b7bb1b14db11cc44b07be740c8700930eca3f255136065a1cff8674a177313ee6e4a17785358c58777ae73ea92af030b772fecbf2a304d173f2e7f9796480feba4199033d90eeb2b252feaef5ca6544f18fe8a9dc5c5908164921ee81492be89bb85f437649864436165e2e735a8fb9e6d048e0a71457f5dd365117a1da2851a51b29488bf7dbc42b34c32f15f86a9217a48fb71e36bb94a41ebc2381802f1826dea1cb991f562e0f65f15871944ebf7d991373c255ef8c15dd4e6e6c9a84b914651a24c2a8303410244a6373ddbce1f6a701cd67e5e3347dca5d3f13eea864dbd5b3bf24bd62fab17b1ead896b6854a5869394eb8abffcd936c1babcc68e2828ee7235ae14b4af85a4b2b125bef60d8f7451af90dd8a861f7d255c489f30dcd9aa1405ca05cefcb90ed445b2a814efe6ec0ab8029c989b71ea8cd9b4253cf45135d940ae4aa5f8c54298d8da9355063c0a40e56f782fdd4f311812672bae5d2691ef9f64ee74284c115d6592015a2a51805d09e3539a7d600fb427b7b189b547079c8332b2a8d80b22b0a585130a1d48207e6b4066eb4220b18fe3e24f8016b7f65711203e623d45e9d52dbd7dc6a65be37824e077828160b9fe0fde8e72e3d9cf18ee340f4c377623045faaab9e45deac02a7188c69ca0ac393c1a0c5d832f333f2fe6e99768d45232229463c630e2c2f45f339dd79df85fe731e655d6baaff0dc18f03787ace1d9293b8c2e38e4d94848ebafcd2330c919b81799c34f22a9889895785fbd95b10a5b773d6c4434d4ad9c6c14cc3540990208e57eaae9e3a193930ffc49868d0f9fedc75173ce46f4341cceb28fa24737c2ab91d25f7b9b081edbc8d968b3d7be40ea5249968bfbd2765b641d56a499127d285feddc340400ef3f7e23f70ac11f8474e5e52a8e1402745d38f2636841ccaf21c29090512c45fe123bbfc2e189d951f6085ad479371a69fa0336e7947788766d85676e865615fbb27ee6e66bbb898bfe871696e4859b421b0bf028b042a6ec73ba53ad3fd446007f58d9ef45095ffcdf2a9b90a58efd782eb1134292e1aac0247a4a9765489eccdfadf13900b88457757e5b3b31de943128183e5f30590ac6c00ff52479da3b2afa951622d064430dcfff4575916e9d19a57f03c692f57256de5cb617f281f23fe99ea7eafbe0585aece17c2520343c0accd1b8a84944107bbb8993ca5640d5db5777b00dcaaaa182edcdfdc1c054924d39d4c6b21125cf90a6aedc4c94498673c6b8146a467029ffb1837a7f1b2272c18abf97ed80b1efc852102838e9c3376008681d9cc2e4a5e62cbf7bd5f0c4fce9fc693342c0c67cfad32c7b15ba5b903953f0521e3a19489e5cc6a57d113b6e1bcc40a4208e41bc74de79f23f3238f6150a4e271aa63104d1f6dc0b944f14664de7335f48a3771468eb1d5f83a210fe62e940b5097677403812f0521701db06d64f2da5695116c42438636732697f6b95b00b592312b7bb4b0cbababf08c7b4fb557c2ddcbf81007c49d9fba2f8b091cc498c58ab2f6747a48962c07c48d554e69f1d2c8f78e4304f9cd33752efc0251813cd1940453b2d49a737b7ccbf2f991ec70734d33e93b4599a87914ce469ed2ae2a2247447c2301b07d41b108178f712efdb8459badf7232e5302e5452bcc615d176f92e6a8051cd9fb383f67fddf7543ecae7cfe3fab751780f0ef760f8d3d8a2c5d1f72a8f07574d2cb2f7019cc1fb9d614706a74c9670fe4a92d981221a9d99f037bef1adc6316ab394704344bd434e0cb18f6c62e03694977c6cb085027889a6f640c28cc91a6145e1d8bacc7af87610284980feedbdbd7a6ee87d17d6b94536140114daa2b2ab5f0a4bb7f4c18691b0341975c9943ef55057fa835ed824543f5b62e60f7defa6d57aa131e628c07d6cdefb9cda277c1ec40a35b4e7a2349480462d47fd3bb5cde80e793174015d30521c49995ff1ed499c5c21a6ea5a93a3dd2a154781a17448effd22ab71838299f678b779ba290e77bdec1da283b8d0b197b6703a032a5f1461554e989ec792f79a2f42628afc0d57238dea3745a95ecbeec8b26a857da51f75c0cf4c03460dad7977f32cea1fbe0619795740981098b3b1db8d76d14c57f468b9be0c03e3a55d31edb870e166285182fc7e438aa4c5bb6b99747402591ce6106d6d21bd7f0ee1cce9c7074f77ac36dc6bac245af5dee8c82e5262c99d3a7462f78013eb33a2f9f9669242d15f813c9d8e4c84ae09dbd4b8caea5a8a9b9b1b00e4a70ee99cbf67b3780eea0a7868fcf6692cb23059120132664562ed023a6c60eb0c10cbcdf15239f9a7440c117429251", 0x1000, 0x2}, {&(0x7f0000000180)="9853ef1549afea8045b64f95be5b00fd1b9e996480deb5e4492e5e33d3ddd0ef291982ec15ea271382a34e2f77a57fdde172f647a52b7225bb4451ecda6eb5000da647d9fd493351ee03d09d064705600c207462edf182ca0b2b529292e28bfd1fdcfb55d051782213a0ad037baf064380b865cf914218822cd0c7ac219c52c56505838c2bef5dbd57", 0x89}, {&(0x7f0000000240)="32b8d6f3b53d12be507d", 0xa, 0x9e9d}, {&(0x7f0000000280)="6b4d8e9d36d38f65683403fced5af094a8b75174c78a23e88dd9331a868401912ba34c11dd19131f157d88648275d3ab13022976da53c116226565df43a8ba314d9aeeecf23e93d28cf22298be734509acfa4db495823e7850337664b0e71e6cebcc32370d26cba23bb619ca30af89593905f0ffeeeb3c18039ef5b34aff90437a4c0d8e5c4dc1bfdbb39ddee3e72463d7d767b7def2c952c0ee843fb5f2c902010af30c4f5c9101ae73d7c4a73c47f8d1e3f914087276464185d80260998e79327f829d35e26bcbbc81f28997779ee6b7cc57e3edc8e89186c882aa8359987483892ed71559b3255015", 0xea}], 0x10468, &(0x7f0000001740)={[{@fmask={'fmask', 0x3d, 0x9}}, {@disable_sparse_no='disable_sparse=no'}, {@show_sys_files_yes='show_sys_files=yes'}, {@gid={'gid', 0x3d, r0}}, {@uid={'uid', 0x3d, r1}}, {@utf8='utf8'}, {@show_sys_files_no='show_sys_files=no'}, {@mft_zone_multiplier={'mft_zone_multiplier', 0x3d, 0x3}}, {@show_sys_files_no='show_sys_files=no'}], [{@euid_gt={'euid>', r4}}, {@audit='audit'}, {@fsmagic={'fsmagic', 0x3d, 0x100}}, {@uid_lt={'uid<', r8}}, {@obj_role={'obj_role', 0x3d, 'system.posix_acl_default\x00'}}, {@fsname={'fsname', 0x3d, 'system.posix_acl_default\x00'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@obj_type={'obj_type', 0x3d, 'system.posix_acl_default\x00'}}]}) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r9 = open(&(0x7f0000000080)='.\x00', 0x2ac000, 0x1) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r9, 0x800455d1, &(0x7f0000000000)) 02:56:28 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="08000000fd5a3ea8590b0daa87e4f493621bbaeb1ead1bb63c0baeaf47fd5212bb99d7e0951b34564b01171314924e499e8ce992f661a1963193b4ae6a36e14e6acf3721773aeedc8b151796a7fffb6a64461f6fb6f928f74e07199ecc48be45b4fbca5823607a726b122cf7ded18fbe02f3a2caf2ebc91de2e78d5baf785378c274ece25d9db4c947c47582abafae475a8b3250e1", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:28 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="04090000009bf586e985e75aee7382c6ad165a6f16", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) ioctl$CAPI_NCCI_GETUNIT(r2, 0x80044327, &(0x7f0000000100)=0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0xb, 0x1}, 0x14) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x1b5f1efad9ea1eee, 0x0) getdents64(r3, &(0x7f00000000c0)=""/31, 0x1f) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:28 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = fcntl$dupfd(r2, 0x406, r3) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r6 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r7 = socket$inet(0xa, 0x801, 0x84) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f00000000c0)={r9, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000580)={r9, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r9, 0x91a, 0x4, 0x2}, &(0x7f00000000c0)=0x10) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000100)={0x2, 0x81, 0x8008, 0xfb4, 0x10001, 0x7, 0x2, 0x1, r10}, 0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 324.776485] x86/PAT: syz-executor.3:12146 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:28 executing program 4: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x111100, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, r5, {}, {}, {0x0, 0xfff6}}}, 0x24}}, 0x0) connect$packet(r0, &(0x7f0000000040)={0x11, 0x8, r5, 0x1, 0xfffffffffffffffe}, 0x14) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) [ 324.846354] ntfs: (device loop2): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:28 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80421000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="020025bd7000fddbdf25100000000c0002000800060000000000f2be50e1d30fe6ba9a7ca23638dd402fde2bb5390c096c0b11b3bb910900000000ea75669a99d5d43822f0d338542f04d99c54ad08a1fc9bdaa1dbb73b46c4ba589827ab688b9d4ab42f67e1d77e063cd1fafc22cc"], 0x20}, 0x1, 0x0, 0x0, 0x40040}, 0x20028005) r4 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000300)='system.posix_acl_default\x00$gI\x97\x89\x15\x9e>\xbe\xe3\xe9W\xc0=$^Z\x9e\x13U\xa1H\xa9_\a]\x173\x7fS&Y\x7f7K\x7f\x91\xcb|\xf5\xaa\x018\xd7Hd\xa5w\xe2\xceM\x1aM^DD\xc6LL\xd5b~\x8db]\xde\xdc`\xe5.z\xfe\x9e\x81l\x00\xa9\xfc\xebi\x83:\x9d\xfc\x84\xcaY\x90\xa3m#H|\x94\xfb[L\x06$\xb9\x10\xcf\xc6\x92\xb8\xebU\a\x80x\x82<\x82\xcagOO$5\xf2&\x1cXY\xf4!\xad%\xe3>\x18\xa0B\xa6\x85\x12G\x81[\xae0\x8d\xf8oD\xff', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$PERF_EVENT_IOC_ID(r5, 0x80082407, &(0x7f0000000080)) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000)) [ 324.977227] x86/PAT: syz-executor.3:12200 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 325.017293] FAULT_INJECTION: forcing a failure. [ 325.017293] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 325.034308] CPU: 0 PID: 12200 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 325.041889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.051254] Call Trace: [ 325.053857] dump_stack+0x138/0x197 [ 325.057500] should_fail.cold+0x10f/0x159 [ 325.061652] ? __might_sleep+0x93/0xb0 [ 325.065638] __alloc_pages_nodemask+0x1d6/0x7a0 [ 325.070336] ? __alloc_pages_slowpath+0x2930/0x2930 02:56:28 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup(r6) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r8, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r5, 0x89e1, &(0x7f0000000080)={0x3, @default, r8}) r9 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r10 = socket$inet6_tcp(0xa, 0x1, 0x0) r11 = dup(r10) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r12, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r9, 0x89e1, &(0x7f0000000080)={0x3, @default, r12}) r13 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r14 = socket$inet6_tcp(0xa, 0x1, 0x0) r15 = dup(r14) getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r16, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r13, 0x89e1, &(0x7f0000000080)={0x3, @default, r16}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r17) r18 = getgid() getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r19) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r20) getgroups(0x3, &(0x7f0000000140)=[r19, 0xffffffffffffffff, r20]) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r22) r23 = getegid() getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r24) r25 = getgid() getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r26) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r27) setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000180)={{}, {0x1, 0x7}, [{0x2, 0x2, r4}, {0x2, 0x4, r8}, {0x2, 0x1, r12}, {0x2, 0x72f14175b05cfaba, r16}], {0x4, 0x1}, [{0x8, 0x1, r17}, {0x8, 0x2, r18}, {0x8, 0x4, r21}, {0x8, 0x1, r22}, {0x8, 0x4, r23}, {0x8, 0x5, r24}, {0x8, 0x1, r25}, {0x8, 0x2, r26}, {0x8, 0x2, r27}], {0x10, 0x4}, {0x20, 0x2}}, 0x8c, 0x1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="43b13b8e015f8edd5564e432f2e911a7e09d08e00485e5d4538d6bf584090067297bdbbb8a46c0c09fb51fac1f76e64686d2787e2bec3793637c", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 325.075417] alloc_pages_current+0xec/0x1e0 [ 325.079762] __pmd_alloc+0x41/0x410 [ 325.083404] copy_page_range+0x12b7/0x1bd0 [ 325.087658] ? find_held_lock+0x35/0x130 [ 325.091838] ? __pmd_alloc+0x410/0x410 [ 325.095952] ? __vma_link_rb+0x247/0x340 [ 325.100027] copy_process.part.0+0x4764/0x6a00 [ 325.104643] ? __cleanup_sighand+0x50/0x50 [ 325.108889] ? lock_downgrade+0x6e0/0x6e0 [ 325.113050] _do_fork+0x19e/0xce0 [ 325.116514] ? fork_idle+0x280/0x280 [ 325.120242] ? fput+0xd4/0x150 [ 325.123442] ? SyS_write+0x15e/0x230 [ 325.127371] SyS_clone+0x37/0x50 [ 325.130728] ? sys_vfork+0x30/0x30 [ 325.134265] do_syscall_64+0x1e8/0x640 [ 325.138344] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 325.143277] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 325.148501] RIP: 0033:0x4598e9 [ 325.151672] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 325.159536] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 325.166791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 325.174041] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 325.181321] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 325.188575] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 325.216537] x86/PAT: syz-executor.3:12200 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:28 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) sendto$x25(r2, &(0x7f0000000300)="5614927fdc0d2859696ab5c70bf9456216e3b37000dbed6eb18221f7464611930d3937a0c42a72413a9d7a6dcf6152decfad9f5fdd8305b1dc59a5ac0018c7b7794983f8e98de8d4a0292819db9c6ee91ddc44e892222cf1633ec42cdc773ef5d5ce154b0b7fc943ef37eeee166b56042875ed40da86d876b1d8077bd6e27da3eefd806cf5bd46bf0cdcb4f7067d021e8342908d526fdd6973f84061371430553af52be2d19472bd8729e5317fa4169a72068156072d3712d5f9b6c3e2764e0bdf2e6c2e892a2f7af04da05b1f73009c734c4ddf0591a898018a68cc10e3f7537942e38bd4c903975abfc8ac69c5ce5f5c799a682fac2aa73c6b99fa74ca6dbef2ad629b2fae9058b3241364af563edd80f57409a4bfe8cf4d94c068b27925b29a4223023a0470cb96a5aa99d810699b42081ba1ce93a71fcd54fda2e7448cdfef0bc50f4df8922c2d2ee3f7e39086ae6467a116280e4ec0061fbebd8332910c2bbe83f3116c2b4242c7d8932e5529f202da685dffd23ae7fca61ef1e1707d2ba15e6a336095e07416b44e8fabd75a2b707bde636890bfb4f71e7fe593464c28ad215897d07382cc0d88759639ffeb9a70851e50ecc83742b43e6d0c9ae5f3b06c1b1b29581291585e42f249187b71c1858782e61083ca53d7233834d04347c20a8e2e23dbe30b8e60f45b8719c760a9643000986c871c5a4065c62ba4fad3e39030c2892caa4b35ddf70a651a49e535f8b7fd3c0103d4b1f73d1bf5ef5b0fb7b5e80b6072d55892cab611c200ea3a1b04d0e1c86c80ef7827422e4d6d117c8f123d57aa9ccd4768e0d0929e982523c84fcb3cb2306341d908908b8195883eddc3f6e67e235167b72bbce6cab6c894a8efdf2f83cefedbdcc463bf1fd93fe9372b397a2d87711374857713ed53334f4cd941be48b66546bccebc614ea7738ed375f374c7f0506560de20375b8102306904f109eab9fc64e60ad2b5510d77f5c16885d029d0b60b277aa22c8478f1e91b26595bf5b03189423066bec82b951e60bf05f377a35643d7308b1b3eb2d261cb049b1c8093b94d7f86a156929c4a1d9b9e9013d22dde44a383259746cfbb9546e91286c9b763bc212e94bbeddb6954c56465e68667317dc5ff98983b69f0f8830303c711f11b6e5a1d338322a6f73eb35de75bb59270174938efee98123b70d808aca58757c67484d479cb066906e41576b1666c61c0bbf4fd1bf53ad8d465bed338008b3d0c21b54ceb249943db7b2eeb12e269873eca72826efd973043db2b3f47da49c12f91e1c88219fb32df123e589e500c40489273ebb2b445df2e22f33b170a9cd63f116c7f9cddba8d130e5c2888e41b57e43ea6aee365e3a6376af79bd1e3d0fc0a9d08cd98940ef5f61d8b7a918cbb8b90a5a0f77ef56aa086c18edc9d695c08630b3bf5b070af85fefb0fed5d32ecf316855b07fb378f9288e48d21bce0ff9a6521f9e1f132322bc26b0161043cdfdc48bb1b6320ded3694d2bda4ce64bf60a328455e937cd687eb0b202123227a3f5fda9cf4e78ba9ce907a0a3e45e7fc83caeca58afff1b9392e61e0108cb36d131a2fb527cdedfe64f4f3cddcd73ee68703672b3321911e496e88b1aa7df987261969feb6c5dad24847df77fffccdb4fea77b7f1b4b1bc6aa8acd3ee6897f27716099772b15b21b22155a8610a9551816f82229a03763349cd1d0ce5ea21952ded3ef73c286666938322bcfe3b570bb31933c103096d023f238f6e953116ff6b41107e227fe186e8414442f6cc38d94321d14d735c59cd9cdd2f5a3682506559ad6dc4e95b2c0bf2b1b568ff00f748ece857fc902ebc4d450787494c13f2e6b0b5a58c9b9c0e75aa2315de925abcfaec10658beb8122e90a6988aeeadf405eef4d4d09b4e105767f3be07cb69d2eb2ba5c437d2f70a50a56e607a33e33f730ada781524e7e4646ea4e272d08138f95ed34eec32ae737ccbb4fa414a042b3fa5599eefc714cca557ad58e6b8f1e6ef08a8dcff0bc1eef80541cc23155665b826ebf02c0efe1a349cfa61884db9a0e1e493d8a8d6bec7d618bb8056b1e137002b3422b7720b6f8b00c1d32dcdf1deaadd2390ef343284c00aa6ffe51a7101ec193f1e3a5447207043282ffbbaedd0c5fc09ad3f147a598dcb8c854839b941d441a8cb3453825109eaccbff23954d8ced3b99bed9438538e79906bf119088e512a0d127feab7393a0f47c717ee51ef7c2e2ba53ad5a33311c6aa041a15823e778857cb605836a768c8a902a168b87489c66525889fe6452b4fb7e36ef6914d01aa6d0e29f842ba8349cdecb94c4fa13f7ca12c87b333fb07872adba298e0d4f6e7136f009274ac50b36097a7e61878daa04871e43e5a91932d32b87917ec14511e688379e3f34d88c695bbc6615b3e623bf1d8a5a70effc36dbb5c51a8da6d1df4feb39dd0a4acb63b0daf5e2389201d972e9b4dfa939c7dd47f4a94c83beb65c0e68d9fa5fa1d5718528667e5073ec6eac0aa9d559f52e71acdf56ed2345cf8375ca3245a3a2c74bfe0e70b68d30e69eb39dae4e49af595a6bcad7e50db6e2b9db7990fb02aaeccb6abbc2be4de894982bd3922a071876d3c384eb07affb1d6203f338762d3bba195eafe3376d90fd2a9957ca2961dd371369b9eb6099dceca249d41642e42b704466b0e736f0605cbc03fdcd72cd4178ed3c232817a8b6e0c3ad709e641842b45b9c878c4d834b073b7fd6c2db8b4933d075beb7645da1e57df75291d225ea1f996db4a73e2fac74ff6e2a05670fe43f2f7370fffa990de493cb416fd8d8b635e78503e2cd2d1c3cbf143daf63c4411786b254ef9625ec8c577360e5262b738e41b2d560386bf2af41eadd5995184e212a8d4859bbe5abf65a2daecb99b7fc3efd17c5643188316318c100589e3120035204037a8fcafe3399e0df15ce04416065789da6b702f764b5f3e96dd3234fab973a690d69cf6baa278a0f78d69c0e1ca956c23f99e5bb5bdefdd7e47f1cc61873e2b3327fcc8ad418b64d9c024f727be4df69dd80ae25c9283b07ae5ac81c12094b26c177bed672fc8d2afb78e661e26d6aaea20d369f78c37e001ef9984a5e1ffcde28e4706bc48db835dc464601d6be609fd443eca63e4cd050db9037779f1a18a3a41052ffc61ad050c98a92b719dc0e3e05c3f5ac04aea694bca317892fa795402d71da7d8badf60447d7ae8a4d4d902dd3501db29690df91a4cbcf45a6626c3a67def9b00496c9217c98caf1da8b864aae6f6fcccfb578b8083b88b3331ab3dde0f1d85911b304fadd62e8fd83b42cf9e6b222ccd8a58295bebe08cb1fa75a21ea2a76b954721dcde4cc74f9c131bfa1e85dddbbda563233e5d2ccca80c988acaf62dfb43ed1a82f1c8821e31116815269c0b0b22888b5659be5b2a9cde7aeb74eea3790dfa4a1cb02b005b4e87dc50de40f60526f9ed0205503905c34a5f155b6510953027cb6b6774b345263bdcedf1596756e955ee4825e3e237e1540784b006e1fd8498720e692bfbba7bc05caffd99471afbbca189ec297cc0ba555003655ad79d670b11f45f8d5e5cce4cc2f218db1bde2b80a84b8e0d221e25ac20b489130f103308ee37063c9b6efdf13171478968a6eaf72c0cf888b7c0a214efc8544487c535f9af6e790e1f2bd9bb81e96aa0d0e141825f0b45ea2a3008336091c8f0b9eae234b0668bbe932970cd27dba59551c25fa3e507663fc1b96234e79195ccd09d3160805fecc9cce0ac8988fecde379443cdffd100cd4ea82535151afbe233bee34b0967ca339f27120e4584556e51e19b45d38e0f9f26ffb14c23e7d277b37b0b7af9ae49f7f112ad058a6730ef9c0d6431ff539b3693114dc54570015ee12149864cab8085aeb09f62f4a955ccaf93e801848fce415adbceb1072b8c77986ae3ac48f51416a9f8ae780f04a2438c4df199eeb23d3e901f44ece0aa5806fe1c826f713f61ff26d3f7a0bb62e08b7ed72f5000debe009b415509f7b7bb25cb96518880c38a5a1b4395e62f8c01483af48101062fb38ba86a226531f84b08858a9ac20e2a388b0c2cf14e1463dc6cadbe353f02dcab338b2fd8fa790ce499530521bcc45fcc0f2eeef621a9982889cc99d8888ec00d3a555001247b756fddb691a6f6d2faaf62b64b2cd9620e00ae04ff9789ce9e25893b6a46b969666f7fe40a350e63a072db141fc1e20cc4cf2f546e5562ad2d931bc3bc92778d361793ce504c35d92e7023587623634798dac10e944ad23cb1466637577d8611abf83f033f738da350927f470fc34c76150f9bd8ead9827c684a17a7052d546964bbf44cdf4f6e4fa52a8872e28302bac0c0ee7b6cb2e054f39e9f23a5e9381807634eaa5620b770e7707dbc43fd5ad4f7904f967a511ca01e85212727e8ebe765e2afc2106533214b278871754eef945385fcc56843a447c70a0aadee87b3595cf50d5eb0eec322734075e97a0eeb118d857b23c1b5937c93e8588b380f441d2fdd70051ff9737f7650ef2d13ebba4212207deccbaacbe786585106b7cf62e27e9e0b4db323e28f365a0fbbd377183623c0c49c0a04735eda036ff6aa420f5c25219c3828855d67abf92feacd852b067a144f28111e4b07dafcbecc7dac387d437b0e80f2df533906e4e58d4966c30b671a49219f85461bb2f0b87ff95be733488cc217e364d330c55f3c2a550bb8bc9a545701b0114ec1ebdbbd9abfa8c972bc1ea210c5f3fe8bd5784c50c208dde16dd312e29358a5463f29cb598bf40585616e29ba7a269a11b5352e1ad6a0f7f089a96efcb3a954e65e89b7a8b6612e9aec59841847d7b4e4a8c731dea58e42153ae773e48e00eea2e174dbb63f8406a2ccb35011754a365707ee049b211f3fd01f7718658721ffa23302f9594f781cb28e1aa508868eb8f51f12647df705e3c5bfeb4bc983f326be3b6ae53e94cdf1251abc14cabdc7c9d32be9325eeccceca884aeed3611b1141d75e64f7fecf201a07657cbe0ce08f046b63cb20af9570e477ef2800d177badf15f902050d403cf2a7ae6ff5456ade8e78e8d04d740db67ab0278e1316c461200c3e022f9bdcc99efd32d22a84de6ea7d310f3434bd23f0624d7d2d365a972fafd23bb0a3ce491989daadd7515620fbf5d9bf70da1dd76b1a94fd461394fca3035ccddd34472a0a5cab7ef54d4b21f9f910e6fc9a2bb81cee5adbd5f0ca272ba78247ead6c7dda749788991ca054571d6135f301eb49959fd331c49ca6291eb54dd28152b840c06a5b2cf3928caba424bc9bb736ea83f0d70388adf0d4b2bd5800029c05304aa5f3fbacc49fbb8471599feb054604d80de7faa95e0d68051445cbc83756a6e31ea1b86f4b40c2f84318b6e6413626ba63513c0f344978a99ef779e074269d95b3a8de5893f3331f90ae44c6e4cf3c8ed39f3ea3f820a58ca0bc3ebfd84af1a50388dcd9fb109b7caadbdfaf3cbf07ee8d31304235534c699edc479f0dcb1e0f6a133dd5bfe1f16aed13694b8c9fa09915480a424ce76d79d3cade6913e6a36040ab4a657142a78672d686398f7334000e6a4b1027fa65e9ae3e5d5ce80bc43f52bd80dfceb9ae3c8b30020cf98addea5bf141d8b6c2522aa8cb1ffdeb8bc13b91eba6b5cd6c4f0fda3a08a0c43ebcc7cfd904e20cbedd21ea0a0d481642acfd7d9facabca227e5000f7e47310865e247c099262eb1d8fca6e9f60dd96793e55323aa32faa75620b6a84b4bc11f9689ad0109939f5a3b2e2f26648d67be63db8859c32d66fcca26", 0x1000, 0x8000, &(0x7f00000000c0)={0x9, @remote={[], 0x1}}, 0x12) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:28 executing program 2: 02:56:28 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffffff, 0x22) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0xfffffffffffffffe, @empty, 0x9}}, [0xd6, 0x4, 0x37, 0x0, 0xaba1, 0x9, 0x400, 0x60ce363a, 0xe4d5, 0x6, 0x2, 0x3f, 0x9, 0x3e, 0x2]}, &(0x7f0000000240)=0x100) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000280)={r3, 0x4}, &(0x7f00000002c0)=0x8) r4 = accept4$netrom(r0, 0x0, &(0x7f0000000000), 0x0) getsockopt$IP_VS_SO_GET_INFO(r4, 0x0, 0x481, &(0x7f0000000040), &(0x7f00000000c0)=0xc) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) [ 325.225905] x86/PAT: syz-executor.3:12200 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:28 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = dup2(r1, 0xffffffffffffffff) ioctl$VIDIOC_S_PRIORITY(r2, 0x40045644, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r3, &(0x7f0000000000)='net/l2cap\x00') write$P9_RGETLOCK(r1, &(0x7f00000000c0)={0x22, 0x37, 0x1, {0x3, 0x7, 0x7, r3, 0x4, 'em0)'}}, 0x22) r4 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000)) 02:56:28 executing program 3 (fault-call:8 fault-nth:24): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:28 executing program 2: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SIOCX25SCAUSEDIAG(r0, 0x89ec, &(0x7f0000000000)={0x2, 0x7}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") open_by_handle_at(r1, &(0x7f0000000100)={0xee, 0x7, "ad871b97f49c7521a7c8c1ae0e5321acfc282472fe4ae2344268f76a4467781761dcd4704c4f143976dab6107d22ba7d7985faf34b1bad9694e98dcf100be4efcdafb6b13346c7a7de0050e70f931125eab7c3296ff737fe691ff1ec21de00c7fc22e2e00eb33614fc0fbb4392d7b2689f7814a1a6cbb7bc557f443ed859372e7f5213b708ac91c24998c6a015c865d2e4a0052fbf79c5f9785deb11951c07448a770e91727f5ac6fbcb34425cdf89bdb66d8fa70f8184a1b516897a05798081d116d2bc7c6e59182337b8e10cd281a45af14fe7411ac3b7dbe7f82cc6dbd78d9a5b788f808a"}, 0x20c00) ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f00000000c0)={0x0, 0x8de, 0x6, [], &(0x7f0000000040)}) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:28 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) sendto$x25(r2, &(0x7f0000000300)="5614927fdc0d2859696ab5c70bf9456216e3b37000dbed6eb18221f7464611930d3937a0c42a72413a9d7a6dcf6152decfad9f5fdd8305b1dc59a5ac0018c7b7794983f8e98de8d4a0292819db9c6ee91ddc44e892222cf1633ec42cdc773ef5d5ce154b0b7fc943ef37eeee166b56042875ed40da86d876b1d8077bd6e27da3eefd806cf5bd46bf0cdcb4f7067d021e8342908d526fdd6973f84061371430553af52be2d19472bd8729e5317fa4169a72068156072d3712d5f9b6c3e2764e0bdf2e6c2e892a2f7af04da05b1f73009c734c4ddf0591a898018a68cc10e3f7537942e38bd4c903975abfc8ac69c5ce5f5c799a682fac2aa73c6b99fa74ca6dbef2ad629b2fae9058b3241364af563edd80f57409a4bfe8cf4d94c068b27925b29a4223023a0470cb96a5aa99d810699b42081ba1ce93a71fcd54fda2e7448cdfef0bc50f4df8922c2d2ee3f7e39086ae6467a116280e4ec0061fbebd8332910c2bbe83f3116c2b4242c7d8932e5529f202da685dffd23ae7fca61ef1e1707d2ba15e6a336095e07416b44e8fabd75a2b707bde636890bfb4f71e7fe593464c28ad215897d07382cc0d88759639ffeb9a70851e50ecc83742b43e6d0c9ae5f3b06c1b1b29581291585e42f249187b71c1858782e61083ca53d7233834d04347c20a8e2e23dbe30b8e60f45b8719c760a9643000986c871c5a4065c62ba4fad3e39030c2892caa4b35ddf70a651a49e535f8b7fd3c0103d4b1f73d1bf5ef5b0fb7b5e80b6072d55892cab611c200ea3a1b04d0e1c86c80ef7827422e4d6d117c8f123d57aa9ccd4768e0d0929e982523c84fcb3cb2306341d908908b8195883eddc3f6e67e235167b72bbce6cab6c894a8efdf2f83cefedbdcc463bf1fd93fe9372b397a2d87711374857713ed53334f4cd941be48b66546bccebc614ea7738ed375f374c7f0506560de20375b8102306904f109eab9fc64e60ad2b5510d77f5c16885d029d0b60b277aa22c8478f1e91b26595bf5b03189423066bec82b951e60bf05f377a35643d7308b1b3eb2d261cb049b1c8093b94d7f86a156929c4a1d9b9e9013d22dde44a383259746cfbb9546e91286c9b763bc212e94bbeddb6954c56465e68667317dc5ff98983b69f0f8830303c711f11b6e5a1d338322a6f73eb35de75bb59270174938efee98123b70d808aca58757c67484d479cb066906e41576b1666c61c0bbf4fd1bf53ad8d465bed338008b3d0c21b54ceb249943db7b2eeb12e269873eca72826efd973043db2b3f47da49c12f91e1c88219fb32df123e589e500c40489273ebb2b445df2e22f33b170a9cd63f116c7f9cddba8d130e5c2888e41b57e43ea6aee365e3a6376af79bd1e3d0fc0a9d08cd98940ef5f61d8b7a918cbb8b90a5a0f77ef56aa086c18edc9d695c08630b3bf5b070af85fefb0fed5d32ecf316855b07fb378f9288e48d21bce0ff9a6521f9e1f132322bc26b0161043cdfdc48bb1b6320ded3694d2bda4ce64bf60a328455e937cd687eb0b202123227a3f5fda9cf4e78ba9ce907a0a3e45e7fc83caeca58afff1b9392e61e0108cb36d131a2fb527cdedfe64f4f3cddcd73ee68703672b3321911e496e88b1aa7df987261969feb6c5dad24847df77fffccdb4fea77b7f1b4b1bc6aa8acd3ee6897f27716099772b15b21b22155a8610a9551816f82229a03763349cd1d0ce5ea21952ded3ef73c286666938322bcfe3b570bb31933c103096d023f238f6e953116ff6b41107e227fe186e8414442f6cc38d94321d14d735c59cd9cdd2f5a3682506559ad6dc4e95b2c0bf2b1b568ff00f748ece857fc902ebc4d450787494c13f2e6b0b5a58c9b9c0e75aa2315de925abcfaec10658beb8122e90a6988aeeadf405eef4d4d09b4e105767f3be07cb69d2eb2ba5c437d2f70a50a56e607a33e33f730ada781524e7e4646ea4e272d08138f95ed34eec32ae737ccbb4fa414a042b3fa5599eefc714cca557ad58e6b8f1e6ef08a8dcff0bc1eef80541cc23155665b826ebf02c0efe1a349cfa61884db9a0e1e493d8a8d6bec7d618bb8056b1e137002b3422b7720b6f8b00c1d32dcdf1deaadd2390ef343284c00aa6ffe51a7101ec193f1e3a5447207043282ffbbaedd0c5fc09ad3f147a598dcb8c854839b941d441a8cb3453825109eaccbff23954d8ced3b99bed9438538e79906bf119088e512a0d127feab7393a0f47c717ee51ef7c2e2ba53ad5a33311c6aa041a15823e778857cb605836a768c8a902a168b87489c66525889fe6452b4fb7e36ef6914d01aa6d0e29f842ba8349cdecb94c4fa13f7ca12c87b333fb07872adba298e0d4f6e7136f009274ac50b36097a7e61878daa04871e43e5a91932d32b87917ec14511e688379e3f34d88c695bbc6615b3e623bf1d8a5a70effc36dbb5c51a8da6d1df4feb39dd0a4acb63b0daf5e2389201d972e9b4dfa939c7dd47f4a94c83beb65c0e68d9fa5fa1d5718528667e5073ec6eac0aa9d559f52e71acdf56ed2345cf8375ca3245a3a2c74bfe0e70b68d30e69eb39dae4e49af595a6bcad7e50db6e2b9db7990fb02aaeccb6abbc2be4de894982bd3922a071876d3c384eb07affb1d6203f338762d3bba195eafe3376d90fd2a9957ca2961dd371369b9eb6099dceca249d41642e42b704466b0e736f0605cbc03fdcd72cd4178ed3c232817a8b6e0c3ad709e641842b45b9c878c4d834b073b7fd6c2db8b4933d075beb7645da1e57df75291d225ea1f996db4a73e2fac74ff6e2a05670fe43f2f7370fffa990de493cb416fd8d8b635e78503e2cd2d1c3cbf143daf63c4411786b254ef9625ec8c577360e5262b738e41b2d560386bf2af41eadd5995184e212a8d4859bbe5abf65a2daecb99b7fc3efd17c5643188316318c100589e3120035204037a8fcafe3399e0df15ce04416065789da6b702f764b5f3e96dd3234fab973a690d69cf6baa278a0f78d69c0e1ca956c23f99e5bb5bdefdd7e47f1cc61873e2b3327fcc8ad418b64d9c024f727be4df69dd80ae25c9283b07ae5ac81c12094b26c177bed672fc8d2afb78e661e26d6aaea20d369f78c37e001ef9984a5e1ffcde28e4706bc48db835dc464601d6be609fd443eca63e4cd050db9037779f1a18a3a41052ffc61ad050c98a92b719dc0e3e05c3f5ac04aea694bca317892fa795402d71da7d8badf60447d7ae8a4d4d902dd3501db29690df91a4cbcf45a6626c3a67def9b00496c9217c98caf1da8b864aae6f6fcccfb578b8083b88b3331ab3dde0f1d85911b304fadd62e8fd83b42cf9e6b222ccd8a58295bebe08cb1fa75a21ea2a76b954721dcde4cc74f9c131bfa1e85dddbbda563233e5d2ccca80c988acaf62dfb43ed1a82f1c8821e31116815269c0b0b22888b5659be5b2a9cde7aeb74eea3790dfa4a1cb02b005b4e87dc50de40f60526f9ed0205503905c34a5f155b6510953027cb6b6774b345263bdcedf1596756e955ee4825e3e237e1540784b006e1fd8498720e692bfbba7bc05caffd99471afbbca189ec297cc0ba555003655ad79d670b11f45f8d5e5cce4cc2f218db1bde2b80a84b8e0d221e25ac20b489130f103308ee37063c9b6efdf13171478968a6eaf72c0cf888b7c0a214efc8544487c535f9af6e790e1f2bd9bb81e96aa0d0e141825f0b45ea2a3008336091c8f0b9eae234b0668bbe932970cd27dba59551c25fa3e507663fc1b96234e79195ccd09d3160805fecc9cce0ac8988fecde379443cdffd100cd4ea82535151afbe233bee34b0967ca339f27120e4584556e51e19b45d38e0f9f26ffb14c23e7d277b37b0b7af9ae49f7f112ad058a6730ef9c0d6431ff539b3693114dc54570015ee12149864cab8085aeb09f62f4a955ccaf93e801848fce415adbceb1072b8c77986ae3ac48f51416a9f8ae780f04a2438c4df199eeb23d3e901f44ece0aa5806fe1c826f713f61ff26d3f7a0bb62e08b7ed72f5000debe009b415509f7b7bb25cb96518880c38a5a1b4395e62f8c01483af48101062fb38ba86a226531f84b08858a9ac20e2a388b0c2cf14e1463dc6cadbe353f02dcab338b2fd8fa790ce499530521bcc45fcc0f2eeef621a9982889cc99d8888ec00d3a555001247b756fddb691a6f6d2faaf62b64b2cd9620e00ae04ff9789ce9e25893b6a46b969666f7fe40a350e63a072db141fc1e20cc4cf2f546e5562ad2d931bc3bc92778d361793ce504c35d92e7023587623634798dac10e944ad23cb1466637577d8611abf83f033f738da350927f470fc34c76150f9bd8ead9827c684a17a7052d546964bbf44cdf4f6e4fa52a8872e28302bac0c0ee7b6cb2e054f39e9f23a5e9381807634eaa5620b770e7707dbc43fd5ad4f7904f967a511ca01e85212727e8ebe765e2afc2106533214b278871754eef945385fcc56843a447c70a0aadee87b3595cf50d5eb0eec322734075e97a0eeb118d857b23c1b5937c93e8588b380f441d2fdd70051ff9737f7650ef2d13ebba4212207deccbaacbe786585106b7cf62e27e9e0b4db323e28f365a0fbbd377183623c0c49c0a04735eda036ff6aa420f5c25219c3828855d67abf92feacd852b067a144f28111e4b07dafcbecc7dac387d437b0e80f2df533906e4e58d4966c30b671a49219f85461bb2f0b87ff95be733488cc217e364d330c55f3c2a550bb8bc9a545701b0114ec1ebdbbd9abfa8c972bc1ea210c5f3fe8bd5784c50c208dde16dd312e29358a5463f29cb598bf40585616e29ba7a269a11b5352e1ad6a0f7f089a96efcb3a954e65e89b7a8b6612e9aec59841847d7b4e4a8c731dea58e42153ae773e48e00eea2e174dbb63f8406a2ccb35011754a365707ee049b211f3fd01f7718658721ffa23302f9594f781cb28e1aa508868eb8f51f12647df705e3c5bfeb4bc983f326be3b6ae53e94cdf1251abc14cabdc7c9d32be9325eeccceca884aeed3611b1141d75e64f7fecf201a07657cbe0ce08f046b63cb20af9570e477ef2800d177badf15f902050d403cf2a7ae6ff5456ade8e78e8d04d740db67ab0278e1316c461200c3e022f9bdcc99efd32d22a84de6ea7d310f3434bd23f0624d7d2d365a972fafd23bb0a3ce491989daadd7515620fbf5d9bf70da1dd76b1a94fd461394fca3035ccddd34472a0a5cab7ef54d4b21f9f910e6fc9a2bb81cee5adbd5f0ca272ba78247ead6c7dda749788991ca054571d6135f301eb49959fd331c49ca6291eb54dd28152b840c06a5b2cf3928caba424bc9bb736ea83f0d70388adf0d4b2bd5800029c05304aa5f3fbacc49fbb8471599feb054604d80de7faa95e0d68051445cbc83756a6e31ea1b86f4b40c2f84318b6e6413626ba63513c0f344978a99ef779e074269d95b3a8de5893f3331f90ae44c6e4cf3c8ed39f3ea3f820a58ca0bc3ebfd84af1a50388dcd9fb109b7caadbdfaf3cbf07ee8d31304235534c699edc479f0dcb1e0f6a133dd5bfe1f16aed13694b8c9fa09915480a424ce76d79d3cade6913e6a36040ab4a657142a78672d686398f7334000e6a4b1027fa65e9ae3e5d5ce80bc43f52bd80dfceb9ae3c8b30020cf98addea5bf141d8b6c2522aa8cb1ffdeb8bc13b91eba6b5cd6c4f0fda3a08a0c43ebcc7cfd904e20cbedd21ea0a0d481642acfd7d9facabca227e5000f7e47310865e247c099262eb1d8fca6e9f60dd96793e55323aa32faa75620b6a84b4bc11f9689ad0109939f5a3b2e2f26648d67be63db8859c32d66fcca26", 0x1000, 0x8000, &(0x7f00000000c0)={0x9, @remote={[], 0x1}}, 0x12) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:28 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) unlink(&(0x7f0000000000)='./file0\x00') fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}]}, 0x2c, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3) r4 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x100000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r4, 0x404c534a, &(0x7f00000001c0)={0x4, 0x101, 0x100000000}) r5 = dup(r1) read$char_usb(r5, &(0x7f00000000c0)=""/116, 0x74) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fsetxattr$security_selinux(r6, &(0x7f0000000040)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:etc_aliases_t:s0\x00', 0x23, 0x1) 02:56:28 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000080)=0x3) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 02:56:28 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/status\x00', 0x0, 0x0) write$P9_RLOCK(r1, &(0x7f0000000100)={0x8, 0x35, 0x1}, 0x8) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="00000000fc1f3021095d597f72046670823f8f390a77e82a5f1ff425538cdddfb4a32e935934ef0c0fa4af522dc37c842f4790efc39a00ad3074f55b8bc6f6fc10ffb1ae1f421969c01db43b9ae389f6b40a6034612e6681e5f4493b7deffe81eb819ec4ffefad0766d6ddb673542ac8ee52200a212e406a019c449c4f43d63fc9", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f00000002c0)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}) ioctl$int_out(0xffffffffffffffff, 0x2, &(0x7f0000000040)) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) open_by_handle_at(r2, &(0x7f0000000000)={0x2e, 0xc3, "a0d9b6bc05ff939b82b2afa95f523d239c363b3bf28def8119924309d4d4ce2b520cf9013018"}, 0x20000) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="020000000100000000000000040000000000000010000000000000002000000000000000f883580073278d5ba6292e029b4403565a87aabb6e072910f579385f215ffbfd0fbf730979bbae51ac89fc07143aefdb82764565a17f8c590b91a8311540be9b325e57b1538ae85a1c7051602259c6116b"], 0x24, 0x1) [ 325.446923] x86/PAT: syz-executor.3:12244 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:28 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) sendto$x25(r2, &(0x7f0000000300)="5614927fdc0d2859696ab5c70bf9456216e3b37000dbed6eb18221f7464611930d3937a0c42a72413a9d7a6dcf6152decfad9f5fdd8305b1dc59a5ac0018c7b7794983f8e98de8d4a0292819db9c6ee91ddc44e892222cf1633ec42cdc773ef5d5ce154b0b7fc943ef37eeee166b56042875ed40da86d876b1d8077bd6e27da3eefd806cf5bd46bf0cdcb4f7067d021e8342908d526fdd6973f84061371430553af52be2d19472bd8729e5317fa4169a72068156072d3712d5f9b6c3e2764e0bdf2e6c2e892a2f7af04da05b1f73009c734c4ddf0591a898018a68cc10e3f7537942e38bd4c903975abfc8ac69c5ce5f5c799a682fac2aa73c6b99fa74ca6dbef2ad629b2fae9058b3241364af563edd80f57409a4bfe8cf4d94c068b27925b29a4223023a0470cb96a5aa99d810699b42081ba1ce93a71fcd54fda2e7448cdfef0bc50f4df8922c2d2ee3f7e39086ae6467a116280e4ec0061fbebd8332910c2bbe83f3116c2b4242c7d8932e5529f202da685dffd23ae7fca61ef1e1707d2ba15e6a336095e07416b44e8fabd75a2b707bde636890bfb4f71e7fe593464c28ad215897d07382cc0d88759639ffeb9a70851e50ecc83742b43e6d0c9ae5f3b06c1b1b29581291585e42f249187b71c1858782e61083ca53d7233834d04347c20a8e2e23dbe30b8e60f45b8719c760a9643000986c871c5a4065c62ba4fad3e39030c2892caa4b35ddf70a651a49e535f8b7fd3c0103d4b1f73d1bf5ef5b0fb7b5e80b6072d55892cab611c200ea3a1b04d0e1c86c80ef7827422e4d6d117c8f123d57aa9ccd4768e0d0929e982523c84fcb3cb2306341d908908b8195883eddc3f6e67e235167b72bbce6cab6c894a8efdf2f83cefedbdcc463bf1fd93fe9372b397a2d87711374857713ed53334f4cd941be48b66546bccebc614ea7738ed375f374c7f0506560de20375b8102306904f109eab9fc64e60ad2b5510d77f5c16885d029d0b60b277aa22c8478f1e91b26595bf5b03189423066bec82b951e60bf05f377a35643d7308b1b3eb2d261cb049b1c8093b94d7f86a156929c4a1d9b9e9013d22dde44a383259746cfbb9546e91286c9b763bc212e94bbeddb6954c56465e68667317dc5ff98983b69f0f8830303c711f11b6e5a1d338322a6f73eb35de75bb59270174938efee98123b70d808aca58757c67484d479cb066906e41576b1666c61c0bbf4fd1bf53ad8d465bed338008b3d0c21b54ceb249943db7b2eeb12e269873eca72826efd973043db2b3f47da49c12f91e1c88219fb32df123e589e500c40489273ebb2b445df2e22f33b170a9cd63f116c7f9cddba8d130e5c2888e41b57e43ea6aee365e3a6376af79bd1e3d0fc0a9d08cd98940ef5f61d8b7a918cbb8b90a5a0f77ef56aa086c18edc9d695c08630b3bf5b070af85fefb0fed5d32ecf316855b07fb378f9288e48d21bce0ff9a6521f9e1f132322bc26b0161043cdfdc48bb1b6320ded3694d2bda4ce64bf60a328455e937cd687eb0b202123227a3f5fda9cf4e78ba9ce907a0a3e45e7fc83caeca58afff1b9392e61e0108cb36d131a2fb527cdedfe64f4f3cddcd73ee68703672b3321911e496e88b1aa7df987261969feb6c5dad24847df77fffccdb4fea77b7f1b4b1bc6aa8acd3ee6897f27716099772b15b21b22155a8610a9551816f82229a03763349cd1d0ce5ea21952ded3ef73c286666938322bcfe3b570bb31933c103096d023f238f6e953116ff6b41107e227fe186e8414442f6cc38d94321d14d735c59cd9cdd2f5a3682506559ad6dc4e95b2c0bf2b1b568ff00f748ece857fc902ebc4d450787494c13f2e6b0b5a58c9b9c0e75aa2315de925abcfaec10658beb8122e90a6988aeeadf405eef4d4d09b4e105767f3be07cb69d2eb2ba5c437d2f70a50a56e607a33e33f730ada781524e7e4646ea4e272d08138f95ed34eec32ae737ccbb4fa414a042b3fa5599eefc714cca557ad58e6b8f1e6ef08a8dcff0bc1eef80541cc23155665b826ebf02c0efe1a349cfa61884db9a0e1e493d8a8d6bec7d618bb8056b1e137002b3422b7720b6f8b00c1d32dcdf1deaadd2390ef343284c00aa6ffe51a7101ec193f1e3a5447207043282ffbbaedd0c5fc09ad3f147a598dcb8c854839b941d441a8cb3453825109eaccbff23954d8ced3b99bed9438538e79906bf119088e512a0d127feab7393a0f47c717ee51ef7c2e2ba53ad5a33311c6aa041a15823e778857cb605836a768c8a902a168b87489c66525889fe6452b4fb7e36ef6914d01aa6d0e29f842ba8349cdecb94c4fa13f7ca12c87b333fb07872adba298e0d4f6e7136f009274ac50b36097a7e61878daa04871e43e5a91932d32b87917ec14511e688379e3f34d88c695bbc6615b3e623bf1d8a5a70effc36dbb5c51a8da6d1df4feb39dd0a4acb63b0daf5e2389201d972e9b4dfa939c7dd47f4a94c83beb65c0e68d9fa5fa1d5718528667e5073ec6eac0aa9d559f52e71acdf56ed2345cf8375ca3245a3a2c74bfe0e70b68d30e69eb39dae4e49af595a6bcad7e50db6e2b9db7990fb02aaeccb6abbc2be4de894982bd3922a071876d3c384eb07affb1d6203f338762d3bba195eafe3376d90fd2a9957ca2961dd371369b9eb6099dceca249d41642e42b704466b0e736f0605cbc03fdcd72cd4178ed3c232817a8b6e0c3ad709e641842b45b9c878c4d834b073b7fd6c2db8b4933d075beb7645da1e57df75291d225ea1f996db4a73e2fac74ff6e2a05670fe43f2f7370fffa990de493cb416fd8d8b635e78503e2cd2d1c3cbf143daf63c4411786b254ef9625ec8c577360e5262b738e41b2d560386bf2af41eadd5995184e212a8d4859bbe5abf65a2daecb99b7fc3efd17c5643188316318c100589e3120035204037a8fcafe3399e0df15ce04416065789da6b702f764b5f3e96dd3234fab973a690d69cf6baa278a0f78d69c0e1ca956c23f99e5bb5bdefdd7e47f1cc61873e2b3327fcc8ad418b64d9c024f727be4df69dd80ae25c9283b07ae5ac81c12094b26c177bed672fc8d2afb78e661e26d6aaea20d369f78c37e001ef9984a5e1ffcde28e4706bc48db835dc464601d6be609fd443eca63e4cd050db9037779f1a18a3a41052ffc61ad050c98a92b719dc0e3e05c3f5ac04aea694bca317892fa795402d71da7d8badf60447d7ae8a4d4d902dd3501db29690df91a4cbcf45a6626c3a67def9b00496c9217c98caf1da8b864aae6f6fcccfb578b8083b88b3331ab3dde0f1d85911b304fadd62e8fd83b42cf9e6b222ccd8a58295bebe08cb1fa75a21ea2a76b954721dcde4cc74f9c131bfa1e85dddbbda563233e5d2ccca80c988acaf62dfb43ed1a82f1c8821e31116815269c0b0b22888b5659be5b2a9cde7aeb74eea3790dfa4a1cb02b005b4e87dc50de40f60526f9ed0205503905c34a5f155b6510953027cb6b6774b345263bdcedf1596756e955ee4825e3e237e1540784b006e1fd8498720e692bfbba7bc05caffd99471afbbca189ec297cc0ba555003655ad79d670b11f45f8d5e5cce4cc2f218db1bde2b80a84b8e0d221e25ac20b489130f103308ee37063c9b6efdf13171478968a6eaf72c0cf888b7c0a214efc8544487c535f9af6e790e1f2bd9bb81e96aa0d0e141825f0b45ea2a3008336091c8f0b9eae234b0668bbe932970cd27dba59551c25fa3e507663fc1b96234e79195ccd09d3160805fecc9cce0ac8988fecde379443cdffd100cd4ea82535151afbe233bee34b0967ca339f27120e4584556e51e19b45d38e0f9f26ffb14c23e7d277b37b0b7af9ae49f7f112ad058a6730ef9c0d6431ff539b3693114dc54570015ee12149864cab8085aeb09f62f4a955ccaf93e801848fce415adbceb1072b8c77986ae3ac48f51416a9f8ae780f04a2438c4df199eeb23d3e901f44ece0aa5806fe1c826f713f61ff26d3f7a0bb62e08b7ed72f5000debe009b415509f7b7bb25cb96518880c38a5a1b4395e62f8c01483af48101062fb38ba86a226531f84b08858a9ac20e2a388b0c2cf14e1463dc6cadbe353f02dcab338b2fd8fa790ce499530521bcc45fcc0f2eeef621a9982889cc99d8888ec00d3a555001247b756fddb691a6f6d2faaf62b64b2cd9620e00ae04ff9789ce9e25893b6a46b969666f7fe40a350e63a072db141fc1e20cc4cf2f546e5562ad2d931bc3bc92778d361793ce504c35d92e7023587623634798dac10e944ad23cb1466637577d8611abf83f033f738da350927f470fc34c76150f9bd8ead9827c684a17a7052d546964bbf44cdf4f6e4fa52a8872e28302bac0c0ee7b6cb2e054f39e9f23a5e9381807634eaa5620b770e7707dbc43fd5ad4f7904f967a511ca01e85212727e8ebe765e2afc2106533214b278871754eef945385fcc56843a447c70a0aadee87b3595cf50d5eb0eec322734075e97a0eeb118d857b23c1b5937c93e8588b380f441d2fdd70051ff9737f7650ef2d13ebba4212207deccbaacbe786585106b7cf62e27e9e0b4db323e28f365a0fbbd377183623c0c49c0a04735eda036ff6aa420f5c25219c3828855d67abf92feacd852b067a144f28111e4b07dafcbecc7dac387d437b0e80f2df533906e4e58d4966c30b671a49219f85461bb2f0b87ff95be733488cc217e364d330c55f3c2a550bb8bc9a545701b0114ec1ebdbbd9abfa8c972bc1ea210c5f3fe8bd5784c50c208dde16dd312e29358a5463f29cb598bf40585616e29ba7a269a11b5352e1ad6a0f7f089a96efcb3a954e65e89b7a8b6612e9aec59841847d7b4e4a8c731dea58e42153ae773e48e00eea2e174dbb63f8406a2ccb35011754a365707ee049b211f3fd01f7718658721ffa23302f9594f781cb28e1aa508868eb8f51f12647df705e3c5bfeb4bc983f326be3b6ae53e94cdf1251abc14cabdc7c9d32be9325eeccceca884aeed3611b1141d75e64f7fecf201a07657cbe0ce08f046b63cb20af9570e477ef2800d177badf15f902050d403cf2a7ae6ff5456ade8e78e8d04d740db67ab0278e1316c461200c3e022f9bdcc99efd32d22a84de6ea7d310f3434bd23f0624d7d2d365a972fafd23bb0a3ce491989daadd7515620fbf5d9bf70da1dd76b1a94fd461394fca3035ccddd34472a0a5cab7ef54d4b21f9f910e6fc9a2bb81cee5adbd5f0ca272ba78247ead6c7dda749788991ca054571d6135f301eb49959fd331c49ca6291eb54dd28152b840c06a5b2cf3928caba424bc9bb736ea83f0d70388adf0d4b2bd5800029c05304aa5f3fbacc49fbb8471599feb054604d80de7faa95e0d68051445cbc83756a6e31ea1b86f4b40c2f84318b6e6413626ba63513c0f344978a99ef779e074269d95b3a8de5893f3331f90ae44c6e4cf3c8ed39f3ea3f820a58ca0bc3ebfd84af1a50388dcd9fb109b7caadbdfaf3cbf07ee8d31304235534c699edc479f0dcb1e0f6a133dd5bfe1f16aed13694b8c9fa09915480a424ce76d79d3cade6913e6a36040ab4a657142a78672d686398f7334000e6a4b1027fa65e9ae3e5d5ce80bc43f52bd80dfceb9ae3c8b30020cf98addea5bf141d8b6c2522aa8cb1ffdeb8bc13b91eba6b5cd6c4f0fda3a08a0c43ebcc7cfd904e20cbedd21ea0a0d481642acfd7d9facabca227e5000f7e47310865e247c099262eb1d8fca6e9f60dd96793e55323aa32faa75620b6a84b4bc11f9689ad0109939f5a3b2e2f26648d67be63db8859c32d66fcca26", 0x1000, 0x8000, &(0x7f00000000c0)={0x9, @remote={[], 0x1}}, 0x12) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:28 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e20, @loopback}, @in={0x2, 0x4e21, @loopback}, @in={0x2, 0x4e26, @rand_addr=0xffffffff}], 0x1e) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [], {0x10, 0x2}}, 0xffffffffffffff14, 0x3) ioctl$KDADDIO(r0, 0x4b34, 0x7) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000280)={0x40000, 0x4, 0x7e, 0x2}, 0x10) [ 325.515177] FAULT_INJECTION: forcing a failure. [ 325.515177] name failslab, interval 1, probability 0, space 0, times 0 [ 325.579558] audit: type=1400 audit(1568429788.973:65): avc: denied { relabelto } for pid=12249 comm="syz-executor.1" name="UDP-Lite" dev="sockfs" ino=45582 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_aliases_t:s0 tclass=rawip_socket permissive=1 [ 325.590765] CPU: 0 PID: 12244 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 325.612379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.621738] Call Trace: [ 325.624336] dump_stack+0x138/0x197 [ 325.627979] should_fail.cold+0x10f/0x159 [ 325.632147] should_failslab+0xdb/0x130 [ 325.636131] kmem_cache_alloc+0x2d7/0x780 [ 325.640288] ? alloc_pages_current+0xf4/0x1e0 [ 325.644797] __pmd_alloc+0xbd/0x410 [ 325.648424] copy_page_range+0x12b7/0x1bd0 [ 325.652646] ? find_held_lock+0x35/0x130 [ 325.656867] ? __pmd_alloc+0x410/0x410 [ 325.660846] ? __vma_link_rb+0x247/0x340 [ 325.664910] copy_process.part.0+0x4764/0x6a00 [ 325.669579] ? __cleanup_sighand+0x50/0x50 [ 325.673814] ? lock_downgrade+0x6e0/0x6e0 [ 325.677959] _do_fork+0x19e/0xce0 [ 325.681404] ? fork_idle+0x280/0x280 [ 325.685116] ? fput+0xd4/0x150 [ 325.688307] ? SyS_write+0x15e/0x230 [ 325.692023] SyS_clone+0x37/0x50 [ 325.695373] ? sys_vfork+0x30/0x30 [ 325.698917] do_syscall_64+0x1e8/0x640 [ 325.702972] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 325.707803] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 325.713012] RIP: 0033:0x4598e9 [ 325.716183] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:29 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) sendto$x25(r2, &(0x7f0000000300)="5614927fdc0d2859696ab5c70bf9456216e3b37000dbed6eb18221f7464611930d3937a0c42a72413a9d7a6dcf6152decfad9f5fdd8305b1dc59a5ac0018c7b7794983f8e98de8d4a0292819db9c6ee91ddc44e892222cf1633ec42cdc773ef5d5ce154b0b7fc943ef37eeee166b56042875ed40da86d876b1d8077bd6e27da3eefd806cf5bd46bf0cdcb4f7067d021e8342908d526fdd6973f84061371430553af52be2d19472bd8729e5317fa4169a72068156072d3712d5f9b6c3e2764e0bdf2e6c2e892a2f7af04da05b1f73009c734c4ddf0591a898018a68cc10e3f7537942e38bd4c903975abfc8ac69c5ce5f5c799a682fac2aa73c6b99fa74ca6dbef2ad629b2fae9058b3241364af563edd80f57409a4bfe8cf4d94c068b27925b29a4223023a0470cb96a5aa99d810699b42081ba1ce93a71fcd54fda2e7448cdfef0bc50f4df8922c2d2ee3f7e39086ae6467a116280e4ec0061fbebd8332910c2bbe83f3116c2b4242c7d8932e5529f202da685dffd23ae7fca61ef1e1707d2ba15e6a336095e07416b44e8fabd75a2b707bde636890bfb4f71e7fe593464c28ad215897d07382cc0d88759639ffeb9a70851e50ecc83742b43e6d0c9ae5f3b06c1b1b29581291585e42f249187b71c1858782e61083ca53d7233834d04347c20a8e2e23dbe30b8e60f45b8719c760a9643000986c871c5a4065c62ba4fad3e39030c2892caa4b35ddf70a651a49e535f8b7fd3c0103d4b1f73d1bf5ef5b0fb7b5e80b6072d55892cab611c200ea3a1b04d0e1c86c80ef7827422e4d6d117c8f123d57aa9ccd4768e0d0929e982523c84fcb3cb2306341d908908b8195883eddc3f6e67e235167b72bbce6cab6c894a8efdf2f83cefedbdcc463bf1fd93fe9372b397a2d87711374857713ed53334f4cd941be48b66546bccebc614ea7738ed375f374c7f0506560de20375b8102306904f109eab9fc64e60ad2b5510d77f5c16885d029d0b60b277aa22c8478f1e91b26595bf5b03189423066bec82b951e60bf05f377a35643d7308b1b3eb2d261cb049b1c8093b94d7f86a156929c4a1d9b9e9013d22dde44a383259746cfbb9546e91286c9b763bc212e94bbeddb6954c56465e68667317dc5ff98983b69f0f8830303c711f11b6e5a1d338322a6f73eb35de75bb59270174938efee98123b70d808aca58757c67484d479cb066906e41576b1666c61c0bbf4fd1bf53ad8d465bed338008b3d0c21b54ceb249943db7b2eeb12e269873eca72826efd973043db2b3f47da49c12f91e1c88219fb32df123e589e500c40489273ebb2b445df2e22f33b170a9cd63f116c7f9cddba8d130e5c2888e41b57e43ea6aee365e3a6376af79bd1e3d0fc0a9d08cd98940ef5f61d8b7a918cbb8b90a5a0f77ef56aa086c18edc9d695c08630b3bf5b070af85fefb0fed5d32ecf316855b07fb378f9288e48d21bce0ff9a6521f9e1f132322bc26b0161043cdfdc48bb1b6320ded3694d2bda4ce64bf60a328455e937cd687eb0b202123227a3f5fda9cf4e78ba9ce907a0a3e45e7fc83caeca58afff1b9392e61e0108cb36d131a2fb527cdedfe64f4f3cddcd73ee68703672b3321911e496e88b1aa7df987261969feb6c5dad24847df77fffccdb4fea77b7f1b4b1bc6aa8acd3ee6897f27716099772b15b21b22155a8610a9551816f82229a03763349cd1d0ce5ea21952ded3ef73c286666938322bcfe3b570bb31933c103096d023f238f6e953116ff6b41107e227fe186e8414442f6cc38d94321d14d735c59cd9cdd2f5a3682506559ad6dc4e95b2c0bf2b1b568ff00f748ece857fc902ebc4d450787494c13f2e6b0b5a58c9b9c0e75aa2315de925abcfaec10658beb8122e90a6988aeeadf405eef4d4d09b4e105767f3be07cb69d2eb2ba5c437d2f70a50a56e607a33e33f730ada781524e7e4646ea4e272d08138f95ed34eec32ae737ccbb4fa414a042b3fa5599eefc714cca557ad58e6b8f1e6ef08a8dcff0bc1eef80541cc23155665b826ebf02c0efe1a349cfa61884db9a0e1e493d8a8d6bec7d618bb8056b1e137002b3422b7720b6f8b00c1d32dcdf1deaadd2390ef343284c00aa6ffe51a7101ec193f1e3a5447207043282ffbbaedd0c5fc09ad3f147a598dcb8c854839b941d441a8cb3453825109eaccbff23954d8ced3b99bed9438538e79906bf119088e512a0d127feab7393a0f47c717ee51ef7c2e2ba53ad5a33311c6aa041a15823e778857cb605836a768c8a902a168b87489c66525889fe6452b4fb7e36ef6914d01aa6d0e29f842ba8349cdecb94c4fa13f7ca12c87b333fb07872adba298e0d4f6e7136f009274ac50b36097a7e61878daa04871e43e5a91932d32b87917ec14511e688379e3f34d88c695bbc6615b3e623bf1d8a5a70effc36dbb5c51a8da6d1df4feb39dd0a4acb63b0daf5e2389201d972e9b4dfa939c7dd47f4a94c83beb65c0e68d9fa5fa1d5718528667e5073ec6eac0aa9d559f52e71acdf56ed2345cf8375ca3245a3a2c74bfe0e70b68d30e69eb39dae4e49af595a6bcad7e50db6e2b9db7990fb02aaeccb6abbc2be4de894982bd3922a071876d3c384eb07affb1d6203f338762d3bba195eafe3376d90fd2a9957ca2961dd371369b9eb6099dceca249d41642e42b704466b0e736f0605cbc03fdcd72cd4178ed3c232817a8b6e0c3ad709e641842b45b9c878c4d834b073b7fd6c2db8b4933d075beb7645da1e57df75291d225ea1f996db4a73e2fac74ff6e2a05670fe43f2f7370fffa990de493cb416fd8d8b635e78503e2cd2d1c3cbf143daf63c4411786b254ef9625ec8c577360e5262b738e41b2d560386bf2af41eadd5995184e212a8d4859bbe5abf65a2daecb99b7fc3efd17c5643188316318c100589e3120035204037a8fcafe3399e0df15ce04416065789da6b702f764b5f3e96dd3234fab973a690d69cf6baa278a0f78d69c0e1ca956c23f99e5bb5bdefdd7e47f1cc61873e2b3327fcc8ad418b64d9c024f727be4df69dd80ae25c9283b07ae5ac81c12094b26c177bed672fc8d2afb78e661e26d6aaea20d369f78c37e001ef9984a5e1ffcde28e4706bc48db835dc464601d6be609fd443eca63e4cd050db9037779f1a18a3a41052ffc61ad050c98a92b719dc0e3e05c3f5ac04aea694bca317892fa795402d71da7d8badf60447d7ae8a4d4d902dd3501db29690df91a4cbcf45a6626c3a67def9b00496c9217c98caf1da8b864aae6f6fcccfb578b8083b88b3331ab3dde0f1d85911b304fadd62e8fd83b42cf9e6b222ccd8a58295bebe08cb1fa75a21ea2a76b954721dcde4cc74f9c131bfa1e85dddbbda563233e5d2ccca80c988acaf62dfb43ed1a82f1c8821e31116815269c0b0b22888b5659be5b2a9cde7aeb74eea3790dfa4a1cb02b005b4e87dc50de40f60526f9ed0205503905c34a5f155b6510953027cb6b6774b345263bdcedf1596756e955ee4825e3e237e1540784b006e1fd8498720e692bfbba7bc05caffd99471afbbca189ec297cc0ba555003655ad79d670b11f45f8d5e5cce4cc2f218db1bde2b80a84b8e0d221e25ac20b489130f103308ee37063c9b6efdf13171478968a6eaf72c0cf888b7c0a214efc8544487c535f9af6e790e1f2bd9bb81e96aa0d0e141825f0b45ea2a3008336091c8f0b9eae234b0668bbe932970cd27dba59551c25fa3e507663fc1b96234e79195ccd09d3160805fecc9cce0ac8988fecde379443cdffd100cd4ea82535151afbe233bee34b0967ca339f27120e4584556e51e19b45d38e0f9f26ffb14c23e7d277b37b0b7af9ae49f7f112ad058a6730ef9c0d6431ff539b3693114dc54570015ee12149864cab8085aeb09f62f4a955ccaf93e801848fce415adbceb1072b8c77986ae3ac48f51416a9f8ae780f04a2438c4df199eeb23d3e901f44ece0aa5806fe1c826f713f61ff26d3f7a0bb62e08b7ed72f5000debe009b415509f7b7bb25cb96518880c38a5a1b4395e62f8c01483af48101062fb38ba86a226531f84b08858a9ac20e2a388b0c2cf14e1463dc6cadbe353f02dcab338b2fd8fa790ce499530521bcc45fcc0f2eeef621a9982889cc99d8888ec00d3a555001247b756fddb691a6f6d2faaf62b64b2cd9620e00ae04ff9789ce9e25893b6a46b969666f7fe40a350e63a072db141fc1e20cc4cf2f546e5562ad2d931bc3bc92778d361793ce504c35d92e7023587623634798dac10e944ad23cb1466637577d8611abf83f033f738da350927f470fc34c76150f9bd8ead9827c684a17a7052d546964bbf44cdf4f6e4fa52a8872e28302bac0c0ee7b6cb2e054f39e9f23a5e9381807634eaa5620b770e7707dbc43fd5ad4f7904f967a511ca01e85212727e8ebe765e2afc2106533214b278871754eef945385fcc56843a447c70a0aadee87b3595cf50d5eb0eec322734075e97a0eeb118d857b23c1b5937c93e8588b380f441d2fdd70051ff9737f7650ef2d13ebba4212207deccbaacbe786585106b7cf62e27e9e0b4db323e28f365a0fbbd377183623c0c49c0a04735eda036ff6aa420f5c25219c3828855d67abf92feacd852b067a144f28111e4b07dafcbecc7dac387d437b0e80f2df533906e4e58d4966c30b671a49219f85461bb2f0b87ff95be733488cc217e364d330c55f3c2a550bb8bc9a545701b0114ec1ebdbbd9abfa8c972bc1ea210c5f3fe8bd5784c50c208dde16dd312e29358a5463f29cb598bf40585616e29ba7a269a11b5352e1ad6a0f7f089a96efcb3a954e65e89b7a8b6612e9aec59841847d7b4e4a8c731dea58e42153ae773e48e00eea2e174dbb63f8406a2ccb35011754a365707ee049b211f3fd01f7718658721ffa23302f9594f781cb28e1aa508868eb8f51f12647df705e3c5bfeb4bc983f326be3b6ae53e94cdf1251abc14cabdc7c9d32be9325eeccceca884aeed3611b1141d75e64f7fecf201a07657cbe0ce08f046b63cb20af9570e477ef2800d177badf15f902050d403cf2a7ae6ff5456ade8e78e8d04d740db67ab0278e1316c461200c3e022f9bdcc99efd32d22a84de6ea7d310f3434bd23f0624d7d2d365a972fafd23bb0a3ce491989daadd7515620fbf5d9bf70da1dd76b1a94fd461394fca3035ccddd34472a0a5cab7ef54d4b21f9f910e6fc9a2bb81cee5adbd5f0ca272ba78247ead6c7dda749788991ca054571d6135f301eb49959fd331c49ca6291eb54dd28152b840c06a5b2cf3928caba424bc9bb736ea83f0d70388adf0d4b2bd5800029c05304aa5f3fbacc49fbb8471599feb054604d80de7faa95e0d68051445cbc83756a6e31ea1b86f4b40c2f84318b6e6413626ba63513c0f344978a99ef779e074269d95b3a8de5893f3331f90ae44c6e4cf3c8ed39f3ea3f820a58ca0bc3ebfd84af1a50388dcd9fb109b7caadbdfaf3cbf07ee8d31304235534c699edc479f0dcb1e0f6a133dd5bfe1f16aed13694b8c9fa09915480a424ce76d79d3cade6913e6a36040ab4a657142a78672d686398f7334000e6a4b1027fa65e9ae3e5d5ce80bc43f52bd80dfceb9ae3c8b30020cf98addea5bf141d8b6c2522aa8cb1ffdeb8bc13b91eba6b5cd6c4f0fda3a08a0c43ebcc7cfd904e20cbedd21ea0a0d481642acfd7d9facabca227e5000f7e47310865e247c099262eb1d8fca6e9f60dd96793e55323aa32faa75620b6a84b4bc11f9689ad0109939f5a3b2e2f26648d67be63db8859c32d66fcca26", 0x1000, 0x8000, &(0x7f00000000c0)={0x9, @remote={[], 0x1}}, 0x12) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 325.723878] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 325.731141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 325.738416] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 325.746195] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 325.753452] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 325.770395] x86/PAT: syz-executor.3:12244 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:29 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fsetxattr$security_evm(r0, &(0x7f0000000080)='security.evm\x00', &(0x7f00000000c0)=@v2={0x5, 0x3, 0xb, 0x31, 0xb5, "aecdcce2cf28ae3059a4af7b57ac0ea15a31f22bb1afc6ed9a4ec519c439671ecae2efe419f47ed592f29577f5c2ea68797a15f7b66233db16995b6e18990ac5f23dd8aa4f56511d4a543eb391ac8951a47462853a2ac8e1c674f2f6f2111f4020a83e9b54558591f4cf05de6dbcc6294318e9c5e9db09f15c2954d97a36a3f3dedb220505c4b2d8e1939832a93820c17be4f66723bbfb3214bf81b30160e22b8916ba831f0516cc2f341dddbd7edf5a2b726331e7"}, 0xbf, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) [ 325.779369] x86/PAT: syz-executor.3:12244 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:29 executing program 3 (fault-call:8 fault-nth:25): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:29 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e) getgid() fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{0x2, 0x2}]}, 0x2c, 0x2) 02:56:29 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 325.813723] audit: type=1400 audit(1568429789.213:66): avc: denied { setopt } for pid=12259 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 02:56:29 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) ioctl$DRM_IOCTL_CONTROL(0xffffffffffffffff, 0x40086414, &(0x7f0000000000)) 02:56:29 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) write$binfmt_script(r0, &(0x7f0000000300)={'#! ', './file0', [{0x20, 'fou\x00'}, {0x20, '$%mime_type'}, {0x20, '}'}, {0x20, '}wlan1}'}, {}], 0xa, "9bd12f09acde002e931716d8fa91db09d90b384d2e63c0ff129326fe71f774faef4247e562687ebabbea4f908cfc6558e6374a2ab3aeb677fdda83fad690dd2c"}, 0x67) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0xfffffcc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00') sendmsg$FOU_CMD_DEL(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x80, r4, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e22}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @broadcast}, @FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e20}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast2}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @mcast2}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, [], 0x16}}]}, 0x80}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:29 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) sendto$x25(r2, &(0x7f0000000300)="5614927fdc0d2859696ab5c70bf9456216e3b37000dbed6eb18221f7464611930d3937a0c42a72413a9d7a6dcf6152decfad9f5fdd8305b1dc59a5ac0018c7b7794983f8e98de8d4a0292819db9c6ee91ddc44e892222cf1633ec42cdc773ef5d5ce154b0b7fc943ef37eeee166b56042875ed40da86d876b1d8077bd6e27da3eefd806cf5bd46bf0cdcb4f7067d021e8342908d526fdd6973f84061371430553af52be2d19472bd8729e5317fa4169a72068156072d3712d5f9b6c3e2764e0bdf2e6c2e892a2f7af04da05b1f73009c734c4ddf0591a898018a68cc10e3f7537942e38bd4c903975abfc8ac69c5ce5f5c799a682fac2aa73c6b99fa74ca6dbef2ad629b2fae9058b3241364af563edd80f57409a4bfe8cf4d94c068b27925b29a4223023a0470cb96a5aa99d810699b42081ba1ce93a71fcd54fda2e7448cdfef0bc50f4df8922c2d2ee3f7e39086ae6467a116280e4ec0061fbebd8332910c2bbe83f3116c2b4242c7d8932e5529f202da685dffd23ae7fca61ef1e1707d2ba15e6a336095e07416b44e8fabd75a2b707bde636890bfb4f71e7fe593464c28ad215897d07382cc0d88759639ffeb9a70851e50ecc83742b43e6d0c9ae5f3b06c1b1b29581291585e42f249187b71c1858782e61083ca53d7233834d04347c20a8e2e23dbe30b8e60f45b8719c760a9643000986c871c5a4065c62ba4fad3e39030c2892caa4b35ddf70a651a49e535f8b7fd3c0103d4b1f73d1bf5ef5b0fb7b5e80b6072d55892cab611c200ea3a1b04d0e1c86c80ef7827422e4d6d117c8f123d57aa9ccd4768e0d0929e982523c84fcb3cb2306341d908908b8195883eddc3f6e67e235167b72bbce6cab6c894a8efdf2f83cefedbdcc463bf1fd93fe9372b397a2d87711374857713ed53334f4cd941be48b66546bccebc614ea7738ed375f374c7f0506560de20375b8102306904f109eab9fc64e60ad2b5510d77f5c16885d029d0b60b277aa22c8478f1e91b26595bf5b03189423066bec82b951e60bf05f377a35643d7308b1b3eb2d261cb049b1c8093b94d7f86a156929c4a1d9b9e9013d22dde44a383259746cfbb9546e91286c9b763bc212e94bbeddb6954c56465e68667317dc5ff98983b69f0f8830303c711f11b6e5a1d338322a6f73eb35de75bb59270174938efee98123b70d808aca58757c67484d479cb066906e41576b1666c61c0bbf4fd1bf53ad8d465bed338008b3d0c21b54ceb249943db7b2eeb12e269873eca72826efd973043db2b3f47da49c12f91e1c88219fb32df123e589e500c40489273ebb2b445df2e22f33b170a9cd63f116c7f9cddba8d130e5c2888e41b57e43ea6aee365e3a6376af79bd1e3d0fc0a9d08cd98940ef5f61d8b7a918cbb8b90a5a0f77ef56aa086c18edc9d695c08630b3bf5b070af85fefb0fed5d32ecf316855b07fb378f9288e48d21bce0ff9a6521f9e1f132322bc26b0161043cdfdc48bb1b6320ded3694d2bda4ce64bf60a328455e937cd687eb0b202123227a3f5fda9cf4e78ba9ce907a0a3e45e7fc83caeca58afff1b9392e61e0108cb36d131a2fb527cdedfe64f4f3cddcd73ee68703672b3321911e496e88b1aa7df987261969feb6c5dad24847df77fffccdb4fea77b7f1b4b1bc6aa8acd3ee6897f27716099772b15b21b22155a8610a9551816f82229a03763349cd1d0ce5ea21952ded3ef73c286666938322bcfe3b570bb31933c103096d023f238f6e953116ff6b41107e227fe186e8414442f6cc38d94321d14d735c59cd9cdd2f5a3682506559ad6dc4e95b2c0bf2b1b568ff00f748ece857fc902ebc4d450787494c13f2e6b0b5a58c9b9c0e75aa2315de925abcfaec10658beb8122e90a6988aeeadf405eef4d4d09b4e105767f3be07cb69d2eb2ba5c437d2f70a50a56e607a33e33f730ada781524e7e4646ea4e272d08138f95ed34eec32ae737ccbb4fa414a042b3fa5599eefc714cca557ad58e6b8f1e6ef08a8dcff0bc1eef80541cc23155665b826ebf02c0efe1a349cfa61884db9a0e1e493d8a8d6bec7d618bb8056b1e137002b3422b7720b6f8b00c1d32dcdf1deaadd2390ef343284c00aa6ffe51a7101ec193f1e3a5447207043282ffbbaedd0c5fc09ad3f147a598dcb8c854839b941d441a8cb3453825109eaccbff23954d8ced3b99bed9438538e79906bf119088e512a0d127feab7393a0f47c717ee51ef7c2e2ba53ad5a33311c6aa041a15823e778857cb605836a768c8a902a168b87489c66525889fe6452b4fb7e36ef6914d01aa6d0e29f842ba8349cdecb94c4fa13f7ca12c87b333fb07872adba298e0d4f6e7136f009274ac50b36097a7e61878daa04871e43e5a91932d32b87917ec14511e688379e3f34d88c695bbc6615b3e623bf1d8a5a70effc36dbb5c51a8da6d1df4feb39dd0a4acb63b0daf5e2389201d972e9b4dfa939c7dd47f4a94c83beb65c0e68d9fa5fa1d5718528667e5073ec6eac0aa9d559f52e71acdf56ed2345cf8375ca3245a3a2c74bfe0e70b68d30e69eb39dae4e49af595a6bcad7e50db6e2b9db7990fb02aaeccb6abbc2be4de894982bd3922a071876d3c384eb07affb1d6203f338762d3bba195eafe3376d90fd2a9957ca2961dd371369b9eb6099dceca249d41642e42b704466b0e736f0605cbc03fdcd72cd4178ed3c232817a8b6e0c3ad709e641842b45b9c878c4d834b073b7fd6c2db8b4933d075beb7645da1e57df75291d225ea1f996db4a73e2fac74ff6e2a05670fe43f2f7370fffa990de493cb416fd8d8b635e78503e2cd2d1c3cbf143daf63c4411786b254ef9625ec8c577360e5262b738e41b2d560386bf2af41eadd5995184e212a8d4859bbe5abf65a2daecb99b7fc3efd17c5643188316318c100589e3120035204037a8fcafe3399e0df15ce04416065789da6b702f764b5f3e96dd3234fab973a690d69cf6baa278a0f78d69c0e1ca956c23f99e5bb5bdefdd7e47f1cc61873e2b3327fcc8ad418b64d9c024f727be4df69dd80ae25c9283b07ae5ac81c12094b26c177bed672fc8d2afb78e661e26d6aaea20d369f78c37e001ef9984a5e1ffcde28e4706bc48db835dc464601d6be609fd443eca63e4cd050db9037779f1a18a3a41052ffc61ad050c98a92b719dc0e3e05c3f5ac04aea694bca317892fa795402d71da7d8badf60447d7ae8a4d4d902dd3501db29690df91a4cbcf45a6626c3a67def9b00496c9217c98caf1da8b864aae6f6fcccfb578b8083b88b3331ab3dde0f1d85911b304fadd62e8fd83b42cf9e6b222ccd8a58295bebe08cb1fa75a21ea2a76b954721dcde4cc74f9c131bfa1e85dddbbda563233e5d2ccca80c988acaf62dfb43ed1a82f1c8821e31116815269c0b0b22888b5659be5b2a9cde7aeb74eea3790dfa4a1cb02b005b4e87dc50de40f60526f9ed0205503905c34a5f155b6510953027cb6b6774b345263bdcedf1596756e955ee4825e3e237e1540784b006e1fd8498720e692bfbba7bc05caffd99471afbbca189ec297cc0ba555003655ad79d670b11f45f8d5e5cce4cc2f218db1bde2b80a84b8e0d221e25ac20b489130f103308ee37063c9b6efdf13171478968a6eaf72c0cf888b7c0a214efc8544487c535f9af6e790e1f2bd9bb81e96aa0d0e141825f0b45ea2a3008336091c8f0b9eae234b0668bbe932970cd27dba59551c25fa3e507663fc1b96234e79195ccd09d3160805fecc9cce0ac8988fecde379443cdffd100cd4ea82535151afbe233bee34b0967ca339f27120e4584556e51e19b45d38e0f9f26ffb14c23e7d277b37b0b7af9ae49f7f112ad058a6730ef9c0d6431ff539b3693114dc54570015ee12149864cab8085aeb09f62f4a955ccaf93e801848fce415adbceb1072b8c77986ae3ac48f51416a9f8ae780f04a2438c4df199eeb23d3e901f44ece0aa5806fe1c826f713f61ff26d3f7a0bb62e08b7ed72f5000debe009b415509f7b7bb25cb96518880c38a5a1b4395e62f8c01483af48101062fb38ba86a226531f84b08858a9ac20e2a388b0c2cf14e1463dc6cadbe353f02dcab338b2fd8fa790ce499530521bcc45fcc0f2eeef621a9982889cc99d8888ec00d3a555001247b756fddb691a6f6d2faaf62b64b2cd9620e00ae04ff9789ce9e25893b6a46b969666f7fe40a350e63a072db141fc1e20cc4cf2f546e5562ad2d931bc3bc92778d361793ce504c35d92e7023587623634798dac10e944ad23cb1466637577d8611abf83f033f738da350927f470fc34c76150f9bd8ead9827c684a17a7052d546964bbf44cdf4f6e4fa52a8872e28302bac0c0ee7b6cb2e054f39e9f23a5e9381807634eaa5620b770e7707dbc43fd5ad4f7904f967a511ca01e85212727e8ebe765e2afc2106533214b278871754eef945385fcc56843a447c70a0aadee87b3595cf50d5eb0eec322734075e97a0eeb118d857b23c1b5937c93e8588b380f441d2fdd70051ff9737f7650ef2d13ebba4212207deccbaacbe786585106b7cf62e27e9e0b4db323e28f365a0fbbd377183623c0c49c0a04735eda036ff6aa420f5c25219c3828855d67abf92feacd852b067a144f28111e4b07dafcbecc7dac387d437b0e80f2df533906e4e58d4966c30b671a49219f85461bb2f0b87ff95be733488cc217e364d330c55f3c2a550bb8bc9a545701b0114ec1ebdbbd9abfa8c972bc1ea210c5f3fe8bd5784c50c208dde16dd312e29358a5463f29cb598bf40585616e29ba7a269a11b5352e1ad6a0f7f089a96efcb3a954e65e89b7a8b6612e9aec59841847d7b4e4a8c731dea58e42153ae773e48e00eea2e174dbb63f8406a2ccb35011754a365707ee049b211f3fd01f7718658721ffa23302f9594f781cb28e1aa508868eb8f51f12647df705e3c5bfeb4bc983f326be3b6ae53e94cdf1251abc14cabdc7c9d32be9325eeccceca884aeed3611b1141d75e64f7fecf201a07657cbe0ce08f046b63cb20af9570e477ef2800d177badf15f902050d403cf2a7ae6ff5456ade8e78e8d04d740db67ab0278e1316c461200c3e022f9bdcc99efd32d22a84de6ea7d310f3434bd23f0624d7d2d365a972fafd23bb0a3ce491989daadd7515620fbf5d9bf70da1dd76b1a94fd461394fca3035ccddd34472a0a5cab7ef54d4b21f9f910e6fc9a2bb81cee5adbd5f0ca272ba78247ead6c7dda749788991ca054571d6135f301eb49959fd331c49ca6291eb54dd28152b840c06a5b2cf3928caba424bc9bb736ea83f0d70388adf0d4b2bd5800029c05304aa5f3fbacc49fbb8471599feb054604d80de7faa95e0d68051445cbc83756a6e31ea1b86f4b40c2f84318b6e6413626ba63513c0f344978a99ef779e074269d95b3a8de5893f3331f90ae44c6e4cf3c8ed39f3ea3f820a58ca0bc3ebfd84af1a50388dcd9fb109b7caadbdfaf3cbf07ee8d31304235534c699edc479f0dcb1e0f6a133dd5bfe1f16aed13694b8c9fa09915480a424ce76d79d3cade6913e6a36040ab4a657142a78672d686398f7334000e6a4b1027fa65e9ae3e5d5ce80bc43f52bd80dfceb9ae3c8b30020cf98addea5bf141d8b6c2522aa8cb1ffdeb8bc13b91eba6b5cd6c4f0fda3a08a0c43ebcc7cfd904e20cbedd21ea0a0d481642acfd7d9facabca227e5000f7e47310865e247c099262eb1d8fca6e9f60dd96793e55323aa32faa75620b6a84b4bc11f9689ad0109939f5a3b2e2f26648d67be63db8859c32d66fcca26", 0x1000, 0x8000, &(0x7f00000000c0)={0x9, @remote={[], 0x1}}, 0x12) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:29 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x0, 0x20000) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:29 executing program 2: kexec_load(0x82, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:29 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 325.997390] x86/PAT: syz-executor.3:12290 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 326.012658] FAULT_INJECTION: forcing a failure. [ 326.012658] name failslab, interval 1, probability 0, space 0, times 0 02:56:29 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) sendto$x25(r2, &(0x7f0000000300)="5614927fdc0d2859696ab5c70bf9456216e3b37000dbed6eb18221f7464611930d3937a0c42a72413a9d7a6dcf6152decfad9f5fdd8305b1dc59a5ac0018c7b7794983f8e98de8d4a0292819db9c6ee91ddc44e892222cf1633ec42cdc773ef5d5ce154b0b7fc943ef37eeee166b56042875ed40da86d876b1d8077bd6e27da3eefd806cf5bd46bf0cdcb4f7067d021e8342908d526fdd6973f84061371430553af52be2d19472bd8729e5317fa4169a72068156072d3712d5f9b6c3e2764e0bdf2e6c2e892a2f7af04da05b1f73009c734c4ddf0591a898018a68cc10e3f7537942e38bd4c903975abfc8ac69c5ce5f5c799a682fac2aa73c6b99fa74ca6dbef2ad629b2fae9058b3241364af563edd80f57409a4bfe8cf4d94c068b27925b29a4223023a0470cb96a5aa99d810699b42081ba1ce93a71fcd54fda2e7448cdfef0bc50f4df8922c2d2ee3f7e39086ae6467a116280e4ec0061fbebd8332910c2bbe83f3116c2b4242c7d8932e5529f202da685dffd23ae7fca61ef1e1707d2ba15e6a336095e07416b44e8fabd75a2b707bde636890bfb4f71e7fe593464c28ad215897d07382cc0d88759639ffeb9a70851e50ecc83742b43e6d0c9ae5f3b06c1b1b29581291585e42f249187b71c1858782e61083ca53d7233834d04347c20a8e2e23dbe30b8e60f45b8719c760a9643000986c871c5a4065c62ba4fad3e39030c2892caa4b35ddf70a651a49e535f8b7fd3c0103d4b1f73d1bf5ef5b0fb7b5e80b6072d55892cab611c200ea3a1b04d0e1c86c80ef7827422e4d6d117c8f123d57aa9ccd4768e0d0929e982523c84fcb3cb2306341d908908b8195883eddc3f6e67e235167b72bbce6cab6c894a8efdf2f83cefedbdcc463bf1fd93fe9372b397a2d87711374857713ed53334f4cd941be48b66546bccebc614ea7738ed375f374c7f0506560de20375b8102306904f109eab9fc64e60ad2b5510d77f5c16885d029d0b60b277aa22c8478f1e91b26595bf5b03189423066bec82b951e60bf05f377a35643d7308b1b3eb2d261cb049b1c8093b94d7f86a156929c4a1d9b9e9013d22dde44a383259746cfbb9546e91286c9b763bc212e94bbeddb6954c56465e68667317dc5ff98983b69f0f8830303c711f11b6e5a1d338322a6f73eb35de75bb59270174938efee98123b70d808aca58757c67484d479cb066906e41576b1666c61c0bbf4fd1bf53ad8d465bed338008b3d0c21b54ceb249943db7b2eeb12e269873eca72826efd973043db2b3f47da49c12f91e1c88219fb32df123e589e500c40489273ebb2b445df2e22f33b170a9cd63f116c7f9cddba8d130e5c2888e41b57e43ea6aee365e3a6376af79bd1e3d0fc0a9d08cd98940ef5f61d8b7a918cbb8b90a5a0f77ef56aa086c18edc9d695c08630b3bf5b070af85fefb0fed5d32ecf316855b07fb378f9288e48d21bce0ff9a6521f9e1f132322bc26b0161043cdfdc48bb1b6320ded3694d2bda4ce64bf60a328455e937cd687eb0b202123227a3f5fda9cf4e78ba9ce907a0a3e45e7fc83caeca58afff1b9392e61e0108cb36d131a2fb527cdedfe64f4f3cddcd73ee68703672b3321911e496e88b1aa7df987261969feb6c5dad24847df77fffccdb4fea77b7f1b4b1bc6aa8acd3ee6897f27716099772b15b21b22155a8610a9551816f82229a03763349cd1d0ce5ea21952ded3ef73c286666938322bcfe3b570bb31933c103096d023f238f6e953116ff6b41107e227fe186e8414442f6cc38d94321d14d735c59cd9cdd2f5a3682506559ad6dc4e95b2c0bf2b1b568ff00f748ece857fc902ebc4d450787494c13f2e6b0b5a58c9b9c0e75aa2315de925abcfaec10658beb8122e90a6988aeeadf405eef4d4d09b4e105767f3be07cb69d2eb2ba5c437d2f70a50a56e607a33e33f730ada781524e7e4646ea4e272d08138f95ed34eec32ae737ccbb4fa414a042b3fa5599eefc714cca557ad58e6b8f1e6ef08a8dcff0bc1eef80541cc23155665b826ebf02c0efe1a349cfa61884db9a0e1e493d8a8d6bec7d618bb8056b1e137002b3422b7720b6f8b00c1d32dcdf1deaadd2390ef343284c00aa6ffe51a7101ec193f1e3a5447207043282ffbbaedd0c5fc09ad3f147a598dcb8c854839b941d441a8cb3453825109eaccbff23954d8ced3b99bed9438538e79906bf119088e512a0d127feab7393a0f47c717ee51ef7c2e2ba53ad5a33311c6aa041a15823e778857cb605836a768c8a902a168b87489c66525889fe6452b4fb7e36ef6914d01aa6d0e29f842ba8349cdecb94c4fa13f7ca12c87b333fb07872adba298e0d4f6e7136f009274ac50b36097a7e61878daa04871e43e5a91932d32b87917ec14511e688379e3f34d88c695bbc6615b3e623bf1d8a5a70effc36dbb5c51a8da6d1df4feb39dd0a4acb63b0daf5e2389201d972e9b4dfa939c7dd47f4a94c83beb65c0e68d9fa5fa1d5718528667e5073ec6eac0aa9d559f52e71acdf56ed2345cf8375ca3245a3a2c74bfe0e70b68d30e69eb39dae4e49af595a6bcad7e50db6e2b9db7990fb02aaeccb6abbc2be4de894982bd3922a071876d3c384eb07affb1d6203f338762d3bba195eafe3376d90fd2a9957ca2961dd371369b9eb6099dceca249d41642e42b704466b0e736f0605cbc03fdcd72cd4178ed3c232817a8b6e0c3ad709e641842b45b9c878c4d834b073b7fd6c2db8b4933d075beb7645da1e57df75291d225ea1f996db4a73e2fac74ff6e2a05670fe43f2f7370fffa990de493cb416fd8d8b635e78503e2cd2d1c3cbf143daf63c4411786b254ef9625ec8c577360e5262b738e41b2d560386bf2af41eadd5995184e212a8d4859bbe5abf65a2daecb99b7fc3efd17c5643188316318c100589e3120035204037a8fcafe3399e0df15ce04416065789da6b702f764b5f3e96dd3234fab973a690d69cf6baa278a0f78d69c0e1ca956c23f99e5bb5bdefdd7e47f1cc61873e2b3327fcc8ad418b64d9c024f727be4df69dd80ae25c9283b07ae5ac81c12094b26c177bed672fc8d2afb78e661e26d6aaea20d369f78c37e001ef9984a5e1ffcde28e4706bc48db835dc464601d6be609fd443eca63e4cd050db9037779f1a18a3a41052ffc61ad050c98a92b719dc0e3e05c3f5ac04aea694bca317892fa795402d71da7d8badf60447d7ae8a4d4d902dd3501db29690df91a4cbcf45a6626c3a67def9b00496c9217c98caf1da8b864aae6f6fcccfb578b8083b88b3331ab3dde0f1d85911b304fadd62e8fd83b42cf9e6b222ccd8a58295bebe08cb1fa75a21ea2a76b954721dcde4cc74f9c131bfa1e85dddbbda563233e5d2ccca80c988acaf62dfb43ed1a82f1c8821e31116815269c0b0b22888b5659be5b2a9cde7aeb74eea3790dfa4a1cb02b005b4e87dc50de40f60526f9ed0205503905c34a5f155b6510953027cb6b6774b345263bdcedf1596756e955ee4825e3e237e1540784b006e1fd8498720e692bfbba7bc05caffd99471afbbca189ec297cc0ba555003655ad79d670b11f45f8d5e5cce4cc2f218db1bde2b80a84b8e0d221e25ac20b489130f103308ee37063c9b6efdf13171478968a6eaf72c0cf888b7c0a214efc8544487c535f9af6e790e1f2bd9bb81e96aa0d0e141825f0b45ea2a3008336091c8f0b9eae234b0668bbe932970cd27dba59551c25fa3e507663fc1b96234e79195ccd09d3160805fecc9cce0ac8988fecde379443cdffd100cd4ea82535151afbe233bee34b0967ca339f27120e4584556e51e19b45d38e0f9f26ffb14c23e7d277b37b0b7af9ae49f7f112ad058a6730ef9c0d6431ff539b3693114dc54570015ee12149864cab8085aeb09f62f4a955ccaf93e801848fce415adbceb1072b8c77986ae3ac48f51416a9f8ae780f04a2438c4df199eeb23d3e901f44ece0aa5806fe1c826f713f61ff26d3f7a0bb62e08b7ed72f5000debe009b415509f7b7bb25cb96518880c38a5a1b4395e62f8c01483af48101062fb38ba86a226531f84b08858a9ac20e2a388b0c2cf14e1463dc6cadbe353f02dcab338b2fd8fa790ce499530521bcc45fcc0f2eeef621a9982889cc99d8888ec00d3a555001247b756fddb691a6f6d2faaf62b64b2cd9620e00ae04ff9789ce9e25893b6a46b969666f7fe40a350e63a072db141fc1e20cc4cf2f546e5562ad2d931bc3bc92778d361793ce504c35d92e7023587623634798dac10e944ad23cb1466637577d8611abf83f033f738da350927f470fc34c76150f9bd8ead9827c684a17a7052d546964bbf44cdf4f6e4fa52a8872e28302bac0c0ee7b6cb2e054f39e9f23a5e9381807634eaa5620b770e7707dbc43fd5ad4f7904f967a511ca01e85212727e8ebe765e2afc2106533214b278871754eef945385fcc56843a447c70a0aadee87b3595cf50d5eb0eec322734075e97a0eeb118d857b23c1b5937c93e8588b380f441d2fdd70051ff9737f7650ef2d13ebba4212207deccbaacbe786585106b7cf62e27e9e0b4db323e28f365a0fbbd377183623c0c49c0a04735eda036ff6aa420f5c25219c3828855d67abf92feacd852b067a144f28111e4b07dafcbecc7dac387d437b0e80f2df533906e4e58d4966c30b671a49219f85461bb2f0b87ff95be733488cc217e364d330c55f3c2a550bb8bc9a545701b0114ec1ebdbbd9abfa8c972bc1ea210c5f3fe8bd5784c50c208dde16dd312e29358a5463f29cb598bf40585616e29ba7a269a11b5352e1ad6a0f7f089a96efcb3a954e65e89b7a8b6612e9aec59841847d7b4e4a8c731dea58e42153ae773e48e00eea2e174dbb63f8406a2ccb35011754a365707ee049b211f3fd01f7718658721ffa23302f9594f781cb28e1aa508868eb8f51f12647df705e3c5bfeb4bc983f326be3b6ae53e94cdf1251abc14cabdc7c9d32be9325eeccceca884aeed3611b1141d75e64f7fecf201a07657cbe0ce08f046b63cb20af9570e477ef2800d177badf15f902050d403cf2a7ae6ff5456ade8e78e8d04d740db67ab0278e1316c461200c3e022f9bdcc99efd32d22a84de6ea7d310f3434bd23f0624d7d2d365a972fafd23bb0a3ce491989daadd7515620fbf5d9bf70da1dd76b1a94fd461394fca3035ccddd34472a0a5cab7ef54d4b21f9f910e6fc9a2bb81cee5adbd5f0ca272ba78247ead6c7dda749788991ca054571d6135f301eb49959fd331c49ca6291eb54dd28152b840c06a5b2cf3928caba424bc9bb736ea83f0d70388adf0d4b2bd5800029c05304aa5f3fbacc49fbb8471599feb054604d80de7faa95e0d68051445cbc83756a6e31ea1b86f4b40c2f84318b6e6413626ba63513c0f344978a99ef779e074269d95b3a8de5893f3331f90ae44c6e4cf3c8ed39f3ea3f820a58ca0bc3ebfd84af1a50388dcd9fb109b7caadbdfaf3cbf07ee8d31304235534c699edc479f0dcb1e0f6a133dd5bfe1f16aed13694b8c9fa09915480a424ce76d79d3cade6913e6a36040ab4a657142a78672d686398f7334000e6a4b1027fa65e9ae3e5d5ce80bc43f52bd80dfceb9ae3c8b30020cf98addea5bf141d8b6c2522aa8cb1ffdeb8bc13b91eba6b5cd6c4f0fda3a08a0c43ebcc7cfd904e20cbedd21ea0a0d481642acfd7d9facabca227e5000f7e47310865e247c099262eb1d8fca6e9f60dd96793e55323aa32faa75620b6a84b4bc11f9689ad0109939f5a3b2e2f26648d67be63db8859c32d66fcca26", 0x1000, 0x8000, &(0x7f00000000c0)={0x9, @remote={[], 0x1}}, 0x12) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:29 executing program 5: syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x3, 0x400) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 326.084927] CPU: 0 PID: 12290 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 326.091984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 326.101448] Call Trace: [ 326.104046] dump_stack+0x138/0x197 [ 326.107691] should_fail.cold+0x10f/0x159 [ 326.111853] should_failslab+0xdb/0x130 [ 326.115843] kmem_cache_alloc+0x2d7/0x780 [ 326.120002] ? alloc_pages_current+0xf4/0x1e0 [ 326.124494] __pmd_alloc+0xbd/0x410 [ 326.128307] copy_page_range+0x12b7/0x1bd0 [ 326.132533] ? find_held_lock+0x35/0x130 [ 326.136602] ? __pmd_alloc+0x410/0x410 [ 326.140550] ? __vma_link_rb+0x247/0x340 [ 326.144613] copy_process.part.0+0x4764/0x6a00 [ 326.149257] ? __cleanup_sighand+0x50/0x50 [ 326.153582] ? lock_downgrade+0x6e0/0x6e0 [ 326.157716] _do_fork+0x19e/0xce0 [ 326.161321] ? fork_idle+0x280/0x280 [ 326.165228] ? fput+0xd4/0x150 [ 326.168422] ? SyS_write+0x15e/0x230 [ 326.172478] SyS_clone+0x37/0x50 [ 326.175833] ? sys_vfork+0x30/0x30 [ 326.179363] do_syscall_64+0x1e8/0x640 [ 326.183245] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.188076] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 326.193260] RIP: 0033:0x4598e9 [ 326.196433] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 326.204126] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 326.211551] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 326.218807] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 326.226154] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 02:56:29 executing program 2: ioctl$SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f00000000c0)) add_key(&(0x7f0000000000)='blacklist\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="cd27d44b9f3d97b75c85bfdc9e5dfb1daaaad4ddd2a3762e6051db80c736ff9df0b7d59f9085d7acac70a71d643d2c818e906a8a", 0x34, 0xffffffffffffffff) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/hwrng\x00', 0x230002, 0x0) ioctl$NBD_DO_IT(r1, 0xab03) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1000276149be22c5d6d7419f8cb80000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = dup(r0) ioctl$sock_ifreq(r2, 0x8937, &(0x7f0000001640)={'veth1_to_hsr\x00', @ifru_flags=0x1000}) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x200000, 0x0) sendmsg$tipc(r3, &(0x7f0000001540)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x1, {0x40, 0x0, 0x3}}, 0x10, &(0x7f00000013c0)=[{&(0x7f0000000180)="731a6dfd0e9be83b32041c3f2556085fef3113dd668716442c7bd00b18a80f0d3fd15a8bc654c8f928fe517dd0feab36e8046e0ab5dff1e0b387f7483d584320b024da6d7e148db68a665c265bf440daa6b5c79bfbd0b5097c2b85fde395eb8488c15b11307d1593639aecd91cfd8e1b8215a185f0e54f806467870ea5d77c2b69518803578cfa", 0x87}, {&(0x7f0000000240)="47c0cf710b931705b7f1b1be0e32df134b066e3c32dc7e1d627ca8e450acd0eaa5a056ae9d633682b30d7dfaf17098e2c451e0058977da04df38fd0dcda4eae8f65bd33971bb5cf7e1f29ab52bfe72edaf657637f02a0d369eedf5dc6486b619f8891ad2dc41a7df7d1b7923b683121c5b6f18fa47ec14b3dc0725c65d66526d72e9ac4442f4da90185fc9eafd59c053090c2666cd49e91c7a220b7055f176a1062cf78ae0af605ef22f42603145", 0xae}, {&(0x7f0000000300)="4d8819b7431a5a44e0f3c8fd829afef2d1749c4a5825ec70c526f6153cf3903728decee575", 0x25}, {&(0x7f0000000340)="1aacaa5230371e458778f46535052ae0c778b4af81970daaa9579a6f236cd020788ec1f31f248939250364c2b9b00af856cdf83706a4282328534160ee9bac51ad1769a1dd09835005c44a4877e9fb8e414d1cdecf611b1c1df2382938e3bd4711895a3e21ef7fb1fac06fb8ab1a62e718b4c2a71329f8f1bb9577a4", 0x7c}, {&(0x7f00000003c0)="11b27e64855fcc9ac2fb04b3cea88793f67b8b52d7813160edd55cbd490aa1f9bbfee2af225373c9f1fa009dd1f399845afa6c63f3def5e2d8fc06ca440850c49b437a0a7da7d00ff372c82dce7a61b50d4257e0f5c626edd8051acf1ed775c2195d155734392a219a8cd8ace307667895eb9bac96598b957886a7b324bd7292ea7f600e32474110d05c7fe62ed5a7b8a6e3a2c3ee7fac08295e2f8802a5075fb6a71b41aed880e88b7aa702d15828dbdbd65880a2a7a61cd1777d478473dd8a77776a5baec26c014f7f1c931c07a362474c7ecc731e098f80339ab0ced138450cbfbe63b0416a4df4391b8153ac4d844238f7d8daa289768d57d23d9b22fda3653fa4afe6a1c270b9c12da00abc9f7267c3708d96657317a03137368f4dc5e9109e5fdcfea86bd7014484fa217f8d540639f9d320ba36381bd1ff8a15abf779bc58083907dec7ec3eab367786a1ff31b735f9a509ef947f7469a9b958dbb0ffa2031fbb67acdf1e77f2d7f611c5b7f3de9280ccdb46558590b3862098f8bb437fbbb2f813e8c7fe7e25cae9a7ff4d8af2b3695e68f29b4a1df6c34d3017f222dab153f7b46520b23421e80f386303f98ff8084c87f771a63614945f46ebb26cbbce9f55023ca599ed4614c79fa9604e509d6e8098a153a42a2d4d0209c1cf207df4f7d0fdaa3c4f16f92700e5d3fb180c85746ee4474f14f74cd38aa4c07d6efdd0f9ebf7ff2bc39c91bb94f64b2cf5f93337dcb58acae5990c028d8ea568f01f7e2c126aa0e8c31d647b80ae7949532b5dbb3dac60c388f4f37dae32043dd5668f9437f50f3ae733db41b835300ddf91701baf4c31d7b8a8d323db11401711e4359a7f05d689567a791d7861e06fa67b2e55f63c980dcdf4d4b02100b3bf73f1c042a2204e10477f90515713327c163eeb1ea6d709cba0fa85f00ff2f7c4e8ce6cbee70538028ebde52392c791cdff64329148bdda53f8b84ef107e7ae261d57a54f3c86b1190c320fc07866ac634858577b35af8dd21e1f94f93885123c4aceb0aca1c7d9b22301a9147bd7b07a75031fb7e64fa9b266ad468229a5ed33b2c027c622466530db8f9e4ea4e3cc9b584555519b929e1bfc3a19d83f07d3d6a46d648fe59f228c1964b59f1f943208b03d9d4b9f30742f69f7b7144a51e6be5513e9c06b7f16adb7c11075d05a80887f0d5e676ed97e86c73f0519dcda32d3721f361f01510ea2907ad5742d97b1b27ed454c230e478ee2a87b2b0adc527ca7f44da0a549ea76f0e1278ced1a08d08c5acea94625d56872c197e1b66020bab386e462426859ff5094c31fd76b0f2297b1ec711c8d699b877f8669f7c6e77916f0284edf8f59df9caeb8f4402cd9ea104b0d8712b83dc36aabfb82f597021f0e3040b4f8f1e778b5143e97ea138d39d2efe370f14936324cf19c4f74593c9d2552757166c4b705be7879556ba8ca9e6c3aac8744d19b80b67f023fe949095395626e4ab53d8373709434ee178e968222642dbe42787f2c6b746b2b8a8e1645385a4346e484a6dc345621eb7fa1e4dfecbdb8758a5b3cf2ba504959b1990d7ee8650064a5f6e04412259fa990f280728cda65613d58c1bf43b9c7d6303d3ffa1d2fd01672dd1cd3c0b8e02325e260e7af5dc0018b7b4613064028f2701d5dd636f5441228972983eba075b37509610ea3ca989f671575c589ddd6f0c0eb6c7030eb0b846169e60ef32f016de005cdd1d0c9e587a2a91026bee9e9bb145b68c1293c4f27b91799323b53a100f428bec372ecf23b12798e91786d633f87199fcbc6b9abc1f144d96f1e1b53d57bed661c93787b99fd4469e691336799c3d68b2c63e68fa04fafe33c43d76b09c6441f4de91ada2195be1aa56579d3d87668a26b2f0d7ee7cac003a15c7605b2e8f595cda57a45c1abef1fdd4708be5485ce851ffbef2a1a99f0ae4abbb44533a7ee62b3034dca1a2dcfd89017c3c323aa1e2ffab9532353cb2f8183458f13c9cf836dcafdf7049a198a2003633c2a34d8444e5648edf9d6c98ce6219f174786081815e5d70cdbcaffb08f85f7dbf213711826a830973c98b477ff9ecd273529da3c06946d76273e92b8f8c8b76e5a1c3a427265c62e7a9ad19d100117d676d6d52d3be51bf7e5955d8e700c03d345677124e3625a674f44937c68df363b8d3aaa863c278da32ac84f6ad060dea4854b9c53668d0ccbb75b19572406955a37b7b6adc0ab67616d92587d735dd83f6a50a0c8631d8e29cfd3137d26cfb99401cdec0392754b028e603100f250a2f8c58a0c2592bb102aebbc8662e4de45c06e1a0d505cf14aa8767efc357164b9bdf42e8ca141f82561887f57b14359345ca1daa23090526ed71165dc4a4bfcf7b0ba9e47d5d89615414df91eb05664699527a9e6bd143b03f1537421f67fa071d870f91f15970e4ae77181b1e004a1ab97858306018ab382960879f17627335884fd65571a3623c44d9caa0baf8cb971a7917ffeab2a21c3963ff60627a0265140d8e6e422f362da600a0e3c77025bac8986ba60d233873cf306b65a1931e2bd1d3c4e2607066d0289379c323579d39fe00275516a254756f25369f4297dd2f07f154c032f6ee9d7b69916b9f1bfbeb189406e895f8be60a7064e24c921e9f3d2cd398d77bcf593ef6d47fa51a60106bf6ce3167623236339bb4d900f0498611bd5a31f0887cc0d7da48b62eef61b54c14c7ba629bff2b130f832e2d6266a8c308252843449bcf5fedbedc25efeba8730d639393ed937e006b02f9d83e8dad7d27e9ad687bdd102a3e1bed64d0413b54c70c18d781d89a4c04f1af419a702c657ebb2fa1360c4406a5f9d39973097cc26c4eccf8b4d5341ac8d7a6242bb2ffe5abec79b44cf1730fbd6cf972ec594f3da8c6e10f0a18da6fb63b09cebbfd0a379e9d07d2978a642e798bbb2e59b7ff19e237168a2cab73e339c7da552afe2141e9fc3cb7d3cfeb65c18d24f7143a95b96755ea694f047ad1cd5bf6a539fdb38206e0b1836cc1e64d59c4f85ea57144daba678e2f03a34d0c69cf13da857b4eb4f1425a94cdff4ef1eae6ce302506ded0496510dfb133e422457c9133923d39f4a6756872d5b97d54e2d2a6ab4432204cd4d6112be5c9e6c1de4dffed28308e9148976fc93698b398ec27895cbd0cd36ddb41e6fdc56d27b890ad0812d644fae948e598ba1989fe0bd484595094f3a47917595d6041887b1b180bc61de560012d7d0a96a2c14afa8568b1f6668a901c850d45c326d878057463319eeff28ccb27ae91e5f6a60863b1e137ece9c36da891bd2193096d4b1d0a36e38d31558d108407578e20c0406fb17fe3c389e1d47fc8d369fad7e1f59381a5c7834ca73a9bd6924e3a1d6ca1eeeadbcb886db795aa3d08c14193b6f40ed954001f1190982e5217088d952570b5d64405f15944690b3ec766a3c4ba0556314544daf7adf7f75de59578303e9b1baacb5c2682e340feb33504fec80ebbc3fdb9c52f38b9e37f5d206dad9cfb3ef8ed965df30a4d38ac856f89fed1fb6cdc4f4dc5288996331e80b81d327f7a964501f156dbe7749b811fa1035824b944ad0d9ef2b1bbc74dc6bc9e3f9ca20c00d858d9f431a6098de31e91109e84463f5b6588529a24e4280d447ebabe4f03e8a2338040967f312de19233c77977cf305478b380898759efc3275cdcd2c915a141b2f40a8cf03ad24f8cd2c4404305f46b38892607ff3cd1ca2ba54d2e37d9550540ee9f4a6f95e67834ad735d44264711a515d58a446ac1cd48ca0093d91e2b2288651f3e78d99fa200992d82ba309963ff9e2e5b1c4775aaf52b042e7784a57b17be6a4bff3233b15ea3c00eb734b97cd906b2016080a6c2f593e6986b99f5091db2b223c4ba0ece29b4ae8cb140384b52acba2888859bfd9dd7ba1eccd13a5eb7361bf55d80750367f5c8ecf3b36ec88a7e928a6e24ae80278519862dee26998fd0359df5fde79a9b82bf6b826be2c2b6a6c9d159d6882f2ba5f0d9c52cf9d8478d11af4721c785d88665b883ac3b9132e088637cb42c173a77cc719301cd4c28fd0cd12e8b0e58da70aa4d144180bc69ceba2862603bffcc877967019df079c3fa7f8c928f5966d7617873f6afeec968728d8f3cfc610e16c68369f34c99f8f2dd02bf5da213638a7a5d19f1143b25596be24093f5ea13b968274e430aa04ae3d361a83cf0c73e7e5f15ec006d282710ef31b6e329ce1a43aceded7b69239458a48f2fc8f63ae3dbb6e57a5f6f98ce6d1dd1c3b46ce860d5323233b231f61e9f58ae037ce180cab5047b8ec8d2276ba40c0113a34577c2f90d6df92b9ecf1983e6a5257dbf1361c53c83d184e9a2144344ff7e57e96d34cb09304c56b164c06914a9d42e92831d8ea594d2d521f949260cb5ab458a40583de5c8e52319e13d9289cc7fd818453bc83dcff13ad7aecadb2baeb8a86c41caf71a1d4c491529d9866e006021f0435a90ed25fdad30e966021684a470ba8cade5822fb787ef422259a918fcb06addf341de400b39239102bc73669a193d753ab0574d262f9265fe1963f8e28b664566f67da86a444765d8d409eb50e50ecae2d3cb8d5dc565726915a029a14cd991f2c7b6fa2203b27ac8ba2e3ed38a8ac383addc4abe987a8211337c5c4aad441ee8f9f2b4fc744b95f5bcbdb3ba5ae28c85f5c922e3136e4d4f2a0e480045e706d676b91c153dd50ba81045e805b6148218f5abc4ff6b89e2bfc6f578c42856b796f97995f18c9f0cc77d133d2259ca8010e548b461a41f80a07f3202032bba9db84e06d2bc9891d27bbc25142aa486986cc0d1b3eddf51712eab10c9a4b68006ed5da6759fb82be7e070504f6a36ba1f7ef081c6fb1aa71920e323c5dbd6384065244b3aa363b3708502e20c85b0dc82086b0e5fe30d067fca0fb954851527964fbb6aa46167a05edfccd38c5b52c76611ee7fe4a9f844c129d353867de04e7592545c4f73fda43edaeba33f66adadd7b8c95b20ed7eadbb7da5bced9c75adee4e0e0ae64bd2d39feb8d15bce0308767c841214107f7149689d91e65e0bb12210ae50ba533503b956e2e6bc53b2a04014a736496877e5179545caf65a10be1085dcfdb26145f04484fdd98c92d2100c78cc92bbd482382ad9c201b26ba13ea85452550c78d33cb8b24bc8045a558937d86b5abfffe4b67ab6652514a81e9b7e86da954a348c78165b4739a8f119e13c4c1f69df2dc512cfc40f51a246dfcb9c7ae1495549c2d13e03f3da8cf0b5616907e5afd306dcd44f1031ecf51e4adf6184a463aff8acaabc15ae5be71fcf166e29d69c8a6ed769189e53dcd33ae5b9611f6ff146d91eae1aad34057f7f7286cec5b247403c7634fc68884049fefd17ba1299719566a111fa067f11c5706c9ead8aea54b2105ee48c1b94f7608385685fe5e45f98b954f5cfd7a83b47f5aff7604f4c662696a98c2a4ab1e580d0204cc06c8f16d86aa49f91a23829b72e03bdf74a63a1a99ce9ee1258bbc39e366613ff9b18f8e282193c9786a49d3d571ac90607b0e5833daeb810aa53304809b9c5f79f44fc1c13dd3571fcbac4a66f0a67bc0ee196e441ec2ba413cb9ec6eb77845babe3b8c8f8f6b5de46964324c7e288cdaace6d8f708bbadc45f714fbbeab5f3dede852db9d8ff9fb0ad3822fa067b4662e91c0a18deec3bda6c6baf53288d08544033ef586f096e720a357d377a587b150288c60f8848f4129df70623de3f68d210a66f27678ae3d4d96a909a50cc53841c27f6fc536080d9a0215", 0x1000}], 0x5, &(0x7f0000001440)="03a840949ac98b63d188e9cdbd15b0fbc97ecde2a9383da1086c0de0a325fa97518594115e6570ed7ad804e4dbeaabfec74d014225b05580576cfe07027f89e2a2d72b110567c923ecca2a1792a23edd9084ad2d0861f463a435178bfc49093cdab4586b38b940670ef3900f83faaaf9d99ed58e6594f8f4cbb7c6b01fb72e1aed990c93f82a3231b0a2ed573099fc83fd273e9e8d4b30218fa14849aec5068bdc2000dbe563ac436d270efc6e5048e338a948a752c0530ab06130e72b4e3ce53a40c3dcf52e05051f04e06eac0f14c51ca4ade36bbb98c05bf672469eb243410192997ed622", 0xe6, 0x20000000}, 0x4000000) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f0000001580)={'filter\x00'}, &(0x7f0000001600)=0x78) r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000001680)='/dev/btrfs-control\x00', 0x20040, 0x0) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r5, 0x12, 0x2, &(0x7f00000016c0), &(0x7f0000001700)) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) [ 326.233410] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 326.256952] x86/PAT: syz-executor.3:12290 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 326.286683] x86/PAT: syz-executor.3:12290 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:29 executing program 3 (fault-call:8 fault-nth:26): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:29 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000000)=0x100, &(0x7f0000000040)=0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x2, 0x0) 02:56:29 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x0, 0x402000) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:29 executing program 0: fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm-monitor\x00', 0x200000, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r3, 0x4040ae72, &(0x7f0000000380)={0xfd, 0xfffffffffffffffe, 0x3, 0x0, 0x101}) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) execveat(r2, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)=[&(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000140)='\x00', &(0x7f0000000180)='system.posix_acl_default\x00'], &(0x7f0000000300)=[&(0x7f0000000200)='nodevvmnet1\x00', &(0x7f0000000240)='wlan1em1\x00', &(0x7f0000000280)='\x00', &(0x7f00000002c0)='system.posix_acl_default\x00'], 0x800) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000)=0x6, 0x4) fcntl$notify(r0, 0x402, 0x1) 02:56:29 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x3b4, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f00000000c0)={'gretap0\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1a}}}) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4068aea3, &(0x7f0000000040)={0xb0, 0x0, [0x200, 0x9, 0x6, 0x8]}) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:29 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000140)=0x9, 0x4) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:29 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:29 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) write$selinux_attr(r0, &(0x7f0000000000)='system_u:object_r:sshd_var_run_t:s0\x00', 0x24) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="0000ff00"/16], 0x44, 0x0) pipe(&(0x7f0000000040)) [ 326.513549] x86/PAT: syz-executor.3:12339 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 326.546606] FAULT_INJECTION: forcing a failure. [ 326.546606] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 326.564204] CPU: 1 PID: 12339 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 326.571283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 326.580642] Call Trace: [ 326.583242] dump_stack+0x138/0x197 [ 326.587002] should_fail.cold+0x10f/0x159 [ 326.591158] ? __might_sleep+0x93/0xb0 [ 326.595139] __alloc_pages_nodemask+0x1d6/0x7a0 [ 326.595154] ? __alloc_pages_slowpath+0x2930/0x2930 [ 326.595172] alloc_pages_current+0xec/0x1e0 [ 326.595186] pte_alloc_one+0x1a/0x100 [ 326.595196] __pte_alloc+0x2a/0x2d0 [ 326.595205] copy_page_range+0x11ba/0x1bd0 [ 326.595230] ? __pmd_alloc+0x410/0x410 [ 326.624832] copy_process.part.0+0x4764/0x6a00 [ 326.629525] ? __cleanup_sighand+0x50/0x50 [ 326.629538] ? lock_downgrade+0x6e0/0x6e0 [ 326.637913] _do_fork+0x19e/0xce0 [ 326.641373] ? fork_idle+0x280/0x280 [ 326.645093] ? fput+0xd4/0x150 [ 326.648292] ? SyS_write+0x15e/0x230 [ 326.652011] SyS_clone+0x37/0x50 [ 326.655379] ? sys_vfork+0x30/0x30 [ 326.658926] do_syscall_64+0x1e8/0x640 02:56:30 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SIOCRSGL2CALL(r0, 0x89e5, &(0x7f00000001c0)=@netrom) r7 = dup(r6) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r8, @ANYBLOB="d9af343ae8cd2c00"]) ioctl$SIOCAX25ADDUID(r5, 0x89e1, &(0x7f0000000080)={0x3, @default, r8}) r9 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r10 = socket$inet6_tcp(0xa, 0x1, 0x0) r11 = dup(r10) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r12, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r9, 0x89e1, &(0x7f0000000080)={0x3, @default, r12}) r13 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x8, 0x400) fsetxattr$system_posix_acl(r13, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000040)={{}, {}, [{0x2, 0x6, r4}, {0x2, 0x3, r8}, {0x2, 0x1, r12}]}, 0x3c, 0x0) ioctl$int_out(r0, 0x5460, &(0x7f0000000000)) 02:56:30 executing program 2: kexec_load(0x2, 0xffffffffffffff35, 0x0, 0x160000) mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x2, 0x8972, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xef9000)=nil, 0xef9000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {0x8, 0x1}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$DRM_IOCTL_AGP_RELEASE(r3, 0x6431) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="1330f40be528d55f2dbaa14348786e15d117333f5264163ea72e9a47cc6a26c143a8b568c36d29eba39014deb555fc43fc10d7cc0511aef0e3866e6c58339901857932732151f654c4c38aa5f3bbbd16c076570a866e814a00ee43a02bb28b47a8bfbae921c96400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r7, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r9 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r9, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r10 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r10, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r11 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r11, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r7, @ANYRESHEX, @ANYRESHEX=0x0, @ANYRESOCT, @ANYRES64, @ANYPTR64=&(0x7f0000000280)=ANY=[@ANYRESOCT=0x0, @ANYPTR, @ANYRESHEX=r8, @ANYPTR, @ANYRESDEC, @ANYPTR64, @ANYRES32=r9, @ANYPTR64], @ANYRESOCT, @ANYPTR64=&(0x7f0000000680)=ANY=[@ANYPTR64, @ANYRESDEC, @ANYRESDEC=r10, @ANYPTR64, @ANYRESDEC, @ANYBLOB="80f7e7b6ccc01476cd1dd25388a07e83bae51304b82d2532f7fe0b2b0b78711b6e4cf3419fd440a912928123611a3cf92f9fec340143a7b1b16c0ee9bcb2ac2f70a566ab013dfc5a5422cc544011aa072ec26a701bfe197522ac55f93e9b0a3fdf1fd3f1f2d06a1160fae5afead35dce82845a66bc1e4d70809c8f349829260bfcf3de790ea490c3c531b48cb8f9a92a385ed8b9915a91312c13e40e241893b71eee010f69c631463c058a76a4e3a7d927a272b1d245eb1ae76988ca321190b55bf60aae36054cea1344061d4941ba741e312391e66661d8db93930e026ffa224e5e9e87a43016427cdc94021ddc3e36e921f5b5ec6e57c2bd84eb4e9a4c"]], @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYPTR, @ANYRESDEC=r4, @ANYRESHEX=0x0, @ANYBLOB="8c2563ebd452b9686cf04dd87e66ea64232af2a0debcc3784ffa17e9965b520043e981b241bc56ed169875fd669bb0f76f655d205531229e000c89783accd10d6e261ad241cf888c593f612f1cfcb6f6e771813ab95cc1e073dde6ef270a5d8585f8b85aa0feec437ad761b38ad7ce0fc5cc5693a9d51d55c0f0a0fa280c52d1656b7e50969e269c49793cc6e4a8686f8a98c24758074259364bc887b284b6f9ae29fe10ec74768386c398d56de6e45aee6272b624257b4cde116985726ca38dde4417531b", @ANYRESOCT=r11, @ANYRES64=r2, @ANYRESHEX=r6], @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x9, 0x0) ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000000)={0x100, 0x3f, 0x4, 0x2, 0x4, 0x5b7}) [ 326.662902] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.667756] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 326.673048] RIP: 0033:0x4598e9 [ 326.676232] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 326.684043] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 326.691425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 326.698701] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 326.705981] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 02:56:30 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getpeername$tipc(r2, &(0x7f0000000080)=@name, &(0x7f00000000c0)=0x10) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x280000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000140)={0x7, 0x1, 0x80000000}) [ 326.713260] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 326.739030] x86/PAT: syz-executor.3:12339 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 326.749927] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:30 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) [ 326.786109] x86/PAT: syz-executor.3:12339 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 326.825693] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:30 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="ffffffe5c8868b6df95d0d46", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="08000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xffff, 0x0) 02:56:30 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000000)="74d4039c467d2e9c980db83b5395269b46036c41ccead13a36fe1e74fb87de6c00", 0xfffffffffffffd69) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r1 = dup3(r0, 0xffffffffffffffff, 0x80000) ioctl$DRM_IOCTL_RM_MAP(r1, 0x4028641b, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x1, 0x1, 0x1, &(0x7f0000fff000/0x1000)=nil, 0x7}) 02:56:30 executing program 3 (fault-call:8 fault-nth:27): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:30 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) openat$cgroup_ro(r2, &(0x7f0000000080)='cpu.stat\x00', 0x0, 0x0) socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:30 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) [ 326.908203] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:30 executing program 2: r0 = socket$inet6(0xa, 0x806, 0x0) r1 = epoll_create1(0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) kexec_load(0x8ef1, 0x34b, 0x0, 0xa792cb2f75540ed2) 02:56:30 executing program 1: r0 = open(&(0x7f0000000040)='.\x00', 0x40000, 0x1a5) r1 = getgid() fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {0x8, 0x4, r1}, {}]}, 0x44, 0x0) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x4, 0x40) 02:56:30 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) [ 327.024760] x86/PAT: syz-executor.3:12393 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 327.041238] FAULT_INJECTION: forcing a failure. [ 327.041238] name failslab, interval 1, probability 0, space 0, times 0 [ 327.122083] CPU: 0 PID: 12393 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 327.129147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.138598] Call Trace: [ 327.141364] dump_stack+0x138/0x197 [ 327.145014] should_fail.cold+0x10f/0x159 [ 327.149206] should_failslab+0xdb/0x130 [ 327.153196] kmem_cache_alloc+0x2d7/0x780 [ 327.157364] copy_process.part.0+0x444f/0x6a00 [ 327.161975] ? __cleanup_sighand+0x50/0x50 [ 327.166222] ? lock_downgrade+0x6e0/0x6e0 [ 327.170394] _do_fork+0x19e/0xce0 [ 327.173857] ? fork_idle+0x280/0x280 [ 327.177630] ? fput+0xd4/0x150 [ 327.180828] ? SyS_write+0x15e/0x230 [ 327.184660] SyS_clone+0x37/0x50 [ 327.188034] ? sys_vfork+0x30/0x30 [ 327.191581] do_syscall_64+0x1e8/0x640 [ 327.195471] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.200362] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 327.206333] RIP: 0033:0x4598e9 [ 327.209520] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:30 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f00000000c0)=0xfffffffffffffffc, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r4 = fcntl$getown(0xffffffffffffffff, 0x9) perf_event_open(&(0x7f0000000200)={0x3, 0x70, 0x8, 0x100000001, 0x7, 0x1f, 0x0, 0x8, 0xa00, 0x4, 0x80000001, 0x0, 0x0, 0x1, 0xc32, 0x6, 0xf4, 0x832c, 0x10001, 0x7, 0x7f, 0x1, 0x6, 0x0, 0x8, 0x4, 0x3, 0x5, 0x800, 0x4, 0x4, 0x4, 0x8001, 0x7191d5c1, 0x9, 0x7, 0x6, 0x1, 0x0, 0x616, 0x1, @perf_bp={&(0x7f0000000140), 0xe}, 0x20000, 0x7, 0x1ff, 0x5, 0x9, 0x10001, 0x8001}, r4, 0x9, r2, 0x1) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) r8 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r9 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(r9, 0x891c, &(0x7f0000000180)={'bridge_slave_0\x00', {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}) fsetxattr$system_posix_acl(r8, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r8, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TIOCSERGETLSR(r8, 0x5459, &(0x7f0000000100)) ioctl$KVM_GET_MSRS(r7, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="f1fffffffff4ff3f"]) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)) 02:56:30 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)=0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000002c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$BLKSECDISCARD(r3, 0x127d, &(0x7f0000000300)) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000100)={{{@in=@initdev, @in=@broadcast}}, {{@in6=@mcast2}, 0x0, @in6=@mcast2}}, &(0x7f0000000200)=0xe8) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup(r5) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r7, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r4, 0x89e1, &(0x7f0000000080)={0x3, @default, r7}) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = dup(r9) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r11, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r8, 0x89e1, &(0x7f0000000080)={0x3, @default, r11}) fsetxattr$system_posix_acl(r5, &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000240)={{}, {}, [{0x2, 0xd, r1}, {0x2, 0xf, r11}, {0x2, 0x3, r7}]}, 0x26, 0x0) 02:56:30 executing program 2: prctl$PR_GET_FP_MODE(0x2e) kexec_load(0x4, 0xffffffe5, 0x0, 0x2424e45fa5ee1732) [ 327.217303] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 327.224574] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 327.232077] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 327.239337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 327.246592] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:30 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/create\x00', 0x2, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r1, 0xee01, r2) [ 327.359534] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 327.398429] x86/PAT: syz-executor.3:12393 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:30 executing program 3 (fault-call:8 fault-nth:28): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:30 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:30 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") openat$urandom(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x101000, 0x0) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000380)='/selinux/policy\x00', 0x0, 0x0) ioctl(r2, 0x5, &(0x7f0000000280)="01c74cfc0938b21f553e50dc45ad88a9dbd0591e40e817e696ccb81668184e86c0a20a7e8cf904b1f5232938077381cf5309bd07000000055cb13c9ff2d2bf62f3e8a4a96d2d96276c44be6e0e7c3eb2708f14f57a42f5609382dce200839b83ac12e937d04a6dcdf9a9c9f201936062748aa334d1ba870581555430ad3e80da818dec4bda68f2ca1a2ca334f1e910e21e2e890ea001e33f371e8b3d9aa266802480845f393351eaf7d95ca25541c9ad4124fd48bf5772229b98b733bd8b03f8c97cc84c725c04e212947945bec2ee9f6f16f8a0bc73a3fe38c656852b80aac9b70c2ede309e5ca28fe883c5cbd8f9201878436e8787") ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)) sendto$inet(0xffffffffffffffff, &(0x7f0000000180)="f6272b4247e2492337a2e0a204c0e6e3649ebed13b41b0849b1a53099c73308da5477bc87ebf7bdb6f6c252d57304e1e28afac1abed9a34b637e8d1ca467d56d6ee5f89282e7a6d4a33aaad08331917a773e8437870f5462644ef6f70bc8a6e7bd9ac8bde73f344c7b72f6d18b02655f3f24f61822df0f2ad0", 0x79, 0x20006024, &(0x7f0000000100)={0x2, 0x4e21, @broadcast}, 0x10) r3 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x80000000, 0x101000) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f00000000c0)=0x8) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r5 = syz_open_dev$audion(&(0x7f0000000440)='/dev/audio#\x00', 0x7, 0x8000) ioctl$sock_netdev_private(r5, 0x89fb, &(0x7f00000003c0)="c6af8515da4ef847e18824ea92d8f7f3d2077c72d0f1c5b434c4febd5cdad1f7d070a1de0f3a2846b2c4c1a2bd29fa76642c7a043b2c8b6921be07cb58481a3c3de289f4abd31481902ae106d7429fd1ec419051431fb9d78b94554cf2fca7c7741e") 02:56:30 executing program 1: fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) [ 327.408858] x86/PAT: syz-executor.3:12393 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:30 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="04000100000000000800000034f7188c9fd3898c2bb31635a40a7945c881fae21b80cda80308e8eadeb27a31d4515304dbceed77dcfbf242668e9477013559a3fc8bbd4683274e8ff1b2923384d377143214071a7c08698f129f99ad30182e057744da049be36bf3b443ff77b44fef34c838f96bafaa514075f8a6f6", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:30 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:30 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:30 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{0x2, 0x2}], {0x4, 0x1}, [{}, {0x8, 0x3}, {}]}, 0x44, 0x0) 02:56:31 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 327.606138] FAULT_INJECTION: forcing a failure. [ 327.606138] name failslab, interval 1, probability 0, space 0, times 0 02:56:31 executing program 2: kexec_load(0x2, 0x0, 0x0, 0x150000) 02:56:31 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x200200, 0x0) getsockname$ax25(r2, &(0x7f00000000c0)={{0x3, @rose}, [@null, @bcast, @remote, @netrom, @remote, @null, @null, @null]}, &(0x7f0000000140)=0x48) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r2, 0x80dc5521, &(0x7f0000000180)=""/211) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 327.666589] CPU: 0 PID: 12448 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 327.673638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.682999] Call Trace: [ 327.685598] dump_stack+0x138/0x197 [ 327.689231] should_fail.cold+0x10f/0x159 [ 327.693371] should_failslab+0xdb/0x130 [ 327.697344] kmem_cache_alloc+0x47/0x780 [ 327.701393] ? __lock_is_held+0xb6/0x140 [ 327.706140] ? check_preemption_disabled+0x3c/0x250 [ 327.711155] anon_vma_clone+0xde/0x470 [ 327.715029] anon_vma_fork+0x87/0x4d0 [ 327.718824] copy_process.part.0+0x45e2/0x6a00 [ 327.723424] ? __cleanup_sighand+0x50/0x50 [ 327.727812] ? lock_downgrade+0x6e0/0x6e0 [ 327.731946] _do_fork+0x19e/0xce0 [ 327.735394] ? fork_idle+0x280/0x280 [ 327.739092] ? fput+0xd4/0x150 [ 327.742270] ? SyS_write+0x15e/0x230 [ 327.745980] SyS_clone+0x37/0x50 [ 327.749324] ? sys_vfork+0x30/0x30 [ 327.752865] do_syscall_64+0x1e8/0x640 [ 327.756733] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.761564] entry_SYSCALL_64_after_hwframe+0x42/0xb7 02:56:31 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 327.766736] RIP: 0033:0x4598e9 [ 327.769907] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 327.777606] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 327.784873] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 327.792133] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 327.799407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 327.806670] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:31 executing program 3 (fault-call:8 fault-nth:29): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:31 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB='\r', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) 02:56:31 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f00000000c0)=@v1={0x1000000, [{0x3, 0x8}]}, 0xc, 0x1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) prctl$PR_GET_THP_DISABLE(0x2a) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:31 executing program 2: fanotify_init(0x2, 0x800) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) 02:56:31 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x0, &(0x7f0000000040), &(0x7f00000000c0)=0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [], {}, [{}, {}, {}]}, 0x3c, 0x3) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000000)=0x1, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x6, &(0x7f0000000100)=[{0x9, 0xb9, 0x3, 0x8}, {0x5, 0xe683, 0x5, 0x8}, {0x71, 0x7, 0x5, 0x4eb}, {0x0, 0x1f, 0x1000, 0x40}, {0x8d01, 0x800, 0x6, 0x2}, {0x0, 0x7e00, 0x800, 0x1}]}, 0x10) 02:56:31 executing program 4: socketpair$unix(0x1, 0xb, 0x0, &(0x7f00000002c0)) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:31 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)) r0 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) accept4$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14, 0x140000) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r3 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$assume_authority(0x10, r3) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 327.968077] x86/PAT: syz-executor.3:12482 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:31 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}]}, 0x3c, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:31 executing program 1: getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in=@multicast2, @in=@dev}}, {{@in=@broadcast}, 0x0, @in6=@empty}}, &(0x7f0000000000)=0xe8) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x7fffffff, @empty, 0x57f3}, @in={0x2, 0x4e20, @multicast2}, @in={0x2, 0x4e23, @empty}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e23, 0xffffffffffffffff, @empty, 0x9}, @in6={0xa, 0x4e20, 0x0, @remote, 0x3}], 0x84) 02:56:31 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x160, 0x91000) r1 = inotify_init1(0x80000) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000200)={0x3, 0x7f, 0x7, 0x0, 0x5}) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040)={{0x100000000, 0x2}, 0x60}, 0x10) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x120100, 0x0) iopl(0x1) write$RDMA_USER_CM_CMD_REJECT(r2, &(0x7f00000000c0)={0x9, 0x108, 0xfa00, {0xffffffffffffffff, 0xf2, "a3c8ca", "0e76616a4bf1a0f4e9fba5c5d25fee58322337945b2bc5564811b157802bfaa84f483f04068d7924b31afe3ea3bc581f029d55ea20d1c08972504599f7bcf21423c2b1e03629a7cfa160a516a27658c8c4a85154a977370e19fc2ef5a5b08d66d239e6436c9f9b8819f095f9e5fdfb25c1ff94a6f88b7022ba9a4ce47f3cf0c95bf4f09c3e2bc6f64868022d69d2a02e8e9a5d78f964723492e9a80f41d748fc270ce7d3e8722098e51d8ec95ccbaefd775dbd5a0094d51ebd5309fbc57103391573ab7e61d3cd27d545d29ef23a21ee3b8eb3c2d5be20a871fcbeac3f0832e49ce89904d80c940eb343245be008d3450771fdfa57cdaa411cd2bde0ed7ef638"}}, 0x110) [ 328.044752] FAULT_INJECTION: forcing a failure. [ 328.044752] name failslab, interval 1, probability 0, space 0, times 0 02:56:31 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 328.139705] CPU: 0 PID: 12499 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 328.147465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.156849] Call Trace: [ 328.159451] dump_stack+0x138/0x197 [ 328.163173] should_fail.cold+0x10f/0x159 [ 328.167446] should_failslab+0xdb/0x130 [ 328.171411] kmem_cache_alloc+0x47/0x780 [ 328.175461] ? __lock_is_held+0xb6/0x140 [ 328.179502] ? check_preemption_disabled+0x3c/0x250 [ 328.184730] anon_vma_clone+0xde/0x470 [ 328.188602] anon_vma_fork+0x87/0x4d0 [ 328.194216] copy_process.part.0+0x45e2/0x6a00 [ 328.198796] ? __cleanup_sighand+0x50/0x50 [ 328.203015] ? lock_downgrade+0x6e0/0x6e0 [ 328.207151] _do_fork+0x19e/0xce0 [ 328.210589] ? fork_idle+0x280/0x280 [ 328.214290] ? fput+0xd4/0x150 [ 328.217461] ? SyS_write+0x15e/0x230 [ 328.221244] SyS_clone+0x37/0x50 [ 328.224592] ? sys_vfork+0x30/0x30 [ 328.228115] do_syscall_64+0x1e8/0x640 [ 328.231993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 328.236840] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 328.242020] RIP: 0033:0x4598e9 [ 328.245363] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 328.253071] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 328.260411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 328.267720] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 328.274974] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 328.282364] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:31 executing program 4: perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:31 executing program 3 (fault-call:8 fault-nth:30): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:31 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020000000000000c6"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x200, 0x34, 0x100a, 0x8, 0x1, 0x1, 0x0, 0x2}}) 02:56:31 executing program 1: open(&(0x7f0000000080)='.\x00', 0x0, 0x0) 02:56:31 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x25}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) close(r1) close(r0) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000140)={0xffff, 0xffffffffffffffa3}) [ 328.355441] x86/PAT: syz-executor.3:12499 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 328.380572] x86/PAT: syz-executor.3:12499 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:31 executing program 4: perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:31 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socket$kcm(0x29, 0x5, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000001c0)={{}, {0x1, 0x2}, [{}], {0x4, 0x6}, [{0x8, 0x0, r1}, {0x8, 0x1}, {}], {0x10, 0x1}}, 0x1b, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) 02:56:31 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x2, 0x0) socket$kcm(0x29, 0x7, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:31 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f00000000c0)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x4e20, @rand_addr=0xfffffffffffffffc}, {0x2, 0x4e24, @loopback}, 0x80, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000000)='hsr0\x00', 0x4, 0x1, 0x1}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:31 executing program 4: perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 328.563653] x86/PAT: syz-executor.3:12541 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:32 executing program 2: kexec_load(0x2, 0x34c, 0x0, 0x2424e45fa5e61730) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000000)) [ 328.604580] FAULT_INJECTION: forcing a failure. [ 328.604580] name failslab, interval 1, probability 0, space 0, times 0 [ 328.634018] CPU: 1 PID: 12541 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 328.641244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.650601] Call Trace: [ 328.650621] dump_stack+0x138/0x197 [ 328.650643] should_fail.cold+0x10f/0x159 [ 328.650658] should_failslab+0xdb/0x130 [ 328.650672] kmem_cache_alloc+0x47/0x780 [ 328.650687] ? anon_vma_chain_link+0x142/0x1a0 [ 328.650698] anon_vma_clone+0xde/0x470 [ 328.650713] anon_vma_fork+0x87/0x4d0 [ 328.650731] copy_process.part.0+0x45e2/0x6a00 [ 328.677725] ? __cleanup_sighand+0x50/0x50 [ 328.677739] ? lock_downgrade+0x6e0/0x6e0 [ 328.694469] _do_fork+0x19e/0xce0 [ 328.697935] ? fork_idle+0x280/0x280 [ 328.701664] ? fput+0xd4/0x150 02:56:32 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:32 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 328.704879] ? SyS_write+0x15e/0x230 [ 328.708609] SyS_clone+0x37/0x50 [ 328.711985] ? sys_vfork+0x30/0x30 [ 328.716488] do_syscall_64+0x1e8/0x640 [ 328.720382] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 328.725235] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 328.730420] RIP: 0033:0x4598e9 [ 328.730425] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 328.730435] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 328.730439] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 328.730444] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 328.730449] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 328.730455] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:32 executing program 3 (fault-call:8 fault-nth:31): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:32 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:32 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x6, 0x200000000003, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200000000, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) getsockname$netlink(r2, &(0x7f0000000080), &(0x7f0000000140)=0xffffffaf) 02:56:32 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x8, 0x3be3a124da9cf1f0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$SIOCRSACCEPT(0xffffffffffffffff, 0x89e3) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {0x8, 0x5}], {0x10, 0x2}}, 0xfffffffffffffd1f, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TIOCLINUX2(r2, 0x541c, &(0x7f0000000200)={0x2, 0x0, 0x7, 0x0, 0x5, 0x988}) ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000100)=""/241) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f00000000c0)={0x0, 0x63, &(0x7f0000000040)="65d4d0115e1da248244450801fd9a241fd97ca390ad2f2dfd9b99934c76d44c4ce494ee51e73f5ce66d547a9b9c3246c5601624134bbeed7c8d42490c759589c87aad0a45c49b3de9abd737e24d60e79fe6ecaed9fd8f725b4eac811b6e1c514f1595c"}) 02:56:32 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x200000, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 328.979073] x86/PAT: syz-executor.3:12572 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 329.014842] x86/PAT: syz-executor.3:12572 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:32 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:32 executing program 2: kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) [ 329.101929] x86/PAT: syz-executor.3:12585 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:32 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="020000000100000000000000020000004443b453d68fb4d03e6210b48c7291b0e37e8ed8b5a371ca43518d4796f748c8a61e01216038196425bacb415521ed0c8289aca0f3bf10b0c8563231c36cb99726152724f055a7bc2afb18eab89e8fa8b2ef621512bd5537e1da9cf62d5dbd28671e4b1878593bebe32b3b59698731eef059edd88eb80ccca4589f7a796e8f2a7ae2a7546ca5d0b4c2b36771950442b1", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fstat(r1, &(0x7f0000000000)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)={{}, {}, [{0x2, 0x0, 0xee00}], {0x4, 0x7}, [], {}, {0x20, 0x5}}, 0xffffffffffffffca, 0x0) 02:56:32 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fsetxattr$security_capability(r2, &(0x7f00000000c0)='security.capability\x00', &(0x7f0000000100)=@v2={0x2000000, [{0x8f, 0xc0}, {0x400, 0x3}]}, 0x14, 0x1) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) r4 = accept4$llc(r3, 0x0, &(0x7f0000000080), 0x0) ioctl$FS_IOC_MEASURE_VERITY(r4, 0xc0046686, &(0x7f0000000300)={0x9, 0x1000, "2b5fd396f07c306bf15f5e7fcb6f66c627d1cfd0a4d3e8e088195a2c6ee5e6ce3e2976d535b60f2ebbbaee5a8c74a89ba71aea8cb38ad914480e1875cc94a9a8dcdf43c5ecd09036cbc8b80f6ffc2278732a9d3d13b12a0105b27e2b2325eec9309124ff1e7701d0bb3bd3f716498de6fcc31e865ef40dd8230fc2829caf2a08f6a0485fc4880bc393d3022ef4cd1d59639d390f53b23d8c8c0b3b9fe442caadfcadea1de3120187825cfcecbd9dbbab167e8c32e01b454d8ebe3fe07ca3275d65cdffa2fc1f6b07a02f48ee915f4b9362e398aa7dbd0c7b897b83931b1e04642f8a975ce2569c292b982103fda9a4820735d416de1ba205ad3413df97b4109fc4a07d6ed02ad2cd3c9db31d6ded701a5ee161c29c7e065b745c1825695ac21eebc03c5391255fa9ac8f51bb7a62df29f570cda97590ac8e41d3ddc2026a25e909dd5c24516f74e637f5f7ae80708be1ddc9836fc7c1081d8730acf382714231f1531b8a92ad93573b123b54a6cacdded267f14fb2c3540735524e162553128179f86fd9cad65daa73fef76e70580d43e29a430182a1f8b339a8c7be0667187e5502e9e97702330050420c86f48e9c491a548fd29850fa06a204bc4e88c720e13167a9e390a61f9311caed4f25ed1e2b11292e4016ead37b457040b1b03969790dd942791727c94bd2a2e26174a93ddeebc7b2a98bed10bb95bb1352c2bc2c99f01520f1245fec3957956a204162e605937aabebe9a8cff5a0cb3d926d02dcaeaf19f4f6e6cf5752a1519c9037729110f4414c86c64eff7e2561bfc354b04205a8e86f0c57e650f895bb692f89d30d16d69d66855c0e3841200b3fa5875615b641b16074ebf82cf97de6b07863e8386902c023bf5d7a8e1b71963faa3a8d990b07483c2606c2f10fc123adda8acdeeb99c63842264a3eba5b88b73c3031901e92326602fd112d7c37cf2b736ba29df8ba9f340fd9aa10338b3cf6d2fabe257ccda3f53ae4a9a20b64175fcd39716ae1ca550ed07d89e7e43a2d44d89ff4ff515cc5a89f2c921ae664f489f357ece92cd1646e9952c55b355570e42c7a43f573a8cd5e496bb8c75921892a7d1ef7e6742177d48000c69ac7bf89676e6c469bf4cd2931ca70a54b07024e9b9cff1b8953e9147c371b4f24be1ce25e4b7af3bd7c19a8c9d2fdd63772b174664bc6df8334a3a7cff4e28f9ecfe2ca89a00e39a73d1b6530c36b02edb75ded429ac93f7717498a273fdf2f253a156950b1ad3250623293e14b5e5bc243aabc351b90c19b78f7bd5f2b2b7b25033e29fe6af45b0b6f897f887d592d88a239bb03af4338efbdeb3a69528f0da305ff429e63aa8fc5ad0dec47dd2aa2df93e4bef2414fa79c02934cc8e06719ea15608908b2127aa9827151429b8de3548f1419943bde20c92d8b00f5c0c94c1d5e70e1606a69c974ce8cf002f609760550497639536554088718e1ba87de6b5931797d4e02f98106099a9c160d9a72cfcbe45e5e69bd3e394d17501d33292ddd0f5e1659a69095b31a318d3c1db997d3e1d84b1865961ec19c2884d35291ced1f0de62a9827799992245f5b6d23ad1533439497c9dc63ca9f064c623ef5df80247b401b6796ae6fa5208d8c9859cc4a44f5f2f326428d6435fb6476c5db03e53b499b6a86a66a4f1f5f77ebe2499907aae5ef4ccf708353c78c95fd7ee4e3ca19ab2eda56c14a49443c8f131a81201dd3ad45a4a14923e0665c910284da4c38496bd48a9a5ea19484c87270f294c862ae637ab56b16ef1663348a99368e5ccada017cb55d46d7e3f6b5fe113e2e1e6b8551dac64cc1cf7c22f5db0ffdc9029a9809d305934019ad0d63b0e1c9f218076bd48c94a87846462d05e997c83977256f9f93936fe5eac9f8602cfff49d5440431f3d809a19379b2848e90168ee304cd2952cc6782a98b826a5986de3f0b59280389f8dfc88a5e1dcaaa1a75c7a8d5a902bda0a7d8d45231672996809494a8ff04965f9eb584f44ae366851fe4c4c172b131bd6abd57d6425d08702a5a23e7b1053900026f39f9d995adb76390a428505d78e894db30af6257ee0a2342f13be3ff77f5887e9b9bbbdddde03100c7374be2a4351bf756e2a048f9ba5b86a977173f42e2644a6785823009e6523aa47199691036165b0c6a50efa2d126fc866e6ed76b1b7a991d5d2c2a95c94392e084fca797bc000f5be2a4c01ba59e2a8f7fcd9e4f8f8198dbadad7412f3fe83b91ba5e746518b5cf22de6e4219134fa66ebf17b138d65151f27da2a86f880b885e29285235442637b08484f8491862ff4e86516af9c1fccd6a212ab5c140eacaa649a9180d7fbd9499067a866b028003a68a18d611c0a55170d9f48c736d9b9c261a84d1ae0063f4b480e7c70a292c98ca8a35afc4a1300cc29726ae1ebc2bc2905e88f67e2827a08d31c2f8b5499ae61f75c9996f5765b07eaafc71e01f9713af383a8013e6ee35595edc4a69765ddc56b86ab01d69934cd9a42569066180bc4fd3ba0f5fb5cdaef698b79bec80aebcb1f2ff85ddd2d1e8038d32a4f8abf7539380911c500779f4da190e52bc76165a4cdcfc101e1d0a23d62487de043f342ee14167ad6f9256bb213ea249b122d4b19e401dd82ad02ea4e58612f9db50a2ab7048c09466961c2835e933a1b9adb629f3e47b03188206f5b3d37a600847e2659ae790246f8c02167a7785da978b3203d2121e36acb5f803dbc60b641d343bf7281529ab6980a68f1b693a218b670aefdc6a39c25148199b90ddc9d1c872185de49c2061753cccc8c5e93dbe1b02ade154119727847ab1cd8169db63a011c32741b0a1a3a3ede4abd3941c96d9e968e1a29f81a07afe3f3d7a0895449c68c3aaf482cc8587c83f11b0ff75ad6bac03bf3760264a0f85a86c4c8ff29311258bf142b7ca8d0f2a86dcdf280c13462cda0a12d3771174d7f132b097f7ec56cd838acf0a063f61dd92784edab42284bca9cba0543696d4b339cf13453f41afd5cd1bca34d121399081f54af481400b4b1908915ebf724b1027f1faf8928f36f3dcbe79be5df6c31978c42000d435baeaefda6173cb881c8919bcf052b8b5197fc6c4bd3087834e62851be2490825786ddba9b73fc66282bbd2990dbd11a9a996ef691805bc6f077880ca2015d612ea2b7266e436071923720a36eaef9efeff05cc542afe29a4a7420e4ad3fcef476620146ab25986b264493e5584c820900375858efc27702fa0ddf3f4be62cf9f6ec9008d352a319027b7d502a9d7ad936a976e941ec057a4733726359e0f88a7dcac0cab670b5139e475db0486db99ec32dd3f89424d538bf7620d4b908ce26162b3aada433abb23a9f5296c1d7343ba830479f99f5a63954ba2622f67cae02bc25d917e0dcabaaff30b7984837d987aeb039ead89227a0f79c405010b094a4f064c4e289a75cf7c13cd3d4ee9a7ded874ee19d01cc8213a1b73443bfb939b6ad8ee306404db09b2547d076ba2f542e4761a194cf278d32df99ee30782405ecb5760c0e34d9308d5f20d6e339d9a76de5acc900c4d745a77a5258985ae6fca368a31099e674934d65aa046ea10df610d7ba1183d80dc05f0320bd95abebeeaacf70e6462f936eac278ba7984d2883398128626e52a558ba7cdf3809aebe696c8951878c3a5b5e8db1e2505a79f7a7228b9a0d44d5b08aff526c920af98a37173d59bbfe129c4edcd8a37a0875326d17ec9265e9e5c0fbf42ece807da6b9321af6687c4b059c5a5731bf30eafbf595df2504d4ed436d758c9d97ae758ad8f90dea6c60eb0800033eee76bf6b59902f5a01c89d71d33a1b53059a5468b289ec962951ebab925525ef5ee544357813ad44b3fa509fb99d6fc4342d573525f24354e2f9023aaaab1ea1f3e2090deff15cf95bf341f39a2ab8accee6ad28e3372cf30c949a7f17f18fd7700bfe179d76724e4b550f6c6cfeecc8239dfbb28341905da7b564bcf7d463f87ab05a4e618d0689442e7777d68b5a6f13bf8849999a89b1dc484ec0b1b326fae1ad82a6a898ae495ce626ca3c1cf5a8f1d2d6fd9a48fc1d949ce0a86a7e1ba143e651ea577b93375e85b2abc099af38dab7d2c5fea23c63f47cab493c88e9fe7f9c1ebb0b219268b46d51be371b16a18aa4129adbe47013a9e5df9b5e087113d3fb47e6e34477bc3bce65050fed48c2b51f5b687427c635854c7641a58eec45e26831164ff6c594d670e17591488e8aa985084aa22616596a8d12417c55385f04ebc59f6cff79e2151cd3daccd24c164e343229ce74a65d5e10d5cbaae71279d9a2bb8bc35124a441ee31ac3baa05318eb45fbdc0c73d2fcd2e6b5fba1d8a12000404a5e1d77fd7cf594a23d48517438268f0c2726779bbff402cbc511708a98ffa92b21340f87f5ea5490398076a915d4a35ed8d954c06fc7d800d3ecf5a6b430631880b8059d3d7a610c8a62add2ed1f17bfdd6362652b844dbe23f2f35d6b472401fee71dbcd8c56eafdfe954356dda7a5bd69648e2bca3be98c198598c893dafe9c827316fbbda72ab55be8f7c37065f631711a6ba515e7cc87a15eba11663f27d0aad13fa2d7fb365c02a1730b0472d5e7df7201bbfd52cbf711eb9fc039da70043048053b6e4f7a55aef1d1d5e6a3514068660d644e75f7ebead0112a9d0daf9bc9fddeb825fb92b905b63a28143e1b7e15aff75e062d89c3f151996416d2e9d7c16e1be12a2dbe14fd19e1be4f57392a98252c52c0c193f4def3270b258b76d0c3df50c5af3143c6d709b3d7903d2375f93043f513e914610527eeea9d4b51c3540fe3876c0be9ecfc2b878df93ec8c4c9abee01893c63189d1a1357df2c4fed7adccf6a813fbca26d898e49863ccbe9ba6823b805db17acb115803504504e4e5607bdeb11e10625991f3e9aab6ad888d58e80ab889e4f8533779a3bb9c2504dbd0451ba3ad8838d11408794c938f51672d735242f833462e4ecaff2a7132dd10961eac6195f00f312289d1a645c754be8b05baf213ddad86e1005b5d13e8a4484e0223922b38b07d92392d649e86623b3803353f49c3d3837e20c2c8045445b64db34dddef7931b1c8fec32e91f2d8bfde7c7867e3c6f3a7a3568e69a04f6a62a1207417fa4ac60c71b19754f67b535556a2cbed6750ceeadf9839d7a4bb8e6d72de485d34595501b0a597d9eed09229a912fb0a5c75b940a863d9781fde4aa9c4973ad5ac360479db45da5c0cffeb244e488bebabdec1db976330e4418feef3aa2e7725d4edebfb42ba6dd7f3a3ddbe3921eaa6891fe34e4f37a7190ecf2e4193f525851a966e5b000966c3d35b02683d36709ff06cab2ac47173c171958e3985e94c18b1a71330828437d9a4cd09735978da4f202db2a88aaf120f562e907bf0fbc09464bf326b155e3761bc77ffb5ee0854820ef3b2c568344f91561b900f4f3330b5f2af84fe9bafd10af663d23cd66973220aafeb506ac40161d59136dc4031325c5e8920e3c5c1b5f89fb556f0c277655c777908730e845a672fef37f23341242aa793e12a4e81197cb85b9de96de8bfaa36d1996b1a46e604088b4ca80b68249de63ec48adec347cfecb288ccfc89c347eeeb83f3ac4cf832137a0b291a5aa37fffe74b3277d5dc33b679ef82f7ea7fb6b71bfe3e793064428d10d91dbc7197aa6427efa507c7173b059b1bc800740db94b4b1f3ffd36865987d133af3434de839bbb9384c2a809d78d303034bbc06aa9c92c73248986d47cde89b36aef3829f95f8287449b735ac8bddebce864fab44a"}) [ 329.151087] FAULT_INJECTION: forcing a failure. [ 329.151087] name failslab, interval 1, probability 0, space 0, times 0 [ 329.204952] CPU: 1 PID: 12585 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 329.212536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.221898] Call Trace: [ 329.224498] dump_stack+0x138/0x197 [ 329.228142] should_fail.cold+0x10f/0x159 [ 329.232316] should_failslab+0xdb/0x130 [ 329.236321] kmem_cache_alloc+0x2d7/0x780 [ 329.240585] ? anon_vma_clone+0x310/0x470 [ 329.245006] anon_vma_fork+0xe9/0x4d0 [ 329.248817] copy_process.part.0+0x45e2/0x6a00 [ 329.253434] ? __cleanup_sighand+0x50/0x50 [ 329.257770] ? lock_downgrade+0x6e0/0x6e0 [ 329.261935] _do_fork+0x19e/0xce0 [ 329.265396] ? fork_idle+0x280/0x280 [ 329.269123] ? fput+0xd4/0x150 [ 329.272322] ? SyS_write+0x15e/0x230 [ 329.276046] SyS_clone+0x37/0x50 [ 329.279419] ? sys_vfork+0x30/0x30 [ 329.282974] do_syscall_64+0x1e8/0x640 [ 329.286859] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.291700] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 329.291707] RIP: 0033:0x4598e9 02:56:32 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") recvfrom$inet(r2, &(0x7f0000000080)=""/35, 0x23, 0x40000021, &(0x7f00000000c0)={0x2, 0x4e21, @rand_addr=0x3f}, 0x10) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:32 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:32 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x25}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) close(r1) close(r0) kexec_load(0x0, 0x0, 0x0, 0x2424e45fa5e61730) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000140)={0xffff, 0xffffffffffffffa3}) [ 329.291712] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 329.291721] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 329.291731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 329.291736] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 329.291740] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 329.291745] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:32 executing program 3 (fault-call:8 fault-nth:32): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:32 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:32 executing program 2: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0)=0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000002c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$BLKSECDISCARD(r3, 0x127d, &(0x7f0000000300)) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000100)={{{@in=@initdev, @in=@broadcast}}, {{@in6=@mcast2}, 0x0, @in6=@mcast2}}, &(0x7f0000000200)=0xe8) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup(r5) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r7, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r4, 0x89e1, &(0x7f0000000080)={0x3, @default, r7}) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = dup(r9) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r11, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r8, 0x89e1, &(0x7f0000000080)={0x3, @default, r11}) fsetxattr$system_posix_acl(r5, &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000240)={{}, {}, [{0x2, 0xd, r1}, {0x2, 0xf, r11}, {0x2, 0x3, r7}]}, 0x26, 0x0) 02:56:32 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r4, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000080)={0x3, @default, r4}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup(r6) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r8, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r5, 0x89e1, &(0x7f0000000080)={0x3, @default, r8}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x0, r8}], {0x4, 0x3}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000100000000000000040000000000fbdadcf7969913610000200000000000000010d85461ef29f046f8829557f691d55581aec76af25bb142763bdd32ea6c6e78ffc76c67e4bd9b94d215de9733f204ad7e3f8121356bbabcd2adc1bd67a8ad0d2ce4df354538bda0d2a63f2613e6955fddfee5fc561ca7f6ef2c33594e9509cd9596b0f2992cd3b50ccdf28edbea9ac2faaeb124b889c6f6081c1a52e0cf5fe3adff2d8a318dbaea28042b36eebcb7b93caedde23d6fb0eaafba29f850d21219155fabf842bfb86de26dec9c9864bdb372e0872f"], 0x24, 0x0) [ 329.468558] x86/PAT: syz-executor.3:12585 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 329.487246] x86/PAT: syz-executor.3:12585 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:33 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 329.600737] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 329.662070] ntfs: (device loop2): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 329.678122] x86/PAT: syz-executor.3:12629 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:33 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x800000000000000, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 329.715998] FAULT_INJECTION: forcing a failure. [ 329.715998] name failslab, interval 1, probability 0, space 0, times 0 [ 329.750116] CPU: 1 PID: 12629 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 329.757174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.766628] Call Trace: [ 329.769233] dump_stack+0x138/0x197 [ 329.772877] should_fail.cold+0x10f/0x159 [ 329.777051] should_failslab+0xdb/0x130 [ 329.781043] kmem_cache_alloc+0x2d7/0x780 [ 329.785197] ? anon_vma_clone+0x310/0x470 [ 329.789505] anon_vma_fork+0x1ce/0x4d0 [ 329.793409] copy_process.part.0+0x45e2/0x6a00 [ 329.798020] ? __cleanup_sighand+0x50/0x50 [ 329.802265] ? lock_downgrade+0x6e0/0x6e0 [ 329.806456] _do_fork+0x19e/0xce0 [ 329.809921] ? fork_idle+0x280/0x280 [ 329.813645] ? fput+0xd4/0x150 [ 329.817011] ? SyS_write+0x15e/0x230 [ 329.820910] SyS_clone+0x37/0x50 [ 329.824301] ? sys_vfork+0x30/0x30 [ 329.827850] do_syscall_64+0x1e8/0x640 [ 329.831747] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.836609] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 329.841804] RIP: 0033:0x4598e9 [ 329.845107] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 329.852832] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 329.852838] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 329.852843] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 329.852850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 329.852855] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:33 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = socket(0x40000000015, 0x805, 0x0) getsockopt(r1, 0x114, 0x1000000002717, 0x0, &(0x7f00000000c0)) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r5, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r5}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x0, r5}]}, 0x2c, 0x0) openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x400) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 329.960155] x86/PAT: syz-executor.3:12629 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:33 executing program 2: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/create\x00', 0x2, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r1, 0xee01, r2) [ 330.003812] x86/PAT: syz-executor.3:12629 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:33 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 330.109376] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:33 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}]}, 0x3c, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000001000000000000000400f371df9b7568a6ed4a00000000000010000000000000f8200000000046f805909450bd6a9ba5c9fdd03811d43130a3432e5c821e311462882107aad290716c5aa07ed2f667e48a1bcb32ecd1fca7f4eb36856121f96f2433104a8f55af868bb08013aa97a5db160e8e11ce34b0630f17689a4abbc8e77edede107345b63bbe830cf3842f4260a805cd8208b5f181f05864c9e42bc10180dbbee80ee22d7996899d809888"], 0x24, 0x0) 02:56:33 executing program 3 (fault-call:8 fault-nth:33): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:33 executing program 2: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffffff, 0x22) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0xfffffffffffffffe, @empty, 0x9}}, [0xd6, 0x4, 0x37, 0x0, 0xaba1, 0x9, 0x400, 0x60ce363a, 0xe4d5, 0x6, 0x2, 0x3f, 0x9, 0x3e, 0x2]}, &(0x7f0000000240)=0x100) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000280)={r3, 0x4}, &(0x7f00000002c0)=0x8) r4 = accept4$netrom(r0, 0x0, &(0x7f0000000000), 0x0) getsockopt$IP_VS_SO_GET_INFO(r4, 0x0, 0x481, &(0x7f0000000040), &(0x7f00000000c0)=0xc) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:33 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 330.344599] x86/PAT: syz-executor.3:12671 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 330.372002] FAULT_INJECTION: forcing a failure. [ 330.372002] name failslab, interval 1, probability 0, space 0, times 0 02:56:33 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 330.410231] CPU: 1 PID: 12671 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 330.417289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.426751] Call Trace: [ 330.429373] dump_stack+0x138/0x197 [ 330.433015] should_fail.cold+0x10f/0x159 [ 330.437264] should_failslab+0xdb/0x130 [ 330.441245] kmem_cache_alloc+0x2d7/0x780 [ 330.445399] ? anon_vma_clone+0x310/0x470 [ 330.449562] anon_vma_fork+0x1ce/0x4d0 [ 330.453460] copy_process.part.0+0x45e2/0x6a00 [ 330.458100] ? __cleanup_sighand+0x50/0x50 [ 330.462343] ? lock_downgrade+0x6e0/0x6e0 [ 330.466506] _do_fork+0x19e/0xce0 [ 330.470057] ? fork_idle+0x280/0x280 [ 330.473774] ? fput+0xd4/0x150 [ 330.476969] ? SyS_write+0x15e/0x230 [ 330.480778] SyS_clone+0x37/0x50 [ 330.484149] ? sys_vfork+0x30/0x30 [ 330.487701] do_syscall_64+0x1e8/0x640 [ 330.491587] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.496442] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 330.501720] RIP: 0033:0x4598e9 02:56:33 executing program 2: getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r0) lstat(&(0x7f00000017c0)='./file0\x00', &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f00000002c0)=[r1]) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r5, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r5}) syz_mount_image$ntfs(&(0x7f0000000100)='ntfs\x00', &(0x7f0000000140)='./file0\x00', 0xffffffff7fffffff, 0x4, &(0x7f0000001900)=[{&(0x7f0000000540)="f0ef3c909560d952b0ea6396554ad113c1ee4be7575e960510a89e8f1396226e616c8a1c93aff46b1639f3e16eb5ae7bf44838ce22c153f11327927139430c2d819ba8cad4b3b53c39129dd64297375c5a6195841a29ced6dd8f45d115b49c5f6cf64c6261f67f94ba412b7990bdfdda1dafce30d2f8bf4fc1199fb96d709432869874391f879f6e1e5bbc4100017b3552a08abb10aef7633fd382682cb769920fcb5517ba0ee9a2c65df93a7c4a5c108a8b37bdc3caebffbcafd49341a4d7ee9c8986aa249867eb2f64036dd5b1d3e4bb385d9e37d5d3c6d3b1036738fc06d0618a7d555f94a1b5ef31106b89587a490e865db5b743dbd5f95f5bf79c4c65ca7eb40ea2ad0e25c278ae5cc2232c20a198d2ccefb14f6e5f49d2a4b3dc9b38d88516a6368336d4cdef7743e5d19078bd877392d6cb5a9bdc7cdffd095195d29e12bddb8c2ef468c26dd5e3f77bcd361c5391f68963085db3b3c2528dc39dc9421402c3ca9ae71f15323d661ebd29dc7b7db688ea0d3cc419a947af2b663a7565a06a0b0742024ff0af67a36a7b48481d52b91129f388e7075f68f6899652d233fb985eed2208600661956656ee62a24111c20c678750de11a87be46622b165b6c2e8fa73056136fbb5130857a14c00d8ad19bd25a67caf9c022329adffbe425b4fa80a8df74a01f897efb23ed036d57243c6c57f6ee0b9c20ba9f39e12f692ad99d2070e4f8b15ea66b13c8171d0ff31e517ecf33824579780c245eb3611c4758819830910d0830a5fa454e974d42d49ab6da266f1fe535e899c4b17f93e37f616670831606b121b1ea6e8c76ecc3f87a2079fe59323df582c5b312ed7173a270c90218bea3c5b0d9e1658a7d794b18b3160ea1a2930ec30bdd1cd7ab5e0983ee707d31c9a01a7da529c291de114b569add9392dc895f4621842d8dcae8776cab9fb84e5dca9c4201afd3e3920cdae2c95901d7817f0de3d95a6667c0b8bc20e385d246d5d07e59952d4f474241f8b83669119cd6cc4b1f71455cc75c8357f87712153ddac46ebcef8be652aaf7bf494fcda631a3beead40cc1a57dff53ac8e53d98dd7f8d58837f2005e46fe96e071c39d190cad83b8ad1993a457e2548bf9bbb6bc1118ca00f87fc842f1b9c09f67faee5b7badfe39656bc630b8de67ba58fd429c301fa92b3428f9907d46f7388457d741cbf743b400c7b7a9d8514d497be3bb1a94df3b8e65807881e545bf7b8d2fad87fd3db589ca5e042ca3542106c36a1d8966e50fdfddca701b79e0a2d9e20b17ade9e7635de24ba50a67ab3b4b3c7278866682231586138fb3953a9e5a3c95baf84e8ee395c78e26c8a01d6ea0fc32f585bb7603706117afbc524a5e7063fc5c04732a921208ee101005baf9a852cee71985cd0bbb5605fb7c047be1053d141824b4765934e4b36ee47fb7c81aef02d5ac786229cf40ed632704641987cd9a74aff65d06c692cfa046b06214e25ca053344952b0e3640e5a191e6cb26216db57890688e3b3c11aa25312fd9de654528b872ae04e0db2e456ea1dcc3bcede85699a831e2b455bfec833819cb0121221784836c4a8a25a7beb7fb0e5613067cd528a5e2724a50661a4c7354651f6c40ec7de290a35f63fb4a352c3e0a705918a3433e876ca45c8678f319b0dd4123b587b9ac3e098951fdcaa3171547f33b56cfc76ef98c018984bc692a106ae30cb05a7d3b6f254a47fa8e3b146296877541231a7384e74c67c4e247767a043e26ee4798dce13450fc732b0a1fe17064043206279f61f1c41dcda237936fcf35da0cccc56827f02ab46948752768c92bae43814ad3de7701d989b53dae7bd104a7b437ccb85d6cb506bb00ef799026acd28b5b1e01b15adc064b95b217591c4aad938f08563daf7a0a35d01050e1aace7361208cd3ae9db221a8499c4e97168ca12b8034193689653475c4d0f32188d21e5af3a84f5ba7d55cbfe20436215715afc1e89639318281d14ceb4a670f5d5b9f1b26a337c2733ab51f5e55c213baaf002e426644391a20e6eb2080c889246687a029a379207a4996cc7767282be9deb17608791461b2735a900cdabd850723b60689da5017c7c2ef273d5870577303bd1719b988c482e5290fc59ae680a7a25ed769253753171375b6c4d184d295232c2bbb6c90c192492556c9db8b3d5473fe35bc51ae57604ca296d5d377fe53d9eede9cdc0233167d1254857a615463d7436c747fff617e8d43e7bd004a292aabd9c0fdf47ad16c0f3d660256fad66a6f1bef16da4fbcd1fec54023180bcc6358bea1bce712f54a91c0f7dab9e2903092664976809ae9a3f2912f7a30d7146fae9c238e383d7a6add15426173ea01477982643a79ffc86cbf937c721c7941eec3a1c7d399523ba24f69fa8e003186cfa89757c7ea9827ed6fdfd36f589a938a45889f25ac0fc4ab9ff1548472767e3fef5a869ead5b86ac02da75dd802f23a57463a2846b6af4762abd395d6a977ac8cd1c615a5841f468de6ca102de4ac4c2cb58e591156340dc68103f59dbe6cbc5d17afcf22a651cc31ccde2bff3ecf620612359b3f7c0d4a1a84731d1ea360d86c91a12f81061ea807d42f59bfbf5669289c68a05516034b27b016ff1dce2ba8e2fdedfe89d566c958adde09d96c6c90b447ce8b47e013fe685670db64b80d4f7119c3fec8fc68af7231b76348934b494d7469d162edd079ea9ae911ef4c0fec1423af8428fe998577128abf478cd074cf50c116d90b6af4276f4638cc2fd240f6225c153a647efedc3f7b297dc98481371d4188be021218c21e5a4a462792366a9a07c477408b799085fd359ba94cd93efb1431dd8dede087e4fc5bf45908c7e448f8a45bb2ddd2e2b491c8f207d522ac8fb5ec89f915c154fca8c22ca676f2b4a6c81890b36de8a723487a78207d0a976488275078b188f1daddabd7c79f319d768ac33030e889691cf858a4241a91143e034cc80d4e3cfa98c0790827c9c09f0612faf3da478472731c54076ae77debb5a9a4b785ee8b6bbe0a6bc29d31a3c0a7a383a63d6628c881b3de02d49d4aee6ef391beec3dd070a78a1f196dd988bd744ba1d15905c94e2916c92691deba99a0238edbc6156a795d72b01ee4e387768e422ebbc4c88ad07b7187b988f607dce04e1a9669c9280aebbd26b7a6cc8da79bb4a9925cac4141d5160d47b77e9d103cc2eb484ef7394ae4ac04744bcdb471653ebbc1ca04b9e9cfbc1e139867e50200c632397f7d02d9826d81cc1a74cfac21fc34960c67fcbf4223ae5bc5ef2b4b3e9912e98cfe17e7bc7b9fa1d0047bf04fce72fd18e381a69928a5aeca01f687d79ed189df885b353cb2def21bd09762da53a8c0e753cc23c4b8fe6db473f6761d5f244137d80e057678ba12741744958b74dc4b1952205849da09aa81ff47c60632d30fa37780ad4baed27163bcf9dc8f9e7497dd9435a4aff149ce6fc702152614a0b7d4a43d7965182497424ab1b887aead54329f6e1857575c2c7b85a7cf35099a1edfc330d14156e63fc6d8672190df07170f093b69c25ef5ca02e00a02017d179762c696ec3af6f549579382b0cfb0ebe9d1d47e4bd5a3e38154b08d15327c07c73cbe3c293ff8784df5e96e175e1600a6a87e593244abeb4b509babecedaaba36a8253a1b199c79d5edfc49c542f3006374f69e9dd4e20748eeb9436714719bf0eaf97b66a2f52cfea791e63f807bfa8467a27b0fc705a4d6c73e7d2728b6dda1d6a8a8b8dc96d5a4e4a7289d4e35ffd7bf108f315df0e0da8f7ebea91db2c5550c9253fb25e5a1d149c39cbe50d96313f83cd09da59443069c04c137dfcc5681d60a8ece75290961982056082811187b0f6916b095b92f9f8ec03667522c663332cdfb1c22c319f95e2f564f72c8bfd775089bc2951f69badd01b6d625329df354df89d2e3d16863a39bad8e4db34e709d3c14cff2f41d9728123d32e44e9cb1ff4c5dcbce85b2d874dc270b576137dc9fb78eb79ab7b201340db64e5578bc6a6fd07944ef7b638217de333791974d06e2f9670f2116e431448b1c86883e4b5f5aae417339d9665306a32aa8a5d033660594d33b22b108c5669c93e705c2b56a016a7bfd7d58d1cf4b96ea9f235d4cda19d357faec7ae29b840fe26736512f7cd5d6f84bbcfd92c0df0b7efe6780bfde488e48fd23db947bd3304b745d2253329c43621d4084966ed733779b8b888d3dd5a23e53877386bde59ea673675c6250531d6e8d294fdb93a6c355c1ec3e778f95631644f62c7d9bf8a5f56c7245c8634ef5a5e7616790dd67d6de4664a9ca6b878a8429d42d9fc82aa5b0d3a2ee7b2314cab579d8279b5fe1e9cab4d19192cf516d54a5231aa23e5e1c9b6c14f17007afd098d00e80f788d9ab3f472d6c8fbb73ab3a3b93e535767211d044a4a92ebfdd79e5a20626604bd4d74bec3774282d23c8ea27172d6abb0393b86d14ada7701441be1333ab0f0eaed4b3f20d06696dd86a9cc0a95894225ae773c849dd93f4ff43ee71876640d097ddc5356a36b494736464dd2dc436818a1262837003819ad7b3f4ebe250ca4c0db97fdbf047b6bae507533912f55b6d9d545a9042592a63d68e6b0afa5d186b550e3bf4a957341170d24ecc7e1a1a5b12557c6374a1837421e96e3c3aa7fdb75f85644635d569c0902f835b8ba46e2cd2391ebe02cb2ba07616590942dd9f37f880bdd8e4bb697a8c2b8b4b3307b71a1018512ce147d4d58d5c8987683d04006db46c1e34c4c8e5103b932def783bd49a90815489bb5fd48b0d8e1e0d0c48e9022f902df7e329bbebf239e8a623cd985e020a202ad43627697194b8bcd9f5df873aaf1fce5c8a3737a2f958caf5ac331c6513096ab970d93e51af8c4c1cdaabf09e2f055f86e476ee66531f887b97956bb4545d73a5961f32c4e7aea684173d24a4bb0863b369873fbaef17acfb2630d8a1a0759ea5b1b8156104c081e4b4a6f477f38dfd9f3344473e795775dcf8ac7b47756255c8d409e8791e0bba10daf9668153d3e4348fcbf26ae69207cf13c0f7aaf9b17889080613f23cd3d01213455049c4aa3690090142a469d07cd99b74c6aef42535571bbc87eab8a48b0eab6ded75da3d6b58c76a38a3917fb3d5d8fcb65310de640d3817eac61304858045a3bb78d6f60e4416d76f1f37624bacd4738eb2f3431c73063e86917c12003183af7228c6ebc1cd939784ce26b7c36f1853fc2296c4113e642a17c07307d9c27e85ee5bac3065fa74e474689d437171835ccdd0e2c3be8e36c1f0c4085945f8b76c6ca7909bd1abc2c9e82cec0edc014f2ad0ed11dfb60b238dc8edce22b2ac09d5058c93bd8bf8039a12b221ae2926071f9e78403d5b9184228835a000bdc6bd908a407cdfa91a6d577e5d464bcfe092550bc914c3e765df578ff756c8e2d20b218a6786e9f92f43fd1d673b5fd93b7fa0a9baea17036103ef8fadaf543d8544e082f2a3ad8c69689c9ed6b736cea569bdc359d95eeefecce95396dfcc17b19d38822aa946a3cdcdc8377e119eb8f3ad27dcca26e9b139f48cedc8187a4fdae4dcf44c9bd7fe75ed826a01ecaf19c75ba3b7d345a823969320e41e558ef4d76f76185830db98da237465aaee6270159719166fb025fbc5df0ff1f286aa5fca5a957c6dfeeab6e83a22b42aacae8d0381057e76d7cb7017c33c3b7cd598e8d1e0c655700cd02c40425b20c24689186eef163a28960e76fcc131ebc24e6dbb03d207bdbd7dafc440086298eb45387c455c1944deadf0753f2", 0x1000, 0x8}, {&(0x7f0000000180)="72dc709c6d1787740fd0f027f0ef3c41912e3d33aed159fbae7595e1237bd348de264289d38e7a636a55b2e08f525313631c027f864f97650735105acd26157999ed04f273dcd836ecacf543a28e79b2b8284e38bec11dfbbc3d1ca6441f1b0cc490d71a1746d89ca3b372157a88553db5fbb8bf861d13f1a32757d22b677bdb53539198210a100faf0dbd4758e0964ddd425d9293694d8c0e20e3a78bf73e2c5b94291ed55be7a029d3e1f2964c257343de9586fa11b5dcd26c0c4203cbce000a3032e3552998903af580a5224a8f7f125dce8fc441e1e806a5a2ba3ca104b96e4dd71e6690bf8ebe145aa8915cfef4e509fe890813c2e0b01f93691448", 0xfe, 0x3ff}, {&(0x7f0000000380)="c47f901dd0854d7fe1f020eb41ba69783aadec5ecd091c1afcdfe186076f8691d9344fa1b7fc050d34b9d80dc78da84793a693d80de09b2ebfec6bc10a4c80e03d3b7e1ae5bf8a251e9feaa9963eb153352c64ab6bb031bc9965d0cfc6a75e54113a8e138f5b41b3d207ce2b85bc877ce8db9cae4d0bbd61aa8bbd2ae2f95ee4a97a6c14c3459751d2772f882e2d0ffafcde45462b44195bb02066640827fda629689198c4c1768779fed961cb8c716e86e9f8b0627a3a49d3c013225f447af813b4f80d2a0df56843ba45ae673ed86301c3483665fe1298067774e3529c7dce84204dff50a164a25e2affb3d221c54c1c7ebd3482123658a4", 0xf9, 0x7}, {&(0x7f0000001540)="4682db623e34fc18eb229202fa8a0ea975f74348ea2a14db9eed5578eb0fbd2d7c6060f983369aa209ee4384106756f55eed520cc69ed8b54a5535b4e5a189ed481acf228c61685f838180b9abea54d4d2d73d447ba48c8998fb108717aec62662051d8b9b5aec734dc8a2047d9800590287d06f370a2f8a91f94a58fe1437eae6", 0x81, 0x5}], 0x4, &(0x7f0000001680)={[{@utf8='utf8'}, {@case_sensitive_yes='case_sensitive=yes'}, {@errors_recover='errors=recover'}, {@utf8='utf8'}, {@dmask={'dmask', 0x3d, 0x9}}, {@disable_sparse_yes='disable_sparse=yes'}, {@disable_sparse_yes='disable_sparse=yes'}, {@errors_continue='errors=continue'}, {@show_sys_files_yes='show_sys_files=yes'}], [{@smackfsroot={'smackfsroot', 0x3d, 'system.posix_acl_default\x00'}}, {@measure='measure'}, {@obj_role={'obj_role', 0x3d, 'system.posix_acl_default\x00'}}, {@subj_type={'subj_type', 0x3d, 'em0+wlan0'}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@fowner_eq={'fowner', 0x3d, r5}}]}) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r7 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r7, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000208000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r9) fsetxattr$system_posix_acl(r8, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0xb}], {}, [{}, {}, {0x8, 0x0, r9}]}, 0x44, 0x0) lookup_dcookie(0x7, &(0x7f0000001880)=""/73, 0x49) ioctl$ASHMEM_SET_PROT_MASK(r7, 0x40087705, &(0x7f0000000040)={0x7fffffff, 0x2}) set_mempolicy(0x1, &(0x7f0000000000)=0x4, 0x8) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:33 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 330.504907] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 330.512615] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 330.519889] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 330.527183] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 330.534455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 330.541724] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:33 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup(r5) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r7, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r4, 0x89e1, &(0x7f0000000080)={0x3, @default, r7}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000240)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000300)={{{@in, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f0000000280)=0xe8) mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='fuseblk\x00', 0x40410, &(0x7f0000000400)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, r7}, 0x2c, {'group_id', 0x3d, r8}, 0x2c, {[{@allow_other='allow_other'}], [{@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@appraise='appraise'}, {@smackfsdef={'smackfsdef'}}, {@smackfsfloor={'smackfsfloor'}}, {@fowner_lt={'fowner<', r9}}, {@euid_lt={'euid<', r10}}, {@hash='hash'}]}}) [ 330.564697] x86/PAT: syz-executor.3:12671 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 330.589124] x86/PAT: syz-executor.3:12671 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 330.617488] ntfs: (device loop2): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:34 executing program 3 (fault-call:8 fault-nth:34): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:34 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 330.666828] ntfs: (device loop5): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:34 executing program 2: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = geteuid() r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r5, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r5}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)={{}, {}, [{0x2, 0x2, 0xee01}, {0x2, 0x5, r1}, {0x2, 0x4, 0xee01}, {0x2, 0xc, r5}], {}, [], {0x10, 0x4}}, 0x44, 0x0) 02:56:34 executing program 0: openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x20000, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r4, 0xc0106401, &(0x7f0000000400)={0x9c, &(0x7f0000000600)=""/156}) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r3) mount$9p_unix(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='9p\x00', 0x10000, &(0x7f0000000300)={'trans=unix,', {[{@debug={'debug', 0x3d, 0x1}}, {@dfltgid={'dfltgid', 0x3d, r3}}], [{@smackfsroot={'smackfsroot'}}]}}) r5 = socket$inet(0xa, 0x801, 0x84) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VIDIOC_STREAMOFF(r6, 0x40045613, &(0x7f0000000380)=0x8) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000000c0)={r8, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000580)={r8, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000000c0)={r8, 0x53, "04b2f4670dc466220d967900e18bd708ce3ebd736ce4086dc959737525e12d8b2161824987562bd8111dc4cc09bc02bd5b51eb702b5b74713395de30f302e5bf19911acd9e46709f8b804729a4189473de7d03"}, &(0x7f0000000040)=0x5b) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r9 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r9, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") signalfd4(r9, &(0x7f0000000540)={0xa98c}, 0x8, 0x40800) ioctl$SNDRV_TIMER_IOCTL_PVERSION(0xffffffffffffffff, 0x80045400, &(0x7f0000000440)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:34 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000300)={0x234, 0x0, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x28, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_BEARER={0x98, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffffffffe1c3}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x100000001}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0xc797, @dev={0xfe, 0x80, [], 0x1d}, 0x2}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0xdb, @mcast1, 0xcf7a}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e21, @local}}}}]}, @TIPC_NLA_BEARER={0x12c, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x14, 0x2, @in={0x2, 0x4e24, @empty}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x101}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x17, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x2b}}, 0x401}}, {0x14, 0x2, @in={0x2, 0x10000004e20, @broadcast}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x1f, @mcast2, 0xea4}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x726b6251, @dev={0xfe, 0x80, [], 0xa}, 0xbf}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x400}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x3ff, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x6}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x3, @remote, 0x6}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_NET={0x34, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8001}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x20}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8a}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x200}]}]}, 0x234}, 0x1, 0x0, 0x0, 0x4}, 0x40010) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x101000, 0x0) [ 330.794853] x86/PAT: syz-executor.3:12706 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 330.833336] FAULT_INJECTION: forcing a failure. [ 330.833336] name failslab, interval 1, probability 0, space 0, times 0 [ 330.847543] CPU: 0 PID: 12706 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 330.855539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.864888] Call Trace: [ 330.864908] dump_stack+0x138/0x197 [ 330.864931] should_fail.cold+0x10f/0x159 [ 330.871164] should_failslab+0xdb/0x130 [ 330.871181] kmem_cache_alloc+0x2d7/0x780 [ 330.871190] ? __pmd_alloc+0x410/0x410 [ 330.871209] copy_process.part.0+0x444f/0x6a00 [ 330.871238] ? __cleanup_sighand+0x50/0x50 [ 330.896162] ? lock_downgrade+0x6e0/0x6e0 [ 330.900335] _do_fork+0x19e/0xce0 [ 330.903886] ? fork_idle+0x280/0x280 [ 330.907638] ? fput+0xd4/0x150 [ 330.910840] ? SyS_write+0x15e/0x230 [ 330.914563] SyS_clone+0x37/0x50 [ 330.917931] ? sys_vfork+0x30/0x30 [ 330.921482] do_syscall_64+0x1e8/0x640 [ 330.925378] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.930955] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 330.936246] RIP: 0033:0x4598e9 [ 330.939615] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:34 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 330.947341] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 330.955138] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 330.962602] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 330.969881] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 330.977161] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:34 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:34 executing program 2: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000000)='tlreaded\x00', 0xfffffffffffffdad) lseek(r0, 0x0, 0x4) 02:56:34 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x2, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:34 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000004, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) openat$selinux_user(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/user\x00', 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x200000, 0x0) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000180)=0xc2, 0x4) ioctl$SG_GET_ACCESS_COUNT(r3, 0x2289, &(0x7f0000000140)) ioctl$sock_SIOCGIFBR(r2, 0x8940, &(0x7f0000000080)=@generic={0x0, 0x3, 0x7fffffff}) 02:56:34 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:34 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) openat$cgroup_int(r0, &(0x7f0000000000)='rdma.max\x00', 0x2, 0x0) 02:56:34 executing program 3 (fault-call:8 fault-nth:35): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 331.368597] x86/PAT: syz-executor.3:12704 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 331.390394] x86/PAT: syz-executor.3:12704 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:34 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x40000, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$vhci(r1, &(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, "5d6500f612fc05e6b5306135be9ce633d332a988c5ff0af0f85d023b5873445321d2ddac251a70ce3a8ab344d2fb8e42ed2eee7ffa351cd5fa990a7384a991fa64b52080e0ec1a2c8a29676ce709785d541fbe92c140f8a7a365d2d75d66e2028819f42a7463bc8bfb7048b5a2277aaf84240d7a8fdb16760068b95ba1e4a0fe51ec0ab93445103aaf0ef6665ca4dd65a8b9f06ae709e5b23c7e6420fc3d4d43cca14952b7b4be08f19419f179978b30507a8c6fed2374d137a03294d9552fe9cf2b3f45bede61468aa6"}, 0xcb) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) 02:56:34 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:34 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="08000000441324fa47eebc14e91463c80fc2c483e9997d2ba426305b88da559ade6bc36dc8a5a8b9562c843d3b23", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="28554d51afe128000100000000f68bbc27fb41d4133c"], 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = accept$packet(r1, 0x0, &(0x7f0000000040)) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) tee(r2, r3, 0x755, 0x10) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)=0x0) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {}, [], {}, [{0x8, 0x7, r4}, {0x8, 0xf, r5}, {0x8, 0x7, r4}]}, 0x3c, 0x0) 02:56:34 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x2) 02:56:34 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040), 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 331.545736] x86/PAT: syz-executor.3:12767 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 331.591451] FAULT_INJECTION: forcing a failure. [ 331.591451] name failslab, interval 1, probability 0, space 0, times 0 [ 331.620841] CPU: 1 PID: 12767 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 331.627906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.627911] Call Trace: [ 331.627930] dump_stack+0x138/0x197 [ 331.627950] should_fail.cold+0x10f/0x159 [ 331.647741] should_failslab+0xdb/0x130 [ 331.651812] kmem_cache_alloc+0x2d7/0x780 [ 331.655968] ? __pmd_alloc+0x410/0x410 [ 331.659873] copy_process.part.0+0x444f/0x6a00 [ 331.664660] ? __cleanup_sighand+0x50/0x50 [ 331.668907] ? lock_downgrade+0x6e0/0x6e0 [ 331.673080] _do_fork+0x19e/0xce0 [ 331.676558] ? fork_idle+0x280/0x280 [ 331.680280] ? fput+0xd4/0x150 [ 331.683664] ? SyS_write+0x15e/0x230 [ 331.687385] SyS_clone+0x37/0x50 [ 331.690751] ? sys_vfork+0x30/0x30 [ 331.694311] do_syscall_64+0x1e8/0x640 [ 331.698203] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.703144] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 331.708455] RIP: 0033:0x4598e9 [ 331.708460] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 331.708471] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 331.708477] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 331.708482] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 02:56:35 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.mem_exclusive\x00', 0x2, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}]}, 0x3c, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f00000000c0)={r3, 0x100000000, 0x4, "95421c7fea2708"}) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getsockopt$IP_VS_SO_GET_INFO(r4, 0x0, 0x481, &(0x7f0000000100), &(0x7f0000000140)=0xc) 02:56:35 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040), 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:35 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00') fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000100000000000000020000004d45dd595bf67235842b0eda33743537fb91a8755499786f706b3b4789cf7b067df694", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000004000000000000001000000000000000204c000000000000"], 0x24, 0x0) [ 331.708487] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 331.708492] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:35 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040), 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 331.846937] x86/PAT: syz-executor.3:12767 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 331.867334] x86/PAT: syz-executor.3:12767 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:35 executing program 3 (fault-call:8 fault-nth:36): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:35 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) 02:56:35 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = gettid() fcntl$setownex(r1, 0xf, &(0x7f00000001c0)={0x2, r2}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x7fff, 0x80000) accept4(r0, &(0x7f0000000100)=@in={0x2, 0x0, @empty}, &(0x7f0000000180)=0x80, 0x800) setsockopt$RDS_CANCEL_SENT_TO(r3, 0x114, 0x1, &(0x7f00000000c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10) r4 = socket$kcm(0xa, 0x5, 0x0) ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000200)) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000)) 02:56:35 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) [ 332.017684] x86/PAT: syz-executor.3:12793 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 332.053314] FAULT_INJECTION: forcing a failure. [ 332.053314] name failslab, interval 1, probability 0, space 0, times 0 [ 332.089300] CPU: 1 PID: 12793 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 332.096372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.105729] Call Trace: [ 332.108328] dump_stack+0x138/0x197 [ 332.111971] should_fail.cold+0x10f/0x159 [ 332.116138] should_failslab+0xdb/0x130 [ 332.120116] kmem_cache_alloc+0x47/0x780 [ 332.120131] ? anon_vma_chain_link+0x142/0x1a0 [ 332.120144] anon_vma_clone+0xde/0x470 [ 332.120158] anon_vma_fork+0x87/0x4d0 [ 332.120173] copy_process.part.0+0x45e2/0x6a00 [ 332.120204] ? __cleanup_sighand+0x50/0x50 [ 332.120216] ? lock_downgrade+0x6e0/0x6e0 [ 332.128833] _do_fork+0x19e/0xce0 [ 332.128847] ? fork_idle+0x280/0x280 [ 332.156691] ? fput+0xd4/0x150 [ 332.159900] ? SyS_write+0x15e/0x230 [ 332.163624] SyS_clone+0x37/0x50 [ 332.166997] ? sys_vfork+0x30/0x30 [ 332.170552] do_syscall_64+0x1e8/0x640 [ 332.174456] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.179313] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 332.184596] RIP: 0033:0x4598e9 02:56:35 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fstat(r2, &(0x7f00000000c0)) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r3) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {0x4, 0x5}, [{}, {}, {0x8, 0x0, r3}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KVM_GET_XCRS(r1, 0x8188aea6, &(0x7f0000000000)={0x1, 0x2, [{0x8, 0x0, 0x9}]}) 02:56:35 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) [ 332.187785] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 332.195500] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 332.203480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 332.210956] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 332.218339] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 332.225616] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:35 executing program 3 (fault-call:8 fault-nth:37): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:35 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}]}, 0x2c, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fstat(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000001c0)={{}, {0x1, 0x4}, [{0x2, 0x1, r2}, {0x2, 0x4, r2}, {0x2, 0x8, r3}], {}, [{0x8, 0x1, 0xee01}]}, 0x44, 0x0) [ 332.307068] x86/PAT: syz-executor.3:12806 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 332.321407] x86/PAT: syz-executor.3:12806 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:35 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, 0x0) [ 332.424576] x86/PAT: syz-executor.3:12814 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 332.447450] FAULT_INJECTION: forcing a failure. [ 332.447450] name failslab, interval 1, probability 0, space 0, times 0 [ 332.474348] CPU: 0 PID: 12814 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 332.481398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.490871] Call Trace: [ 332.493485] dump_stack+0x138/0x197 [ 332.497133] should_fail.cold+0x10f/0x159 [ 332.501292] ? anon_vma_clone+0xde/0x470 [ 332.505373] should_failslab+0xdb/0x130 [ 332.509362] kmem_cache_alloc+0x47/0x780 [ 332.513435] ? anon_vma_chain_link+0x142/0x1a0 [ 332.518034] anon_vma_clone+0xde/0x470 [ 332.521943] anon_vma_fork+0x87/0x4d0 [ 332.525791] copy_process.part.0+0x45e2/0x6a00 [ 332.530397] ? __cleanup_sighand+0x50/0x50 [ 332.534640] ? lock_downgrade+0x6e0/0x6e0 [ 332.539149] _do_fork+0x19e/0xce0 [ 332.542612] ? fork_idle+0x280/0x280 [ 332.546339] ? fput+0xd4/0x150 [ 332.549540] ? SyS_write+0x15e/0x230 [ 332.553263] SyS_clone+0x37/0x50 [ 332.556635] ? sys_vfork+0x30/0x30 [ 332.560185] do_syscall_64+0x1e8/0x640 [ 332.564076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.568940] entry_SYSCALL_64_after_hwframe+0x42/0xb7 02:56:35 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@multicast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000000)=0xe8) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') getsockopt$IP6T_SO_GET_ENTRIES(r3, 0x29, 0x41, &(0x7f00000002c0)={'nat\x00', 0xf8, "612c95441cc111f13571d8072d2884bbc3108a0fced9d46d81815d1c3fa6c98915136efafb96e0792e6827a4334dc517d7dee95a330be1ee661e7f62f8cd8b8586dc7d4efffa9f832d09b3799c346c91e596f1b850fba12eaefe5eb7ead1bfddff6a0434887804ef5872ec35126644360df2fa6b1b1c9fc5eaab4fbd578cf9045867441a1b19f13f7cc29f22ad90dde019f79472f9f629c6b5a746ad513f69bb39e06260cde775423ac5941c0a2b078685094a17675677133ef3e302f8433bf139b7b8c29212d3a3f446014b3cbbf01a1c2701d61c4d31b4c666ea2dbcf2174233c7cb2f53e3a7afd09bb0369985ea84fe6afddbbda913c0"}, &(0x7f0000000040)=0x11c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup(r4) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r6, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000080)={0x3, @default, r6}) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@loopback, 0x4e24, 0x4, 0x4e21, 0x6, 0x0, 0x20, 0x80, 0x1ad778ab9c243450, r2, r6}, {0x10001, 0x6, 0x9, 0x200, 0x8, 0x6, 0x9, 0x7}, {0x2, 0x9, 0x1, 0x1ff}, 0x6, 0x6e6bb7, 0x3, 0xecf9329faad2383, 0x0, 0x2}, {{@in6=@mcast1, 0x4d5, 0x6c}, 0xa, @in6=@loopback, 0x34ff, 0x3, 0x3, 0x1, 0x3, 0x8, 0x7}}, 0xe8) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="020000000100000000000000040000000000000000800000000000002000000000000000"], 0x24, 0x0) [ 332.574140] RIP: 0033:0x4598e9 [ 332.577326] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 332.585034] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 332.592408] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 332.599691] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 332.606968] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 332.614239] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:36 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, 0x0) [ 332.663537] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:36 executing program 3 (fault-call:8 fault-nth:38): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:36 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, 0x0) [ 332.742118] x86/PAT: syz-executor.3:12828 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 332.757991] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 332.775872] x86/PAT: syz-executor.3:12828 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:36 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socket$packet(0x11, 0x2, 0x300) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x80081, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000140)={0xffffffffffffffff}, 0x106, 0x9}}, 0x20) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002090000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) r4 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r5 = socket$inet(0xa, 0x801, 0x84) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000000c0)={r7, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000580)={r7, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000240)={r7, 0x4e, "f6e734c57c8de767017e0040a686d370642cfec9bfe6196bf9f03d307db290ab20540cd5713b82ea01e90c329482dce695429d1d2ad581f5f90b0518c01aa8fc2622970585fb08fcad6d1127e671"}, &(0x7f0000000300)=0x56) ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000200)) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f00000001c0)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f00000000c0)=[{0x13, 0x0, [0x8, 0x100000001, 0x5, 0xfffffffffffffffe, 0x7, 0x0, 0x1, 0x7ff, 0x3, 0x4c, 0x7fffffff, 0x9, 0x200, 0x7147, 0x8, 0x94cf]}], r2, 0x1, 0x1, 0x48}}, 0x20) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r8 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x890b, &(0x7f0000000000)) 02:56:36 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000004000020001d7f6a2d7948feb068b5ff014cce0000200000"], 0x24, 0x0) 02:56:36 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 332.905466] x86/PAT: syz-executor.3:12839 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 332.934430] FAULT_INJECTION: forcing a failure. [ 332.934430] name failslab, interval 1, probability 0, space 0, times 0 [ 332.986204] CPU: 0 PID: 12839 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 332.993262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.002630] Call Trace: [ 333.005321] dump_stack+0x138/0x197 [ 333.008967] should_fail.cold+0x10f/0x159 [ 333.013126] ? anon_vma_clone+0xde/0x470 [ 333.017197] should_failslab+0xdb/0x130 [ 333.021185] kmem_cache_alloc+0x47/0x780 [ 333.025267] ? anon_vma_chain_link+0x142/0x1a0 [ 333.029860] anon_vma_clone+0xde/0x470 [ 333.033764] anon_vma_fork+0x87/0x4d0 [ 333.037573] copy_process.part.0+0x45e2/0x6a00 [ 333.042185] ? __cleanup_sighand+0x50/0x50 [ 333.046423] ? lock_downgrade+0x6e0/0x6e0 [ 333.050585] _do_fork+0x19e/0xce0 [ 333.054045] ? fork_idle+0x280/0x280 [ 333.057768] ? fput+0xd4/0x150 [ 333.061017] ? SyS_write+0x15e/0x230 [ 333.064739] SyS_clone+0x37/0x50 [ 333.068103] ? sys_vfork+0x30/0x30 [ 333.071655] do_syscall_64+0x1e8/0x640 [ 333.075546] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.080405] entry_SYSCALL_64_after_hwframe+0x42/0xb7 02:56:36 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x200, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000df8c02190002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) write$FUSE_NOTIFY_POLL(r3, &(0x7f00000000c0)={0x18, 0x1, 0x0, {0x6}}, 0x18) ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 333.085592] RIP: 0033:0x4598e9 [ 333.088776] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 333.096490] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 333.103859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 333.111137] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 333.118414] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 333.125689] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:36 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fstatfs(r1, &(0x7f0000000040)=""/36) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0xde606b7442191627) 02:56:36 executing program 4 (fault-call:3 fault-nth:0): perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:36 executing program 3 (fault-call:8 fault-nth:39): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 333.211527] x86/PAT: syz-executor.3:12851 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 333.234165] FAULT_INJECTION: forcing a failure. [ 333.234165] name failslab, interval 1, probability 0, space 0, times 0 [ 333.245273] x86/PAT: syz-executor.3:12851 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 333.275861] CPU: 1 PID: 12858 Comm: syz-executor.4 Not tainted 4.14.143 #0 [ 333.283012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.292480] Call Trace: [ 333.292500] dump_stack+0x138/0x197 [ 333.292518] should_fail.cold+0x10f/0x159 [ 333.292534] should_failslab+0xdb/0x130 [ 333.292548] kmem_cache_alloc+0x47/0x780 [ 333.292557] ? find_held_lock+0x35/0x130 [ 333.292570] ? fib6_get_table+0x1ee/0x2b0 [ 333.292586] dst_alloc+0xf3/0x1a0 02:56:36 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x6000, 0x0) fstat(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000140)={{}, {}, [{0x2, 0x2, r1}, {0x2, 0x2, r1}, {0x2, 0x6, r1}], {}, [{0x8, 0x3}, {}, {}]}, 0x54, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 333.292599] __ip6_dst_alloc+0x34/0x60 [ 333.292610] ip6_dst_alloc+0x2d/0x1d0 [ 333.306915] ? fib6_get_table+0x161/0x2b0 [ 333.306931] ip6_route_info_create+0x316/0x2810 [ 333.306945] ? rtnl_lock+0x17/0x20 [ 333.306960] ? ip6_pol_route_output+0x60/0x60 [ 333.306973] ? find_held_lock+0x35/0x130 [ 333.306984] ? mutex_trylock+0x1c0/0x1c0 [ 333.306993] ? find_held_lock+0x35/0x130 [ 333.359559] ? l3mdev_fib_table_by_index+0xc3/0x160 [ 333.364597] ip6_route_add+0x71/0x110 [ 333.368411] ? icmp6_dst_alloc+0x580/0x580 [ 333.372661] ipv6_route_ioctl+0x1e5/0x270 [ 333.376822] ? rt6_purge_dflt_routers+0x470/0x470 [ 333.381674] ? get_pid_task+0x98/0x140 [ 333.385597] inet6_ioctl+0x102/0x1b0 [ 333.389323] sock_do_ioctl+0x64/0xb0 [ 333.393051] sock_ioctl+0x2a6/0x470 [ 333.396684] ? dlci_ioctl_set+0x40/0x40 [ 333.400759] do_vfs_ioctl+0x7ae/0x1060 [ 333.404655] ? selinux_file_mprotect+0x5d0/0x5d0 [ 333.409418] ? lock_downgrade+0x6e0/0x6e0 [ 333.413574] ? ioctl_preallocate+0x1c0/0x1c0 [ 333.417992] ? __fget+0x237/0x370 [ 333.421461] ? security_file_ioctl+0x89/0xb0 [ 333.425879] SyS_ioctl+0x8f/0xc0 [ 333.429251] ? do_vfs_ioctl+0x1060/0x1060 [ 333.433405] do_syscall_64+0x1e8/0x640 [ 333.437295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.442152] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 333.447346] RIP: 0033:0x4598e9 [ 333.450539] RSP: 002b:00007f0709704c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 333.458278] RAX: ffffffffffffffda RBX: 00007f0709704c90 RCX: 00000000004598e9 [ 333.465550] RDX: 0000000020000000 RSI: 000000000000890b RDI: 0000000000000003 [ 333.472823] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 333.480101] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f07097056d4 [ 333.487463] R13: 00000000004c5863 R14: 00000000004d9fc0 R15: 0000000000000004 02:56:36 executing program 4 (fault-call:3 fault-nth:1): perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:36 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [{}, {}, {}]}, 0x3c, 0x2) getsockopt$netrom_NETROM_T4(r2, 0x103, 0x6, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0x4) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:37 executing program 0: r0 = open(&(0x7f0000000000)='./file0\x00', 0x80, 0x338) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 333.594676] x86/PAT: syz-executor.3:12871 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 333.614254] FAULT_INJECTION: forcing a failure. [ 333.614254] name failslab, interval 1, probability 0, space 0, times 0 [ 333.638966] CPU: 1 PID: 12871 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 333.646026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.655379] Call Trace: [ 333.655399] dump_stack+0x138/0x197 [ 333.655419] should_fail.cold+0x10f/0x159 [ 333.665782] should_failslab+0xdb/0x130 [ 333.669783] kmem_cache_alloc+0x2d7/0x780 [ 333.673937] ? anon_vma_clone+0x310/0x470 [ 333.678182] anon_vma_fork+0x1ce/0x4d0 [ 333.682081] copy_process.part.0+0x45e2/0x6a00 [ 333.686690] ? __cleanup_sighand+0x50/0x50 [ 333.690937] ? lock_downgrade+0x6e0/0x6e0 [ 333.695098] _do_fork+0x19e/0xce0 [ 333.698571] ? fork_idle+0x280/0x280 [ 333.702295] ? fput+0xd4/0x150 [ 333.705500] ? SyS_write+0x15e/0x230 [ 333.709224] SyS_clone+0x37/0x50 [ 333.712588] ? sys_vfork+0x30/0x30 [ 333.716135] do_syscall_64+0x1e8/0x640 [ 333.720050] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.724904] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 333.730096] RIP: 0033:0x4598e9 [ 333.733393] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:37 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x10000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 333.741106] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 333.748382] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 333.755661] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 333.763112] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 333.770384] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:37 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) close(r1) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r3}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000280)={0x13, 0x10, 0xfa00, {&(0x7f0000000080), r3}}, 0x18) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, &(0x7f0000000000)) 02:56:37 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="380004f0", @ANYRES16=0x0, @ANYBLOB="000127bd7000fbdbdf25030000000c00080008000000000000000c00020000000000000000000c000800feffffffffffffff"], 0x3}, 0x1, 0x0, 0x0, 0x1}, 0x73ffae43ec7b8d01) r2 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$clear(0x1d, r3) add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000380)="d6", 0x1, r3) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, r3) r5 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$clear(0x1d, r5) add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000380)="d6", 0x1, r5) r6 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, r5) keyctl$KEYCTL_MOVE(0x1e, r2, r4, r6, 0x1) 02:56:37 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 333.947955] x86/PAT: syz-executor.3:12871 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:37 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) unshare(0x2040400) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) r2 = socket$inet6(0xa, 0x400000000001, 0x0) close(r2) r3 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0) ftruncate(r3, 0x200004) sendfile(r2, r3, 0x0, 0x80001d00c0d0) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000040)={r5}, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f00000000c0)={0x6, 0x100000000, 0x5, 0x1, 0x6, 0xb8d}) r6 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x890b, &(0x7f0000000000)) [ 334.009803] x86/PAT: syz-executor.3:12871 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:37 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:37 executing program 3 (fault-call:8 fault-nth:40): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 334.199436] x86/PAT: syz-executor.3:12912 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 334.224627] FAULT_INJECTION: forcing a failure. [ 334.224627] name failslab, interval 1, probability 0, space 0, times 0 [ 334.248176] CPU: 1 PID: 12912 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 334.255234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.264599] Call Trace: [ 334.267203] dump_stack+0x138/0x197 [ 334.270847] should_fail.cold+0x10f/0x159 [ 334.275013] should_failslab+0xdb/0x130 [ 334.279023] kmem_cache_alloc+0x2d7/0x780 [ 334.283269] ? anon_vma_clone+0x310/0x470 [ 334.287431] anon_vma_fork+0x1ce/0x4d0 [ 334.291333] copy_process.part.0+0x45e2/0x6a00 [ 334.295968] ? __cleanup_sighand+0x50/0x50 [ 334.300218] ? lock_downgrade+0x6e0/0x6e0 [ 334.304374] _do_fork+0x19e/0xce0 [ 334.307834] ? fork_idle+0x280/0x280 [ 334.311555] ? fput+0xd4/0x150 [ 334.314755] ? SyS_write+0x15e/0x230 [ 334.318480] SyS_clone+0x37/0x50 [ 334.321844] ? sys_vfork+0x30/0x30 [ 334.325393] do_syscall_64+0x1e8/0x640 [ 334.329287] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.334141] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 334.339336] RIP: 0033:0x4598e9 [ 334.342526] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 334.350235] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 334.357606] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 334.364882] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 334.372245] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 334.379527] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 334.402497] x86/PAT: syz-executor.3:12912 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 334.413990] x86/PAT: syz-executor.3:12912 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:37 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x28}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000f11f00000000000000"], 0x44, 0x0) ioctl$KVM_SMI(r1, 0xaeb7) ioctl$UI_GET_VERSION(r1, 0x8004552d, &(0x7f0000000100)) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:37 executing program 3 (fault-call:8 fault-nth:41): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:37 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r1) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r2) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r3) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r4) getgroups(0x7, &(0x7f0000000000)=[0xee01, r1, 0x0, r2, 0xee01, r3, r4]) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x1}], {}, [{0x8, 0x0, r5}, {0x8, 0x4}, {0x8, 0x2}]}, 0x40, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:37 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x4}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r3 = socket$inet(0xa, 0x801, 0x84) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000088bf5dd9bcc09cb5c2461ff324f900", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000000c0)={r5, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000580)={r5, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={r5, 0x10}, 0x8) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x6, 0x1, 0x0}, &(0x7f00000000c0)=0x20) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000100)={0x1410, 0x5, 0x420c, 0x5, 0x4, 0xe3, 0x501, 0x9a, r2}, &(0x7f0000000140)=0x20) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)) 02:56:38 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) socket$rds(0x15, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000080)=@gcm_128={{0x303}, "9fbc36110bed82dc", "963c8869291a2deba06a61523f5231c3", "249084e7", "54050585db5d8e60"}, 0x28) [ 334.571400] x86/PAT: syz-executor.3:12926 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 334.629864] FAULT_INJECTION: forcing a failure. [ 334.629864] name failslab, interval 1, probability 0, space 0, times 0 [ 334.668890] CPU: 1 PID: 12933 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 334.675946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.685312] Call Trace: [ 334.687915] dump_stack+0x138/0x197 [ 334.691561] should_fail.cold+0x10f/0x159 [ 334.695746] should_failslab+0xdb/0x130 [ 334.699744] kmem_cache_alloc+0x2d7/0x780 [ 334.703900] ? anon_vma_clone+0x310/0x470 [ 334.708058] anon_vma_fork+0x1ce/0x4d0 [ 334.712063] copy_process.part.0+0x45e2/0x6a00 [ 334.716679] ? __cleanup_sighand+0x50/0x50 [ 334.720919] ? lock_downgrade+0x6e0/0x6e0 [ 334.725079] _do_fork+0x19e/0xce0 [ 334.728645] ? fork_idle+0x280/0x280 [ 334.732365] ? fput+0xd4/0x150 [ 334.735559] ? SyS_write+0x15e/0x230 [ 334.739287] SyS_clone+0x37/0x50 [ 334.742693] ? sys_vfork+0x30/0x30 [ 334.746244] do_syscall_64+0x1e8/0x640 [ 334.750134] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.754994] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 334.760222] RIP: 0033:0x4598e9 [ 334.763418] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 334.771131] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 334.778409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 334.785769] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 334.793043] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 334.800515] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 334.816533] x86/PAT: syz-executor.3:12933 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 334.842983] x86/PAT: syz-executor.3:12933 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:38 executing program 3 (fault-call:8 fault-nth:42): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:38 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r3 = dup3(r1, r2, 0x80000) ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000080)={0xfffffffffffffffe, 0xff, "a89d75f9059d932ee17ddcc9f732508513ba0d75b5efe26e94f54af2aba2aad0747fb9c0d09b3ddb0e058c5805ebb43e46253cd22e187bd5699d91eee1e3e6672fb866093ac7246f795eb9d28d700d2eb6721ac5dfd10759dee81d1a13a5b8148082dfec42e8eb9d4693e0aac8367e49233dbe2e2e585ec83d58d86d1326e1695c07db023314eabeef8faee53cc98ce4d04ff5e2cb71adc830d10f5e36b53efdad360d8a47947597d62fd4f84c2fa60519f7bb4226d3d240b5d3401371f433a1ca9a082f6bc4917ab4cf67c7b1fd4fc73fafa2106226a3301d357fef56650a9c3b7731d2bcfda7fc1c7f0774a7a95de97837033859c3ee66a80b0e574dcbec"}) 02:56:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x63f2, 0x4800c0) ioctl$IOC_PR_REGISTER(r2, 0x401870c8, &(0x7f00000000c0)={0xfc, 0x9}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 334.970142] x86/PAT: syz-executor.3:12948 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 334.991416] FAULT_INJECTION: forcing a failure. [ 334.991416] name failslab, interval 1, probability 0, space 0, times 0 [ 335.030176] CPU: 1 PID: 12948 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 335.037241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.046691] Call Trace: [ 335.049290] dump_stack+0x138/0x197 [ 335.052930] should_fail.cold+0x10f/0x159 [ 335.052947] should_failslab+0xdb/0x130 [ 335.061046] kmem_cache_alloc+0x2d7/0x780 [ 335.061064] ptlock_alloc+0x20/0x70 [ 335.061073] pte_alloc_one+0x60/0x100 [ 335.061080] __pte_alloc+0x2a/0x2d0 [ 335.061091] copy_page_range+0x11ba/0x1bd0 [ 335.061103] ? anon_vma_fork+0x358/0x4d0 [ 335.061118] ? vma_compute_subtree_gap+0x190/0x1f0 [ 335.061135] ? __pmd_alloc+0x410/0x410 [ 335.061152] copy_process.part.0+0x4764/0x6a00 [ 335.061181] ? __cleanup_sighand+0x50/0x50 [ 335.102377] ? lock_downgrade+0x6e0/0x6e0 [ 335.106544] _do_fork+0x19e/0xce0 [ 335.110118] ? fork_idle+0x280/0x280 [ 335.113840] ? fput+0xd4/0x150 [ 335.117040] ? SyS_write+0x15e/0x230 [ 335.120863] SyS_clone+0x37/0x50 [ 335.124230] ? sys_vfork+0x30/0x30 02:56:38 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) [ 335.127873] do_syscall_64+0x1e8/0x640 [ 335.131768] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.136621] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 335.141819] RIP: 0033:0x4598e9 [ 335.145022] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 335.152737] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 335.160022] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 335.167381] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 02:56:38 executing program 5: openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x398a0fb77f07e567, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) connect$unix(r1, &(0x7f0000000300)=@abs={0x1, 0x0, 0x4e23}, 0x6e) perf_event_open$cgroup(&(0x7f0000000240)={0x1, 0x70, 0xffffffffffffffff, 0x0, 0x0, 0xd2, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) r3 = accept4(0xffffffffffffffff, &(0x7f0000000080)=@ax25={{0x3, @netrom}, [@null, @remote, @remote, @remote, @bcast, @remote, @netrom, @null]}, &(0x7f0000000100)=0x80, 0xb0ba229434e9fba2) fsetxattr$security_selinux(r3, &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000180)='system_u:object_r:hald_var_lib_t:s0\x00', 0x24, 0x0) [ 335.174657] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 335.181931] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:38 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x3, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x7c, r2, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x20}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3a}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x25}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:38 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) 02:56:38 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r1) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r2) bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000240)='./file0\x00', 0x0, 0x18}, 0x10) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)=0x0) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r3) lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_access\x00', &(0x7f0000000180)={{}, {}, [], {}, [{0x8, 0x0, r1}, {0x8, 0x3, r4}, {0x8, 0x0, r1}, {0x8, 0x0, r2}, {0x8, 0x2, r3}, {0x8, 0x1, r5}, {0x8, 0x2, r3}]}, 0x5c, 0x0) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="2fffff9c", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [], {0x10, 0x2}}, 0x2c, 0x0) name_to_handle_at(r6, &(0x7f0000000040)='./file1\x00', &(0x7f0000000380)={0xe7, 0x9, "0d1fc6e8ff0ecad1d376560c5e81499eaf3010006faf7f8d5b94212d93db64b12c302ae280dca25e515694ce71e4b06a8dce3953833e276dd72896098fe2eefe38bee59dd791655d52d6d9886aae9f5a711358e21f85aac446d85805bc73d1ce023a8d33c131ef6813a8d183334cc3731473b0a229185d62a35d8caf3a2923ab1c0acd65f73fb447a27d762f6bdc019bcd35b77c70a38da9312cfd1b6bf2723e8cefaf986065a6f9497b7520359426b7040615182da54110827f130c2590ecdd501412b98dd87ba4301fe2797c15a6070ac1ed9bc3863dd557018c697e60fe"}, &(0x7f0000000200), 0x0) 02:56:38 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) syz_read_part_table(0xec, 0x5, &(0x7f0000000380)=[{&(0x7f0000000080)="aaad3f869586c86ddae374a7c05b12db3aeed2fbaf5b00270c8b6425aa9091b20f1c475d0faffbcb8b491fb3ddf82241acd721e91675a041eb31a58a2155aa2aa0cbfef180d0ec17389c47c30e1ebf7f733dfad32cba8e4047dc", 0x5a, 0x4}, {&(0x7f0000000100), 0x0, 0x5}, {&(0x7f0000000140)="81a4f8cacf3a8c5f65cf8dc8c4e59dd4be152466358a4f258a0de5f6176293c06146f272abba35f6bba9637985f1c41064165cd94054073a162a5ff5b2964569c0e59bf908ffef9f2f", 0x49, 0x7}, {&(0x7f00000001c0)="72c686e773844ac13eee01a4d9c6b808d2469c825e165307b2a78fb5a1c3d2f53054290f30193780a9ddf785f8768fea6df9a007637f2a7aa850f4ba906702875d09677ff1d44a885803c0b6f487330a991e28524bf8816afece20a9eee5148fc68f08fde4db630adfa9b4a2e4a422a0f76273c5135979bae4af45852a0dc31eb0e79999a401907d4a6e891e99d5d3c70d70e72d41406b73ba65", 0x9a, 0x7}, {&(0x7f0000000300)="ee8ee6481f5e3fce4d5c7b4712d1317f2e62b360e344b6c50ec22f94c15cc13746a29171ba0d4f6af123bdb9fad2fd64d9858b76be84abd6a8611d4c821cae5d2e32f16ff2c37f3516977708529944d2b2898d458047bb4360903839b6e0", 0x5e, 0x9}]) 02:56:38 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x42a402, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 335.384022] x86/PAT: syz-executor.3:12948 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 335.419707] x86/PAT: syz-executor.3:12948 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:38 executing program 3 (fault-call:8 fault-nth:43): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:38 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/policy\x00', 0x0, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f00000001c0)={0x3, 0xe000, 0x80000001, 0x6}, 0x6) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r2, &(0x7f0000000000)='net/l2cap\x00') r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) accept4$bt_l2cap(r3, &(0x7f0000000200), &(0x7f0000000240)=0xe, 0x80800) getgroups(0x1, &(0x7f0000000140)=[0xee01]) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x646570d9d0ec6574}}, 0x24, 0x6b2f17f7b4cfd1fb) fsetxattr$system_posix_acl(r3, &(0x7f0000000280)='system.posi\xd7\xcc\xff\xff\xff\xff\xff\xfffault\x00aV\xaa\xba\xa0\xb7\xc4\xfa$#\x9c]\aD\xa5R\x86i\xf7\n\a\x11\x18\x84M\xd1nwr\x03\xdb\x89\x8e\x86sfqj\xdd\xc6\xb4\xf6{}S\x18\x06eo>\xee\xc0x_{\xcdX\f\xfbg;\n\xc9\xf2\xc8\x83\xfd\xd0\xb5\x96qn=\rAH\xcar\xc2v\xc0\x12&4\x13\x1fYQ\xcc\xd1\xb8\f\xddg7*\xbb\xee\x93 >\x98\xd9!F\xca\"\xf0\xb3\xa8\xa4\xfb\x1e \xedsl\xfd\x8c\xa9,\xdb\xac\xae|]\x93\x8dt\x90\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [], {0x10, 0x2}}, 0x2c, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r2, r3, 0x0, 0x19, &(0x7f0000000000)='system.posix_acl_default\x00'}, 0x30) fcntl$F_SET_FILE_RW_HINT(r4, 0x40e, &(0x7f00000000c0)=0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="0200000001f8ff00000000000400000000009b9eff26b0eaacb90000200000000074da00"], 0x24, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x2cc000, 0x0) 02:56:39 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f0000000080)={0x8, 0xffffffffffffffff, 0x3, 0xfffffffffffffffc}, 0x10) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 335.563631] x86/PAT: syz-executor.3:12989 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 335.589520] FAULT_INJECTION: forcing a failure. [ 335.589520] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 335.640704] CPU: 0 PID: 12989 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 335.647763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.657220] Call Trace: [ 335.659827] dump_stack+0x138/0x197 [ 335.663474] should_fail.cold+0x10f/0x159 [ 335.667632] ? __might_sleep+0x93/0xb0 [ 335.671535] __alloc_pages_nodemask+0x1d6/0x7a0 [ 335.676214] ? __alloc_pages_slowpath+0x2930/0x2930 [ 335.681247] alloc_pages_current+0xec/0x1e0 [ 335.685576] pte_alloc_one+0x1a/0x100 [ 335.689382] __pte_alloc+0x2a/0x2d0 [ 335.693012] copy_page_range+0x11ba/0x1bd0 [ 335.697269] ? __pmd_alloc+0x410/0x410 [ 335.701235] copy_process.part.0+0x4764/0x6a00 [ 335.705843] ? __cleanup_sighand+0x50/0x50 [ 335.710086] ? lock_downgrade+0x6e0/0x6e0 [ 335.714247] _do_fork+0x19e/0xce0 [ 335.717712] ? fork_idle+0x280/0x280 [ 335.721459] ? fput+0xd4/0x150 [ 335.724678] ? SyS_write+0x15e/0x230 [ 335.728404] SyS_clone+0x37/0x50 [ 335.731867] ? sys_vfork+0x30/0x30 [ 335.735419] do_syscall_64+0x1e8/0x640 [ 335.739311] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.744165] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 335.749361] RIP: 0033:0x4598e9 [ 335.752573] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 335.760284] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 335.767558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 335.774832] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 335.782192] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 02:56:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/ip_tables_matches\x00') syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0xc02) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000000c0)={0x0, 0x10000}) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xbf8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) write$char_usb(0xffffffffffffffff, &(0x7f0000000300)="d725cd81fbe6e70ec3f2952a67f814270a79bb31a3c00d3e55dcda5fcc60b3bbf272c3e2d617df936c4daa65fd862fb04f6411a6f6125555608f970492a63f0992128e2e155cae65ed9a1621f9ecdc854a1075c0d2964f415afb992da1490bd74739debde4540c44f29553d20d6cd1de908de70b57f97f8a94fcb9278cdb3a32593bbe2e0963a7e121e92576d499e1ee3999554ba5f2400f2f7137bd30e9c4329693e12082f6ebfc62b7c6dbf76366c2c6ff62f527aeb2854b24d469944993c18768842f080ae2dce361e01634b9f349b2fb432305462a1421c87902b83c646a6540341d4d6cc71df7a186a0984f12442e79204bdf839d02b0a9af94637be6b46a975f678890a1940dad723e949fd68571dff7141d7d44fd62caa43cb91c9ad7fa00a9105ab3f02775d686b85751582a4adcdfbc82dd7a5ebde7f5fb5ab81697b3d6c21b0d75042a9fe9e89bc4489ac73c9cacad5767a7a7e75798e541a3dac19adad605c8cf7a2aa565da42e1432db0f9e7314131a96766bdac7a02189396dfa1af3ecfa5f19d811a124728b0ab74100621492e1536a4e74d95a38bbcd31b838916f743da8b3a606e6e408419ab31d704c8120f833656cf40187cd59d26f8281e8837a897b91f6d929a8ec58d51028d9484cc5eb59481a1618e3889775106756661587255f7b61cd8a1fd909a3045b604aa12e6a7dab14764b2e5e630d188c8257fa7032e2a4162714ab0306340657a7b837a0314da24ddeb16fc35197cbe10674ff3cb93786916bcbb1f671c33bdc9a702f03b9623a35897eb0fe017053a6889b0206951859e84dff43921b52bcc138455d86b491e39f05eee7ce397840272ec0a1ea7933f766b997c8100dd56cae53b550b7ac6d60ed00780c4a7a295ff1f22bdca0758103dd3b3681278884743e643b35534e2fb46fe11b116d9cef0b4062394505f8bc49b928163b69d7799586693ffd6cad929cd955b079ce1ce25837810e385f6638f7a496493eb89426f0588b606938ea21743b36a4cc11aa1c8845cc852b3d5c15c75a38a87050c2358403f0fbbacfe649606e58e0f5e2d7a5e63dc4ae5cb95dc92d613ff2b8ddd4a97944fc78774cfb1e1b08d8645b4447af601ece3ffb2830ef7b7073fcc2c30ee0dc6710bab72f812be8d8bde36bed8a4809d2309dc203da75d409af91d8ca82f2a4a69e1aafcffecee884e2e8e899c9c9ce036abe3bd60fbeab3479ed02c11836d0a7451e41e3c24d73dd8353eb93b1c772dc5e5e466662db7fe84a68d381cf8fbbf49fc02794de5d26ffbbba8636d309fdff7bc06ce62aae725e5e7f94cdb2269b7f0a3cf42a7c7326c83e91a48f840525af2416a049f9a545372fa364a7d25fbd67d604224b7a0cbf538f6df96031dd94ea737f4d6387f40985dc5b17472c615d88b7d1281c80c6643c2382e12c2e03edcc95607ff868a9ff67553ce9478d9ab3667a45cf54ecb3361172b7b012b0442bfb3d7fe300c88d04f4227140b41967c839670af5d67178f9818967755a482f4832cd2641dc8f0c8da652ddcc65809ea37a1ce1cc2c71759a5a54cdf03bd7ab8f26fe989ad2b2a2e50fa99debfecdd01175bba26e7d13b1fc89f5d9a06468d427e72c344b0b2b48eeefa9355a6d56eda41d5c7d620fc89d00f9570b66d5022336349fa1c6ccbd283574ff0f4c91998fdb3634c94711781e3d884d363dce36025dba3fac176d5e73d9d06ff6b1a264e0b3895484ce4ca76a8255af3bfddec13241bf93a2b497cc7dd9ea8a008571f4b60bf925a8c29b933c53ea90fdc8b43627a1cfc20cd710c8da7f9c526efcb8a5b38a570c82dd1d8af5735517cefb0629e5c24464a2a5259dd467dc6ab1605439a09ca76ba6b8dd323cc84b98fe92fac0a1bd94ce923851fc48d32229f9c8478fcc23492e87f62825ef6ad68758b0941b76cc6818799b29f59ee6ca4d0dabc4d540e08baf75d595e0cdabcd7404e2339e2deeefa5b6da9f6c9f227076b8acbf45353b3891d363dc271421acd30512e4a550cfe4bb1e813c85aca6a09b2fc5f9d7a6c9d45f3f71c59ba5ad285de799166b578345e470af56d02352a765500745f516a992d8719fe9aad2515d344b9a6379d7cd11d7aaeb21181742dcce82bdbd6e8d26e17fcb4782e4f37d95951047588be2a587b9828efd3a059ab25a25bb8adad196bc0cb6275383ffa2be2e06fe70cdcb62be6dacccd6c2d03ca3088c66dd55d74da84886fe1f224d37e73a6411a221ce8b0016a90a40d13bc294a6a045cf5c2e3a6575f6aec9186084f6b50b25f64b7d98c8b99e705ed22546b01370904e3ecedd46bdd7ce87ed3bb059820d206c08f14c2e0b82869e22f5b1de3ec4b90bab666755fa9b8d4c085610bbe7fc12e4ee9d78086ee3bfe2d8a4ba747a9f7aa37348daecd6874af2b21ff6fb7e8b6b9d9556cdc86cea02247880b546c649d656e68cdd3ee842fdb308dcad488115b4602a2cfdc5c7237ccb2289b1fa828ea8e1412df5299f39aab3ce1900a9d82557bfe0a4b1c6934687f4ab2a786c94e1a1d0e85728da510094071b679dd7e897f3f18d288bc668242385d75dd002a4dfb953618144c7332bf974315525ebdef66b381fa786e14afd2eca9d0c37c1e7bfe616583db7a0a8e944ad7d252653826f547be70dfdfc624d0777a397fcd765a1c3cbb9d5c4a54b86bc0b54457a6e8f1e76ca23f10341f9530d6c6c45082b1ae2515a1ca5a8a7c4b46fb8daeb414adcd1bf89ad590b35e822fd8994db884ab5b04392b111e69680551bd5d2438b41dd3b23961a3fb0e35671a14091a8ea34092a5040de85e26d3e328ff2e2244e294ba87d7484d56c72e5b2d25a523b5d23f12dc509a555559fa93b0fa3df4426950fa5635e421112a0481076305064c99bd99e2f3f56aa7910f6051c13aa5852c6442df81d387b9d0d5af067742a6e1ef337ffddf91826cb5448080dce5828ab044e3f43333b3e932c722e5d019b8421e46e9cb3d9b5469906ac827013be1a91dcd22f186208fdc5713337d67eb317d780894dea3f4d7dba0ab289a09b7746462aee542291972c843242185d7edb90f872faf5fbdc9171995bd8e7723fa9942c428f3c84832897a5cf50def530f49d8fe7fb12911bb7d7be712c96fc05fa19d24d55eba69f1059da9034f0b3edfb2903aeb26d795254f7866ecb24f98e7c52026c41298669421aa3edffb4d0a2f8a3f28cee04a418eaec2b571e730eeab062e735201412b3a71d6dc473591dd84899c8a1248a58d6a71cfde9378303384047604827352bc4961462d60b082984945faf29102a84de9a05ba854048b36040c7a69008ec6ff81605fc9277b4c330581a133d92e7209461206822661cd21b2aac2dfa19c64c947e770d2c4d24872b3e368726be840000c921d81681d73ee1e640ffc0187d4f6767d944222ed60f77f95748fafa97b79412ebe3c76e4b8c9ec4018cd769562e0b742862e448f7a21f3bd16614026542ecc0e0485ea8957c72661ae102475f8e8829b5d420ce341e9f9de6f147ef29b76074e4ff1626f10c1833658792cd3937ad5368397fc1c88165d3847d1d4e9283930eeac278a25f7dab8e39fecf5ead9e5171e612138a0c0c93c638bdacf563b6d3d58db3ee299f3ef02bd3dba5dc581063165800446ad8c394d13a8b696287760a4a7881a1188afb1ba8e288eac18d9f09a3f688a048229305ab9deba7bdddf6055d6b95a5cd7768a2848eaf22e3064562a573d0a042dc5d328ff447f78838f5934ef787f3215948218390fcdb54a691387c562f3306e94b695ff53427bfe676579e232d8c2a3ca46790a45b973a3ddae2c2a60855f5bb4d1812f5e5fb642d3fe3420d3f0f76c90b6039cdae38432ad75bea86517b867f142f9a4d9b7a50318edbf5e3b086aa6ecf85d5e401dfac01bb4e8d0917412e746fd7b92be87288b905d92efcb4025743f82afa0fd70c49d325bc3ab4aa1347979062491e11e9e1ffc9462930574eba7601f6bda8860388ac02c72da02df8eeed7d2a193f829e1355ba656a9cb6db7954674fe6d396cc92e8e0b824fe567165f93de3bfab6f66ff75a679f5df5d9713571d437892d31bbbd0919d22cb30190eeb5fb13c5d2fd3ad3becec8f936d08234614ad89e03c6f3cb3fd9bb7a1cd930b5aedec8122ba1cf5e9752b4e26eb7f7bca498c20f6954d142fee8c5d9ab5a540fd7cfc71b3e1fe7e5ac23c132ad86e72d7d677c430e00fb1a0c1ae6a4f297c33fdf449a6b0f46cbc432b907dc29cd342c5610a608a0db3f79fa8f6a54a05ef5cb9e6c8dd2edf0c775395ce2a60d0758cbb0333e9360341d8b6c479f181e10d0a0953340c5013d9718cbfe69c730342a8b419f68d3a1069396087e2fbfd511572c915afedaee0653d300c77ac2cc644e9eaf5a09fa0c24fc74af31ddda40c78a3faba4ad463e0e56f268bffa2e766f8d0d3a4bc2dae7ace148dd7186017e2d7931ffae38c263fc87f62a4672ae6a959a83ddb8b8517f2fc2bbdaef3348fe7c7e0f6eae5d80559aef6b2be48043942e61df66686cf0a1d8b9a94f32921c6c723a20ecff51a1cae431b0a254bf7f340832ca99ff17b20d6c4f4c3bd77bff3cb2b4ac00a566c0c387838b74400a5f2425ad57c2f77daa38c59034d8ba7f6acf5a3bc8e2eb10fa4b1cd9a6de74729d2d6301bf111876d38b6094a4246687432c6c630d9d31629cf21677f08aa0687309157d605799cf1ba9866f448d89a6cfdfe99c1ccd3a43428a470aac84c7dc6bc840b84425efb83ef7e8c76e87e8970c36df4b959c2aedc78135b08cd14220a81b663bcac25b44aab603ac894d2b6b44cfabe906145edca3f985cbdddc3f048b756ad4da516a88c0239b8647239d20748df98371567e4bb17a60641d623199ffb5b512c5846d1c96ed1ec97e77ad3466aaaa8df4bea26322e710d01411ee8f87f5dea7abf523887fd285a23aca75807280c4f6e8c5adc4e9af48400d1a04d0b2cfbfe615f6d8446a87b652c3642fba273854da5b358b09a94b082328878d9ced22c616e061a5fb794e1d5ed88ea44e1ef88272d88fd933b4f3734541c8e69935ca139ae1741975719dee31830b70455b0acc555ca5f104df61744ba2fe9565d09c1415f32c7443e41dc9c1043bef1c7dc9be0b56b0b3c1a52fbf5e00cb6a8fa4148faafcc8dabe4dfc9fc01cd4715b3fb8eb07d1fd032146e84e1b7787b6f39c79fa362ba67d317ea98c1cd45c0cffda9dcc9666354f4477c6766f860f9d5fedd8db9733cc607858d577d4144e3f0bdac63ff5be6932b45aa44411313d71dcaad638b8c740807d4acec859ad8697ef0eb46f10a6592ee6ec7b5a7ccc813c23eb081b48d3a17efe441972041afd4e4ccf2f4ecf55c45359990476227ea7e5734f559a3441c4a17bab8104b1725a19a909605ce703e0b346c55e80ce012d4d2382262b4c0bd8a78c412143bf811843e5d5e77ec09a87dbd938f82079a6c315cf6980b8241854239b3da4f2a9235c7d00352ad8ddf7df3c6e8f01f76fa078ad8d49e0cb7e1d6e26874d06c464836753aebb11789c482e2b77b064738f4abc3de46454354c5f6acd1ecbcc5793a9012e85d38516160466e9bfbcc6b338a09b3977c81a5510bc55ed8e3b5f8ee5f76fa7aa96cc2471345eba27fa8d8604a5566fe826410209b81aaedd6b5d51cd5e5da9b6ac55bf3ecd261d2476cf9aa635ec8b22647889496110e2ee098802a29f6aa2b1b1e48b8d9e52ec3079a47d8f674b974d0285411354c3e0ea47b8cdf4992cdb4b1efae38f", 0x1000) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0xac270068f62934b4, 0x0) openat$cgroup_ro(r3, &(0x7f0000000180)='memory.stat\x00', 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) [ 335.789468] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:39 executing program 4: stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") write$binfmt_elf64(r1, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x93, 0x4bc5419b, 0x9, 0x400, 0x6, 0x3, 0x3e, 0x9, 0x2fe, 0x40, 0xac, 0x10001, 0xd2, 0x38, 0x2, 0xfffffffffffffffa, 0x8, 0x1}, [{0x4, 0x5, 0x100, 0x37e, 0x6, 0x8, 0x5, 0xffffffff}, {0x4, 0x80000001, 0xcf51, 0x800, 0x9, 0x10000, 0x101, 0x3}], "bcdfb462791f74e7ac91d3e3ef0eea9b4a3f6132882eb35f48f38de7599233d348d4928e854a45f5310bbb", [[]]}, 0x1db) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x100, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x9, 0x0) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/btrfs-control\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_RX_RING(r3, 0x10e, 0x6, &(0x7f0000000100)={0x9, 0x9, 0x8001}, 0x10) r4 = syz_open_dev$adsp(&(0x7f0000000140)='/dev/adsp#\x00', 0x8, 0x111200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x4) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x8, 0x2}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x8000, 0x0) 02:56:39 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r1, 0xc0305602, &(0x7f0000000080)={0x0, 0x4, 0x3013, 0x1}) 02:56:39 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x400000, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x814000, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer\x00', 0x0, 0x0) r8 = getpid() sched_setattr(r8, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r8, &(0x7f0000000000)='net/l2cap\x00') r9 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r9, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r10 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r11 = socket$inet6_tcp(0xa, 0x1, 0x0) r12 = dup(r11) getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r13, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r10, 0x89e1, &(0x7f0000000080)={0x3, @default, r13}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r14) r15 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r15, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") sendmsg$netlink(r7, &(0x7f0000000580)={&(0x7f0000000440)=@kern={0x10, 0x0, 0x0, 0x20020000}, 0xc, &(0x7f00000004c0)=[{&(0x7f00000006c0)={0x634, 0x34, 0x10, 0x70bd2b, 0x25dfdbfe, "", [@generic="80d9c24b619dd28665339ef4a147c07c6361ec897d07ec9548fd12fa292efd89163d85ca6b9e54a737db58482375d40f8e18b572ff2923b39e270514ddea61b5c84583bad662a4ea11e241d51299e7ec565554642189343e1c4cfa40af59d2f20f4aa75e4b9a50380ad77f58c97f74646944cbd44e4c0d429d25be35afd905723920cadf7a2581d9378506658e0c5311afea749f8ea1b4b4a7149a570fbc7077349b94de30d104dd62e2349d0fbcfcec16b64856bb815c809d9b2fa279d9a9dec1c1082eeda6ee9a150816fe8755b323e7b320a084e6d3a7", @typed={0xc, 0x3a, @u64=0x20}, @typed={0xa0, 0x5b, @binary="c724e0a09155197c355dfc8f84ae0961cad898768fc159c2c9ae3500e5fcdeeae2f682da62728bad784fe2979b147754bc0fc8b3d2dd187b0f9d1987cea874d2d891880956960e55e102d2ab859645d4d871037c4a55708635ee273feafca88426c7e1d046a4b47ef99ea221c8fa9facbca31c9f750dbaee970e843e4aeae4d3046f65f7ded53d1556e8b3a907d1c26bf1f2be865d6c09e55b3db8"}, @nested={0x1c4, 0x1b, [@typed={0x8, 0x23, @ipv4=@local}, @typed={0x8, 0x13, @ipv4=@empty}, @typed={0x8, 0x35, @u32=0x8}, @typed={0x8, 0x66, @pid=r8}, @generic="944f599b08ddf71f851a5ab1f91329e6311bbe2fe12174a9a32318b3a9de7df2e56d25cbd9e747783c72a65b83cdcab3470ea51d", @generic="5c1a5da9b92e1cd9de01f0100b660d3202d3c1cc9202a4d86a8845c6bddfcdd57965943200a5a466306e7f21f9f5b9e975d2f8393e5fd5ab95ca4b7a1258bf8210d20765ffe9a4598f28659390e04c", @generic="3c337857e10ba7b9f1088ebd6a7e8cf4ec768b454e29be847cea8a3091bf21f3634007d0d07f1b9bec0a52e50265c3157f3ed3afa02d20972167ee39e168e23d46cb12e2675c3f75510aefa9626dc50acb6023d18b5e8f9628b0988fc8fe39a41ad2135eee00f425f34e3d9dfd9cfb8bb4c3612f3451d375455a7bcb04fe69dd47e080283e90548c343d109257e61284efb0a74191364f7403080fa290c3b2cfda82a0193c6f2913f048c5964c685f0da49c6e3fc94094e609a327d568402abd95ede2461cf7e647f55bdd55193598759b495ce32be08cd2d2efa9d3b4b9504f403e", @generic="f61a0ac435ff211c177faaedb48f5b7d8249f47f68f9cff6d708747e6d6ade14ecad5f1ef67d4f7c2d08553302ed5d24c5236ae7fcee5cbf5f3931"]}, @nested={0xe0, 0x6b, [@generic="13f1f20bf509023dddee49f2dee4224d7b9eebe6ad1e996bc85b8644446b7f14fda20574c9009111439bb3cdb791f8d2d3c7ad7bb8", @generic="f509434ae494a7c881c67f7a0f5b069d3e78955c6b53f99f4f0827861e5798af5f0590f37df82d1fe23fc8849911545a846f509699716d8c43953851fdccbef6f6e09b2beecf1ea137d38d723c2a47aecee19ca89c9fd738a61fa83cd51f575b6db88072033a9d7fd4e4ad37b6b551f1508c35a09164ba4c39bbb3cf4d43700d1112a89102d1cb485e5d7468f3e74eb32edb87", @typed={0x14, 0x3d, @ipv6=@empty}]}, @nested={0x1fc, 0x8d, [@generic="53f1651d389b86b8f2ee9d70295c8a827e01ca22c50592358e4e6830a5dbbb", @typed={0x8, 0x72, @uid=r6}, @generic="2c4954deadd3a73ac30537a4a45e4ea551e696c3f3faf0c01ad424b8743fe0de38ed21e29cb9fd8dbb5b75fc765fc8b32407fd0bdf5279862ed4152567ea752ac081df2b85b9d965a0ae51555e636487655acef7c5d0f626f8e1b7da9501208693967b79b19afac05a8642d4da514e609875cf571d868c094bc37d971ddbdced5f859a1948a2f3d5ebe63a9d743332d46b9d0554a92ee2fedbeece3f9ce9b22b8db8dff3e145dcc173b024bba15fbeaa63778fd4a65c8615b0a1a4618efa2d37f6080d24bedd41ccd0f4265b4fc8a2f88fc088009db917d3fbc0725e2649118752007eb77e9f3ae4f9", @typed={0x78, 0x88, @binary="c1612057da7990748288050bd474ac049fc4965986de318bd155d29dbba5d261f7c727a2bcd42e7bacd3cc13bbc4abafa0590eb79723a0e67c9413e0264a45a7bf23e589a9b8345cb090067e8e25876f85b73ca6e93d4b3858dd801fc9841d097402cc4384d09fd1fd4f4b3584f339bf2156"}, @generic="61ccd73707954f94278dbd4d4dc777ec7e15a8a1ffc918552b624c27c9d7eee06b4618e35b56fdbb8c3857c0384f403fdfd9ec7c5bb8f2c336b4b4aebfd67cd41cee21dcb136c59f0c39785196735ae51eb0ff36970fa7303585ca86f7b10480c04699", @typed={0xc, 0x54, @u64=0x2}]}]}, 0x634}, {&(0x7f0000000d00)={0x247c, 0x16, 0xa99b556df7ce2108, 0x70bd25, 0x25dfdbfd, "", [@nested={0x10d4, 0x43, [@generic="6af22228a5c1eed2f6f0f9f32328dadf26f326686e47c6dfc4a71bd518ca032b4f61c499a2f4816d12f105ae427d9e9e3dca381322a61fe746b7d8e6b87fd4f628548b6465e96d217ef445f09baa4041a93ef8bc5d8ff61e4209ca74a732f0b1afc6d17b2975fd1fa3a032cb47e733b0e2700f8f1cd50bb7163f827176c446bbda0922ece8f575705523d016600bb4c6adf8ab0306d2308e0e1bd8dce711f13125d8fe92943e3d5104c012c0bafc85abd5b8b733aeb2f0416245cd4119bdd37211f0fa9db9f8024d9630857787530c578f43758217dd22764fe7250f3a985fe67565d0a30c41923443dc7dd303c01250551679a674fbdbe63684001dfb33b5e4cc488a9918a92a6e25313a792c9513c89a1b94c78a34bc1c09edf90618e1061cacf6e84dc3bd0f69d75367a3d6b6841bff4a2136f8c83d93f565f18466c11cd8823617b78ae2c012845b3781162b4136177f2e04f4da6cf52789c9ba9c9f4905d803c5d7eee9614bf0e0c46f460829b8d85282a6a9a522d1ecb65cf777f7878dbf990833300251a0cbf765ccb61e846aa063b3da2144a50577d4b1f69dd0906b0254e1e84e3f2b0d0e2ee45cfaf086f4fe695dcf31653b8c9d394506f97a1edbe5401c190086e9f7d6b2d9f5ced60a203988dc78b2619a0117af85b0d9d47ad62e7d24e0c830c17dcc4ca3b24791599735b6a5b07cf9bdedec359fb388b76fd227d1eb959496d78c1cfc230d5674844b58262da84917dfc27ecd6170fff71c0b7a9e9b540e249644bc7d0e49c30a8180071566b5acc52c8048a6027f87440cbea5d68080282bd334db336d42f46eccf0b2f7931f833a5d8ed56fb2263858afab293aa8d4c6e3ac63e6207dece2777f70f8ff6c331eb5c925f20bb5dd39493478199ceb259b2b1335c2f1659e741595c557f8ad2bd94fea9857a4dd1e4c8b15acbe2bc718c48f6623fabcc44da1de113aaafb103e78445d6d16d9a28c8eeaa135bad0e586452f85de2ccf058ced2d2b004cf5d038ee0b3eff37592350b91592e42a5b75c46e27d2f025e8c6e6bb8d9a27ceda812ab2f8becf99a5298ac439c27f6f344839eeba4bc2aefff65ab00d62458adf05994784d839d2ea3d3dca29e6953c52c3e7a14b6576f20344e9c30b4fac4eef20b331309ae62ce28d48e222f0f6e6d7b873f63ff96f5cc5790540999561d51f7df57b031109b8dc506875aa5398393d90acc9aea983bf10e8dfbc4b214ac6bd0233098200b550df2795cee8942c67e14c2ff12e1ea07859af8b93bd6533c33ad3e3edd8be089ab375cb6090ed17fc6faf370d9a626ef48e26f3498dc12c2ced30bcf230848dadc47661edebe3ea3d70d2fe28da904d4ddb48e895b7a279873d768e2c6700719588c67c8374baea9a5528013a40ab09f79d26da6e3d7f3248dd369709132d49c5d7df63b74cf99d7bafc3d069de05cdfd7d01247a4a2dc1e9cc037a9f2946e8fcf305f0d5cee94886a6f80520317cafebabdf0c13d54a1f1e18cb76493c4d7c2678b41dbe3ee27e2a72cfe9e3f2ae6733cf94d4da3cb926ac8b87356db42ce6a5fc7901bdaf6bbc33c0b4118c528f2e06dce9a6dcfaf6acbf66e6dac4a87027502180e7d7d9569be9621110579fc6bd335f29eaa04f699b41ce96f9f51dae67467ad836cfa07c0b0a44bbfb0fc10c9a3b07f6693a2c81a00f8f8e33726b2837dda7b55e4cf939ea66d4c2f69f9f946bae2bb159d86c5cdce9aaa3f1b3f1ff825903b98232ca30bb16736211ba3f9cc263fa273a92193911e34880025124d903add4bb726583ea3e5e0ff6fa266f37280589248142c886a4988cee3c15c64b1ca6a00a900e1c80e891ce5249a9250873b80280f21d00ce363e57dee7105e31b3080ffb9921a5ba747b94dd399e1b2d7265ec5f70ab5966b158ab9c82e1a1c2470c5d59580e9dbb285bf5c576efb876dbe59c56290f20f5f69b385afc96648c61184319b4d0c38f32ff824d8826291f632b940a44f32685a58a0a154341f285f29fc0a80b0c91464f72fa418c38ee8d0b2dc08018d06502522a873937fe21cbc5768c706b138dc5badda03c57e11befe848c68672a96d4300a76808cb78a055e54ad6c07f416c98c4be35d9951fd29278dc098f4c4097fdf3f6e95650ea78473676d8c688cb7f303680937f8e9cb393cd92d3c8050027b0162c8fcce92babfde5ed7ceb116c26b3c4146b8b1616a51399f8ee89a048b1950825085d7eb0aa979dfc7f7f0367d7eb698b66591827bc6828512ee96ad7a1d80252b12be64dcc65f249445016bda5f6e2611c7b0660e76ec0c50e81d4a33c5ea4f45f6f649f36a172cfeb8c2bf7f9697c9c933e7a2d1313780df8502d891ae2ad4acaf997c574a646dce0b2c982d6a4b01859f3f835ef5ab9c134958247c6b7f3dafa2faf4165d53207a6c23ec83c213512de99c58a8e4fd1a160334d6609398421c47a000052433f0ac8ad5d4b00082d62b979606b3f5d884473c161cfab07da92542ecfb2ce3ad8f3b53f5fedbda30837b2e46511f713833e6c4200b44c2040c60fc6f2fac5eb7174473114fe391216ebee856c88bf16ab109ed5c37ec9029c6eb85c3f0815276d9db171bc6a786dac7b881917be4d6cfa9824ba111da1e9ceb10c69aa3d01bf15fc0ca04feec1df371248ac525685f46a7c6ec592df43498f6e505890ccac041461cf9e90f02424ef7347a8198aa8a95a744fdeaa2bc62fa7d37b7a4fd95fc71b87099171d2438f5e41270497b2f2e60b323b505e22e887fc5bb5dbd59af83666161b8da41f03ee12e8a0701f67b740bbcf5dd0d15ebe32bc6e6ddb2f2a16f06815ba140310f53b38076f4ca12920b66ed4150da183d1a6923777fcba52f131fc49ec7ecef215fa7ad5d3e167be40da679974cd10c4ef0fcd8f71e9e386ddbc8910aed8558e7a07fee00267a80de9ae3337fbb9db82423ab97ff3b9fd0cdda46082d11e1730178dc0d1484d7c119a8e04762cfeb154686b6495d2d804900684e3d35fac85914ed76a61319a055dd0ce51e9c412a0769fd70bc6de32d7fd536be2e7677f32b892085efaf9676e36e046fc03ea70e641852c4af7d0c659c32145a5d9f4534582172fbb0e2c94a20b4187184a71746913ab45e20f6d0e526317e4304f83510d0318cae919d7bb3cbc09b9fb7597ef31e07da8e37257051055092a10a65c89c8cac83bcf4face808433d8ffd6165e79d1ef3a3860300061115cf66924f87de8f772881beec2a7032a9acaaf331df6ec694aa09d575048322cc9373e10e5bb2964ce52421ab29377371d6ae5ee943fb3e5fc8fe28c25b0268fb5028b8fce55805dc8a6f9c73f853253c6966e9d44333edc238f21f150017004b4c7381b9b68beb6ff770a3177a38eafca389c24f155f61d1b18e9d79282394cb494143991bd910da88b5c2f94b4aba9714ff7c80bc2bfefbbb2e761756386f835e4de3ad75a6db5faf32a8d211e884a6301bddca930570e76ce6e1c777d7d1a3ca578425eac0622af2e3572abbbf64d85882609e141631514da83939716887e8c11e1acb1327df55046d1b2a1a718fb8ff649f5f8406b58efa6f0e4acafcc1680a591707f3d7bae0ad51e5ae0897b904fcdb99cea0e50078ff25dd73c7ff0a2ae013c00ebe838eca82bcf175e624ebda0d4e423fde2d11557fa1938f8659618a613fc319fe470c349b0105970ffd2c89b1bffdcd0986dcd6821da7146fb2a6166e66b0d553112503bdb3c7f3f767d64125b30cf587c750da7ec40014005dbfc7b92d9a71276beedbd8af6e9fe1d0317d797c793e53f75b53154235b6b34956983c75814d9ed35b15887c00bf64d34a091162c410ac27fa43cb14c77bab16798a2b13ee3d761996bebed64712627d35a2721c4048378b360101fea9365d93bdb8433a6ac81e46cfc359aca233a0df9f672ebd21043cfa6965814f64ecf07335b0fea43d93b3c989ccbeb57e3bde6c0702ef22a3887b5cea66268f6053bc5afad0e82c2a1d20aee91943e83eb52e03bc13e3dc8958feef630c72652e497bf779f4041df49ec8a7f7d9904ef140778f9c9f195fa028019b65ffd72104059e2113fcef440e85ac99fe05584009d185a15c53c061978f4419a5cf0c9228cc761a3469b406c168a81e1335ffa06f294c74ce96761717dd6d65cab6da0172c9a24acb82a632795e9758d3e6c2b2b52d0ad886c0ff2549c4818c959407a79201d7651e967d931c7b9b9796f1b46e2b41b395121d14ed62049dd8ea484c5c507035f6487ee4b6b55b224866bfb7c4f8f580182bd2b7bfba26f31c428bf2d0c3f96c0f62fdb5116b97aa175a19972a2176d4751966ccdc6fd19923b0f5b29f7cf513af10d25973488e48de86dc497eba1c122133535349ca3f3351ff37c17d21af1eb5ec7d32fda89d7fdd4468798d9049ba0ab07959a47c79a57d36f1499f98bc3c38f7a6f8306694ffbc7c1350bdcf0c9d57250fd78912ae6aac12fd2a35b3d1d190cc3c6781705613d3e3288cfe080ff061f441b8f745a095b97393d7922ff682adfe30d5393015247a9965b7e09981c6cfd37d41a40082e5742f560369c624e0b0eff426affa9cd6a6905247ce9b8969ada7434a8988a342ec7214b5b5832c9e725dcb4aae5f8a6f8bb3c3f7bbfc31406674c2fb5df508527d9b7b01ec7aab3ed7b16747390d59f94f32ca07f28f28cdb719745f7a2217bea55b252d5fa5cc8c4d004479bb19e5ea2fe16fcbfab2de73485283ee9abc7f1a7fe088daf2b418b0d0da768dbd11e986031559e364b0c18ebd1d1a3b5402e497e943c6b7de7981bcefbbae1e96382f422e4af4a7c7db7729443be7c99cb9e1f0e922a2a3b1108c6798280d3c02a6325c54c656e668eae2d58da4af19f0d96e4677df568ebb4783076a56f95ead950e478d9203e1c9d2a6861e4c188f766232b18a797187bce637a3d9cbc3c15029ac1ce37987960c3b4cc63c04af56be3f3fb67b759ce5709a11a39d175b4a0cf230c1562171b525decfa06d09d3e2628ccdef3a428ec569849e7b0ce91bf574bc8d6125635d2db71a8484c598b08c91fe8ee58fe33a7299f3668eeb4e96087bf5bdaf5497109458a059629e6a1432dcbfb6bed5772ecb1b6ae7d5bbc63639a4f5dec7803f974cd3e83530dba2913648e40405c88e0729a65e1cd1f1bad32ca6ebadfcf202dbf1d9544ef6d655878b8d68d153f323fd9423bdee263916955b112a01c077c66b205ece23ae9aeb7b570741da845c8b88d307180998c10bd6adc18d584c8be058e41e04018eb7e3af9edb263b8c7d7fdca27a850fde7ec54548f60a62ee2d9dca2e57c8838ec8e9a34cd3ff94592ee1a4bd4ade0cdc92796b31c61453129aa4019aee808b7398ded0528fad87ea35e9f804e41c617d9e9dde0d1378b04788a0fa6e5eeb4b6e4e892ac0f5f7a102907c67c7f4dcfa3574babe60872ed43575e22b090e235d14352f9820911f37aa21694cc517843fccc069b5c392662e4272996fe9c74dab4e497ec1932fac475b62fc4184c67f270de142eacb44a1de54389395fab8cf2bd3ea661a4d4ebea95258172f3a96a6e19cf61bcf42a47253003563eff74602303678bd052f17914481a0ffa15ed5767ef38810793968f0c7dd99b56fec84c9a6c6b5db462ab0a625428f5198375ea0c0f149650146d60a696ad67226a37ef1ae531a668fe101d8fb4c11d0407c3fe3301bb6d625a5f3065ce81f84c70da82db39a8042925c0a355acaf1f133bde17287f5c9923c7de89ef5157d38cbc2d78a", @typed={0x4, 0x8b}, @generic="54958f253a124a7be9a213857c1712730340a2373923107d9fc6e450aa12c89ba41fc7fa2b9079a412c1e18dcb931e72a3e725add5934c18505f566884005ed96e66c9b7376574364fbc0e6dbfc02af89f4b04eca592ce7bc9d3876d3772052fee1f5d1621806e96420c6dfee968ab88dbf0087f070b4eac015b312878632f0b622ed7ecfdaff7a924f558c5c0374b74460aa75a961a47c11d6df68f6ca0de154ba09a98808908ed155da217446a43718bac969747d1", @typed={0x14, 0x8c, @ipv6=@mcast2}]}, @typed={0x14, 0x79, @ipv6=@local}, @nested={0x114c, 0x23, [@generic="f053e96381e5ab4ad551c1e3003ed9793017a4242a729459db4547e66922450fff245fd23456d88b287e7fd824570edd5e1e7b7dfb426620d55d520f1d34b0a555d791f2d97ff4acadb61c2f9360d8fbe3085299ac16", @generic="028f0565c34bb3a1609001a7df087e6fbdc4b9d518406225692df0be9ee926881ed4998078a664f256a99d08fd50637b13534b339245baa1ffb579b68f68362dc30d1abcc9e9bdcfe013309da3c2e74df7590d7c216bbf4226566c51bbc201bc11f36e17899c80e58b63fbc12e22029b97e5767485ff9ad656abbfb0fa2e74a4da186d498db21713950102a793c17dcc4d4c90a391a56ede", @generic="853871b4dcc516c9551adb806c961caeac236ee395dc98cc777b4fec80a0f90ea51137438233f182d54aa4dabf06220e8e01e5bbfc5937f63a8388d4f101fc5b1e462619076762aff4da2e34835224d7", @generic="2d2d7d8a05aa9d7742015f0decbdcb7027698f28a3245df21579cca747af294e4186708d32852f7a780811a6b93c68d93035c45253df0f2a8ade0f0c40753ab6fc9a8b5f77d0b99cb7e1921c8deeb30f18fe1f331b455f23be5fb3c19606812286a9d1aa32c8915d35d51f40699821a320c0bb5d23c4b487dff592e264da117becfa5b5cf75abc1b6bfbaf5eeb69f9a1283189b7428d96066d30186219be9a63dafd80ca21ec509800c315f0322b20f7f0882e7c237da1409c1803ce8a164670bd2923d0bd23eb3522428a03133e18c44df9e07d3364f70457d996fe9c26ea7b7ab50edf88191d1b95686ead816b1cd5ec055dc64fdea3334975fd0495cd31c317b852caf57afb0d5c606a20ae90dac41ffd522e50794ff46796ebc28ed1691545792b7329e1fdd6232c1df0d1b943822a86ce57f754ca3f7a9d68e3db1014f302afb49c77abedec89a8598d0782dc5a8b5aec9b7cab805ff18f7285f50de25fbdce1b4fc77b1e5b06c7b14d6dac7d46bb8938d60ff61345fe966621e749a1a012de8575323b0516ac482382a003c438040bcef5dd6f01210ec1a44d67e8b95c1d3c85d4ead4d251a76de59219a826d1909d0a9a86ead60d68e1d7458dd5ed0744e7e23cf945e86083c36e702045d8472dcf1c91e747c06c1baea686c542601a5fe4de56f2b96392daae8455af96545e2055cd7b2915cc342e2b6a7155142c99a13a51ee69e184121222a74e8acd3fe59fddcf1b1f10557c79f37d18ccd1ffbe59fc961ea5cbc93c74088ff9689f09ac97786bae487386d896294f2c7ed39fff7f83bec4917bdd9f317b99c30221372efb6a11649151da2170dbcc31f323490a8808e5f1451a23c360509c5f42c07d0ac94cf7be74246d33d4d36ef8fc97fbbecd2b176b5c3f718c4e0f3c205d4f22d1d5d731d95442668ff5bc5563f8dbb9c1d28f6b45c6970cb802a0de323b1af8d15b3d70a01a4af791b05a2e7c989bcbac7b62473d6217470ce3882141deaf790ec800440500adccc75615a5d34a32c1c442892c14eba4622c67ca0d92efbee3894be89c20e489bfd1c2f3119e134afa2e5ba01fee6779aeccf8441b9c9c760b1d22d0b7756b0a22212b15f13165d03efc0ec2ad8c3f0b4578bf04f79156e4964cb7397ac9839dd021150b072b1f521b8462a558f4c7658e1c4104d7d0989aa98c04dd490da335ae26152e802e9133e44fe74d3406de8c5f3782dafc7bc2cee76907da37356b950e8b594b132b30abd6c384f5bf20a072fa9060f2c340b2401a25459b820ec0277eeb29b6f31831724225808a73a885422ef0384e495ce6d536451bbf2be7f147f6fd487525d43f1e7ab5a0768c371b38a5fe5962a89c2816e18636b3395734765d45a249a9088a7f4f8cec4d75774106c47910799846d60f6ac5d0107e0984ecc571ed0b17747ba91a01c6d1bd87f5b6da673ea8852a46391b8acb663ba6d93d8716adcf89a972897d5004040cb0bb536ba5e59a8611763d176bcb2b5394d4ff776027668abcd3b7fef53195906c83e72fabcf9a60b6c274b03bd93021810a9399bd47ab752de5c5344ac756cbb3ef2848c049bc7d0afcd019842cb66954163409d92a00f3c94dc18c41659df9dd0134d18393e9457bca3a586e3cf0a30793264a90bab01e4213523f9aa9035f13899dc6af67c27af53968a03e8f92ef04fa5f649fcc05803d8030dfbe4e00b17102150a574de4d46895bd2944029734015b896b7ad2c85aa43424d4aeb24d1f9596a602ab55df690657ad5125631d27cab9a895b93565dd912190d03c543b5645a090a5c811cc3e528f747b753e3671d7d1ed488bc26d251ec512e696ed13a49ebe20496a9fcf106759eb974650490a0d5d871bc1ba8a6dd14337025af4f7403e39372bdf2b35f97a7ab7414adecdb574f643b8f29ee0387401bca30cdcf91e88fbb8609201634812a3f1e2561b7ecc37bd114a73d63aede2da3acc2746da43a8605cadc9dd219149ade30e437bdf677d7ad155e78e9b1565cde6bebb1495e46b6d22438c959180b6ddbcde4477f211024937c4dcdee7f10b291eb8878bc399ce915997e679c881420b6899e69985361c0610a064a3600f05146c81ad39c1b8d573561acc6c96080ce54e491a49345bdfbc14922b6149f79a789ad2d2afd7c5ac0ce898ce087ec2c36658d5ebfc8023488c978ded3e36a17e7009291cebcb6d8d0f77eca1ed6a0a4e34a7991c4a276ad9141b66ecb448d79be7a8788494c6c04b1322002b3b52d143e0aefdd26b7301c42bffa819ea42aa742394b8071c9b54ab2bd0aaf79b240b7fae1c476f73189ff8c682cf0e618b0dbb9b2141e65b282f878b28b62f0d5c4c6420f2a698539a6f17a7d7bdd43067dd6401acd93fd90b4cea64aa7c2581ef52d7da7e2297eb3516eeff07df8a370bbf667b1107a69a43a5012a91f80d985cf1eedc42a2e53df418b0029b32c1e66c91ce0498a9ff8493623850d893344de9dcda3f6cdabe9eddc94bfbbee7d47c8bd81c5f24e8f21ea948e57c83c4f9eedc3e300319d861659fdbbf0b718764d488bb42f4451623ecadf1255d97eedbd1139e363c9a4d2cb320ccc9177bf1be6a470f3e7209554b6a69bc007f17c6bbcb1e4f2f4839cedba1bb917af3a9db359018e3f3d3b0ea520dc1b8a155d0c8b9e6299539e89f0af73d8e722698745c6c64c043d19295b3358217b65e1810ed6edd72f266a73367922f65358c0ea6ea71b97a2d909c224c9b9093d8a84ed3b6e80a29e1581b42f7b70d8f80422e1c9d1b06ba6353947d8afe910abe12a75f99e1ed801d62575d672324677a63127504ce48863ecb29a96ae8bf809c780db0650fe377b63fb212db24dfeb10dd0aa6bf21cf624ea9c0fe27ef538248366e3e4a7c66fd41b5d93d6960e52fab911d405fa3e0e0e7674ebba06425fe6d6d19a257012d55cbc6ab8d2bafa923c9f735fefb923ce119b3a3bd4787ed6cf53f1f31475d547254f48dbb249f80c548791511422804c2b9c7c91a0c7eb267679d638c77e3b352dc494ba99ce7d2300a4539e2be06f087a7064212bbf6c2ab1b819d841649d76e0e78782bb2fe5cedf0cb797efca2b6b40eda0f1fb8fb59f0b149ae0fd125c48bbe0d3e99f5b70f915804a8f6eda12bb49d05edd3491352613aac13d813383f12391270dcecfd1631028594766dfb6cfa3cb9839844c34b53ee058bc9a4112b95eb5fbecf41bd822e974450ca849577c1dcb8eb8b52b5302bd6748787cc4110223a2927e29513256a71473d4dc982872563bdc7e1e304a38a31d622154df7ffd1cec3aaf1a1dd583daf70094b643e6ebe23cf5f548daf420b5c1ad0c932497b18bc581f7e7be564b6b8f1fd0606c3e82d8fb31975ad4248c9abc5fcda0a310443f3bce1a27b711d8e26720eebf14b6b6f95d08f61cc8994c35568dc28be901a8ebee3a0903e6f168e7432fd8e428091e6ad8182ce771c6818ee70e2403ac8c005e45614ddfa59b6ea6aa5f28a44623da77e92be29eb0279c733add570b0d3cbc0ed86a4f7ca87a1c588d2216f4578f983e3cba723116f15cd8f1a9582e54b6d5f61e3edea2b732880e0fdac753a5e8c582587810a6bd1515bd7e61707b28fbe5919f7fae2425f44b16e049124a2d3fb7475cfa6b2e1271de37c19a7d62eb702a588ba1b2f04086b1dee434b27e4967e3e9df86c14d9605ef5b6bc206e5b48b525fdd5e23b796c9b53e866c190eb02accac17c56476dcf68adec263047836cc02ae268f182d69372f45bc8055b7deb11ecab42788106a1708afb401566ed1ea03736405dba1175ac5dbb8b66d7bafa71334161a1e8172bdb0cce946444ec97f3e5da3a3ca66df7e2b091038225683f8a79cdae70205badc11d88ce316a6df8b419f1c93b5a10be33830c6c8f9377a05a72c7309860ee8d32bd47255638b81de708fb5bf75a226e5c0699089992249c007c397003a5e68464dac98f0c7d9afee94b66642176c27a63a96080dd04a9de435c5e07cb44f695c17e5e81dda55de2e53587e5ab92aff8581f68118f15d19ab23f5f0b535ff24f5c5a237a0df0390f2b699d5cc8aed25c8ff6390686a503d20992dde96134f0a99771c770ed8ed1fc24e7f3e95fec5b9239daf42a73f9c90b9224e8aa4ad586791ea3cb7ddd53537dbde0b05533195f5fdf20fa058b7aa45bdcc4079595ea6a548109788b55992036122e8b61df1dce7ce293fdcc9a6a08d4c48299f4b0eae8b6c18d758ede8c566d827e35af50ec92783be89096b922b6d9684ae9802a08e4a58189ebe8944d23912f195668c1d7cf051ca6ef44b399b8490395897d296e768a864a767c49d35ae4a2e4d24e4dfdff9c6ecf7fbc1951dfd8a667dd258e0d793b42965635f08dd8749e30e203ff95cb975a495180f0231e5665c8012e09bd02c4c6e73afe9374603ff913224cf67ed31bd03d57cff0474ec56850f11f66338024b867dc510d3934c22b2389d8cca394345b067659949061cc7099b69a9b40147876b5f39c00a2b1ccb01ade04d94eddf1970ce717a5c2e9d2bc5bd81d6a0d7abd5495dc1b73e7c25a81da9ae9d00e5705a76a6f391b409bcd01d4aae2a94dec3729ceb92e141ed7c9ffa7eb8b76867d5aaa1c557bea5c7868592ec0ae30578e03033728a6fda64057109e8a473b3c7e91033c1452c04f4895c4717af750d903ab11ea3b54889f30ac2fdecfc6239766593b184ef8a2b112e55e6f92436fa9aac0baf69db126874a94f29830197f9fcbacbe4e03e6c8672e32e666617b64ed23fe55a16ea7b8a940055e6124f8882b2b5ecb5ff0d390b81060bb338325f1dc0337f59acc644d8b463810ceb5139629ade3cd18e7ba55b617771e8a2a541cc23955b3b98753fef2724701f77f622d4b386c97dec783b1d23d630b0f263263cb9e394cbb86f407ded1143b59b7a0cb3d6909b48d9b63c077bacbec5ec3fb1ec1b8ee776fda5dc8ec3cbfb4f5be09cf04e025111ef82d28de2969ede8513560fc009cfd759a33ce3ed935480a84f3c78fb66d23fe3cb420a2021d1b17332032a691ff9a7bc869ebe1855bc350d35a141e55e53f0fb7d6be9174f52ec9d280b00c4d27e6b1a72c85f81f9563941fe3300121e6a84b8d56d4dc60b2dedb195b2264444d35aa379734ecf85d4c3dce225233f23fa444e5224171f3449ae8df4d66ffb5b2a841db39a7ea9db2458e82d123f07971067456e6b52c63eda0eef343210f64f07a244dd7472e2bb6a8008d29eae85a949e043a78771c48d8100326881f2f10fe53d2dd5af8111237762e5c1db137e66f77a38b763c56a439652d791ed34c61227090dfa99cf439e5ef76378f9fb2f513f4edc96fed29b9ad596a8f594ae37d56db05baf9d0d9abda84ccec2a843eee98a8e48c3ff5b71095902127ef00424d0a02ff19af9be3fd83f7b501042e89ac386a0ab5e3aa86ae862f6e337ca801567eb3f83dcbf4955a749c1a5549072e66f8433c2c9188fd6179c423424f3bbe04251dd0f28afd1534715069235498a0f547894afcf8e67c81bdcec7341ffb55df0429e0986ec1721d23226aae02e5cd58f0cbf63a7debb9cffb22d7d2f17aceb03467a3267d6e00c15586d00873e2edbb233f7d0a163f7661111c097bf1170de6af350dacf222b722a73934fbafb44b8ddb5e44a56d130972ce6bfa544dfab46edc094307d802828fb5081a410f4781302f3a584b355fb46c58701aca5452d807a9cd7c41c7616071bba5d9ccbca4834f1535a2886bcc0d3cb6eaabff50f622773a", @typed={0x8, 0x81, @fd=r9}]}, @typed={0x8, 0xe, @fd=r3}, @nested={0x230, 0x30, [@generic="18a28b9d78965b5cbb65645d66a554d0bf707c191d2dd007b2507a95a8499eea39c39dcd85e05178c45eb46d2771da4597194c02891376cbcc9adb7e41fe4fdf4d6eb256a9fe134d12546a1870dfa02a315c7301123ed5609d77bd5833c26848e00566602c9a87f720bca015b2da8d09c9a5e46d91fb7bd3873643ea9649bd226f87cedc8764dd865fc2c6961aca300ad950417499042a164bae15fe14", @generic="c11a2a63a9ee3099d4b4573b2f2ceea78d3bf11623763f22419ed254646cdd83e5ac7f1225436f8d8aacb51c0389b8ffcfe1ee566e2f5d1da139390a700a978e1b1c96fb42e49242b802a72fb74881d2fcc0a4586b", @typed={0x8, 0x75, @ipv4=@empty}, @typed={0xa8, 0x85, @binary="bd74bb1e91eda96e831dec256b7f7bedd2f9c8ad03a78ac0f6387dcf3f3e5dfb1ab648d11ae2d15ba4f4daf21b6c271d5afe3825bbe7dc04ea39b60b00b7f24044d481a11ff3fda355e516e595721a383e2b17821867615f472388e4a9ed42deb58fd479fba7c518a261e1ef797683d261664632587dd7f3fc316c962d1fd9eb94ae422ebce203426e046730025540bb84a5f5094c995437d12ea2aadd038f87423112e4"}, @typed={0x8, 0x1c, @ipv4=@empty}, @generic="fb674094288624d84e5706afe4ff66ac5b0d2d0cfd9e93696038d6146eaf1821d449e63ea15e0401d2f5e2eba901989bb6473f89cf33f4a29cafc4972948247ef5cee01279cd64802b520e52fd60b1d8b3376f5d011f19f349247027e424ef9d0358d8cb688bf5e09e4e73cf8dfa5c0a9942eecbebe2353266d08407e9a1d37f7e35"]}]}, 0x247c}, {&(0x7f0000003180)={0x204, 0x23, 0x404, 0x70bd2d, 0x25dfdbfd, "", [@typed={0x8, 0x6d, @ipv4=@remote}, @typed={0xc, 0x54, @u64=0x40}, @generic="2f247dc29991ffdb402e67d0cbef473116d36da333c26f0c4933f6aaa3eaa5866f2c832d0cc150b0205b102f16a2", @generic="bd65e8ecc48593442fb4e9b3642dffff8a45a60dfc727c628e2a2bcfd35c3f9c7cf26eb68fee7e32c497aa5fd3eee29ff7c455bbc102f12f145d784c3678e39adf0109d169dd5114697bf0d418e34acc4553798089b5bdc7136e8659e1f9334d090f3f6775f2bb1d6931c83c83f276858bd4c9dfa2ff9fc936956b54b17a4ab974db55218bc4c18da5e1ffeb18fd43d34c5ed58271504efcccc7ec7ce38c8125645aa78d14e41b76dddf490c8a34a5791fdb6037e90aad611a971565faf121f9689857b55a14333206ee0ef7dea1cf664f8c25b32d2e584e937de46f750faa77013f5f94f536f4b6324ad3f8e94a46", @typed={0xc, 0x64, @u64=0x5}, @generic="7907114c772baf1736c705f082494fe07e2771d6cd4a4c0ca91c28d9a12b9119bcd47985ec6b259fd35d5108a1afa2", @generic="cfd56f45a98c1febc9f1b7844b679c25cdb4a758fd2f07585f17b2b908bb1dd8a42b9a5d083b0bf3bf477f7f5b5a155cb0ea070af685e4ba585b4ac2dcdd6073e132956340c349c2cd4d312fe9df00a49289725d48033775dda545847586c330f7153959225eb9a3784fe39786cf45835c1c92ca240d001394f50f11fad85a6238de270b0e40"]}, 0x204}], 0x3, &(0x7f0000000540)=[@cred={{0x1c, 0x1, 0x2, {r5, r13, r14}}}, @rights={{0x14, 0x1, 0x1, [r15]}}], 0x38, 0x64010}, 0x10) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="75696457206734a0c607326192a3f1bfe8adbd651d5c0c0205489fc786d51683000000000000006ad79017d1d38dd1744875267ff2afbcfc2cc9f4d016f112909d4383666916fbcc4060466ad816cad9df18d58e5a93afd8f0a9ab9b6c7016b7808b4c9756e5bba1eb0f9976107be79ed69520012265a47e2a9d8dd9fd61b8cfe0bd46f7478d02642e5adf8fb88206e03fa2b7d5b472cb8e68369befd6fd74bea5a482c7a4", @ANYRESHEX=r6, @ANYBLOB=',\x00']) ioctl$UI_SET_LEDBIT(r1, 0x40045569, 0xa) ioctl$SIOCAX25ADDUID(r2, 0x89e1, &(0x7f0000000080)={0x3, @default, r6}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r16) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000240)='/selinux/avc/cache_stats\x00', 0x0, 0x0) lchown(&(0x7f0000000200)='./file0\x00', r6, r16) setsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000180)=0xfa7e, 0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02e0ff000103030000000000020036b0", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020000000000000009f761db6d2d9d7bdc881f0b3fe9d74ed9234a5c151c8f96d9b36da89423a78918cfd9f17499538f371fe45eb239da09d282161aadb9c1fb85e1be1614477058f"], 0x9, 0x0) open(&(0x7f00000001c0)='./file0\x00', 0x200000, 0x1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="0200000001000000000000000400007d0000000010000000000000200000000000000000"], 0x24, 0x0) 02:56:39 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x56029568, 0x0, 0x1, 0x2}) ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40106436, &(0x7f0000000040)={r1, 0x4}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {0x8, 0x5}]}, 0x44, 0x0) 02:56:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x4) ioctl$RTC_PLL_SET(r3, 0x40207012, &(0x7f0000000100)={0x6, 0x6, 0x3f, 0x1, 0x0, 0x8, 0x80000001}) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) unlinkat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 336.070461] x86/PAT: syz-executor.3:12989 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:39 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8, 0x400, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x200}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x400, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e22, 0x2, @loopback, 0x9}]}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000180)={r2, 0x800}, 0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 336.115745] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 336.118173] x86/PAT: syz-executor.3:12989 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:39 executing program 3 (fault-call:8 fault-nth:44): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:39 executing program 4: r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x1, 0x2) ioctl$VIDIOC_DBG_G_REGISTER(r1, 0xc0385650, &(0x7f00000000c0)={{0x1, @name="e4cd9d79dc9c1d1f17cfac3503b43ac547c190a0f5c642c46b255eb0227c7559"}, 0x8, 0x100, 0x1ff}) 02:56:39 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}]}, 0x2c, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000100)={0xfffffffffffffff8}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x400000000000, 0x0, 0x3, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:39 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) epoll_create1(0x80000) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[], 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 336.325605] x86/PAT: syz-executor.3:13044 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 336.347105] FAULT_INJECTION: forcing a failure. [ 336.347105] name failslab, interval 1, probability 0, space 0, times 0 [ 336.391473] CPU: 0 PID: 13044 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 336.398529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.407890] Call Trace: [ 336.410491] dump_stack+0x138/0x197 [ 336.414220] should_fail.cold+0x10f/0x159 [ 336.418407] should_failslab+0xdb/0x130 [ 336.422392] kmem_cache_alloc+0x2d7/0x780 [ 336.426551] copy_process.part.0+0x444f/0x6a00 [ 336.431152] ? __cleanup_sighand+0x50/0x50 [ 336.435392] ? lock_downgrade+0x6e0/0x6e0 [ 336.439619] _do_fork+0x19e/0xce0 [ 336.443078] ? fork_idle+0x280/0x280 [ 336.446796] ? fput+0xd4/0x150 [ 336.449992] ? SyS_write+0x15e/0x230 [ 336.453711] SyS_clone+0x37/0x50 [ 336.457109] ? sys_vfork+0x30/0x30 [ 336.460661] do_syscall_64+0x1e8/0x640 [ 336.464557] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.469410] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 336.474604] RIP: 0033:0x4598e9 [ 336.477791] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:39 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x240, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f00000000c0)={0x7, 0x8, [0x4, 0x7]}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 336.485603] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 336.492874] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 336.500152] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 336.507425] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 336.514695] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:39 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r2) fsetxattr$system_posix_acl(r1, &(0x7f0000000400)='system.posix_aca_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{0x8, 0x0, r2}, {0x8, 0x1}, {}], {0x10, 0x2}}, 0x44, 0x1) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040)) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup(r4) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r6, @ANYBLOB="2c01"]) ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000080)={0x3, @default, r6}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@ipv4={[], [], @multicast1}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000180)=0xe8) r8 = syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x2, 0x640180) ioctl$KVM_SIGNAL_MSI(r8, 0x4020aea5, &(0x7f00000003c0)={0x4000, 0x2000, 0x1000, 0x6000000000000000, 0x100000000}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000340)={{}, {0x1, 0x2}, [{0x2, 0x1, r6}, {0x2, 0x0, r7}], {}, [{}, {}, {}]}, 0x4c, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000000c0)={0x200, {{0xa, 0x4e23, 0xffff, @dev={0xfe, 0x80, [], 0xb}, 0x1}}}, 0x88) 02:56:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x16) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(r3, &(0x7f0000000000)='net/l2cap\x00') perf_event_open(&(0x7f0000000100)={0x3, 0x70, 0x0, 0x5, 0x1f, 0x2, 0x0, 0x2, 0x201, 0x2, 0x9, 0x400, 0x2e9136d, 0x8, 0x5, 0x100000001, 0x58, 0x4, 0x401, 0x0, 0x6, 0xfff, 0x4, 0x3, 0x40, 0x4f3, 0x7ff, 0x200, 0x800, 0x100, 0xffffffffffff0001, 0x1, 0x6, 0x1, 0x5, 0x28000, 0x7, 0x4, 0x0, 0x7, 0x0, @perf_bp={&(0x7f00000000c0), 0x4}, 0x21000, 0x2, 0x7, 0x0, 0x4, 0x80, 0x2}, r3, 0xb, r2, 0x2) ioctl$KDDELIO(r2, 0x4b35, 0x21c7) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:40 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_aul_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYRES16=r1], 0x9, 0x0) [ 336.633922] ntfs: (device loop1): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ 02:56:40 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = accept4$tipc(0xffffffffffffffff, &(0x7f00000015c0)=@name, &(0x7f0000001600)=0x10, 0x800) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000001640), 0x4) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x2000, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:40 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SIOCGETNODEID(r0, 0x89e1, &(0x7f0000000000)={0x2}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:40 executing program 4: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x400, 0x0) sendto$netrom(r0, &(0x7f00000000c0)="9b56833e656bfe1f1ee1e1d01159c659306a30ab04a6de08fcf7d8bccb4e2fa74c2ff26b84591e08511e7afc8656d412947dccd59eb8a9778a31403a2db8021b605ea42dcf0548d54b8ad5a7e1f90f9d143a816908d02367e1189c36fe7a5ba697f82b25e99ca1143f99", 0x6a, 0x4800, 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x5) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000140)=0x1, 0x4) socket$inet6_sctp(0xa, 0x5, 0x84) sendto$unix(r0, &(0x7f00000003c0)="7b254da292f0573da6ae8ece902455f7d8c27667d9c800a417cbc57e258aec280906285b3478beae256d97d2c9353dd5705edbed955b274e5b0aabe89d4b31c1d63afd9b3389f22e0189379bf7086e72bc", 0x51, 0x20000001, &(0x7f0000000540)=@file={0x1, './file0\x00'}, 0x6e) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02960000010000000000000002040000", @ANYRES32=0x0, @ANYBLOB="040004000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) ioctl$SIOCX25SCUDMATCHLEN(r1, 0x89e7, &(0x7f0000000440)={0x1c}) write$UHID_CREATE2(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a346535516adb70f000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f7009b03d900000000000080000100000001000063c3316e57d13aee4817e847b66e8e1e9438782fbf212c220ae59d3ac7b1e4ee7b196159d7fbe377cf7ff10510072b4e93dfe54677ed02b4d2930b92d37df13f4efca6d16c3661be5b5025ecd3bf6fa157059838dd1c5dce7904be79b7543a353eafb3515e42558c0d93d8e7cad38d496aea52583c4f360047e57d976eacc103d6ae669ef7bf4a699c3142a67727c78f53d2e1471c084ca8ccec9e38c19a7155f0ef4d59d126eca5eaa2db3f6d130d326525c30f371b25e8f07ac8087c8772398854c8b986f954a8dd4f41353d2a2c0e37e5a422a9c9fe9f581e23d0d05ef53cbba8a7d885e66c31c12255632e6e09c99e286dc4830af100"/527], 0x20f) connect$inet6(r0, &(0x7f00000005c0)={0xa, 0x4e20, 0x200, @dev={0xfe, 0x80, [], 0xa}, 0x3}, 0x1c) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000)) [ 336.904250] x86/PAT: syz-executor.3:13044 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 336.935138] x86/PAT: syz-executor.3:13044 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:40 executing program 3 (fault-call:8 fault-nth:45): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_config_ext={0x8001, 0x4}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:40 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fcntl$getflags(r0, 0x3) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0x32) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x80000004, 0x400) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000040), &(0x7f00000000c0)=0x4) 02:56:40 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000100)=@raw={'raw\x00', 0x9, 0x3, 0x388, 0x0, 0x180, 0x0, 0x180, 0x0, 0x2b8, 0x2b8, 0x2b8, 0x2b8, 0x2b8, 0x3, &(0x7f00000000c0), {[{{@ipv6={@ipv4={[], [], @multicast2}, @rand_addr="903c76d51b0650b8ded1cf231ef8be91", [0xffffffff, 0x0, 0xff, 0xff00007f], [0xffffff00, 0xff000000, 0xffffffff, 0xff000000], 'bridge_slave_0\x00', 'lapb0\x00', {}, {0xff}, 0x88, 0x8f22, 0x4, 0x1}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@eui64={0x28, 'eui64\x00'}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x31, 0x80, 0x5000, 0x40, 'pptp\x00', 'syz1\x00', 0x7}}}, {{@ipv6={@dev={0xfe, 0x80, [], 0xa}, @rand_addr="1b08f29c443545269d2dd2afa16f881e", [0x0, 0x0, 0xff000000, 0xa81634c4178ac041], [0x95d971eb4f77f3af, 0x0, 0xff, 0x80000080], 'vlan0\x00', 'bpq0\x00', {}, {}, 0x1a0, 0x1, 0x2, 0x40}, 0x0, 0x118, 0x138, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1794edf19447d3c9}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0xa}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8) 02:56:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000080)={r1}) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:40 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0, 0x7}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 337.061583] x86/PAT: syz-executor.3:13103 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 337.100228] FAULT_INJECTION: forcing a failure. [ 337.100228] name failslab, interval 1, probability 0, space 0, times 0 [ 337.130519] CPU: 1 PID: 13103 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 337.137669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.147125] Call Trace: [ 337.149782] dump_stack+0x138/0x197 [ 337.153421] should_fail.cold+0x10f/0x159 [ 337.157594] should_failslab+0xdb/0x130 [ 337.161582] kmem_cache_alloc+0x2d7/0x780 [ 337.165762] copy_process.part.0+0x444f/0x6a00 [ 337.170380] ? __cleanup_sighand+0x50/0x50 [ 337.174633] ? lock_downgrade+0x6e0/0x6e0 [ 337.178793] _do_fork+0x19e/0xce0 [ 337.182248] ? fork_idle+0x280/0x280 [ 337.185970] ? fput+0xd4/0x150 [ 337.189163] ? SyS_write+0x15e/0x230 [ 337.192878] SyS_clone+0x37/0x50 [ 337.196243] ? sys_vfork+0x30/0x30 [ 337.199818] do_syscall_64+0x1e8/0x640 [ 337.203823] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.208689] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 337.213885] RIP: 0033:0x4598e9 [ 337.217075] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 337.224788] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 337.232064] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 337.239339] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 337.246617] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 337.253892] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:40 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="0200060000028f0000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r1, 0x5) 02:56:40 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000080)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x7}}, 0x10) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) socket$alg(0x26, 0x5, 0x0) 02:56:40 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f00000000c0)={0x2, 0x70, 0x4, 0x1f, 0x481, 0x2, 0x0, 0x68a, 0x80100, 0x9, 0x9, 0x5, 0x7, 0x676f0f36, 0x7f, 0x40, 0x4, 0x6, 0x7, 0x7, 0x8, 0x0, 0xfffffffffffffff8, 0x0, 0x4, 0x7, 0xae, 0xa7, 0x8, 0x0, 0x7fff, 0x20, 0x9, 0x40, 0xd5e, 0x1f, 0x8, 0x80000001, 0x0, 0xc1cd, 0x6, @perf_config_ext={0x8d7}, 0x1, 0x6, 0x3, 0x5, 0x0, 0x80000001, 0x7fffffff}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:40 executing program 1: r0 = open(&(0x7f0000000040)='./file0\x00', 0x20000, 0x2) ioctl$VIDIOC_DBG_S_REGISTER(r0, 0x4038564f, &(0x7f00000000c0)={{0x1, @addr=0xf5}, 0x8, 0xb120, 0x7}) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) 02:56:40 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x6, 0x25}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:40 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 337.522351] [ 337.526574] ********************************************************** [ 337.542879] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 337.566835] ** ** [ 337.581462] ** trace_printk() being used. Allocating extra memory. ** [ 337.591552] ** ** [ 337.614455] ** This means that this is a DEBUG kernel and it is ** [ 337.633474] ** unsafe for production use. ** [ 337.641003] x86/PAT: syz-executor.3:13103 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 337.650683] ** ** [ 337.660475] x86/PAT: syz-executor.3:13103 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 337.668284] ** If you see this message and you are not debugging ** 02:56:41 executing program 3 (fault-call:8 fault-nth:46): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 337.682835] ** the kernel, report this immediately to your vendor! ** [ 337.705189] ** ** [ 337.723168] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** 02:56:41 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = socket$netlink(0x10, 0x3, 0x15) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000080)=""/201, &(0x7f0000000180)=0xc9) 02:56:41 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x8000, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, r6, {}, {}, {0x0, 0xfff6}}}, 0x24}}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'nr0\x00', r6}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) [ 337.738877] ********************************************************** [ 337.793501] audit: type=1400 audit(1568429801.193:67): avc: denied { create } for pid=13144 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 [ 337.855126] x86/PAT: syz-executor.3:13148 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 337.876793] FAULT_INJECTION: forcing a failure. [ 337.876793] name failslab, interval 1, probability 0, space 0, times 0 [ 337.910341] audit: type=1400 audit(1568429801.223:68): avc: denied { getopt } for pid=13144 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 02:56:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2cd, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000200)='/dev/midi#\x00', 0x2, 0x400) ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x7f) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, 0x0}) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x22201, 0x0) ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f00000001c0)=0x9) perf_event_open(&(0x7f00000000c0)={0x5, 0x70, 0x3, 0x0, 0x5, 0x7, 0x0, 0x7, 0x8, 0x8, 0x1, 0x0, 0x1000, 0x59c, 0xf6, 0x4, 0x20, 0x0, 0x8001, 0x2b, 0x902f, 0x7fffffff, 0x5829, 0x2, 0x100000001, 0x4, 0x3f, 0xfdb, 0x7, 0x9, 0x249, 0x3, 0x4, 0x80000000, 0xfffffffffffffffa, 0xca, 0x1000000000, 0x20, 0x0, 0x7fffffff, 0x4, @perf_bp={&(0x7f0000000080), 0xe}, 0x10000, 0x80000001, 0x7, 0x2, 0x57809e8, 0x33f8, 0x4}, r3, 0xf, 0xffffffffffffffff, 0x1) 02:56:41 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$vhci(r0, &(0x7f00000000c0)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x80800) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 337.952419] CPU: 1 PID: 13148 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 337.959480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.968840] Call Trace: [ 337.971442] dump_stack+0x138/0x197 [ 337.975082] should_fail.cold+0x10f/0x159 [ 337.979244] should_failslab+0xdb/0x130 [ 337.983258] kmem_cache_alloc+0x47/0x780 [ 337.987328] ? anon_vma_chain_link+0x142/0x1a0 [ 337.991924] anon_vma_clone+0xde/0x470 [ 337.995825] anon_vma_fork+0x87/0x4d0 [ 337.999635] copy_process.part.0+0x45e2/0x6a00 [ 338.004241] ? __cleanup_sighand+0x50/0x50 [ 338.008478] ? lock_downgrade+0x6e0/0x6e0 [ 338.012639] _do_fork+0x19e/0xce0 [ 338.016226] ? fork_idle+0x280/0x280 [ 338.019953] ? fput+0xd4/0x150 [ 338.023149] ? SyS_write+0x15e/0x230 [ 338.026870] SyS_clone+0x37/0x50 [ 338.030242] ? sys_vfork+0x30/0x30 [ 338.033792] do_syscall_64+0x1e8/0x640 [ 338.037689] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.042548] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 338.047733] RIP: 0033:0x4598e9 [ 338.047741] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 338.058720] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 338.065988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 338.065995] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 338.066001] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 338.066006] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:41 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000000)=0x71, 0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[], 0x0, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000040)={'dummy0\x00', {0x2, 0x4e20, @broadcast}}) 02:56:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) bind$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2711, @my=0x0}, 0x10) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:41 executing program 3 (fault-call:8 fault-nth:47): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 338.108227] x86/PAT: syz-executor.3:13164 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 338.141424] x86/PAT: syz-executor.3:13164 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:41 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [], 0x3, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}], 0x0, [{}, {}, {}]}, 0xa8) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0xe41d40f1a73559f3, 0x0) r3 = syz_open_dev$cec(&(0x7f00000001c0)='/dev/cec#\x00', 0x1, 0x2) write$selinux_create(r3, &(0x7f0000000200)=@objname={'/usr/lib/telepathy/mission-control-5', 0x20, 'system_u:system_r:kernel_t:s0', 0x20, 0x0, 0x20, './file0\x00'}, 0x60) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r2, &(0x7f0000000180)={0x40000010}) 02:56:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffb000/0x4000)=nil, 0x4000}, &(0x7f0000000140)=0x10) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x44800, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) [ 338.231700] x86/PAT: syz-executor.3:13176 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 338.261895] FAULT_INJECTION: forcing a failure. [ 338.261895] name failslab, interval 1, probability 0, space 0, times 0 02:56:41 executing program 4: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) bind$tipc(r0, &(0x7f0000000340)=@name={0x1e, 0x2, 0x1, {{0x2}}}, 0x10) r1 = perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000280)={0x2, 0x4e20, @remote}, 0x10) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) ioctl$TIOCSPTLCK(r6, 0x40045431, &(0x7f00000002c0)=0x1) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, r8, {}, {}, {0x0, 0xfff6}}}, 0x24}}, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@mcast2, 0x34, r8}) r9 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000e1ff", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r9, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r9, 0x0, 0x48a, &(0x7f0000000380)={0xffff, 0x20, 0x4}, 0xc) [ 338.294279] CPU: 1 PID: 13176 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 338.301326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.301332] Call Trace: [ 338.301349] dump_stack+0x138/0x197 [ 338.301367] should_fail.cold+0x10f/0x159 [ 338.301378] ? anon_vma_clone+0xde/0x470 [ 338.301390] should_failslab+0xdb/0x130 [ 338.301402] kmem_cache_alloc+0x47/0x780 [ 338.301414] ? anon_vma_chain_link+0x142/0x1a0 [ 338.301427] anon_vma_clone+0xde/0x470 [ 338.301443] anon_vma_fork+0x87/0x4d0 [ 338.301457] copy_process.part.0+0x45e2/0x6a00 [ 338.301484] ? __cleanup_sighand+0x50/0x50 [ 338.354596] ? lock_downgrade+0x6e0/0x6e0 [ 338.358773] _do_fork+0x19e/0xce0 [ 338.362231] ? fork_idle+0x280/0x280 [ 338.365953] ? fput+0xd4/0x150 [ 338.369150] ? SyS_write+0x15e/0x230 [ 338.372875] SyS_clone+0x37/0x50 [ 338.376246] ? sys_vfork+0x30/0x30 [ 338.379821] do_syscall_64+0x1e8/0x640 [ 338.383720] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.388577] entry_SYSCALL_64_after_hwframe+0x42/0xb7 02:56:41 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{0x2, 0x2}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f00000003c0)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000426bd7000000000000300000010000400000000000000000071000000510908edbceffc09bbd5521c6cbb3eb12f24b4ee0c8b081a66fd4dbe3c5ad9c788c2162fcd829f2f37fdc68656d7b26eac60c1dab49dd8e91be8257c331fa36e6bc8e03b55b9b0aff88699e5399a922568750f45c51e47c5ef903a9005bb381a34226ce89d754d2dc8f852a3091ff2e8da4f702cff74935ffa55c13b3d90b285a16e0b30ef7deac709b7c6eb3ca40decf95ba80aeb886666614c2f197911eef3ccf32b119d6902bf936e0d0cc03a386eb989a8a63b23311cae514cf752e96e283e01755993f60f"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1420}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, r1, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x17754bbc}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x9c}, 0x4000) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) [ 338.393768] RIP: 0033:0x4598e9 [ 338.396957] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 338.404671] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 338.411946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 338.419581] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 338.426853] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 338.434129] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:41 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x1d6, 0x0) 02:56:41 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:41 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400000986877e743849c8daa4e15a95ac97000000000008000000a4ec87fceb248642d442736c3aed5aa4a184942484bc5d00cb1602d5ff525e5b4a04a347b58513ee6bbf78475d833d9170a26b72ce4cb35b2aeab0affc0603d6a6d5263b492fe2be414ddd9fe3b15ecc5898749defc9b6727ba70cbcd680d955f5c36e3b6fa078371f2585e81d9985ef38043798700f9972cac695d04cff85391c1cdfe4935ef9c044cc4709567db2d46cfbc41eb84b82993a578678b3d156f3613a837f94952032a6e6ac376f9dd7", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:42 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) 02:56:42 executing program 4: r0 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xff, 0x2020) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9213, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_config_ext={0x6f, 0x9}, 0x0, 0x0, 0x0, 0x1, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) munmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:42 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = syz_genetlink_get_family_id$net_dm(0x0) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000410}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r3, 0x100, 0x0, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x20040000) r4 = syz_genetlink_get_family_id$net_dm(0x0) sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000410}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x100, 0x0, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x20040000) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_START(r5, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r4, 0x302, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x1) close(r2) socket$netlink(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfef0) splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0) 02:56:42 executing program 3 (fault-call:8 fault-nth:48): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:42 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {0x8, 0x0, r1}, {}], {0x10, 0x2}}, 0x44, 0x0) syz_mount_image$nfs4(&(0x7f0000000040)='nfs4\x00', &(0x7f00000000c0)='./file0\x00', 0x5, 0x2, &(0x7f0000000240)=[{&(0x7f0000000100)="93573227b903ab703f92e21738a102ee9044842fc7dead5da80a4385fe2abd435fa278e4ca55274d20efacefe43c3c6d3b864f29fd95460f7f0cc6b9c8b8c2ab1550950101bbb12fd1c580a0f3e542caaa2fc09c7fb9d3a93efcefac30cce1", 0x5f, 0x9}, {&(0x7f0000000180)="d02dacb59876903a5452b532cdf4374a48821768169262f864af591abf2eb833126b0a97316895d0458a7dea8c2fca900c30a810e7c8b6f2b9aef23865061723c8306019f0783294122b3c45c20eb771e97a8568ff969d08831d3eeee7536b277a154e915844f9591b018d0fbbbbcedb3d3528873c2eb1117ddab6141dad36cb14e7e35c67b937cfa691cb390039ceb434892362f17421ee4edbee0f35f2c9b6d942440dcbc50e378ea69909504c523dcbceacee35a9", 0xb6, 0x2}], 0x10000, &(0x7f0000000280)='\x00') setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000)=0x5, 0x4) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {0x4, 0xc038c15ac9720eeb}}, 0x2c, 0x0) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:42 executing program 1: open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80, 0x0) 02:56:42 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="00050000", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000f50c00"], 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) openat$cgroup_ro(r1, &(0x7f0000000080)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0), 0xfffffffffffffee0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 338.759760] x86/PAT: syz-executor.3:13216 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 338.801255] x86/PAT: syz-executor.3:13216 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc0800) r3 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r4 = socket$inet(0xa, 0x801, 0x84) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000000c0)={r6, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x73, &(0x7f0000000580)={r6, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000000c0)={0xe9, 0x72, 0x4, 0x0, 0x3, 0x9, 0xd48, 0x7e1a, r6}, &(0x7f0000000100)=0x20) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:42 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010002000000000002000000", @ANYRES32=0x0, @ANYBLOB="9d000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) 02:56:42 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x164, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xeffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) setxattr$security_evm(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.evm\x00', &(0x7f0000000180)=@md5={0x1, "46af6ce1547a457d47ae56b252651d32"}, 0x11, 0x0) r1 = dup(0xffffffffffffffff) getsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x6) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) socket$inet6_tcp(0xa, 0x1, 0x0) [ 338.929393] x86/PAT: syz-executor.3:13243 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 338.931345] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 338.950282] FAULT_INJECTION: forcing a failure. [ 338.950282] name failslab, interval 1, probability 0, space 0, times 0 [ 338.975890] CPU: 1 PID: 13243 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 338.982935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.992297] Call Trace: [ 338.994891] dump_stack+0x138/0x197 [ 338.994909] should_fail.cold+0x10f/0x159 [ 338.994923] ? anon_vma_clone+0xde/0x470 [ 339.002671] should_failslab+0xdb/0x130 [ 339.002685] kmem_cache_alloc+0x47/0x780 [ 339.002697] ? anon_vma_chain_link+0x142/0x1a0 [ 339.002708] anon_vma_clone+0xde/0x470 [ 339.002722] anon_vma_fork+0x87/0x4d0 [ 339.002738] copy_process.part.0+0x45e2/0x6a00 [ 339.020643] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 339.023453] ? __cleanup_sighand+0x50/0x50 [ 339.023466] ? lock_downgrade+0x6e0/0x6e0 [ 339.023483] _do_fork+0x19e/0xce0 [ 339.042069] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 339.043890] ? fork_idle+0x280/0x280 [ 339.043903] ? fput+0xd4/0x150 02:56:42 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) ioperm(0x6, 0xc0f9, 0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) 02:56:42 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="01000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:42 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) write$selinux_create(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0x0) [ 339.043913] ? SyS_write+0x15e/0x230 [ 339.043929] SyS_clone+0x37/0x50 [ 339.043938] ? sys_vfork+0x30/0x30 [ 339.043950] do_syscall_64+0x1e8/0x640 [ 339.043958] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.043972] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 339.043980] RIP: 0033:0x4598e9 [ 339.043985] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 339.043994] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 339.044000] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 339.044005] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 339.044012] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 339.044016] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 339.148610] x86/PAT: syz-executor.3:13243 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:42 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1000}, 0xffffffffffffffff, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x0, 0x82080) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000000c0)={0x2c5, 0x2}) [ 339.203198] x86/PAT: syz-executor.3:13243 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 339.249682] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 339.322002] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 339.371744] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 339.398914] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 02:56:42 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {0x1, 0x2}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fcntl$dupfd(r2, 0x406, r3) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) recvmmsg(r1, &(0x7f0000006d00)=[{{&(0x7f0000000000)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000000180), 0x3, &(0x7f00000001c0)=""/62, 0x3e}, 0x62}, {{&(0x7f0000000200)=@tipc, 0x80, &(0x7f0000000380)=[{&(0x7f0000000280)=""/39, 0x27}, {&(0x7f00000002c0)=""/182, 0xb6}], 0x2, &(0x7f00000003c0)=""/180, 0xb4}, 0x4}, {{&(0x7f0000001540)=@nfc, 0x80, &(0x7f0000003680)=[{&(0x7f00000015c0)=""/130, 0x82}, {&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f0000002680)=""/4096, 0x1000}], 0x3, &(0x7f00000036c0)=""/35, 0x23}, 0x5}, {{&(0x7f0000003700)=@pptp, 0x80, &(0x7f0000003c80)=[{&(0x7f0000003780)=""/150, 0xffffffffffffff93}, {&(0x7f0000003840)=""/138, 0xffffffffffffffbb}, {&(0x7f0000003900)=""/141, 0x8d}, {&(0x7f00000039c0)=""/167, 0xa7}, {&(0x7f0000003a80)=""/226, 0xe2}, {&(0x7f0000003b80)=""/22, 0x16}, {&(0x7f0000003bc0)=""/123, 0x7b}, {&(0x7f0000003c40)=""/43, 0x2b}], 0x8, &(0x7f0000003d00)=""/33, 0x21}, 0x6}, {{&(0x7f0000003d40)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000003f00)=[{&(0x7f0000003dc0)=""/114, 0xfffffffffffffdd7}, {&(0x7f0000003e40)=""/187, 0xbb}], 0x2}, 0x9}, {{&(0x7f0000003f40)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000004180)=[{&(0x7f0000003fc0)=""/169, 0xa9}, {&(0x7f0000004080)=""/130, 0x82}, {&(0x7f0000004140)=""/41, 0x29}], 0x3, &(0x7f0000006f80)=""/127, 0x7f}, 0x6}, {{&(0x7f0000004240)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000004340)=[{&(0x7f00000042c0)=""/126, 0x7e}], 0x1}, 0x3}, {{&(0x7f0000004380)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000005880)=[{&(0x7f0000004400)=""/119, 0x77}, {&(0x7f0000004480)=""/230, 0xe6}, {&(0x7f0000004580)=""/44, 0x2c}, {&(0x7f00000045c0)=""/123, 0x7b}, {&(0x7f0000004640)=""/4096, 0x1000}, {&(0x7f0000005640)=""/217, 0xd9}, {&(0x7f0000005740)=""/228, 0xe4}, {&(0x7f0000005840)=""/51, 0xffffff62}], 0x8}}, {{0x0, 0x0, &(0x7f0000006c40)=[{&(0x7f0000005900)=""/92, 0x5c}, {&(0x7f0000005980)=""/116, 0x74}, {&(0x7f0000005a00)=""/192, 0xc0}, {&(0x7f0000005ac0)=""/39, 0x27}, {&(0x7f0000005b00)=""/176, 0xb0}, {&(0x7f0000005bc0)=""/4096, 0x1000}, {&(0x7f0000006bc0)=""/105, 0x69}], 0x7, &(0x7f0000006cc0)=""/54, 0x36}}], 0x9, 0x2, &(0x7f0000006f40)) setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0) 02:56:42 executing program 5: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000080)={{0x800, 0x2}, 0x1, 0x3, 0x4, {0x7}, 0x7fff, 0x4}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:42 executing program 3 (fault-call:8 fault-nth:49): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:42 executing program 4: perf_event_open$cgroup(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:42 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r5 = socket$inet(0xa, 0x801, 0x84) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000000c0)={r7, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000580)={r7, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f00000001c0)={r7, 0x6}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000300)={r8, @in6={{0xa, 0x4e23, 0x8, @ipv4={[], [], @multicast2}, 0xff}}, 0x6, 0x5, 0x4c51, 0x6, 0x2}, &(0x7f0000000240)=0x98) r9 = socket$inet(0xa, 0x801, 0x84) r10 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000000c0)={r11, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000580)={r11, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000040)={r11, 0x101, 0x5, [0x1ff, 0x1f66, 0x6, 0x2, 0x7fffffff]}, &(0x7f00000000c0)=0x12) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$CAPI_GET_SERIAL(r1, 0xc0044308, &(0x7f0000000000)=0x5) r12 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r12, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") setsockopt$inet_udp_encap(r12, 0x11, 0x64, &(0x7f0000000280)=0x3, 0x4) 02:56:42 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x6, 0x25}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 339.416480] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 339.429980] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 [ 339.444052] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13218 comm=syz-executor.2 02:56:42 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f00000000c0)={0x6, 0x0, 0x201e, 0xffffffffffff0000, 0x4, 0x5, 0x7f}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000080)={r0}) 02:56:42 executing program 2: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) socket$rds(0x15, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) setsockopt$inet6_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000080)=@gcm_128={{0x303}, "9fbc36110bed82dc", "963c8869291a2deba06a61523f5231c3", "249084e7", "54050585db5d8e60"}, 0x28) 02:56:43 executing program 1: setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0) sync() pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x803, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) [ 339.543059] x86/PAT: syz-executor.3:13290 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:43 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x82040, 0x0) ioctl$PPPIOCGMRU(r2, 0x80047453, &(0x7f00000000c0)) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 339.638202] FAULT_INJECTION: forcing a failure. [ 339.638202] name failslab, interval 1, probability 0, space 0, times 0 02:56:43 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1b, &(0x7f0000000280)=0x400100000001, 0x2) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000000)={0x4900000000000000, 0x5c954ceb5134da8, 0x80000000, 0x1d, 0x5}) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000040)=[@sack_perm, @timestamp], 0x2) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @rand_addr="4f2b35bb060134541cf0342a703e0f17"}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x10010000000035) fcntl$setstatus(r0, 0x4, 0x80000000002c00) 02:56:43 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:43 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TCGETX(r0, 0x5432, &(0x7f0000000040)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SG_GET_ACCESS_COUNT(r2, 0x2289, &(0x7f0000000000)) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_access\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x7d3ed44f1126dda0}}, 0x44, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@broadcast, @in6=@dev}}, {{@in6=@empty}, 0x0, @in6=@initdev}}, &(0x7f00000001c0)=0xe8) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup(r4) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r6, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000080)={0x3, @default, r6}) lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = dup(r8) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r10, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r7, 0x89e1, &(0x7f0000000080)={0x3, @default, r10}) r11 = socket$inet6_dccp(0xa, 0x6, 0x0) r12 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r13 = socket$inet6_tcp(0xa, 0x1, 0x0) r14 = dup(r13) getsockopt$sock_cred(r14, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r15, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r12, 0x89e1, &(0x7f0000000080)={0x3, @default, r15}) fsetxattr$system_posix_acl(r11, &(0x7f0000000500)='{ystem.posix_acl_default\x00', &(0x7f0000000300)={{}, {0x1, 0x4}, [], {}, [], {0x10, 0x3}}, 0x24, 0x0) [ 339.701359] CPU: 1 PID: 13303 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 339.708414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.718164] Call Trace: [ 339.718186] dump_stack+0x138/0x197 02:56:43 executing program 3 (fault-call:8 fault-nth:50): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:43 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}, {0x20, 0x6}}, 0x44, 0x0) lookup_dcookie(0x58d3, &(0x7f00000001c0)=""/206, 0xce) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r3 = socket$inet(0xa, 0x801, 0x84) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000000c0)={r5, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) shmget$private(0x0, 0x4000, 0x800, &(0x7f0000ffb000/0x4000)=nil) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000580)={r5, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000040)={r5, 0x8000, 0x10001}, &(0x7f0000000080)=0x10) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@ipv6_getanyicast={0x14, 0x3e, 0x1, 0x70bd25, 0x25dfdbff, {}, ["", "", ""]}, 0x14}}, 0x0) [ 339.718204] should_fail.cold+0x10f/0x159 [ 339.718221] should_failslab+0xdb/0x130 [ 339.718235] kmem_cache_alloc+0x2d7/0x780 [ 339.718247] ? anon_vma_clone+0x310/0x470 [ 339.718264] anon_vma_fork+0xe9/0x4d0 [ 339.718281] copy_process.part.0+0x45e2/0x6a00 [ 339.718314] ? __cleanup_sighand+0x50/0x50 02:56:43 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x747200, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r2, 0x28, &(0x7f00000000c0)}, 0x10) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000140)={{{@in=@multicast1, @in6=@initdev}}, {{@in=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000000240)=0xe8) [ 339.718325] ? lock_downgrade+0x6e0/0x6e0 [ 339.718342] _do_fork+0x19e/0xce0 [ 339.718356] ? fork_idle+0x280/0x280 [ 339.718370] ? fput+0xd4/0x150 02:56:43 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) read(r0, &(0x7f00000001c0)=""/48, 0x5) 02:56:43 executing program 4: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x80000, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43091, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0, 0x6}, 0x10, 0x0, 0x3ff, 0x2}, 0xffffffffffffffff, 0x0, r0, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa8, r2, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_DAEMON={0x70, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x7fff}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'eql\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x7}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x10}, 0x0) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f00000000c0)) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 339.718380] ? SyS_write+0x15e/0x230 [ 339.718395] SyS_clone+0x37/0x50 [ 339.718404] ? sys_vfork+0x30/0x30 02:56:43 executing program 3 (fault-call:8 fault-nth:51): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:43 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x593a, 0x400) ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000000100)) r1 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0x40046205, &(0x7f00000002c0)={0x4c, 0x0, &(0x7f00000001c0)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TIOCNOTTY(r2, 0x5422) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="e1"}) clone(0x0, &(0x7f0000000240), 0x0, 0x0, 0x0) [ 339.718417] do_syscall_64+0x1e8/0x640 [ 339.718427] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.718444] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 339.718452] RIP: 0033:0x4598e9 [ 339.718457] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 339.718471] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 339.718478] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 339.718487] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 339.718493] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 339.718498] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 339.787469] x86/PAT: syz-executor.3:13290 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 339.787488] x86/PAT: syz-executor.3:13290 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 339.828005] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 339.879630] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 339.931366] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 339.959105] x86/PAT: syz-executor.3:13340 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 339.975658] FAULT_INJECTION: forcing a failure. [ 339.975658] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 339.975673] CPU: 1 PID: 13340 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 339.975680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.975683] Call Trace: [ 339.975700] dump_stack+0x138/0x197 [ 339.975717] should_fail.cold+0x10f/0x159 [ 339.975729] ? __might_sleep+0x93/0xb0 [ 339.975744] __alloc_pages_nodemask+0x1d6/0x7a0 [ 339.975755] ? save_stack+0x45/0xd0 [ 339.975763] ? kasan_kmalloc+0xce/0xf0 [ 339.975771] ? kasan_slab_alloc+0xf/0x20 [ 339.975781] ? __alloc_pages_slowpath+0x2930/0x2930 [ 339.975798] alloc_pages_current+0xec/0x1e0 [ 339.975812] pte_alloc_one+0x1a/0x100 [ 339.975821] __pte_alloc+0x2a/0x2d0 [ 339.975833] copy_page_range+0x11ba/0x1bd0 [ 339.975852] ? anon_vma_fork+0x358/0x4d0 [ 339.975883] ? __pmd_alloc+0x410/0x410 [ 339.975908] copy_process.part.0+0x4764/0x6a00 [ 339.975945] ? __cleanup_sighand+0x50/0x50 [ 339.975958] ? lock_downgrade+0x6e0/0x6e0 [ 339.975977] _do_fork+0x19e/0xce0 [ 339.975991] ? fork_idle+0x280/0x280 [ 339.976005] ? fput+0xd4/0x150 [ 339.976015] ? SyS_write+0x15e/0x230 [ 339.976030] SyS_clone+0x37/0x50 [ 339.976038] ? sys_vfork+0x30/0x30 [ 339.976050] do_syscall_64+0x1e8/0x640 [ 339.976059] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.976073] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 339.976080] RIP: 0033:0x4598e9 [ 339.976085] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 339.976095] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 339.976100] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 339.976106] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 339.976113] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 339.976119] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 339.981373] x86/PAT: syz-executor.3:13340 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 339.981389] x86/PAT: syz-executor.3:13340 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 340.428449] x86/PAT: syz-executor.3:13360 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 340.451868] FAULT_INJECTION: forcing a failure. [ 340.451868] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 340.479096] CPU: 1 PID: 13360 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 340.486154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.495520] Call Trace: [ 340.498120] dump_stack+0x138/0x197 [ 340.501766] should_fail.cold+0x10f/0x159 [ 340.505937] ? __might_sleep+0x93/0xb0 [ 340.509855] __alloc_pages_nodemask+0x1d6/0x7a0 [ 340.514532] ? save_stack+0x45/0xd0 [ 340.518166] ? kasan_kmalloc+0xce/0xf0 [ 340.522053] ? kasan_slab_alloc+0xf/0x20 [ 340.526120] ? __alloc_pages_slowpath+0x2930/0x2930 [ 340.531178] alloc_pages_current+0xec/0x1e0 [ 340.535514] pte_alloc_one+0x1a/0x100 [ 340.539325] __pte_alloc+0x2a/0x2d0 [ 340.543035] copy_page_range+0x11ba/0x1bd0 [ 340.547303] ? anon_vma_fork+0x358/0x4d0 [ 340.551390] ? __pmd_alloc+0x410/0x410 [ 340.555294] copy_process.part.0+0x4764/0x6a00 [ 340.559919] ? __cleanup_sighand+0x50/0x50 [ 340.564197] ? lock_downgrade+0x6e0/0x6e0 [ 340.568358] _do_fork+0x19e/0xce0 [ 340.571848] ? fork_idle+0x280/0x280 [ 340.575656] ? fput+0xd4/0x150 [ 340.578852] ? SyS_write+0x15e/0x230 [ 340.582573] SyS_clone+0x37/0x50 [ 340.585942] ? sys_vfork+0x30/0x30 [ 340.589487] do_syscall_64+0x1e8/0x640 [ 340.593465] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.598317] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 340.603509] RIP: 0033:0x4598e9 [ 340.606698] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 340.614618] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 340.621905] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 340.629201] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 340.636569] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 340.643844] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 340.664032] x86/PAT: syz-executor.3:13360 freeing invalid memtype [mem 0x00000000-0x00000fff] 02:56:44 executing program 1: setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0) sync() pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) socket$inet(0x2, 0x803, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 02:56:44 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r3 = socket$inet(0xa, 0x801, 0x84) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000000c0)={r5, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000580)={r5, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000080)={r5, @in6={{0xa, 0x4e22, 0xc6, @dev={0xfe, 0x80, [], 0x2a}, 0x24}}, 0xfffffffffffffb22, 0x6}, 0x90) 02:56:44 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={'netdevsim0\x00', {0x2, 0x4e24, @broadcast}}) 02:56:44 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000000040)=0xe8) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$BLKPG(r2, 0x1269, &(0x7f00000001c0)={0x2, 0x0, 0x87, &(0x7f0000000540)="e5bc1e63ed86caf2c8dceb4662689f70c47b80b639f276b4d9a140f6e3c3c7eb97fe8e568d18b20f473a2cd728ac900dc928f1b8522b99eed7e255cf9e5d307458a175181948bb00ed358b130acc05281ae0bc942a21a99e2b08bddd9d1b323b84780a534a909364b452a066c4917b78469927a2f8db257b2c5bb6d3834b25f9e69b72c8981344"}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='limits\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup(r4) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000680)={0x0, 0x0}, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7569643d206734a0c607326192a3f1bfe8adbd651d5c0c0205489f344ed5168300000000000000", @ANYRESHEX=r6, @ANYBLOB=',\x00']) ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000080)={0x3, @default, r6}) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r7, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") fstat(r7, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r9) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r10) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r11) r12 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r12, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r13 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r13, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") getsockopt$sock_linger(r7, 0x1, 0xd, &(0x7f00000002c0), &(0x7f0000000380)=0x8) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000007c0)=ANY=[@ANYRESDEC=r13, @ANYRES32=r1, @ANYBLOB="02000300", @ANYRES32=r6, @ANYBLOB="02000200", @ANYRES32, @ANYBLOB="0400000000e3000008000b00", @ANYRESOCT, @ANYBLOB="0000a600b74b5ac8fb0ff2ca02efe95bdcced4044c3e87ba0c02c24f7d6b788427581c017259809892b27f9e0d40e877e8b808055840d1a9d5bfb628e7fb26b779582c9045eb07298bb11a462a72000000000000000000", @ANYRES32=r8, @ANYBLOB='\b\x00\b\x00', @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32, @ANYRES16=r8, @ANYRES32=r10, @ANYBLOB, @ANYRES32=r12, @ANYBLOB="08000200", @ANYRES32=r8, @ANYBLOB="10000000000000002000060000000000"], 0x17, 0x0) 02:56:44 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x82040, 0x0) ioctl$PPPIOCGMRU(r2, 0x80047453, &(0x7f00000000c0)) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 340.686803] x86/PAT: syz-executor.3:13360 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:44 executing program 3 (fault-call:8 fault-nth:52): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:44 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1000000, 0x40043, @perf_config_ext={0x34, 0x1ff}, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x80000}, 0xffffffffffffffff, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:44 executing program 2: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r3 = socket$inet(0xa, 0x801, 0x84) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000000c0)={r5, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000580)={r5, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000080)={r5, @in6={{0xa, 0x4e22, 0xc6, @dev={0xfe, 0x80, [], 0x2a}, 0x24}}, 0xfffffffffffffb22, 0x6}, 0x90) [ 340.838595] ntfs: (device loop0): parse_options(): Invalid uid option argument: g4 Æ2a’£ñ¿è­½e\ HŸ4NÕƒ [ 340.882630] x86/PAT: syz-executor.3:13389 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:44 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x825, 0xae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000080)={'filter\x00', 0x4}, 0x68) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/btrfs-control\x00', 0x0, 0x0) ioctl$TCXONC(r1, 0x540a, 0xcb) 02:56:44 executing program 2: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x0, 0x0) r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x22800, 0x0) renameat(r1, &(0x7f00000000c0)='./file0\x00', r2, &(0x7f0000000140)='./file0\x00') ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f0000000040)) [ 340.968135] FAULT_INJECTION: forcing a failure. [ 340.968135] name failslab, interval 1, probability 0, space 0, times 0 02:56:44 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x1) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000100)={0x1378000, 0x1, 0xffffffffffffff81, [], &(0x7f00000000c0)={0x2baa27f6363c1d4f, 0x4, [], @string=&(0x7f0000000040)=0x4}}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="020000000140010000000000200000000000000000000017632c000000000000000075941db6fa5a29efb8e50d0000"], 0x24, 0x0) 02:56:44 executing program 5: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) sendmsg$sock(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000080)="5949c0c019f3f28be8d06efeb5c0a8545d6fd33ca42aa33291255f3fbae1b2b9348732285f40e05d46126de0034521a120a72a60f2259562a277e2201207b06b80a0c8ef3cceaed5f623adbbee1730ab2704d19bb5bfed1df8c4a9d18678199f54fa9f70bcd5d644bc06761abee5e7e9b1eb1d5345a20490f2fabf5527f4a2091beffdc337e2abfdf479b311b85b59ecd11d639f55035b26fbfadfaebcff2921fa301db2531e0e52a5d13a09f8faead4bc7b2aee445a4053", 0xb8}, {&(0x7f0000000140)="66daf5e91e8d5184e2e0d0615fdbfb924f438fad758c08ffe5df0e9558f883e9bf10bd46a25670a40e2a78d1e8cdd9178c1e8d79de02cd9ae306602a6325b1302b86fccf3afea1211912c2e1efc7acc90461ef8016772e", 0x57}, {&(0x7f00000001c0)="b475dbc8c7e7783b903972d97a51c82c33ee93c66e2a2587588428f3ffb9854ac7c09e1fe3e50175294ed785ce7ec76b3e811e0e3aa0161e4ef3d9adc51c0fe67aea6726bc37adcc0fa45923adc06cc9a7c1931232c93c78797970d0cc3e80649fe9e4d14f3b6e5bddf3957b19a66aa7e2632995c529216d12bbee1d7628d6edfedafc68a50398e923d836e8b70fd9bb701e6fdc083cc17c0594f698", 0x9c}], 0x3}, 0x4009) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r5 = socket$inet(0xa, 0x801, 0x84) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000000c0)={r7, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000580)={r7, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000340)={r7, 0x5}, &(0x7f0000000380)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f00000003c0)={r8}, 0x8) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) [ 341.073759] CPU: 0 PID: 13397 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 341.080818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.090789] Call Trace: [ 341.093393] dump_stack+0x138/0x197 [ 341.097044] should_fail.cold+0x10f/0x159 [ 341.101234] should_failslab+0xdb/0x130 [ 341.105226] kmem_cache_alloc+0x2d7/0x780 [ 341.109391] copy_process.part.0+0x444f/0x6a00 [ 341.114009] ? __cleanup_sighand+0x50/0x50 [ 341.118347] ? lock_downgrade+0x6e0/0x6e0 [ 341.122509] _do_fork+0x19e/0xce0 [ 341.126008] ? fork_idle+0x280/0x280 [ 341.129727] ? fput+0xd4/0x150 [ 341.132926] ? SyS_write+0x15e/0x230 [ 341.136651] SyS_clone+0x37/0x50 [ 341.140017] ? sys_vfork+0x30/0x30 [ 341.143561] do_syscall_64+0x1e8/0x640 [ 341.147448] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.152301] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 341.157592] RIP: 0033:0x4598e9 [ 341.160781] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 341.168924] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 341.176195] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 341.183467] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 341.190738] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 341.198009] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 341.356224] x86/PAT: syz-executor.3:13397 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 341.382000] x86/PAT: syz-executor.3:13397 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:44 executing program 4: arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="e7000000550b5cb8ecb375bba680b17fd44041e2b3c77d66b461bba9eea80d05c385ef099afd", @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="02000000010000000000000002f37c93a669b17d84e4c5104938a07db89dac166bc84c22bdd12e16a5159895fde23b22b993eb4a7654056444a36b2b32", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f0000000080)={0x6, [0x0, 0x3, 0xf55, 0x2, 0x3, 0x7fffffff, 0x3, 0x96, 0x3, 0xffffffffffff08c0, 0x4, 0x4, 0x0, 0x7fffffff, 0x40, 0x1000, 0x1, 0x4, 0x101, 0xb47, 0x994d, 0x0, 0x5, 0x4, 0x4, 0x8, 0x3, 0x50ee, 0x0, 0x496, 0x81, 0xfffffffffffff800, 0x3, 0x8, 0x81, 0x6, 0xfffffffffffffe01, 0x7541, 0x2, 0x0, 0x8, 0x3721, 0x101, 0x3b7, 0x1800000, 0xffff, 0x8000, 0xfff], 0xb}) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:44 executing program 3 (fault-call:8 fault-nth:53): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:44 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") setsockopt$inet_group_source_req(r0, 0x0, 0xe5d93f1439c4052d, &(0x7f0000000140)={0x6, {{0x2, 0x4e23, @multicast2}}, {{0x2, 0x4e21, @empty}}}, 0x108) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) 02:56:44 executing program 2: r0 = open(&(0x7f0000000000)='./file0\x00', 0x2002, 0x4) setsockopt$CAIFSO_REQ_PARAM(r0, 0x116, 0x80, &(0x7f0000000080)="dcfa93227ccfc5cfbe7788a49c92cda36c9a49451f341254677dbc895c5610460390609aa77981b3bbb2872822792b3467bb1a9cac42f1642b3faa93ef0763a405ca8a7cc648e46293a490a8f33ea47ac6024edc3857941dc71c6b683c067d9c25246c179cf5393097ad34e70f8d819055feca611125523f3e94a7e192", 0x7d) r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/status\x00', 0x0, 0x0) ioctl$IMCTRLREQ(r2, 0x80044945, &(0x7f0000000140)={0x4006, 0x3, 0xdbf, 0x614}) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000040)) 02:56:44 executing program 1: r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000001c0)='\xe2\x1fe\xce\xc1o\x00', 0x20000, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000100)={0x1, 0x8001}, 0x2) clone(0x1000000, &(0x7f0000000200)="fd39002984b031a96bb3d3e898ab7e55114935e8627e1859ed2dbc092f3d55dfec07d3be1a56ef8296e3782fdb7897a50982451bc82bcc3d401a68df27656ec32e896c2a0c6ea04e97572368f68ad0b8ad637c85e4cacedcbc1cab4918fd82ab5ee830a07a439620d18be3628e6b2273819aa9f5b33b0882a8a2bda939534e5d97b17cb6ca4d526deaa678118fef84dfd24f6caf2a82ca045fdad0301e48101ea4a1", &(0x7f0000000040), &(0x7f0000000080), &(0x7f0000000180)="87de3cd4f7dcf80db5078d013ffd900f41c61994de0434acfb1d64c73ff867a4663a3ad59b6161889a8ac093e18248c3bf3400f1") write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000140)={0x7ffffffff000, 0x10, 0xfa00, {&(0x7f00000000c0)}}, 0x2) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000000), 0x2) socket$pptp(0x18, 0x1, 0x2) 02:56:44 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000080)="03f2afab26ac709477dcde2860f0c38e", 0x10) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:45 executing program 2: r0 = getpgid(0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = open(&(0x7f00000000c0)='./file0\x00', 0x80000, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[], 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000000)) wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x34) tkill(r1, 0x38) ptrace$cont(0x18, r1, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) 02:56:45 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0400"/12, @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000240)) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000080)={0x6, 0x2, 0x9, 0x0, 0x3f}) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = accept4$bt_l2cap(r3, 0x0, &(0x7f0000000180), 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000200)=0xc) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) r5 = syz_open_dev$vbi(&(0x7f0000000100)='/dev/vbi#\x00', 0x0, 0x2) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r5, 0x84, 0xc, &(0x7f0000000140)=0xfd, 0x4) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f00000000c0)) [ 341.613164] x86/PAT: syz-executor.3:13432 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:45 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {0x8, 0x0, r1}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [], {}, [], {0x10, 0x7}, {0x20, 0x4}}, 0x24, 0x0) 02:56:45 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x108) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1000000000000043f302846cf112c427109b3c58fd0020000000000000008316c8455ee24e3e1a142b471937f979e3cf678f53e475462995fe410ed0ca05493644052d909ad2629dbddefb4d2a031e5094f77cd23f0928602cd6f7ccc5e8b0fdc11a5a7253a43e6d6d68226c637f77487ef300d733696a3253f7bdd3f49d5f15cd9872ea"], 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000080)={0xfffffffffffffff7, 0x344206a}, 0x2) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 341.671482] FAULT_INJECTION: forcing a failure. [ 341.671482] name failslab, interval 1, probability 0, space 0, times 0 [ 341.724257] CPU: 1 PID: 13442 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 341.731334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.740706] Call Trace: [ 341.743304] dump_stack+0x138/0x197 [ 341.746945] should_fail.cold+0x10f/0x159 [ 341.751106] should_failslab+0xdb/0x130 [ 341.755091] kmem_cache_alloc+0x2d7/0x780 [ 341.759338] copy_process.part.0+0x444f/0x6a00 [ 341.764040] ? __cleanup_sighand+0x50/0x50 [ 341.768458] ? lock_downgrade+0x6e0/0x6e0 02:56:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="bbf108000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$X25_QBITINCL(r1, 0x106, 0x1, &(0x7f0000000000), 0x4) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r0, 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='fd/4\x00') close(r2) [ 341.772617] _do_fork+0x19e/0xce0 [ 341.776178] ? fork_idle+0x280/0x280 [ 341.778826] ptrace attach of "/root/syz-executor.2"[13457] was attempted by "/root/syz-executor.2"[13458] [ 341.779893] ? fput+0xd4/0x150 [ 341.779905] ? SyS_write+0x15e/0x230 [ 341.779920] SyS_clone+0x37/0x50 [ 341.779929] ? sys_vfork+0x30/0x30 [ 341.779943] do_syscall_64+0x1e8/0x640 [ 341.807410] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.812277] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 341.817470] RIP: 0033:0x4598e9 02:56:45 executing program 5: r0 = syz_open_dev$midi(0x0, 0x0, 0x20a60) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000040)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0xffff) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getgid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getresuid(0x0, 0x0, 0x0) gettid() fstat(0xffffffffffffffff, 0x0) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000002900)) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = accept4(r1, 0x0, 0x0, 0x0) sendmsg(r2, &(0x7f00000028c0)={&(0x7f00000000c0)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x1, 0x4}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000140)="c7e096953865a44287938bfe754b47da3328092a7d302116fb3f45965acc59990d49d7d0d9f0f10a1c027b8fed3ac278c0168e838f9f98db14fa856ee4d2b582e9956184be90853b00c8b0b7aae77327e5f2951d03247b01edc25a21d0b0330324b0bc49a660d6c5e8bfb45506af5d817342d16a3334b8a3b6beba66f323541a5a7c81f4d7bdd53adab844301e85129db07914e52047031549dc9703bf65b12bb69b4f3fe8b4f8cf44302ebdc28b92c119f18c4db2006784f6a419e7184262f52ad8d102b0f23aed13c4af8a9a172ac67be89d95f7366a71b174559fe457916e83e002ece682c72a80e0e98e9b3c57e941f536c038d5e3c47904", 0xfa}, {&(0x7f0000000240)="31ffd6c09b47b5493eb6fdbdb6519e3a529f6039ba02525c348cb23126f2de36901c3d0ebe99b65ebe4c914d508919fc473562ec1cb08c2157625c4a3de5769b088b66bba720fcd22d485256c343c821", 0x50}, {&(0x7f00000002c0)="c938a9e4bc00c5f1487a7e96a87a913de84e68375b060f1adff5504fb7ad97a4a06b24d59bea6165080bb271f0b805b23c470eb2bb3eaac5ab5bb580d4f7b17f5a2539a75ae5bbbc3626ad9dfabb60bd8adb2f1ebf2575b1e0c328d2aca24d1a089dde42416c21e9e109583f58fee490128d2140ad8cae7ad07abae22d77", 0x7e}, {&(0x7f0000000000)="45edfc49c92a3466f7941619edfb9f0da47e9cd705073577faab9aa411e72c40e67dbfcbe2d0f22d9f317d86180e96f3695662", 0x33}, {&(0x7f0000000340)="a8ac290144adaba4527aff09b51e6cab197c35ffd0923a29d2caa3ec56491a08814f903bbf77a97ab3404d199d652982d0be0eede56dce87f4bb780ce2126c7270f993acc06d361b076b0d7934cd7ce79745dd6e61a133a1c45e60cde24961424c84d478f3e1f055c465f278e5687d1d0b5a258caa1b1046a5ee783bfec58cf47e68849ba0acb331c5c8cbcb9d525419bfbf31ca995389799b14bca9f838df20bc85", 0xa2}, {&(0x7f0000000400)="856ee345b020f833433b2763743ae5f983dfa671cac5e685a2183209a9955e5feeb67f57d3e3f75575663065398be1ae0582917f2db53ac5ba1e0304edaa27b39b2c8aac1921899ee3da1b51110efe6bff563c9ec78f26", 0x57}, {&(0x7f0000000480)="b114235c5df40818d927887fb70862fdb5994dc6111a8710a0ce2b4c01b9a85859bfde2cbf99e7bc01a5bb6839e48cb48bb9f5a52f20160917fe93433a00202d5403b1a89c8821c4b8c8eaf13945b8f531ec747c26fdf26d0ddca3b2c3c373837aa54e977ba9b34194da7e60b22a17d613737376b2af83fe2d6482ffa9d6a3b50e6a5be33e88f1507332c19f045d5628e83fbb4dfa36a83719ed6de8c79ecb9ba66f8303faeb40510843d4bea066f8fdd16936037d86d216accb941857543952550659c48a9ca61a8447dcef9a826f047d3b155b074e18f368bc9fe196b393202bdcc1ee0cb5a5b701eca4675d94aa76da3a2b9a48226ffbe91587493f49c4598cfb153ae1aa0d4c70453ba6d267d295ac931e7c9bb6f2eca9ebb5a9c064941178851408a93e91acc1d41318484b83d28dbfb77242d987e35c0e49390410e994e902b4a03fd431fe3557e5110206e2f02082a2e32522a1305bab324054cf755b9ede1675c0d3a896c088dcac68e12f1f9df7da4d670de4dc145e7e6bb7fc441f576304af362a58feb16eb29c9d0e002685cd7848c9ac5679452eabcd8117cac998e2d2680e686dc43f84fae61d941ab233eb4cf1649c1fe11666a3a1a1eac73b4a563daff75f7628db12bd0cfdc0d1565eb02ce56ea5adecbf72bf18ee600e6482e6c0b0fcb30149b931876a7fe907acdfeb0d8b88603f1f5316a84e5f9574cb32602108f2cd91524199357f7c8384ebbc0036fb33648ab4be3b0b222c7580059e55297ddb8a6c72447ccfadfe36cbc477b210f5b6afc0222bef8a4dde026986d77a6ade25dd05118f7530d3d8e8eb04e5fb11b20c3f2a6e9cfde70b7776c9930543de00d72e3b7b58e32ae948b7cd2af4eca4279047e34964ebd4dd66103a88df7b239ae74fcae581cfc6b75043b0cfd94d0833cf4d336ffd45b1ec9cbd3c5429367515d1ea700e422f20e413390dfbb50c5ef96500d57aa1e237bda9911895578182c89a17ddb3bc94c756cbb8c0daafbeccf05f7b5da48c5d1267e3a175dfc1b9946b6d60f6201f8011c4764488f7a43e34bae7a4eb1b37261a4f084b84ad1b63ef0876c8b1476227d449b45893453469639f8fc5e33d1dd5b28dd4b5d6daf215c4c097d97e0efb9b2ba6a49c7afe41b4b130cbf37ed52fe35d65609256f6a038a01dab5c67c20fd057e7e2887844c10215b20094d9ef2716be701d9c417800fa35f25c198c9bb4d8a4ba73490b762723bf7ab6ca1be4670d8deb4edcc846b009f44e6621f3a51d78041d28e9e2c74896ee65746e3226f4cb08cbc839d89ad28ded4808004c68c7e357b3f27eae5cd6cc199a38731bccb9746f74b48894acd9cc821fcc0e9696037d8f9f9ed8b1b58c32cfead57ef4f1123a007e5310d8173db36d031ab87a0f123efaaf76e3c7faac3a025d17c4d93c4fca4e93db400d20d977a6422354692aa0310c37e423fdb798685453a496aac7ae06c975337b93de9b71195afe05edbe50dbe1b04da50c348a1efb336645c63e81bab41906b201fde40165ade4cd3c3706b64edd4f673e36e2aec3297deb7bbad8b71fb77d5654aba4e20b087f92e71b895d963af3a187fe7836f56857e6ce4ad7bffbd030f34faacc50a09b05223d5f6036ba8c2119a13ff8c1feaafe27441f94a8c6e2209270b941b37413437a7fc19b259fe0b3b43ebd95e43ff987326ee966afeece2abc12b3a0b5ccf1c874ee73b0e45eb82b81b389987ef31266b058fb81d75af5b0d9619031afccb639a06475c0d9f150c204dfb16446e73d514e287754c32b966db238f031214fd44888d31c6b6faf61cde93cc32d38700c42f8cf0a0cd7efb6c9fcb855391b30ef6b8149675c765d952df456439c686178d55ba9791c6342c551c384cdee1e8968945c66e5bf937f2a5d8ea9a53b18bb4c52cfe9745e20065728d3145a99d1b63af22e33dee2ac01d30f119b881508819acd63d004f03cea6af0c97b7a143df78d42d6f5c9e602659f6daaf1905f7e816c8e83f86c43be9c1a1e7710417899deaa0665e953f0eb8fa86b99d631bc576575a81d69a7d85a95bc7cf52c3eb8cad79c1314cd22c10a69621836333ad7602f82bbe35856803ed0ad94f4c864928ccd5a345a55757486f483df92a0a9261f1540246bc65941c8a4ba8a9b9eb23f528eef3d9db6ef5bab771e151b0f0ebc4bbb884763548d90dbe363ea6295168fb0573d1bd98ed2879b778e8e7ab245870805066e5f735ca25cf5b0a5060b94f6096b7c314f6abcb81712b9a819be3007f07ba02d6e98b5b00e265a6b6baf831ce25adea1bbf989a56a58ea7a268badc2ee255ad09df6e1e4ab22344fa3ef37f92e62809fba2220e0d2ec380ffdfe06980f705dd3081477849a1c6b526ea7d691c42b653acbbbff23929cec815daef3ef3bc35b958220c20b0fa20dffbf447b14c75fe5088f38f3046f95895d04f4a575ae332e83e15ea4e2bcdb995567e0ff8a78fb34a5f943b98d3acbf1c73633c1269137cb817979ea1e3a6914164f4ce25c9b3359baa42d627ee0a9576ec95833967e4c1621ac871d9f4a7aa2da27ceb0c3893c84fc36d60571ef930fe59eec2d9483c2beed73d410aae2912767ef0ae3f554bf3ea6d3d5333593adb8b485b770dadd46bdca59c7bf7fe3ad806be009ef5257c4c328008a04245f6ff443a72edcbc8cee9dd771c50660952021e6337cc5c9f3dd90dc1a04525841415028a6e68b9f5ba738db49343f8323973dfc94cbec24227804b939eed30a03c479fafc14e2ee4d107e35233f191f29e9c5bf96b847c5a676b58ac860026e0ce3b21e9a485a8395612c49d8942930efd98652d97e08e26c3c750478ab44a7475c484347f73f7d0ce489b89e6587772a55ea69d777ab5a053b3e316bcc69d6aee3d5aded810939c211dc77244b06bd149d254d9a0711fe6e1a602aefcf492708ac92d80d61a610f30bf867558c5643429d2803ad037eba62ddf71843e948979e6671ba079931020b94e4aa6c2d16fcd94d37535237f7c269cc845b8149226bf701c29b7befc63b0de00c267d8d1be008c25a56d9bdbe8c13c9097666434da2d823af9c987803cdcef94cf04f77a6af4ef2e656343bdd950bd7d8884605ec5696dc4057bac5d3dca0c3a57252ee9ee1315e2fe5a97f30c5492bb23a2face584781363ec4b447b35ea00475280aa45ae914133560dd14289e61501e76cf975fc1c27e98350df171853c90f7e19ef30dec3b3aeb7eb1e8804a9721f55739d89191416d74717cb67e71d61d1c1512dd87979bbe295f26895d099a8196bb0185075529dfa29413f7dc0319d9e428894b10503a202f9b80dec1e0c27b1f1ab0e19910e33645e376f2910f22d5e70912d078300b37cc007eaf6cd36644f88d8cfacf7a531bc00ac86ce750e7fee31e29ee86de599dbea692bb34f7892dc42fd82ff0a7317a8f9420652424fd2b77c4b77ed2f34ff8b9fa67c6d588d0d9f20c582ac3a5c06a66b0ea415badcc8a132500585d00416482160aa172aa164eca5fd5612fe5125a2d714863cbdb3e70323ff350d7aa59afa9768100d6e137bdd6257d20387efe16ada3c99719d301ef14b1cac7c99945a237e4e3d0439915783486cecfa34a33daeabccce0dd61528a742948dbdb302d9d66dff5f900d5ed3eb9a22549ce45c2bd97ddd4dec2b32c5f2f100d9483f4fd8f0d4a84a21e9fca6a216edcd3bf9624be649f1f88bf80296df4f57328643e7f99d3cd6e3c92e4c315eca3dfb04b566d66169421023b9de12dc74d4de8cc094ca7e5608be843c906fa9de002bc6f1197771e94c103ca65b70fa31cf54c641a89c1a56fcc1c1b41f47eafa65930e8c95a5ba9339d87f79ec71b70c4ddb7f8688945af9a305677e876124237b73717cd1c7b1c41127e5240bae8b693318361bc0ac7c7b95d2134f87bd5d6a674dd8e59d5436930f6cdedb67606b2cd9fd825179d6389f15192f7c7509a7385108021376d5b1dd43211aa5fd36cad5370bce2b93d323582bfd935601c762d6ef791235c766c521b17b957b0ea5256b4467032d268f81e74f1fd6d24134ad5eea76d66466395c40b4bf6274b30b24bb061eacffad1103d1687afd356a22eb53ece14b9a5abe40b5073ecbe7901df2b0f715747d70496b54d2d7e1bc62f87d8c8c2454de5e8ff4c096867eb6da2eb13272b231c9931b712af7392e49cd0d62a540e9e5d5750cfb52c526d2b4e27eb77c286c170f401266c17d2fa5b5dd3cfa90dbf9d324b744950680717b75fe769206c163e05616adb21bf0c4775db6e7f188ec3223aa3269a5bf82e71563223e39a8e1557d0ce529f3dd0f7dc46be8078030af8538df57204246432ad40b45173bf73dd6d8072abff612885a4cbb09e9dcc72c4a09205135aa37de67ba463d05ea620cfcf3b7cfc1fd2d32bee9a8f7eb087c3e47eef30f9069be81c0bd06f13280c90a670f6abe8ab7aa7eb8f9f4cc365491a80052503d5cbcd09f7550125d126480e1aa944e74302c4014984b29bb7bb7140493fad1a94ac648a1be03138254ea7e66d463a3b74e649d0ab76f7a5c7c459e00aeac941579656223823131dfad5dbad8c62dcdce1249d2358f541ee54048f4772d227de5a27ca8d1a1e984c7bab0ce6e67ba68ef369b9ec405ae0be4a75492328755f9cd8896fe2b2c6ad3ceb119c0dcb273cb474dbfa281449c34aa0c399f3cf0e113b19fbc2cb58ef6b1dda013cd0c2e0bc074b219e54baaa95c6c693ab76aae53aacedc8307396d7f576a95530fe06365caccceb1400af2b742039b6f52afe4e2910b06550d9a109a51086318e17ac19867c9472f7ed8b03c3210986bd1d20d7b85407068facc985df62b970c8b9c762ce52360b4e7cd33cc52d9bfe953faf3df5bb43952ddbbaa145acfe0e7fc7c08c020602b3215687790444830b2d4f43c39cadd138f185c6d2c238681374bbdacae5aa5194bcddc20b79c53cb01499b2361878b0fc851100076e43cd8f0400aecaa92c751f64e80b35d4b7c45463df3c24618f8e3f6312443bb883a96d9c7456350e8143fb28e375a7638e030565aa9c288e9d8439f84c853f87eb36288620c53ff22251761395c5b44d4edd730efc6e052c30509b99957c620a7d3fe6ffb1b4a056a5780f873cbb1ca363f5b1d3f42030e9733728d34271f55d9813d4451a72cf1c7baffe3658a5e7c83588893c767b3a0f0870c8d73a9adbc82494c8fa9a8ab14a5443682f055195367e0075f39d6a6977d1bce97934f877a0957c422f550eeabaf1db167849ca5520c46d75d26436afbcfb1cae9b3d6257e8177c8f9bd3c03a7f85594be0dd05661f95adb13e04c0ffdebb662e9ea422c3215afb74ce2f42f72d5b7b750dce95c293260f4ecf5d304bd54dd8d9a980c83c7e09f66c3ac125766fd665c8100e994bd18057f34da75f2f766627aa1d510698b56e53deb2e20d78f56fc2115d4131d72ddbffc57008f2ed1e5c4a1c033da46e00b8e9ea69f56804841f9a0a87e9f05d2054f2791a2837043d3f2ee7f24a0368499e7591bfaf2b6ce56e4f2140e78c45300e6badc8041883fa267762c98f3810f5a236c56a0f6737315a2a1f1d91e530929eb8403f958fc55e382c83ebb5dd471befc33173f9c3b70634ccc0ea18506c97ea5c716d1da327fb7b572be019537f65b6f5fb9d8e7dcd2c516e149c26412588f19e29acccab889e768bd8f8ba52e4c8c916666b05778f5204c6a4ab61e0e7f0cd5980b46d6d48b260f09950b86feb6f91347f068fe94251e7f0fa302109cc8", 0x1000}, {&(0x7f0000001480)="3bb8e94b214311f574dd6e16b7449a3ccbf286244c9d7fad477ef6c806de21e7878652825e1b65c47225d48a02aeb6b03c61ed3ac19836bbef40e638915c50d5db99629c984025f0d1ccc15a8e0d9b29efd7", 0x52}, {&(0x7f0000001500)="5812a47cb77e166f65ca3db3c5bd7b9fa6998477dc62704207626e1de8d441ab65bac9b089f43756fd31545b1c814837791e5b3b48a03efbdd285b801e445d66ad647a3b0a6c280ab0191a735942abd3a3d5d90036c0dae0", 0x58}, {&(0x7f0000001580)="18befecbfa3ab698d7496012ba4fe40326218b88cd5ad2a454f36f2195a2dba98b4277df5dce1eeaaee4a4f9962c94f0a03d56eef611eee4fd993e9818d6d1f78d5c348183a8d8778e32b1d90afdd1706e34d3fa64d6e969c379288e1e3fd80a0f78bc904476d8d0024534cf0f121fad1d1702840f02ff68988aab28ddb5966dc97bb6c45716d2b5a15c81febc62a3a3a61066ab8f9e26d154fcc3ad1830c31482edf1c89aff9da6f1bb617f72938cd00364c9fd3abbd2b47a8d20096c54a2b56cd49d4dd19bc8ae588af9d44e0204b96fad17a62670077afc8acfd443e59bd8f3b29dc98a301ac7d9", 0xe9}], 0xa, &(0x7f0000001740)=ANY=[@ANYBLOB="f80000000000000013010000000000009edb40f1c1f10a3514660f1101b796e9e879fa14dbc605986a59463e6e62b1e331cbca6f6cdebc3aa31d94ff9d70fbc37d7247794a8026dea3e33fccc3e0965ca60cb815b79260ab303d78c65142defd8583a00816be9ee8c9688fb438391b96782369a835795c8a495611a5bf7bb8332b288c801e382273d6da304577ac34675ba874805ca178865d7490f7a45c6d491eb6992a35b24da2b3a05042eb662068c1285a38f8cfaa930ba4a48bc90faecad364998bbd2983ffcc6b39120cacf411845fd118c30cd058c28a89159bba681a32715527e88e3b2a3cbf56fc6837603ad42d140000000000100000000000000034020000070000002800000000000000f6d4aaa37f0000009a1df2af568b2fbefbd2e1afb89b3b0dc64ae93d1c3d35233800000000000000130100000000000003216c9e3218572466cb78bccc370c1db1425672dca6fde741a57a275ad1661335c3c6d0add300001010000000000000060000008a980000a7b6a6c7338aeeefd2f3e0d93523f81a7c83acd5dede00911f0c269b492123f9e1aeb54dba8e149597e34cffa10aadf19219c3b362860993406be35c4eb20106aadbffe821d3ebc3deae9a73026536c94018c8df9e0862b3787143fcf3b7cb9533937788fb7d89e47cf756b82fe02ae3b9ed6fc40e98189a2200a4dd9933dc7ffb05a6f383ae123bed0196562cd15e25a7585081087776662e80f37e90db91f5a83c64631fea35a75712a7f41aa66f0caf78595b0113a3b2f678a5bb275e04f9419c92981fb34a80499498bf1f383f20f7a5d098e5c162aba328ec3cfb4606087626caf5eef0fc9383a6115a90f58e5b2cd9aa8d6e71fe150af9ada705f7b4d006c23a1585ea03011105582d5b3946586a1210ed06a1eda0d204bfab49a101b55520a041d47c4ffb559d7f6d1493a249d88492f41a7d6eabf23eef0515589d0d9dc2563c7ab4c9e790c6ee836565709fef73438e9c5a0d065a57d1031b38de92548a6eda855e831ae6a49ad07d11efee090a6ea8ce7329be4cd7a0ca398b82a369176100bcb3f585e441b63d08cfe62a21afa5f6356e1532a3ae29f18f24a008b9b3fcf50dd286243002e48c0a4d0515f475a89d762b962ab8dc71780ddeb340647202e2709ccd0bcc29e9fbe20fec40237d5be99487eaabbb1ec1acbba13df1611302b970251e8ea25e0baf9d2cdac07fe97c192cf8a11d7f1741463710d4024fbedd82754eb4fc2da5169f575b83e48f01941bc43d853f0ed750416a78777b7ceb51aadfaaca19013f2ac2ccb63f33cdad45060d4d381b3262ba31b06b067eefd66bd39a94a5c97c595124c8db294ae1a2363e87e4dbe6c5c30c4c04b8371755953a77188a49e0fa3a30072614525b16005f4db985f0a3260c3fe4f2a00bd19cbe582936e309c1a198d741d5e67c14bc2dcac487c54635f0c79e05ef09d690052097c7ca2131f3e13d222c56c5eee12182939afe6f85ff9674fed744d5e339a86cfda41aff1012220f95a05838c16c2dd436117b8937ef0b7006832fbf8ee846ca71de98a7c2d8ac5174ee7d19c7e549b2940b31e78b4c0e95dc9c8a2f2183fde34c9b03619ff92f260c5beda71d847aa819de951801aa74d3603efe5c54c480219ab3ce0fbecfd3a6976f7aaa996e214d84376c42556d41ee7c2509d2beb65a97a333f709e0bcc144bc4b263fc632589963da4499aab0c22a00561b7cac300c1bb7bb288be5edeb1df168864a11a12965834119062a1ce4b9e579a928c9a87bb64133c908814540a67a547894e9e3552eb372a7a48efcff909dec9a72f419d71369447950acd7fbdf4b036a5fa8c50449af3321d8288b4ab3403d643557426b8f5c18f981896ca331447be934c4ec431714cc1743be5deac2dacf2cdbdc2a848fd4f3c4700e1b30c2ae0f5315e9b098ecc0a74dadda6587d64303121e21819846a8a2ddb80cbc4ef322e6ea904416f8a580c3c79a8c58d5a19e1939a0e781f77d8b897b6324cdd35ece434eea9d7842db0b2f3bb9ba79ed95535211b79bfa812306f45c8ad1f8cc4d9d1952e4933da0d7b1cf2c99275fd3028af45bfb4116f0361cd829f895d855d9c958b29e603b32a1367bf9aecaf4c43c5f5ce1fdc68d8d7b1063ebe31f2c5c0f7cb12fe85c9655c1bd4e810223b3a7fbd82bbf7e13d9b9c1014e074c6d0a5550b565c8c4bdd5bc0d52f0295537729b082c4fbba177fe5b3fc0c8be6ab822c67aba6752b6916d42cadd159ee925b079e315361cf40560ab9b404aaf21045ff6c104afb5a9ef99574e535bb80ba5ffe2cec79e1829a6efd130b38bc87fa1bca2a9029ac800ff43032ce1a61163b7a3304dcb66bccec9ed83f6499ac3d8acae686a41f752fa0d14562e8e0612b2522f3edae2fe02ddd3e343b3baa3d7fe9167ca6183d16cd89ce5ad162f37dce8d7df8da8e9284874689020ec73b530cc925785df5e779b7880bcbf0915b1f12aa30aabb617c8b40763e05dcc55058bb77d9e9a5cabda067a6ce7da11b27ca54151601bd8358583ed9fb62ef8f4b55861bee4f86446ff6a86b16c721d9b46e7b2fc303555a7d1e275f4caf074c97a7b0e4223908d70b299cc43a164de80d9cee9869ddbabf4638f1b5f0d2484fea71d1f2f6557f3378dcb05d85a8e5f0ee7ef3d1e04f094ae9e21aac3c6acc093cdac65e2a0df2dd231fec1eeaa398063d463f00beb6fe3e766d020436bd36044da289bcf5bd474c9b49b80bb0d0497c261de8135977042396ed22e2591a42b21537621cd83f2ede93513ec8d6bd0035b0851b163183d0e6596f08e5a352b55b90defe8a426d3b08fd3b88d8a6036a1b03a4fbd2467f823f9981882fa773a4a93901515f877697af966b3517fa5bc69fc90bf45306a33eeafbc91a275ed0be1060f0776391daeb8f2886a172b3f8de0c8204e7fc192e78259a2fbac9da2a28ef6c43e7d8a520affae5a7043b1276b27efc2294602075fefe952b06059d01c75416bbded16e2ad575d234cebb1b4cee2d37fa941d2d7602f1ff70bdede911b90ae16335d487355a6fa7763df807fd4feb1bc22e4d77ea80b7d8dd376c04aeaf949223f1c12d166294a391d618e8635b075e3c34d4b493eeaabe5a9a0e166a944e27283e3e12b5975f2ef17c1c77ce0f887da5e1b20b052b98c025ebadc5f9c838f2387f26d06c23fa82e97f0d15e610cfcca70a78cd5739e174ca1827a0d577f3b7313fc6b8dd23a1b4b93259751a6c951a642674536524b78fc438635c259760cd38e51acfbccb7bf1b952e8723043a19e3f7de56c7c697e03afcd2a74b2c0095f9ece1d7467246faf41b7b695cacb740e7efe287360822c76261d3240ef4c02d7b7aa6e49d630acaf0cc1c4834e2cef2e7ac0f4e31bbe3dde111eca1e0adc2972be06825ca3ba72e8a7dbd4a51afb7d695c8308d7dc9fc77dcec58a970f39d792dcb6407670b19be165a171724286ad3170cc6b9ee7d5a8dd9547c6fb30a33579302f2b2a23d757776eb81fa70c6b82bd1afa1e7d2bf0714149adb88743d73c5343f41bc00de25eb8ac34d6515e0ff58f21393deddeaa9a6794edb5ba4bea6e62465400260493d53b2cd5c907ea519e11af44894dcd00ca9ed79b8b73c7cc71cc7c710eb37243c808ce9d0f205c6b47e5e85f26ae90a324eafa9ef63b278bd4708cb9c042977566b99c88733ddeddd3be5b61148d06a6bde127715f3a4a7404855fde759f0b002887ab4e179e078f051ecc0ab11188c12c75b92410a5316e9ddf95de52cfce9ad6b48f83c2c2fc075e3e6aba2fa0d4d944929371a5fede0a57b15125282987d7757e8209e7f1498e360a273ce6b6657f56b6e77b3e733996ad5910422a96746da7ed9c406313d95deb201d4d5c913d25c6c8354ca13160074ce5f2ff8153c78b97f77f31a5b5c72ef30e71817bf640b5bb2bf0083984f0f2922970e2665440634e2c3dadd6190543489aa71b189404af423fc52aec33ac2878b64fdd674ed51c2fcc0ae4135973403a17ae2e8c13ef1b03edf47c52f8e8955d80650f3f92c29b260e69f7b4dc5be7488b8b0587178c88fa20d1b42958a5d28504ee2219e1b0a85b671380f66996df8e68bbd421eac3b29ffcb00eaa4d35785c4e03e6da6ddd04c2e5c8919640e8d2fccd5d8b4acf394cae8681b9f88592f566ed0c782e96c53488964a5a1770ca4208c6bf89a888bba44dab8bc44ad73d5c55eda48586bcf7121e5388bbfe8ca028c5182a05354644a24bc8fc666e6df002d099369faa005ba01e7ea409f1cc2cdd70a978fbd75de39f0966cd09c8b4ff9ec1cfb4b1f7ecb7eca720cd618a8c0bae3402e5dc814e29f940e374049906cc4acc88b9d2454c6b6c26b0f7e4d1e8af2ee593b06e5a834f565d6969c36b5720bf937e1bc9fe89f63dd3b022cacdb108ee148eb992ed0e3d5d02bafc1fb1f0c6ca599eef8b2b9bbb61b416f6aacc03ba43e43459776fe6f28b3733029f04be36189c0ae9ba97a43e8bcb5e89cf3f06b88d6e349d2a856b10f1efbd84cedccddccd5389872ddde24490063b0f04f7d75366b3b25e1105253d8315a017a99451e4ced758a52528b398e42be8f993524256426b21f855970f7e2387d775bd43840b9c5f9ee485634037a9512feb4df85af68cd4f3d12b66cb4ccf295a655e314b5356408ed9a032b1f04a08cfc6849ed1de91255f25690d8b60a4fb123335a8e8fc9b786d6c0ea38e9c0be4b422b90744551062f5bbd1d6ed33d7187264a77ae9c61673727232346c0d991641fffc14d88331b2220ee74ddcab0f79328613ce04ff87c03f4fb169c3c86c4fcea39b1785712fe73d718b893068d228c7440f54f0a9f82f303b0d918941e2ee683c330a3411b0c635031247421725f887fe60304a3975de76cf3279bfcaecc8279c160dc333dccd4806370049b5399b38a52548de8f0e456a6b3eb0d7ff286d9da9e86b91e46802c5dd98ea39311e133b317327833cd71fec7628e0ebf793e097caa2807f08c2c37404310940790dea4a02d80b55d6415c0e308fa1e8854554bc5fcc4b3dc381ed15b352468d0c07cad311cf4b4e5b7729d0f37304994fab7c386e99135d7e83586f7f8a522c4a8a9884dce7d121498a56b7a7f79ad343a24508754530b1797016cf2280b0e8760f65431f70958dd45a9f95c1184e0ad663c468d147e372c6f774782be6d2272542f85b6ce79dfd61f27e1126b26efd3501e8e50210881ec2ef449aac61be896e23db9d8721c6ca926c34059b508bb115827d294781ee4c0427ffc4b492f29c8a989dc115a094c76620dafaa508f1fc69672a61f30eb43869aa99f0cc2f55b782bb3c17e19e1cb519445ef54114dbfcd845cc4943dd7e113dc47b4e6831877aab369a991528d72da98e3dd475f3fe8e0f55cbc71756619273a433909e36bab0fd7d2ca813138e995ec8a72a98d9026e36a069bf91e927f063743ac2c52f5bfe3ca1fdc28ad9cb1bb31582d682f751d9c59bba73d2d542d7ae1e8e37d30ec2e7926cfcaa56b6909407c9fee07f6532a1227edf2bc7ae42742f09a9c50ede93beafd185f79e7a30e01e3f54e086cf757e330a071b14642bf30dc4f829f2fd9f92d45d844d8c8cfa5e253661b6dcd0cdcc228465db89ac0a59fc549e42ecd93d26c08eb5034d0596ddd3d4574f861e56bb08da67415c2d3615e75d5e5c763e496ade823e6e6157ff5e2098ead50e5da8a7aa6113784aebc23e75df8952178866e312c0cdcaa98417a7870c4b4a70d1f15257635e36af12fc1afa66d6441b764db3b7aa8e70fc5034e0a0b90eaedf5f1eb9e95b1ac6907eb562f1518e84c38312437c49eb9b22c97c54c78350a0eba60b53921d39c8651b48c3de769997179c37dae7bfe5cd5bde3b2918fa2cceb774f7582ce7295c7691f45415f4dfb242c5e24ea8fd41e0fb12ec9dfb58eaad480367e35a1c09e490b1c7bf6366aec46ad8ebb008cb9ed402e595757d648c90219dd0e33519560992cd3e63de3c0584378dc933cb87c7754c2f39deb49bfa5f5b3ae4039a84f7864b20885dd5484c832658458bfdf135d428fa1a9818557e850ee52b8e7cb777307ef966c24d75238746bce716cb75feaa9a11a6649aa9d514a293397c759fea055c87c02bcf86d10fdd737e8bfaf52463d743ea623bd5618b5d1d72a72ae20c718fa0889e9b3ab9dace251691651572fc64bd33cea75056df999f8fea8938833f68a0daaa2942c1c8d27310b68a3ca65ee13c38e2521c5b0f9b162a4720b386fd23bd70bedd4c9abb057225e4c5499f3c6ff52b432"], 0x1178}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) close(r3) 02:56:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x4) sendmsg$nl_route(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f000000b000)={&(0x7f000002c000)=ANY=[@ANYRES32, @ANYRES32=0x0], 0x2}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) [ 341.820654] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 341.828379] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 341.828387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 341.843114] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 341.850394] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 341.857673] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:45 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x8) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) [ 341.882128] x86/PAT: syz-executor.3:13432 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 341.891407] x86/PAT: syz-executor.3:13432 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:45 executing program 3 (fault-call:8 fault-nth:54): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:45 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") socket$key(0xf, 0x3, 0x2) r1 = socket$inet(0x10, 0x2, 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="240000005e0007031dfffd946f610500070000001d0000007a000000421ba3a20400ff7e", 0x24}], 0x1}, 0x0) r2 = add_key(&(0x7f0000000180)='syzkaller\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)='H!#', 0x3, 0x0) request_key(&(0x7f0000000080)='trusted\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000140)=':$lo(\x00', r2) 02:56:45 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x400, 0x200200) bind$bt_sco(r1, &(0x7f00000000c0)={0x1f, {0x6, 0x5, 0x100000001, 0x80000000, 0x3, 0xb0}}, 0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00{\xe5\x80 \x00', 0x10002803}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x7) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1023000000000000200000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) dup3(r0, r1, 0xdc57c2764b95dafa) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x80000, 0x0) 02:56:45 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$TCSETXF(r0, 0x5434, &(0x7f0000000040)={0x40, 0x2, [0x8, 0x81, 0xb36, 0x31, 0x8001], 0x3}) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x9) getsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000100)=0x2, &(0x7f0000000140)=0x4) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000004000000000000f800"/36], 0x24, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @mss={0x2, 0x400}, @mss={0x2, 0x80000001}], 0x3) 02:56:45 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x4000, 0x0) getsockopt$inet6_dccp_int(r0, 0x21, 0x10, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {0x8, 0x0, 0xee00}], {0x10, 0x5}}, 0x44, 0x0) ioctl$VIDIOC_S_EDID(r2, 0xc0285629, &(0x7f00000000c0)={0x0, 0x0, 0xffffffffffff8001, [], &(0x7f0000000080)=0x3}) 02:56:45 executing program 0: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480), 0x24, 0x0) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) [ 342.121991] x86/PAT: syz-executor.3:13493 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 342.157629] FAULT_INJECTION: forcing a failure. [ 342.157629] name failslab, interval 1, probability 0, space 0, times 0 [ 342.172411] CPU: 0 PID: 13493 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 342.179577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.189109] Call Trace: [ 342.191710] dump_stack+0x138/0x197 [ 342.195443] should_fail.cold+0x10f/0x159 [ 342.199615] should_failslab+0xdb/0x130 [ 342.203590] kmem_cache_alloc+0x2d7/0x780 [ 342.207933] ptlock_alloc+0x20/0x70 [ 342.211556] pte_alloc_one+0x60/0x100 [ 342.215380] __pte_alloc+0x2a/0x2d0 [ 342.219104] copy_page_range+0x11ba/0x1bd0 [ 342.223489] ? anon_vma_fork+0x358/0x4d0 [ 342.227558] ? __pmd_alloc+0x410/0x410 [ 342.231438] copy_process.part.0+0x4764/0x6a00 [ 342.236303] ? __cleanup_sighand+0x50/0x50 [ 342.240535] ? lock_downgrade+0x6e0/0x6e0 [ 342.244889] _do_fork+0x19e/0xce0 [ 342.248458] ? fork_idle+0x280/0x280 [ 342.252286] ? fput+0xd4/0x150 [ 342.255483] ? SyS_write+0x15e/0x230 [ 342.259191] SyS_clone+0x37/0x50 [ 342.262547] ? sys_vfork+0x30/0x30 [ 342.266587] do_syscall_64+0x1e8/0x640 [ 342.270478] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.275318] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 342.280507] RIP: 0033:0x4598e9 [ 342.283683] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 342.291376] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 342.298761] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 342.306027] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 342.313292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 02:56:45 executing program 5: r0 = syz_open_dev$midi(0x0, 0x0, 0x20a60) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000040)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0xffff) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getgid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) getresuid(0x0, 0x0, 0x0) gettid() fstat(0xffffffffffffffff, 0x0) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000002900)) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = accept4(r1, 0x0, 0x0, 0x0) sendmsg(r2, &(0x7f00000028c0)={&(0x7f00000000c0)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x1, 0x4}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000140)="c7e096953865a44287938bfe754b47da3328092a7d302116fb3f45965acc59990d49d7d0d9f0f10a1c027b8fed3ac278c0168e838f9f98db14fa856ee4d2b582e9956184be90853b00c8b0b7aae77327e5f2951d03247b01edc25a21d0b0330324b0bc49a660d6c5e8bfb45506af5d817342d16a3334b8a3b6beba66f323541a5a7c81f4d7bdd53adab844301e85129db07914e52047031549dc9703bf65b12bb69b4f3fe8b4f8cf44302ebdc28b92c119f18c4db2006784f6a419e7184262f52ad8d102b0f23aed13c4af8a9a172ac67be89d95f7366a71b174559fe457916e83e002ece682c72a80e0e98e9b3c57e941f536c038d5e3c47904", 0xfa}, {&(0x7f0000000240)="31ffd6c09b47b5493eb6fdbdb6519e3a529f6039ba02525c348cb23126f2de36901c3d0ebe99b65ebe4c914d508919fc473562ec1cb08c2157625c4a3de5769b088b66bba720fcd22d485256c343c821", 0x50}, {&(0x7f00000002c0)="c938a9e4bc00c5f1487a7e96a87a913de84e68375b060f1adff5504fb7ad97a4a06b24d59bea6165080bb271f0b805b23c470eb2bb3eaac5ab5bb580d4f7b17f5a2539a75ae5bbbc3626ad9dfabb60bd8adb2f1ebf2575b1e0c328d2aca24d1a089dde42416c21e9e109583f58fee490128d2140ad8cae7ad07abae22d77", 0x7e}, {&(0x7f0000000000)="45edfc49c92a3466f7941619edfb9f0da47e9cd705073577faab9aa411e72c40e67dbfcbe2d0f22d9f317d86180e96f3695662", 0x33}, {&(0x7f0000000340)="a8ac290144adaba4527aff09b51e6cab197c35ffd0923a29d2caa3ec56491a08814f903bbf77a97ab3404d199d652982d0be0eede56dce87f4bb780ce2126c7270f993acc06d361b076b0d7934cd7ce79745dd6e61a133a1c45e60cde24961424c84d478f3e1f055c465f278e5687d1d0b5a258caa1b1046a5ee783bfec58cf47e68849ba0acb331c5c8cbcb9d525419bfbf31ca995389799b14bca9f838df20bc85", 0xa2}, {&(0x7f0000000400)="856ee345b020f833433b2763743ae5f983dfa671cac5e685a2183209a9955e5feeb67f57d3e3f75575663065398be1ae0582917f2db53ac5ba1e0304edaa27b39b2c8aac1921899ee3da1b51110efe6bff563c9ec78f26", 0x57}, {&(0x7f0000000480)="b114235c5df40818d927887fb70862fdb5994dc6111a8710a0ce2b4c01b9a85859bfde2cbf99e7bc01a5bb6839e48cb48bb9f5a52f20160917fe93433a00202d5403b1a89c8821c4b8c8eaf13945b8f531ec747c26fdf26d0ddca3b2c3c373837aa54e977ba9b34194da7e60b22a17d613737376b2af83fe2d6482ffa9d6a3b50e6a5be33e88f1507332c19f045d5628e83fbb4dfa36a83719ed6de8c79ecb9ba66f8303faeb40510843d4bea066f8fdd16936037d86d216accb941857543952550659c48a9ca61a8447dcef9a826f047d3b155b074e18f368bc9fe196b393202bdcc1ee0cb5a5b701eca4675d94aa76da3a2b9a48226ffbe91587493f49c4598cfb153ae1aa0d4c70453ba6d267d295ac931e7c9bb6f2eca9ebb5a9c064941178851408a93e91acc1d41318484b83d28dbfb77242d987e35c0e49390410e994e902b4a03fd431fe3557e5110206e2f02082a2e32522a1305bab324054cf755b9ede1675c0d3a896c088dcac68e12f1f9df7da4d670de4dc145e7e6bb7fc441f576304af362a58feb16eb29c9d0e002685cd7848c9ac5679452eabcd8117cac998e2d2680e686dc43f84fae61d941ab233eb4cf1649c1fe11666a3a1a1eac73b4a563daff75f7628db12bd0cfdc0d1565eb02ce56ea5adecbf72bf18ee600e6482e6c0b0fcb30149b931876a7fe907acdfeb0d8b88603f1f5316a84e5f9574cb32602108f2cd91524199357f7c8384ebbc0036fb33648ab4be3b0b222c7580059e55297ddb8a6c72447ccfadfe36cbc477b210f5b6afc0222bef8a4dde026986d77a6ade25dd05118f7530d3d8e8eb04e5fb11b20c3f2a6e9cfde70b7776c9930543de00d72e3b7b58e32ae948b7cd2af4eca4279047e34964ebd4dd66103a88df7b239ae74fcae581cfc6b75043b0cfd94d0833cf4d336ffd45b1ec9cbd3c5429367515d1ea700e422f20e413390dfbb50c5ef96500d57aa1e237bda9911895578182c89a17ddb3bc94c756cbb8c0daafbeccf05f7b5da48c5d1267e3a175dfc1b9946b6d60f6201f8011c4764488f7a43e34bae7a4eb1b37261a4f084b84ad1b63ef0876c8b1476227d449b45893453469639f8fc5e33d1dd5b28dd4b5d6daf215c4c097d97e0efb9b2ba6a49c7afe41b4b130cbf37ed52fe35d65609256f6a038a01dab5c67c20fd057e7e2887844c10215b20094d9ef2716be701d9c417800fa35f25c198c9bb4d8a4ba73490b762723bf7ab6ca1be4670d8deb4edcc846b009f44e6621f3a51d78041d28e9e2c74896ee65746e3226f4cb08cbc839d89ad28ded4808004c68c7e357b3f27eae5cd6cc199a38731bccb9746f74b48894acd9cc821fcc0e9696037d8f9f9ed8b1b58c32cfead57ef4f1123a007e5310d8173db36d031ab87a0f123efaaf76e3c7faac3a025d17c4d93c4fca4e93db400d20d977a6422354692aa0310c37e423fdb798685453a496aac7ae06c975337b93de9b71195afe05edbe50dbe1b04da50c348a1efb336645c63e81bab41906b201fde40165ade4cd3c3706b64edd4f673e36e2aec3297deb7bbad8b71fb77d5654aba4e20b087f92e71b895d963af3a187fe7836f56857e6ce4ad7bffbd030f34faacc50a09b05223d5f6036ba8c2119a13ff8c1feaafe27441f94a8c6e2209270b941b37413437a7fc19b259fe0b3b43ebd95e43ff987326ee966afeece2abc12b3a0b5ccf1c874ee73b0e45eb82b81b389987ef31266b058fb81d75af5b0d9619031afccb639a06475c0d9f150c204dfb16446e73d514e287754c32b966db238f031214fd44888d31c6b6faf61cde93cc32d38700c42f8cf0a0cd7efb6c9fcb855391b30ef6b8149675c765d952df456439c686178d55ba9791c6342c551c384cdee1e8968945c66e5bf937f2a5d8ea9a53b18bb4c52cfe9745e20065728d3145a99d1b63af22e33dee2ac01d30f119b881508819acd63d004f03cea6af0c97b7a143df78d42d6f5c9e602659f6daaf1905f7e816c8e83f86c43be9c1a1e7710417899deaa0665e953f0eb8fa86b99d631bc576575a81d69a7d85a95bc7cf52c3eb8cad79c1314cd22c10a69621836333ad7602f82bbe35856803ed0ad94f4c864928ccd5a345a55757486f483df92a0a9261f1540246bc65941c8a4ba8a9b9eb23f528eef3d9db6ef5bab771e151b0f0ebc4bbb884763548d90dbe363ea6295168fb0573d1bd98ed2879b778e8e7ab245870805066e5f735ca25cf5b0a5060b94f6096b7c314f6abcb81712b9a819be3007f07ba02d6e98b5b00e265a6b6baf831ce25adea1bbf989a56a58ea7a268badc2ee255ad09df6e1e4ab22344fa3ef37f92e62809fba2220e0d2ec380ffdfe06980f705dd3081477849a1c6b526ea7d691c42b653acbbbff23929cec815daef3ef3bc35b958220c20b0fa20dffbf447b14c75fe5088f38f3046f95895d04f4a575ae332e83e15ea4e2bcdb995567e0ff8a78fb34a5f943b98d3acbf1c73633c1269137cb817979ea1e3a6914164f4ce25c9b3359baa42d627ee0a9576ec95833967e4c1621ac871d9f4a7aa2da27ceb0c3893c84fc36d60571ef930fe59eec2d9483c2beed73d410aae2912767ef0ae3f554bf3ea6d3d5333593adb8b485b770dadd46bdca59c7bf7fe3ad806be009ef5257c4c328008a04245f6ff443a72edcbc8cee9dd771c50660952021e6337cc5c9f3dd90dc1a04525841415028a6e68b9f5ba738db49343f8323973dfc94cbec24227804b939eed30a03c479fafc14e2ee4d107e35233f191f29e9c5bf96b847c5a676b58ac860026e0ce3b21e9a485a8395612c49d8942930efd98652d97e08e26c3c750478ab44a7475c484347f73f7d0ce489b89e6587772a55ea69d777ab5a053b3e316bcc69d6aee3d5aded810939c211dc77244b06bd149d254d9a0711fe6e1a602aefcf492708ac92d80d61a610f30bf867558c5643429d2803ad037eba62ddf71843e948979e6671ba079931020b94e4aa6c2d16fcd94d37535237f7c269cc845b8149226bf701c29b7befc63b0de00c267d8d1be008c25a56d9bdbe8c13c9097666434da2d823af9c987803cdcef94cf04f77a6af4ef2e656343bdd950bd7d8884605ec5696dc4057bac5d3dca0c3a57252ee9ee1315e2fe5a97f30c5492bb23a2face584781363ec4b447b35ea00475280aa45ae914133560dd14289e61501e76cf975fc1c27e98350df171853c90f7e19ef30dec3b3aeb7eb1e8804a9721f55739d89191416d74717cb67e71d61d1c1512dd87979bbe295f26895d099a8196bb0185075529dfa29413f7dc0319d9e428894b10503a202f9b80dec1e0c27b1f1ab0e19910e33645e376f2910f22d5e70912d078300b37cc007eaf6cd36644f88d8cfacf7a531bc00ac86ce750e7fee31e29ee86de599dbea692bb34f7892dc42fd82ff0a7317a8f9420652424fd2b77c4b77ed2f34ff8b9fa67c6d588d0d9f20c582ac3a5c06a66b0ea415badcc8a132500585d00416482160aa172aa164eca5fd5612fe5125a2d714863cbdb3e70323ff350d7aa59afa9768100d6e137bdd6257d20387efe16ada3c99719d301ef14b1cac7c99945a237e4e3d0439915783486cecfa34a33daeabccce0dd61528a742948dbdb302d9d66dff5f900d5ed3eb9a22549ce45c2bd97ddd4dec2b32c5f2f100d9483f4fd8f0d4a84a21e9fca6a216edcd3bf9624be649f1f88bf80296df4f57328643e7f99d3cd6e3c92e4c315eca3dfb04b566d66169421023b9de12dc74d4de8cc094ca7e5608be843c906fa9de002bc6f1197771e94c103ca65b70fa31cf54c641a89c1a56fcc1c1b41f47eafa65930e8c95a5ba9339d87f79ec71b70c4ddb7f8688945af9a305677e876124237b73717cd1c7b1c41127e5240bae8b693318361bc0ac7c7b95d2134f87bd5d6a674dd8e59d5436930f6cdedb67606b2cd9fd825179d6389f15192f7c7509a7385108021376d5b1dd43211aa5fd36cad5370bce2b93d323582bfd935601c762d6ef791235c766c521b17b957b0ea5256b4467032d268f81e74f1fd6d24134ad5eea76d66466395c40b4bf6274b30b24bb061eacffad1103d1687afd356a22eb53ece14b9a5abe40b5073ecbe7901df2b0f715747d70496b54d2d7e1bc62f87d8c8c2454de5e8ff4c096867eb6da2eb13272b231c9931b712af7392e49cd0d62a540e9e5d5750cfb52c526d2b4e27eb77c286c170f401266c17d2fa5b5dd3cfa90dbf9d324b744950680717b75fe769206c163e05616adb21bf0c4775db6e7f188ec3223aa3269a5bf82e71563223e39a8e1557d0ce529f3dd0f7dc46be8078030af8538df57204246432ad40b45173bf73dd6d8072abff612885a4cbb09e9dcc72c4a09205135aa37de67ba463d05ea620cfcf3b7cfc1fd2d32bee9a8f7eb087c3e47eef30f9069be81c0bd06f13280c90a670f6abe8ab7aa7eb8f9f4cc365491a80052503d5cbcd09f7550125d126480e1aa944e74302c4014984b29bb7bb7140493fad1a94ac648a1be03138254ea7e66d463a3b74e649d0ab76f7a5c7c459e00aeac941579656223823131dfad5dbad8c62dcdce1249d2358f541ee54048f4772d227de5a27ca8d1a1e984c7bab0ce6e67ba68ef369b9ec405ae0be4a75492328755f9cd8896fe2b2c6ad3ceb119c0dcb273cb474dbfa281449c34aa0c399f3cf0e113b19fbc2cb58ef6b1dda013cd0c2e0bc074b219e54baaa95c6c693ab76aae53aacedc8307396d7f576a95530fe06365caccceb1400af2b742039b6f52afe4e2910b06550d9a109a51086318e17ac19867c9472f7ed8b03c3210986bd1d20d7b85407068facc985df62b970c8b9c762ce52360b4e7cd33cc52d9bfe953faf3df5bb43952ddbbaa145acfe0e7fc7c08c020602b3215687790444830b2d4f43c39cadd138f185c6d2c238681374bbdacae5aa5194bcddc20b79c53cb01499b2361878b0fc851100076e43cd8f0400aecaa92c751f64e80b35d4b7c45463df3c24618f8e3f6312443bb883a96d9c7456350e8143fb28e375a7638e030565aa9c288e9d8439f84c853f87eb36288620c53ff22251761395c5b44d4edd730efc6e052c30509b99957c620a7d3fe6ffb1b4a056a5780f873cbb1ca363f5b1d3f42030e9733728d34271f55d9813d4451a72cf1c7baffe3658a5e7c83588893c767b3a0f0870c8d73a9adbc82494c8fa9a8ab14a5443682f055195367e0075f39d6a6977d1bce97934f877a0957c422f550eeabaf1db167849ca5520c46d75d26436afbcfb1cae9b3d6257e8177c8f9bd3c03a7f85594be0dd05661f95adb13e04c0ffdebb662e9ea422c3215afb74ce2f42f72d5b7b750dce95c293260f4ecf5d304bd54dd8d9a980c83c7e09f66c3ac125766fd665c8100e994bd18057f34da75f2f766627aa1d510698b56e53deb2e20d78f56fc2115d4131d72ddbffc57008f2ed1e5c4a1c033da46e00b8e9ea69f56804841f9a0a87e9f05d2054f2791a2837043d3f2ee7f24a0368499e7591bfaf2b6ce56e4f2140e78c45300e6badc8041883fa267762c98f3810f5a236c56a0f6737315a2a1f1d91e530929eb8403f958fc55e382c83ebb5dd471befc33173f9c3b70634ccc0ea18506c97ea5c716d1da327fb7b572be019537f65b6f5fb9d8e7dcd2c516e149c26412588f19e29acccab889e768bd8f8ba52e4c8c916666b05778f5204c6a4ab61e0e7f0cd5980b46d6d48b260f09950b86feb6f91347f068fe94251e7f0fa302109cc8", 0x1000}, {&(0x7f0000001480)="3bb8e94b214311f574dd6e16b7449a3ccbf286244c9d7fad477ef6c806de21e7878652825e1b65c47225d48a02aeb6b03c61ed3ac19836bbef40e638915c50d5db99629c984025f0d1ccc15a8e0d9b29efd7", 0x52}, {&(0x7f0000001500)="5812a47cb77e166f65ca3db3c5bd7b9fa6998477dc62704207626e1de8d441ab65bac9b089f43756fd31545b1c814837791e5b3b48a03efbdd285b801e445d66ad647a3b0a6c280ab0191a735942abd3a3d5d90036c0dae0", 0x58}, {&(0x7f0000001580)="18befecbfa3ab698d7496012ba4fe40326218b88cd5ad2a454f36f2195a2dba98b4277df5dce1eeaaee4a4f9962c94f0a03d56eef611eee4fd993e9818d6d1f78d5c348183a8d8778e32b1d90afdd1706e34d3fa64d6e969c379288e1e3fd80a0f78bc904476d8d0024534cf0f121fad1d1702840f02ff68988aab28ddb5966dc97bb6c45716d2b5a15c81febc62a3a3a61066ab8f9e26d154fcc3ad1830c31482edf1c89aff9da6f1bb617f72938cd00364c9fd3abbd2b47a8d20096c54a2b56cd49d4dd19bc8ae588af9d44e0204b96fad17a62670077afc8acfd443e59bd8f3b29dc98a301ac7d9", 0xe9}], 0xa, &(0x7f0000001740)=ANY=[@ANYBLOB="f80000000000000013010000000000009edb40f1c1f10a3514660f1101b796e9e879fa14dbc605986a59463e6e62b1e331cbca6f6cdebc3aa31d94ff9d70fbc37d7247794a8026dea3e33fccc3e0965ca60cb815b79260ab303d78c65142defd8583a00816be9ee8c9688fb438391b96782369a835795c8a495611a5bf7bb8332b288c801e382273d6da304577ac34675ba874805ca178865d7490f7a45c6d491eb6992a35b24da2b3a05042eb662068c1285a38f8cfaa930ba4a48bc90faecad364998bbd2983ffcc6b39120cacf411845fd118c30cd058c28a89159bba681a32715527e88e3b2a3cbf56fc6837603ad42d140000000000100000000000000034020000070000002800000000000000f6d4aaa37f0000009a1df2af568b2fbefbd2e1afb89b3b0dc64ae93d1c3d35233800000000000000130100000000000003216c9e3218572466cb78bccc370c1db1425672dca6fde741a57a275ad1661335c3c6d0add300001010000000000000060000008a980000a7b6a6c7338aeeefd2f3e0d93523f81a7c83acd5dede00911f0c269b492123f9e1aeb54dba8e149597e34cffa10aadf19219c3b362860993406be35c4eb20106aadbffe821d3ebc3deae9a73026536c94018c8df9e0862b3787143fcf3b7cb9533937788fb7d89e47cf756b82fe02ae3b9ed6fc40e98189a2200a4dd9933dc7ffb05a6f383ae123bed0196562cd15e25a7585081087776662e80f37e90db91f5a83c64631fea35a75712a7f41aa66f0caf78595b0113a3b2f678a5bb275e04f9419c92981fb34a80499498bf1f383f20f7a5d098e5c162aba328ec3cfb4606087626caf5eef0fc9383a6115a90f58e5b2cd9aa8d6e71fe150af9ada705f7b4d006c23a1585ea03011105582d5b3946586a1210ed06a1eda0d204bfab49a101b55520a041d47c4ffb559d7f6d1493a249d88492f41a7d6eabf23eef0515589d0d9dc2563c7ab4c9e790c6ee836565709fef73438e9c5a0d065a57d1031b38de92548a6eda855e831ae6a49ad07d11efee090a6ea8ce7329be4cd7a0ca398b82a369176100bcb3f585e441b63d08cfe62a21afa5f6356e1532a3ae29f18f24a008b9b3fcf50dd286243002e48c0a4d0515f475a89d762b962ab8dc71780ddeb340647202e2709ccd0bcc29e9fbe20fec40237d5be99487eaabbb1ec1acbba13df1611302b970251e8ea25e0baf9d2cdac07fe97c192cf8a11d7f1741463710d4024fbedd82754eb4fc2da5169f575b83e48f01941bc43d853f0ed750416a78777b7ceb51aadfaaca19013f2ac2ccb63f33cdad45060d4d381b3262ba31b06b067eefd66bd39a94a5c97c595124c8db294ae1a2363e87e4dbe6c5c30c4c04b8371755953a77188a49e0fa3a30072614525b16005f4db985f0a3260c3fe4f2a00bd19cbe582936e309c1a198d741d5e67c14bc2dcac487c54635f0c79e05ef09d690052097c7ca2131f3e13d222c56c5eee12182939afe6f85ff9674fed744d5e339a86cfda41aff1012220f95a05838c16c2dd436117b8937ef0b7006832fbf8ee846ca71de98a7c2d8ac5174ee7d19c7e549b2940b31e78b4c0e95dc9c8a2f2183fde34c9b03619ff92f260c5beda71d847aa819de951801aa74d3603efe5c54c480219ab3ce0fbecfd3a6976f7aaa996e214d84376c42556d41ee7c2509d2beb65a97a333f709e0bcc144bc4b263fc632589963da4499aab0c22a00561b7cac300c1bb7bb288be5edeb1df168864a11a12965834119062a1ce4b9e579a928c9a87bb64133c908814540a67a547894e9e3552eb372a7a48efcff909dec9a72f419d71369447950acd7fbdf4b036a5fa8c50449af3321d8288b4ab3403d643557426b8f5c18f981896ca331447be934c4ec431714cc1743be5deac2dacf2cdbdc2a848fd4f3c4700e1b30c2ae0f5315e9b098ecc0a74dadda6587d64303121e21819846a8a2ddb80cbc4ef322e6ea904416f8a580c3c79a8c58d5a19e1939a0e781f77d8b897b6324cdd35ece434eea9d7842db0b2f3bb9ba79ed95535211b79bfa812306f45c8ad1f8cc4d9d1952e4933da0d7b1cf2c99275fd3028af45bfb4116f0361cd829f895d855d9c958b29e603b32a1367bf9aecaf4c43c5f5ce1fdc68d8d7b1063ebe31f2c5c0f7cb12fe85c9655c1bd4e810223b3a7fbd82bbf7e13d9b9c1014e074c6d0a5550b565c8c4bdd5bc0d52f0295537729b082c4fbba177fe5b3fc0c8be6ab822c67aba6752b6916d42cadd159ee925b079e315361cf40560ab9b404aaf21045ff6c104afb5a9ef99574e535bb80ba5ffe2cec79e1829a6efd130b38bc87fa1bca2a9029ac800ff43032ce1a61163b7a3304dcb66bccec9ed83f6499ac3d8acae686a41f752fa0d14562e8e0612b2522f3edae2fe02ddd3e343b3baa3d7fe9167ca6183d16cd89ce5ad162f37dce8d7df8da8e9284874689020ec73b530cc925785df5e779b7880bcbf0915b1f12aa30aabb617c8b40763e05dcc55058bb77d9e9a5cabda067a6ce7da11b27ca54151601bd8358583ed9fb62ef8f4b55861bee4f86446ff6a86b16c721d9b46e7b2fc303555a7d1e275f4caf074c97a7b0e4223908d70b299cc43a164de80d9cee9869ddbabf4638f1b5f0d2484fea71d1f2f6557f3378dcb05d85a8e5f0ee7ef3d1e04f094ae9e21aac3c6acc093cdac65e2a0df2dd231fec1eeaa398063d463f00beb6fe3e766d020436bd36044da289bcf5bd474c9b49b80bb0d0497c261de8135977042396ed22e2591a42b21537621cd83f2ede93513ec8d6bd0035b0851b163183d0e6596f08e5a352b55b90defe8a426d3b08fd3b88d8a6036a1b03a4fbd2467f823f9981882fa773a4a93901515f877697af966b3517fa5bc69fc90bf45306a33eeafbc91a275ed0be1060f0776391daeb8f2886a172b3f8de0c8204e7fc192e78259a2fbac9da2a28ef6c43e7d8a520affae5a7043b1276b27efc2294602075fefe952b06059d01c75416bbded16e2ad575d234cebb1b4cee2d37fa941d2d7602f1ff70bdede911b90ae16335d487355a6fa7763df807fd4feb1bc22e4d77ea80b7d8dd376c04aeaf949223f1c12d166294a391d618e8635b075e3c34d4b493eeaabe5a9a0e166a944e27283e3e12b5975f2ef17c1c77ce0f887da5e1b20b052b98c025ebadc5f9c838f2387f26d06c23fa82e97f0d15e610cfcca70a78cd5739e174ca1827a0d577f3b7313fc6b8dd23a1b4b93259751a6c951a642674536524b78fc438635c259760cd38e51acfbccb7bf1b952e8723043a19e3f7de56c7c697e03afcd2a74b2c0095f9ece1d7467246faf41b7b695cacb740e7efe287360822c76261d3240ef4c02d7b7aa6e49d630acaf0cc1c4834e2cef2e7ac0f4e31bbe3dde111eca1e0adc2972be06825ca3ba72e8a7dbd4a51afb7d695c8308d7dc9fc77dcec58a970f39d792dcb6407670b19be165a171724286ad3170cc6b9ee7d5a8dd9547c6fb30a33579302f2b2a23d757776eb81fa70c6b82bd1afa1e7d2bf0714149adb88743d73c5343f41bc00de25eb8ac34d6515e0ff58f21393deddeaa9a6794edb5ba4bea6e62465400260493d53b2cd5c907ea519e11af44894dcd00ca9ed79b8b73c7cc71cc7c710eb37243c808ce9d0f205c6b47e5e85f26ae90a324eafa9ef63b278bd4708cb9c042977566b99c88733ddeddd3be5b61148d06a6bde127715f3a4a7404855fde759f0b002887ab4e179e078f051ecc0ab11188c12c75b92410a5316e9ddf95de52cfce9ad6b48f83c2c2fc075e3e6aba2fa0d4d944929371a5fede0a57b15125282987d7757e8209e7f1498e360a273ce6b6657f56b6e77b3e733996ad5910422a96746da7ed9c406313d95deb201d4d5c913d25c6c8354ca13160074ce5f2ff8153c78b97f77f31a5b5c72ef30e71817bf640b5bb2bf0083984f0f2922970e2665440634e2c3dadd6190543489aa71b189404af423fc52aec33ac2878b64fdd674ed51c2fcc0ae4135973403a17ae2e8c13ef1b03edf47c52f8e8955d80650f3f92c29b260e69f7b4dc5be7488b8b0587178c88fa20d1b42958a5d28504ee2219e1b0a85b671380f66996df8e68bbd421eac3b29ffcb00eaa4d35785c4e03e6da6ddd04c2e5c8919640e8d2fccd5d8b4acf394cae8681b9f88592f566ed0c782e96c53488964a5a1770ca4208c6bf89a888bba44dab8bc44ad73d5c55eda48586bcf7121e5388bbfe8ca028c5182a05354644a24bc8fc666e6df002d099369faa005ba01e7ea409f1cc2cdd70a978fbd75de39f0966cd09c8b4ff9ec1cfb4b1f7ecb7eca720cd618a8c0bae3402e5dc814e29f940e374049906cc4acc88b9d2454c6b6c26b0f7e4d1e8af2ee593b06e5a834f565d6969c36b5720bf937e1bc9fe89f63dd3b022cacdb108ee148eb992ed0e3d5d02bafc1fb1f0c6ca599eef8b2b9bbb61b416f6aacc03ba43e43459776fe6f28b3733029f04be36189c0ae9ba97a43e8bcb5e89cf3f06b88d6e349d2a856b10f1efbd84cedccddccd5389872ddde24490063b0f04f7d75366b3b25e1105253d8315a017a99451e4ced758a52528b398e42be8f993524256426b21f855970f7e2387d775bd43840b9c5f9ee485634037a9512feb4df85af68cd4f3d12b66cb4ccf295a655e314b5356408ed9a032b1f04a08cfc6849ed1de91255f25690d8b60a4fb123335a8e8fc9b786d6c0ea38e9c0be4b422b90744551062f5bbd1d6ed33d7187264a77ae9c61673727232346c0d991641fffc14d88331b2220ee74ddcab0f79328613ce04ff87c03f4fb169c3c86c4fcea39b1785712fe73d718b893068d228c7440f54f0a9f82f303b0d918941e2ee683c330a3411b0c635031247421725f887fe60304a3975de76cf3279bfcaecc8279c160dc333dccd4806370049b5399b38a52548de8f0e456a6b3eb0d7ff286d9da9e86b91e46802c5dd98ea39311e133b317327833cd71fec7628e0ebf793e097caa2807f08c2c37404310940790dea4a02d80b55d6415c0e308fa1e8854554bc5fcc4b3dc381ed15b352468d0c07cad311cf4b4e5b7729d0f37304994fab7c386e99135d7e83586f7f8a522c4a8a9884dce7d121498a56b7a7f79ad343a24508754530b1797016cf2280b0e8760f65431f70958dd45a9f95c1184e0ad663c468d147e372c6f774782be6d2272542f85b6ce79dfd61f27e1126b26efd3501e8e50210881ec2ef449aac61be896e23db9d8721c6ca926c34059b508bb115827d294781ee4c0427ffc4b492f29c8a989dc115a094c76620dafaa508f1fc69672a61f30eb43869aa99f0cc2f55b782bb3c17e19e1cb519445ef54114dbfcd845cc4943dd7e113dc47b4e6831877aab369a991528d72da98e3dd475f3fe8e0f55cbc71756619273a433909e36bab0fd7d2ca813138e995ec8a72a98d9026e36a069bf91e927f063743ac2c52f5bfe3ca1fdc28ad9cb1bb31582d682f751d9c59bba73d2d542d7ae1e8e37d30ec2e7926cfcaa56b6909407c9fee07f6532a1227edf2bc7ae42742f09a9c50ede93beafd185f79e7a30e01e3f54e086cf757e330a071b14642bf30dc4f829f2fd9f92d45d844d8c8cfa5e253661b6dcd0cdcc228465db89ac0a59fc549e42ecd93d26c08eb5034d0596ddd3d4574f861e56bb08da67415c2d3615e75d5e5c763e496ade823e6e6157ff5e2098ead50e5da8a7aa6113784aebc23e75df8952178866e312c0cdcaa98417a7870c4b4a70d1f15257635e36af12fc1afa66d6441b764db3b7aa8e70fc5034e0a0b90eaedf5f1eb9e95b1ac6907eb562f1518e84c38312437c49eb9b22c97c54c78350a0eba60b53921d39c8651b48c3de769997179c37dae7bfe5cd5bde3b2918fa2cceb774f7582ce7295c7691f45415f4dfb242c5e24ea8fd41e0fb12ec9dfb58eaad480367e35a1c09e490b1c7bf6366aec46ad8ebb008cb9ed402e595757d648c90219dd0e33519560992cd3e63de3c0584378dc933cb87c7754c2f39deb49bfa5f5b3ae4039a84f7864b20885dd5484c832658458bfdf135d428fa1a9818557e850ee52b8e7cb777307ef966c24d75238746bce716cb75feaa9a11a6649aa9d514a293397c759fea055c87c02bcf86d10fdd737e8bfaf52463d743ea623bd5618b5d1d72a72ae20c718fa0889e9b3ab9dace251691651572fc64bd33cea75056df999f8fea8938833f68a0daaa2942c1c8d27310b68a3ca65ee13c38e2521c5b0f9b162a4720b386fd23bd70bedd4c9abb057225e4c5499f3c6ff52b432"], 0x1178}, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) close(r3) [ 342.320550] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:45 executing program 1: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000002, 0x400002172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) r0 = socket$inet(0x2, 0x3, 0x2) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x46802) io_setup(0x100000000000c333, &(0x7f0000000180)=0x0) ftruncate(r1, 0x48280) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}]) bind$rds(r1, &(0x7f0000000580)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x800000, 0x0) r4 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x1, 0x0) r5 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/user\x00', 0x2, 0x0) r6 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r6, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}]}, 0x2c, 0x0) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r7, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r8 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r8, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r8, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TIOCGDEV(r8, 0x80045432, &(0x7f00000005c0)) r9 = syz_open_dev$adsp(&(0x7f0000000340)='/dev/adsp#\x00', 0x3, 0x200000) io_submit(r2, 0x4, &(0x7f00000004c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x4f2e, r3, &(0x7f0000000080)="6cf32ad30bb23e5cd3316978ab8b71f18116de846d4f99561a6e73de9c40218f7b8153851df8d80e7c0686b2da8e1cfdbe90e33904d8ff59849d34f62fa4ce6c537d7d23ffd979f4620e07a54ae4b09d6d5e4d9a13b1cf448baa9de96ba95824164a9ea48de5d6fe3880a42df46c16c61391cfa90b71477780dc24681ab19b84857105f51a320ded309027eb6301348eb69cb00ac3d4dd4bcf9b83a6247906184ec4055c617a5c6b9f1793b8840b125065ebc9127535b0674202b88afee06f39ae4c5039ea36c4ec9b9faf69230018cebf819b3df6ae0bac18703b95fe9831e0493981a8bae96dc4ce705aa188db6f9c7f66c7860d29d43f2ef6f8", 0xfb, 0xa7a6, 0x0, 0x2, r4}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3, 0x8, r5, &(0x7f0000000240)="ddedd4877b43d40a7105cd7665a204571df70dddf0849ce610676b9da69e489cb1d9b494efbfd6f8a8ae0966ae1e2be83f0e22ad", 0x34, 0x0, 0x0, 0x1, r6}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x7, r7, &(0x7f00000002c0)="e7db6861652db0d3df05d754ec77db7e194515dc3863ee6ebccd515a816c706143d23ce12e7256218899ada12ff2206a26daa45f936e602adfe0dd1ec25b5072c2da69dc02ca5ee00c3d27666b1df02f4fdb780d", 0x54, 0x2, 0x0, 0x0, r9}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x3, 0x43f, r0, &(0x7f00000003c0)="9cbc7e51a91b7f1c8ade9338f7bf0b83d8fd632261e0e004832113d3900015bd0dbd92e81555ab65c0c9310ba72ccb5ce25f75ee20f15abebfa42c2cad70b159eabc7f91b17b5ffada4aa4f9d21d35af8746188556fce8adfd76c393bd379a64206d020a43b5aca5deba82e4b758824f5dbbea491a1185d22246b5756c52177a458576c08d6d0c3002bb2ab7ee76eefc9a9b2590ec0fc6b8f09f12666690dd2b2d67a6469a4b1cd38e3cdd239ca0f641a2baa598", 0xb4, 0xf6}]) getsockopt(r0, 0x0, 0xd0, 0x0, &(0x7f0000000000)=0x5f) 02:56:45 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 342.351756] x86/PAT: syz-executor.3:13493 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 342.376324] x86/PAT: syz-executor.3:13493 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:45 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10022, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f0000000040)=0xffff) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) close(0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080)='threaded\x00', 0xfffffc61) recvmsg(r0, &(0x7f0000000140)={0x0, 0x1d, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/110, 0x7ffff000}], 0x1}, 0x3f00) 02:56:45 executing program 3 (fault-call:8 fault-nth:55): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 342.525125] x86/PAT: syz-executor.3:13520 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 342.545599] FAULT_INJECTION: forcing a failure. [ 342.545599] name failslab, interval 1, probability 0, space 0, times 0 [ 342.572408] CPU: 1 PID: 13520 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 342.579462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.589003] Call Trace: [ 342.591691] dump_stack+0x138/0x197 [ 342.595329] should_fail.cold+0x10f/0x159 [ 342.599486] should_failslab+0xdb/0x130 [ 342.603467] kmem_cache_alloc+0x2d7/0x780 [ 342.607614] ? anon_vma_clone+0x310/0x470 [ 342.611791] anon_vma_fork+0x1ce/0x4d0 [ 342.615683] copy_process.part.0+0x45e2/0x6a00 [ 342.620289] ? __cleanup_sighand+0x50/0x50 [ 342.624525] ? lock_downgrade+0x6e0/0x6e0 [ 342.628686] _do_fork+0x19e/0xce0 [ 342.632147] ? fork_idle+0x280/0x280 [ 342.635871] ? fput+0xd4/0x150 [ 342.639064] ? SyS_write+0x15e/0x230 [ 342.642789] SyS_clone+0x37/0x50 [ 342.646161] ? sys_vfork+0x30/0x30 [ 342.649707] do_syscall_64+0x1e8/0x640 [ 342.653608] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 342.658453] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 342.663663] RIP: 0033:0x4598e9 [ 342.666847] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:46 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$P9_RMKDIR(r0, &(0x7f0000000100)={0x14, 0x49, 0x1, {0x1a1, 0x3, 0x2}}, 0x14) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = syz_open_dev$media(&(0x7f0000000140)='/dev/media#\x00', 0xffffffff, 0x2006) mq_notify(r2, &(0x7f0000000180)={0x0, 0x3b, 0x9, @tid=0xffffffffffffffff}) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) write$P9_RMKNOD(r3, &(0x7f00000000c0)={0x14, 0x13, 0x2, {0x40, 0x2, 0x4}}, 0x14) [ 342.674560] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 342.681821] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 342.689184] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 342.696537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 342.703801] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:46 executing program 5: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) r2 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x40000fffffe, 0x80002) ioctl$FS_IOC_FSGETXATTR(r2, 0x8038550a, &(0x7f0000000000)={0x80, 0xffffffffffffffff, 0x9, 0x0, 0x0, 0x7ff0bdbe}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040)={0x100002014}) 02:56:46 executing program 3 (fault-call:8 fault-nth:56): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 342.745485] x86/PAT: syz-executor.3:13520 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 342.765426] x86/PAT: syz-executor.3:13520 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:46 executing program 5: pipe2(0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000200)={0x0, 'nr0\x00'}, 0x18) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xffffffffffffffff, 0x31, 0xffffffffffffffff, 0x0) write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0x80000239) r2 = dup2(r1, r0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r5, 0x5, 0x0, 0x0, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x60, @media='ib\x00'}}}}, 0x68}}, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10001440}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x1c, r5, 0x43af8143ada15707, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20008108) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom(r1, &(0x7f0000000240)=""/184, 0xfffffe4c, 0x10100, 0x0, 0xfffffffffffffcff) mount$bpf(0x20000000, 0x0, 0x0, 0x2001002, 0x0) sendto$unix(r1, &(0x7f0000000100)="5c8a40fa21c6f9ac3ffa09b81deb4fc939f6a8566c95fc76c8e1a06f", 0x1c, 0x48841, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x0, 0x0) ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000480)={0x0, 0x0}) r6 = fcntl$getown(r1, 0x9) prlimit64(r6, 0x4, &(0x7f0000000000)={0x8, 0x5}, &(0x7f00000000c0)) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000500)={0x305}, 0xb) 02:56:46 executing program 1: memfd_create(0x0, 0x0) r0 = open(&(0x7f0000000140)='./bus\x00', 0x54243, 0x103) accept(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000007c00)=[{{&(0x7f00000001c0)=@rc, 0x0, &(0x7f0000000240)=[{&(0x7f0000000440)=""/223}, {&(0x7f0000000540)=""/4096}, {&(0x7f0000001540)=""/201}], 0x0, &(0x7f0000004e00)=""/4096}, 0x9}, {{&(0x7f0000000300)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x0, &(0x7f0000005f80)=[{&(0x7f0000000380)=""/48}, {&(0x7f0000001640)=""/227}, {&(0x7f0000001740)=""/187}, {&(0x7f0000001e00)}, {&(0x7f0000001e40)=""/6}, {&(0x7f0000002000)=""/98}, {&(0x7f0000005e00)=""/181}, {&(0x7f0000005ec0)=""/139}, {&(0x7f0000001e80)=""/2}], 0x0, &(0x7f0000003380)=""/101}, 0x5}, {{&(0x7f0000006040)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x0, &(0x7f0000003440)=[{&(0x7f00000060c0)=""/165}], 0x0, &(0x7f0000006180)=""/244}, 0x2}, {{&(0x7f0000006280)=@caif=@util, 0x0, &(0x7f0000004d80)=[{&(0x7f0000006300)=""/186}, {&(0x7f00000063c0)=""/72}], 0x0, &(0x7f0000006440)=""/47}, 0x1ff}, {{&(0x7f0000006480)=@ethernet={0x0, @remote}, 0x0, &(0x7f00000076c0)=[{&(0x7f0000006500)=""/190}, {&(0x7f00000065c0)=""/147, 0xffffffffffffffca}, {&(0x7f0000006680)=""/3}, {&(0x7f00000066c0)=""/4096}]}, 0xdd0}, {{0x0, 0x0, &(0x7f0000007a80)=[{&(0x7f0000007700)=""/83}, {&(0x7f0000007780)=""/220}, {&(0x7f0000007880)=""/37}, {&(0x7f00000078c0)=""/55, 0xfcbe}, {&(0x7f0000007900)=""/87}, {&(0x7f0000007980)=""/239}], 0x0, &(0x7f0000007b00)=""/193}, 0x3}], 0x400000000000062, 0x20, &(0x7f0000004d40)={0x0, 0x1c9c380}) recvmmsg(r2, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(0x0, r1, 0xa, r0, 0x1019fb45209cc21f) r5 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/fib_triestat\x00') preadv(r5, &(0x7f00000017c0), 0x0, 0x0) ioctl$ASHMEM_GET_PROT_MASK(r5, 0x7706, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r3, 0xc0104320, &(0x7f0000000100)={0x3, &(0x7f00000000c0)="8efea259745ce2e339b7306911006af0c3fa6aef74444f12"}) mkdir(0x0, 0x0) dup(0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/fib_triestat\x00') preadv(r6, &(0x7f00000017c0), 0x3a8, 0x0) r7 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/fib_triestat\x00') preadv(r7, &(0x7f00000017c0), 0x3a8, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r7, 0xc0206434, &(0x7f0000004dc0)={0xd64, 0x0, 0x10000, 0x6000000}) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') geteuid() fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000) creat(&(0x7f0000000400)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') 02:56:46 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x911cfe973800363d, 0x0) ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f00000000c0)) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000240)={r0}) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000100)={0x0, {{0xa, 0x4e24, 0x2, @remote, 0x1}}, {{0xa, 0x4e20, 0x9, @loopback, 0x3ff}}}, 0x108) [ 343.025997] audit: type=1800 audit(1568429806.423:69): pid=13544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="bus" dev="sda1" ino=16595 res=0 [ 343.064715] x86/PAT: syz-executor.3:13543 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 343.078676] FAULT_INJECTION: forcing a failure. [ 343.078676] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 343.095393] CPU: 0 PID: 13543 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 343.102547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 343.111925] Call Trace: [ 343.114581] dump_stack+0x138/0x197 [ 343.118234] should_fail.cold+0x10f/0x159 [ 343.122410] ? __might_sleep+0x93/0xb0 [ 343.126320] __alloc_pages_nodemask+0x1d6/0x7a0 [ 343.131004] ? save_stack+0xa9/0xd0 [ 343.134660] ? __alloc_pages_slowpath+0x2930/0x2930 [ 343.139692] ? anon_vma_fork+0x1ce/0x4d0 [ 343.143767] ? copy_process.part.0+0x45e2/0x6a00 [ 343.148555] ? _do_fork+0x19e/0xce0 [ 343.152301] ? __lock_acquire+0x5f7/0x4620 [ 343.156541] alloc_pages_current+0xec/0x1e0 [ 343.160860] ? trace_hardirqs_on+0x10/0x10 [ 343.165094] pte_alloc_one+0x1a/0x100 [ 343.168890] copy_huge_pmd+0x7d/0x8c0 [ 343.172687] ? add_mm_counter_fast.part.0+0x30/0x30 [ 343.177701] copy_page_range+0x69a/0x1bd0 [ 343.181846] ? anon_vma_fork+0x358/0x4d0 [ 343.185909] ? find_held_lock+0x35/0x130 [ 343.189967] ? vma_compute_subtree_gap+0x190/0x1f0 [ 343.194906] ? __rb_insert_augmented+0x22f/0xdf0 [ 343.199680] ? __pmd_alloc+0x410/0x410 [ 343.203835] ? __vma_link_rb+0x247/0x340 [ 343.207896] copy_process.part.0+0x4764/0x6a00 [ 343.212495] ? __cleanup_sighand+0x50/0x50 [ 343.216722] ? lock_downgrade+0x6e0/0x6e0 [ 343.220870] _do_fork+0x19e/0xce0 [ 343.224410] ? fork_idle+0x280/0x280 [ 343.228119] ? fput+0xd4/0x150 [ 343.231308] ? SyS_write+0x15e/0x230 [ 343.235018] SyS_clone+0x37/0x50 [ 343.238383] ? sys_vfork+0x30/0x30 [ 343.241943] do_syscall_64+0x1e8/0x640 [ 343.245824] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 343.250755] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 343.255938] RIP: 0033:0x4598e9 [ 343.259295] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 343.267185] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 02:56:46 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x6, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x82102, 0x0) ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f00000000c0)={{0x1, @addr=0x7}, 0x8, 0x7203, 0x6}) [ 343.274448] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 343.285274] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 343.292544] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 343.300851] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:46 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10022, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f0000000040)=0xffff) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) close(0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080)='threaded\x00', 0xfffffc61) recvmsg(r0, &(0x7f0000000140)={0x0, 0x1d, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/110, 0x7ffff000}], 0x1}, 0x3f00) 02:56:46 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='syz_tun\x00'}) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:46 executing program 4: r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/avc/hash_stats\x00', 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/attr/current\x00', 0x2, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000080)={{0x5c, @rand_addr=0x7, 0x4e23, 0x0, 'fo\x00', 0x20, 0x5, 0x67}, {@rand_addr=0x6, 0x4e20, 0x6, 0x8, 0x800, 0xffffffffffffffe1}}, 0x44) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) r2 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x73bc, 0xa880) write$FUSE_GETXATTR(r2, &(0x7f0000000140)={0x18, 0xe420fb0a50bcd0e5, 0x7, {0x2}}, 0x18) 02:56:47 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000001c0)={0x41, 0x3}, 0x10) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) utimensat(r2, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={{}, {r3, r4/1000+10000}}, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000180)={'nr0\x00', &(0x7f0000000080)=@ethtool_perm_addr={0x20, 0xd4, "d7b6e9c6a0cc8cb8ef8f2f2825144a5ab75effa0cbf31618c42deae177a561727d1d9240d8a0870ab34473eb99426f8e892f823fb2568b11cb42f2c3ead317b583af4da5ba396f770f25af05464ee0b003982980e4ac9d98dd1a72dc07bc30ea30f73f14cf65f0da8beb049daa4bfddd57d9e2266b620a8f290b32fa64580a498b7e178e0dc03a5bbb0c36f5cde829949029e31c54c0562b57ea82025d7fc4dd51580374c80f45fbcf33de8aeb3f880d8ace7876234072b78994679689d6f7c9a8e3f2362af52b73b69628a398bd9f2ee42e4348"}}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:47 executing program 1: r0 = socket(0x11, 0x800000003, 0x0) setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f00000001c0)="a2e6999b", 0x4) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0xcc, r1, 0x201, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e21}]}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1000}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x101}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e23}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0xcc}, 0x1, 0x0, 0x0, 0x48010}, 0x0) fstat(r0, &(0x7f0000000400)) write$binfmt_aout(r0, &(0x7f00000002c0)={{0x108, 0x0, 0x0, 0x24a, 0x0, 0x0, 0x0, 0x0, 0x5}, "e606b1c2062a6d0000000000"}, 0x2c) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x10, &(0x7f0000000100)={&(0x7f0000000000)=""/94, 0x5e, 0xffffffffffffffff}}, 0x10) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dsp\x00', 0x4, 0x0) ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000004c0)={{0x3, 0x30, 0xfff, 0x5}, 'syz1\x00', 0x34}) [ 343.752868] x86/PAT: syz-executor.3:13543 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 343.764673] x86/PAT: syz-executor.3:13543 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:47 executing program 3 (fault-call:8 fault-nth:57): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:47 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000080)='vmnet0selfJcgroup:$lo\x00') [ 343.905247] x86/PAT: syz-executor.3:13590 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 343.955783] FAULT_INJECTION: forcing a failure. [ 343.955783] name failslab, interval 1, probability 0, space 0, times 0 [ 343.983384] CPU: 1 PID: 13595 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 343.990435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 343.999805] Call Trace: [ 344.002404] dump_stack+0x138/0x197 [ 344.006142] should_fail.cold+0x10f/0x159 [ 344.010323] should_failslab+0xdb/0x130 [ 344.014310] kmem_cache_alloc+0x2d7/0x780 [ 344.018467] ? __lock_acquire+0x5f7/0x4620 [ 344.022715] ptlock_alloc+0x20/0x70 [ 344.026366] pte_alloc_one+0x60/0x100 [ 344.030170] copy_huge_pmd+0x7d/0x8c0 [ 344.033971] ? add_mm_counter_fast.part.0+0x30/0x30 [ 344.038990] copy_page_range+0x69a/0x1bd0 [ 344.043147] ? anon_vma_fork+0x358/0x4d0 [ 344.047301] ? find_held_lock+0x35/0x130 [ 344.051372] ? vma_compute_subtree_gap+0x190/0x1f0 [ 344.056314] ? __rb_insert_augmented+0x22f/0xdf0 [ 344.061075] ? __pmd_alloc+0x410/0x410 [ 344.064962] ? __vma_link_rb+0x247/0x340 [ 344.069034] copy_process.part.0+0x4764/0x6a00 [ 344.073987] ? __cleanup_sighand+0x50/0x50 [ 344.078227] ? lock_downgrade+0x6e0/0x6e0 [ 344.082393] _do_fork+0x19e/0xce0 [ 344.085854] ? fork_idle+0x280/0x280 [ 344.090273] ? fput+0xd4/0x150 [ 344.093473] ? SyS_write+0x15e/0x230 [ 344.097195] SyS_clone+0x37/0x50 [ 344.100572] ? sys_vfork+0x30/0x30 [ 344.104116] do_syscall_64+0x1e8/0x640 [ 344.108093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 344.112944] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 344.118566] RIP: 0033:0x4598e9 [ 344.122540] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 344.130256] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 344.137543] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 344.144816] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 02:56:47 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) getresgid(&(0x7f0000000280), &(0x7f0000000300)=0x0, &(0x7f0000000340)) chown(&(0x7f00000000c0)='./file0\x00', 0x0, r2) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{0x8, 0x2, 0xffffffffffffffff}, {0x8, 0x0, r2}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000940)=ANY=[@ANYBLOB="0200000001000000000096127ff0e622bd87ef5e00000200000062d9c61a58c48beecc18ec7d301653f926b8502a04a24b2261a16945d84ee8608cab69be125e56c808e0db05d29f054dcc84b03a9d0824fab8379978b4d5083a67545278fe561cf4fc9a28565d2b00c39df463fc92b75db10905aa4d4d94d765e32f6b7c81cb0b4ef68ea914a03b402d186f813e1a6be14e8a5b54489c93bde831bf95c2be17c3ff8769add39f736dad97d4770b391ae6faf719", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r4 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000000c0)) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000a40)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="08000000fc23b667347a9d99", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000d962a801c1393520"], 0x44, 0x0) ioctl$sock_netdev_private(r4, 0x89f4, &(0x7f0000000100)="57db9bf10747de4b3a787b0b17745dd76e8798833f55ad8666a4ddb4c5a4e8a7f43df7c53c6d7cfdbf18e2e612245b1779317fd718a1b226eec0ec5af261314d83aed2b12a4e27ac1503321b825a1c9a52d8b3741c449538f93df774c03a6378543a4498df372fbc2d7841ed098dbbccf25aaa3b0d904912b179e8c13fb0650c30c3edc56c78fa1cb2105831e0bda33a428d1b528fc439330aadcf180db3e3eb5c862e672908337d9267ebcfb7085669c782f35cb1a5c53a09fd5e1cf82c437db9704758abc0e8b9214086aa0da65a732271c20c84d11d90aa56add27b317a8511dd33e874965ea839249c731831d03453d6407e") r5 = syz_open_procfs(r3, &(0x7f0000000000)='net/l2cap\x00') prctl$PR_SET_UNALIGN(0x6, 0x3) setxattr$trusted_overlay_opaque(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='trusted.overlay.opaque\x00', &(0x7f0000000880)='y\x00', 0x2, 0x1) fcntl$lock(r1, 0x2d, &(0x7f0000000000)={0x1, 0x7, 0x400, 0x0, r3}) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000005c0)={'veth1\x00', 0x1000}) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r6, 0x4020ae46, &(0x7f0000000600)={0x0, 0x0, @ioapic={0x0, 0x0, 0x0, 0xffffffff, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x9}]}}) r7 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280)='/selinux/enforce\x00', 0x0, 0x0) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="3ce4ffff0f003b0e00"/20, @ANYPTR=&(0x7f0000000540)=ANY=[@ANYRESHEX, @ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYPTR, @ANYPTR, @ANYBLOB="827989577b3a4d257d582b980ecfbe599b0c46d69c2bc70507d98db03396ba696db7eae657d44ce4e5803d0fd8b09885086ccf5bcc67bfdd557549b0d4bedbd80cd12c2275e4ddd1740aa440a81c4becae849b3ee31ae2b458678bdccbc0ad38c7e8a49723f808af3fa00b4c9ea6818dac75f7c4616fb67d1057cfd78321c2f21a8e8cba92d500aaf5b1b5e795f675d5f10f1192a871c1536ede1d2b7267de3326222e4f2cd3fbd84b7e1eaf581d4c2bde9cd1a9c9"], @ANYRESDEC=r4, @ANYRES64, @ANYPTR64=&(0x7f0000000700)=ANY=[@ANYBLOB="50743988ccf901bc8ec26311e81051259959df893da129eb915b4deddc5435e099b300b67ce7ebbc3de8da13617cb0e42f1043012fa703b973590008e19174606c9ef556846d0e656cdd53f9009808fb3970c7e7fcc763e1e27ef5e6ef1e2e9cd7bc9d6f8b124409a9f22d351f865d608b54843687070ca0ef0fb079ee268233290f5442868c12463f01d7f1e29dea57f0b7640334c41d2e5cb4df9640d07444c17e3dfc0d30e79a9acee64aa51eb272bc8da7ba40d46560ea1308f6a7afbb07cc8f11e79a162d5f276cf1c2912d22369fbf7450c3672f9b4a1e22f28472cd575aae198e73d0f613e79ac726efaee9a4b0fe6c"], @ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYRESOCT=0x0, @ANYRESOCT=0x0, @ANYRESOCT, @ANYPTR, @ANYRESOCT=r4], @ANYRESOCT=r1], @ANYBLOB="00000000000000001c0012000c000100626f6e64000000000c0002000800040000000000"], 0x3}}, 0x0) 02:56:47 executing program 5: pipe2(0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000200)={0x0, 'nr0\x00'}, 0x18) socketpair$unix(0x1, 0x80000000001, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xffffffffffffffff, 0x31, 0xffffffffffffffff, 0x0) write$binfmt_misc(r0, &(0x7f0000000040)=ANY=[], 0x80000239) r2 = dup2(r1, r0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r5, 0x5, 0x0, 0x0, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x60, @media='ib\x00'}}}}, 0x68}}, 0x0) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10001440}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x1c, r5, 0x43af8143ada15707, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20008108) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom(r1, &(0x7f0000000240)=""/184, 0xfffffe4c, 0x10100, 0x0, 0xfffffffffffffcff) mount$bpf(0x20000000, 0x0, 0x0, 0x2001002, 0x0) sendto$unix(r1, &(0x7f0000000100)="5c8a40fa21c6f9ac3ffa09b81deb4fc939f6a8566c95fc76c8e1a06f", 0x1c, 0x48841, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x0, 0x0) ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000480)={0x0, 0x0}) r6 = fcntl$getown(r1, 0x9) prlimit64(r6, 0x4, &(0x7f0000000000)={0x8, 0x5}, &(0x7f00000000c0)) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000500)={0x305}, 0xb) [ 344.152097] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 344.159371] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 344.181441] x86/PAT: syz-executor.3:13595 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 344.234597] x86/PAT: syz-executor.3:13595 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:47 executing program 2: socket$inet6(0xa, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f00000001c0)={0x3f, 0x7, 0x80000001, 0x2, 0x1}) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r2 = socket$inet6(0x10, 0x3, 0x0) setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000000c0)={{0xa, 0x4e21, 0x0, @mcast1, 0xffffffff}, {0xa, 0x4e23, 0x1, @mcast2, 0xf2c4}, 0x9, [0x3, 0x7c, 0x3, 0x8, 0x400, 0x1, 0x7, 0x6]}, 0x5c) r3 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0) r4 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20ncci\x00', 0x400, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r4, 0x0, 0x48f, &(0x7f0000000180)={0x89, @remote, 0x4e22, 0x1, 'wrr\x00', 0x5, 0xb255, 0x26}, 0x2c) bind$isdn_base(r3, &(0x7f0000000080)={0x22, 0x3, 0x0, 0x10000, 0x3ff}, 0x6) sendmsg(r2, &(0x7f0000002fc8)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007f5f00fe01b2a4a280930206000100000001000000000a00040035000c03110000001900154006000000000022dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d4", 0x55}], 0x1}, 0x0) 02:56:47 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="08f7ff65", @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000880)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYBLOB="0800006fddff01aa7b8fe463c20fb23bb7b1ea4e44d0ff89a10c423214e99b7a", @ANYRES32=0x0, @ANYRES64=r0, @ANYRES32=0x0, @ANYBLOB="1000ef2947ec47f818ef000000000033bc80b4169baa229e4b924f1f2a68b039e9536fa5ad8ac4d9e68a821822d7b7cec64c4a02ede0e57204e805a57362846950a3ac1f19eeda73f1542f5a855fb9c86cf2ded97c56eb29f16a1574d59f437d9aeaf6440e5b7e48d8e1e6d2add6ae1552add41136885e0eadaf7615a12683d266707427eba5c2d961b42dab24d0ddc6b65b5eef62000c1dc317047645bee29e6e8e813a53063498d8bf1a81ddc071a7bbc503dde2c7c57e39d5a83491861dd681517d0d26a350db070fe8e8429259ced9fe657a89d56c5dcc2d0c51b5639dec9440c6061e1474e1d47e7b464517709d56c93a2cc780ec00ef4c0aab748fb2b5bb0ff2e8cf36"], 0x9, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x2}, r0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/btrfs-control\x00', 0x0, 0x0) r4 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r4, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) getsockname$netrom(r5, &(0x7f0000000240)={{0x3, @netrom}, [@bcast, @netrom, @bcast, @remote, @netrom, @remote, @netrom, @netrom]}, &(0x7f0000000400)=0x48) r6 = socket$inet(0xa, 0x801, 0x84) socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="0100d07471e988800100010017621e0000f5aa47abf23c47c6e3dbd1cc0568edf6a99aae50ec8ad4f1f139e3fdf0f94cb4b0b0c80ab90120ec8cfff415e9b7bc1cb9b66dc1ec3ba9cb32d41f8314dbe32a2be71c174170c847f79583cfd32398d9fae674aeed", @ANYRES32=0x0], &(0x7f0000000200)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000000c0)={r7, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000580)={r7, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r7, 0x8, 0x3}, &(0x7f00000001c0)=0xc) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$sock_netdev_private(r8, 0x89f2, &(0x7f0000000300)="ab0d26e778bb5d816d314b42da99f3142110712cb84bbdf88d58ccb95a2f818264fa63a68023537c942312865a97de251cab17f9084bb8f13ea0a0713a7a0ff7af439f9254e0610f5894ae3a24c4") ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) 02:56:47 executing program 3 (fault-call:8 fault-nth:58): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 344.367469] netlink: 13 bytes leftover after parsing attributes in process `syz-executor.2'. 02:56:47 executing program 1: clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x10800, 0x0) sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, 0x0, 0x20, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x10, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0x10, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8}]}, @TIPC_NLA_LINK={0x2c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}]}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20}, 0x880) ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000040)='team0\x00') write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="7f454c46000000000000000000aab40003003e000039a594349c1fd83d000000007994d68a1afc0c2a0000000100000000000000002038000303"], 0x3a) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc058534b, &(0x7f0000000100)={0x7fff, 0x9, 0x4f6, 0x10, 0x0, 0x3}) [ 344.467282] x86/PAT: syz-executor.3:13620 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:47 executing program 2: r0 = creat(0x0, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0) open$dir(0x0, 0x0, 0x0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x40, 0x20) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000200)={0x2, 'ip6gre0\x00', 0x4}, 0x18) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x29}, 0x0, 0xd, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x300000, 0x0) getpeername$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000180)=0x1c) close(r2) r4 = socket$netlink(0x10, 0x3, 0xa) r5 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r5, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="8e1a37e70200000002000040", @ANYRES32=0x0, @ANYBLOB="018000000000000008000000", @ANYRES32=0x0, @ANYBLOB="fdaa5c6478812b03c8aed174a10258cef5bd95a675bc01a3db4fe64fdf11fd0fb1630b8f095afc0f966390ea1641b407b55ec3f7f49c79e1b31afc9c5d0300e61f305d75089dd0fbcf9cf1af5397deccbf64fd97c991d2ead5f02c3c7da55a551395d1f9f13886f2e8d6e9a67ced1e6541aa42d48e2c7692e6d5dfed996ce78b66d6c6e88dd826eb1f3ff139b9042fa3db30fcab941b4d5f7a468a8e598ba403120bd5daec3b", @ANYRESHEX=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000200000000002000000000000000"], 0x9, 0x5) ioctl$KDSKBSENT(r5, 0x4b49, &(0x7f0000000240)="fbcaf6e173f6e544e4e45b4d44aeccb935fc08023ada120babbda56a33e36437939ca23532a7557b329462d3b28e7225a132350e40ab19426ffa90bc597be46856ce06407f4d2a791c1ac0f6e2164fa4564015278c078654ff8bc93f7460c4fd2f4494e9c1c9b76bfaa425fea11e0ed8ffa701a7b40c023205864d") connect$netlink(r4, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x14800008}, 0xc) r6 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0) syz_init_net_socket$rose(0xb, 0x5, 0x0) ftruncate(r6, 0x200006) sendfile(r2, r6, 0x0, 0x8000fffffffe) 02:56:47 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x6) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000c80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80300, 0x0) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x7ff}, &(0x7f00000000c0)=0x8) write$evdev(r0, &(0x7f0000000180)=[{{0x0, 0x7530}}], 0x11e8) [ 344.534485] FAULT_INJECTION: forcing a failure. [ 344.534485] name failslab, interval 1, probability 0, space 0, times 0 [ 344.607441] audit: type=1400 audit(1568429808.003:70): avc: denied { create } for pid=13638 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 [ 344.629718] CPU: 1 PID: 13636 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 344.639526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.648883] Call Trace: [ 344.651481] dump_stack+0x138/0x197 [ 344.655129] should_fail.cold+0x10f/0x159 [ 344.659292] should_failslab+0xdb/0x130 [ 344.663276] kmem_cache_alloc+0x2d7/0x780 [ 344.667436] ? __lock_acquire+0x5f7/0x4620 [ 344.671679] ptlock_alloc+0x20/0x70 [ 344.676443] pte_alloc_one+0x60/0x100 [ 344.680245] copy_huge_pmd+0x7d/0x8c0 [ 344.684140] ? add_mm_counter_fast.part.0+0x30/0x30 [ 344.689163] copy_page_range+0x69a/0x1bd0 [ 344.693318] ? anon_vma_fork+0x358/0x4d0 [ 344.698431] ? find_held_lock+0x35/0x130 [ 344.702507] ? vma_compute_subtree_gap+0x190/0x1f0 [ 344.707451] ? __rb_insert_augmented+0x22f/0xdf0 [ 344.712218] ? __pmd_alloc+0x410/0x410 [ 344.716114] ? __vma_link_rb+0x247/0x340 [ 344.716837] audit: type=1400 audit(1568429808.033:71): avc: denied { connect } for pid=13638 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 [ 344.720211] copy_process.part.0+0x4764/0x6a00 [ 344.720244] ? __cleanup_sighand+0x50/0x50 [ 344.720262] ? lock_downgrade+0x6e0/0x6e0 02:56:48 executing program 4: socket$bt_hidp(0x1f, 0x3, 0x6) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x2000, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) [ 344.720275] _do_fork+0x19e/0xce0 [ 344.720287] ? fork_idle+0x280/0x280 [ 344.720299] ? fput+0xd4/0x150 [ 344.720310] ? SyS_write+0x15e/0x230 [ 344.771555] SyS_clone+0x37/0x50 [ 344.774935] ? sys_vfork+0x30/0x30 [ 344.778490] do_syscall_64+0x1e8/0x640 [ 344.782468] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 344.787327] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 344.792518] RIP: 0033:0x4598e9 [ 344.795710] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:48 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 344.803438] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 344.810717] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 344.817994] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 344.825271] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 344.832545] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 344.893553] audit: type=1804 audit(1568429808.043:72): pid=13642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir492298796/syzkaller.PvBRMb/227/bus" dev="sda1" ino=16547 res=1 02:56:48 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000080)={0x0, {{0x2, 0x4e24, @remote}}}, 0x88) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000140)={0x1, 0x0, @pic={0x6, 0x2, 0x7, 0x3, 0x5, 0xd6d5, 0x1, 0x5, 0x9f, 0x1, 0x5, 0x7f, 0x2, 0x5, 0xffffffffffff0000, 0x47}}) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 344.984391] audit: type=1400 audit(1568429808.043:73): avc: denied { write } for pid=13638 comm="syz-executor.2" path="socket:[50102]" dev="sockfs" ino=50102 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 02:56:48 executing program 2: r0 = socket$inet6(0x10, 0x3, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TIOCGICOUNT(r1, 0x545d, 0x0) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000140)=@req={0x5, 0x7ff, 0x1040000000000, 0x1}, 0x10) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe80390014000800020000dc13382d0000009b7a136ef75afb83de448daa72540d8110d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) 02:56:48 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = socket$kcm(0xa, 0x2, 0x73) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69) syz_open_dev$mice(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4) connect(r0, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev, 0x6}, 0x80) sendmmsg$inet_sctp(r0, &(0x7f00000003c0), 0x3a301e0909ff6cd, 0x80fe) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x100000001, 0x428040) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0) timer_create(0x9, &(0x7f0000000080)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f00000002c0)) timer_settime(0x0, 0x1, &(0x7f0000000000)={{}, {0x0, 0x1c9c380}}, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200)={0xffffffffffffffff}, 0x104, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r2, &(0x7f0000000280)={0x10, 0x30, 0xfa00, {&(0x7f0000000100), 0x1, {0xa, 0x4e22, 0x5, @remote, 0x1}, r3}}, 0x38) [ 345.153304] audit: type=1804 audit(1568429808.363:74): pid=13642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir492298796/syzkaller.PvBRMb/227/bus" dev="sda1" ino=16547 res=1 02:56:48 executing program 5: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x44a300, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) 02:56:48 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) syz_init_net_socket$nfc_llcp(0x27, 0x5, 0x1) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000000), 0x4) 02:56:48 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) [ 345.659895] x86/PAT: syz-executor.3:13636 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 345.685401] x86/PAT: syz-executor.3:13636 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:49 executing program 3 (fault-call:8 fault-nth:59): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:49 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = socket$kcm(0xa, 0x2, 0x73) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69) syz_open_dev$mice(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4) connect(r0, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev, 0x6}, 0x80) sendmmsg$inet_sctp(r0, &(0x7f00000003c0), 0x3a301e0909ff6cd, 0x80fe) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x100000001, 0x428040) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0) timer_create(0x9, &(0x7f0000000080)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f00000002c0)) timer_settime(0x0, 0x1, &(0x7f0000000000)={{}, {0x0, 0x1c9c380}}, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200)={0xffffffffffffffff}, 0x104, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r2, &(0x7f0000000280)={0x10, 0x30, 0xfa00, {&(0x7f0000000100), 0x1, {0xa, 0x4e22, 0x5, @remote, 0x1}, r3}}, 0x38) 02:56:49 executing program 2: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) syz_init_net_socket$nfc_llcp(0x27, 0x5, 0x1) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000000), 0x4) 02:56:49 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 02:56:49 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000080)={0x5, 0x9, 0x7, 0x2}) ioctl$TCXONC(r0, 0x540a, 0x3) r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000040)={0x1000, 0x5, 0x3ff, 0xcd, 0x4, 0x7, 0x7ff, 0x20, 0x4, 0x4, 0x0, 0x3}) 02:56:49 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff024}, {0x80000006}]}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x32, 0x4) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x210000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000100)={{0x0, 0x1}, 'port0\x00', 0x4, 0x141000, 0x6, 0xfffffffffffffffa, 0x20, 0x2920, 0x0, 0x0, 0x2, 0x2}) sendmmsg(r1, &(0x7f0000004e00)=[{{0x0, 0x0, 0x0}}], 0x1c3, 0x0) 02:56:49 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)={0xffffffffffffffff}) r2 = accept(0xffffffffffffffff, 0x0, 0x0) r3 = syz_genetlink_get_family_id$ipvs(0x0) sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c000800a0456b1ae3d95a3df1489211a34b0d60b7d6da070dbfd49ac54c699733b68fec10cbe4965673ac2978441a0d74003aa4ab7589e8c208e9583d495d1aafd74f64ac60765fc4c4df7ded4e60b6cea1ef4ad7875872a96d9e89bdfbda3692a5f00b7bf3a882f8e42ec1cd8c05f04a79367fdeb17b21d7d5c560edcacbf28188bf846dbfbd6974c6fe583d9cc2ff14af16f7189957bed44ee0cf311285a78188bf55914f9dd175e4a92253a67f496c495d143537cfa276384073fe611d0d0d9c37752bb3f5a257", @ANYRES16=r3, @ANYBLOB="000800000000fedbdf25030000000c000300080001001aa2ab1a080004000101000008000500feffffff0c0001000800010002000000"], 0x3}, 0x1, 0x0, 0x0, 0x40001}, 0x4) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x841}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x3c, r4, 0x200, 0x70bd22, 0x2000025dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x3d7, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x0, 0x7, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x0, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_DAEMON={0xffffffffffffff33, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x0, 0x2, 'bond0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x0, 0x4, 0x400}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x0, 0x8, 0x6}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x0, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x0, 0x2, 'veth0_to_bridge\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x0, 0x5, @broadcast}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x0, 0x6, @dev={0xfe, 0x80, [], 0x24}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000040}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x114, r3, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2e62}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x9}]}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x3}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x3f}]}, @IPVS_CMD_ATTR_SERVICE={0x6c, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0xa}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xa, 0x10}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x13, 0x10}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x19}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x62}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}]}, 0x114}, 0x1, 0x0, 0x0, 0x20000000}, 0x80010) [ 345.924018] x86/PAT: syz-executor.3:13695 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:49 executing program 5: set_mempolicy(0x20000004003, &(0x7f0000000000)=0x1, 0x41) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000007600002000000000008000"], 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="02000000000000000b00000020000000"], 0x44, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x8, 0x4, 0x200, 0x80, 0x2000, 0xdbe2, 0x0, 0x80000000, 0x0}, &(0x7f0000000180)=0x20) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e23, 0xffffffffffffff29, @local, 0x6}}, 0x1, 0x4}, &(0x7f0000000280)=0x90) r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) setsockopt$inet6_opts(r3, 0x29, 0x36, &(0x7f0000000040)=@fragment={0x87, 0x0, 0x8, 0x6, 0x0, 0x2, 0x64}, 0x8) r4 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r4, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) r5 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1, 0xbe03c89b215f7d01) ioctl$KVM_IRQ_LINE_STATUS(r5, 0xc008ae67, &(0x7f00000002c0)={0x80, 0x129b80000000000}) r6 = socket$inet(0xa, 0x801, 0x84) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000000c0)={r8, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000580)={r8, 0x2, 0x30, 0x1, 0x9d1}, &(0x7f00000005c0)=0x18) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000300)={r8, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e23, @empty}]}, &(0x7f0000000340)=0x10) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x13) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x3a}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x1) [ 345.990152] protocol 88fb is buggy, dev hsr_slave_0 [ 345.995305] protocol 88fb is buggy, dev hsr_slave_1 [ 346.016073] FAULT_INJECTION: forcing a failure. [ 346.016073] name failslab, interval 1, probability 0, space 0, times 0 [ 346.058239] CPU: 1 PID: 13705 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 346.065301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.074752] Call Trace: [ 346.077358] dump_stack+0x138/0x197 [ 346.081009] should_fail.cold+0x10f/0x159 [ 346.085259] should_failslab+0xdb/0x130 [ 346.089260] kmem_cache_alloc+0x2d7/0x780 [ 346.093417] ? lock_downgrade+0x6e0/0x6e0 [ 346.097796] ptlock_alloc+0x20/0x70 [ 346.101439] pte_alloc_one+0x60/0x100 [ 346.105256] __pte_alloc+0x2a/0x2d0 [ 346.108993] copy_page_range+0x11ba/0x1bd0 [ 346.113236] ? anon_vma_fork+0x358/0x4d0 [ 346.117302] ? vma_compute_subtree_gap+0x190/0x1f0 [ 346.122247] ? __pmd_alloc+0x410/0x410 [ 346.126144] copy_process.part.0+0x4764/0x6a00 [ 346.130753] ? __cleanup_sighand+0x50/0x50 [ 346.135055] ? lock_downgrade+0x6e0/0x6e0 [ 346.139214] _do_fork+0x19e/0xce0 [ 346.142764] ? fork_idle+0x280/0x280 [ 346.146486] ? fput+0xd4/0x150 [ 346.149682] ? SyS_write+0x15e/0x230 [ 346.153402] SyS_clone+0x37/0x50 [ 346.156768] ? sys_vfork+0x30/0x30 [ 346.160433] do_syscall_64+0x1e8/0x640 [ 346.165284] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.170139] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 346.175327] RIP: 0033:0x4598e9 [ 346.178517] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 346.186228] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 346.193512] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 346.201495] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 346.209815] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 346.217093] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:49 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0x0, @ANYBLOB="040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\bB0n', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000"], 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) fcntl$setflags(r0, 0x2, 0x3) r1 = socket$kcm(0xa, 0x5, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, &(0x7f0000000080)={0x6, 0x5, 0x2000000000, 0x0, 0x0, [], [], [], 0x100000001, 0x10001}) syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x0, 0x2) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 346.257125] x86/PAT: syz-executor.3:13705 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 346.293749] x86/PAT: syz-executor.3:13705 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:49 executing program 3 (fault-call:8 fault-nth:60): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:49 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000080)="6a11070f04f9e4693278a0fc7a5921de6d240d0614df61dcf713e26f61b5782c9fdeff8588ac82c07683b6ac912b75c5a7ce699b76b3cd6759cb3812bffbd9cf4a80285bf95a2a7ecac9683b24852dd27eade07b059f84e0d16404da9895fb66528913418208e41c74f891f8c1735e90") 02:56:49 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000580)={0x53, 0x0, 0xa3, 0x3f, @buffer={0x0, 0x65, &(0x7f00000002c0)=""/101}, &(0x7f0000000340)="5a9a4fcae6aa143b60aaacd53858f16f7e68a92927633beaa129a6b61fb40719c206252df0ab6d0939e25ce83555efbf2c2c62eab1b5c8d50b4ac986d475a6204a52273332815e8f57365baa77bbca76500ff804c614d9ed444979a2b2586379b2098b2edf9e2e04e4cc9f8eb13c12204699571740ec10b40e73a299ed467e2ccd51c37b6b46c1ec675c008520de9c1ece74a7f5ab87a17b29b7bf6529f493e628cdc6", &(0x7f0000000400)=""/120, 0xf6, 0x21, 0x3, &(0x7f0000000540)}) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [], {0x10, 0x2}}, 0x2c, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000280)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x2}) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x7f, 0x200000) ioctl$KVM_GET_FPU(r3, 0x81a0ae8c, &(0x7f00000000c0)) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x65) [ 346.486837] x86/PAT: syz-executor.3:13726 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 346.519711] FAULT_INJECTION: forcing a failure. [ 346.519711] name failslab, interval 1, probability 0, space 0, times 0 [ 346.600408] CPU: 1 PID: 13726 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 346.607465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.616946] Call Trace: [ 346.619549] dump_stack+0x138/0x197 [ 346.623188] should_fail.cold+0x10f/0x159 [ 346.627345] should_failslab+0xdb/0x130 [ 346.631415] kmem_cache_alloc+0x2d7/0x780 [ 346.635565] ? __pmd_alloc+0x410/0x410 [ 346.639461] copy_process.part.0+0x444f/0x6a00 [ 346.644069] ? __cleanup_sighand+0x50/0x50 [ 346.648313] ? lock_downgrade+0x6e0/0x6e0 [ 346.652476] _do_fork+0x19e/0xce0 [ 346.655946] ? fork_idle+0x280/0x280 [ 346.659666] ? fput+0xd4/0x150 [ 346.662864] ? SyS_write+0x15e/0x230 [ 346.666583] SyS_clone+0x37/0x50 [ 346.669955] ? sys_vfork+0x30/0x30 [ 346.673501] do_syscall_64+0x1e8/0x640 [ 346.677391] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.682240] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 346.687430] RIP: 0033:0x4598e9 [ 346.690616] RSP: 002b:00007fb1aafc7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:50 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r0 = socket$kcm(0xa, 0x2, 0x73) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x69) syz_open_dev$mice(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000140)=0x1, 0x4) connect(r0, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @dev, 0x6}, 0x80) sendmmsg$inet_sctp(r0, &(0x7f00000003c0), 0x3a301e0909ff6cd, 0x80fe) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x100000001, 0x428040) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0) timer_create(0x9, &(0x7f0000000080)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, &(0x7f00000002c0)) timer_settime(0x0, 0x1, &(0x7f0000000000)={{}, {0x0, 0x1c9c380}}, 0x0) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200)={0xffffffffffffffff}, 0x104, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r2, &(0x7f0000000280)={0x10, 0x30, 0xfa00, {&(0x7f0000000100), 0x1, {0xa, 0x4e22, 0x5, @remote, 0x1}, r3}}, 0x38) [ 346.698416] RAX: ffffffffffffffda RBX: 00007fb1aafc7c90 RCX: 00000000004598e9 [ 346.705682] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 346.713044] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 346.720322] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafc86d4 [ 346.728381] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 02:56:50 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/validatetrans\x00', 0x1, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x400, 0x0) getsockopt$inet6_dccp_int(r1, 0x21, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4) 02:56:50 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff024}, {0x80000006}]}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x32, 0x4) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x210000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000100)={{0x0, 0x1}, 'port0\x00', 0x4, 0x141000, 0x6, 0xfffffffffffffffa, 0x20, 0x2920, 0x0, 0x0, 0x2, 0x2}) sendmmsg(r1, &(0x7f0000004e00)=[{{0x0, 0x0, 0x0}}], 0x1c3, 0x0) [ 346.864183] x86/PAT: syz-executor.3:13726 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 346.897927] x86/PAT: syz-executor.3:13726 freeing invalid memtype [mem 0x00002000-0x00002fff] 02:56:50 executing program 3 (fault-call:8 fault-nth:61): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4000001000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 02:56:50 executing program 4: r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0x2d, 0x1, 0x9, 0x10000, 0xea7d, 0x2, 0x3e, 0xa1c8, 0x104, 0x40, 0x306, 0xbed, 0x8000, 0x38, 0x2, 0xe5e, 0x40, 0x3540}, [{0x1, 0x3f, 0x3, 0x5, 0x3, 0x7fff, 0x1, 0xa67c}, {0x3, 0x9ae2, 0x3f, 0x6, 0x7ff, 0x31, 0x6, 0x1f}], "32784ad71503ecff75c758271c0757fe0c0dd5b2d8b077d013af76e33d54588a3c668fc447f551ca20632c4a8d5f14c6e3d3bae93857885fea434f644a7903bbfe1a481f195036560049fb22222827dc8e345d41951665631c3c628479132b2c32081baf888639943bef7433037406780e54ea92e37fa689ca6e0772625bf728bd3aa0f19de9e7a631997a348a41d444f1566a84c613730695848e53f1af260b6a675f1fa23c04faf0eae6607cc54f70a5c32291619785ae66e78fcd345d968b874f5db1c346ed14e1e7b1baf2c0bedba85c2fa399850e445ca8618c07b83c"}, 0x18f) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) r2 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x70, 0x8, 0x6, 0x7, 0x1ff, 0x0, 0x3, 0x20000, 0x3, 0x0, 0x1000, 0x9, 0x0, 0xc991, 0x40, 0x10a, 0xc6, 0x8, 0x1, 0x9, 0x2d4c, 0xf800000000000000, 0x9, 0x3f, 0x2, 0x40, 0xffffffffffff0001, 0x1, 0x80000000000, 0x2, 0x9, 0x4, 0x545, 0x8, 0x0, 0x1, 0x3, 0x0, 0x5634, 0x79a5c579b0502c69, @perf_bp={&(0x7f0000000240), 0x2}, 0x19122df9c662c930, 0x39, 0x9, 0x0, 0x8, 0x3, 0x1}, 0x0, 0xd, r2, 0x8f2f20d1288836a5) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x890b, &(0x7f0000000000)) [ 347.093492] x86/PAT: syz-executor.3:13753 freeing invalid memtype [mem 0x00001000-0x00001fff] 02:56:50 executing program 4: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x69f73b7ea81c65d, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@gettfilter={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, r5, {}, {}, {0x0, 0xfff6}}}, 0x24}}, 0x0) sendmsg$can_raw(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1d, r5}, 0x10, &(0x7f0000000140)={&(0x7f0000000100)=@can={{0x0, 0x41, 0x1ff, 0x653}, 0x8, 0x7, 0x0, 0x0, "ecc3c2ff9c5b0741"}, 0x10}, 0x1, 0x0, 0x0, 0x4}, 0x40) perf_event_open$cgroup(&(0x7f0000000000)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40043, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x890b, &(0x7f0000000000)) [ 347.166493] FAULT_INJECTION: forcing a failure. [ 347.166493] name failslab, interval 1, probability 0, space 0, times 0 [ 347.219925] CPU: 1 PID: 13756 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 347.226986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.236433] Call Trace: [ 347.239046] dump_stack+0x138/0x197 [ 347.242682] should_fail.cold+0x10f/0x159 [ 347.242699] should_failslab+0xdb/0x130 [ 347.242714] kmem_cache_alloc_trace+0x2e9/0x790 [ 347.255497] ? pat_pagerange_is_ram+0x90/0xf0 [ 347.260005] ? __init_cache_modes+0x240/0x240 [ 347.264605] reserve_memtype+0x164/0x640 [ 347.268681] ? lock_downgrade+0x6e0/0x6e0 [ 347.272842] ? pat_init+0x420/0x420 [ 347.276479] ? __init_cache_modes+0x240/0x240 [ 347.280978] reserve_pfn_range+0x11c/0x390 [ 347.280993] ? arch_io_reserve_memtype_wc+0x80/0x80 [ 347.281004] ? copy_process.part.0+0x444f/0x6a00 [ 347.281013] ? SyS_clone+0x37/0x50 [ 347.281021] ? do_syscall_64+0x1e8/0x640 [ 347.281030] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 347.281039] track_pfn_copy+0x14a/0x190 [ 347.281048] ? reserve_pfn_range+0x390/0x390 [ 347.281058] ? trace_hardirqs_on+0x10/0x10 [ 347.281073] copy_page_range+0x1255/0x1bd0 [ 347.281084] ? save_trace+0x290/0x290 [ 347.302660] ? copy_process.part.0+0x41de/0x6a00 [ 347.302673] ? vma_compute_subtree_gap+0x190/0x1f0 [ 347.302683] ? vma_gap_callbacks_rotate+0x62/0x80 [ 347.302697] ? __rb_insert_augmented+0x22f/0xdf0 [ 347.302710] ? __pmd_alloc+0x410/0x410 [ 347.302718] ? __vma_link_rb+0x247/0x340 [ 347.302732] copy_process.part.0+0x4764/0x6a00 [ 347.302759] ? __cleanup_sighand+0x50/0x50 [ 347.338985] ? lock_downgrade+0x6e0/0x6e0 [ 347.339005] _do_fork+0x19e/0xce0 [ 347.339019] ? fork_idle+0x280/0x280 [ 347.339034] ? fput+0xd4/0x150 [ 347.361135] ? SyS_write+0x15e/0x230 [ 347.361153] SyS_clone+0x37/0x50 [ 347.361162] ? sys_vfork+0x30/0x30 [ 347.361172] do_syscall_64+0x1e8/0x640 [ 347.361180] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.361195] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 347.361204] RIP: 0033:0x4598e9 [ 347.361208] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 02:56:50 executing program 2: socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}]}, 0x44, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000500)='system.posix_acl_default\x00', &(0x7f0000000480)={{}, {}, [{}], {}, [{}, {}, {}], {0x10, 0x2}}, 0x44, 0x0) sendmsg$TIPC_NL_LINK_RESET_STATS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x0, r0, 0x1, 0x3}, 0x14}}, 0x0) [ 347.361219] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 347.361224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 347.361229] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 347.361235] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 347.361239] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 347.490982] selinux_nlmsg_perm: 22 callbacks suppressed [ 347.490992] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=13759 comm=syz-executor.4 [ 347.560653] ------------[ cut here ]------------ [ 347.565457] WARNING: CPU: 1 PID: 13756 at arch/x86/mm/pat.c:1020 untrack_pfn+0x1dc/0x220 [ 347.573696] Kernel panic - not syncing: panic_on_warn set ... [ 347.573696] [ 347.585977] CPU: 1 PID: 13756 Comm: syz-executor.3 Not tainted 4.14.143 #0 [ 347.593018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.602376] Call Trace: [ 347.604985] dump_stack+0x138/0x197 [ 347.608623] panic+0x1f2/0x426 [ 347.611828] ? add_taint.cold+0x16/0x16 [ 347.615821] ? untrack_pfn+0x1dc/0x220 [ 347.619720] ? __warn.cold+0x14/0x36 [ 347.623442] ? untrack_pfn+0x1dc/0x220 [ 347.627332] __warn.cold+0x2f/0x36 [ 347.630887] ? ist_end_non_atomic+0x10/0x10 [ 347.635217] ? untrack_pfn+0x1dc/0x220 [ 347.639115] report_bug+0x216/0x254 [ 347.642755] do_error_trap+0x1bb/0x310 [ 347.649175] ? math_error+0x360/0x360 [ 347.652986] ? lock_downgrade+0x6e0/0x6e0 [ 347.657150] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.662023] do_invalid_op+0x1b/0x20 [ 347.665840] invalid_op+0x1b/0x40 [ 347.669304] RIP: 0010:untrack_pfn+0x1dc/0x220 [ 347.673802] RSP: 0018:ffff8880a95ef948 EFLAGS: 00010246 [ 347.679169] RAX: 0000000000040000 RBX: ffff888080a89420 RCX: ffffc9000b85a000 [ 347.686463] RDX: 0000000000040000 RSI: ffffffff812a668c RDI: 0000000000000001 [ 347.693822] RBP: ffff8880a95ef9d8 R08: ffff888054386300 R09: 0000000000000000 [ 347.701104] R10: 0000000000000000 R11: ffff888054386300 R12: 1ffff110152bdf2a [ 347.708382] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880a95ef9b0 [ 347.715796] ? untrack_pfn+0x1dc/0x220 [ 347.719703] ? untrack_pfn+0x1dc/0x220 [ 347.723606] ? track_pfn_insert+0x150/0x150 [ 347.727938] ? vm_normal_page_pmd+0x360/0x360 [ 347.732446] ? uprobe_munmap+0x94/0x210 [ 347.736433] unmap_single_vma+0x182/0x2c0 [ 347.740599] unmap_vmas+0xac/0x170 [ 347.744154] exit_mmap+0x285/0x4e0 [ 347.747701] ? SyS_munmap+0x30/0x30 [ 347.751353] ? kmem_cache_free+0x244/0x2b0 [ 347.755603] ? __khugepaged_exit+0xcf/0x3d0 [ 347.759959] ? lock_downgrade+0x6e0/0x6e0 [ 347.764124] mmput+0x114/0x440 [ 347.767331] copy_process.part.0+0x4743/0x6a00 [ 347.771941] ? __cleanup_sighand+0x50/0x50 [ 347.776182] ? lock_downgrade+0x6e0/0x6e0 [ 347.780341] _do_fork+0x19e/0xce0 [ 347.783807] ? fork_idle+0x280/0x280 [ 347.787532] ? fput+0xd4/0x150 [ 347.790735] ? SyS_write+0x15e/0x230 [ 347.794457] SyS_clone+0x37/0x50 [ 347.797829] ? sys_vfork+0x30/0x30 [ 347.801386] do_syscall_64+0x1e8/0x640 [ 347.805279] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.810134] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 347.815330] RIP: 0033:0x4598e9 [ 347.818548] RSP: 002b:00007fb1aafa6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 347.826351] RAX: ffffffffffffffda RBX: 00007fb1aafa6c90 RCX: 00000000004598e9 [ 347.833630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 347.840909] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 347.848192] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1aafa76d4 [ 347.855468] R13: 00000000004bfd7f R14: 00000000004d1b78 R15: 0000000000000005 [ 347.865836] Kernel Offset: disabled [ 347.869467] Rebooting in 86400 seconds..