[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 82.433680] audit: type=1800 audit(1556736048.487:25): pid=10170 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 82.471753] audit: type=1800 audit(1556736048.507:26): pid=10170 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 82.491323] audit: type=1800 audit(1556736048.517:27): pid=10170 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. 2019/05/01 18:41:05 fuzzer started 2019/05/01 18:41:11 dialing manager at 10.128.0.26:45681 2019/05/01 18:41:11 syscalls: 2284 2019/05/01 18:41:11 code coverage: enabled 2019/05/01 18:41:11 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/05/01 18:41:11 extra coverage: enabled 2019/05/01 18:41:11 setuid sandbox: enabled 2019/05/01 18:41:11 namespace sandbox: enabled 2019/05/01 18:41:11 Android sandbox: /sys/fs/selinux/policy does not exist 2019/05/01 18:41:11 fault injection: enabled 2019/05/01 18:41:11 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/05/01 18:41:11 net packet injection: enabled 2019/05/01 18:41:11 net device setup: enabled 18:41:59 executing program 0: r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) write(r0, &(0x7f0000000540)="a6", 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0xfffffffffffffffd}}, 0x20) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) sendfile(r0, r0, &(0x7f0000317000), 0xff8) rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000040)) syzkaller login: [ 153.982952] IPVS: ftp: loaded support on port[0] = 21 [ 154.127336] chnl_net:caif_netlink_parms(): no params data found [ 154.198836] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.205564] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.213941] device bridge_slave_0 entered promiscuous mode [ 154.223630] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.230213] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.238777] device bridge_slave_1 entered promiscuous mode [ 154.272603] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 154.283982] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 154.318598] team0: Port device team_slave_0 added [ 154.327927] team0: Port device team_slave_1 added [ 154.506892] device hsr_slave_0 entered promiscuous mode [ 154.672681] device hsr_slave_1 entered promiscuous mode [ 154.901982] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.908629] bridge0: port 2(bridge_slave_1) entered forwarding state [ 154.915698] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.922345] bridge0: port 1(bridge_slave_0) entered forwarding state [ 155.000171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 155.020032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 155.030499] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.041142] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.052073] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 155.072377] 8021q: adding VLAN 0 to HW filter on device team0 [ 155.088093] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 155.096791] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.103399] bridge0: port 1(bridge_slave_0) entered forwarding state [ 155.155946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 155.164314] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.170849] bridge0: port 2(bridge_slave_1) entered forwarding state [ 155.180538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 155.189729] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 155.198413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 155.206543] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 155.221405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 155.252509] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 155.274071] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 18:42:01 executing program 0: r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) write(r0, &(0x7f0000000540)="a6", 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0xfffffffffffffffd}}, 0x20) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) sendfile(r0, r0, &(0x7f0000317000), 0xff8) rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000040)) 18:42:01 executing program 0: r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) write(r0, &(0x7f0000000540)="a6", 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0xfffffffffffffffd}}, 0x20) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) sendfile(r0, r0, &(0x7f0000317000), 0xff8) rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000040)) 18:42:01 executing program 0: r0 = memfd_create(&(0x7f0000000140)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) write(r0, &(0x7f0000000540)="a6", 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0xfffffffffffffffd}}, 0x20) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) sendfile(r0, r0, &(0x7f0000317000), 0xff8) rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000040)) 18:42:01 executing program 0: r0 = syz_open_dev$vivid(&(0x7f0000000040)='/dev/video#\x00', 0x2, 0x2) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, 0x0) 18:42:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") syz_execute_func(&(0x7f0000000480)="b1b591cd8066410f3a20dc00660f70839001000000fefec463417e9d0800000032dee71c1dd5c7c6e8e8fb0f01e18b8bf4a95ff98f4808eebce00000802000c421fc51c1c4e13de1eb660f383fd10f38cb4d7166454518674664660fe23be47c073a073a4aaf0000400f0d18c4c1fb2db706000000f3410f0fd596362451d347b4364483c2060f383cc42b54111d00") 18:42:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") syz_execute_func(&(0x7f0000000480)="b1b591cd8066410f3a20dc00660f70839001000000fefec463417e9d0800000032dee71c1dd5c7c6e8e8fb0f01e18b8bf4a95ff98f4808eebce00000802000c421fc51c1c4e13de1eb660f383fd10f38cb4d7166454518674664660fe23be47c073a073a4aaf0000400f0d18c4c1fb2db706000000f3410f0fd596362451d347b4364483c2060f383cc42b54111d00") 18:42:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") syz_execute_func(&(0x7f0000000480)="b1b591cd8066410f3a20dc00660f70839001000000fefec463417e9d0800000032dee71c1dd5c7c6e8e8fb0f01e18b8bf4a95ff98f4808eebce00000802000c421fc51c1c4e13de1eb660f383fd10f38cb4d7166454518674664660fe23be47c073a073a4aaf0000400f0d18c4c1fb2db706000000f3410f0fd596362451d347b4364483c2060f383cc42b54111d00") 18:42:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") syz_execute_func(&(0x7f0000000480)="b1b591cd8066410f3a20dc00660f70839001000000fefec463417e9d0800000032dee71c1dd5c7c6e8e8fb0f01e18b8bf4a95ff98f4808eebce00000802000c421fc51c1c4e13de1eb660f383fd10f38cb4d7166454518674664660fe23be47c073a073a4aaf0000400f0d18c4c1fb2db706000000f3410f0fd596362451d347b4364483c2060f383cc42b54111d00") 18:42:02 executing program 0: socket$kcm(0x29, 0x5, 0x0) 18:42:02 executing program 0: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0x7, @pix={0x1}}) 18:42:02 executing program 0: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0x7, @pix={0x1}}) 18:42:02 executing program 0: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0x7, @pix={0x1}}) 18:42:02 executing program 0: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0x7, @pix={0x1}}) 18:42:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x7, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x75, 0x0, &(0x7f0000000100)) close(r2) close(r1) 18:42:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x7, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x75, 0x0, &(0x7f0000000100)) close(r2) close(r1) 18:42:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x7, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x75, 0x0, &(0x7f0000000100)) close(r2) close(r1) 18:42:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x7, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x75, 0x0, &(0x7f0000000100)) close(r2) close(r1) 18:42:03 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x21) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = memfd_create(&(0x7f0000000100)='\x88])+\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) getsockopt(r1, 0x480000000000003a, 0x1, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000020ad0b98b9ff9e9b6b0000000b00140000000000000000001500010014000100ff0100000000000000218411f7ffffffffffffff14800200fe800000000000000000000023e004e59293c4fe275633058bd5d96c4f7032dd040fdabad872f7b00ac5e1948807b762757396e7548ba8d81e7d823d0ab27f6e67deaef23e168b761705421f6910e163af9ef215d46d1a85ffb312a63a364f665dbea12fe058cd5721ab3b4d5561e00cb8baf8c0c59c6854f512cff25f99479913f237f23e52ecfdc188402e96972e592f6134463e077c30827a097e9d17d8bf9e08b074070e3183e8945bff583b7ccc61c53332558d2fa5"], 0x48}}, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) 18:42:03 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000840)=""/28, 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd, @time={0x77359400}}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x1, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)) r2 = gettid() r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) tkill(r2, 0x1000000000013) 18:42:03 executing program 1: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x100, 0x0) write$P9_RCREATE(r0, &(0x7f0000000040)={0x18, 0x73, 0x2, {{0x10, 0x2, 0x8}, 0x8}}, 0x18) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x100000001, 0x3, 0x1, "67e93505cf59f19cd94afb4a96afab97d2c0351fbb240864d156e993e527a0aa", 0x7c7f505e}) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) write$FUSE_OPEN(r0, &(0x7f00000000c0)={0x20, 0x0, 0x3, {0x0, 0x5}}, 0x20) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) iopl(0x3) ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f0000000100)={0xb95, 0x3, 0x100000001}) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000140)=0x834) r1 = perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x4, 0x9, 0x6, 0xc8, 0x0, 0x8, 0x40000, 0x2, 0x1f, 0x2, 0x1, 0x3, 0x1aa, 0x7, 0x80000001, 0x6, 0x101, 0x35, 0x80000001, 0x8, 0x0, 0x7, 0xcb36, 0x1ff, 0x20, 0x1, 0x400, 0x579, 0x5e64, 0x3, 0xfffffffffffff474, 0x8, 0x9, 0x100000001, 0x1, 0x6, 0x0, 0x6, 0x7, @perf_config_ext={0x3, 0x4}, 0x14800, 0x3, 0x6, 0x9, 0x81, 0x3, 0x7ff}, r0, 0x6, r0, 0x4) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000200)=""/19, &(0x7f0000000240)=0x13) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000280)={{0xcc, 0x6}, 0x48}, 0x10) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f00000002c0)=""/189) getdents64(r0, &(0x7f0000000380)=""/79, 0x4f) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000400)={0x42a, 0x3, 0x7fffffff, 0xfffffffffffffffd, 0x5, 0x4}) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000005c0)={r0, &(0x7f0000000440)="0cb15210295fd483fa7636398071c6160a50bb3bada50ad91ac92809f0fefd6c951a3a2545ce752258c8ac05caa783475479c643c09193d9d2d2d312a512cdca4c627d6918d7c896b9391762cf519862d3c805f9008d4ac9819f0b8d6337f46f69f05d7e4608681ea9602588ac63971265e05759c98f7a75607c5193df6e25bae64f699251adeecdffd8c99f39bd6bed6b98e32db264bd7e870ed00ab32f78b36997f3f046ee35b9a69e47c84d79ae2ad0e9afa01f0db1c6f733ece32ae45665cb950a357b3b07f8110c6f206ede5ec1f290b57031542e", &(0x7f0000000540)=""/102}, 0x18) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000640)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f00000007c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xc8, r2, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x5}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}]}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x100}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x8000}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x40}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'caif0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x10, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000000}]}, 0xc8}, 0x1, 0x0, 0x0, 0x800}, 0x800) syz_genetlink_get_family_id$tipc(&(0x7f0000000800)='TIPC\x00') r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000880)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000a00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x24000000}, 0xc, &(0x7f00000009c0)={&(0x7f00000008c0)={0xe4, r3, 0x809, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0xc4, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x178}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8000}]}]}, @TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}]}]}, 0xe4}}, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000a40)='TIPC\x00') r4 = socket$packet(0x11, 0x3, 0x300) r5 = socket(0x5, 0x4, 0x81) prctl$PR_SET_TSC(0x1a, 0x1) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r4) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000a80)={0x67, @local, 0x4e22, 0x0, 'fo\x00', 0x11, 0x1, 0x3b}, 0x2c) socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_NAME(0xf, &(0x7f0000000ac0)='ib\x00') getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r5, 0x84, 0x70, &(0x7f0000000b00)={0x0, @in6={{0xa, 0x4e23, 0x495, @remote, 0x1000}}, [0x5, 0x1, 0x4, 0x0, 0x0, 0x9, 0x19, 0x1ff, 0x2429, 0x9, 0x0, 0x101, 0x1ff, 0x6, 0x7]}, &(0x7f0000000c00)=0x100) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000c40)={r6, 0x80000000}, 0x8) [ 158.142019] IPVS: ftp: loaded support on port[0] = 21 [ 158.290996] chnl_net:caif_netlink_parms(): no params data found [ 158.362835] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.369419] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.377584] device bridge_slave_0 entered promiscuous mode [ 158.387625] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.394259] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.402458] device bridge_slave_1 entered promiscuous mode [ 158.436938] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 158.448384] bond0: Enslaving bond_slave_1 as an active interface with an up link 18:42:04 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000840)=""/28, 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd, @time={0x77359400}}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x1, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)) r2 = gettid() r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) tkill(r2, 0x1000000000013) [ 158.499467] team0: Port device team_slave_0 added [ 158.536205] team0: Port device team_slave_1 added [ 158.607059] device hsr_slave_0 entered promiscuous mode [ 158.752535] device hsr_slave_1 entered promiscuous mode [ 158.897792] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.904518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 158.911641] bridge0: port 1(bridge_slave_0) entered blocking state [ 158.918262] bridge0: port 1(bridge_slave_0) entered forwarding state [ 159.000684] 8021q: adding VLAN 0 to HW filter on device bond0 [ 159.020747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 159.032938] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.043059] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.056984] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 159.076003] 8021q: adding VLAN 0 to HW filter on device team0 [ 159.094546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 159.102911] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.109459] bridge0: port 1(bridge_slave_0) entered forwarding state [ 159.133187] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 159.141402] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.148059] bridge0: port 2(bridge_slave_1) entered forwarding state [ 159.185195] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 159.194540] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 159.203307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 159.217815] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 159.225980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 159.245769] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 159.286831] 8021q: adding VLAN 0 to HW filter on device batadv0 18:42:05 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000840)=""/28, 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd, @time={0x77359400}}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x1, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)) r2 = gettid() r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) tkill(r2, 0x1000000000013) 18:42:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4001000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = socket$inet6(0xa, 0x80803, 0x100000000000001) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000200)=ANY=[@ANYBLOB="6d617d676c6500000000000000020000000000000000000000080000000800001e059158b7530c5411508fcf65611302000000000000000000000000000000000000000000000000f3f40359bbfcdbed9990e278aad518fc027e7db3479f7f0abec40b9d71197ebf0c8f0bd9accf73492f19cea163d909781b0b3ddc6824375683de405e9fab4989a3be377b58e25ff08a505721c889d19a164bfb0000020060798be6b87ad9e6abb2f5a297a0c67cc000d076660cb05c19714b07c86d1f3f6ed7d8c34d60f7053def1fa3fb82983a21856e1485e0b1aae5dd2b34232ca076d069bf2a1c6be4"], 0x1) [ 159.472640] protocol 88fb is buggy, dev hsr_slave_0 [ 159.478432] protocol 88fb is buggy, dev hsr_slave_1 18:42:05 executing program 1: r0 = socket(0x1, 0x4, 0x6) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x4, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(r1, 0x5381) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x5, &(0x7f0000000080)=[{0x5, 0x6000000000000000, 0x1, 0x1000}, {0x8001, 0x1ff, 0x4, 0x80}, {0x100000000, 0x3ff, 0x0, 0x10001}, {0xe1bc, 0x3, 0x0, 0x2}, {0xfffffffffffffffb, 0xff, 0xc02, 0x7}]}, 0x10) 18:42:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in={{0x2, 0x0, @dev}}, 0x0, 0x8, 0x0, "b6f73b6e690dfa12c023fe736a343f8b70bbfadd0b2b7917794acb5f197a68d966aa0b5a5f41ca2b6204d8bac209c26d4b213ba809a1c6e983a2b18c3657b1710a93895ee1e98fb8566092d73d71d352"}, 0xd8) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000002c0)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x9, 0x0, "e581f5dec76183b5cbfeb544269c28eef89b4a97ab5ac306d221adbc4563d12830351b4dd74d100fd0dc820dc67e566dc3b316ba183f644e46f728a16bebfab83714b8cff0d6d40c46a5ed8b04be28da"}, 0xd8) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000015c0)={@in={{0x2, 0x0, @dev}}, 0x0, 0x0, 0x0, "4ae9645a4bdbefd0187f1e35cba955127c7ca8b982f7408054208a36ee7b341bc01b6d8d52e8ee57c61ec7f041e965466b7a2d4cec6a03dd5feb2a33b78491e3bef5d31b03d40e4f5f68137e44379c3b"}, 0xd8) 18:42:05 executing program 1: mlock(&(0x7f0000b19000/0x4000)=nil, 0x4000) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x7, 0x4000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000b25000/0x1000)=nil, 0x1000}, &(0x7f0000000080)=0x10) mlock2(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1) mremap(&(0x7f0000a94000/0x1000)=nil, 0x1000, 0xe000, 0x3, &(0x7f0000b18000/0xe000)=nil) 18:42:05 executing program 1: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) r2 = syz_open_procfs(0x0, &(0x7f0000000100)='mounts\x00') epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000)) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x1}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000180)={r3, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84) utime(&(0x7f00000000c0)='./file0\x00', 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000a40)='ramfs\x00', 0x0, 0x0) mount(&(0x7f00000000c0), &(0x7f0000000140)='.\x00', 0x0, 0x2002, 0x0) 18:42:06 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'yedh\x00\"\x99\xb3\xabx\x00id\xb4e\x00', 0x43732e5398416f19}) ioctl$TUNSETFILTEREBPF(r0, 0x400454e2, &(0x7f0000000180)) 18:42:06 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x800, 0x0) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000300)={0x1, [0x9]}, 0x6) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="eff8970eb6a3", @dev, [{[], {0x8100, 0x7, 0x9}}], {@generic={0x0, "0ee739034677dfc2aabd100eadabb18af2e4ad30f5c835e6"}}}, 0x0) 18:42:06 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @loopback, @remote}, 0xc) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @remote, @dev}, 0xc) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0xfffffffffffffdf4) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000000200)=0x90) 18:42:06 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000140)={0x6, 0x0, 0x8000}) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) get_mempolicy(&(0x7f00000001c0), &(0x7f0000000200), 0x3, &(0x7f0000fff000/0x1000)=nil, 0x0) connect$l2tp(0xffffffffffffffff, 0x0, 0x0) 18:42:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000240)='/proc/capi/capi20ncci\x00', 0x404040, 0x0) ioctl$VIDIOC_S_SELECTION(r3, 0xc040565f, &(0x7f0000000280)={0xf, 0x0, 0x5, {0x80, 0x7, 0x2, 0x4}}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$FICLONE(r2, 0x40049409, r1) setsockopt$CAIFSO_REQ_PARAM(r1, 0x116, 0x80, &(0x7f0000000080)="18aebf2a9d006a75026fd1a7e1fea3ae7b05d7a57e291849772984f5aa33e202d9f1ef6eabe8a887f879199266782f3e1844", 0x32) fdatasync(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x5000, 0x2000, &(0x7f0000014000/0x2000)=nil}) r5 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xa81, 0x40000) bind(r1, &(0x7f00000001c0)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x14}}, 0x0, 0x3, 0x3f, 0x4}}, 0x80) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)) ioctl$sock_SIOCGPGRP(r5, 0x8904, &(0x7f0000000140)) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x0, 0x0) 18:42:06 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000140)={0x6, 0x0, 0x8000}) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) get_mempolicy(&(0x7f00000001c0), &(0x7f0000000200), 0x3, &(0x7f0000fff000/0x1000)=nil, 0x0) connect$l2tp(0xffffffffffffffff, 0x0, 0x0) 18:42:06 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f319bd070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000012000/0x3000)=nil, 0x3000}, 0x3}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x7, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x77, &(0x7f00000000c0)=[@in={0x2, 0x0, @remote}], 0x10) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000000)=0x4) ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000140)=0xb) close(r2) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x280, 0x0) ioctl$TIOCSPTLCK(r4, 0x40045431, &(0x7f0000000040)=0x1) close(r1) 18:42:06 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000140)={0x6, 0x0, 0x8000}) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) get_mempolicy(&(0x7f00000001c0), &(0x7f0000000200), 0x3, &(0x7f0000fff000/0x1000)=nil, 0x0) connect$l2tp(0xffffffffffffffff, 0x0, 0x0) 18:42:06 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) sendmsg$inet_sctp(r0, &(0x7f00000007c0)={&(0x7f0000000180)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000640), 0x1d0, &(0x7f0000000240)=[@init={0x18, 0x84, 0x0, {0x0, 0x0, 0x0, 0xe}}], 0x18}, 0x0) 18:42:07 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) sendmsg$inet_sctp(r0, &(0x7f00000007c0)={&(0x7f0000000180)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000640), 0x1d0, &(0x7f0000000240)=[@init={0x18, 0x84, 0x0, {0x0, 0x0, 0x0, 0xe}}], 0x18}, 0x0) 18:42:07 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000140)={0x6, 0x0, 0x8000}) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) get_mempolicy(&(0x7f00000001c0), &(0x7f0000000200), 0x3, &(0x7f0000fff000/0x1000)=nil, 0x0) connect$l2tp(0xffffffffffffffff, 0x0, 0x0) 18:42:07 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000140)={0x6, 0x0, 0x8000}) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) get_mempolicy(&(0x7f00000001c0), &(0x7f0000000200), 0x3, &(0x7f0000fff000/0x1000)=nil, 0x0) 18:42:07 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) sendmsg$inet_sctp(r0, &(0x7f00000007c0)={&(0x7f0000000180)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000640), 0x1d0, &(0x7f0000000240)=[@init={0x18, 0x84, 0x0, {0x0, 0x0, 0x0, 0xe}}], 0x18}, 0x0) 18:42:07 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) sendmsg$inet_sctp(r0, &(0x7f00000007c0)={&(0x7f0000000180)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000640), 0x1d0, &(0x7f0000000240)=[@init={0x18, 0x84, 0x0, {0x0, 0x0, 0x0, 0xe}}], 0x18}, 0x0) 18:42:07 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000140)={0x6, 0x0, 0x8000}) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) 18:42:07 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000140)={0x6, 0x0, 0x8000}) 18:42:07 executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:07 executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:07 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000180)=0x6) 18:42:07 executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:07 executing program 1: socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:07 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x8) 18:42:07 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:07 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:07 executing program 1: r0 = syz_open_dev$vivid(0x0, 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:08 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 1: r0 = syz_open_dev$vivid(0x0, 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:08 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 1: r0 = syz_open_dev$vivid(0x0, 0x3, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:08 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:08 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 1: syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:08 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 1: syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:08 executing program 1: syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:08 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, 0x0) 18:42:08 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:08 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, 0x0) 18:42:09 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, 0x0) 18:42:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x0, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x0, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x0, @vbi={0x5, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x0, 0x84, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x0, 0x0, 0x6, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x0, 0x0, 0x0, 0x30314742, [0x3], [0x1f], 0x10b}}) 18:42:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x0, 0x0, 0x0, 0x0, [0x3], [0x1f], 0x10b}}) 18:42:09 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x0, 0x0, 0x0, 0x0, [], [0x1f], 0x10b}}) 18:42:09 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi={0x0, 0x0, 0x0, 0x0, [], [], 0x10b}}) 18:42:10 executing program 1: r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0xffffffffffffffff, 0x2) ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x5, @vbi}) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:10 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, 0x0, 0x0, 0x0) 18:42:10 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:11 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, 0x0, 0x0, 0x0) 18:42:11 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:11 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:11 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, 0x0, 0x0, 0x0) 18:42:11 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:11 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:11 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080), 0x0, 0x0) 18:42:11 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080), 0x0, 0x0) 18:42:11 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:11 executing program 1: openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:11 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080), 0x0, 0x0) 18:42:11 executing program 1: openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 165.743357] IPVS: ftp: loaded support on port[0] = 21 18:42:11 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) 18:42:11 executing program 1: openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 166.062157] chnl_net:caif_netlink_parms(): no params data found [ 166.163006] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.169607] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.177983] device bridge_slave_0 entered promiscuous mode [ 166.187746] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.194431] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.202745] device bridge_slave_1 entered promiscuous mode [ 166.234062] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 166.245735] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 166.278485] team0: Port device team_slave_0 added [ 166.287398] team0: Port device team_slave_1 added [ 166.386439] device hsr_slave_0 entered promiscuous mode [ 166.522360] device hsr_slave_1 entered promiscuous mode [ 166.800395] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.807115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.814228] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.820823] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.904107] 8021q: adding VLAN 0 to HW filter on device bond0 [ 166.923341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 166.933280] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.941384] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.952605] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 166.971853] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.989426] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 166.998181] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.004799] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.057903] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 167.066286] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.072911] bridge0: port 2(bridge_slave_1) entered forwarding state [ 167.082540] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.091818] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 167.100392] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 167.118046] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 167.129721] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 167.162178] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.187377] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 167.195770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 167.204711] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 18:42:13 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:13 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) 18:42:13 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0) 18:42:13 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) 18:42:13 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:13 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0) 18:42:13 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:13 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0) 18:42:13 executing program 0 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:13 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080), 0x0, 0x0) 18:42:13 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 167.769578] FAULT_INJECTION: forcing a failure. [ 167.769578] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 167.782548] CPU: 1 PID: 10754 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #5 [ 167.789809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 167.799298] Call Trace: [ 167.801969] dump_stack+0x191/0x1f0 [ 167.805680] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 167.810945] should_fail+0xa82/0xaa0 [ 167.814742] should_fail_alloc_page+0x1fb/0x270 [ 167.819513] __alloc_pages_nodemask+0x3c1/0x5e90 [ 167.824367] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 167.829813] ? process_measurement+0x2280/0x2570 [ 167.834667] ? kmsan_internal_memset_shadow+0x104/0x3a0 [ 167.840133] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 167.845401] ? mntput_no_expire+0x93/0x17f0 [ 167.849846] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 167.855140] alloc_pages_current+0x6a0/0x9b0 [ 167.859628] kmalloc_order_trace+0x87/0x320 [ 167.864076] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 167.869533] __kmalloc+0x305/0x3a0 [ 167.873178] kmalloc_array+0x6d/0xe0 [ 167.876959] rw_copy_check_uvector+0x1ea/0x650 [ 167.881784] import_iovec+0x190/0x690 [ 167.885682] ? __msan_poison_alloca+0x1d0/0x280 [ 167.890433] do_preadv+0x331/0x5a0 [ 167.894082] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 167.899369] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 167.904897] ? prepare_exit_to_usermode+0x114/0x420 [ 167.909990] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 167.915302] __se_sys_preadv+0xc6/0xe0 [ 167.919269] __x64_sys_preadv+0x62/0x80 [ 167.923339] do_syscall_64+0xbc/0xf0 [ 167.927161] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 167.932417] RIP: 0033:0x458da9 [ 167.935722] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 167.955206] RSP: 002b:00007fa57a3dcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 167.963442] RAX: ffffffffffffffda RBX: 00007fa57a3dcc90 RCX: 0000000000458da9 [ 167.971045] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 167.978531] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 167.985860] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa57a3dd6d4 [ 167.993220] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 0000000000000004 18:42:14 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:14 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080), 0x0, 0x0) 18:42:14 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:14 executing program 0 (fault-call:2 fault-nth:1): perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:14 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080), 0x0, 0x0) [ 168.450398] FAULT_INJECTION: forcing a failure. [ 168.450398] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 168.462461] CPU: 0 PID: 10773 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #5 [ 168.469686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.479111] Call Trace: [ 168.481756] dump_stack+0x191/0x1f0 [ 168.485819] should_fail+0xa82/0xaa0 [ 168.489603] should_fail_alloc_page+0x1fb/0x270 [ 168.494341] __alloc_pages_nodemask+0x3c1/0x5e90 [ 168.499413] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.504664] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.510101] ? prep_new_page+0x6ef/0x840 [ 168.514281] kmsan_internal_alloc_meta_for_pages+0x86/0x500 [ 168.520046] kmsan_alloc_page+0x7a/0xf0 [ 168.524302] __alloc_pages_nodemask+0x143d/0x5e90 [ 168.529188] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 168.534600] ? process_measurement+0x2280/0x2570 [ 168.539424] ? kmsan_internal_memset_shadow+0x104/0x3a0 [ 168.544843] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.550159] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.555454] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.560780] alloc_pages_current+0x6a0/0x9b0 [ 168.565266] kmalloc_order_trace+0x87/0x320 [ 168.569636] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 168.575051] __kmalloc+0x305/0x3a0 [ 168.578685] kmalloc_array+0x6d/0xe0 [ 168.582442] rw_copy_check_uvector+0x1ea/0x650 [ 168.587118] import_iovec+0x190/0x690 [ 168.590974] ? __msan_poison_alloca+0x1d0/0x280 [ 168.595702] do_preadv+0x331/0x5a0 [ 168.599314] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.604570] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 168.610177] ? prepare_exit_to_usermode+0x114/0x420 [ 168.615325] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.620562] __se_sys_preadv+0xc6/0xe0 [ 168.624502] __x64_sys_preadv+0x62/0x80 [ 168.628601] do_syscall_64+0xbc/0xf0 [ 168.632357] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 168.637576] RIP: 0033:0x458da9 [ 168.640810] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 168.659934] RSP: 002b:00007fa57a3dcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 168.668233] RAX: ffffffffffffffda RBX: 00007fa57a3dcc90 RCX: 0000000000458da9 [ 168.676112] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 168.683514] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 168.690904] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa57a3dd6d4 [ 168.698294] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 0000000000000004 18:42:14 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) 18:42:14 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:14 executing program 0 (fault-call:2 fault-nth:2): perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 168.874133] FAULT_INJECTION: forcing a failure. [ 168.874133] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 168.886275] CPU: 0 PID: 10780 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #5 [ 168.893500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.902893] Call Trace: [ 168.905542] dump_stack+0x191/0x1f0 [ 168.909337] should_fail+0xa82/0xaa0 [ 168.913141] should_fail_alloc_page+0x1fb/0x270 [ 168.917968] __alloc_pages_nodemask+0x3c1/0x5e90 [ 168.922831] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.928122] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.933371] ? prep_new_page+0x6ef/0x840 [ 168.937543] kmsan_internal_alloc_meta_for_pages+0xef/0x500 [ 168.943315] kmsan_alloc_page+0x7a/0xf0 [ 168.947342] __alloc_pages_nodemask+0x143d/0x5e90 [ 168.952222] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 168.957626] ? process_measurement+0x2280/0x2570 [ 168.962446] ? kmsan_internal_memset_shadow+0x104/0x3a0 [ 168.967942] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.973325] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 168.978568] alloc_pages_current+0x6a0/0x9b0 [ 168.983152] kmalloc_order_trace+0x87/0x320 [ 168.987520] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 168.992936] __kmalloc+0x305/0x3a0 [ 168.996568] kmalloc_array+0x6d/0xe0 [ 169.000414] rw_copy_check_uvector+0x1ea/0x650 [ 169.005091] import_iovec+0x190/0x690 [ 169.008943] ? __msan_poison_alloca+0x1d0/0x280 [ 169.013670] do_preadv+0x331/0x5a0 [ 169.017360] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 169.022600] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 169.028112] ? prepare_exit_to_usermode+0x114/0x420 [ 169.033271] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 169.038515] __se_sys_preadv+0xc6/0xe0 [ 169.042637] __x64_sys_preadv+0x62/0x80 [ 169.046651] do_syscall_64+0xbc/0xf0 [ 169.050409] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 169.055716] RIP: 0033:0x458da9 18:42:14 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) [ 169.058942] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 169.077965] RSP: 002b:00007fa57a3dcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 169.085716] RAX: ffffffffffffffda RBX: 00007fa57a3dcc90 RCX: 0000000000458da9 [ 169.093019] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 169.100493] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 169.107791] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa57a3dd6d4 [ 169.115178] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 0000000000000004 18:42:15 executing program 2: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:15 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{0x0}], 0x1, 0x0) 18:42:15 executing program 0 (fault-call:2 fault-nth:3): perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:15 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:15 executing program 1 (fault-call:1 fault-nth:0): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 169.554406] FAULT_INJECTION: forcing a failure. [ 169.554406] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 169.566466] CPU: 1 PID: 10801 Comm: syz-executor.1 Not tainted 5.1.0-rc7+ #5 [ 169.573803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.583302] Call Trace: [ 169.585983] dump_stack+0x191/0x1f0 [ 169.589714] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 169.595007] should_fail+0xa82/0xaa0 [ 169.598853] should_fail_alloc_page+0x1fb/0x270 [ 169.603779] __alloc_pages_nodemask+0x3c1/0x5e90 [ 169.608629] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 169.614111] ? process_measurement+0x2280/0x2570 [ 169.618981] ? kmsan_internal_memset_shadow+0x104/0x3a0 [ 169.624450] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 169.629739] ? mntput_no_expire+0x93/0x17f0 [ 169.634223] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 169.639521] alloc_pages_current+0x6a0/0x9b0 [ 169.644028] kmalloc_order_trace+0x87/0x320 [ 169.648578] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 169.654031] __kmalloc+0x305/0x3a0 [ 169.657705] kmalloc_array+0x6d/0xe0 [ 169.661514] rw_copy_check_uvector+0x1ea/0x650 [ 169.666370] import_iovec+0x190/0x690 [ 169.670367] ? __msan_poison_alloca+0x1d0/0x280 [ 169.675324] do_preadv+0x331/0x5a0 [ 169.678984] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 169.684400] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 169.689945] ? prepare_exit_to_usermode+0x114/0x420 [ 169.695326] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 169.700830] __se_sys_preadv+0xc6/0xe0 [ 169.704832] __x64_sys_preadv+0x62/0x80 [ 169.709110] do_syscall_64+0xbc/0xf0 [ 169.712926] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 169.718189] RIP: 0033:0x458da9 [ 169.721462] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 169.740654] RSP: 002b:00007fe05c864c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 18:42:15 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 169.748640] RAX: ffffffffffffffda RBX: 00007fe05c864c90 RCX: 0000000000458da9 [ 169.756214] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 169.763555] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 169.771788] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe05c8656d4 [ 169.779276] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 0000000000000004 18:42:15 executing program 1 (fault-call:1 fault-nth:1): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:15 executing program 0: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) 18:42:16 executing program 2: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 170.020627] FAULT_INJECTION: forcing a failure. [ 170.020627] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 170.032618] CPU: 0 PID: 10812 Comm: syz-executor.1 Not tainted 5.1.0-rc7+ #5 [ 170.039925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.049324] Call Trace: [ 170.051964] dump_stack+0x191/0x1f0 [ 170.055652] should_fail+0xa82/0xaa0 [ 170.059436] should_fail_alloc_page+0x1fb/0x270 [ 170.064169] __alloc_pages_nodemask+0x3c1/0x5e90 [ 170.069204] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.074459] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.079702] ? prep_new_page+0x6ef/0x840 [ 170.083871] kmsan_internal_alloc_meta_for_pages+0x86/0x500 [ 170.089633] kmsan_alloc_page+0x7a/0xf0 [ 170.093665] __alloc_pages_nodemask+0x143d/0x5e90 [ 170.098556] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 170.104217] ? process_measurement+0x2280/0x2570 [ 170.109050] ? kmsan_internal_memset_shadow+0x104/0x3a0 [ 170.114505] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.126659] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.131906] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.137186] alloc_pages_current+0x6a0/0x9b0 [ 170.141665] kmalloc_order_trace+0x87/0x320 [ 170.146203] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 170.151618] __kmalloc+0x305/0x3a0 [ 170.155226] kmalloc_array+0x6d/0xe0 [ 170.159156] rw_copy_check_uvector+0x1ea/0x650 [ 170.163913] import_iovec+0x190/0x690 [ 170.167771] ? __msan_poison_alloca+0x1d0/0x280 [ 170.172509] do_preadv+0x331/0x5a0 [ 170.176171] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.181671] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 170.187783] ? prepare_exit_to_usermode+0x114/0x420 [ 170.193151] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.198583] __se_sys_preadv+0xc6/0xe0 [ 170.202668] __x64_sys_preadv+0x62/0x80 [ 170.206839] do_syscall_64+0xbc/0xf0 [ 170.210695] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 170.216005] RIP: 0033:0x458da9 [ 170.219324] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 170.238592] RSP: 002b:00007fe05c864c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 170.246360] RAX: ffffffffffffffda RBX: 00007fe05c864c90 RCX: 0000000000458da9 [ 170.253669] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 170.261189] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 18:42:16 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f00000001c0)={0x0, 0xe379}) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x101000, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r2, &(0x7f0000000140)={0x1, 0xc0a}, 0x2) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000240)=0x1) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000200)=0x7) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r3, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 170.268514] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe05c8656d4 [ 170.275904] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 0000000000000004 18:42:16 executing program 1 (fault-call:1 fault-nth:2): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:16 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 170.424858] FAULT_INJECTION: forcing a failure. [ 170.424858] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 170.436751] CPU: 0 PID: 10820 Comm: syz-executor.1 Not tainted 5.1.0-rc7+ #5 [ 170.443971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.453389] Call Trace: [ 170.456147] dump_stack+0x191/0x1f0 [ 170.459825] should_fail+0xa82/0xaa0 [ 170.463690] should_fail_alloc_page+0x1fb/0x270 [ 170.468413] __alloc_pages_nodemask+0x3c1/0x5e90 [ 170.473320] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.478566] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.483802] ? prep_new_page+0x6ef/0x840 [ 170.488090] kmsan_internal_alloc_meta_for_pages+0xef/0x500 [ 170.493871] kmsan_alloc_page+0x7a/0xf0 [ 170.498156] __alloc_pages_nodemask+0x143d/0x5e90 [ 170.503247] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 170.508662] ? process_measurement+0x2280/0x2570 [ 170.513487] ? kmsan_internal_memset_shadow+0x104/0x3a0 [ 170.518899] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.524211] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.529543] alloc_pages_current+0x6a0/0x9b0 [ 170.534237] kmalloc_order_trace+0x87/0x320 [ 170.538693] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 170.544293] __kmalloc+0x305/0x3a0 [ 170.547893] kmalloc_array+0x6d/0xe0 [ 170.551697] rw_copy_check_uvector+0x1ea/0x650 [ 170.556473] import_iovec+0x190/0x690 [ 170.560320] ? __msan_poison_alloca+0x1d0/0x280 [ 170.565043] do_preadv+0x331/0x5a0 [ 170.568675] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.573915] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 170.579782] ? prepare_exit_to_usermode+0x114/0x420 [ 170.584963] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.590322] __se_sys_preadv+0xc6/0xe0 [ 170.594357] __x64_sys_preadv+0x62/0x80 [ 170.598379] do_syscall_64+0xbc/0xf0 [ 170.602178] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 170.607494] RIP: 0033:0x458da9 [ 170.610722] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 170.629658] RSP: 002b:00007fe05c864c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 170.637401] RAX: ffffffffffffffda RBX: 00007fe05c864c90 RCX: 0000000000458da9 [ 170.644884] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 170.652453] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 170.659841] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe05c8656d4 [ 170.667490] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 0000000000000004 18:42:16 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:16 executing program 1 (fault-call:1 fault-nth:3): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) 18:42:16 executing program 2: perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1000000000000212, 0x0) [ 170.901166] FAULT_INJECTION: forcing a failure. [ 170.901166] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 170.913348] CPU: 0 PID: 10829 Comm: syz-executor.1 Not tainted 5.1.0-rc7+ #5 [ 170.920602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.930005] Call Trace: [ 170.932677] dump_stack+0x191/0x1f0 [ 170.936485] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.941761] should_fail+0xa82/0xaa0 [ 170.945567] should_fail_alloc_page+0x1fb/0x270 [ 170.950424] __alloc_pages_nodemask+0x3c1/0x5e90 [ 170.955485] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 170.961007] ? __save_stack_trace+0x99e/0xb90 [ 170.965934] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 170.971423] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 170.976706] alloc_pages_current+0x6a0/0x9b0 [ 170.981463] __page_cache_alloc+0x95/0x320 [ 170.985870] __do_page_cache_readahead+0x46e/0x990 [ 170.990910] ondemand_readahead+0xe2e/0x1420 [ 170.995424] page_cache_sync_readahead+0x38f/0x8a0 [ 171.000465] generic_file_read_iter+0x998/0x3e70 [ 171.005388] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.010662] blkdev_read_iter+0x20d/0x270 [ 171.014891] ? blkdev_write_iter+0x650/0x650 [ 171.019458] do_iter_readv_writev+0x9b3/0xbe0 [ 171.024055] ? blkdev_write_iter+0x650/0x650 [ 171.028643] do_iter_read+0x30b/0xe10 [ 171.032525] ? import_iovec+0x425/0x690 [ 171.036582] do_preadv+0x3b8/0x5a0 [ 171.040325] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.045677] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 171.051238] ? prepare_exit_to_usermode+0x114/0x420 [ 171.056342] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.061615] __se_sys_preadv+0xc6/0xe0 [ 171.065588] __x64_sys_preadv+0x62/0x80 [ 171.069640] do_syscall_64+0xbc/0xf0 [ 171.073619] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.078865] RIP: 0033:0x458da9 18:42:16 executing program 0: r0 = perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0xfffffffffffffffe, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xd89d, 0x100) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0xffff}}, 0x800, 0x2}, &(0x7f00000003c0)=0x90) getsockopt(r1, 0x8, 0x4, &(0x7f00000016c0)=""/241, &(0x7f0000000240)=0xffffffffffffffe7) openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x4000, 0x0) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000001640)={0x0, 0xffffffffffffffff, 0x85, 0x4, @scatter={0x2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/30, 0x1e}, {&(0x7f0000001400)=""/250, 0xfa}]}, &(0x7f0000001500)="43219c13c6f71b1c5e5d11609c40f5f55af9f9a18b30024f4443a9efa7dd7d1743652b98c2441eb518e654c17c3104d49e32be9d6b3eea474021805e9779a21a1ca6776491cd307fdf5dae596c364b85d40155df3b7f464e12e09a466877e916bad6e71efe0d5ea38acb7e6c29c3662f90d7d8f230e49e2e172a91259f34b382e6a18ba3d8", &(0x7f00000015c0)=""/51, 0x8000, 0x0, 0x3, &(0x7f0000001600)}) [ 171.083282] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 171.102386] RSP: 002b:00007fe05c864c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 171.110185] RAX: ffffffffffffffda RBX: 00007fe05c864c90 RCX: 0000000000458da9 [ 171.117517] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 171.124933] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 171.132271] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe05c8656d4 [ 171.139696] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 0000000000000004 [ 171.187832] ================================================================== [ 171.195630] BUG: KMSAN: kernel-infoleak in copyout+0x16b/0x1f0 [ 171.201742] CPU: 0 PID: 10833 Comm: syz-executor.2 Not tainted 5.1.0-rc7+ #5 [ 171.209046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.218578] Call Trace: [ 171.221223] dump_stack+0x191/0x1f0 [ 171.225001] kmsan_report+0x130/0x2a0 [ 171.228950] kmsan_internal_check_memory+0x974/0xa80 [ 171.234148] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 171.239663] kmsan_copy_to_user+0xa9/0xb0 [ 171.243855] copyout+0x16b/0x1f0 [ 171.247286] copy_page_to_iter+0x654/0x1910 [ 171.251773] generic_file_read_iter+0x2979/0x3e70 [ 171.256765] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.262046] blkdev_read_iter+0x20d/0x270 [ 171.266284] ? blkdev_write_iter+0x650/0x650 [ 171.270749] do_iter_readv_writev+0x9b3/0xbe0 [ 171.275590] ? blkdev_write_iter+0x650/0x650 [ 171.280821] do_iter_read+0x30b/0xe10 [ 171.285301] ? import_iovec+0x425/0x690 [ 171.289617] do_preadv+0x3b8/0x5a0 [ 171.293227] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.298492] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 171.303987] ? prepare_exit_to_usermode+0x114/0x420 [ 171.309150] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.314590] __se_sys_preadv+0xc6/0xe0 [ 171.318746] __x64_sys_preadv+0x62/0x80 [ 171.322849] do_syscall_64+0xbc/0xf0 [ 171.326736] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.331961] RIP: 0033:0x458da9 [ 171.335191] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 171.354352] RSP: 002b:00007f004e79dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 171.362133] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458da9 [ 171.369437] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 171.376741] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 171.384208] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f004e79e6d4 [ 171.391603] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 00000000ffffffff [ 171.399120] [ 171.400777] Uninit was created at: [ 171.404369] kmsan_save_stack_with_flags+0x7a/0x130 [ 171.409567] kmsan_internal_alloc_meta_for_pages+0x10f/0x500 [ 171.415397] kmsan_alloc_page+0x7a/0xf0 [ 171.419407] __alloc_pages_nodemask+0x143d/0x5e90 [ 171.424480] alloc_pages_current+0x6a0/0x9b0 [ 171.429111] __page_cache_alloc+0x95/0x320 [ 171.433375] generic_file_read_iter+0x1e3e/0x3e70 [ 171.438243] blkdev_read_iter+0x20d/0x270 [ 171.442426] do_iter_readv_writev+0x9b3/0xbe0 [ 171.446949] do_iter_read+0x30b/0xe10 [ 171.450970] do_preadv+0x3b8/0x5a0 [ 171.454535] __se_sys_preadv+0xc6/0xe0 [ 171.458443] __x64_sys_preadv+0x62/0x80 [ 171.462443] do_syscall_64+0xbc/0xf0 [ 171.466190] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.471393] [ 171.473045] Bytes 0-4095 of 4096 are uninitialized [ 171.478287] Memory access of size 4096 starts at ffff88807530f000 [ 171.484623] Data copied to user address 0000000020000400 [ 171.490284] ================================================================== [ 171.497744] Disabling lock debugging due to kernel taint [ 171.503214] Kernel panic - not syncing: panic_on_warn set ... [ 171.509140] CPU: 0 PID: 10833 Comm: syz-executor.2 Tainted: G B 5.1.0-rc7+ #5 [ 171.518133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.527508] Call Trace: [ 171.530185] dump_stack+0x191/0x1f0 [ 171.533857] panic+0x3ca/0xafe [ 171.537218] kmsan_report+0x298/0x2a0 [ 171.541094] kmsan_internal_check_memory+0x974/0xa80 [ 171.546411] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 171.552037] kmsan_copy_to_user+0xa9/0xb0 [ 171.556397] copyout+0x16b/0x1f0 [ 171.559807] copy_page_to_iter+0x654/0x1910 [ 171.564230] generic_file_read_iter+0x2979/0x3e70 [ 171.569203] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.574610] blkdev_read_iter+0x20d/0x270 [ 171.578799] ? blkdev_write_iter+0x650/0x650 [ 171.583415] do_iter_readv_writev+0x9b3/0xbe0 [ 171.588117] ? blkdev_write_iter+0x650/0x650 [ 171.592667] do_iter_read+0x30b/0xe10 [ 171.596731] ? import_iovec+0x425/0x690 [ 171.600847] do_preadv+0x3b8/0x5a0 [ 171.604440] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.609756] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 171.615325] ? prepare_exit_to_usermode+0x114/0x420 [ 171.620374] ? kmsan_get_shadow_origin_ptr+0x71/0x470 [ 171.625604] __se_sys_preadv+0xc6/0xe0 [ 171.629720] __x64_sys_preadv+0x62/0x80 [ 171.633730] do_syscall_64+0xbc/0xf0 [ 171.637480] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.642692] RIP: 0033:0x458da9 [ 171.645913] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 171.665599] RSP: 002b:00007f004e79dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 171.673334] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000458da9 [ 171.680628] RDX: 1000000000000212 RSI: 0000000020000080 RDI: 0000000000000003 [ 171.688121] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 171.695715] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f004e79e6d4 [ 171.703007] R13: 00000000004c5afc R14: 00000000004d9e48 R15: 00000000ffffffff [ 171.711772] Kernel Offset: disabled [ 171.715675] Rebooting in 86400 seconds..