0 [ 378.504738] ? graph_lock+0x270/0x270 [ 378.508638] ? futex_wake+0x304/0x760 [ 378.512473] ? find_held_lock+0x36/0x1c0 [ 378.516558] ? __handle_mm_fault+0x4d19/0x5b70 [ 378.521154] ? lock_downgrade+0x900/0x900 [ 378.525334] ? kasan_check_read+0x11/0x20 [ 378.529500] ? do_raw_spin_unlock+0xa7/0x330 [ 378.533916] ? do_raw_spin_trylock+0x270/0x270 [ 378.538522] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 378.544184] __handle_mm_fault+0x4d26/0x5b70 [ 378.548618] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 378.553487] ? graph_lock+0x270/0x270 [ 378.557296] ? kasan_check_read+0x11/0x20 [ 378.561451] ? graph_lock+0x270/0x270 [ 378.565731] ? rcu_read_unlock_special+0x370/0x370 [ 378.570675] ? graph_lock+0x270/0x270 [ 378.574491] ? graph_lock+0x270/0x270 [ 378.578303] ? find_held_lock+0x36/0x1c0 [ 378.582383] ? find_held_lock+0x36/0x1c0 [ 378.586482] ? handle_mm_fault+0x42a/0xc70 [ 378.590729] ? lock_downgrade+0x900/0x900 [ 378.594894] ? check_preemption_disabled+0x48/0x280 [ 378.599926] ? kasan_check_read+0x11/0x20 [ 378.604086] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 378.609372] ? rcu_read_unlock_special+0x370/0x370 [ 378.614317] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 378.619871] ? check_preemption_disabled+0x48/0x280 [ 378.625250] handle_mm_fault+0x54f/0xc70 [ 378.629332] ? __handle_mm_fault+0x5b70/0x5b70 [ 378.633930] ? find_vma+0x34/0x190 [ 378.637502] __do_page_fault+0x5f6/0xd70 [ 378.641578] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.647133] do_page_fault+0xf2/0x7e0 [ 378.650947] ? vmalloc_sync_all+0x30/0x30 [ 378.655110] ? error_entry+0x70/0xd0 [ 378.655127] ? trace_hardirqs_off_caller+0xbb/0x310 [ 378.655144] ? trace_hardirqs_on_caller+0xc0/0x310 [ 378.664329] ? syscall_return_slowpath+0x5e0/0x5e0 [ 378.674167] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.679028] ? trace_hardirqs_on_caller+0x310/0x310 [ 378.684080] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 378.689561] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 378.694609] ? prepare_exit_to_usermode+0x291/0x3b0 [ 378.699636] ? page_fault+0x8/0x30 [ 378.703191] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.708052] ? page_fault+0x8/0x30 [ 378.711609] page_fault+0x1e/0x30 [ 378.715068] RIP: 0033:0x4510a0 [ 378.718272] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 378.737170] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 378.737183] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 378.737193] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 06:11:24 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x8) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x20000, 0x0) 06:11:24 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x6, 0x10001, 0x7}) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1) ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000040)={0x200, 0x8000, 0x7ff, 0xfff, 0x2, 0xec}) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$TCSBRK(r1, 0x5409, 0xbd39) 06:11:24 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x80006, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0x82, "87bc1dc98a9ff602ce78e157ad5fb9551d6215bfea2b404ad94e694d2bd78f06c4c31c528747bdc433a4208af9d534ba86035d242fe653ca8859ffce8ddd9894f9dcefd8f8c9bb2736b45d5ee80661c5bc6369a9e53df7ec6052608a2088a342cf8e52d0fde195b2dcd3a075654cdebd6f3035de29e2a56184b25789a625aa77b3e8"}, &(0x7f0000000100)=0x8a) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000180)={r2, 0x100000000000, 0xd6, "ba05cc3d385f14854d380ea4539899616078ce997819d78eaab1bbeaf44fa5154e225a515ed8a24ff812e1120f296b24d57a8c8d0b264cb0ab6040c85048334a9d26235e8b752a6f302b2a7b76973e75b7e0a0bb08d5d78039b320b203e9a2158478f8cf093962e27bbf5d054d8e30a3bb2bc4020163981708409259e56e6e35754bf2fee27156eec132e0434cffa058d273c179be6a50f18a85a25ffa88ee63fcef8c6f0e53e36e807357b50a6ffb1c811c3904ec0dab5be4c90290fa2a579a90d1c1a7cc31da9d536ba684fe9fb30c5426557ec545"}, 0xde) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dlm-monitor\x00', 0x402, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r3, 0x28, 0x2, &(0x7f00000002c0)=0x5, 0x8) shutdown(r1, 0x0) [ 378.737202] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 378.737211] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 378.737225] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 378.783224] FAULT_FLAG_ALLOW_RETRY missing 70 [ 378.796916] CPU: 1 PID: 17409 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 378.805539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.814895] Call Trace: [ 378.814923] dump_stack+0x244/0x39d [ 378.814950] ? dump_stack_print_info.cold.1+0x20/0x20 [ 378.814981] handle_userfault.cold.30+0x47/0x62 [ 378.821183] ? userfaultfd_ioctl+0x5610/0x5610 [ 378.821201] ? mark_held_locks+0x130/0x130 [ 378.821220] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 378.844885] ? futex_wait_setup+0x266/0x3e0 [ 378.844918] ? __sanitizer_cov_trace_switch+0x53/0x90 06:11:24 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:24 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) connect$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:24 executing program 2: clock_gettime(0x5, &(0x7f0000000080)) r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x5, 0x200080) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000180)={0x7, @raw_data="bd453a6649d0027301a90d68779af90dded45425a3c54661bd043dceae531532d5feaa3f0bd720d277c971aadda9e74e21f5aabd94f2cae0c6fe5b93cfc5baa3c576fc240f3978615b315beff2e0523463fd49bd641ce7de99036128c4d76e9c78a6b2aa4b9b5bcd49a5d6c1a35ddcc5251b1e9677177ac92599cb3af8aca13f29af73fa31bf6a114f403436c739b81519b0255280e5a18fc1df3220b030706600a8544963e9fb653d4a6d75fddff6606c0d7b72e1db04a90ced15987dbf61a75e565d55e1dd94b7"}) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000280)={'nat\x00', 0x0, 0x0, 0x0, [], 0x4, &(0x7f00000000c0)=[{}, {}], 0x0, [{}, {}, {}, {}]}, 0xb8) 06:11:24 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:24 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f00000001c0)={0x0, 'yam0\x00', 0x1}, 0x18) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e24, 0x4, @ipv4={[], [], @loopback}, 0xf76}}, 0x8, 0xffff, 0x4, 0x4c4, 0x1000}, &(0x7f0000000000)=0x98) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000380)={r2, 0x3}, 0x8) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r3 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000240)={{0x2, 0x4e20, @empty}, {0x1, @link_local}, 0x46, {0x2, 0x4e20, @multicast2}, 'bond0\x00'}) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)={0x7, 0x3, 0x4, 0xe800, {r4, r5/1000+30000}, {0x6, 0x1, 0x7f, 0x5, 0x0, 0x3, "54225905"}, 0x2, 0x2, @planes=&(0x7f0000000040)={0x100, 0xffffffffffff8001, @userptr=0x6, 0x2}, 0x4}) [ 378.844947] ? userfaultfd_ctx_put+0x830/0x830 [ 378.844973] ? print_usage_bug+0xc0/0xc0 [ 378.844991] ? print_usage_bug+0xc0/0xc0 [ 378.845010] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 378.845027] ? print_usage_bug+0xc0/0xc0 [ 378.845044] ? graph_lock+0x270/0x270 [ 378.845059] ? futex_wake+0x304/0x760 [ 378.845094] ? find_held_lock+0x36/0x1c0 [ 378.845122] ? __handle_mm_fault+0x4d19/0x5b70 [ 378.845140] ? lock_downgrade+0x900/0x900 [ 378.845166] ? kasan_check_read+0x11/0x20 [ 378.845181] ? do_raw_spin_unlock+0xa7/0x330 [ 378.845197] ? do_raw_spin_trylock+0x270/0x270 [ 378.845216] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 378.845244] __handle_mm_fault+0x4d26/0x5b70 [ 378.845270] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 378.845288] ? graph_lock+0x270/0x270 [ 378.845304] ? kasan_check_read+0x11/0x20 [ 378.845320] ? graph_lock+0x270/0x270 [ 378.845337] ? rcu_read_unlock_special+0x370/0x370 [ 378.845365] ? graph_lock+0x270/0x270 [ 378.845380] ? graph_lock+0x270/0x270 [ 378.845395] ? find_held_lock+0x36/0x1c0 [ 378.845416] ? find_held_lock+0x36/0x1c0 [ 378.845450] ? handle_mm_fault+0x42a/0xc70 [ 378.845468] ? lock_downgrade+0x900/0x900 [ 378.845486] ? check_preemption_disabled+0x48/0x280 [ 378.845507] ? kasan_check_read+0x11/0x20 [ 378.845523] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 378.845540] ? rcu_read_unlock_special+0x370/0x370 [ 378.845558] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 378.845575] ? check_preemption_disabled+0x48/0x280 [ 378.845599] handle_mm_fault+0x54f/0xc70 [ 378.845619] ? __handle_mm_fault+0x5b70/0x5b70 [ 378.845637] ? find_vma+0x34/0x190 [ 378.845659] __do_page_fault+0x5f6/0xd70 [ 378.845674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.845700] do_page_fault+0xf2/0x7e0 [ 378.845717] ? vmalloc_sync_all+0x30/0x30 [ 378.845734] ? error_entry+0x70/0xd0 [ 378.845753] ? trace_hardirqs_off_caller+0xbb/0x310 [ 378.845768] ? trace_hardirqs_on_caller+0xc0/0x310 [ 378.845785] ? syscall_return_slowpath+0x5e0/0x5e0 [ 378.845800] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.845818] ? trace_hardirqs_on_caller+0x310/0x310 [ 378.845834] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 378.845851] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 378.845869] ? prepare_exit_to_usermode+0x291/0x3b0 [ 378.845884] ? page_fault+0x8/0x30 [ 378.845903] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.845922] ? page_fault+0x8/0x30 [ 378.845944] page_fault+0x1e/0x30 [ 378.845956] RIP: 0033:0x4510a0 [ 378.845972] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 378.845981] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 378.845993] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 378.846004] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 378.846013] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 378.846022] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 378.846032] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 379.003354] FAULT_FLAG_ALLOW_RETRY missing 70 [ 379.039210] CPU: 1 PID: 17450 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 379.048617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.048623] Call Trace: [ 379.048649] dump_stack+0x244/0x39d [ 379.048678] ? dump_stack_print_info.cold.1+0x20/0x20 [ 379.058432] ? preempt_schedule+0x4d/0x60 [ 379.058458] handle_userfault.cold.30+0x47/0x62 [ 379.058484] ? userfaultfd_ioctl+0x5610/0x5610 [ 379.058504] ? mark_held_locks+0x130/0x130 [ 379.068945] ? find_held_lock+0x36/0x1c0 [ 379.068968] ? futex_wake+0x613/0x760 [ 379.068987] ? userfaultfd_ctx_put+0x830/0x830 [ 379.069008] ? kasan_check_read+0x11/0x20 [ 379.079011] ? print_usage_bug+0xc0/0xc0 [ 379.079025] ? do_raw_spin_trylock+0x270/0x270 [ 379.079043] ? print_usage_bug+0xc0/0xc0 [ 379.087396] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 379.087420] ? print_usage_bug+0xc0/0xc0 [ 379.087437] ? graph_lock+0x270/0x270 [ 379.094410] ? futex_wake+0x304/0x760 [ 379.116492] ? find_held_lock+0x36/0x1c0 [ 379.116517] ? __handle_mm_fault+0x4d19/0x5b70 [ 379.116531] ? lock_downgrade+0x900/0x900 [ 379.116554] ? kasan_check_read+0x11/0x20 [ 379.129161] ? do_raw_spin_unlock+0xa7/0x330 [ 379.129177] ? do_raw_spin_trylock+0x270/0x270 [ 379.129198] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 379.287412] __handle_mm_fault+0x4d26/0x5b70 [ 379.287437] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 379.296686] ? graph_lock+0x270/0x270 [ 379.296707] ? kasan_check_read+0x11/0x20 [ 379.304625] ? graph_lock+0x270/0x270 [ 379.308416] ? rcu_read_unlock_special+0x370/0x370 [ 379.313336] ? graph_lock+0x270/0x270 [ 379.317132] ? graph_lock+0x270/0x270 [ 379.320917] ? find_held_lock+0x36/0x1c0 [ 379.324964] ? find_held_lock+0x36/0x1c0 [ 379.329032] ? handle_mm_fault+0x42a/0xc70 [ 379.333264] ? lock_downgrade+0x900/0x900 [ 379.337539] ? check_preemption_disabled+0x48/0x280 [ 379.342545] ? kasan_check_read+0x11/0x20 [ 379.346680] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 379.351953] ? rcu_read_unlock_special+0x370/0x370 [ 379.356895] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.362420] ? check_preemption_disabled+0x48/0x280 [ 379.367441] handle_mm_fault+0x54f/0xc70 [ 379.371496] ? __handle_mm_fault+0x5b70/0x5b70 [ 379.376075] ? find_vma+0x34/0x190 [ 379.379605] __do_page_fault+0x5f6/0xd70 [ 379.383653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.389182] do_page_fault+0xf2/0x7e0 [ 379.392972] ? vmalloc_sync_all+0x30/0x30 [ 379.397107] ? error_entry+0x70/0xd0 [ 379.400808] ? trace_hardirqs_off_caller+0xbb/0x310 [ 379.405806] ? trace_hardirqs_on_caller+0xc0/0x310 [ 379.410724] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.415643] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.420471] ? trace_hardirqs_on_caller+0x310/0x310 [ 379.425482] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 379.430934] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.435942] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 379.442594] ? __switch_to_asm+0x40/0x70 [ 379.446643] ? page_fault+0x8/0x30 [ 379.450171] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.455003] ? page_fault+0x8/0x30 [ 379.458538] page_fault+0x1e/0x30 [ 379.461976] RIP: 0033:0x4510a0 [ 379.465157] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 379.484049] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 379.489400] RAX: 00007f5dbe468850 RBX: 0000000000000003 RCX: 000000000000000e [ 379.496662] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 379.503928] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 06:11:25 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:25 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:25 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)="646e735f7265736f6c76657206", &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:25 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:25 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 379.511186] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe4696d4 [ 379.518442] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:25 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x1, 0x0) 06:11:25 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 379.679334] FAULT_FLAG_ALLOW_RETRY missing 70 [ 379.684704] FAULT_FLAG_ALLOW_RETRY missing 70 [ 379.691848] CPU: 1 PID: 17479 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 379.700463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.709823] Call Trace: [ 379.712437] dump_stack+0x244/0x39d [ 379.716084] ? dump_stack_print_info.cold.1+0x20/0x20 [ 379.721301] handle_userfault.cold.30+0x47/0x62 [ 379.725999] ? userfaultfd_ioctl+0x5610/0x5610 [ 379.730596] ? mark_held_locks+0x130/0x130 [ 379.734837] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 379.739874] ? futex_wait_setup+0x266/0x3e0 [ 379.744217] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 379.749415] ? userfaultfd_ctx_put+0x830/0x830 [ 379.754009] ? print_usage_bug+0xc0/0xc0 [ 379.758073] ? print_usage_bug+0xc0/0xc0 [ 379.762139] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 379.767332] ? print_usage_bug+0xc0/0xc0 [ 379.771865] ? graph_lock+0x270/0x270 [ 379.775665] ? futex_wake+0x304/0x760 [ 379.779485] ? find_held_lock+0x36/0x1c0 [ 379.783571] ? __handle_mm_fault+0x4d19/0x5b70 [ 379.788155] ? lock_downgrade+0x900/0x900 [ 379.792312] ? kasan_check_read+0x11/0x20 [ 379.796470] ? do_raw_spin_unlock+0xa7/0x330 [ 379.800881] ? do_raw_spin_trylock+0x270/0x270 [ 379.805464] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 379.811102] __handle_mm_fault+0x4d26/0x5b70 [ 379.815522] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 379.820372] ? graph_lock+0x270/0x270 [ 379.824174] ? kasan_check_read+0x11/0x20 [ 379.828331] ? graph_lock+0x270/0x270 [ 379.832139] ? rcu_read_unlock_special+0x370/0x370 [ 379.837084] ? graph_lock+0x270/0x270 [ 379.840884] ? graph_lock+0x270/0x270 [ 379.844684] ? find_held_lock+0x36/0x1c0 [ 379.848750] ? find_held_lock+0x36/0x1c0 [ 379.852825] ? handle_mm_fault+0x42a/0xc70 [ 379.857066] ? lock_downgrade+0x900/0x900 [ 379.861227] ? check_preemption_disabled+0x48/0x280 [ 379.866249] ? kasan_check_read+0x11/0x20 [ 379.870672] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 379.875950] ? rcu_read_unlock_special+0x370/0x370 [ 379.880886] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.886426] ? check_preemption_disabled+0x48/0x280 [ 379.891450] handle_mm_fault+0x54f/0xc70 [ 379.895557] ? __handle_mm_fault+0x5b70/0x5b70 [ 379.900143] ? find_vma+0x34/0x190 [ 379.903690] __do_page_fault+0x5f6/0xd70 [ 379.907751] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.913297] do_page_fault+0xf2/0x7e0 [ 379.917108] ? vmalloc_sync_all+0x30/0x30 [ 379.921258] ? error_entry+0x70/0xd0 [ 379.924975] ? trace_hardirqs_off_caller+0xbb/0x310 [ 379.929992] ? trace_hardirqs_on_caller+0xc0/0x310 [ 379.934926] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.939861] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.944704] ? trace_hardirqs_on_caller+0x310/0x310 [ 379.949730] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 379.955183] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.960206] ? prepare_exit_to_usermode+0x291/0x3b0 [ 379.965229] ? page_fault+0x8/0x30 [ 379.969210] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.974058] ? page_fault+0x8/0x30 [ 379.977606] page_fault+0x1e/0x30 [ 379.981071] RIP: 0033:0x4510a0 [ 379.984272] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 380.003174] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 380.008540] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 380.015810] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 380.023084] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:11:25 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x4000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 380.030356] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 380.037630] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 380.044925] CPU: 0 PID: 17477 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 380.053521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.062879] Call Trace: [ 380.065488] dump_stack+0x244/0x39d [ 380.069141] ? dump_stack_print_info.cold.1+0x20/0x20 [ 380.074360] ? preempt_schedule+0x4d/0x60 06:11:25 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 380.078538] handle_userfault.cold.30+0x47/0x62 [ 380.083235] ? userfaultfd_ioctl+0x5610/0x5610 [ 380.087829] ? mark_held_locks+0x130/0x130 [ 380.092089] ? find_held_lock+0x36/0x1c0 [ 380.096168] ? futex_wake+0x613/0x760 [ 380.099990] ? userfaultfd_ctx_put+0x830/0x830 [ 380.104590] ? kasan_check_read+0x11/0x20 [ 380.108753] ? print_usage_bug+0xc0/0xc0 [ 380.112824] ? do_raw_spin_trylock+0x270/0x270 [ 380.117416] ? print_usage_bug+0xc0/0xc0 [ 380.121494] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 380.126697] ? print_usage_bug+0xc0/0xc0 [ 380.130769] ? graph_lock+0x270/0x270 [ 380.134578] ? futex_wake+0x304/0x760 [ 380.138405] ? find_held_lock+0x36/0x1c0 [ 380.142485] ? __handle_mm_fault+0x4d19/0x5b70 [ 380.147076] ? lock_downgrade+0x900/0x900 [ 380.151249] ? kasan_check_read+0x11/0x20 [ 380.151267] ? do_raw_spin_unlock+0xa7/0x330 [ 380.159811] ? do_raw_spin_trylock+0x270/0x270 [ 380.164411] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 380.170061] __handle_mm_fault+0x4d26/0x5b70 [ 380.174488] ? vmf_insert_mixed_mkwrite+0x40/0x40 06:11:25 executing program 2: r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x7, 0x608100) accept(r0, &(0x7f0000000080)=@un=@abs, &(0x7f0000000100)=0x80) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r2, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) shutdown(r2, 0x0) 06:11:25 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 380.179343] ? graph_lock+0x270/0x270 [ 380.183139] ? kasan_check_read+0x11/0x20 [ 380.187317] ? graph_lock+0x270/0x270 [ 380.187332] ? rcu_read_unlock_special+0x370/0x370 [ 380.187355] ? graph_lock+0x270/0x270 [ 380.187367] ? graph_lock+0x270/0x270 [ 380.187380] ? find_held_lock+0x36/0x1c0 [ 380.187398] ? find_held_lock+0x36/0x1c0 [ 380.211797] ? handle_mm_fault+0x42a/0xc70 [ 380.211821] ? lock_downgrade+0x900/0x900 [ 380.220186] ? check_preemption_disabled+0x48/0x280 [ 380.225219] ? kasan_check_read+0x11/0x20 06:11:26 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 380.229385] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 380.234675] ? rcu_read_unlock_special+0x370/0x370 [ 380.239616] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 380.245166] ? check_preemption_disabled+0x48/0x280 [ 380.250197] handle_mm_fault+0x54f/0xc70 [ 380.254285] ? __handle_mm_fault+0x5b70/0x5b70 [ 380.258895] ? find_vma+0x34/0x190 [ 380.262452] __do_page_fault+0x5f6/0xd70 [ 380.266538] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.266795] dns_resolver: Unsupported server list version (0) [ 380.272100] do_page_fault+0xf2/0x7e0 [ 380.272115] ? vmalloc_sync_all+0x30/0x30 [ 380.272134] ? error_entry+0x70/0xd0 [ 380.285938] ? trace_hardirqs_off_caller+0xbb/0x310 [ 380.285955] ? trace_hardirqs_on_caller+0xc0/0x310 [ 380.285970] ? syscall_return_slowpath+0x5e0/0x5e0 [ 380.285986] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.309372] ? trace_hardirqs_on_caller+0x310/0x310 [ 380.309392] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 380.319847] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 380.324883] ? prepare_exit_to_usermode+0x291/0x3b0 06:11:26 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolverL', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 380.329909] ? page_fault+0x8/0x30 [ 380.333485] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.333506] ? page_fault+0x8/0x30 06:11:26 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, 0xfffffffffffffffd, 0x141c00, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x7) ioctl$IOC_PR_CLEAR(r0, 0x401070cd, &(0x7f0000000000)={0x5}) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 380.333524] page_fault+0x1e/0x30 06:11:26 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:26 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 380.333536] RIP: 0033:0x4510a0 [ 380.333551] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 06:11:26 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(0x0, 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:26 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x80002, 0x0) r2 = dup2(r0, r1) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x1, &(0x7f0000000040), &(0x7f00000000c0)=0x60) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) shutdown(r1, 0x0) 06:11:26 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) ioctl(r0, 0x8, &(0x7f0000000140)="1bb26aa415856f05fe54a38cc7e94d6898944a926c1cff698e8b5a6909f0bbc9bf10982047f178e562716749081fcbe60ecea6d358fa0630b0064c7558d8b4a63f43894dde6bede36b2e4d60284fb612ff28ef933f57500138f3c1b62c39c92554ba5de3e7f0110561ba89e2109e6a66ab522a32e17e3d167e638138e5e392659638efc71988b6cd362a889add0554d4c70946") add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x400040, 0x0) [ 380.333560] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 380.333573] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e 06:11:26 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000006c0)=@broute={'broute\x00', 0x20, 0x3, 0x548, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, &(0x7f0000000000), &(0x7f0000000140)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff020000001500000008000000000d6272696467655f736c6176655f300000766574683000000000000000000000006272696467655f736c6176655f30000073797a6b616c6c657231000000000000aaaaaaaaaaaaffffffffff00aaaaaaaaaaaaff00000000ff0000e8000000e8000000180100006970360000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000ff020000000000000000000000000001000000ff00000000ffffffff00000000ff000000ff000000ff000000000000001f0000104e214e204e204e24000000004e4651554555450000000000000000000000000000000000000000000000000008000000000000000008000000000000030000000100000091006272696467655f736c6176655f30000073797a6b616c6c657231000000000000626f6e645f736c6176655f3100000000697036746e6c3000000000000000000000000000000000ffffffffffc86556997050ffff00ffffff0000d80000003801000068020000636c7573746572000000000000000000000000000000000000000000000000001000000000000000ff7f00000800000000000080000000003830325f330000000000000000000000000000000000000000000000000000000800000000000000d400243002020000434c415353494659000000000000000000000000000000000000000000000000080000000000000003000000000000000000000000000000000000000000800000000000000000000000000000000000080000000000000000000000000000005345434d41524b00000000000000000000000000000000000000000000000000080100000000000001000000e600000073797374656d5f753a6f626a6563745f723a6c6972635f6465766963655f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000feffffff01000000110000005000000089146c6f0000000000000000000000000000626f6e645f736c6176655f300000000079616d30000000000000000000000000627071300000000000000000000000000180c200000f000000ff0000aaaaaaaaaabbff00c8ffffff000070000000b8000000080100005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a31000000000000000000000000020200000000000017000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a31000000000000000000000000000000000000000000000001010000000100000000000000"]}, 0x5c0) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000740)='TIPC\x00') sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000800)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000200}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r2, 0x300, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x200400d0}, 0x4004) 06:11:26 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)="646e735f7265736f6c76657203", &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 380.333582] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 380.333592] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:11:26 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r1, &(0x7f00000006c0)={0x0, 0xffffff7b, 0x0, 0x7ee396388ad71849, 0x0, 0x606fd031cbdc7b0d}, 0x10022) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x1001, 0x1, &(0x7f0000000040)=[{&(0x7f0000000240)="ab3d908acc807ca3512271ebffffffde7f00000000f0", 0x16}], 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc0\x00', 0x12d102, 0x0) shutdown(r1, 0x0) [ 380.333601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 380.333611] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:26 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) get_mempolicy(&(0x7f0000000000), &(0x7f0000000040), 0x4, &(0x7f0000ffc000/0x1000)=nil, 0x3) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 380.362687] dns_resolver: Unsupported server list version (0) [ 380.447487] dns_resolver: Unsupported server list version (0) [ 380.716090] FAT-fs (loop2): bogus logical sector size 65515 [ 380.716101] FAT-fs (loop2): Can't find a valid FAT filesystem 06:11:26 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:26 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:26 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:26 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x3f, 0x6, 0x3fe0, 0x8}]}, 0x10) shutdown(r1, 0x0) 06:11:26 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000140)=0xc) sched_setscheduler(r2, 0x0, &(0x7f0000000180)=0x81) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 380.858083] dns_resolver_preparse: 41 callbacks suppressed [ 380.858093] Invalid option length (1042293) for dns_resolver key [ 380.908962] Invalid option length (1042293) for dns_resolver key [ 380.935652] Invalid option length (1042293) for dns_resolver key [ 380.942455] handle_userfault: 2 callbacks suppressed [ 380.942464] FAULT_FLAG_ALLOW_RETRY missing 70 [ 380.945365] FAULT_FLAG_ALLOW_RETRY missing 70 [ 380.967490] CPU: 1 PID: 17568 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 380.976620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.985984] Call Trace: [ 380.988593] dump_stack+0x244/0x39d [ 380.992256] ? dump_stack_print_info.cold.1+0x20/0x20 [ 380.997476] handle_userfault.cold.30+0x47/0x62 [ 381.002175] ? userfaultfd_ioctl+0x5610/0x5610 [ 381.006769] ? mark_held_locks+0x130/0x130 [ 381.011012] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 381.016041] ? futex_wait_setup+0x266/0x3e0 [ 381.020385] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 381.025584] ? userfaultfd_ctx_put+0x830/0x830 [ 381.030176] ? print_usage_bug+0xc0/0xc0 [ 381.034246] ? print_usage_bug+0xc0/0xc0 [ 381.038312] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 381.043501] ? print_usage_bug+0xc0/0xc0 [ 381.047564] ? graph_lock+0x270/0x270 [ 381.051369] ? futex_wake+0x304/0x760 [ 381.055188] ? find_held_lock+0x36/0x1c0 [ 381.059269] ? __handle_mm_fault+0x4d19/0x5b70 [ 381.063863] ? lock_downgrade+0x900/0x900 [ 381.068034] ? kasan_check_read+0x11/0x20 [ 381.072689] ? do_raw_spin_unlock+0xa7/0x330 [ 381.077102] ? do_raw_spin_trylock+0x270/0x270 [ 381.081691] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 381.087337] __handle_mm_fault+0x4d26/0x5b70 [ 381.091767] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 381.096614] ? graph_lock+0x270/0x270 [ 381.100419] ? kasan_check_read+0x11/0x20 [ 381.104569] ? graph_lock+0x270/0x270 [ 381.108377] ? rcu_read_unlock_special+0x370/0x370 [ 381.113320] ? graph_lock+0x270/0x270 [ 381.117124] ? graph_lock+0x270/0x270 [ 381.120929] ? find_held_lock+0x36/0x1c0 [ 381.124998] ? find_held_lock+0x36/0x1c0 [ 381.129071] ? handle_mm_fault+0x42a/0xc70 [ 381.133311] ? lock_downgrade+0x900/0x900 [ 381.137463] ? check_preemption_disabled+0x48/0x280 [ 381.142492] ? kasan_check_read+0x11/0x20 [ 381.146640] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 381.151922] ? rcu_read_unlock_special+0x370/0x370 [ 381.156858] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 381.162402] ? check_preemption_disabled+0x48/0x280 [ 381.167429] handle_mm_fault+0x54f/0xc70 [ 381.171989] ? __handle_mm_fault+0x5b70/0x5b70 [ 381.176581] ? find_vma+0x34/0x190 [ 381.180133] __do_page_fault+0x5f6/0xd70 [ 381.184211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 381.189758] do_page_fault+0xf2/0x7e0 [ 381.193565] ? vmalloc_sync_all+0x30/0x30 [ 381.197724] ? error_entry+0x70/0xd0 [ 381.201442] ? trace_hardirqs_off_caller+0xbb/0x310 [ 381.206459] ? trace_hardirqs_on_caller+0xc0/0x310 [ 381.211395] ? syscall_return_slowpath+0x5e0/0x5e0 [ 381.216328] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.221175] ? trace_hardirqs_on_caller+0x310/0x310 [ 381.226208] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 381.231661] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 381.236680] ? prepare_exit_to_usermode+0x291/0x3b0 [ 381.241709] ? page_fault+0x8/0x30 [ 381.245259] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.250110] ? page_fault+0x8/0x30 [ 381.253657] page_fault+0x1e/0x30 [ 381.257109] RIP: 0033:0x4510a0 [ 381.260309] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 381.279218] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 381.284581] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 381.291851] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 381.299118] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 381.306431] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 381.313705] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 381.321003] CPU: 0 PID: 17570 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 381.329599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.338959] Call Trace: [ 381.341560] dump_stack+0x244/0x39d [ 381.345217] ? dump_stack_print_info.cold.1+0x20/0x20 [ 381.350419] ? preempt_schedule+0x4d/0x60 [ 381.354584] handle_userfault.cold.30+0x47/0x62 [ 381.359287] ? userfaultfd_ioctl+0x5610/0x5610 [ 381.363881] ? mark_held_locks+0x130/0x130 [ 381.368134] ? find_held_lock+0x36/0x1c0 [ 381.372230] ? futex_wake+0x613/0x760 [ 381.376043] ? userfaultfd_ctx_put+0x830/0x830 [ 381.380639] ? kasan_check_read+0x11/0x20 [ 381.384804] ? print_usage_bug+0xc0/0xc0 [ 381.388874] ? do_raw_spin_trylock+0x270/0x270 [ 381.392228] Invalid option length (1042293) for dns_resolver key [ 381.393462] ? print_usage_bug+0xc0/0xc0 [ 381.393484] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 381.393500] ? print_usage_bug+0xc0/0xc0 [ 381.393518] ? graph_lock+0x270/0x270 06:11:27 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:27 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 381.416777] ? futex_wake+0x304/0x760 [ 381.420605] ? find_held_lock+0x36/0x1c0 [ 381.424685] ? __handle_mm_fault+0x4d19/0x5b70 [ 381.424707] ? lock_downgrade+0x900/0x900 [ 381.433432] ? kasan_check_read+0x11/0x20 [ 381.437587] ? do_raw_spin_unlock+0xa7/0x330 [ 381.442000] ? do_raw_spin_trylock+0x270/0x270 [ 381.442023] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 381.442048] __handle_mm_fault+0x4d26/0x5b70 [ 381.456651] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 381.461520] ? graph_lock+0x270/0x270 [ 381.465336] ? kasan_check_read+0x11/0x20 06:11:27 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCLINUX5(r2, 0x541c, &(0x7f0000000080)={0x5, 0xfffffffffffffffe, 0x7f, 0x4, 0x5}) shutdown(r1, 0x0) [ 381.469497] ? graph_lock+0x270/0x270 [ 381.473336] ? rcu_read_unlock_special+0x370/0x370 [ 381.478300] ? graph_lock+0x270/0x270 [ 381.482113] ? graph_lock+0x270/0x270 [ 381.482513] Invalid option length (1042293) for dns_resolver key [ 381.485919] ? find_held_lock+0x36/0x1c0 [ 381.485940] ? find_held_lock+0x36/0x1c0 [ 381.485967] ? handle_mm_fault+0x42a/0xc70 [ 381.485986] ? lock_downgrade+0x900/0x900 [ 381.508628] ? check_preemption_disabled+0x48/0x280 [ 381.513675] ? kasan_check_read+0x11/0x20 06:11:27 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 381.513690] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 381.513707] ? rcu_read_unlock_special+0x370/0x370 [ 381.523291] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 381.523308] ? check_preemption_disabled+0x48/0x280 [ 381.523333] handle_mm_fault+0x54f/0xc70 [ 381.542857] ? __handle_mm_fault+0x5b70/0x5b70 [ 381.547511] ? find_vma+0x34/0x190 [ 381.551097] __do_page_fault+0x5f6/0xd70 [ 381.555205] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 381.560781] do_page_fault+0xf2/0x7e0 [ 381.564597] ? vmalloc_sync_all+0x30/0x30 [ 381.568749] ? error_entry+0x70/0xd0 [ 381.572493] ? trace_hardirqs_off_caller+0xbb/0x310 [ 381.577517] ? trace_hardirqs_on_caller+0xc0/0x310 [ 381.577533] ? syscall_return_slowpath+0x5e0/0x5e0 [ 381.577547] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.577565] ? trace_hardirqs_on_caller+0x310/0x310 [ 381.577584] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 381.587426] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 381.587445] ? prepare_exit_to_usermode+0x291/0x3b0 [ 381.587462] ? page_fault+0x8/0x30 [ 381.587479] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.587496] ? page_fault+0x8/0x30 [ 381.587510] page_fault+0x1e/0x30 [ 381.587524] RIP: 0033:0x4510a0 [ 381.629328] Invalid option length (1042293) for dns_resolver key [ 381.631826] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 381.631836] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 381.631849] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e 06:11:27 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:27 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000140)={[0x40, 0x100, 0x1, 0xfffffffffffffc01, 0x1, 0x6, 0x1ff, 0x1, 0x6, 0x8a, 0xfa, 0x1, 0xffffffffffffff62, 0x5, 0x7, 0x4], 0x11f004}) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000000)={{0x8c2e, 0x0, 0x401, 0x7}, 'syz1\x00', 0x46}) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 381.631859] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 381.631867] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 381.631881] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 381.691360] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:27 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x10001, 0x4) recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) shutdown(r0, 0x0) [ 381.725874] Invalid option length (1042293) for dns_resolver key 06:11:27 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200), 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:27 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) keyctl$search(0xa, r1, &(0x7f0000000040)='trusted\x00', &(0x7f0000000140)={'syz', 0x2}, r1) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000000)={0x1, 0x0, 0xa59c, 0x3, '\x00', 0x1}) 06:11:27 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:27 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffffea2, 0xfffffffffffffffb) [ 381.820797] Invalid option length (1042293) for dns_resolver key 06:11:27 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 381.875328] Invalid option length (1042293) for dns_resolver key [ 381.915203] Invalid option length (1042293) for dns_resolver key [ 381.928262] FAULT_FLAG_ALLOW_RETRY missing 70 [ 381.932811] CPU: 0 PID: 17617 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 381.939256] FAULT_FLAG_ALLOW_RETRY missing 70 [ 381.941407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.941414] Call Trace: [ 381.941440] dump_stack+0x244/0x39d [ 381.941464] ? dump_stack_print_info.cold.1+0x20/0x20 [ 381.941495] handle_userfault.cold.30+0x47/0x62 [ 381.941520] ? userfaultfd_ioctl+0x5610/0x5610 06:11:27 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @host}, 0x10) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 381.975983] ? mark_held_locks+0x130/0x130 [ 381.980235] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 381.985261] ? futex_wait_setup+0x266/0x3e0 [ 381.989605] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 381.994812] ? userfaultfd_ctx_put+0x830/0x830 [ 381.999412] ? print_usage_bug+0xc0/0xc0 [ 382.003484] ? print_usage_bug+0xc0/0xc0 [ 382.007558] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 382.012771] ? print_usage_bug+0xc0/0xc0 [ 382.016839] ? graph_lock+0x270/0x270 [ 382.020639] ? futex_wake+0x304/0x760 [ 382.024467] ? find_held_lock+0x36/0x1c0 06:11:27 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 382.028637] ? __handle_mm_fault+0x4d19/0x5b70 [ 382.033223] ? lock_downgrade+0x900/0x900 [ 382.037384] ? kasan_check_read+0x11/0x20 [ 382.041538] ? do_raw_spin_unlock+0xa7/0x330 [ 382.045959] ? do_raw_spin_trylock+0x270/0x270 [ 382.050556] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 382.056203] __handle_mm_fault+0x4d26/0x5b70 [ 382.060633] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 382.065493] ? graph_lock+0x270/0x270 [ 382.069308] ? kasan_check_read+0x11/0x20 [ 382.073475] ? graph_lock+0x270/0x270 [ 382.077286] ? rcu_read_unlock_special+0x370/0x370 [ 382.082238] ? graph_lock+0x270/0x270 [ 382.086046] ? graph_lock+0x270/0x270 [ 382.089852] ? find_held_lock+0x36/0x1c0 [ 382.093921] ? find_held_lock+0x36/0x1c0 [ 382.097998] ? handle_mm_fault+0x42a/0xc70 [ 382.102247] ? lock_downgrade+0x900/0x900 [ 382.106410] ? check_preemption_disabled+0x48/0x280 [ 382.111443] ? kasan_check_read+0x11/0x20 [ 382.115607] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 382.120897] ? rcu_read_unlock_special+0x370/0x370 06:11:27 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) fcntl$getownex(r1, 0x10, &(0x7f0000000000)) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 382.125835] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 382.125855] ? check_preemption_disabled+0x48/0x280 [ 382.125882] handle_mm_fault+0x54f/0xc70 [ 382.125898] ? __handle_mm_fault+0x5b70/0x5b70 [ 382.125914] ? find_vma+0x34/0x190 [ 382.148611] __do_page_fault+0x5f6/0xd70 [ 382.148631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.148656] do_page_fault+0xf2/0x7e0 [ 382.148674] ? vmalloc_sync_all+0x30/0x30 [ 382.148691] ? error_entry+0x70/0xd0 [ 382.148706] ? trace_hardirqs_off_caller+0xbb/0x310 06:11:27 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 382.148719] ? trace_hardirqs_on_caller+0xc0/0x310 [ 382.148733] ? syscall_return_slowpath+0x5e0/0x5e0 [ 382.148748] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.148767] ? trace_hardirqs_on_caller+0x310/0x310 [ 382.194698] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 382.200178] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 382.205207] ? prepare_exit_to_usermode+0x291/0x3b0 [ 382.210236] ? page_fault+0x8/0x30 [ 382.213784] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.218641] ? page_fault+0x8/0x30 [ 382.222200] page_fault+0x1e/0x30 [ 382.225662] RIP: 0033:0x4510a0 [ 382.228865] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 382.247766] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 382.247779] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 382.247787] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 382.247797] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 382.247806] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 382.247819] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 382.277564] CPU: 0 PID: 17627 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 382.298988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.298995] Call Trace: [ 382.299020] dump_stack+0x244/0x39d [ 382.299042] ? dump_stack_print_info.cold.1+0x20/0x20 [ 382.299061] ? preempt_schedule+0x4d/0x60 [ 382.299089] handle_userfault.cold.30+0x47/0x62 [ 382.299130] ? userfaultfd_ioctl+0x5610/0x5610 [ 382.299146] ? mark_held_locks+0x130/0x130 [ 382.299167] ? find_held_lock+0x36/0x1c0 [ 382.299194] ? futex_wake+0x613/0x760 [ 382.345395] ? userfaultfd_ctx_put+0x830/0x830 [ 382.345418] ? kasan_check_read+0x11/0x20 [ 382.345436] ? print_usage_bug+0xc0/0xc0 06:11:28 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)="646e735f7265736f6c766572ff", &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:28 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x2, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000000)=r2) [ 382.345450] ? do_raw_spin_trylock+0x270/0x270 [ 382.345464] ? print_usage_bug+0xc0/0xc0 [ 382.345484] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 382.345499] ? print_usage_bug+0xc0/0xc0 [ 382.345514] ? graph_lock+0x270/0x270 [ 382.345528] ? futex_wake+0x304/0x760 [ 382.345556] ? find_held_lock+0x36/0x1c0 [ 382.345582] ? __handle_mm_fault+0x4d19/0x5b70 [ 382.345599] ? lock_downgrade+0x900/0x900 [ 382.345621] ? kasan_check_read+0x11/0x20 [ 382.345635] ? do_raw_spin_unlock+0xa7/0x330 [ 382.345651] ? do_raw_spin_trylock+0x270/0x270 [ 382.345669] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 382.345696] __handle_mm_fault+0x4d26/0x5b70 [ 382.345720] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 382.345737] ? graph_lock+0x270/0x270 [ 382.345751] ? kasan_check_read+0x11/0x20 [ 382.345765] ? graph_lock+0x270/0x270 [ 382.345782] ? rcu_read_unlock_special+0x370/0x370 [ 382.345810] ? graph_lock+0x270/0x270 [ 382.345824] ? graph_lock+0x270/0x270 [ 382.345839] ? find_held_lock+0x36/0x1c0 [ 382.345859] ? find_held_lock+0x36/0x1c0 [ 382.345884] ? handle_mm_fault+0x42a/0xc70 [ 382.345902] ? lock_downgrade+0x900/0x900 [ 382.345920] ? check_preemption_disabled+0x48/0x280 [ 382.345941] ? kasan_check_read+0x11/0x20 [ 382.345956] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 382.345973] ? rcu_read_unlock_special+0x370/0x370 [ 382.345991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 382.346007] ? check_preemption_disabled+0x48/0x280 [ 382.346031] handle_mm_fault+0x54f/0xc70 [ 382.346051] ? __handle_mm_fault+0x5b70/0x5b70 [ 382.346069] ? find_vma+0x34/0x190 [ 382.346106] __do_page_fault+0x5f6/0xd70 [ 382.346123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.346147] do_page_fault+0xf2/0x7e0 [ 382.346163] ? vmalloc_sync_all+0x30/0x30 [ 382.346181] ? error_entry+0x70/0xd0 [ 382.346199] ? trace_hardirqs_off_caller+0xbb/0x310 [ 382.346212] ? trace_hardirqs_on_caller+0xc0/0x310 [ 382.346228] ? syscall_return_slowpath+0x5e0/0x5e0 [ 382.346241] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.346256] ? trace_hardirqs_on_caller+0x310/0x310 [ 382.346270] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 382.346286] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 382.346302] ? prepare_exit_to_usermode+0x291/0x3b0 [ 382.346316] ? page_fault+0x8/0x30 [ 382.346333] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.346350] ? page_fault+0x8/0x30 [ 382.346365] page_fault+0x1e/0x30 [ 382.346375] RIP: 0033:0x4510a0 [ 382.346389] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 06:11:28 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000440)={{}, {0x0, @dev}, 0x0, {0x2, 0x0, @dev}, 'bridge_slave_1\x00'}) [ 382.346396] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 382.346407] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 382.346415] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 382.346423] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 382.346430] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 382.346438] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:28 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200), 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:28 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$BLKPG(r0, 0x1269, &(0x7f0000000040)={0x137c95e8, 0x10000, 0x2f, &(0x7f0000000000)="1dc367710718854dca8b30d9a352ad5c0cf6ac4ef4811ff6b9a53bf476d0b701eaae06465bde4a8201ee4d030cb69a"}) 06:11:28 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={'.\x00'}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:28 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:28 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000000)=0x1ff, 0x4) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:28 executing program 2: [ 382.795535] FAULT_FLAG_ALLOW_RETRY missing 70 [ 382.828834] CPU: 0 PID: 17674 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 382.837468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.846825] Call Trace: [ 382.849438] dump_stack+0x244/0x39d [ 382.850296] FAULT_FLAG_ALLOW_RETRY missing 70 [ 382.853096] ? dump_stack_print_info.cold.1+0x20/0x20 [ 382.853130] handle_userfault.cold.30+0x47/0x62 [ 382.867484] ? userfaultfd_ioctl+0x5610/0x5610 [ 382.872088] ? mark_held_locks+0x130/0x130 [ 382.876344] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 382.881368] ? futex_wait_setup+0x266/0x3e0 [ 382.885710] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 382.890922] ? userfaultfd_ctx_put+0x830/0x830 [ 382.895518] ? print_usage_bug+0xc0/0xc0 [ 382.899600] ? print_usage_bug+0xc0/0xc0 [ 382.903678] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 382.909133] ? print_usage_bug+0xc0/0xc0 [ 382.913202] ? graph_lock+0x270/0x270 [ 382.917008] ? futex_wake+0x304/0x760 [ 382.920841] ? find_held_lock+0x36/0x1c0 [ 382.924922] ? __handle_mm_fault+0x4d19/0x5b70 [ 382.929510] ? lock_downgrade+0x900/0x900 [ 382.933668] ? kasan_check_read+0x11/0x20 [ 382.937820] ? do_raw_spin_unlock+0xa7/0x330 [ 382.942446] ? do_raw_spin_trylock+0x270/0x270 [ 382.947055] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 382.952704] __handle_mm_fault+0x4d26/0x5b70 [ 382.957131] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 382.961989] ? graph_lock+0x270/0x270 [ 382.965804] ? kasan_check_read+0x11/0x20 [ 382.969958] ? graph_lock+0x270/0x270 [ 382.973757] ? rcu_read_unlock_special+0x370/0x370 [ 382.973781] ? graph_lock+0x270/0x270 [ 382.982490] ? graph_lock+0x270/0x270 [ 382.986302] ? find_held_lock+0x36/0x1c0 [ 382.990382] ? find_held_lock+0x36/0x1c0 [ 382.994471] ? handle_mm_fault+0x42a/0xc70 [ 382.998722] ? lock_downgrade+0x900/0x900 [ 383.002877] ? check_preemption_disabled+0x48/0x280 [ 383.007910] ? kasan_check_read+0x11/0x20 [ 383.012075] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 383.017367] ? rcu_read_unlock_special+0x370/0x370 [ 383.022312] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 383.027858] ? check_preemption_disabled+0x48/0x280 [ 383.032887] handle_mm_fault+0x54f/0xc70 [ 383.036953] ? __handle_mm_fault+0x5b70/0x5b70 [ 383.041538] ? find_vma+0x34/0x190 [ 383.045087] __do_page_fault+0x5f6/0xd70 [ 383.049153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.054701] do_page_fault+0xf2/0x7e0 [ 383.058507] ? vmalloc_sync_all+0x30/0x30 [ 383.062653] ? error_entry+0x70/0xd0 [ 383.066373] ? trace_hardirqs_off_caller+0xbb/0x310 [ 383.071388] ? trace_hardirqs_on_caller+0xc0/0x310 [ 383.076316] ? syscall_return_slowpath+0x5e0/0x5e0 [ 383.081252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.086101] ? trace_hardirqs_on_caller+0x310/0x310 [ 383.091131] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 383.096595] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 383.101617] ? prepare_exit_to_usermode+0x291/0x3b0 [ 383.106633] ? page_fault+0x8/0x30 [ 383.110182] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.115042] ? page_fault+0x8/0x30 [ 383.118585] page_fault+0x1e/0x30 [ 383.122044] RIP: 0033:0x4510a0 [ 383.125245] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 383.144142] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 383.149508] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 383.156779] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 383.164052] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 383.171322] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 06:11:28 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) ioctl$TIOCSTI(r0, 0x5412, 0x7f4a) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = add_key(&(0x7f0000000040)='.request_key_auth\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="e88b518a09fc3f0372ee1e5a344f1ad8d9d8945b12fea503d10b1c6fd92ba727a7fd863822e52a1ae323a5bab84802ed0936e4284d8fcc5f4fe70ff172b01d6b80692b86d7412881d4e59e229da450c6893c418629eaae46a12c3780512d1b716d5f692f10f8087c92521379426516313ed19999b9e643fd5af10be7667c7ebdd30a936d97f549326cf3fa3bbc7684940cf79f16a669879f4a394397d64429", 0x9f, 0xfffffffffffffffa) add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0x2}, &(0x7f0000000000), 0x0, r1) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:28 executing program 2: 06:11:28 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0300"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:28 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x402a40, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x7, 0x400, 0x19e, 0x6, 0x2, r0, 0x400}, 0x2c) [ 383.178588] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 383.185934] CPU: 1 PID: 17677 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 383.194538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.203897] Call Trace: [ 383.206501] dump_stack+0x244/0x39d [ 383.210155] ? dump_stack_print_info.cold.1+0x20/0x20 [ 383.215370] handle_userfault.cold.30+0x47/0x62 [ 383.220067] ? userfaultfd_ioctl+0x5610/0x5610 [ 383.224672] ? mark_held_locks+0x130/0x130 06:11:28 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={')\x00'}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 383.228916] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 383.233936] ? futex_wait_setup+0x266/0x3e0 [ 383.238306] ? __sanitizer_cov_trace_switch+0x53/0x90 06:11:29 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000000)={r1, r2}) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 383.238331] ? userfaultfd_ctx_put+0x830/0x830 [ 383.238357] ? print_usage_bug+0xc0/0xc0 [ 383.238375] ? print_usage_bug+0xc0/0xc0 [ 383.238394] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 383.238411] ? print_usage_bug+0xc0/0xc0 [ 383.238428] ? graph_lock+0x270/0x270 [ 383.238444] ? futex_wake+0x304/0x760 [ 383.238474] ? find_held_lock+0x36/0x1c0 [ 383.238502] ? __handle_mm_fault+0x4d19/0x5b70 [ 383.238526] ? lock_downgrade+0x900/0x900 [ 383.238551] ? kasan_check_read+0x11/0x20 [ 383.238566] ? do_raw_spin_unlock+0xa7/0x330 [ 383.238581] ? do_raw_spin_trylock+0x270/0x270 [ 383.238599] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 383.238626] __handle_mm_fault+0x4d26/0x5b70 [ 383.238651] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 383.238669] ? graph_lock+0x270/0x270 [ 383.238686] ? kasan_check_read+0x11/0x20 [ 383.238701] ? graph_lock+0x270/0x270 [ 383.238718] ? rcu_read_unlock_special+0x370/0x370 [ 383.238745] ? graph_lock+0x270/0x270 [ 383.238760] ? graph_lock+0x270/0x270 [ 383.238776] ? find_held_lock+0x36/0x1c0 [ 383.238796] ? find_held_lock+0x36/0x1c0 [ 383.238822] ? handle_mm_fault+0x42a/0xc70 [ 383.238840] ? lock_downgrade+0x900/0x900 [ 383.238857] ? check_preemption_disabled+0x48/0x280 [ 383.238878] ? kasan_check_read+0x11/0x20 [ 383.238894] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 383.238911] ? rcu_read_unlock_special+0x370/0x370 [ 383.238928] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 383.238945] ? check_preemption_disabled+0x48/0x280 [ 383.238969] handle_mm_fault+0x54f/0xc70 [ 383.238989] ? __handle_mm_fault+0x5b70/0x5b70 [ 383.239014] ? find_vma+0x34/0x190 [ 383.239035] __do_page_fault+0x5f6/0xd70 [ 383.239052] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.239077] do_page_fault+0xf2/0x7e0 [ 383.239094] ? vmalloc_sync_all+0x30/0x30 [ 383.239111] ? error_entry+0x70/0xd0 [ 383.239129] ? trace_hardirqs_off_caller+0xbb/0x310 [ 383.239144] ? trace_hardirqs_on_caller+0xc0/0x310 [ 383.239160] ? syscall_return_slowpath+0x5e0/0x5e0 [ 383.239174] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.239191] ? trace_hardirqs_on_caller+0x310/0x310 [ 383.239207] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 383.239225] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 383.239241] ? prepare_exit_to_usermode+0x291/0x3b0 [ 383.239253] ? page_fault+0x8/0x30 [ 383.239267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.239282] ? page_fault+0x8/0x30 [ 383.239297] page_fault+0x1e/0x30 [ 383.239309] RIP: 0033:0x4510a0 [ 383.239323] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 383.239332] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 383.239343] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 383.239350] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 383.239356] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 383.239363] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 06:11:29 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:29 executing program 2: 06:11:29 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x89) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) getresgid(&(0x7f0000000040), &(0x7f0000000140), &(0x7f0000000180)=0x0) ioctl$TUNSETGROUP(r0, 0x400454ce, r1) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:29 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={'-\x00'}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:29 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) setsockopt$sock_void(r1, 0x1, 0x3f, 0x0, 0x0) 06:11:29 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 383.239369] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 383.268140] dns_resolver: Unsupported server list version (0) [ 383.278197] dns_resolver: Unsupported server list version (0) 06:11:29 executing program 2: [ 383.807017] FAULT_FLAG_ALLOW_RETRY missing 70 [ 383.811744] CPU: 1 PID: 17720 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 383.820327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.829693] Call Trace: [ 383.832301] dump_stack+0x244/0x39d [ 383.835964] ? dump_stack_print_info.cold.1+0x20/0x20 [ 383.841183] handle_userfault.cold.30+0x47/0x62 [ 383.845879] ? userfaultfd_ioctl+0x5610/0x5610 [ 383.850476] ? mark_held_locks+0x130/0x130 [ 383.854730] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 383.859781] ? futex_wait_setup+0x266/0x3e0 [ 383.864115] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 383.869321] ? userfaultfd_ctx_put+0x830/0x830 [ 383.873927] ? print_usage_bug+0xc0/0xc0 [ 383.878015] ? print_usage_bug+0xc0/0xc0 [ 383.882093] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 383.887293] ? print_usage_bug+0xc0/0xc0 [ 383.891366] ? graph_lock+0x270/0x270 [ 383.895265] ? futex_wake+0x304/0x760 [ 383.899090] ? find_held_lock+0x36/0x1c0 [ 383.903165] ? __handle_mm_fault+0x4d19/0x5b70 [ 383.908214] ? lock_downgrade+0x900/0x900 [ 383.912371] ? kasan_check_read+0x11/0x20 [ 383.916522] ? do_raw_spin_unlock+0xa7/0x330 [ 383.920950] ? do_raw_spin_trylock+0x270/0x270 [ 383.925542] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 383.931176] __handle_mm_fault+0x4d26/0x5b70 [ 383.931201] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 383.931218] ? graph_lock+0x270/0x270 [ 383.931237] ? kasan_check_read+0x11/0x20 [ 383.948423] ? graph_lock+0x270/0x270 [ 383.952244] ? rcu_read_unlock_special+0x370/0x370 [ 383.957199] ? graph_lock+0x270/0x270 [ 383.961016] ? graph_lock+0x270/0x270 [ 383.964825] ? find_held_lock+0x36/0x1c0 [ 383.968901] ? find_held_lock+0x36/0x1c0 [ 383.972990] ? handle_mm_fault+0x42a/0xc70 [ 383.977240] ? lock_downgrade+0x900/0x900 [ 383.981397] ? check_preemption_disabled+0x48/0x280 [ 383.986431] ? kasan_check_read+0x11/0x20 [ 383.990597] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 383.995881] ? rcu_read_unlock_special+0x370/0x370 [ 384.000813] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 384.000831] ? check_preemption_disabled+0x48/0x280 [ 384.000856] handle_mm_fault+0x54f/0xc70 [ 384.000872] ? __handle_mm_fault+0x5b70/0x5b70 [ 384.000889] ? find_vma+0x34/0x190 [ 384.023612] __do_page_fault+0x5f6/0xd70 [ 384.027687] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.033245] do_page_fault+0xf2/0x7e0 [ 384.037062] ? vmalloc_sync_all+0x30/0x30 [ 384.041222] ? error_entry+0x70/0xd0 [ 384.044970] ? trace_hardirqs_off_caller+0xbb/0x310 [ 384.049997] ? trace_hardirqs_on_caller+0xc0/0x310 [ 384.054922] ? syscall_return_slowpath+0x5e0/0x5e0 [ 384.054952] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.064716] ? trace_hardirqs_on_caller+0x310/0x310 [ 384.069743] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 384.071177] dns_resolver: Unsupported server list version (0) [ 384.075376] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 384.075394] ? prepare_exit_to_usermode+0x291/0x3b0 [ 384.075413] ? page_fault+0x8/0x30 [ 384.075436] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.075458] ? page_fault+0x8/0x30 [ 384.103265] page_fault+0x1e/0x30 06:11:29 executing program 2: 06:11:29 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$KVM_GET_XCRS(r0, 0x8188aea6, &(0x7f0000000040)={0x2, 0x8, [{0xfffffffffffffbff, 0x0, 0x8493}, {0x8, 0x0, 0x4}]}) r1 = inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x0) inotify_rm_watch(r0, r1) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:29 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"c200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:29 executing program 3: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x20000018, &(0x7f0000000140)={@ipv4={[], [], @local}, 0x0}, &(0x7f0000000000)=0xffffffffffffffa5) r2 = getuid() setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@multicast2, @in=@multicast1, 0x4e23, 0x2, 0x4e24, 0xffffffff, 0x2, 0x80, 0x20, 0x11, r1, r2}, {0x9, 0x10000, 0x1, 0xffffffffffff9722, 0x3, 0x9, 0xb5, 0x6}, {0x0, 0x8, 0x0, 0x605}, 0x20, 0x0, 0x2, 0x1, 0x2}, {{@in=@empty, 0x4d6}, 0xa, @in=@local, 0x3505, 0x2, 0x3, 0xfc97, 0xe3b, 0x7f, 0x5}}, 0xe8) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000300)='/dev/rtc0\x00', 0x200000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r3, 0x8904, 0x0) 06:11:29 executing program 2: [ 384.107230] RIP: 0033:0x4510a0 [ 384.110434] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 384.110867] dns_resolver: Unsupported server list version (0) [ 384.129612] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 384.129624] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 384.129632] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 384.129640] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 384.129647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 384.129655] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 384.181211] FAULT_FLAG_ALLOW_RETRY missing 70 [ 384.200690] CPU: 1 PID: 17723 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 384.209823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.219189] Call Trace: [ 384.221804] dump_stack+0x244/0x39d [ 384.225463] ? dump_stack_print_info.cold.1+0x20/0x20 [ 384.230683] handle_userfault.cold.30+0x47/0x62 [ 384.235380] ? userfaultfd_ioctl+0x5610/0x5610 [ 384.239986] ? mark_held_locks+0x130/0x130 [ 384.244227] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 384.244247] ? futex_wait_setup+0x266/0x3e0 [ 384.253583] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 384.258794] ? userfaultfd_ctx_put+0x830/0x830 [ 384.263402] ? print_usage_bug+0xc0/0xc0 [ 384.267486] ? print_usage_bug+0xc0/0xc0 [ 384.271567] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 384.276770] ? print_usage_bug+0xc0/0xc0 [ 384.280854] ? graph_lock+0x270/0x270 [ 384.284662] ? futex_wake+0x304/0x760 [ 384.288481] ? find_held_lock+0x36/0x1c0 [ 384.292555] ? __handle_mm_fault+0x4d19/0x5b70 [ 384.297139] ? lock_downgrade+0x900/0x900 [ 384.297166] ? kasan_check_read+0x11/0x20 [ 384.305893] ? do_raw_spin_unlock+0xa7/0x330 [ 384.310322] ? do_raw_spin_trylock+0x270/0x270 [ 384.314923] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 384.320567] __handle_mm_fault+0x4d26/0x5b70 [ 384.325002] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 384.329861] ? graph_lock+0x270/0x270 [ 384.333685] ? kasan_check_read+0x11/0x20 [ 384.337849] ? graph_lock+0x270/0x270 [ 384.341661] ? rcu_read_unlock_special+0x370/0x370 [ 384.346611] ? graph_lock+0x270/0x270 [ 384.350425] ? graph_lock+0x270/0x270 [ 384.354238] ? find_held_lock+0x36/0x1c0 [ 384.358317] ? find_held_lock+0x36/0x1c0 [ 384.362374] ? handle_mm_fault+0x42a/0xc70 [ 384.366594] ? lock_downgrade+0x900/0x900 [ 384.370730] ? check_preemption_disabled+0x48/0x280 [ 384.375737] ? kasan_check_read+0x11/0x20 [ 384.379872] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 384.385173] ? rcu_read_unlock_special+0x370/0x370 [ 384.390093] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 384.395635] ? check_preemption_disabled+0x48/0x280 [ 384.400654] handle_mm_fault+0x54f/0xc70 [ 384.404702] ? __handle_mm_fault+0x5b70/0x5b70 [ 384.409269] ? find_vma+0x34/0x190 [ 384.412818] __do_page_fault+0x5f6/0xd70 [ 384.416879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.422419] do_page_fault+0xf2/0x7e0 [ 384.426204] ? vmalloc_sync_all+0x30/0x30 [ 384.430340] ? error_entry+0x70/0xd0 [ 384.434044] ? trace_hardirqs_off_caller+0xbb/0x310 [ 384.439048] ? trace_hardirqs_on_caller+0xc0/0x310 [ 384.443973] ? syscall_return_slowpath+0x5e0/0x5e0 [ 384.448904] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.453736] ? trace_hardirqs_on_caller+0x310/0x310 [ 384.458740] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 384.464177] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 384.469183] ? prepare_exit_to_usermode+0x291/0x3b0 [ 384.474195] ? page_fault+0x8/0x30 [ 384.477792] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.482626] ? page_fault+0x8/0x30 [ 384.486155] page_fault+0x1e/0x30 [ 384.489596] RIP: 0033:0x4510a0 06:11:30 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:30 executing program 2: r0 = gettid() write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140), 0x12) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x3) socket$kcm(0x29, 0x2, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socket$kcm(0x2, 0xfffffffffffffffe, 0x2) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000780)="6e7230010060a19ef9d2c673d9a1571cb9e1369bcd61ef7e49793ae18712eceb1daa769497800b7fbbd35b170c10751d39aeb660d863e49b8c4f3b3dad48902b5b2d6cfd0abd372c63bcf5d70df3fd4d2e8d443c88bc0e5637dd82fc3435bed4de5d693c9a781c863e05d8a6f8689a5be29216061f3ff53f8b6b396678e7ba155ef9152d7e43b1eccb2331eb8eb1ed5586dcf8b3b0b999361a44ff2c22c2abbef42dd24eabe6723346a6e46c0499a21442d8d00dcb57f013ff7595edd0ff076930de3675d34117a44eb0e4f832936da44e57e43a3e36bd48d2a85bf4fd4a804e83f2f3cf378a435af5e287d4e27337b4ada11b26219832ec6b2b38446b3b95fe3771e9f42ca30fb21e12f0a3d8bc2d85454af9fcc0232d8fd909448b01f46c593d31ea1c926465e35a4199079c3ca41128b17cb01fbf5b522be0fd02022ada37fecc14b6c8c8831883b85a1106f2f867020d529f17a350f20dd3bf51a98cfda70c2e3638a483fd3f87940bb478b07c4c110394c0093d17955089f2ca97bbe075124c9b1ff6500d536a95d96f03d48596e008bf0a028b539cec796cec9bf585eb80fe3e0d26") perf_event_open(0x0, 0x0, 0x2, r1, 0x9) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='io.stat\x00', 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r2, 0x28, &(0x7f00000003c0)}, 0x36e) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x2, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000300)={"6e72300100", 0x1132}) perf_event_open(&(0x7f0000000180)={0x1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x11, 0x0, 0x300) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x28, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000100404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000d7150dfa40fabc0231439516172653ea387001d076efc8374c88dfab1493d64a360a3c8c4f74b7f5c7f43b7da9c82ed93d94d268c64620b87395351964320aab020e38620f59c5a5c33ae063f122194e8cc7bbdcfe815c8b230b3a059cee9982d05222e057504f39d72181e4a01b4124e9e6a90b018cb57039910e1e40edfc9869dbc76104e3c1e0a42deeaab4b3aa98fa57ea36aa4c60f5b41a61f84dfbf4d9a991fbf3afc0f22e2e44394345df81c02ecbc502ddea98c8cc0b78efdf4dc6e306509bc9bf2d2870fdbe796ca543eceddfcc5d8127a4e8"], 0x0}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x18000000000002a0, 0x34, 0x0, &(0x7f0000000280)="b90703e6680d698cb89e40f02cead5dc57ee41dea43e63a377fb8a977c3f1d1788e8ad30d84648a27f11c72be0000e01e1977d48", 0x0, 0x100}, 0x28) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0), 0xffffffffffffff05) 06:11:30 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"526bd3"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:30 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:30 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:30 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000fef000/0xe000)=nil, 0xe000, 0x2000000, 0x40010, r1, 0x0) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 384.492774] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 384.511659] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 384.517009] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 384.524273] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 384.531542] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 384.538800] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 384.546058] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 384.636394] dns_resolver: Unsupported server list version (0) 06:11:30 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:30 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000000)={0x0, 0xc, "e3ffeb6e7361ed4e06822b02"}, &(0x7f0000000040)=0x14) r2 = semget$private(0x0, 0x4, 0x20) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000180)=""/217) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={r1, 0x101}, 0x8) [ 384.681599] FAULT_FLAG_ALLOW_RETRY missing 70 [ 384.699459] CPU: 0 PID: 17760 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 384.708077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.717438] Call Trace: [ 384.717466] dump_stack+0x244/0x39d [ 384.717490] ? dump_stack_print_info.cold.1+0x20/0x20 06:11:30 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x200, 0x400000) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 384.717521] handle_userfault.cold.30+0x47/0x62 [ 384.717556] ? userfaultfd_ioctl+0x5610/0x5610 [ 384.733630] ? mark_held_locks+0x130/0x130 [ 384.733654] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 384.747543] ? futex_wait_setup+0x266/0x3e0 [ 384.751908] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 384.757122] ? userfaultfd_ctx_put+0x830/0x830 [ 384.761726] ? print_usage_bug+0xc0/0xc0 [ 384.765794] ? print_usage_bug+0xc0/0xc0 [ 384.769875] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 384.769891] ? print_usage_bug+0xc0/0xc0 [ 384.769908] ? graph_lock+0x270/0x270 [ 384.769923] ? futex_wake+0x304/0x760 [ 384.769951] ? find_held_lock+0x36/0x1c0 [ 384.769976] ? __handle_mm_fault+0x4d19/0x5b70 [ 384.795605] ? lock_downgrade+0x900/0x900 [ 384.799775] ? kasan_check_read+0x11/0x20 [ 384.803939] ? do_raw_spin_unlock+0xa7/0x330 [ 384.808360] ? do_raw_spin_trylock+0x270/0x270 [ 384.812959] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 384.818608] __handle_mm_fault+0x4d26/0x5b70 [ 384.823035] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 384.827907] ? graph_lock+0x270/0x270 06:11:30 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) mknodat(r0, &(0x7f0000000040)='./file0\x00', 0xc000, 0xffff) [ 384.831716] ? kasan_check_read+0x11/0x20 [ 384.835883] ? graph_lock+0x270/0x270 [ 384.839697] ? rcu_read_unlock_special+0x370/0x370 [ 384.844649] ? graph_lock+0x270/0x270 [ 384.848461] ? graph_lock+0x270/0x270 [ 384.852271] ? find_held_lock+0x36/0x1c0 [ 384.856347] ? find_held_lock+0x36/0x1c0 [ 384.860430] ? handle_mm_fault+0x42a/0xc70 [ 384.864675] ? lock_downgrade+0x900/0x900 [ 384.868836] ? check_preemption_disabled+0x48/0x280 [ 384.873909] ? kasan_check_read+0x11/0x20 06:11:30 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000280)={{0x80000000, 0x2f5}, 'port1\x00', 0x20, 0x400, 0x3ff, 0x2, 0x5, 0x0, 0x6, 0x0, 0x4, 0x2}) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000140)={0xfffffffffffffffb, 0xea2, 0x10000, 0x0, 0x0, [], [], [], 0x0, 0xfffffffffffffffa}) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000000)=0x0) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000040)=r2) getpeername$llc(r1, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000380)=0x10) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f00000003c0)={0x8}) ioctl$VIDIOC_QUERY_EXT_CTRL(r1, 0xc0e85667, &(0x7f0000000400)={0x40000000, 0x9, "d4aebc17f9b2e5c32634009d90a1474a67cceaab21489689d9ef8eba55b20519", 0x7, 0x20, 0x3, 0x5, 0x0, 0xb74, 0x81, 0x1, [0x4, 0x7, 0x7, 0x100000000]}) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000500)={0x0, 0xff, 0x7ff}, &(0x7f0000000540)=0x8) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f00000005c0)={0x8000000000000000, 0x16004, 0x40, 0x1, 0x15}) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000580)={r3, 0x80}, 0x8) [ 384.878082] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 384.883372] ? rcu_read_unlock_special+0x370/0x370 [ 384.888316] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 384.893880] ? check_preemption_disabled+0x48/0x280 [ 384.899015] handle_mm_fault+0x54f/0xc70 [ 384.903093] ? __handle_mm_fault+0x5b70/0x5b70 [ 384.907688] ? find_vma+0x34/0x190 [ 384.911245] __do_page_fault+0x5f6/0xd70 [ 384.915314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.920884] do_page_fault+0xf2/0x7e0 [ 384.924700] ? vmalloc_sync_all+0x30/0x30 [ 384.928874] ? error_entry+0x70/0xd0 06:11:30 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400000000000, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 384.932602] ? trace_hardirqs_off_caller+0xbb/0x310 [ 384.937626] ? trace_hardirqs_on_caller+0xc0/0x310 [ 384.942565] ? syscall_return_slowpath+0x5e0/0x5e0 [ 384.947503] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.952355] ? trace_hardirqs_on_caller+0x310/0x310 [ 384.957384] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 384.962850] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 384.962871] ? prepare_exit_to_usermode+0x291/0x3b0 [ 384.972888] ? page_fault+0x8/0x30 [ 384.976443] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.981291] ? page_fault+0x8/0x30 [ 384.981310] page_fault+0x1e/0x30 [ 384.981322] RIP: 0033:0x4510a0 [ 384.981342] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 385.010403] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 385.015774] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 385.023052] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 385.030325] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 385.037598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 385.044874] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 385.054518] FAULT_FLAG_ALLOW_RETRY missing 70 [ 385.067220] CPU: 1 PID: 17761 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 385.067231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.067238] Call Trace: [ 385.067262] dump_stack+0x244/0x39d [ 385.067287] ? dump_stack_print_info.cold.1+0x20/0x20 [ 385.067315] handle_userfault.cold.30+0x47/0x62 [ 385.067350] ? userfaultfd_ioctl+0x5610/0x5610 [ 385.067370] ? mark_held_locks+0x130/0x130 [ 385.067388] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 385.067403] ? futex_wait_setup+0x266/0x3e0 [ 385.067431] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 385.067452] ? userfaultfd_ctx_put+0x830/0x830 [ 385.067474] ? print_usage_bug+0xc0/0xc0 [ 385.067488] ? print_usage_bug+0xc0/0xc0 [ 385.067503] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 385.067515] ? print_usage_bug+0xc0/0xc0 [ 385.067528] ? graph_lock+0x270/0x270 [ 385.067539] ? futex_wake+0x304/0x760 [ 385.067566] ? find_held_lock+0x36/0x1c0 [ 385.067592] ? __handle_mm_fault+0x4d19/0x5b70 [ 385.067610] ? lock_downgrade+0x900/0x900 [ 385.067634] ? kasan_check_read+0x11/0x20 [ 385.067648] ? do_raw_spin_unlock+0xa7/0x330 [ 385.067663] ? do_raw_spin_trylock+0x270/0x270 [ 385.067681] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 385.067708] __handle_mm_fault+0x4d26/0x5b70 [ 385.067733] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 385.067751] ? graph_lock+0x270/0x270 [ 385.067767] ? kasan_check_read+0x11/0x20 [ 385.067782] ? graph_lock+0x270/0x270 [ 385.067798] ? rcu_read_unlock_special+0x370/0x370 [ 385.067835] ? graph_lock+0x270/0x270 [ 385.067851] ? graph_lock+0x270/0x270 [ 385.067866] ? find_held_lock+0x36/0x1c0 [ 385.067886] ? find_held_lock+0x36/0x1c0 [ 385.067912] ? handle_mm_fault+0x42a/0xc70 [ 385.067926] ? lock_downgrade+0x900/0x900 [ 385.067944] ? check_preemption_disabled+0x48/0x280 [ 385.067964] ? kasan_check_read+0x11/0x20 [ 385.067979] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 385.067995] ? rcu_read_unlock_special+0x370/0x370 [ 385.068012] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 385.068028] ? check_preemption_disabled+0x48/0x280 [ 385.068051] handle_mm_fault+0x54f/0xc70 [ 385.068070] ? __handle_mm_fault+0x5b70/0x5b70 [ 385.068087] ? find_vma+0x34/0x190 [ 385.068105] __do_page_fault+0x5f6/0xd70 [ 385.068121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.068145] do_page_fault+0xf2/0x7e0 [ 385.068162] ? vmalloc_sync_all+0x30/0x30 [ 385.068177] ? error_entry+0x70/0xd0 [ 385.068200] ? trace_hardirqs_off_caller+0xbb/0x310 [ 385.068216] ? trace_hardirqs_on_caller+0xc0/0x310 [ 385.068232] ? syscall_return_slowpath+0x5e0/0x5e0 [ 385.068247] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.068263] ? trace_hardirqs_on_caller+0x310/0x310 [ 385.068278] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 385.068295] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 385.068312] ? prepare_exit_to_usermode+0x291/0x3b0 [ 385.068326] ? page_fault+0x8/0x30 [ 385.068350] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.068369] ? page_fault+0x8/0x30 [ 385.068386] page_fault+0x1e/0x30 [ 385.068399] RIP: 0033:0x4510a0 [ 385.068417] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 385.068426] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 06:11:31 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, &(0x7f0000000180)) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:31 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:31 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x4000, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:31 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x400200000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000000), 0x4) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:31 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x400000004}, 0x1c) sendmmsg(r0, &(0x7f0000003080)=[{{0xffffffffffffffff, 0x0, 0x0}}], 0x1, 0x0) 06:11:31 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, 0x0, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 385.068439] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 385.068450] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 385.068460] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 385.068470] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 385.068481] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:31 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020007"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:31 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) syz_execute_func(&(0x7f0000000000)="450fc7f3fe44fd00420f46f226f33e0fad4a15c4a12a586f0bc4a1dc55c0c441d55d4ddf66450f382a91ae000000c4c1781452bec4c27d1815a6000000") ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:31 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0xfffffd24) clone(0x6102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EVIOCGREP(r0, 0x80084503, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0) dup(0xffffffffffffffff) write$9p(r1, &(0x7f00000000c0)="8050c3751a3227af3a545ef28f9c2ee8161e7c3d0c346a4a7d7daeacc67b8bb3b7da8217bca39951babcd6817cd2d8e4a9862df77d6e5e050d1bf2cac1308c2d02b920f4fae1290fa93458892a2975944251da3bc7b4d8e973f035007527504bcc", 0x61) ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0) 06:11:31 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:31 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, 0x0, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:31 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000040)={0x3, 0x2c1, 0x8007, 0x5, 0xffffffffffffff5d, 0x5, 0x4, 0x3ff, 0x0}, &(0x7f0000000140)=0x20) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000180)={r1, 0x7}, &(0x7f00000001c0)=0x8) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000000)) 06:11:31 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020600"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:31 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:31 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:31 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, 0x0, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:31 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000140)={0x0, 0xe0, "1cbde0e4b75fa864d56a4d86693d0ce8f3de2d5776f37725cac03a55da97df03920d42b0cdd7f479966aedafdc48569963143a8c62ff7d9a3b2c4a8874d9a16e364cab21534e3314041cfda24ea2cfc2c6157b7a01c7da55227dc9b4d290c06441b73b6c1db59e3b8acd5bd43c9af0e7490113b99efda24b66f542bbe93aa0662f8a2a0b1c12490aa438a5a858b041e366676f69a77e8d1e4af81e6dd4650aa894c8a329b640656a91f01a052ba8b5c9429a0c8d7c93ced57bf6c3d164fe3557fd64ef99c7e61fd0ec2e0cc8eb733a2f51aa76c0d85444cfbc16ed00abc1ce7f"}, &(0x7f0000000000)=0xe8) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={r2, 0x3eff, 0x400, 0xffffffffffffff7f}, 0x10) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) fstatfs(r0, &(0x7f0000000240)=""/247) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 385.879413] dns_resolver_preparse: 45 callbacks suppressed [ 385.879421] Invalid option length (1042293) for dns_resolver key [ 385.918410] Invalid option length (1042293) for dns_resolver key 06:11:31 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:31 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 385.970923] Invalid option length (1042293) for dns_resolver key [ 386.038434] handle_userfault: 4 callbacks suppressed [ 386.038443] FAULT_FLAG_ALLOW_RETRY missing 70 [ 386.056197] Invalid option length (1042293) for dns_resolver key [ 386.066865] CPU: 0 PID: 17863 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 386.075475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.084854] Call Trace: 06:11:31 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x1812, r0, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 386.084883] dump_stack+0x244/0x39d [ 386.084906] ? dump_stack_print_info.cold.1+0x20/0x20 [ 386.084937] handle_userfault.cold.30+0x47/0x62 [ 386.084964] ? userfaultfd_ioctl+0x5610/0x5610 [ 386.084981] ? mark_held_locks+0x130/0x130 [ 386.084996] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 386.085011] ? futex_wait_setup+0x266/0x3e0 [ 386.085039] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 386.085061] ? userfaultfd_ctx_put+0x830/0x830 [ 386.085085] ? print_usage_bug+0xc0/0xc0 [ 386.085101] ? print_usage_bug+0xc0/0xc0 [ 386.085120] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 386.085137] ? print_usage_bug+0xc0/0xc0 [ 386.085154] ? graph_lock+0x270/0x270 [ 386.085168] ? futex_wake+0x304/0x760 [ 386.085196] ? find_held_lock+0x36/0x1c0 [ 386.085222] ? __handle_mm_fault+0x4d19/0x5b70 [ 386.085239] ? lock_downgrade+0x900/0x900 [ 386.085264] ? kasan_check_read+0x11/0x20 [ 386.085278] ? do_raw_spin_unlock+0xa7/0x330 [ 386.085293] ? do_raw_spin_trylock+0x270/0x270 [ 386.085311] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 386.085338] __handle_mm_fault+0x4d26/0x5b70 [ 386.085363] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 386.085382] ? graph_lock+0x270/0x270 [ 386.085397] ? kasan_check_read+0x11/0x20 [ 386.085412] ? graph_lock+0x270/0x270 [ 386.085428] ? rcu_read_unlock_special+0x370/0x370 [ 386.085454] ? graph_lock+0x270/0x270 [ 386.085468] ? graph_lock+0x270/0x270 [ 386.085481] ? find_held_lock+0x36/0x1c0 [ 386.085500] ? find_held_lock+0x36/0x1c0 [ 386.085524] ? handle_mm_fault+0x42a/0xc70 [ 386.085542] ? lock_downgrade+0x900/0x900 [ 386.085560] ? check_preemption_disabled+0x48/0x280 [ 386.085580] ? kasan_check_read+0x11/0x20 [ 386.085595] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 386.085613] ? rcu_read_unlock_special+0x370/0x370 [ 386.085632] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 386.085650] ? check_preemption_disabled+0x48/0x280 [ 386.085672] handle_mm_fault+0x54f/0xc70 [ 386.085691] ? __handle_mm_fault+0x5b70/0x5b70 [ 386.085706] ? find_vma+0x34/0x190 [ 386.085743] __do_page_fault+0x5f6/0xd70 [ 386.085761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.085788] do_page_fault+0xf2/0x7e0 [ 386.085806] ? vmalloc_sync_all+0x30/0x30 [ 386.085823] ? error_entry+0x70/0xd0 [ 386.085841] ? trace_hardirqs_off_caller+0xbb/0x310 [ 386.085857] ? trace_hardirqs_on_caller+0xc0/0x310 [ 386.085874] ? syscall_return_slowpath+0x5e0/0x5e0 [ 386.085889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.085906] ? trace_hardirqs_on_caller+0x310/0x310 [ 386.085922] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 386.085940] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 386.085958] ? prepare_exit_to_usermode+0x291/0x3b0 [ 386.085974] ? page_fault+0x8/0x30 [ 386.085991] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.086009] ? page_fault+0x8/0x30 [ 386.086026] page_fault+0x1e/0x30 [ 386.086039] RIP: 0033:0x4510a0 [ 386.086055] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 386.086064] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 386.086077] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 386.086087] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 386.086097] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 386.086107] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 386.086117] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 386.105529] Invalid option length (1042293) for dns_resolver key [ 386.128693] Invalid option length (1042293) for dns_resolver key 06:11:34 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x48) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0xf, 0x3}, 0x14) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) 06:11:34 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x400, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x3, 0x2) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000040)={0xde34, 0x0, 0x7}) inotify_init1(0x800) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000)=0x2, 0x4) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:34 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"027fff"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:34 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x131cc0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) ptrace$poke(0x5, r1, &(0x7f0000000140), 0x3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$PPPOEIOCSFWD(r2, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x2, @broadcast, 'veth0_to_team\x00'}}) 06:11:34 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:34 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 388.908099] dns_resolver: Unsupported server list version (0) [ 388.924352] Invalid option length (1048501) for dns_resolver key [ 388.934119] Invalid option length (1042293) for dns_resolver key 06:11:34 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, 0x0) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:34 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x294) r1 = creat(&(0x7f0000000080)="e91f7189591e9233614b00", 0x0) r2 = dup2(r0, r1) connect$inet6(r0, &(0x7f0000000340), 0x1c) r3 = dup2(r2, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$sock_timeval(r3, 0x1, 0x14, &(0x7f0000000140), 0x10) sendmsg$TIPC_NL_BEARER_GET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)="2265162d6c36d2d553b535288f726cee2343cd3da80438bbe33926e61647fc7fcab63c030ef325ad0f899dcc3d1baefa9b3b5a978b1e8319bcc3c41f139590cb2be0b46092dbd2174e400b05", 0x4c}], 0x1, 0x0) [ 388.965621] Invalid option length (1048501) for dns_resolver key [ 388.969766] dns_resolver: Unsupported server list version (0) [ 388.997112] FAULT_FLAG_ALLOW_RETRY missing 70 [ 389.001799] CPU: 1 PID: 17900 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 389.010388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.019753] Call Trace: [ 389.022359] dump_stack+0x244/0x39d [ 389.026002] ? dump_stack_print_info.cold.1+0x20/0x20 [ 389.026033] handle_userfault.cold.30+0x47/0x62 [ 389.026065] ? userfaultfd_ioctl+0x5610/0x5610 [ 389.026082] ? mark_held_locks+0x130/0x130 [ 389.026098] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 389.026111] ? futex_wait_setup+0x266/0x3e0 [ 389.026138] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 389.026159] ? userfaultfd_ctx_put+0x830/0x830 [ 389.026182] ? print_usage_bug+0xc0/0xc0 [ 389.026198] ? print_usage_bug+0xc0/0xc0 [ 389.026217] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 389.026232] ? print_usage_bug+0xc0/0xc0 [ 389.026247] ? graph_lock+0x270/0x270 [ 389.026261] ? futex_wake+0x304/0x760 [ 389.026289] ? find_held_lock+0x36/0x1c0 [ 389.026314] ? __handle_mm_fault+0x4d19/0x5b70 [ 389.026331] ? lock_downgrade+0x900/0x900 [ 389.026355] ? kasan_check_read+0x11/0x20 [ 389.026369] ? do_raw_spin_unlock+0xa7/0x330 [ 389.026384] ? do_raw_spin_trylock+0x270/0x270 [ 389.099802] Invalid option length (1042293) for dns_resolver key [ 389.102267] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 389.102297] __handle_mm_fault+0x4d26/0x5b70 [ 389.102319] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 389.136457] ? graph_lock+0x270/0x270 [ 389.136477] ? kasan_check_read+0x11/0x20 [ 389.144414] ? graph_lock+0x270/0x270 [ 389.148231] ? rcu_read_unlock_special+0x370/0x370 [ 389.153176] ? graph_lock+0x270/0x270 [ 389.156989] ? graph_lock+0x270/0x270 [ 389.160803] ? find_held_lock+0x36/0x1c0 06:11:34 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) clock_gettime(0x0, &(0x7f0000000540)={0x0, 0x0}) recvmmsg(r1, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)=""/5, 0x5}, {&(0x7f0000000140)=""/144, 0x90}], 0x2, &(0x7f0000000200)=""/235, 0xeb}, 0x100000000}, {{&(0x7f0000000300)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000380)=""/181, 0xb5}], 0x1, &(0x7f0000000480)=""/23, 0x17}, 0x72}], 0x2, 0x41, &(0x7f0000000580)={r2, r3+30000000}) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000600)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x54, r4, 0x0, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x12}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'dh\x00'}]}, @IPVS_CMD_ATTR_DEST={0x20, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffffffff}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@broadcast}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x10) 06:11:34 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:34 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(0x0, 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:34 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x7, 0x20}, &(0x7f0000000040)=0xc) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00') getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000005540)={{{@in6, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000005640)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000005680)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000005780)=0xe8) accept$packet(r0, &(0x7f00000057c0)={0x11, 0x0, 0x0}, &(0x7f0000005800)=0x14) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000005840)={0x0, @multicast1, @dev}, &(0x7f0000005880)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f00000058c0)={'team0\x00', 0x0}) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000006300)={@mcast1, 0x0}, &(0x7f0000006340)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000006380)={{{@in=@broadcast, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f0000006480)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000064c0)={{{@in6=@mcast1, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000065c0)=0xe8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000006b80)={'syzkaller1\x00', 0x0}) getsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f0000006bc0)={@mcast2, 0x0}, &(0x7f0000006c00)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000006c40)={'veth1\x00', 0x0}) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000006e40)={@ipv4, 0x0}, &(0x7f0000006e80)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000007140)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@empty}}, &(0x7f0000007240)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000007280)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000007380)={{{@in=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000007480)=0xe8) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000074c0)={0x0, @local, @dev}, &(0x7f0000007500)=0xc) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000007a80)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000007a40)={&(0x7f0000000440)=ANY=[@ANYBLOB="e0040000", @ANYRES16=r3, @ANYBLOB="010229bd7000ffdbdf250100000008000100a03cf3933f68c333c95c0bdd056acfc3edaf6b9a6e316baabdb3fdf93f5ce73e156bb175a69835e90815397e31ebbdbac63a0f61be2125b61a78151ceebb6b3d3928da1f49a4251a1158bbaf61b8c1d87a0c4d91a2a2a1d7dc17fe5e0aa94c1eb0877f5cbc59cf103fce2b1aec539a4cac305755afb181c6a7169312a36ea894b185a9c2", @ANYRES32=r4, @ANYBLOB="7c00020038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000600000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000001000040062726f61646361737400000008000100", @ANYRES32=r5, @ANYBLOB="bc00020040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r6, @ANYBLOB="080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040040000000080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004004000000008000100", @ANYRES32=r7, @ANYBLOB="0001020040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000100000008000600", @ANYRES32=r8, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000600000008000600", @ANYRES32=r9, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400ffff000008000600", @ANYRES32=r10, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB="ac01020038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000400000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400e100000008000600", @ANYRES32=r13, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000600", @ANYRES32=r14, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r15, @ANYBLOB="40000100240001007008696f72697479000002ad90eacf9979576ef98ada7ef41fb3416dee7d00000000000000000000000000000000000008000300", @ANYRES32=r16, @ANYBLOB="3c000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000000c00040072616e646f6d00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r17, @ANYBLOB="08000100", @ANYRES32=r18, @ANYBLOB="c000020040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000700000008000600", @ANYRES32=r19, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000100000008000700000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r20], 0x4e0}}, 0x4000) socket$kcm(0x11, 0xa, 0x300) sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x0) r21 = socket$kcm(0xa, 0x522000000007, 0x11) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0), &(0x7f00000000c0), 0x1}, 0x20) sendmsg$kcm(r21, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x0, 0xffffff7f00000000, 0x7e4c, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0) fanotify_init(0x0, 0x0) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={r1, 0xf4d5}, 0x8) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000200)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getcwd(&(0x7f0000000280)=""/147, 0x93) add_key(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 389.164881] ? find_held_lock+0x36/0x1c0 [ 389.168967] ? handle_mm_fault+0x42a/0xc70 [ 389.173214] ? lock_downgrade+0x900/0x900 [ 389.177374] ? check_preemption_disabled+0x48/0x280 [ 389.182407] ? kasan_check_read+0x11/0x20 [ 389.187062] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 389.192354] ? rcu_read_unlock_special+0x370/0x370 [ 389.197297] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.202849] ? check_preemption_disabled+0x48/0x280 [ 389.207886] handle_mm_fault+0x54f/0xc70 [ 389.211968] ? __handle_mm_fault+0x5b70/0x5b70 06:11:35 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x8000, 0x0) 06:11:35 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 389.216582] ? find_vma+0x34/0x190 [ 389.216605] __do_page_fault+0x5f6/0xd70 [ 389.216624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.216649] do_page_fault+0xf2/0x7e0 [ 389.216665] ? vmalloc_sync_all+0x30/0x30 [ 389.216683] ? error_entry+0x70/0xd0 06:11:35 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02004c"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 389.216701] ? trace_hardirqs_off_caller+0xbb/0x310 06:11:35 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) r3 = getpid() write$cgroup_pid(r2, &(0x7f0000000200)=r3, 0x12) ppoll(&(0x7f0000000040)=[{r1, 0x8000}], 0x1, &(0x7f00000002c0), &(0x7f0000000300)={0xfffffffffffffffe}, 0x8) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f0000000000)=0xe8) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000180)='GPL\x00') write$P9_RWSTAT(r2, &(0x7f0000000140)={0x7, 0x7f, 0x1}, 0x7) fstat(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$IPT_SO_GET_ENTRIES(r2, 0x0, 0x41, &(0x7f0000000440)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000001000003d3cd213f7412872d6e04187ca8dab99a3468b738c102d2fca6300c5a6b7479ad3d4f3dbd505253650675fd14901a0865774fb90b892ee39081168afc0c3ec748328abba88ae3fe2e11a1466de5c9d146fce5962d15252ce22fcfb9b0639ba10a895575a69ab0a4fbdf19d979d3cf7d88d243bcc6bb4bc25beb12e5d36e9598bb5159f3949ecddd11070c445cb6844011ad6431e00c8e9b86338402d1ea9eecef961687daaacd302d54b21ee1e79147d0998bb6f694f0059ea3da2e61ef2d83ee1cfb60a9a6b7ba8bf39d0911a6cebf995446e401fa843afd2b65b190e9a91b1adf1a7c9cbb01c02f1ddd0840633aceac4c51b2b988060ff49d11fa4f260dbd365b7b580da5e41d44ce0b373b7f3ca7309d603b933c72d567e9fccb4c2f9df5610641ee0b75ccd441ccb0ec1932657899c2835d034f947aea100dd0f70ac58c882678732fb316b0465d3e6edadc0b402977beef76e0174a382a374ec8a739ed9e196e30fba1728ee0c059185028d0535a8564a731608882836c8f9ec0455175d260defde133876e6ac2fddf04f43e39fecb0fda1d787951b4b080740c622f72fa21dff319b659d5f4bc13291f450232daf5f53eebc3a306fc4d5095a53e9c488ebfd0ff695252002aaff1ef2db956e607b1a9a08ad3f3163f82a62c9a0cedba0e964112225bb0dd9a15d054142c618781763c2fe7a50bcb3514f3be557cb01d8877f912ea2230fca6595ff2a33302ef1ea71b0d5958ddbbebba35bba2f265e02c637aca157aaf43b59e76c83de0b3767565ba2b0b2c12e3c403bc79adab547f4ee875a4b9f432912a29d3c74a8aa0482016e7311f8d9ba7a54da5582babcdaf23e6a8ee63897734a84c32b3e79360c421f6d097020e746f3510dcb373c4a28d8099c3120783b3fd990959a43eda5db6ed1229ea77002727ef814df9db33bb867c8986b854f166a77365f6ee59d633667fefc80d084ee33c05c475c39caaf61cbc306babd99c68aee61626ca6964bc151ad26c97aaa524adeb3d95d54dc342123751a54e3f48a1041d4bc702e31e4d0f6772c8312ea0e747012e28b23ea319512d97fe06dab4e5292ff723d595e6c480b7043effb7ea37cfa07077c1d1c0c6e0fc0a07c4b4011359af78b3475271a1ff3473477cc499a59c6f2b4017a1e6fbde559fe256e61cec41f1911bfcdcd869f0cb909b3f2cb004372e4c2422fd4847d693ab7ef4e6f39ae065b084e0c768430e4c94223c2ae66eef2ea5077ed38588c1da63e4dc0cded2c63be60cf5f5d94d3c4003f6c661abfeae1d96da50bef466d5dd6595499d9db06d752de028c5e683e4fe2b790da87c3baec1bab4cf9583b3c17fde20b3ae8addd40c5edcc5ec7cfe409220d79d0c522efc1b75b4e71fcada8e75f9c05ddb32038f70e91c9ac98c0d40ed473bc2b6b8aa65c4adbfc365029147213765d1e77876dbf32447380740e5e44712d6e9da7dcbd176709cd914222f53309803985209ea527fa25f958b38a6dea2a5ba8298a71742dc55a55d44403ba085859569c875673fb24f8f6434137e7d4481bfda0bf1e82166e55f61799cf5e268b4a385516dbcaa808e3ec765f037667dbeb8d84db4bf869a9b6c27d32d587f61b76e47a6ca3a147da56d456f870c0e37849ef0082fc2a6c9f86faa914a588c24c5b8b0ca943d28d7f16e14eb5f4c96fcc496a4c7393565bb1a761bd49385a7dba709dc971fa0e3fb046eac52f657e5c8406532c222fa02f4d912508a8efa8eea6532df20c05fb8057519e3c16d71c7a09fd4475df259f300bee2e7de850279da740f90b42d501ddbcb9c099998690126f9446e20dab48c9068e7e3e2fd5da214b2cea086432ca1e79d3af63dc0374a25ad3fbe4d76b7d5900587ad68dd5aee2057f3f9db49bb349e9358987b914f93135db6b41aafcc785ddb01be174d649c1542989a9ee11b08289acae5483e2dacf6a7b45b7f992d6d2af85010982ce1336085836ce9511e6f0f5de2ce99752c8ce2b92422d15c56994fcdbd0f3c6b6551ae19eb850cf471b447d5f53c82fb3b141ccff4e570decb6b74fc145b6d2325d0427bb97da85219ab26300b4d7417a1c24c0dd334b2f5fecf88f2833221ebc82249ad2c7201a4e935f8f1df0839c7cb4a92e12b947b2f6e6d5edfc5c8e828435f2d45d971e51e6fcf10f0d7b8ce527a00954371a80cffcc21d8908b219d5d59e8ef47bce2f8febeb0eb7d3ed450e13dffc2ec4fcb02a54f38179c744ab1185ebd33f5fb0ae040f628ceaca04129661e38356c1aaaa275bf8fe24e66bdab0ce870da793fae3c918bcf9ca51308fefd21abbefc3c63185ac29178b563df1767816e44fa40066569ebad1f8a9ddb494efb93e92b181c1400a3fab4b4bb370ec525a2127822eca8489c08e8cf21e122aae8a9d36de3e776e515e8a997376ed978eda3d8c04556433d794be9b3c38a5b9489a39efb54073267e8b4468257de6acc971379aa4589feed1a7c74e647f2c92df9ffb6e89d34a1c45bb33e58ac60428253e0005b91f638a858366ebcf4a12824bf3023c3fa90ab2a841ae9870cbc5c540a45a7af2008c7bdd3b736373cee27f5331239547a7f05e2f1a399fdddb9635b60285505cb708b626d44ad218035b832efff4d184d590d3a3406e7b1948ed63bdff8ac450cdec802939b5b7e580056141e1f6a1ee75088e11e2c288498f6064caf365e7dacb2b634fcba2eb3bba19f4ea1a70b74a88d7d1d3f7ba29727f6b8943d2bebdd14e365df45329e0d4d26d85e5848ffd93c3d9c64b0f9e3ea7d492e87370dfc6bf872d891fd3e73648c8facf725d44b8d2bc4ef709aa44449c45ba74cd7fa3912583d5840c6e8023950e153875989ccadcd16d655865a3a21f5745e2e7f9809926daa292388939923952f6b8da670a0053112c4f413cd32731851d44e04f1bbdd31a2f2c4c5aa4ae4c470c3fe2646438ad3d2fec68d5cb9b9795ed9e0178ccf65c68c23ff28eaa578f607812e96030980aa369ff9dfbc1472fa686dfb921d45269a22776d0944f7bf6a62e1404c753c1dfd09ce94246c2be69fe55daffcfd571701e04f37a1f9a96758f9e7344c6212ae38af57f57d0456a30e6cc9ee0be5ad068f88ce73460e2852e8516cc6dc6287f677c769255f2770f4cae833b0df32c23f7778cf28245daf06f37c365032e5fa28df00dd9b2365e3e74393e72e556ade8b83812edb1dba2ed2151d9aa2d0b125412e7c3dfc4b7b9cbd606fb679396bf1ff9a755f726e7f196c03182f46d852f5fd89e49f4f0c323ac0926ea849217f30f56b84404e4ffd70f5fd73f66df193fd0fe4740aeb791c3ca2c33f4d6b01aff09904c2c00942f242f1ac428cd3efde655c9a78507fa2574341d94899d51ea65eab76d2eee8303e790914129d1d3bb5d14fb7454d0b77f2dbf46bb6b6eb85e4145c26b4c7924b5aa358d4c7ea80c23641d19607d340db4be77710cc45576c9167ee1ec411c53a1a35d6e8b6afa9ed490dea6f8cc3027a2dbfbcd1be8d4ccf78a784c54fd9fcb0ba95c8f5110c41d03941a9800069dd545cd2380cf9c8d586916396eb8545ca455219af88d2e298d560ef7708f0ae6e56b04156d8ddb1c7cebc8e4a34944b733ed988e9e448be1ec239353e2d36da106c426996a531af5654d4befe7052768c7d8fa6b7503f65de2d7cfc6cca5af4daf284473551a4b0ce682aa6454d3cb4d1c38b458d9426c696e4de4dbdafeb2856637d1448760a70fc6bf970d2f6b3abd9133b8ad87144c63045ceab9fbe4bc6f2a562b1816af860921ee79312e2ba0a12a5c2e7a0753fb4dd31d96ee83f258b44ff05141cb7aeb8021d81ac186dca06fc3b70b4ed7ea1faeb5a66120224bebde1815e8d304f46a231b7326f980ce6e9dc5761ed2a1fb2fec9b1fb96949e93d3fe68ec9125be42c0f94f37504399cf380bd6fdb43b31e43e0547a94f9c46437ab2de9c05180c52c0ee8e72776f0fd773f46c7f1329a835a48e3a56b306119db99a9aafce53d228098d418468bca6fc5f0e7e0b495d12eb81d24c4f0d8e0f4dfda9f26166ea4b476dcb48fbf88ffde926028511666c52ec57817f8d7bd4c17b38f05d6048b5ed4aa00002e6cde8230f5d86d58ce927609551494f61e6fab795f2b81b4e0c2d47299df7af86c41713fe9a16f01658bef5515662260bf77786fd95832ee275baefb2aac67d226273bb0f3ece374206c06f347297d072ee3690be39b9537ec29e3618870981b90198d50396ee2ffa67a152dc63ddf7987226ed59e261cf236658d0d6ae84bdc657cd5956361f590c3565fda8d3933f9108f65b6d101357be74d4f7773b9aa6af876e605808b4dd1472eddebbfcbe378c5ce6ebc2d9ee122c3be4e835726406e1eb8845eb8a7a453078c374de79d9c6932de8cd00c9b35b40434646ebc10873afe5e9135518330c1c10ffcd2dd0332c28730180ac478cc2d6683f3a04b4264e0dc7a0690cfe67d9e64a2cfeab6962394814fb1f0d2fc9c93f238e590ffba62e0e60675d3e127037b1f55c5cacf7cb64abe38e6208d98c9b375bba53b62fbe8ccc5134a44bdf690e646009d1a6598fa4cae0125ed365924b5b8a8cdad030ee814155e4fa3c975cf4de5733e2fc48dcd83d48cfd4ac064c50d18bc299c36e72c58abb64e0e76c9834b6d3eb9895b3e06e2cbe86e2d4ab25247d28fd14a5aaf124dba976b062594b941cabf376e26295f0b8b1ac1d1e498a136a54b23470fdb3e0a72469cdd5af21500f465ba7e6ff345fad768a1c19e9e356e666371635d7b90126d6c7b8051ca0a11f8b853a74f108b1b34c3c2c8e07e6df01341d428e1c5ea5a39772e8f490b3fbd6001074de92fe8d0103d93e22a79917984a2c44f828aae6a204cbe77e0b9dd5128c3679eae247f53b9c6fb54ad804e1ae9c4093ba7840c76d3bd177980b6eae0193bea6ab47af3bf8a112bfed4c2cc9471a5d5471a66c6662a31321ac6a3b1f2472eb222c298050784c0d7afce4a29b00fb9e5d70f3f853ac545cbe7ec30662b9808123e025847ebd023252766a8b7aaa61b39e336c3102d090799611a2e2772b3d8821874d7b6403123a24fa1bbcc256bad20bfdfbe44f024196bfb40c69747b1ba78e985ee55c62ce01b3b0377e54c6581722567bbd0ab76acfe0423942ff9c4c53dff9d9074a1a1d3224d818745f15e482fc760f97b83911ac943542e50b51ff02d94f3c43eb028a8345c2e2b2d037caf845f73299d0688959c4c89cfcc9806bbefabed1ef3e149ac1dcb12166ee1868c3223ae355f7eb14afb4cd8dd410f29e597e73fda4693a7ebc7dbf14de351640ddb35ac195ad03990a1fae451613137418f8bdd3dfa48b6dc2104176337a32b2dbeb1dc2578eb0ef994b9d7d2c54906d584b553c58a4472ab66597fb6e4dce63e43753aeb250cff1b68e21df78ffeab43359f7b300fbf2f2ff5cfba3ee3df1a808686275deccc9f81c76bc47008b119a9dde44dad42197c22632c5f05d3af04da57afd0b147007c7aef920487c2528a1e0bcd636d9e9c94e4da48b775db0188960f97aeafde2f380dd948e13bc910b096b656f0c004069e53ecaedbf664f50042373c7032ceb0f7c5858f4e432b2168362df453b824756f2a563aebbe3d33fc771f4c277d31614dc52c6f951c276699d93381333a5094417413dccb46ce5451fe0e78ad2934800bd57a11e7310a44526c5ac56594e96b0ecd73cb7475cbe5d3fc9112168ba81b95745302bdf4b45f6792cb6dd65c7832b2094d413926ecae0e10112c395f3c5d02"], &(0x7f00000001c0)=0x1024) fchown(r2, r5, r6) recvfrom$packet(r0, &(0x7f0000001480)=""/30, 0x1e, 0x22, &(0x7f00000014c0)={0x11, 0x2, r4, 0x1, 0xb82f, 0x6, @local}, 0x14) [ 389.216717] ? trace_hardirqs_on_caller+0xc0/0x310 [ 389.216733] ? syscall_return_slowpath+0x5e0/0x5e0 [ 389.216748] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.216766] ? trace_hardirqs_on_caller+0x310/0x310 [ 389.216782] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 389.216799] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 389.216818] ? prepare_exit_to_usermode+0x291/0x3b0 [ 389.216834] ? page_fault+0x8/0x30 [ 389.216852] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.216871] ? page_fault+0x8/0x30 [ 389.216888] page_fault+0x1e/0x30 [ 389.216900] RIP: 0033:0x4510a0 [ 389.216916] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 389.216925] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 389.216943] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e 06:11:35 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:35 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x420840}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, r1, 0x2, 0x70bd2c, 0x25dfdbfb, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0xd6, @media='udp\x00'}}}, [""]}, 0x68}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:35 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r0 = request_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0)='trusted@cgroup+)wlan0\x00', 0xfffffffffffffffb) add_key(&(0x7f0000000000)='.deah\x00', &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000140)="014190739ba7a32d45f476dee88fda0bae846f65f01052da5d7b03ade034bdd056961535b1291f094e2d74733e16b0792bbc2bc5f8fb9113018906349090a3da5b95b023649a226d2e7ace1ab802f83976bcdd9c1fd2346f12aef6db0e86aec9a1947aafbde2ae0bb7680b1bfbed447f93023debda5d284031a83c143487f3d7cbcdee029b7100aa19fc9a410ed2a0c2a87e310a6cf1c8b23f65182cd63beb99b67aa235da297cae55261f7b361694a5f7500680f3e348ca661634f3bbfa0bf30655104a", 0xc4, r0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 389.216953] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 389.216963] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 389.216972] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 389.216982] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 389.491631] Option '-¯_Sî¼:0oÄÕ ZSéĈëýö•% ªÿòÛ•n`{š­?1cø*bÉ ÎÛ éd"%» Ù¡]ABÆxcÂþzP¼³QO;åWË؇‘.¢' to dns_resolver key: bad/missing value [ 389.740129] dns_resolver: Unsupported server list version (0) [ 389.767878] dns_resolver: Unsupported server list version (0) 06:11:35 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, 0x0, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:35 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020003"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:35 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:35 executing program 5: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x800, 0x0) ftruncate(r0, 0x8) openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:35 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) fstat(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = geteuid() syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1f, 0x2) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000280)='fuse\x00', 0x800011, &(0x7f0000000380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id'}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x5}}, {@max_read={'max_read', 0x3d, 0x3}}, {@blksize={'blksize', 0x3d, 0x1000}}, {@max_read={'max_read', 0x3d, 0x7}}, {@blksize={'blksize', 0x3d, 0x200}}, {@max_read={'max_read', 0x3d, 0x7ff}}, {@max_read={'max_read', 0x3d, 0x7fa8}}], [{@euid_eq={'euid', 0x3d, r2}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'mime_type*'}}, {@uid_gt={'uid>', r2}}, {@uid_eq={'uid'}}]}}) write$P9_RSTATu(r0, &(0x7f00000001c0)={0x84, 0x7d, 0x1, {{0x0, 0x62, 0x400, 0x40, {0x61, 0x2, 0x3}, 0x20080000, 0x3, 0x80000001, 0x7, 0xa, '/dev/rtc0\x00', 0xd, ')system@bdev]', 0xd, 'dns_resolver\x00', 0xb, ',!em0ppp1lo'}, 0xd, 'dns_resolver\x00', r2, 0x0, r3}}, 0x84) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 389.812348] FAULT_FLAG_ALLOW_RETRY missing 70 [ 389.817268] CPU: 0 PID: 17967 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 389.825862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.835226] Call Trace: [ 389.837829] dump_stack+0x244/0x39d [ 389.841482] ? dump_stack_print_info.cold.1+0x20/0x20 [ 389.846692] ? preempt_schedule+0x4d/0x60 [ 389.850869] handle_userfault.cold.30+0x47/0x62 [ 389.855570] ? userfaultfd_ioctl+0x5610/0x5610 [ 389.860171] ? mark_held_locks+0x130/0x130 [ 389.864438] ? find_held_lock+0x36/0x1c0 [ 389.864463] ? futex_wake+0x613/0x760 [ 389.864484] ? userfaultfd_ctx_put+0x830/0x830 [ 389.864506] ? kasan_check_read+0x11/0x20 [ 389.864523] ? print_usage_bug+0xc0/0xc0 [ 389.864537] ? do_raw_spin_trylock+0x270/0x270 [ 389.864553] ? print_usage_bug+0xc0/0xc0 [ 389.864574] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 389.864590] ? print_usage_bug+0xc0/0xc0 [ 389.864606] ? graph_lock+0x270/0x270 [ 389.864621] ? futex_wake+0x304/0x760 [ 389.864651] ? find_held_lock+0x36/0x1c0 [ 389.864677] ? __handle_mm_fault+0x4d19/0x5b70 [ 389.864694] ? lock_downgrade+0x900/0x900 [ 389.864717] ? kasan_check_read+0x11/0x20 [ 389.864731] ? do_raw_spin_unlock+0xa7/0x330 [ 389.864746] ? do_raw_spin_trylock+0x270/0x270 [ 389.864764] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 389.864791] __handle_mm_fault+0x4d26/0x5b70 [ 389.864816] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 389.864834] ? graph_lock+0x270/0x270 [ 389.864850] ? kasan_check_read+0x11/0x20 [ 389.864865] ? graph_lock+0x270/0x270 [ 389.864881] ? rcu_read_unlock_special+0x370/0x370 [ 389.864907] ? graph_lock+0x270/0x270 [ 389.864921] ? graph_lock+0x270/0x270 [ 389.864935] ? find_held_lock+0x36/0x1c0 [ 389.864955] ? find_held_lock+0x36/0x1c0 [ 389.864980] ? handle_mm_fault+0x42a/0xc70 [ 389.864997] ? lock_downgrade+0x900/0x900 [ 389.865015] ? check_preemption_disabled+0x48/0x280 [ 389.865036] ? kasan_check_read+0x11/0x20 [ 389.865049] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 389.865066] ? rcu_read_unlock_special+0x370/0x370 06:11:35 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r3 = add_key(&(0x7f0000000240)='logon\x00', &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff9) add_key(&(0x7f00000002c0)='dns_resolver\x00', &(0x7f0000000380)={"0200"}, &(0x7f0000000180)="5b9c6b9b1e9cc5656f0911b57b870419f198f7ca2a9b6de54e7a1b79930c6db635ec5ca2e4c30100d7a89e695f92c320836fb2b1539301aae5e9b457ddf2f30372ed5977fa7990f0c3e881025111dfc48ab6f5f572a72c797f871a3ca73f0db3218cd7c84edc097de1a483a155c055de3834f5c02cdc", 0x76, r3) splice(r2, &(0x7f0000000040), r1, &(0x7f0000000140), 0x3, 0x2) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000000)={0x3, 0x8, [{0x6, 0x0, 0x7fffffff}, {0x1}, {0x401, 0x0, 0x200}]}) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) r4 = getpgrp(0xffffffffffffffff) ioprio_set$pid(0x2, r4, 0x1ff) [ 389.865084] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.865100] ? check_preemption_disabled+0x48/0x280 [ 389.865124] handle_mm_fault+0x54f/0xc70 [ 389.865143] ? __handle_mm_fault+0x5b70/0x5b70 [ 389.865162] ? find_vma+0x34/0x190 [ 389.865181] __do_page_fault+0x5f6/0xd70 [ 389.865199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.877659] do_page_fault+0xf2/0x7e0 [ 389.877678] ? vmalloc_sync_all+0x30/0x30 [ 389.877693] ? error_entry+0x70/0xd0 [ 389.877713] ? trace_hardirqs_off_caller+0xbb/0x310 [ 389.885911] ? trace_hardirqs_on_caller+0xc0/0x310 [ 389.885931] ? syscall_return_slowpath+0x5e0/0x5e0 [ 389.921422] FAULT_FLAG_ALLOW_RETRY missing 70 [ 389.924129] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.924149] ? trace_hardirqs_on_caller+0x310/0x310 [ 389.924166] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 389.924183] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 389.924199] ? prepare_exit_to_usermode+0x291/0x3b0 [ 389.924219] ? page_fault+0x8/0x30 [ 390.044471] ? trace_hardirqs_off_thunk+0x1a/0x1c 06:11:35 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000180)={0x80080000d, 0x80000002, 0x4000972e}) r3 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) fgetxattr(r1, &(0x7f00000001c0)=@random={'security.', 'dns_resolver\x00'}, &(0x7f0000000200)=""/85, 0x55) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000040)=0x2) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x80800, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$TIOCLINUX7(r3, 0x541c, &(0x7f0000000140)={0x7, 0x6}) [ 390.044492] ? page_fault+0x8/0x30 [ 390.044509] page_fault+0x1e/0x30 [ 390.056162] RIP: 0033:0x4510a0 [ 390.056183] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 390.056200] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 390.145468] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 390.145484] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 390.160116] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 390.167392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 390.174671] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 390.183163] CPU: 1 PID: 17974 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 390.192247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.201633] Call Trace: [ 390.201655] dump_stack+0x244/0x39d [ 390.201676] ? dump_stack_print_info.cold.1+0x20/0x20 [ 390.201693] ? preempt_schedule+0x4d/0x60 [ 390.201719] handle_userfault.cold.30+0x47/0x62 [ 390.201744] ? userfaultfd_ioctl+0x5610/0x5610 [ 390.226522] ? mark_held_locks+0x130/0x130 [ 390.230767] ? find_held_lock+0x36/0x1c0 [ 390.234852] ? futex_wake+0x613/0x760 [ 390.238667] ? userfaultfd_ctx_put+0x830/0x830 [ 390.243358] ? kasan_check_read+0x11/0x20 [ 390.247518] ? print_usage_bug+0xc0/0xc0 [ 390.251583] ? do_raw_spin_trylock+0x270/0x270 [ 390.256177] ? print_usage_bug+0xc0/0xc0 [ 390.260254] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 390.265457] ? print_usage_bug+0xc0/0xc0 [ 390.269524] ? graph_lock+0x270/0x270 [ 390.273338] ? futex_wake+0x304/0x760 [ 390.277160] ? find_held_lock+0x36/0x1c0 [ 390.281242] ? __handle_mm_fault+0x4d19/0x5b70 [ 390.286349] ? lock_downgrade+0x900/0x900 [ 390.290508] ? kasan_check_read+0x11/0x20 [ 390.294648] ? do_raw_spin_unlock+0xa7/0x330 [ 390.299047] ? do_raw_spin_trylock+0x270/0x270 [ 390.303623] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 390.309246] __handle_mm_fault+0x4d26/0x5b70 [ 390.313648] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 390.318480] ? graph_lock+0x270/0x270 [ 390.322268] ? kasan_check_read+0x11/0x20 [ 390.326405] ? graph_lock+0x270/0x270 [ 390.330195] ? rcu_read_unlock_special+0x370/0x370 [ 390.335118] ? graph_lock+0x270/0x270 [ 390.338908] ? graph_lock+0x270/0x270 [ 390.342700] ? find_held_lock+0x36/0x1c0 [ 390.346755] ? find_held_lock+0x36/0x1c0 [ 390.350819] ? handle_mm_fault+0x42a/0xc70 [ 390.355048] ? lock_downgrade+0x900/0x900 [ 390.359184] ? check_preemption_disabled+0x48/0x280 [ 390.364196] ? kasan_check_read+0x11/0x20 [ 390.368343] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 390.373610] ? rcu_read_unlock_special+0x370/0x370 [ 390.378528] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.384068] ? check_preemption_disabled+0x48/0x280 [ 390.389523] handle_mm_fault+0x54f/0xc70 [ 390.393580] ? __handle_mm_fault+0x5b70/0x5b70 [ 390.398150] ? find_vma+0x34/0x190 [ 390.401685] __do_page_fault+0x5f6/0xd70 [ 390.405735] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.411268] do_page_fault+0xf2/0x7e0 [ 390.415061] ? vmalloc_sync_all+0x30/0x30 [ 390.419202] ? error_entry+0x70/0xd0 [ 390.422920] ? trace_hardirqs_off_caller+0xbb/0x310 [ 390.427927] ? trace_hardirqs_on_caller+0xc0/0x310 [ 390.432847] ? syscall_return_slowpath+0x5e0/0x5e0 [ 390.437764] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.442596] ? trace_hardirqs_on_caller+0x310/0x310 [ 390.447604] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 390.453057] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 390.458064] ? prepare_exit_to_usermode+0x291/0x3b0 [ 390.463069] ? page_fault+0x8/0x30 [ 390.466601] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.471437] ? page_fault+0x8/0x30 [ 390.474967] page_fault+0x1e/0x30 [ 390.478409] RIP: 0033:0x4510a0 [ 390.481597] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 390.500962] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 390.506322] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e 06:11:36 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, 0x0, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:36 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000002, 0x4010, r1, 0x0) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:36 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 390.513581] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 390.520873] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 390.528134] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 390.535397] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:36 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000080)={'icmp6\x00'}, &(0x7f0000000140)=0x1e) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)={[{0x2d, 'rdma'}, {0x2d, 'pids'}, {0x2f, 'memory'}, {0x2b, 'rdma'}]}, 0x1a) r1 = syz_open_dev$vbi(&(0x7f0000000280)='/dev/vbi#\x00', 0x3, 0x2) name_to_handle_at(r1, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x28, 0x1, "91547fb55b359bb9935e7011fb307cbc04340b9cd123aecf80ec67369dbe21cb"}, &(0x7f0000000200), 0x1400) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) 06:11:36 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"024c00"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:36 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, r1, 0x0, 0x2, &(0x7f0000000140)="0200", 0xffffffffffffffff}, 0x30) perf_event_open(&(0x7f0000000000)={0x7, 0x70, 0xb8e6, 0x7fffffff, 0x0, 0x6, 0x0, 0xff, 0x0, 0x0, 0x1, 0x6, 0x7, 0x5ad, 0x7ff, 0x7f, 0x400, 0x40, 0x1ff, 0x20, 0x3ff, 0x6, 0x1f, 0x5, 0x200, 0xb41, 0x11, 0x7, 0x1, 0x7, 0x2289, 0x2, 0x0, 0x4, 0x5e9bcf32, 0xc1, 0x5, 0x7fff, 0x0, 0x0, 0x0, @perf_config_ext={0x200, 0x25}, 0x10000, 0x6, 0x6, 0x7, 0x0, 0xd339600000000000, 0x5}, r2, 0x10, r0, 0xa) [ 390.651423] FAULT_FLAG_ALLOW_RETRY missing 70 [ 390.655988] CPU: 0 PID: 18003 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 390.664569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.664574] FAULT_FLAG_ALLOW_RETRY missing 70 [ 390.678416] Call Trace: [ 390.681024] dump_stack+0x244/0x39d [ 390.684670] ? dump_stack_print_info.cold.1+0x20/0x20 [ 390.689888] handle_userfault.cold.30+0x47/0x62 [ 390.694583] ? userfaultfd_ioctl+0x5610/0x5610 [ 390.699179] ? mark_held_locks+0x130/0x130 [ 390.703429] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 390.708450] ? futex_wait_setup+0x266/0x3e0 [ 390.712784] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 390.717987] ? userfaultfd_ctx_put+0x830/0x830 [ 390.722579] ? print_usage_bug+0xc0/0xc0 [ 390.726649] ? print_usage_bug+0xc0/0xc0 [ 390.730726] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 390.735932] ? print_usage_bug+0xc0/0xc0 [ 390.740003] ? graph_lock+0x270/0x270 [ 390.743811] ? futex_wake+0x304/0x760 [ 390.747644] ? find_held_lock+0x36/0x1c0 [ 390.751730] ? __handle_mm_fault+0x4d19/0x5b70 [ 390.756331] ? lock_downgrade+0x900/0x900 [ 390.760497] ? kasan_check_read+0x11/0x20 [ 390.764654] ? do_raw_spin_unlock+0xa7/0x330 [ 390.769071] ? do_raw_spin_trylock+0x270/0x270 [ 390.773666] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 390.779331] __handle_mm_fault+0x4d26/0x5b70 [ 390.783763] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 390.788617] ? graph_lock+0x270/0x270 [ 390.792746] ? kasan_check_read+0x11/0x20 [ 390.796902] ? graph_lock+0x270/0x270 06:11:36 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$nfc_llcp(r0, 0x118, 0x4, &(0x7f0000000140)=""/134, 0x86) [ 390.800714] ? rcu_read_unlock_special+0x370/0x370 [ 390.805673] ? graph_lock+0x270/0x270 [ 390.809488] ? graph_lock+0x270/0x270 [ 390.813318] ? find_held_lock+0x36/0x1c0 [ 390.817396] ? find_held_lock+0x36/0x1c0 [ 390.821475] ? handle_mm_fault+0x42a/0xc70 [ 390.821495] ? lock_downgrade+0x900/0x900 [ 390.821511] ? check_preemption_disabled+0x48/0x280 [ 390.821531] ? kasan_check_read+0x11/0x20 [ 390.829900] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 390.829914] ? rcu_read_unlock_special+0x370/0x370 [ 390.829932] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.829947] ? check_preemption_disabled+0x48/0x280 [ 390.829968] handle_mm_fault+0x54f/0xc70 [ 390.829987] ? __handle_mm_fault+0x5b70/0x5b70 [ 390.868486] ? find_vma+0x34/0x190 [ 390.872044] __do_page_fault+0x5f6/0xd70 [ 390.876127] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.881688] do_page_fault+0xf2/0x7e0 [ 390.885545] ? vmalloc_sync_all+0x30/0x30 [ 390.889747] ? error_entry+0x70/0xd0 [ 390.893487] ? trace_hardirqs_off_caller+0xbb/0x310 [ 390.898517] ? trace_hardirqs_on_caller+0xc0/0x310 [ 390.903455] ? syscall_return_slowpath+0x5e0/0x5e0 [ 390.908402] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.913248] ? trace_hardirqs_on_caller+0x310/0x310 [ 390.918292] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 390.923751] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 390.928175] dns_resolver_preparse: 16 callbacks suppressed [ 390.928183] Invalid option length (1042293) for dns_resolver key [ 390.928787] ? prepare_exit_to_usermode+0x291/0x3b0 [ 390.928806] ? page_fault+0x8/0x30 [ 390.928821] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.928839] ? page_fault+0x8/0x30 [ 390.941759] Invalid option length (1042293) for dns_resolver key [ 390.945611] page_fault+0x1e/0x30 [ 390.945625] RIP: 0033:0x4510a0 [ 390.945642] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 390.945655] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 390.990883] Invalid option length (1042293) for dns_resolver key [ 390.994552] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 390.994563] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 390.994573] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 390.994583] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 390.994593] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 391.017268] CPU: 0 PID: 18005 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 391.030103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.030110] Call Trace: [ 391.030134] dump_stack+0x244/0x39d [ 391.030155] ? dump_stack_print_info.cold.1+0x20/0x20 [ 391.046009] handle_userfault.cold.30+0x47/0x62 [ 391.046049] ? userfaultfd_ioctl+0x5610/0x5610 [ 391.046075] ? mark_held_locks+0x130/0x130 [ 391.079092] Invalid option length (1042293) for dns_resolver key [ 391.080307] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 391.080324] ? futex_wait_setup+0x266/0x3e0 [ 391.080354] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 391.080377] ? userfaultfd_ctx_put+0x830/0x830 [ 391.101531] ? print_usage_bug+0xc0/0xc0 [ 391.110151] ? print_usage_bug+0xc0/0xc0 [ 391.110170] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 391.110185] ? print_usage_bug+0xc0/0xc0 [ 391.110204] ? graph_lock+0x270/0x270 [ 391.127340] ? futex_wake+0x304/0x760 [ 391.127395] ? find_held_lock+0x36/0x1c0 [ 391.127442] ? __handle_mm_fault+0x4d19/0x5b70 [ 391.127477] ? lock_downgrade+0x900/0x900 [ 391.127507] ? kasan_check_read+0x11/0x20 [ 391.127522] ? do_raw_spin_unlock+0xa7/0x330 [ 391.127538] ? do_raw_spin_trylock+0x270/0x270 [ 391.127560] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 391.127588] __handle_mm_fault+0x4d26/0x5b70 [ 391.127617] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 391.127639] ? graph_lock+0x270/0x270 [ 391.127655] ? kasan_check_read+0x11/0x20 [ 391.127671] ? graph_lock+0x270/0x270 [ 391.127687] ? rcu_read_unlock_special+0x370/0x370 06:11:36 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:36 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x200400, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) mount$9p_tcp(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x10, &(0x7f00000002c0)={'trans=tcp,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@cachetag={'cachetag'}}, {@version_9p2000='version=9p2000'}, {@access_client='access=client'}, {@version_9p2000='version=9p2000'}], [{@dont_appraise='dont_appraise'}, {@measure='measure'}]}}) add_key(&(0x7f0000000200)='dn"\x00\x00\x00\x00\x00\b\x00er\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x100332, 0xfffffffffffffffb) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10020a4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r1, 0x420, 0x70bd26, 0x25dfdbfb, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0xf01}}, ["", "", ""]}, 0x24}}, 0x1) 06:11:36 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"026800"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:36 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:36 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 391.127713] ? graph_lock+0x270/0x270 [ 391.127728] ? graph_lock+0x270/0x270 [ 391.127742] ? find_held_lock+0x36/0x1c0 [ 391.127761] ? find_held_lock+0x36/0x1c0 [ 391.127787] ? handle_mm_fault+0x42a/0xc70 [ 391.127804] ? lock_downgrade+0x900/0x900 [ 391.127821] ? check_preemption_disabled+0x48/0x280 [ 391.127842] ? kasan_check_read+0x11/0x20 [ 391.127858] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 391.127873] ? rcu_read_unlock_special+0x370/0x370 [ 391.127892] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.127909] ? check_preemption_disabled+0x48/0x280 [ 391.127937] handle_mm_fault+0x54f/0xc70 [ 391.127964] ? __handle_mm_fault+0x5b70/0x5b70 [ 391.127985] ? find_vma+0x34/0x190 [ 391.128004] __do_page_fault+0x5f6/0xd70 [ 391.128017] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.128040] do_page_fault+0xf2/0x7e0 [ 391.128057] ? vmalloc_sync_all+0x30/0x30 [ 391.128074] ? error_entry+0x70/0xd0 [ 391.128092] ? trace_hardirqs_off_caller+0xbb/0x310 [ 391.128108] ? trace_hardirqs_on_caller+0xc0/0x310 [ 391.128124] ? syscall_return_slowpath+0x5e0/0x5e0 [ 391.128139] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.128156] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.128171] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 391.128188] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 391.128209] ? prepare_exit_to_usermode+0x291/0x3b0 [ 391.128234] ? page_fault+0x8/0x30 [ 391.128267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.128286] ? page_fault+0x8/0x30 [ 391.128306] page_fault+0x1e/0x30 [ 391.128322] RIP: 0033:0x4510a0 [ 391.128338] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 391.128347] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 391.128360] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 391.128370] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 391.128380] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 391.128389] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 391.128399] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 391.295618] Invalid option length (1042293) for dns_resolver key [ 391.338836] FAULT_FLAG_ALLOW_RETRY missing 70 [ 391.351950] CPU: 0 PID: 18038 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 391.356076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.445074] Call Trace: [ 391.445097] dump_stack+0x244/0x39d [ 391.445112] ? dump_stack_print_info.cold.1+0x20/0x20 [ 391.445126] ? preempt_schedule+0x4d/0x60 [ 391.445145] handle_userfault.cold.30+0x47/0x62 [ 391.445166] ? userfaultfd_ioctl+0x5610/0x5610 [ 391.445179] ? mark_held_locks+0x130/0x130 [ 391.445194] ? find_held_lock+0x36/0x1c0 [ 391.445222] ? futex_wake+0x613/0x760 [ 391.445236] ? userfaultfd_ctx_put+0x830/0x830 [ 391.445252] ? kasan_check_read+0x11/0x20 [ 391.445264] ? print_usage_bug+0xc0/0xc0 [ 391.445274] ? do_raw_spin_trylock+0x270/0x270 [ 391.445285] ? print_usage_bug+0xc0/0xc0 [ 391.445300] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 391.445311] ? print_usage_bug+0xc0/0xc0 [ 391.445323] ? graph_lock+0x270/0x270 [ 391.445333] ? futex_wake+0x304/0x760 [ 391.445354] ? find_held_lock+0x36/0x1c0 [ 391.445373] ? __handle_mm_fault+0x4d19/0x5b70 [ 391.445385] ? lock_downgrade+0x900/0x900 [ 391.445401] ? kasan_check_read+0x11/0x20 [ 391.445411] ? do_raw_spin_unlock+0xa7/0x330 [ 391.445421] ? do_raw_spin_trylock+0x270/0x270 [ 391.445434] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 391.445452] __handle_mm_fault+0x4d26/0x5b70 [ 391.445469] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 391.445482] ? graph_lock+0x270/0x270 [ 391.445493] ? kasan_check_read+0x11/0x20 [ 391.445503] ? graph_lock+0x270/0x270 [ 391.445515] ? rcu_read_unlock_special+0x370/0x370 [ 391.445533] ? graph_lock+0x270/0x270 [ 391.445543] ? graph_lock+0x270/0x270 [ 391.445553] ? find_held_lock+0x36/0x1c0 [ 391.445567] ? find_held_lock+0x36/0x1c0 [ 391.445587] ? handle_mm_fault+0x42a/0xc70 [ 391.445599] ? lock_downgrade+0x900/0x900 [ 391.445611] ? check_preemption_disabled+0x48/0x280 [ 391.445626] ? kasan_check_read+0x11/0x20 [ 391.445636] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 391.445648] ? rcu_read_unlock_special+0x370/0x370 [ 391.445660] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.445672] ? check_preemption_disabled+0x48/0x280 [ 391.445687] handle_mm_fault+0x54f/0xc70 [ 391.445701] ? __handle_mm_fault+0x5b70/0x5b70 [ 391.445713] ? find_vma+0x34/0x190 [ 391.445729] __do_page_fault+0x5f6/0xd70 [ 391.445740] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.445757] do_page_fault+0xf2/0x7e0 [ 391.445769] ? vmalloc_sync_all+0x30/0x30 [ 391.445780] ? error_entry+0x70/0xd0 [ 391.445793] ? trace_hardirqs_off_caller+0xbb/0x310 [ 391.445803] ? trace_hardirqs_on_caller+0xc0/0x310 [ 391.445815] ? syscall_return_slowpath+0x5e0/0x5e0 [ 391.445825] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.445837] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.445848] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 391.445860] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 391.445873] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 06:11:37 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:37 executing program 5: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x40, 0x0) r1 = eventfd2(0x3, 0x1) ioctl$KVM_HYPERV_EVENTFD(r0, 0x4018aebd, &(0x7f0000000040)={0x4, r1, 0x1}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:37 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/userio\x00', 0x400000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) write$FUSE_STATFS(r0, &(0x7f0000000000)={0x60, 0x0, 0x4, {{0x8, 0x5, 0x29, 0x180000000, 0x800, 0x1, 0x7, 0x7fff}}}, 0x60) 06:11:37 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 391.445884] ? __switch_to_asm+0x40/0x70 [ 391.445894] ? page_fault+0x8/0x30 [ 391.445907] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.445919] ? page_fault+0x8/0x30 [ 391.445931] page_fault+0x1e/0x30 [ 391.445940] RIP: 0033:0x4510a0 [ 391.445953] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 391.445959] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 391.445968] RAX: 00007f5dbe468850 RBX: 0000000000000003 RCX: 000000000000000e [ 391.445975] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 391.445981] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 391.445987] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe4696d4 [ 391.445994] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 391.448991] FAULT_FLAG_ALLOW_RETRY missing 70 [ 391.461056] Invalid option length (1042293) for dns_resolver key 06:11:37 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020048"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 391.486707] CPU: 0 PID: 18045 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 391.493049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.493056] Call Trace: [ 391.493079] dump_stack+0x244/0x39d [ 391.493101] ? dump_stack_print_info.cold.1+0x20/0x20 [ 391.501742] handle_userfault.cold.30+0x47/0x62 [ 391.501775] ? userfaultfd_ioctl+0x5610/0x5610 [ 391.510989] ? mark_held_locks+0x130/0x130 [ 391.511005] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 391.511019] ? futex_wait_setup+0x266/0x3e0 [ 391.511048] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 391.511068] ? userfaultfd_ctx_put+0x830/0x830 [ 391.511093] ? print_usage_bug+0xc0/0xc0 [ 391.595855] ? print_usage_bug+0xc0/0xc0 [ 391.595878] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 391.595892] ? print_usage_bug+0xc0/0xc0 [ 391.595910] ? graph_lock+0x270/0x270 [ 391.604283] ? futex_wake+0x304/0x760 [ 391.604316] ? find_held_lock+0x36/0x1c0 [ 391.604341] ? __handle_mm_fault+0x4d19/0x5b70 [ 391.634245] ? lock_downgrade+0x900/0x900 06:11:37 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020020"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 391.650561] ? kasan_check_read+0x11/0x20 [ 391.650580] ? do_raw_spin_unlock+0xa7/0x330 [ 391.650596] ? do_raw_spin_trylock+0x270/0x270 [ 391.650615] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 391.650639] __handle_mm_fault+0x4d26/0x5b70 [ 391.735346] Invalid option length (1042293) for dns_resolver key [ 391.751205] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 391.751226] ? graph_lock+0x270/0x270 [ 391.751243] ? kasan_check_read+0x11/0x20 [ 391.751259] ? graph_lock+0x270/0x270 [ 391.751274] ? rcu_read_unlock_special+0x370/0x370 06:11:37 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x55) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0x3}, &(0x7f0000000100), 0x100341, 0xfffffffffffffffb) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000040)={&(0x7f0000ffb000/0x2000)=nil, 0x2000}) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200, 0x0) [ 391.751297] ? graph_lock+0x270/0x270 [ 391.751309] ? graph_lock+0x270/0x270 [ 391.751324] ? find_held_lock+0x36/0x1c0 [ 391.751341] ? find_held_lock+0x36/0x1c0 [ 391.751362] ? handle_mm_fault+0x42a/0xc70 [ 391.751381] ? lock_downgrade+0x900/0x900 [ 391.782853] Invalid option length (1042293) for dns_resolver key [ 391.784892] ? check_preemption_disabled+0x48/0x280 [ 391.784919] ? kasan_check_read+0x11/0x20 [ 391.784936] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 391.784953] ? rcu_read_unlock_special+0x370/0x370 [ 391.784969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.784988] ? check_preemption_disabled+0x48/0x280 [ 391.831196] handle_mm_fault+0x54f/0xc70 [ 391.831218] ? __handle_mm_fault+0x5b70/0x5b70 [ 391.831238] ? find_vma+0x34/0x190 [ 391.831260] __do_page_fault+0x5f6/0xd70 [ 391.840059] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.840083] do_page_fault+0xf2/0x7e0 [ 391.840099] ? vmalloc_sync_all+0x30/0x30 [ 391.840115] ? error_entry+0x70/0xd0 [ 391.840131] ? trace_hardirqs_off_caller+0xbb/0x310 [ 391.840144] ? trace_hardirqs_on_caller+0xc0/0x310 [ 391.840157] ? syscall_return_slowpath+0x5e0/0x5e0 [ 391.840188] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.863988] Invalid option length (1042293) for dns_resolver key [ 391.868175] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.868199] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 391.868219] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 391.868238] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 391.868253] ? __switch_to_asm+0x40/0x70 [ 391.868266] ? page_fault+0x8/0x30 [ 391.868283] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.868301] ? page_fault+0x8/0x30 [ 391.868316] page_fault+0x1e/0x30 [ 391.868327] RIP: 0033:0x4510a0 [ 391.868344] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 391.894141] Invalid option length (1042293) for dns_resolver key [ 391.897831] RSP: 002b:00007fbddc1367a8 EFLAGS: 00010202 [ 391.897845] RAX: 00007fbddc136850 RBX: 0000000000000003 RCX: 000000000000000e [ 391.897855] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc136850 [ 391.897865] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 391.897874] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1376d4 [ 391.897884] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:37 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:37 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) ioctl$TIOCLINUX4(r0, 0x541c, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000140)) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:37 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x2200) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xff, 0x1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000001600)='./file0\x00', 0x80000, 0x8) r3 = accept4$llc(0xffffffffffffff9c, &(0x7f0000001640)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000001680)=0x10, 0x80800) r4 = syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0xfffffffffffff800, 0x10000) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001700)='/dev/ppp\x00', 0x4000, 0x0) r6 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) r7 = socket$kcm(0x29, 0x2, 0x0) r8 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000001740)='/dev/dlm-control\x00', 0x40000, 0x0) r9 = socket$bt_hidp(0x1f, 0x3, 0x6) ppoll(&(0x7f0000001780)=[{r0, 0x88}, {r1, 0x2}, {r2, 0x2}, {r3, 0x1}, {r4, 0x4003}, {r5, 0x8000}, {r6, 0x2}, {r7, 0x20}, {r8, 0x20}, {r9, 0x50}], 0xa, &(0x7f0000001800), &(0x7f0000001840)={0x40}, 0x8) r10 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$PIO_FONT(r10, 0x4b61, &(0x7f0000000140)="2acd6db4e57aba96876aeb8bce30765779590b57c06508f0875d7599973200b8025670447556a552379c5d58cc44e156a38e0f0dbd24338fde0deff28d10d869cbab76076f5c0ce010e41fd67671939f022d94a367800bd2df50efe0d5bdcf37c7aea4690d3944a67c0d84e43324d5dbc8c228c5a5cef804cd9b30b24dcaf32605") perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:37 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020300"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:37 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:37 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:38 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r0 = getpgid(0xffffffffffffffff) capset(&(0x7f0000000000)={0x20071026, r0}, &(0x7f0000000040)={0x9, 0x8400000000000000, 0x948, 0x8, 0xfffffffffffffff9, 0x6}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 392.379691] FAULT_FLAG_ALLOW_RETRY missing 70 [ 392.388901] CPU: 1 PID: 18088 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 392.397514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.406876] Call Trace: [ 392.409485] dump_stack+0x244/0x39d [ 392.413142] ? dump_stack_print_info.cold.1+0x20/0x20 [ 392.418354] handle_userfault.cold.30+0x47/0x62 [ 392.418385] ? userfaultfd_ioctl+0x5610/0x5610 [ 392.427635] ? mark_held_locks+0x130/0x130 [ 392.431887] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 392.436911] ? futex_wait_setup+0x266/0x3e0 [ 392.436940] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 392.446441] ? userfaultfd_ctx_put+0x830/0x830 [ 392.451053] ? print_usage_bug+0xc0/0xc0 [ 392.455134] ? print_usage_bug+0xc0/0xc0 [ 392.458824] FAULT_FLAG_ALLOW_RETRY missing 70 [ 392.459212] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 392.468913] ? print_usage_bug+0xc0/0xc0 [ 392.468930] ? graph_lock+0x270/0x270 [ 392.468946] ? futex_wake+0x304/0x760 [ 392.468975] ? find_held_lock+0x36/0x1c0 [ 392.484705] ? __handle_mm_fault+0x4d19/0x5b70 [ 392.489823] ? lock_downgrade+0x900/0x900 [ 392.493988] ? kasan_check_read+0x11/0x20 [ 392.498151] ? do_raw_spin_unlock+0xa7/0x330 [ 392.502569] ? do_raw_spin_trylock+0x270/0x270 [ 392.507162] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 392.507187] __handle_mm_fault+0x4d26/0x5b70 [ 392.507209] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 392.517222] ? graph_lock+0x270/0x270 [ 392.517237] ? kasan_check_read+0x11/0x20 06:11:38 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:38 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:38 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:38 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"027a00"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 392.517255] ? graph_lock+0x270/0x270 [ 392.533799] ? rcu_read_unlock_special+0x370/0x370 [ 392.538754] ? graph_lock+0x270/0x270 [ 392.542564] ? graph_lock+0x270/0x270 [ 392.546371] ? find_held_lock+0x36/0x1c0 [ 392.550448] ? find_held_lock+0x36/0x1c0 [ 392.554534] ? handle_mm_fault+0x42a/0xc70 [ 392.558797] ? lock_downgrade+0x900/0x900 [ 392.558815] ? check_preemption_disabled+0x48/0x280 [ 392.558837] ? kasan_check_read+0x11/0x20 [ 392.558852] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 392.558869] ? rcu_read_unlock_special+0x370/0x370 [ 392.558887] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.558903] ? check_preemption_disabled+0x48/0x280 [ 392.558929] handle_mm_fault+0x54f/0xc70 [ 392.558949] ? __handle_mm_fault+0x5b70/0x5b70 06:11:38 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020400"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 392.558967] ? find_vma+0x34/0x190 [ 392.558987] __do_page_fault+0x5f6/0xd70 [ 392.559003] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.559027] do_page_fault+0xf2/0x7e0 [ 392.559043] ? vmalloc_sync_all+0x30/0x30 [ 392.559059] ? error_entry+0x70/0xd0 [ 392.559076] ? trace_hardirqs_off_caller+0xbb/0x310 [ 392.559090] ? trace_hardirqs_on_caller+0xc0/0x310 [ 392.559114] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.559128] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.559144] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.559160] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 392.559176] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 392.559194] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.559208] ? page_fault+0x8/0x30 [ 392.559226] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.559244] ? page_fault+0x8/0x30 [ 392.559259] page_fault+0x1e/0x30 [ 392.559271] RIP: 0033:0x4510a0 [ 392.559286] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 392.559294] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 392.559306] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 392.559316] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 392.559325] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 392.559334] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 392.559343] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 392.559376] CPU: 0 PID: 18087 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 392.559384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.559388] Call Trace: [ 392.559405] dump_stack+0x244/0x39d [ 392.559425] ? dump_stack_print_info.cold.1+0x20/0x20 [ 392.559454] handle_userfault.cold.30+0x47/0x62 [ 392.559481] ? userfaultfd_ioctl+0x5610/0x5610 [ 392.559497] ? mark_held_locks+0x130/0x130 [ 392.559511] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 392.559524] ? futex_wait_setup+0x266/0x3e0 [ 392.559551] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 392.559571] ? userfaultfd_ctx_put+0x830/0x830 [ 392.559592] ? print_usage_bug+0xc0/0xc0 [ 392.559606] ? print_usage_bug+0xc0/0xc0 [ 392.559622] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 392.559637] ? print_usage_bug+0xc0/0xc0 [ 392.559653] ? graph_lock+0x270/0x270 [ 392.559667] ? futex_wake+0x304/0x760 [ 392.559697] ? find_held_lock+0x36/0x1c0 [ 392.559721] ? __handle_mm_fault+0x4d19/0x5b70 [ 392.559736] ? lock_downgrade+0x900/0x900 [ 392.559757] ? kasan_check_read+0x11/0x20 [ 392.559771] ? do_raw_spin_unlock+0xa7/0x330 [ 392.559785] ? do_raw_spin_trylock+0x270/0x270 [ 392.559802] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 392.559826] __handle_mm_fault+0x4d26/0x5b70 [ 392.559847] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 392.559864] ? graph_lock+0x270/0x270 [ 392.559878] ? kasan_check_read+0x11/0x20 [ 392.559890] ? graph_lock+0x270/0x270 [ 392.559904] ? rcu_read_unlock_special+0x370/0x370 [ 392.559929] ? graph_lock+0x270/0x270 [ 392.559943] ? graph_lock+0x270/0x270 [ 392.559954] ? find_held_lock+0x36/0x1c0 [ 392.559971] ? find_held_lock+0x36/0x1c0 [ 392.559993] ? handle_mm_fault+0x42a/0xc70 [ 392.560015] ? lock_downgrade+0x900/0x900 [ 392.560029] ? check_preemption_disabled+0x48/0x280 [ 392.560048] ? kasan_check_read+0x11/0x20 [ 392.560062] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 392.560076] ? rcu_read_unlock_special+0x370/0x370 [ 392.560090] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.560131] ? check_preemption_disabled+0x48/0x280 [ 392.560151] handle_mm_fault+0x54f/0xc70 [ 392.560167] ? __handle_mm_fault+0x5b70/0x5b70 [ 392.560184] ? find_vma+0x34/0x190 [ 392.560202] __do_page_fault+0x5f6/0xd70 [ 392.560217] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.560240] do_page_fault+0xf2/0x7e0 [ 392.560253] ? vmalloc_sync_all+0x30/0x30 [ 392.560269] ? error_entry+0x70/0xd0 [ 392.560287] ? trace_hardirqs_off_caller+0xbb/0x310 [ 392.560300] ? trace_hardirqs_on_caller+0xc0/0x310 [ 392.560314] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.560326] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.560342] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.560355] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 392.560369] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 392.560388] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.560403] ? page_fault+0x8/0x30 [ 392.560419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.560435] ? page_fault+0x8/0x30 [ 392.560450] page_fault+0x1e/0x30 [ 392.560463] RIP: 0033:0x4510a0 [ 392.560478] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 392.560489] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 392.560508] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 392.560521] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 392.560533] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:11:39 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:39 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet6_dccp_int(r0, 0x21, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4) r2 = geteuid() getsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000280), &(0x7f00000002c0)=0x4) r3 = getgid() mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x1, &(0x7f0000000140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0xd000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r3}, 0x2c, {[{@allow_other='allow_other'}], [{@smackfsdef={'smackfsdef', 0x3d, "0200"}}, {@hash='hash'}]}}) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:39 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0x3}, &(0x7f0000000140), 0x0, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000140)=""/4096) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000)) 06:11:39 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:39 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 392.560544] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 392.560556] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 392.629043] capability: warning: `syz-executor5' uses deprecated v2 capabilities in a way that may be insecure 06:11:39 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:39 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000240)=0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000680)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000280)={0x3a8, 0x1, 0xa, 0x20, 0x70bd2a, 0x25dfdbfc, {0x7, 0x0, 0x9}, [@generic="41a1e0ed3c80694a9a9e145a0d4fc1f0952730972cf42881a799167db98216145ba42e5ed7dd36588c", @generic="2105b10e5d3fd5a38746973307e3d93751e9cf5f3f0960ad650b51b4b6d12004e4af93e57024d7f958ef8bd2793452edd2fa7a552d11c87e0ca9e89715bf2e9348b12db3994cb501df9643e54ac098571493e4ccf43e0235582c71c92b56032d5929203c680e1acbcdbc", @generic="91b5325002af231fe86071e2a49088dd220cd50f87bc3ef7d694f7366a30291b7f98253974e8fc132b7819ce88756fa1d773dda7351606e8be69466b47cdfedd784fa8d01c222a008c486616254ebd614f997373fccc38b66e3863237845e5abf735d36ebbc287946fe633550cda7c96c49f441f888ddf6239d8d04f09956f6523ff8860d8925be33dc8b9a973ca2e89dd9f9f8de68c80644c681e998e8a2b42c1822e7b0109d5f001b6ab4621f3ba4e44f28b7733ba8503ad4cc0fb4ce0eb304a2e85", @typed={0x4, 0x6d}, @typed={0x8, 0x3b, @fd=r0}, @typed={0x8, 0x83, @fd=r0}, @typed={0x8, 0x3e, @fd=r1}, @nested={0x174, 0x4, [@generic="8c2ca2eebfec0f42e7763e5a83a31943e387969cc38826dcb20ac499649ae6aeb1a279e5999b47109fe353ca83168b17", @typed={0x4, 0x7a}, @typed={0x8, 0x4a, @pid=r2}, @typed={0x14, 0x84, @ipv6=@ipv4={[], [], @empty}}, @generic="5b0ef2fba0b6772fa7d74109b081d39598c8c29f9615b39b098cc69dbbff10260c7211bc8b9ddfd31f8f96122378a803fe001091e5ae01213da3236b93cc9a64be48089a99463f1068022bc1bc0b2b6a19df600e655da89fe64031618ff330497580dbe4fef25cfb26e39b884164967b8a44a43cd5a235c3437df1c0b64434c3640b611476e829ab80108c391b08a0cbf627152b420d4816468d848a481a354594eaf809ef8e78f4d6517328312719fa02ad31879e52", @generic="be6f97490e769278367568973edd53ee7b89d0424c31fc6ee035c296c64ee15d55e53261c6fcd6d8a6245b08dd9f0db93ab251b625a29126eea290dba12179244a1cabedf9f4aa9aa9d144c4162b5ad1112e5606f4ad76d867e302825cf56f063bcf7873e0abee"]}, @nested={0xac, 0x59, [@generic="6eb2fd7f4fb8f1a1a3c79289d60259f076857c4da8e1ae08d802ad86093a90e289fbb457bb7c97667ef57fa1664f3901f0", @typed={0x8, 0x26, @str="0200"}, @generic="c70d14c4fa6d8cd2bf35ffb3ea92d6d3fc9e89cc041467fe18010b369a338072bda003abeefa03688df8e82f26c8a634e38d7955912c4ce23818fd38cbac3bd584898776703da9137ba223126e7511124944303211cbcc6e1fdafb808b4a65d86b76d42b467de71abf814fb95b1981"]}]}, 0x3a8}, 0x1, 0x0, 0x0, 0x800}, 0x40c0) socket$nl_crypto(0x10, 0x3, 0x15) r3 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40204}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, r4, 0x10, 0x70bd27, 0x25dfdbfb, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x2, 0x5, @udp='udp:syz2\x00'}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0xc0) 06:11:39 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"027400"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:39 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:39 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 393.421401] FAULT_FLAG_ALLOW_RETRY missing 70 [ 393.425969] CPU: 0 PID: 18143 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 393.434550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.443916] Call Trace: [ 393.446534] dump_stack+0x244/0x39d [ 393.448841] Option ' è`q⤈Ý" Õ‡¼>÷Ö”÷6j0)˜%9tèü+xΈuo¡×sݧ5è¾iFkGÍþÝxO¨Ð"*' to dns_resolver key: bad/missing value [ 393.450182] ? dump_stack_print_info.cold.1+0x20/0x20 [ 393.450213] handle_userfault.cold.30+0x47/0x62 [ 393.473172] ? userfaultfd_ioctl+0x5610/0x5610 [ 393.477777] ? mark_held_locks+0x130/0x130 [ 393.482039] ? _raw_spin_unlock_irq+0x60/0x80 [ 393.486540] ? finish_task_switch+0x1f4/0x910 [ 393.491055] ? finish_task_switch+0x1b4/0x910 [ 393.494792] Option ' è`q⤈Ý" Õ‡¼>÷Ö”÷6j0)˜%9tèü+xΈuo¡×sݧ5è¾iFkGÍþÝxO¨Ð"*' to dns_resolver key: bad/missing value [ 393.495559] ? __switch_to_asm+0x34/0x70 [ 393.495578] ? __switch_to_asm+0x34/0x70 [ 393.495597] ? __switch_to_asm+0x34/0x70 [ 393.520850] ? __switch_to_asm+0x40/0x70 [ 393.524926] ? userfaultfd_ctx_put+0x830/0x830 [ 393.529525] ? syscall_return_via_sysret+0xf/0x2e [ 393.534373] ? __switch_to_asm+0x40/0x70 [ 393.534396] ? __schedule+0xa49/0x21e0 [ 393.534415] ? print_usage_bug+0xc0/0xc0 [ 393.534438] ? print_usage_bug+0xc0/0xc0 [ 393.542366] ? graph_lock+0x270/0x270 [ 393.542388] ? mark_held_locks+0xc7/0x130 [ 393.542408] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 393.563222] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 393.567821] ? find_held_lock+0x36/0x1c0 [ 393.571908] ? __handle_mm_fault+0x4d19/0x5b70 [ 393.576509] ? lock_downgrade+0x900/0x900 [ 393.580677] ? kasan_check_read+0x11/0x20 [ 393.584838] ? do_raw_spin_unlock+0xa7/0x330 [ 393.589258] ? do_raw_spin_trylock+0x270/0x270 [ 393.593856] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 393.599505] __handle_mm_fault+0x4d26/0x5b70 [ 393.603928] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 393.608778] ? graph_lock+0x270/0x270 [ 393.608796] ? kasan_check_read+0x11/0x20 [ 393.608812] ? graph_lock+0x270/0x270 [ 393.608829] ? rcu_read_unlock_special+0x370/0x370 [ 393.608852] ? graph_lock+0x270/0x270 [ 393.608864] ? graph_lock+0x270/0x270 [ 393.608881] ? find_held_lock+0x36/0x1c0 [ 393.616815] ? find_held_lock+0x36/0x1c0 [ 393.616842] ? handle_mm_fault+0x42a/0xc70 [ 393.616860] ? lock_downgrade+0x900/0x900 [ 393.616876] ? check_preemption_disabled+0x48/0x280 [ 393.616896] ? kasan_check_read+0x11/0x20 [ 393.637224] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 393.637242] ? rcu_read_unlock_special+0x370/0x370 [ 393.637261] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.637276] ? check_preemption_disabled+0x48/0x280 [ 393.637298] handle_mm_fault+0x54f/0xc70 [ 393.645577] ? __handle_mm_fault+0x5b70/0x5b70 [ 393.688212] ? find_vma+0x34/0x190 [ 393.688235] __do_page_fault+0x5f6/0xd70 [ 393.688252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.688274] do_page_fault+0xf2/0x7e0 [ 393.695859] ? vmalloc_sync_all+0x30/0x30 [ 393.695876] ? error_entry+0x70/0xd0 [ 393.695896] ? trace_hardirqs_off_caller+0xbb/0x310 06:11:39 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0x1}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) write$FUSE_STATFS(r0, &(0x7f0000000040)={0x60, 0x0, 0x6, {{0xfb5546e, 0x1, 0x2a85701c, 0x7fffffff, 0x49f9, 0x4, 0x1, 0x4}}}, 0x60) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) 06:11:39 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) init_module(&(0x7f0000000000)='self]wlan1proc-/\x00', 0x11, &(0x7f0000000040)='\x00') ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000140)={0x9, 0x7, 0x4, 0x20401160, {}, {0x4, 0x0, 0x182, 0x0, 0x8, 0xff, "41e022ee"}, 0x4e98, 0x2, @offset=0x1, 0x4}) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 393.695911] ? trace_hardirqs_on_caller+0xc0/0x310 [ 393.695931] ? syscall_return_slowpath+0x5e0/0x5e0 [ 393.728554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.728575] ? trace_hardirqs_on_caller+0x310/0x310 [ 393.728591] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 393.728609] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 393.728627] ? prepare_exit_to_usermode+0x291/0x3b0 [ 393.728644] ? page_fault+0x8/0x30 [ 393.728662] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.728681] ? page_fault+0x8/0x30 [ 393.728698] page_fault+0x1e/0x30 [ 393.728710] RIP: 0033:0x4510a0 [ 393.728727] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 393.728735] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 393.728748] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 393.728758] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 393.728768] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 393.728777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 393.728787] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:39 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, 0x0) 06:11:39 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:39 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@empty, @dev={0xac, 0x14, 0x14, 0x13}}, 0x8) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r2, 0x8904, 0x0) fdatasync(r1) 06:11:39 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x3, 0x0) ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000000)={0x7, {0xb2, 0x7ff, 0x8000, 0x3}}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) finit_module(r1, &(0x7f0000001300)='dns_resolver\x00', 0x1) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) sendmsg$kcm(r1, &(0x7f00000012c0)={&(0x7f0000000100)=@l2={0x1f, 0x7f, {0x3, 0x7c, 0x6, 0x7cb, 0x8, 0x2}, 0x5, 0x8}, 0x80, &(0x7f0000001280)=[{&(0x7f0000000180)="52667246e7f9537db4bfe833f3481ddb8a6af72360a621f57693222f5229dcd15547f74d08e8eafea9fc673cb01c0a8504432f28ec8164839401f6e5518be475720d8412b7fb8d849e98f93b455d9400353b8df3cc3180751fc3c063b364166d6ebe32de959cc641c1e6dd15308feec3276249e53eee55938157feb5cc03620b568116412c2eb943213012ce8070988fbbd7a1e8328e5562bf417163160e7556f9f60cbb264f90bffb012ccd83043b7bc6edd2534d111bf7861e45c60a50", 0xbe}, {&(0x7f0000000240)="e8710b35db2e44acb1464e2fbb68c0938d363ca108e1f02e7be35063f1ad4b946cc503203e84aa65624c3e40eec4ba7c570f5e2726480dc459f7848778ff919a71b01bd3bf982b00cd153d4b0aab16715e7daa088db57aef796e977be130130aa23f3490040149df7680dbe654af48365cf0103d071fac2aaefe21193bf72b63d66ed4868f73bcf342155e91fc539dfa4e41f5d2455eb93a4a7ef2af25e771d6a52fb923a1c09e27cd281e8152ed3ed951da571e481994039c6af5e6346964859b694f8f2bfbeb9edbda5923eafd16841179acc6c045f4c6c3df3d62c7a37cad6b2e7dc455767bc4ca2791982ddaa579cace844ed73268ac1fa4abe3dd61f14da4bc649c00828ed66574d79576a438be94ad1fb9a61d0e669a5cf91788af91bd12b28b4c5d4b15ddad5ecef1df21e12e8aed479bdb6ceaa58099868694af4a27aeae8814aa289059d67b41c6928add3b8a3c5805c4e99b0f101c293d466beb90b8211b4ee090bb573b86443d71d3edac49b6255832999e11c2e10e23076a0d4e058a2dcf96f176362b2816a75a799bb1213dd4f3543ca7dae6f09e9ebdbba6036c9528ee25c21278227d723acc0172dccec890604596373249fc7a475e234385d19fe23f0947c2906ad81b12f1ba6da7b4c455d1f4af8fed95c02be5075f7023082431a85444e48dc0fe249bf7c8d9b73a5efbaf45ca953e842edbf6ae9a4963aca863201518f34e8935d53bd2a18954978afa53f19404e6d41a40daf882fabad5d5da4e72ea3f3f7968dc69b0186a695ffbe51aa2bf0b574f1074dc67351bd83a4613972b9a68ecd24d1d8bc20f7538f902fc992fa1aeaf9e9d8691aace81c5ad9672343309954d555e4ce5a606fe78c6f5c22330d1be373a8cea35eabc675a724cd664dcdcfe015e0122fde8c1e6645e63b15318a4b6cf2eb0b08ea7ec140c623c10938b7f3c74ef243ca949d32d0481179db6a49fb28ce7baf8546ae00b141b025894618f75adb225e2cff7a65a9f76e1dce95fb571708f8bf2560a1d1e4315894ae444b1a2d103f3522739a559be65fdf676060d7e2e0bb2ad4a83699f7ee7f4829c6fe4f26267a2af2de3ec739b3d03c6ab39a91b8fb97f1c09a4362625bde61a264edd32e0c02e3d2ad70e060c33819b9b9466b1021eb6cba30d2dc5d598dcbf3a901d83d57fe1a8a2b70cafe5a6be95eaca944687917e31faecb35d1af45e9efd1cbe7714237533fd36e38d1573cd4f1952427030a94e76d49438c4112b52421f6e45af6b95087dc957cbebf247b9e8b2d0c7827e9ae588b7ad32e99513e7775b7ba8fd8d4b6f76421985289f49ba42d57d278e4c91196282153563e6259c657e465ff6ee132bf76a27588c54cb415a8b2e00a1388fc149ea3904f55f29a3b173dad5eb9d99a5334cd0a5cf3f81ea7c9f21eb8b89c2a1920fe2dfa9c6538eeb1c391986a1ab7eec7a4bf5456d477755c832a6163c5fe2ea0e512772443a1f42d0f2fc398668d4920ec412dddbe912b80fd5decac8a0ec14448a47320e30642af0df78f471014352c26be6e50034938c0405255c08035ad7563c006f5b8d0adfaa03bde3d0bd66b9039b7608f5a5efb2909121a54c2e644f2b7f319d62ea4e1cc1039181e99985b726ecffa1240c116ce4df799dff7b0ae5e4ff72a426385a51144c39b354ccb7704ac7226ae3971081a7fc2a589b2ad10121119a4ad535bbef75de1375e4abddfe088914ae2adbe8bf954f0597317bfe61e1278fb2ffa1a2a537672c01ff3ab2be31ab206953c3daf7c91790a5194d4933db38e5b1317b927e081f5d607baefe4bdce20fe42addf0448fbceca66d5ba4d2575a570a6070a00cb757a854c86142b1e2b4acc6e8261608a185646dc8115a2b9c2be256f36434f7fcc078afcdbbf2134deae305970b27db31fe5ea60023ae8ed52b0a64ccf5b730fbe8f788c3aab387bb43b09bad5e54b619531e4d9c50d9705e3ac29bc5dbbf16006dc401667a6b8f273a863dd0e486e9b028b594a0a06429c453b2d53900cc4cfc02634f1ce023ac9df1af584be5cd451ba892c144d2fdb25dfe253d5f42360d9d65743e7b115ece37049eafbda385d441b74e431f3221b293404d25d97d1d082edbff702c3af9c8b8ad1281f9b88a5476fee9ab9be4c36a6b6495b57c3a3a367372141ef089c48c4d606084faebbd68fb30aeaaf2941080601146f609c6436f8befb3dab998520ef9afe7acd5a2ca2b3ab7f8e1e489aa2ceae7a90cf08cd889e3777102066d45a7fc41fa21d8dee1d318e84b02716f4d02f62c93aa5925f643144a84ff527e1029d9ca7178ac444b8062a2fe33e8a595c1d9e2b6f4d6cca124a9158da4b671e2e73471189d84d893cfebde388ca2528eb0196e6c956e340e77c8281c2695e4f22795aa38b30acd8dd051225f6b5376b87ae99d600ae555c47748d98b637eab8c014ed4061ae24ef4c69fbf0ac06cdf618a4e69a200990bc046d8d23938dca4e9489f92e27232ebe902e7a778feec3720dec72b5239ba54099ea0afb23e7752550d318ece794d8dbce1329dcab049c28ae69de7aa36bab6db33470ea59255cf92190974bf71d1f286d9bf9086e556b7fa34368961e64e7747029366b8f81b9748dcd80b50fdcfcb83a1a1741d8b5050a120dfe1f32c9d6b5ceaf37549c6b06fba2ae40610bd874a6a86ff00f0f25af750678331d5d1e84c5002d70bf7c7952b57777685a99f1becd543a90e8355b6109c7f1316c80c02b9cf908f648e06479565db9afd7404a0960f3f7527cf1c4a4472c8539f0f05a8c2fd88b949ab221606fd73be99390d69390bddcb672628b3571beb3b106fccf6a265f53463c1713bd86e88c4d4a772e41ff5706e8d67d9d841ceae9c51681c73fe37e6044af794df10e3bdcf76839d1e879924463371f7107505b30c56cc2ebb849a5a47a6dc46c2a791c2ea3c9668da3f8a1cea9652c4c477812559579a99eeeffab4b4be01b21f4f80b3e2480a5b9ed8cbbe017c1254ddde01b3406ec1cd380a01f614b5920e1414dcef814065ed185ad3581aa11f3b5ac0f01b3b2bfc1a84cbb9f675b2dbaa8bad054a166addaa74b3778abad0ecdc504058415e1f919a2bf376b8bb1b1089c3fbb899c00e38a0eae48de779db66007695975c082da7cd2a97d9248afa26219b5a6d4c92c418bb4af342602bb87d94c8abc8d756748e0fda0b5eb5f3580cdd99953f505d53aef4a48a7150d46def64c3c98888f7316a16a7f296bd988bb4fcbdcb696359d40473e900cf880863b54a0a988acc5b308169f2e3ffe2fdd296efa29d7753871371af7daf4a3a19526749262331df2b8c3c30749a8563ee24ce2f69aebf21b83cc9cc84d8f1e25c2dbdedea402d47de3482c5afa8776c6eb3ba8aa732ec32420fe70f5af4eb3494df66dbd09ffa7ad62c771fa3f38d1b67c033750bedd9fa8ffb9ccd0d0aa47887fb97316285e23bd378502c22bbb50bf173c90773991c304daf1c6165af95182cd8a660da651c977ab43ad50c47ce805dc3a2167031bf7c6219ea2e18941ed9257aed8018ecc1f17d679600079af61a6b227f13bf20233e5cff14a9fcaf4e08c376adc2ee36145266255fb0ad731b01b5627437fa29a523856b350bacb7320ce468a8ff413093bc0368daad35e78988d2b486cc50080b4966953eeaa2fec1ca4a24fa4a46be88b363f6df6751e2a47f9ddbc3a22195acf6b4d2ff2150690af4f156fda771375c5b7221583dcabbbef62c53c29dfecdfefcbe62d1a04d49cdbd9fdfaacbfface6f8890e3da293f54e32db702528836261e5b66d94515f2e0f78b1b984f7ec8d1333522a958abd07bf593789aeb780e238c484ded3ef04ed7ab68704c7a6e6744d5d9f0e7c546b67a6a9cebfe6bb75b6549dd8e0a1522fdf9fe8217dfefcd6604cfba75e336ffad28b938b0025782e1e37d85b5b120ab47f25b0ea57ffd0531862825dee9a3f9d73670a23d40071bea6cfd5619fc64a943a5b94dc1b63eacd9185ae502c395fa285dbbc070b8a4359af7c26811b2424a17847b44050484f7719e061bef4a418f500b3b422560193e0860ee50711eb84f1c33378ec8d3f866caa1da3271ee8a714e727a380a652bb73da9bb6307794413d9a44c759e29dcd35889a5a2c40cbc4834c2ccb8f36ce4d6977ff6e0cfbbdba52dd2f678442ba4b4cb5418d72f29e09ece592fe9d80e8eea6acaecb6f1cf61a62aee91c86f57698f8ad2a17f906a382987c5ae96a428e6fd9d2a78f6c861dd648569b3b88349ab75a70312bc950004545bdfa06a954f20aeab05bdcf7432c407a9e4a128e233287fd105a0a50ac8734c6698a1723b35f72697048af317a4fffef338b94e2c935dad6da3d4a899b74d29162bab9587e31d41c8d0ee7c73b5b51f4c15e0137f48ca3301ba0fa8e171c2cbf9792b2d7c063086f9b573c61d29ea1c84408772bd019f0c9f5d9750b67c298f70cc5e8db61c539b011cea20e5d29945e46f40c0b28a594eb07969f1f0a24ca29c622177be0aeeed640d200ef6b2a6ec3441776f08981150bf22a6364ec620f9df75dcc4348e4dce1f8abf6607214ee73f7d984549a275a26030720edc759c1d621a4167048927565f6aae87acaa7f0cc6539fac9140e8e1bbfcb319eaa29b0cb978976acae5d1e19bb56e7985ea15f745536acbf2d4cdf97fde3ad068ccee94839f7829c3ddbb36936d5dfe9249b8c224120121bea5a45e7b6cee8bdadcebb6696dc5953c985aa912b78162a2beea4b2304bdc36577b08356989b546fbab55237f54ea025c6cbac167f4fb55a122d0abe4477d09d690b720d11db52bfb123c14304f2c4b2c41d79699cb3a14d1b156d353a1a1033f4c93cb35bf1fcf47bdcc1a3a03fb17966cff43682d17ba432fc542707a6367c42f2608b6a290f49483206f76f93accf21d619c19d731754f7054d3d0704a5a82cf5086fe9bd315491928d59b9b5a2aa7569b34c1b938988209965b1ae8fef90e15c7fd0050d728458f2a3df830c930976177051b2dd72c5c657c8efafe0eb866faa9d35b49c9da36678e440753d32ca81cf28b45c953c9fda6319832567d7712d5d360934ecee58da633087c2a8a55aa5a33178f463a6edb84171102d1658eee80df1bc25641662b713462ac37f431296166b9904680f9723c25f36e92e20e34e36acb1c7245a7ddd5e83a36fc6a306849fa2769804e2f7bfb016fa0c431f6800718b2d3e354d688a443b98e0cf92035136820d91d875b2a99b18d793b3af0a4399c1be362bc2fd76fee5dd4225223cbcc9fc15ff2046293354c6578ee250ae5e2e756758ee39837e8686198b84cab20bc7f6255a1a9313edd776ec9a8a683d03b41a2ca60d843bd4c325c7e3264dfa8fceb08d000404253b4526f546e2053b1ad6c69307f92c38f6c0273ecc742569d42dba17f51a93bee25db851e8ba86e530242f59366b71a22be7c523d49c6c609883bca0b7cc8998c7e73984276f39f643976f2e2c0e5e4988c50ae9b787d14eb0c999b72a9ef9f088ae6899859f7227d08f8639d3e4c0cc75c845eebf12e20e9e74da1a0fb5b694369f8295a4918558aae30b1f5513efcfe3662974cfa18fa7b2b98442bea0d80c42c5673056a43509c3e48d1aa8e63820680bc31e1633d965d5efb030fdfb75d51a71bd3a4512c29b482ed71df151e0075cf4a7cb4a439514cbd788021afa3b54a8ebbbb023abc8bf7b387b4227470f1ee0bf8b271c5bf3defcf7fa9d0e21b1b72838ea3d7e199280fcf05a2ab60f5d4c67423c9", 0x1000}, {&(0x7f0000001240)="1270134a864162f4e233e33fd2e43622c425eec9da3d5366f25516fa772079b54fc4ee3704afcbfe3924b91a973a3c42d4dcd1863b1be2a50d28b7", 0x3b}], 0x3, &(0x7f00000019c0)=[{0xf8, 0x13f, 0x9086, "0e95dff4e43c84260796cfeddd6c859f3f70933e2df0074ab3f8f4b7b5696841f5bd48e0ef6ee1e90f76727453e59fc2afbec5bff730c01a8016486568b288067b5a465a9b6c5138f2f98e03abfa9b6cb202f7d9182a87d5be2b742bc4c472727ac72917755487943339e252cf0e829572aeaa57f22d4599fc763feb41e69ab95965704c6376862c598d4849c8fc5af19f60d461d1a9cf9b8a9f9971edacb564768cea630c8c11f38b61e063c6290565f5ae906494afc3890a12da9bb78e9921f55869bf1524fa2bcb9b45d88a30e14281a5511e7ce684a5d0cd84c41fc7fc858b0691"}, {0xd8, 0x116, 0x0, "d9563c5b24f9c17b2710daea5f59396e456f10b37d7dad4c870613ef01cf25e9375f468d77724be31ced7885dbd9a2816526a4e40b2a092f4b32007b3072c93088535db7076e67830fb4eb478503fb25b1a880dc1558a6d1c5e3dde6c6741314f5b9048a0c59c3d882275ca21d1974aa66941765374f31438a5f1cf2e55b59c768c912d1bdcafe2b633c9ce8640d43a25fa0a8302a44cf5e0e8be559e115e4f1aa9b3671f74b58af014db40b4df730e8327ef0342cd51c47d17bd52b4212c27190fa42c3ea639aa6"}, {0x1010, 0x11f, 0x9, "8e40f0e0e6df6dd88b6fb8da45b98657471247bcd9f509597392ecd872b1c87ff689de04ec540ab061e481a3813e14faed7a63c72abad66a85b73130ea6ee545909f16fdd06c83f487d10495b161ed1e6c3d35b427bdefc474b2ad7fcd88465a3d662dd49fc8d98514f2a21d2fe423c7866e434f0c434f6ca43603c5302522efd9c192d286df3bb7d1636e1e5f6cc11c738e0fc9d409f309d9f588b114f092c56094e1425c8908e893851fafea4826fa3fc98534da19a2a85738f4bacd4170a0b7223bab14cc096257d0694bab5a17c4773d6e605c702b4c450887aae944e7b2ac484f78fffa27c14aa8780aeb0090729540479dbddaec88064fca581d9d7cf904933888c567913a129ebf4cacaf9740cf75daaa394c50b93b01f5e433d201d01f446d385b39c96a2b1d628862124a3a6ca23e437b783f6dbcedf6742ee31f78c1177fc8bcd94b3bff347aba3afc4880fc1f3937f228d5420aaccc30604da6c6a99c1f7736cc0f0d405b36524f9a0d0a790563b35fa659dbeb9c015ea387fabc9125892e21d51da6a8005bfc87ab4d33c9c420eb0bf425aac885e1ebccabf4c72f638fdeefbe415250666dfafcf70d803de56fbae4deef2e8c789049b81a9458fbbaf9f7fe0ba2f6050f3f62215151258bfea73fa7397db2e334e6c1f17c20fba15d03e2737165e450d015e16dc1c70f0f4e6669ecaa60bcd8afe0c73b2e8af08f8825a3f78442b69bd80c95574800b995ecf746cc68c732e343c8031c0bbe22252956f08e2bf6ecf0adf8403de2d34f842b916468436b485b604a37a4a9e4c50f97e55106ec0939b080d7590ed518a32eb46a38b09ff8bbb5b2e5b3138f8bd7c0edff2017600161b2c38611e9e7a4edd8f058f86d3f2683a02d33a9031819049358094f086a56bac06c3f839cb781e737f4ecb3e8f73fa35dda30456a6cf0ddd3e0c1f1578ee9ac7ccc1b924cbaca60056417b69cdf82b504fde63a8342524ae76bb90f82be6304202f96bf2ddce11ac63e0a053b4d78462c08d46f8844402ae61ed12d1fe2f14f155152462eb2989389b127d8ec677a3fdad98129d1008627a3f090c2f2f492f441f75eca106129c9b914bcffbc992c9aee8f92dad6c8e9b7dcd1970b12d6ca1e034c8e735e33cf35609389b260b9773bf47857e18525958098d4a3905f9005b5f1d36a3538351c79055735a22bf2750f897bd9f5f68bce1c37663d2fa042d90b5975ff9163abcf5b4c9b97396c67193c62a7a8b9e3ebb8c4324629b43237aa51a102b696bc4e5285a6d29b84c847d812a8b6e06e66bb2f42ffb6bda98c34323fd7d8956b42b3ededfd0c18b41a2dd1f35848fd7ce0f38074fd24dc4e83abecc3113b5035d4914ccb4f4b1e19b5db9a4fa0228d3947279972404f6c2bdb59f4204788055b1bd5780aee070adc22448cb9d4f63d1ff2227ac7f6198f17962db9cba647d47e21df81c40c13ab75a0e1231f6cd24117e4a4b92484b20bbb0b5f8f32a92ef2b42b27ed74b684103e459089ae52e90e7ff07e2f71936376fd23c69ec80c0a59c5a34c34a5cefe3d903abf4ddd65d19ba664c325ab012bfa2c276da910e79510303ef74564092fad0a986774bc4e22781b9d21cef584a28c2664635309ea5be8e59cb73b3cf0c3ab92f79d8005b2eb3a5b40a014611d8c23a171d18189927f10ef447e5f5df66aef6d4985f0e8f2bd8ca8face8aaddbfd2d2f141b8e83b6de59e66384e15864551c4a8ea92f8df045e5534ded95e024599a26840b965bbbe0a52af0c80fd0672d0355221bfc51fb78cd70c70bb34beab0f9616b0bf00886ef898ad9bc837f2c0ed02cf619e3bec88c8158c07429692fc6222e3404e5444f02926ff4c6bf80628eb8470983a5bc3b7d9e7af96b52d49287b22f2036df9effa52f3c328812b922ba3b62649e0678a18d332bc52973d8955fc02f85cdb38fd5c49bab088d8ddebfbe2ab7c5540898a07a70e7f827af2235a13bbfe062867709dc95d74e6c572e880e55ede0dc9f4881413d6d0b3237d31093530a22fc5371d91c2072905c1919b9532e4e94e6e10a046b75077a139a96c4349a90af2390495df14eef53ca29d74972369a962e58f12b5e973dd21b49139e8d0a4e8138fbd090a6dba1a29f733cb2c0de626e5c1e3e129b4f0be6200b0f8625d6908a555ad42990e31023b4f9b0580264138f3dfe4851836b697d593080a4085c53d8e3dcf4fa18c256e90d4079b44ee0d80acf538666dd3bd9978d39ffd0cfb993a1fda4ed4441d8b94f717641db9c64d473adf0b3953dc4225fad5009d2b2d2d2901e69acc0760b550a46ed80ec41d56111a8ed206116db8050c2b11190cb7936165587b1c6922f9c0ee69c65a646df804f6a11d960175c86567dddea92ff0c79b47ea4ab52db06e0ba40d706d24e248ec970dab84274c38435b5081b45b37f56bc3ef7c9a0159cb3ffc078a4c5723e32f724dfdf6bd60ceb1021bfae7ad6999bfdea37424c144434f50e5839d64a2002ec013eadbbca011b41b60191c8d5615034f0e6b0be228a9489467e0279769320167a3d4c91b539dedfae62d4ad8532792f1ec1b426aa6acfee5eb195d6c052ebfd0770cd39df6c10437eee64d34e7564e3a02a0f670b072ca2a75da12cd325dcae9d4e9f6512b1a0c503bc60f1d4fed0df64b676a31ec79ddee32d7c17a3dfc8eb73dc323941ceccc934b01d460e6f0a65f7ed3c23f485cf47104214a0491383b9bc12c22f650d280861ba2fed587600b72f09107e90538f0e683600a5ce617117baf746398606cc0a2d196d66937ea95b7d00b07cde20cc12c294c8da6f6a45aac4d6984311fc94dbaee2ad4501311f957e9be8bb01ad5b58675048bdcfc379779c32b9848a824f662ce269cd295443ff3f7318cadc3d91785bd0bae4f724f63615fbeb1c332a05a724dd433614064343a7c39b3de0a58da80885ac47e420c9a7870fec13bee83deb37715023e10fd423f8d8007315800eb0b7bba024b1b1e4c101df3caab616ee4cadb6e4c60364af31087278304823d555beb3146356e88e0ddeac07f90f8844f60f64d18574f6b7acc868d64afc97b7da09ae646c26e679d9b97e531a5fcd1d5c800f12e459dcb4805da95703071e5c997ea296cb522ce9aea7e39e4d42b2b33c5f7209b377a0f18f8167b7bc44db1113f8ae05ae3bf48f52499e62c6585f718ec4d4259454a6819b31759d2b73ad0b7a771488f325818189a657fc00188803d83652e247c94977f81c4885958a6a3c903e33b4b7f1b81eb3d9f8b58d8d6172478077156e644de0342edf9c00b9e729c61fc8a3b57546fe6723862f714accb6af68b7ff82e07f1db3dfca5c0157f3dd4b4371479b43e3fbd662a594cb7530c2c5b24883768601e6d5a7b29d5f354ba034cbb0305a59247b296f55032d69260283b793619a95d017acce93d3b264df76a2a8a53a92d860f4bf1d95a1b5b60cdb36c86e81b3e18bca1a04c8e55f218c6fc4ba213ce609368a52cefd0f6ab5a8e46056df946aca220c4e641e86bd15e0919669db8aac92408c656cb3a0f98b11a546c315f4141e465a873f86c2564c28a681d1d8746ea7d75f3dadf4a402389bb56c35a601e1692639b192b7d58c53a7976c0f36f7b0a93b6131f063810b9b57746aa9ab9947359b149bb38a7594ae5a7335dc485285d8a9f8a40ac722adfc4dc2d7a9cd0ea4e794db7c020b42311ea5241effb074cf455af7bae6994ee683a7590a2dad3f71ef86e23b497a6f700807a81e956d2d7b9a7c38fcd093cfd18a3bf3c5110ee744619c6722ed0a93e4d3f6cf0b0864da45ba5e779fbbbba6929aa1caae14f9c91ca2ac83ec971e08b736c5bc92f169933364c64dccf941739c7610d91d7a9ee8404bb86893c4462d578d8afda2146b42eb535930eafb6b18964659d7a1fa3b61fea349ec54cd43fe9c9142ecaff427821bfb9820130593a0222369852691e3bcce4a5c57bde705f8ac219535340fcb72540e53d4e1943005183f06e3f6de19e96f509bcae299a720c6e7ad6a6c18ae5ad53cc5ed5d3a1650cdf31fe8370902dca62b59452a1aa8f2955b08c83aec32c13326681d82d3fe0b5ab9227e5a70e1f83e18bd5314026b2ed951bf37973de16431290d3abc33ff08fdd27b4f2995abdb91c97bb067db6d9388b9b301128db4c35c8b5f048aa91d7cddb089a537c208e6bbc5d812566918bcfe8578ec0e205b940dff9d83e6922be97de7f88a6edb75df19354b9bf57f97a0a8e71644a4ceaaf84264c6e2d8e9c874977e900db5367506d8bb6a05fe7ece1d7c75bcfc804735cd395f970909e96ff8b4a96d79b41e75da63a7c5b224dbeaf2c2ae932d3f48cecac604d5ae26bbf66fae5505f58b13a4353d761aa138ff1bee1af9d19c4dd268c67bafdd00379639a1abd78df32d820cc3781b964c2de3fc6c9df599a1b9107e70847e8b97f21fbfaa2a311174fde0ed132a595f1aaf39a98b5f01508e8e916892a17979ef43788477ca30c629e143d7299acc3da9ee46a993b65745b02b72e730b43bc220bb2efe1b90d67b8babe09c58aaf067db0696ec4f9a82d4a7a5e837d72c15bd93f8f0b8fe3fa6df8319bb5fcd8494e2d9cc61029cf285901620db09f17a956d476b884e682ae4dadc56b2b5ef59decbe9d0e37cac488d4e9b161910bbc1373309c1ba2461b81d406b1079105170e5e384a127f2262f7a65ff6a1db1a93f29f492ac654e8768d287b0a8dd300e157f6d69736de84dfd3852a809f7568f8996a6059da417b13474d0729689336769c59c31cd7a94d632eec33ce7540428be113ba951c0841e8f077bc0329dcd4cbbe0d5497ef8176cccbf664684c85242217e2d40aee03fc2ca66e5476ca77bd7e23c445c88eb984a5e779a33428f9dac655fba9be304977687d5407dba2d4f8e5c0e80ec3a63209476989fb677dda1cf7e130de9af05a24709bd002f1886e075efe969d196641e9150ffdd77c1fb2091f691ce9e0dcb69ff6e6dd4baaccbb79bbaf546d522d91cd721dee6ed6a0b76127ab9e35693ed5f5a5cd133855e1effcc8099498a73d97623e731094e8b6c0e1d500e68c916cd11700e2805d4dbe0fdcade8ac4e9114306f76e7f172b7e53d57273db6145523be27fcc8d4607de7ffd2e4bf39ba5836bc19327f17050b9cc576cc601cfa51b3d73497f9f67785a5d2f68cf84c460853cb346cc2335ba0801679350918ffc047467c5c1d1b5f25929fe8fb83c206640c9ce59bb9c023319d56df786bf3c7bf2c28c4421eb6bc8b54f5316c7fbabe77fdf70356c2177fa8e389ed30ce7a5730bfa0e4ac5880d9d9665f0cc29de2dbd2359900148594b8fc0801882ef69d9ac491adbe9c21628beba9824ba5d343abde5b65f1f57b41eff2c94fb6bd67c15020320f4acae9d6991cd06632002e195e9ec7f3dfadd3179d86e95f52ce23d2d417a2bd7b6c9c6b4230aeb3992b133e7352b186903f59f3f25b0e4d177604cd1307260ac31db495b6dde34422f513fc53228cfe72a0d1a295c21ee3abe657efd5c5fa8cd7ab1675c81caca1dc752a98570cd0d64a2c4e59fd2960b076e92c41670c6d4c31c1854d3dd9739107d13befa0269ecc265fe1479bee9b0b987265f42bd0a587b03cd8c0e99bc4c3cd7bc22f10af68798bf32e528531cba77112703a5fda803fe003ce7e1a9975b845ab4e231246b2366da0a2cce9265e9a7124b571fdb9d621b5b672ea0b8363b57fbbe34c56198e2643a615c496b4e57448a1a18d01ec27c2de6f59832d82d7b2258"}, {0xe8, 0x12d, 0x2c76, "e23310cb44ef8ec646b7de60915f4e0be5164b0fc3a699bd27b5a73d751e2b7c302480d2f5019418d870c959ebf167808b6da721f30a8e37ce10c136c5785446bde834955820882944fb40a0877b20bbba58af087135d5ccb4abbbb6e8edd9e86ed5bb739b3dde7e72cac9ba7bb293d6e5f957ae28b4cdcb329b2f8052316dac835975034d3e4c6c8ff3441c573de6de047bc104c629cceca2f43edcc86513b902d98bc80c4869d0185f9a5e83b14c234796eb642a3a5b49cb2371a1eaabffefd5ec44de3599d3e827acbf1e28bb6479604f6bbd5f"}, {0xd0, 0x118, 0x4ffc, "fbb0b82324268626cc24febaa26e0c85c6004ffd33b299076c92c011cc4f2e3f1ecb754a756e7af452eaea465f3bffc161cdee9e80900f9f036d211177d1fb4feff758de81827f3ede66f80e43e5da655e3eb7ab60b4708d8fc9857fecd2570883a92514fe3ae56b7a5304ccdc75499f7d1e82d85d82067575190e1c714d9df785f0839d0d8b957b5fdec0d4276b9aa1bcf09eb4a7e273110aef6a60840b3632ca88208860ffa77bf79c5f87749cfec31ea72c1c267679aa1ca13d"}, {0x20, 0x13a, 0x6, "51c0a79383db0bac5e"}, {0xd0, 0x11f, 0x5, "b50bac5b2afefd77611ff74f3924bb7c0293e74648225c39e73c257e08d874ec9fbf9129c8b8206f896307041e06ca7cef00ac06a63fbce4596b4e1f41b932b395102bc3a852fc33ee81e9162a1c9627031170433798b14f79a6c2e450d3ee718756e03c6a50badcf73e40bba45c6973902f14508f3b42bbe3dc8749b55053cd00f3357d0034d847aa08bf68f701a2454cae71d31049c86a8033bf5bc173a2bfa8596ac20e109ea33ae4d506785c285663e80749961c5a35413db9"}], 0x1488}, 0x4040000) 06:11:39 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(0x0, 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:39 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0x3}, &(0x7f0000000140), 0x0, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000140)=""/4096) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000)) [ 394.215694] dns_resolver: Unsupported server list version (0) 06:11:40 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(0x0, 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:40 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:40 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:40 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:40 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@window={0x3, 0x2, 0x7fffffff}, @window={0x3, 0x80000000, 0x3}, @timestamp, @mss={0x2, 0x9}, @timestamp, @window={0x3, 0x4, 0x2}, @timestamp], 0x7) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:40 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(0x0, 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 394.376852] dns_resolver: Unsupported server list version (0) [ 394.401396] dns_resolver: Unsupported server list version (0) [ 394.457461] FAULT_FLAG_ALLOW_RETRY missing 70 [ 394.462202] CPU: 1 PID: 18210 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 394.470796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.480167] Call Trace: [ 394.482776] dump_stack+0x244/0x39d [ 394.486436] ? dump_stack_print_info.cold.1+0x20/0x20 [ 394.491661] handle_userfault.cold.30+0x47/0x62 [ 394.496361] ? userfaultfd_ioctl+0x5610/0x5610 [ 394.500993] ? mark_held_locks+0x130/0x130 [ 394.501016] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 394.510261] ? futex_wait_setup+0x266/0x3e0 [ 394.514596] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 394.519804] ? userfaultfd_ctx_put+0x830/0x830 [ 394.524936] ? print_usage_bug+0xc0/0xc0 [ 394.529013] ? print_usage_bug+0xc0/0xc0 [ 394.533096] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 394.538297] ? print_usage_bug+0xc0/0xc0 [ 394.538317] ? graph_lock+0x270/0x270 [ 394.538334] ? futex_wake+0x304/0x760 [ 394.538359] ? find_held_lock+0x36/0x1c0 [ 394.546209] ? __handle_mm_fault+0x4d19/0x5b70 [ 394.558716] ? lock_downgrade+0x900/0x900 [ 394.562891] ? kasan_check_read+0x11/0x20 [ 394.567068] ? do_raw_spin_unlock+0xa7/0x330 [ 394.571492] ? do_raw_spin_trylock+0x270/0x270 [ 394.576103] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 394.581739] __handle_mm_fault+0x4d26/0x5b70 [ 394.586145] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 394.590984] ? graph_lock+0x270/0x270 [ 394.594818] ? kasan_check_read+0x11/0x20 [ 394.599007] ? graph_lock+0x270/0x270 [ 394.602807] ? rcu_read_unlock_special+0x370/0x370 [ 394.607732] ? graph_lock+0x270/0x270 [ 394.611519] ? graph_lock+0x270/0x270 [ 394.615306] ? find_held_lock+0x36/0x1c0 [ 394.619359] ? find_held_lock+0x36/0x1c0 [ 394.623602] ? handle_mm_fault+0x42a/0xc70 [ 394.627838] ? lock_downgrade+0x900/0x900 [ 394.632022] ? check_preemption_disabled+0x48/0x280 [ 394.637045] ? kasan_check_read+0x11/0x20 [ 394.641192] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 394.646456] ? rcu_read_unlock_special+0x370/0x370 [ 394.651374] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.656907] ? check_preemption_disabled+0x48/0x280 [ 394.661926] handle_mm_fault+0x54f/0xc70 [ 394.665980] ? __handle_mm_fault+0x5b70/0x5b70 [ 394.670550] ? find_vma+0x34/0x190 [ 394.674086] __do_page_fault+0x5f6/0xd70 [ 394.678137] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.683668] do_page_fault+0xf2/0x7e0 [ 394.687467] ? vmalloc_sync_all+0x30/0x30 [ 394.691613] ? error_entry+0x70/0xd0 [ 394.695332] ? trace_hardirqs_off_caller+0xbb/0x310 [ 394.700337] ? trace_hardirqs_on_caller+0xc0/0x310 [ 394.705256] ? syscall_return_slowpath+0x5e0/0x5e0 [ 394.710178] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.715102] ? trace_hardirqs_on_caller+0x310/0x310 [ 394.720108] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 394.725554] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 394.730562] ? prepare_exit_to_usermode+0x291/0x3b0 [ 394.735579] ? page_fault+0x8/0x30 [ 394.739117] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.743947] ? page_fault+0x8/0x30 [ 394.747474] page_fault+0x1e/0x30 [ 394.750918] RIP: 0033:0x4510a0 [ 394.754101] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 394.773005] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 394.778357] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 394.785612] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 394.792873] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 394.800138] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 394.807400] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:40 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:40 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = request_key(&(0x7f0000000000)='.dead\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000140)="0200", 0xfffffffffffffffa) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x0, r1) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:40 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f0000000000)={"0200"}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) 06:11:40 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02006c"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:40 executing program 2: r0 = socket$inet6(0xa, 0x400000000000803, 0x3) ioctl(r0, 0x400001000008912, &(0x7f0000000140)="0a5c2d023c126285718070") bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000006500000008ffffffad0301000000000095000000000000006916000000000000bf67000000000000570600000f0000006706000002000000070600000ee60000bf050000000000001f650000000000006707000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x81, 0x20000000000006, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x75c5, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000200)={0xff, @dev={0xac, 0x14, 0x14, 0x1f}, 0x4e23, 0x4, 'lblcr\x00', 0x4, 0x2411, 0x15}, 0x2c) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:40 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f00000000c0)={{0x20, 0x8373}, {0x608, 0x401}, 0x81, 0x1, 0x6}) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}}, 0x4, 0x100, 0x10003, 0x8, 0xa}, &(0x7f0000000040)=0xfffffffffffffec5) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={r4, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 395.123301] FAULT_FLAG_ALLOW_RETRY missing 70 [ 395.131063] CPU: 0 PID: 18225 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 395.139669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.149050] Call Trace: [ 395.149075] dump_stack+0x244/0x39d [ 395.149096] ? dump_stack_print_info.cold.1+0x20/0x20 [ 395.160484] ? preempt_schedule+0x4d/0x60 [ 395.164658] handle_userfault.cold.30+0x47/0x62 [ 395.169343] ? userfaultfd_ioctl+0x5610/0x5610 [ 395.173925] ? mark_held_locks+0x130/0x130 [ 395.178165] ? find_held_lock+0x36/0x1c0 [ 395.182224] ? futex_wake+0x613/0x760 [ 395.186024] ? userfaultfd_ctx_put+0x830/0x830 [ 395.190603] ? kasan_check_read+0x11/0x20 [ 395.194771] ? print_usage_bug+0xc0/0xc0 [ 395.198824] ? do_raw_spin_trylock+0x270/0x270 [ 395.203412] ? print_usage_bug+0xc0/0xc0 [ 395.207466] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 395.212646] ? print_usage_bug+0xc0/0xc0 [ 395.216711] ? graph_lock+0x270/0x270 [ 395.220501] ? futex_wake+0x304/0x760 [ 395.224396] ? find_held_lock+0x36/0x1c0 [ 395.228453] ? __handle_mm_fault+0x4d19/0x5b70 [ 395.233026] ? lock_downgrade+0x900/0x900 [ 395.237205] ? kasan_check_read+0x11/0x20 [ 395.241496] ? do_raw_spin_unlock+0xa7/0x330 [ 395.245907] ? do_raw_spin_trylock+0x270/0x270 [ 395.250483] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 395.256107] __handle_mm_fault+0x4d26/0x5b70 [ 395.260599] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 395.265436] ? graph_lock+0x270/0x270 [ 395.269229] ? kasan_check_read+0x11/0x20 [ 395.273368] ? graph_lock+0x270/0x270 [ 395.277157] ? rcu_read_unlock_special+0x370/0x370 [ 395.282090] ? graph_lock+0x270/0x270 [ 395.285876] ? graph_lock+0x270/0x270 [ 395.289665] ? find_held_lock+0x36/0x1c0 [ 395.293715] ? find_held_lock+0x36/0x1c0 [ 395.297774] ? handle_mm_fault+0x42a/0xc70 [ 395.302002] ? lock_downgrade+0x900/0x900 [ 395.306138] ? check_preemption_disabled+0x48/0x280 [ 395.311144] ? kasan_check_read+0x11/0x20 [ 395.315284] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 395.320552] ? rcu_read_unlock_special+0x370/0x370 [ 395.325471] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.330999] ? check_preemption_disabled+0x48/0x280 [ 395.336011] handle_mm_fault+0x54f/0xc70 [ 395.340065] ? __handle_mm_fault+0x5b70/0x5b70 [ 395.344636] ? find_vma+0x34/0x190 [ 395.348174] __do_page_fault+0x5f6/0xd70 [ 395.352232] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.357764] do_page_fault+0xf2/0x7e0 [ 395.361553] ? vmalloc_sync_all+0x30/0x30 [ 395.365688] ? error_entry+0x70/0xd0 [ 395.369395] ? trace_hardirqs_off_caller+0xbb/0x310 [ 395.374406] ? trace_hardirqs_on_caller+0xc0/0x310 [ 395.379339] ? syscall_return_slowpath+0x5e0/0x5e0 [ 395.384254] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.389089] ? trace_hardirqs_on_caller+0x310/0x310 [ 395.394093] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 395.399532] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 395.404537] ? prepare_exit_to_usermode+0x291/0x3b0 [ 395.409543] ? page_fault+0x8/0x30 [ 395.413077] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.417908] ? page_fault+0x8/0x30 [ 395.421440] page_fault+0x1e/0x30 [ 395.424891] RIP: 0033:0x4510a0 [ 395.428078] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 395.446964] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 395.452326] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 395.459584] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 395.466850] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:11:41 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0xffff, 0x9, 0x0, 0x3000000000000000, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffc}, 0x0, 0xfffffffffffffffe, r0, 0x0) fcntl$setsig(r1, 0xa, 0x4) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in=@rand_addr=0x9, @in6, 0x4e23, 0x8, 0x4e20, 0x0, 0x0, 0xa0, 0x0, 0x3a, 0x0, r2}, {0x6, 0x1, 0xffffffff, 0x2, 0x8000, 0xdc8, 0x8, 0x1}, {0x0, 0x7, 0x80000001, 0xfff}, 0x3, 0x0, 0x0, 0x1, 0x3}, {{@in6, 0x4d5, 0xff}, 0xa, @in6=@local, 0x3507, 0x1, 0x0, 0x4, 0x1, 0x1bf, 0x100000000}}, 0xe8) r3 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) getsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000000)={@broadcast, @rand_addr, @remote}, &(0x7f0000000040)=0xc) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:41 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 395.474110] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 395.481374] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 395.513360] FAULT_FLAG_ALLOW_RETRY missing 70 06:11:41 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000000)={0x1, 0x0, [0x6e, 0x3, 0x8, 0xe692, 0xfff, 0x1ff, 0x5320, 0x10000]}) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000140)=0x6, 0x4) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 395.538061] CPU: 1 PID: 18237 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 395.546691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.556147] Call Trace: [ 395.558748] dump_stack+0x244/0x39d [ 395.562381] ? dump_stack_print_info.cold.1+0x20/0x20 [ 395.567604] handle_userfault.cold.30+0x47/0x62 [ 395.572278] ? _raw_spin_unlock_irq+0x27/0x80 [ 395.576791] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 395.581404] ? userfaultfd_ioctl+0x5610/0x5610 [ 395.586025] ? mark_held_locks+0x130/0x130 [ 395.590278] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.595840] ? _raw_spin_unlock_irq+0x60/0x80 [ 395.600348] ? finish_task_switch+0x1f4/0x910 [ 395.604858] ? finish_task_switch+0x1b4/0x910 [ 395.609374] ? __switch_to_asm+0x34/0x70 [ 395.613458] ? preempt_notifier_register+0x200/0x200 [ 395.618579] ? __switch_to_asm+0x34/0x70 [ 395.622655] ? __switch_to_asm+0x34/0x70 [ 395.626725] ? __switch_to_asm+0x40/0x70 [ 395.630795] ? __switch_to_asm+0x34/0x70 06:11:41 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f0000000000)={"0200"}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) write$binfmt_script(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="2321202e2f66696c653020646e735f7265736f6c766572002020ff072c2147504c202f6465762f7662699fc00591976c610cc22a6e6f23262a43f855bdc86b3fc2d56bad00202f6465762f7662692300206b657972696e67776c616e30657468310ab98e2002c8f7458a716f698f61f5318efc89d7c2f13b13f27b25ce6cc8d9c0561ea590c9bb8b1836c2c55f08adf0c99a89c12635abb3309272f773e4ed22ca849c75bc51e3d413fa95edd0cc322da4925ec95fd9013459db3a12283d2aa7082b275b6cdb6fb21991bdd366efb7423cc94022c6e3a597348b830035517c989dd9f3b44dd0ad817d7d11cc1398da56ed6d936e00d746846755a3f4b61ba4c21838"], 0xf5) [ 395.634874] ? __switch_to_asm+0x40/0x70 [ 395.639467] ? __switch_to_asm+0x34/0x70 [ 395.643536] ? __switch_to_asm+0x40/0x70 [ 395.647605] ? __switch_to_asm+0x34/0x70 [ 395.651682] ? print_usage_bug+0xc0/0xc0 [ 395.655757] ? __switch_to_asm+0x40/0x70 [ 395.659839] ? __switch_to_asm+0x34/0x70 [ 395.663905] ? __switch_to_asm+0x40/0x70 [ 395.667984] ? __schedule+0xa49/0x21e0 [ 395.671882] ? print_usage_bug+0xc0/0xc0 [ 395.675967] ? graph_lock+0x270/0x270 [ 395.679784] ? mark_held_locks+0xc7/0x130 [ 395.683957] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 395.688731] ? find_held_lock+0x36/0x1c0 [ 395.692819] ? __handle_mm_fault+0x4d19/0x5b70 [ 395.697424] ? lock_downgrade+0x900/0x900 [ 395.701594] ? kasan_check_read+0x11/0x20 [ 395.705756] ? do_raw_spin_unlock+0xa7/0x330 [ 395.710177] ? do_raw_spin_trylock+0x270/0x270 [ 395.714909] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 395.720563] __handle_mm_fault+0x4d26/0x5b70 [ 395.724998] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 395.729858] ? graph_lock+0x270/0x270 [ 395.733679] ? kasan_check_read+0x11/0x20 [ 395.738332] ? graph_lock+0x270/0x270 [ 395.742136] ? rcu_read_unlock_special+0x370/0x370 [ 395.747068] ? graph_lock+0x270/0x270 [ 395.750983] ? graph_lock+0x270/0x270 [ 395.754836] ? find_held_lock+0x36/0x1c0 [ 395.758907] ? find_held_lock+0x36/0x1c0 [ 395.762987] ? handle_mm_fault+0x42a/0xc70 [ 395.767216] ? lock_downgrade+0x900/0x900 [ 395.771361] ? check_preemption_disabled+0x48/0x280 [ 395.776383] ? kasan_check_read+0x11/0x20 [ 395.780521] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 395.785798] ? rcu_read_unlock_special+0x370/0x370 [ 395.791226] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.796753] ? check_preemption_disabled+0x48/0x280 [ 395.801783] handle_mm_fault+0x54f/0xc70 [ 395.805857] ? __handle_mm_fault+0x5b70/0x5b70 [ 395.810434] ? find_vma+0x34/0x190 [ 395.813976] __do_page_fault+0x5f6/0xd70 [ 395.818032] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.823573] do_page_fault+0xf2/0x7e0 [ 395.827375] ? vmalloc_sync_all+0x30/0x30 [ 395.831511] ? error_entry+0x70/0xd0 [ 395.835216] ? trace_hardirqs_off_caller+0xbb/0x310 [ 395.840738] ? trace_hardirqs_on_caller+0xc0/0x310 [ 395.845659] ? syscall_return_slowpath+0x5e0/0x5e0 [ 395.850589] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.855422] ? trace_hardirqs_on_caller+0x310/0x310 [ 395.860430] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 395.865873] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 395.870884] ? prepare_exit_to_usermode+0x291/0x3b0 [ 395.875891] ? page_fault+0x8/0x30 [ 395.879422] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.884257] ? page_fault+0x8/0x30 [ 395.887797] page_fault+0x1e/0x30 [ 395.891244] RIP: 0033:0x4510a0 [ 395.894429] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 395.913329] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 395.918680] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 395.925941] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 06:11:41 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02ffff"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 395.933199] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 395.940971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 395.948236] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:41 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585604, &(0x7f00000005c0)={0x1, 0x0, {0x7ff, 0x22, 0x100f, 0xb, 0xc, 0x2, 0x0, 0x7}}) add_key(&(0x7f00000006c0)='.dead\x00', &(0x7f0000000700)={'syz', 0x0}, &(0x7f0000000740)="1b781e4f1e85ed9dbe1ff17d2447d2f8a4c364df8f052c50194c73189d1a48afa9feafa81774cd27153c142a3dd9bce770fc2c91973849fad006bd4fb75b37f159aad7c6323d42341e5d2203be52af4f9c6868e9a2cedc5210e8ecb4a94dc09db351b22dc3989250ae319f2894ccf167c31676874c8b4df7843bd1344a93f2ed9921160ee7b6e35036eb92cb1efc2a921e7d2d86fbba54dae6a7be55be6fd75c7e12df8b9b11c04ea3e838c9c8b7d98a0e", 0xb1, 0xfffffffffffffffe) r2 = request_key(&(0x7f0000000840)='pkcs7_test\x00', &(0x7f0000000880)={'syz', 0x3}, &(0x7f00000008c0)="0200", 0xfffffffffffffffd) add_key(&(0x7f00000001c0)='dns_resolver\x00', &(0x7f0000000980)={"0200", 0x3}, &(0x7f0000000900)="f3382cc69c10eb53e2f5aeb07fcfd514e921b76f7d909236be53e6fcffffffd481b7fa6858", 0x25, r2) splice(r1, &(0x7f0000000640), r0, &(0x7f0000000680)=0x3e, 0x8000, 0x9) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)={0xe4, r3, 0x421, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x20, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_LINK={0x48, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}]}, @TIPC_NLA_BEARER={0x54, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'bond0\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'bridge_slave_1\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9f}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x8004}, 0x40884) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="00022dbd7000fbdbdf250a000000100007000c000400050000000000000018000200080002000900000008000100810000000400040010000200080001000300000004000400300005001400020008000300000000000800030005000000080001006574680008000100756470000800010075647000040009004c000100100001007564703a73797a300000000038000400200001000a004e2001000000fe8000000000000000000000000000aa040000001400020002004e20ac14141400000000000000005000010008000300fd00000044000400200001000a004e24e5870000fe8000000000000000000000000000bb00000000200002000a004e2001000080ff020000000000000000000000000001ffffffff34000400240007000800040081000000080001000b000000080003000002000008000300000100000c00010073797a30000000002800050008000100756470001c0002000800040002b3000008000300090000000800030087180000280002000400040008000100ff0100000400040008000200f8b500000400040008000100dd0b0000"], 0x1a0}}, 0x20000094) socket$inet6(0xa, 0xa, 0xffffffffffffffe0) 06:11:41 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:41 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x1, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) 06:11:41 executing program 2: r0 = socket$inet6(0xa, 0x400000000000803, 0x3) ioctl(r0, 0x400001000008912, &(0x7f0000000140)="0a5c2d023c126285718070") bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000006500000008ffffffad0301000000000095000000000000006916000000000000bf67000000000000570600000f0000006706000002000000070600000ee60000bf050000000000001f650000000000006707000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x81, 0x20000000000006, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x75c5, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000200)={0xff, @dev={0xac, 0x14, 0x14, 0x1f}, 0x4e23, 0x4, 'lblcr\x00', 0x4, 0x2411, 0x15}, 0x2c) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 396.098072] dns_resolver_preparse: 33 callbacks suppressed [ 396.098082] Invalid option length (1042293) for dns_resolver key 06:11:41 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}}, 0x4, 0x100, 0x10003, 0x8, 0xa}, &(0x7f0000000040)=0xfffffffffffffec5) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={r4, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:41 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02007a"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 396.195828] Invalid option length (6014) for dns_resolver key [ 396.226442] FAULT_FLAG_ALLOW_RETRY missing 70 [ 396.240161] CPU: 0 PID: 18278 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 396.248788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.258152] Call Trace: [ 396.260780] dump_stack+0x244/0x39d [ 396.264431] ? dump_stack_print_info.cold.1+0x20/0x20 [ 396.268581] Invalid option length (1042293) for dns_resolver key [ 396.269653] handle_userfault.cold.30+0x47/0x62 [ 396.269682] ? userfaultfd_ioctl+0x5610/0x5610 [ 396.281635] FAULT_FLAG_ALLOW_RETRY missing 70 [ 396.285054] ? mark_held_locks+0x130/0x130 [ 396.285076] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 396.298792] ? futex_wait_setup+0x266/0x3e0 [ 396.303137] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 396.308338] ? userfaultfd_ctx_put+0x830/0x830 [ 396.312942] ? print_usage_bug+0xc0/0xc0 [ 396.317020] ? print_usage_bug+0xc0/0xc0 [ 396.317040] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 396.317056] ? print_usage_bug+0xc0/0xc0 [ 396.317075] ? graph_lock+0x270/0x270 [ 396.326314] ? futex_wake+0x304/0x760 [ 396.326344] ? find_held_lock+0x36/0x1c0 [ 396.326369] ? __handle_mm_fault+0x4d19/0x5b70 [ 396.326388] ? lock_downgrade+0x900/0x900 [ 396.350790] ? kasan_check_read+0x11/0x20 [ 396.354954] ? do_raw_spin_unlock+0xa7/0x330 [ 396.359374] ? do_raw_spin_trylock+0x270/0x270 [ 396.363968] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 396.369613] __handle_mm_fault+0x4d26/0x5b70 [ 396.374039] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 396.378898] ? graph_lock+0x270/0x270 [ 396.382708] ? kasan_check_read+0x11/0x20 [ 396.384792] Invalid option length (1042293) for dns_resolver key [ 396.386871] ? graph_lock+0x270/0x270 [ 396.386889] ? rcu_read_unlock_special+0x370/0x370 [ 396.386914] ? graph_lock+0x270/0x270 [ 396.386931] ? graph_lock+0x270/0x270 [ 396.409356] ? find_held_lock+0x36/0x1c0 [ 396.413429] ? find_held_lock+0x36/0x1c0 [ 396.417505] ? handle_mm_fault+0x42a/0xc70 [ 396.421757] ? lock_downgrade+0x900/0x900 [ 396.425911] ? check_preemption_disabled+0x48/0x280 [ 396.430938] ? kasan_check_read+0x11/0x20 [ 396.430959] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 396.440360] ? rcu_read_unlock_special+0x370/0x370 [ 396.440380] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.440397] ? check_preemption_disabled+0x48/0x280 [ 396.440422] handle_mm_fault+0x54f/0xc70 [ 396.459920] ? __handle_mm_fault+0x5b70/0x5b70 [ 396.464514] ? find_vma+0x34/0x190 [ 396.468072] __do_page_fault+0x5f6/0xd70 [ 396.472149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.477710] do_page_fault+0xf2/0x7e0 [ 396.481536] ? vmalloc_sync_all+0x30/0x30 [ 396.485694] ? error_entry+0x70/0xd0 [ 396.489432] ? trace_hardirqs_off_caller+0xbb/0x310 [ 396.494459] ? trace_hardirqs_on_caller+0xc0/0x310 [ 396.499399] ? syscall_return_slowpath+0x5e0/0x5e0 [ 396.500085] Invalid option length (1042293) for dns_resolver key [ 396.504331] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.504352] ? trace_hardirqs_on_caller+0x310/0x310 [ 396.504365] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 396.504384] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 396.530818] ? prepare_exit_to_usermode+0x291/0x3b0 [ 396.535840] ? page_fault+0x8/0x30 [ 396.539387] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.544234] ? page_fault+0x8/0x30 [ 396.547785] page_fault+0x1e/0x30 [ 396.551249] RIP: 0033:0x4510a0 [ 396.554456] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 396.554465] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 396.554483] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 396.586259] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 06:11:42 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"024800"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:42 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020500"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:42 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"026000"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:42 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000000)={0x8, 0x1000}) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:42 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={'.\x00'}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 396.593537] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 396.600811] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 396.608085] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 396.615347] Invalid option length (1048437) for dns_resolver key 06:11:42 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x40000000000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$KVM_SET_CPUID2(r1, 0x4008ae90, &(0x7f0000000100)={0x2, 0x0, [{0x6, 0x2, 0x0, 0xe3fe, 0x100000000, 0xffff, 0x7}, {0x5, 0x6, 0x6, 0x7fff, 0x1b, 0x4, 0x80000000}]}) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 396.637910] CPU: 1 PID: 18281 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 396.646524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.655883] Call Trace: [ 396.658487] dump_stack+0x244/0x39d [ 396.662133] ? dump_stack_print_info.cold.1+0x20/0x20 [ 396.667366] handle_userfault.cold.30+0x47/0x62 06:11:42 executing program 2: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f00000000c0)={{0x20, 0x8373}, {0x608, 0x401}, 0x81, 0x1, 0x6}) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}}, 0x4, 0x100, 0x10003, 0x8, 0xa}, &(0x7f0000000040)=0xfffffffffffffec5) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={r4, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 396.667397] ? userfaultfd_ioctl+0x5610/0x5610 [ 396.667415] ? mark_held_locks+0x130/0x130 [ 396.667432] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 396.667446] ? futex_wait_setup+0x266/0x3e0 06:11:42 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:42 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 396.667476] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 396.667497] ? userfaultfd_ctx_put+0x830/0x830 [ 396.667521] ? print_usage_bug+0xc0/0xc0 [ 396.667538] ? print_usage_bug+0xc0/0xc0 [ 396.667557] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 396.667573] ? print_usage_bug+0xc0/0xc0 [ 396.667590] ? graph_lock+0x270/0x270 [ 396.667604] ? futex_wake+0x304/0x760 [ 396.667634] ? find_held_lock+0x36/0x1c0 [ 396.667661] ? __handle_mm_fault+0x4d19/0x5b70 [ 396.667678] ? lock_downgrade+0x900/0x900 06:11:42 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x27a0) mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000700)=""/208, 0xd0}], 0x1, 0x1000000000000000) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 396.667713] ? kasan_check_read+0x11/0x20 [ 396.667728] ? do_raw_spin_unlock+0xa7/0x330 [ 396.667743] ? do_raw_spin_trylock+0x270/0x270 [ 396.667762] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 396.667773] Invalid option length (1042293) for dns_resolver key [ 396.667787] __handle_mm_fault+0x4d26/0x5b70 [ 396.667810] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 396.667824] ? graph_lock+0x270/0x270 [ 396.667836] ? kasan_check_read+0x11/0x20 [ 396.667850] ? graph_lock+0x270/0x270 [ 396.667866] ? rcu_read_unlock_special+0x370/0x370 [ 396.667891] ? graph_lock+0x270/0x270 [ 396.667904] ? graph_lock+0x270/0x270 [ 396.667917] ? find_held_lock+0x36/0x1c0 [ 396.667935] ? find_held_lock+0x36/0x1c0 [ 396.667958] ? handle_mm_fault+0x42a/0xc70 [ 396.667973] ? lock_downgrade+0x900/0x900 [ 396.667989] ? check_preemption_disabled+0x48/0x280 [ 396.668008] ? kasan_check_read+0x11/0x20 [ 396.668020] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 396.668036] ? rcu_read_unlock_special+0x370/0x370 [ 396.668052] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.668067] ? check_preemption_disabled+0x48/0x280 [ 396.668087] handle_mm_fault+0x54f/0xc70 [ 396.668105] ? __handle_mm_fault+0x5b70/0x5b70 [ 396.668123] ? find_vma+0x34/0x190 [ 396.668144] __do_page_fault+0x5f6/0xd70 [ 396.668159] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.668181] do_page_fault+0xf2/0x7e0 [ 396.668198] ? vmalloc_sync_all+0x30/0x30 [ 396.668221] ? error_entry+0x70/0xd0 [ 396.668237] ? trace_hardirqs_off_caller+0xbb/0x310 [ 396.668249] ? trace_hardirqs_on_caller+0xc0/0x310 [ 396.668264] ? syscall_return_slowpath+0x5e0/0x5e0 [ 396.668277] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.668292] ? trace_hardirqs_on_caller+0x310/0x310 [ 396.668306] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 396.668321] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 396.668337] ? prepare_exit_to_usermode+0x291/0x3b0 [ 396.668352] ? page_fault+0x8/0x30 [ 396.668369] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.668385] ? page_fault+0x8/0x30 [ 396.668400] page_fault+0x1e/0x30 [ 396.668412] RIP: 0033:0x4510a0 [ 396.668426] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 396.668434] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 396.668445] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 396.668454] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 396.668463] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 396.668471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 396.668480] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 396.681618] Invalid option length (1042293) for dns_resolver key [ 396.746006] Invalid option length (1042293) for dns_resolver key [ 396.761982] Invalid option length (1042293) for dns_resolver key [ 396.992837] FAULT_FLAG_ALLOW_RETRY missing 70 [ 397.019397] CPU: 0 PID: 18323 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 397.030089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.030096] Call Trace: [ 397.030120] dump_stack+0x244/0x39d [ 397.030142] ? dump_stack_print_info.cold.1+0x20/0x20 [ 397.036760] ? preempt_schedule+0x4d/0x60 [ 397.036777] handle_userfault.cold.30+0x47/0x62 [ 397.036793] ? userfaultfd_ioctl+0x5610/0x5610 [ 397.036805] ? mark_held_locks+0x130/0x130 [ 397.036842] ? find_held_lock+0x36/0x1c0 [ 397.036888] ? futex_wake+0x613/0x760 [ 397.036920] ? userfaultfd_ctx_put+0x830/0x830 [ 397.036965] ? kasan_check_read+0x11/0x20 [ 397.036995] ? print_usage_bug+0xc0/0xc0 [ 397.037013] ? do_raw_spin_trylock+0x270/0x270 [ 397.037043] ? print_usage_bug+0xc0/0xc0 [ 397.037086] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 397.037110] ? print_usage_bug+0xc0/0xc0 [ 397.037119] ? graph_lock+0x270/0x270 [ 397.037127] ? futex_wake+0x304/0x760 [ 397.037144] ? find_held_lock+0x36/0x1c0 [ 397.037159] ? __handle_mm_fault+0x4d19/0x5b70 [ 397.037168] ? lock_downgrade+0x900/0x900 [ 397.037183] ? kasan_check_read+0x11/0x20 [ 397.037197] ? do_raw_spin_unlock+0xa7/0x330 [ 397.037212] ? do_raw_spin_trylock+0x270/0x270 [ 397.037230] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 397.037257] __handle_mm_fault+0x4d26/0x5b70 [ 397.037281] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 397.061614] ? graph_lock+0x270/0x270 [ 397.061632] ? kasan_check_read+0x11/0x20 [ 397.061649] ? graph_lock+0x270/0x270 [ 397.076178] ? rcu_read_unlock_special+0x370/0x370 [ 397.076203] ? graph_lock+0x270/0x270 [ 397.076220] ? graph_lock+0x270/0x270 [ 397.090739] ? find_held_lock+0x36/0x1c0 [ 397.090758] ? find_held_lock+0x36/0x1c0 [ 397.090786] ? handle_mm_fault+0x42a/0xc70 [ 397.090801] ? lock_downgrade+0x900/0x900 [ 397.090821] ? check_preemption_disabled+0x48/0x280 [ 397.104214] ? kasan_check_read+0x11/0x20 [ 397.104229] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 397.104247] ? rcu_read_unlock_special+0x370/0x370 [ 397.314241] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.314261] ? check_preemption_disabled+0x48/0x280 [ 397.324822] handle_mm_fault+0x54f/0xc70 [ 397.324844] ? __handle_mm_fault+0x5b70/0x5b70 [ 397.324864] ? find_vma+0x34/0x190 06:11:43 executing program 4: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) r1 = syz_open_procfs(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r3 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}}, 0x4, 0x100, 0x10003, 0x8, 0xa}, &(0x7f0000000040)=0xfffffffffffffec5) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000140)={r4, 0x4}, &(0x7f0000000180)=0x8) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:43 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x80, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000007f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:43 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) fcntl$setstatus(r0, 0x4, 0x800) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) 06:11:43 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020074"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 397.324886] __do_page_fault+0x5f6/0xd70 [ 397.324903] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.324929] do_page_fault+0xf2/0x7e0 [ 397.324946] ? vmalloc_sync_all+0x30/0x30 [ 397.324963] ? error_entry+0x70/0xd0 [ 397.324982] ? trace_hardirqs_off_caller+0xbb/0x310 [ 397.324997] ? trace_hardirqs_on_caller+0xc0/0x310 [ 397.325014] ? syscall_return_slowpath+0x5e0/0x5e0 [ 397.325029] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.325047] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.325063] ? __bpf_trace_preemptirq_template+0x30/0x30 06:11:43 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:43 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 397.325081] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 397.325100] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 397.325116] ? __switch_to_asm+0x40/0x70 [ 397.325131] ? page_fault+0x8/0x30 [ 397.325150] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.325167] ? page_fault+0x8/0x30 [ 397.325185] page_fault+0x1e/0x30 [ 397.325197] RIP: 0033:0x4510a0 [ 397.325214] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 397.325223] RSP: 002b:00007fab1fb997a8 EFLAGS: 00010202 [ 397.325236] RAX: 00007fab1fb99850 RBX: 0000000000000003 RCX: 000000000000000e [ 397.325247] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fb99850 [ 397.325256] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 397.325266] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fb9a6d4 [ 397.325276] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:43 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, 0x0) 06:11:43 executing program 2 (fault-call:15 fault-nth:0): r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 397.477359] dns_resolver: Unsupported server list version (0) 06:11:43 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:43 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x4e22, @local}, {0x307, @dev={[], 0x11}}, 0x0, {0x2, 0x4e20, @local}, 'dummy0\x00'}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 397.585357] FAULT_FLAG_ALLOW_RETRY missing 70 [ 397.614496] CPU: 1 PID: 18347 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 397.623117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.632486] Call Trace: [ 397.635095] dump_stack+0x244/0x39d [ 397.639205] ? dump_stack_print_info.cold.1+0x20/0x20 [ 397.644435] handle_userfault.cold.30+0x47/0x62 [ 397.649152] ? userfaultfd_ioctl+0x5610/0x5610 [ 397.653755] ? mark_held_locks+0x130/0x130 [ 397.658006] ? __sanitizer_cov_trace_cmp4+0x16/0x20 06:11:43 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f00000001c0)={0x0, 0x0}) write$sndseq(r0, &(0x7f0000000280)=[{0x8, 0x417000000, 0xfffffffffffffffb, 0x6, @tick=0x3, {0xfffffffffffffffa, 0x4}, {0x5, 0x1}, @ext={0xf8, &(0x7f0000000000)="9fe887756fc0561b30f249ba86a98452890dfb1b15e52b10aaa9ec02f9fcd7cd6c730f57e2c674fe2b142880324ad86adae29d249501c8960412903b7c878990a03b5ff15c85cb1ffccd7c1778c6f1a5ce9a1a8c331cc3ee766d9f763d68a00f7510a2c1e61d427463d6856d459ead26cd814fa5ab66a90588355f8eb4ab4c08292192b8cc8bca706253d82e88fa3c46bea6bb71218bc9fd01636c42c2d109403cd0a82519506b22977473103223c48ea108b07ac28dfbef7f6af5db3d94a9338c9d062b7a1c04d6fa75378b25db112e74694f99fe574685e1d39983493f3d565246d12a9fb3220ca17a391507679ce8667bb4a0d171d9a4"}}, {0x10000, 0x3ff, 0x10000, 0x8, @time={0x0, 0x989680}, {0xb38, 0x1}, {0x2, 0x8001}, @queue={0x4, {0x5, 0x8}}}, {0x3, 0x8, 0x2, 0x80000001, @tick=0x1000, {0xfffffffffffffffa, 0x4}, {0x1, 0x9}, @result={0x9, 0xfffffffffffffffd}}, {0x6, 0x74, 0x3, 0x401, @tick=0x8, {0x7}, {0x40, 0x5}, @ext={0x52, &(0x7f0000000140)="1a1feb439233614a0a5bf187e6cfa5e953f902c3be9bc6fd0f226ab9a3f1615a4181479178f2ffd7cd56db53a39ce55ac745ac5086d72148a015b90c0b639b5587b73333fe6354e9ab7e8d54623dcd66507e"}}, {0x4, 0x9, 0x6, 0x6, @time={0x77359400}, {0x0, 0x3}, {0x10001, 0x3}, @result={0x8, 0x8}}, {0xecdd, 0x9, 0x7f, 0x80, @tick=0x80000000, {0x1, 0x1}, {0x7fffffff, 0xfffffffffffff801}, @quote={{0x80, 0x286}, 0x0, &(0x7f0000000200)={0xf2, 0x0, 0xa6, 0x5, @time={r1, r2+10000000}, {0x17c, 0x8}, {0x80}, @raw8={"2c90f8446e7ad737d6afec77"}}}}, {0x243a, 0x3f, 0xfac7, 0x0, @time, {0x8000, 0x400}, {0xd4, 0x20}, @result={0x1, 0xfffffffffffffeff}}, {0x2, 0x2, 0x180000000000, 0x1, @tick=0x20, {0x6, 0x75}, {0xa2a, 0x7}, @quote={{0xfb5, 0x3}, 0x9, &(0x7f0000000240)={0x5e4, 0x2, 0x401, 0xd46, @time={0x0, 0x1c9c380}, {0x24, 0xff}, {0x6, 0xd2}, @raw8={"7e645137d9235af5bcc96b55"}}}}, {0x7fff, 0x3eac5877, 0x5, 0x9, @tick=0x800, {0x6, 0x800}, {0x0, 0x4}, @result={0x8, 0xffffffffffffff4f}}, {0x94a0, 0x100, 0x7, 0x6, @time={0x0, 0x989680}, {0x1, 0xfff}, {0x8, 0x7}, @control={0x5c26, 0x5, 0x9}}], 0x1e0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) [ 397.663035] ? futex_wait_setup+0x266/0x3e0 [ 397.667557] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 397.672766] ? userfaultfd_ctx_put+0x830/0x830 [ 397.677365] ? print_usage_bug+0xc0/0xc0 [ 397.681443] ? print_usage_bug+0xc0/0xc0 [ 397.685519] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 397.690719] ? print_usage_bug+0xc0/0xc0 [ 397.694790] ? graph_lock+0x270/0x270 [ 397.698595] ? futex_wake+0x304/0x760 [ 397.702424] ? find_held_lock+0x36/0x1c0 [ 397.706508] ? __handle_mm_fault+0x4d19/0x5b70 [ 397.711105] ? lock_downgrade+0x900/0x900 [ 397.715277] ? kasan_check_read+0x11/0x20 [ 397.719436] ? do_raw_spin_unlock+0xa7/0x330 [ 397.723863] ? do_raw_spin_trylock+0x270/0x270 [ 397.728467] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 397.734124] __handle_mm_fault+0x4d26/0x5b70 [ 397.739005] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 397.743862] ? graph_lock+0x270/0x270 [ 397.744252] FAULT_INJECTION: forcing a failure. [ 397.744252] name failslab, interval 1, probability 0, space 0, times 0 [ 397.747670] ? kasan_check_read+0x11/0x20 06:11:43 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) fsetxattr$security_evm(r0, &(0x7f0000000000)='security.evm\x00', &(0x7f0000000140)=@v2={0x7, 0x2, 0x2, 0x596, 0xfe, "0305a42c59c660f65481db10d39bfae6c2828359b40629b7cebdea45771643d78f6ef90cc884c1c26d84d9f80f54fe7dde87ae9fc158bd6070643cbd68131f96fe8611e7a3b79964fcd95cea4bce71d3bcb5963716d5c47c08209a2d5dd422e1314d9cad96e2a077e1381c5f834b9cf92855c44a710b68f992b775e59a0b98321e6de4d8d682955caab3210c6c54e1667c1e737a38d4fdde132c91f57c34f26e6288fb01543c7fdb2964ce42e8b7a9862283593e7c091a49e6141c2d743be197efe555a7ee3fe7109d1f8c24bf5707f00863b12b008ff36e14bbb4ca42c1fb7ba7a823af9ebcc0f4c45edba1c593e03b161639202cd0751328a21d9e11a5"}, 0x108, 0x0) recvfrom$packet(r0, &(0x7f0000000980)=""/4096, 0x1000, 0x10100, 0x0, 0x0) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 397.747687] ? graph_lock+0x270/0x270 [ 397.747703] ? rcu_read_unlock_special+0x370/0x370 [ 397.747728] ? graph_lock+0x270/0x270 [ 397.747741] ? graph_lock+0x270/0x270 [ 397.747764] ? find_held_lock+0x36/0x1c0 [ 397.783466] ? find_held_lock+0x36/0x1c0 [ 397.787550] ? handle_mm_fault+0x42a/0xc70 [ 397.791800] ? lock_downgrade+0x900/0x900 [ 397.795955] ? check_preemption_disabled+0x48/0x280 [ 397.800990] ? kasan_check_read+0x11/0x20 [ 397.805151] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 397.810443] ? rcu_read_unlock_special+0x370/0x370 [ 397.815384] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.820934] ? check_preemption_disabled+0x48/0x280 [ 397.825970] handle_mm_fault+0x54f/0xc70 [ 397.830046] ? __handle_mm_fault+0x5b70/0x5b70 [ 397.834644] ? find_vma+0x34/0x190 [ 397.838661] __do_page_fault+0x5f6/0xd70 [ 397.842731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.848289] do_page_fault+0xf2/0x7e0 [ 397.852108] ? vmalloc_sync_all+0x30/0x30 [ 397.856278] ? error_entry+0x70/0xd0 [ 397.860005] ? trace_hardirqs_off_caller+0xbb/0x310 [ 397.865029] ? trace_hardirqs_on_caller+0xc0/0x310 [ 397.869985] ? syscall_return_slowpath+0x5e0/0x5e0 [ 397.874924] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.879777] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.884807] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 397.890268] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 397.895292] ? prepare_exit_to_usermode+0x291/0x3b0 [ 397.900315] ? page_fault+0x8/0x30 [ 397.903868] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.908719] ? page_fault+0x8/0x30 [ 397.912269] page_fault+0x1e/0x30 [ 397.915724] RIP: 0033:0x4510a0 [ 397.918931] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 397.938284] RSP: 002b:00007fbddc1577a8 EFLAGS: 00010202 [ 397.943657] RAX: 00007fbddc157850 RBX: 0000000000000003 RCX: 000000000000000e [ 397.950933] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fbddc157850 [ 397.958211] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 397.965481] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbddc1586d4 [ 397.965492] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 397.982073] CPU: 0 PID: 18367 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 397.990671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.000027] Call Trace: [ 398.002627] dump_stack+0x244/0x39d [ 398.006283] ? dump_stack_print_info.cold.1+0x20/0x20 [ 398.011477] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 398.017109] should_fail.cold.4+0xa/0x17 [ 398.021173] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 398.026288] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 398.031133] ? find_held_lock+0x36/0x1c0 [ 398.035205] ? find_held_lock+0x36/0x1c0 [ 398.039367] ? seg6_hmac_info_add+0x858/0x13e0 [ 398.043968] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.049434] ? __do_page_fault+0x62e/0xd70 [ 398.053680] __should_failslab+0x124/0x180 [ 398.057915] should_failslab+0x9/0x14 [ 398.061718] kmem_cache_alloc+0x2c4/0x730 [ 398.065866] ? check_preemption_disabled+0x48/0x280 [ 398.070888] getname_flags+0xd0/0x590 [ 398.074694] getname+0x19/0x20 [ 398.077887] do_sys_open+0x383/0x780 [ 398.081614] ? filp_open+0x80/0x80 [ 398.085156] ? trace_hardirqs_off_caller+0x310/0x310 [ 398.090264] __x64_sys_open+0x7e/0xc0 [ 398.094064] do_syscall_64+0x1b9/0x820 [ 398.097950] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 398.103314] ? syscall_return_slowpath+0x5e0/0x5e0 [ 398.108244] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.113086] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.118100] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 398.123115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.128655] ? prepare_exit_to_usermode+0x291/0x3b0 [ 398.133675] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.138526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.143887] RIP: 0033:0x4112b1 [ 398.147080] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 398.165978] RSP: 002b:00007fab1fb997a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 398.173686] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004112b1 [ 398.180967] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fab1fb99850 [ 398.188234] RBP: 000000000072bfa0 R08: 000000000000000f R09: 0000000000000000 [ 398.195504] R10: 0000000000000003 R11: 0000000000000293 R12: 00007fab1fb9a6d4 [ 398.202771] R13: 00000000004c578a R14: 00000000004d9d90 R15: 0000000000000005 06:11:44 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) fcntl$setstatus(r0, 0x4, 0x800) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) 06:11:44 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x2) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000000)) 06:11:44 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000140)={{0x1fa640e4, 0x9, 0x3, 0x5, 0x9, 0x3}, 0x7, 0x7f, 0x1, 0x2, 0x0, "cf0951f1bf9596bd103a5d6b75c6825c3d49e838899820873ccb3441862b627fdc5f7b995759da7b01dc8ff56fb0c6d09a97cbd2b721c0eab2d482c4de3b9b8b3a06c1ec3065f8b88c86981531354e388f7e4c7d51a66789f20a333953a1cd75b9b163385a97a96b0bc92bb02eb19b153d4bbd8636fd03991512b04e4cdbbd23"}) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:44 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:44 executing program 2 (fault-call:15 fault-nth:1): r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:44 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=0x0, &(0x7f0000000040)=0x4) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000140)={r1, 0x4, 0x85e}, 0x8) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:44 executing program 4 (fault-call:3 fault-nth:0): openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:44 executing program 1 (fault-call:11 fault-nth:0): r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:44 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) add_key(&(0x7f0000000000)='rxrpc_s\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000140)="ec88fb52903d2902c6cfbd1c988eb46e3effcfffa2f2ceca28b78f85d789bddc4790d83bc344be2326418258e4a36113dd57032a764173e086294786e2f1bd1ea7d40d488f7bbc4b5f25cf9e", 0x4c, r0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 398.441377] FAULT_FLAG_ALLOW_RETRY missing 70 [ 398.445949] CPU: 0 PID: 18393 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 398.454553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.463913] Call Trace: [ 398.466519] dump_stack+0x244/0x39d [ 398.470184] ? dump_stack_print_info.cold.1+0x20/0x20 [ 398.475411] handle_userfault.cold.30+0x47/0x62 [ 398.480207] ? userfaultfd_ioctl+0x5610/0x5610 [ 398.484806] ? mark_held_locks+0x130/0x130 [ 398.489062] ? mark_held_locks+0x130/0x130 [ 398.490584] FAULT_INJECTION: forcing a failure. [ 398.490584] name failslab, interval 1, probability 0, space 0, times 0 [ 398.493314] ? print_usage_bug+0xc0/0xc0 [ 398.493332] ? rcu_read_unlock_special+0x370/0x370 [ 398.493354] ? userfaultfd_ctx_put+0x830/0x830 [ 398.493374] ? mark_held_locks+0x130/0x130 [ 398.493398] ? print_usage_bug+0xc0/0xc0 [ 398.526408] ? print_usage_bug+0xc0/0xc0 [ 398.530482] ? graph_lock+0x270/0x270 [ 398.534296] ? dput.part.25+0x26d/0x860 [ 398.538285] ? graph_lock+0x270/0x270 [ 398.542100] ? graph_lock+0x270/0x270 [ 398.545939] ? find_held_lock+0x36/0x1c0 [ 398.550055] ? __handle_mm_fault+0x4d19/0x5b70 [ 398.554660] ? lock_downgrade+0x900/0x900 [ 398.558828] ? kasan_check_read+0x11/0x20 [ 398.562982] ? do_raw_spin_unlock+0xa7/0x330 [ 398.567400] ? do_raw_spin_trylock+0x270/0x270 [ 398.571988] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 398.577620] ? find_held_lock+0x36/0x1c0 [ 398.581698] __handle_mm_fault+0x4d26/0x5b70 [ 398.586114] ? get_pid_task+0xd6/0x1a0 [ 398.590101] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 398.594952] ? find_held_lock+0x36/0x1c0 [ 398.599040] ? graph_lock+0x270/0x270 [ 398.602847] ? graph_lock+0x270/0x270 [ 398.606664] ? find_held_lock+0x36/0x1c0 [ 398.610747] ? handle_mm_fault+0x42a/0xc70 [ 398.614988] ? lock_downgrade+0x900/0x900 [ 398.619146] ? check_preemption_disabled+0x48/0x280 [ 398.624703] ? kasan_check_read+0x11/0x20 [ 398.628861] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 398.634146] ? rcu_read_unlock_special+0x370/0x370 [ 398.639093] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.644642] ? check_preemption_disabled+0x48/0x280 [ 398.649681] handle_mm_fault+0x54f/0xc70 [ 398.653752] ? __handle_mm_fault+0x5b70/0x5b70 [ 398.658356] ? find_vma+0x34/0x190 [ 398.661910] __do_page_fault+0x5f6/0xd70 [ 398.665979] ? __ia32_sys_read+0xb0/0xb0 [ 398.670052] do_page_fault+0xf2/0x7e0 [ 398.673857] ? vmalloc_sync_all+0x30/0x30 [ 398.678013] ? error_entry+0x70/0xd0 [ 398.681737] ? trace_hardirqs_off_caller+0xbb/0x310 [ 398.686758] ? trace_hardirqs_on_caller+0xc0/0x310 [ 398.691692] ? syscall_return_slowpath+0x5e0/0x5e0 [ 398.696626] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.701476] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.706515] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 398.711983] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 398.717012] ? prepare_exit_to_usermode+0x291/0x3b0 [ 398.722034] ? page_fault+0x8/0x30 [ 398.725585] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.730439] ? page_fault+0x8/0x30 [ 398.733992] page_fault+0x1e/0x30 [ 398.737441] RIP: 0033:0x4510a0 [ 398.740627] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 398.759542] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 398.764908] RAX: 00007fab1fbba850 RBX: 00007fab1fbbac90 RCX: 000000000000000e [ 398.772181] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 398.779453] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:11:44 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:44 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, r1, 0x0, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x10}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x400}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x15}]}, 0x60}, 0x1, 0x0, 0x0, 0x840}, 0x20000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 398.786725] R10: 0000000000000064 R11: 0000000000000000 R12: 00007fab1fbbb6d4 [ 398.794351] R13: 00000000004c578a R14: 00000000004d9d90 R15: 0000000000000006 [ 398.801665] CPU: 1 PID: 18403 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 398.801983] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 398.810259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.810265] Call Trace: [ 398.810287] dump_stack+0x244/0x39d [ 398.810306] ? dump_stack_print_info.cold.1+0x20/0x20 [ 398.810327] ? should_fail+0xaf1/0xd01 [ 398.842362] should_fail.cold.4+0xa/0x17 [ 398.846432] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 398.846452] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 398.846477] ? find_held_lock+0x36/0x1c0 [ 398.857027] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 398.857050] ? retint_kernel+0x2d/0x2d [ 398.857090] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.875198] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 398.879974] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 398.885454] __should_failslab+0x124/0x180 [ 398.889715] should_failslab+0x9/0x14 [ 398.893542] __kmalloc_track_caller+0x2d5/0x750 [ 398.898238] ? strncpy_from_user+0x5a0/0x5a0 [ 398.902658] ? digsig_verify+0x1530/0x1530 [ 398.906904] ? strndup_user+0x77/0xd0 [ 398.910735] memdup_user+0x2c/0xa0 [ 398.914315] strndup_user+0x77/0xd0 [ 398.917957] __x64_sys_add_key+0x198/0x4f0 [ 398.922207] ? key_get_type_from_user.constprop.6+0x110/0x110 [ 398.927301] FAULT_INJECTION: forcing a failure. [ 398.927301] name failslab, interval 1, probability 0, space 0, times 0 06:11:44 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000240)={0x0, 0xffffffffffffffc0, 0x4}, &(0x7f0000000040)=0x35e) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000140)={r1, @in6={{0xa, 0x4e22, 0x0, @local, 0x81}}}, &(0x7f0000000200)=0x84) [ 398.928097] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.928118] ? trace_hardirqs_off_caller+0x310/0x310 [ 398.928146] do_syscall_64+0x1b9/0x820 [ 398.944679] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 398.959021] ? syscall_return_slowpath+0x5e0/0x5e0 [ 398.963964] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.968818] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.968836] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 398.968855] ? prepare_exit_to_usermode+0x291/0x3b0 [ 398.968876] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.968896] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.968911] RIP: 0033:0x457679 [ 398.997144] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.016141] RSP: 002b:00007fbddc157c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8 [ 399.023868] RAX: ffffffffffffffda RBX: 00007fbddc157c90 RCX: 0000000000457679 [ 399.031151] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000020000080 [ 399.038879] RBP: 000000000072bf00 R08: fffffffffffffffb R09: 0000000000000000 [ 399.046151] R10: 00000000000fffff R11: 0000000000000246 R12: 00007fbddc1586d4 [ 399.053438] R13: 00000000004bd785 R14: 00000000004cced8 R15: 0000000000000005 06:11:44 executing program 2 (fault-call:15 fault-nth:2): r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:44 executing program 4 (fault-call:3 fault-nth:1): openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:44 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 399.071211] CPU: 1 PID: 18393 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 06:11:44 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 399.071222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.071228] Call Trace: [ 399.071254] dump_stack+0x244/0x39d 06:11:44 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) linkat(r1, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000040)='./file0\x00', 0x400) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 399.071276] ? dump_stack_print_info.cold.1+0x20/0x20 [ 399.071296] ? check_preemption_disabled+0x48/0x280 [ 399.071322] should_fail.cold.4+0xa/0x17 [ 399.071339] ? rcu_pm_notify+0xc0/0xc0 [ 399.071359] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 399.071385] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 399.071401] ? fpu__initialize+0x101/0x750 [ 399.071416] ? kernel_fpu_begin+0x20/0x20 [ 399.071435] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.071452] ? check_preemption_disabled+0x48/0x280 [ 399.071485] ? find_held_lock+0x36/0x1c0 [ 399.071522] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.071538] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.071555] ? set_current_blocked+0x40/0x40 [ 399.071579] __should_failslab+0x124/0x180 [ 399.071595] should_failslab+0x9/0x14 [ 399.071611] kmem_cache_alloc+0x2c4/0x730 [ 399.071637] getname_flags+0xd0/0x590 [ 399.071656] getname+0x19/0x20 [ 399.071671] do_sys_open+0x383/0x780 [ 399.071690] ? filp_open+0x80/0x80 06:11:45 executing program 4 (fault-call:3 fault-nth:2): openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:45 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 399.071706] ? trace_hardirqs_on+0x310/0x310 [ 399.071724] ? trace_hardirqs_off_caller+0x310/0x310 [ 399.071746] __x64_sys_open+0x7e/0xc0 [ 399.071765] do_syscall_64+0x1b9/0x820 [ 399.071780] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 399.071798] ? syscall_return_slowpath+0x5e0/0x5e0 [ 399.071813] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.071830] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.071852] ? prepare_exit_to_usermode+0x291/0x3b0 [ 399.071873] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.071896] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.071909] RIP: 0033:0x4112b1 [ 399.071924] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 399.071933] RSP: 002b:00007fab1fbba7a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 399.071945] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004112b1 [ 399.071953] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fab1fbba850 [ 399.071962] RBP: 000000000072bf00 R08: 00007fab1fbba7b0 R09: 000000000072bf00 [ 399.071970] R10: 0000000000000064 R11: 0000000000000293 R12: 00007fab1fbbb6d4 [ 399.071986] R13: 00000000004c578a R14: 00000000004d9d90 R15: 0000000000000006 [ 399.219909] FAULT_INJECTION: forcing a failure. [ 399.219909] name failslab, interval 1, probability 0, space 0, times 0 [ 399.219976] CPU: 1 PID: 18426 Comm: syz-executor4 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 399.219987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.219992] Call Trace: [ 399.220017] dump_stack+0x244/0x39d [ 399.220040] ? dump_stack_print_info.cold.1+0x20/0x20 [ 399.220062] ? __kernel_text_address+0xd/0x40 [ 399.220088] should_fail.cold.4+0xa/0x17 [ 399.220108] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 399.220126] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 399.220141] ? retint_kernel+0x2d/0x2d [ 399.220159] ? trace_hardirqs_on_caller+0xc0/0x310 [ 399.220179] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 399.220195] ? save_stack+0x43/0xd0 [ 399.220210] ? kasan_kmalloc+0xcb/0xd0 [ 399.220226] ? __kmalloc_track_caller+0x159/0x750 [ 399.220238] ? memdup_user+0x2c/0xa0 [ 399.220254] ? graph_lock+0x270/0x270 [ 399.220269] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.220294] ? find_held_lock+0x36/0x1c0 [ 399.220331] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 399.220348] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.220366] ? lock_release+0xa00/0xa00 [ 399.220389] __should_failslab+0x124/0x180 [ 399.220406] should_failslab+0x9/0x14 [ 399.220423] kmem_cache_alloc_node_trace+0x277/0x740 [ 399.220451] __kmalloc_node+0x3c/0x70 [ 399.220478] kvmalloc_node+0xb9/0xf0 [ 399.220500] __x64_sys_add_key+0x33a/0x4f0 [ 399.220521] ? key_get_type_from_user.constprop.6+0x110/0x110 [ 399.220535] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.220553] ? trace_hardirqs_off_caller+0x310/0x310 [ 399.220581] do_syscall_64+0x1b9/0x820 [ 399.220595] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 399.220614] ? syscall_return_slowpath+0x5e0/0x5e0 [ 399.220629] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.220647] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.220664] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 399.220681] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.220697] ? prepare_exit_to_usermode+0x291/0x3b0 [ 399.220719] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.220742] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.220754] RIP: 0033:0x457679 [ 399.220770] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.220779] RSP: 002b:00007fbddc157c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8 [ 399.220794] RAX: ffffffffffffffda RBX: 00007fbddc157c90 RCX: 0000000000457679 [ 399.220804] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000020000080 [ 399.220814] RBP: 000000000072bf00 R08: fffffffffffffffb R09: 0000000000000000 [ 399.220824] R10: 00000000000fffff R11: 0000000000000246 R12: 00007fbddc1586d4 [ 399.220833] R13: 00000000004bd785 R14: 00000000004cced8 R15: 0000000000000005 [ 399.306324] FAULT_FLAG_ALLOW_RETRY missing 70 [ 399.414599] CPU: 0 PID: 18420 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 399.438594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.438601] Call Trace: [ 399.438625] dump_stack+0x244/0x39d [ 399.438648] ? dump_stack_print_info.cold.1+0x20/0x20 [ 399.438675] handle_userfault.cold.30+0x47/0x62 [ 399.438701] ? userfaultfd_ioctl+0x5610/0x5610 [ 399.438716] ? mark_held_locks+0x130/0x130 [ 399.438735] ? mark_held_locks+0x130/0x130 [ 399.460832] ? print_usage_bug+0xc0/0xc0 [ 399.460850] ? rcu_read_unlock_special+0x370/0x370 [ 399.460873] ? userfaultfd_ctx_put+0x830/0x830 [ 399.460893] ? mark_held_locks+0x130/0x130 [ 399.460914] ? print_usage_bug+0xc0/0xc0 [ 399.460929] ? print_usage_bug+0xc0/0xc0 [ 399.460948] ? graph_lock+0x270/0x270 [ 399.475926] ? dput.part.25+0x26d/0x860 [ 399.475948] ? graph_lock+0x270/0x270 [ 399.475965] ? graph_lock+0x270/0x270 [ 399.475989] ? find_held_lock+0x36/0x1c0 [ 399.476013] ? __handle_mm_fault+0x4d19/0x5b70 [ 399.476031] ? lock_downgrade+0x900/0x900 [ 399.490584] ? kasan_check_read+0x11/0x20 [ 399.490601] ? do_raw_spin_unlock+0xa7/0x330 [ 399.490616] ? do_raw_spin_trylock+0x270/0x270 [ 399.490636] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 399.490652] ? find_held_lock+0x36/0x1c0 [ 399.490675] __handle_mm_fault+0x4d26/0x5b70 [ 399.490689] ? get_pid_task+0xd6/0x1a0 [ 399.490710] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 399.505264] ? find_held_lock+0x36/0x1c0 [ 399.505300] ? graph_lock+0x270/0x270 [ 399.505315] ? graph_lock+0x270/0x270 [ 399.505337] ? find_held_lock+0x36/0x1c0 [ 399.505364] ? handle_mm_fault+0x42a/0xc70 [ 399.525089] ? lock_downgrade+0x900/0x900 [ 399.525107] ? check_preemption_disabled+0x48/0x280 [ 399.525130] ? kasan_check_read+0x11/0x20 [ 399.525146] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 399.525163] ? rcu_read_unlock_special+0x370/0x370 [ 399.525180] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.525198] ? check_preemption_disabled+0x48/0x280 [ 399.537122] handle_mm_fault+0x54f/0xc70 [ 399.537143] ? __handle_mm_fault+0x5b70/0x5b70 [ 399.537163] ? find_vma+0x34/0x190 [ 399.537185] __do_page_fault+0x5f6/0xd70 [ 399.537202] ? __ia32_sys_read+0xb0/0xb0 [ 399.537227] do_page_fault+0xf2/0x7e0 [ 399.537243] ? vmalloc_sync_all+0x30/0x30 [ 399.669778] FAULT_FLAG_ALLOW_RETRY missing 70 [ 399.672999] ? error_entry+0x70/0xd0 [ 399.673020] ? trace_hardirqs_off_caller+0xbb/0x310 [ 399.673036] ? trace_hardirqs_on_caller+0xc0/0x310 [ 399.673052] ? syscall_return_slowpath+0x5e0/0x5e0 [ 399.673070] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.030480] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.030497] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 400.030515] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 400.030533] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 400.030550] ? __switch_to_asm+0x40/0x70 [ 400.030564] ? page_fault+0x8/0x30 [ 400.030582] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.030599] ? page_fault+0x8/0x30 [ 400.030615] page_fault+0x1e/0x30 [ 400.030627] RIP: 0033:0x4510a0 [ 400.030644] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 400.030652] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 400.030666] RAX: 00007f5dbe468850 RBX: 00007f5dbe468c90 RCX: 000000000000000e [ 400.030676] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 400.030686] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 400.030696] R10: 0000000000000064 R11: 0000000000000000 R12: 00007f5dbe4696d4 [ 400.030705] R13: 00000000004c578a R14: 00000000004d9d90 R15: 0000000000000006 [ 400.030739] CPU: 1 PID: 18437 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 400.030748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.030752] Call Trace: [ 400.030770] dump_stack+0x244/0x39d [ 400.030790] ? dump_stack_print_info.cold.1+0x20/0x20 [ 400.030819] handle_userfault.cold.30+0x47/0x62 [ 400.030845] ? userfaultfd_ioctl+0x5610/0x5610 [ 400.030862] ? mark_held_locks+0x130/0x130 [ 400.030880] ? mark_held_locks+0x130/0x130 [ 400.030907] ? print_usage_bug+0xc0/0xc0 [ 400.030920] ? rcu_read_unlock_special+0x370/0x370 [ 400.030936] ? userfaultfd_ctx_put+0x830/0x830 [ 400.030958] ? mark_held_locks+0x130/0x130 [ 400.030979] ? print_usage_bug+0xc0/0xc0 [ 400.030995] ? print_usage_bug+0xc0/0xc0 [ 400.031012] ? graph_lock+0x270/0x270 [ 400.031027] ? dput.part.25+0x26d/0x860 [ 400.031043] ? graph_lock+0x270/0x270 [ 400.031056] ? graph_lock+0x270/0x270 [ 400.031077] ? find_held_lock+0x36/0x1c0 [ 400.031103] ? __handle_mm_fault+0x4d19/0x5b70 [ 400.040190] FAULT_INJECTION: forcing a failure. [ 400.040190] name failslab, interval 1, probability 0, space 0, times 0 [ 400.042073] ? lock_downgrade+0x900/0x900 [ 400.042102] ? kasan_check_read+0x11/0x20 [ 400.042116] ? do_raw_spin_unlock+0xa7/0x330 [ 400.258671] ? do_raw_spin_trylock+0x270/0x270 [ 400.263257] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 400.268885] ? find_held_lock+0x36/0x1c0 [ 400.272958] __handle_mm_fault+0x4d26/0x5b70 [ 400.277372] ? get_pid_task+0xd6/0x1a0 [ 400.281270] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 400.286115] ? find_held_lock+0x36/0x1c0 [ 400.290196] ? graph_lock+0x270/0x270 [ 400.293997] ? graph_lock+0x270/0x270 [ 400.297799] ? find_held_lock+0x36/0x1c0 [ 400.301874] ? handle_mm_fault+0x42a/0xc70 [ 400.306146] ? lock_downgrade+0x900/0x900 [ 400.310292] ? check_preemption_disabled+0x48/0x280 [ 400.315310] ? kasan_check_read+0x11/0x20 [ 400.319455] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 400.324988] ? rcu_read_unlock_special+0x370/0x370 [ 400.329916] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.335452] ? check_preemption_disabled+0x48/0x280 [ 400.340476] handle_mm_fault+0x54f/0xc70 [ 400.344540] ? __handle_mm_fault+0x5b70/0x5b70 [ 400.349139] ? find_vma+0x34/0x190 [ 400.352681] __do_page_fault+0x5f6/0xd70 [ 400.356744] ? __ia32_sys_read+0xb0/0xb0 [ 400.360813] do_page_fault+0xf2/0x7e0 [ 400.364614] ? vmalloc_sync_all+0x30/0x30 [ 400.368761] ? error_entry+0x70/0xd0 [ 400.372476] ? trace_hardirqs_off_caller+0xbb/0x310 [ 400.377489] ? trace_hardirqs_on_caller+0xc0/0x310 [ 400.382415] ? syscall_return_slowpath+0x5e0/0x5e0 [ 400.387343] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.392192] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.397206] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 400.403043] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 400.408056] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 400.414724] ? __switch_to_asm+0x40/0x70 [ 400.418793] ? page_fault+0x8/0x30 [ 400.422338] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.427189] ? page_fault+0x8/0x30 [ 400.430727] page_fault+0x1e/0x30 [ 400.434175] RIP: 0033:0x4510a0 [ 400.437838] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 400.456743] RSP: 002b:00007fab1fb997a8 EFLAGS: 00010202 [ 400.462106] RAX: 00007fab1fb99850 RBX: 00007fab1fb99c90 RCX: 000000000000000e [ 400.469368] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fb99850 [ 400.476631] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 400.483892] R10: 0000000000000064 R11: 0000000000000000 R12: 00007fab1fb9a6d4 [ 400.491160] R13: 00000000004c578a R14: 00000000004d9d90 R15: 0000000000000006 [ 400.498452] CPU: 0 PID: 18420 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 400.507041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.516385] Call Trace: [ 400.518967] dump_stack+0x244/0x39d [ 400.522590] ? dump_stack_print_info.cold.1+0x20/0x20 [ 400.527770] ? __lock_acquire+0x62f/0x4c20 [ 400.532015] should_fail.cold.4+0xa/0x17 [ 400.536082] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.541178] ? mark_held_locks+0x130/0x130 [ 400.545495] ? switched_from_fair+0x10/0x10 [ 400.549829] ? print_usage_bug+0xc0/0xc0 [ 400.553884] ? graph_lock+0x270/0x270 [ 400.557674] ? graph_lock+0x270/0x270 [ 400.561470] ? print_usage_bug+0xc0/0xc0 [ 400.565520] ? rcu_read_unlock_special+0x370/0x370 [ 400.570446] ? find_held_lock+0x36/0x1c0 [ 400.574508] ? __sigqueue_alloc+0x251/0x710 [ 400.578831] ? lock_downgrade+0x900/0x900 [ 400.582975] ? check_preemption_disabled+0x48/0x280 [ 400.587984] __should_failslab+0x124/0x180 [ 400.592209] should_failslab+0x9/0x14 [ 400.596006] kmem_cache_alloc+0x47/0x730 [ 400.600064] __sigqueue_alloc+0x3db/0x710 [ 400.604206] ? dequeue_signal+0x630/0x630 [ 400.608354] ? trace_hardirqs_on+0xbd/0x310 [ 400.612666] ? kasan_check_read+0x11/0x20 [ 400.616806] ? try_to_wake_up+0x11c/0x1440 [ 400.621041] ? trace_hardirqs_off_caller+0x310/0x310 [ 400.626674] ? do_raw_spin_trylock+0x270/0x270 [ 400.631253] ? lock_pin_lock+0x350/0x350 [ 400.635313] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 400.640417] ? try_to_wake_up+0x11c/0x1440 [ 400.644669] __send_signal+0xd22/0x1bb0 [ 400.648641] ? prepare_signal+0xe50/0xe50 [ 400.652786] ? rwsem_wake+0x2e5/0x460 [ 400.656580] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 400.661679] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 400.666784] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 400.671975] ? lock_acquire+0x1ed/0x520 [ 400.675940] ? force_sig_info+0x55/0x310 [ 400.680002] ? kasan_check_write+0x14/0x20 [ 400.684227] ? do_raw_spin_lock+0x14f/0x350 [ 400.688541] ? wake_up_q+0xb3/0x100 [ 400.692156] ? rwlock_bug.part.2+0x90/0x90 [ 400.696379] ? trace_hardirqs_on+0x310/0x310 [ 400.700777] ? rwsem_wake+0x2ed/0x460 [ 400.704585] send_signal+0x4a/0xe0 [ 400.708119] force_sig_info+0x250/0x310 [ 400.712095] force_sig_fault+0x12c/0x1d0 [ 400.716146] ? force_sigsegv+0x110/0x110 [ 400.720203] ? up_read+0x157/0x2c0 [ 400.723740] mm_fault_error+0x312/0x390 [ 400.727713] ? find_vma+0x34/0x190 [ 400.731247] __do_page_fault+0xc56/0xd70 [ 400.735578] ? __ia32_sys_read+0xb0/0xb0 [ 400.739639] do_page_fault+0xf2/0x7e0 [ 400.743432] ? vmalloc_sync_all+0x30/0x30 [ 400.747568] ? error_entry+0x70/0xd0 [ 400.751273] ? trace_hardirqs_off_caller+0xbb/0x310 [ 400.756289] ? trace_hardirqs_on_caller+0xc0/0x310 [ 400.761223] ? syscall_return_slowpath+0x5e0/0x5e0 [ 400.766141] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.770982] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.775993] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 400.781454] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 400.786471] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 400.793542] ? __switch_to_asm+0x40/0x70 [ 400.797595] ? page_fault+0x8/0x30 [ 400.801128] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.805962] ? page_fault+0x8/0x30 [ 400.809494] page_fault+0x1e/0x30 [ 400.812937] RIP: 0033:0x4510a0 [ 400.816130] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 400.835024] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 400.840379] RAX: 00007f5dbe468850 RBX: 00007f5dbe468c90 RCX: 000000000000000e [ 400.847644] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 400.854914] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 400.862184] R10: 0000000000000064 R11: 0000000000000000 R12: 00007f5dbe4696d4 [ 400.869442] R13: 00000000004c578a R14: 00000000004d9d90 R15: 0000000000000006 [ 400.880700] FAULT_INJECTION: forcing a failure. [ 400.880700] name fail_page_alloc, interval 1, probability 0, space 0, times 1 06:11:46 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:46 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000002}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@gettfilter={0x2c, 0x2e, 0x220, 0x70bd2b, 0x25dfdbfb, {0x0, r1, {0x5, 0xb}, {0xffff, 0xf}, {0xfff3, 0x7}}, [{0x8, 0xb, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:46 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200fe"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:46 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='.ns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 400.892536] CPU: 0 PID: 18437 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 400.902082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.911441] Call Trace: [ 400.914049] dump_stack+0x244/0x39d [ 400.917712] ? dump_stack_print_info.cold.1+0x20/0x20 [ 400.922926] ? __lock_acquire+0x62f/0x4c20 [ 400.927187] should_fail.cold.4+0xa/0x17 [ 400.931270] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.936395] ? mark_held_locks+0x130/0x130 [ 400.940641] ? mark_held_locks+0x130/0x130 [ 400.944888] ? mark_held_locks+0x130/0x130 [ 400.949135] ? __sigqueue_free.part.29+0x74/0x90 [ 400.953906] ? graph_lock+0x270/0x270 [ 400.957721] ? kmem_cache_free+0x24f/0x290 [ 400.961969] ? graph_lock+0x270/0x270 [ 400.965782] ? __sigqueue_free.part.29+0x74/0x90 [ 400.970558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.976109] ? check_preemption_disabled+0x48/0x280 [ 400.981149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.986872] ? should_fail+0x22d/0xd01 [ 400.990775] ? rcu_pm_notify+0xc0/0xc0 06:11:46 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$nl_crypto(0x10, 0x3, 0x15) r3 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f00000001c0)={"0200"}, &(0x7f0000000200), 0x0, 0xfffffffffffffffb) r4 = geteuid() stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) getresuid(&(0x7f0000001400), &(0x7f0000001440)=0x0, &(0x7f0000001480)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001880)={0x0, r0, 0x0, 0xa, &(0x7f0000001840)='/dev/rtc0\x00', 0xffffffffffffffff}, 0x30) stat(&(0x7f00000018c0)='./file1\x00', &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(r1, 0x10, &(0x7f00000019c0)={0x0, 0x0}) ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000003400)=0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000036c0)=0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000003740)={0x0, r0, 0x0, 0xd, &(0x7f0000003700)='dns_resolver\x00', 0xffffffffffffffff}, 0x30) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000004d00)={0x0, 0x0}, &(0x7f0000004d40)=0xc) r14 = inotify_init1(0x80000) lstat(&(0x7f0000004dc0)='./file1\x00', &(0x7f0000004e00)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000005400)=0x0) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000006600)=0x0) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000006640)={{{@in6=@mcast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@mcast2}}, &(0x7f0000006740)=0xe8) lstat(&(0x7f0000006780)='./file0\x00', &(0x7f00000067c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(r1, 0x10, &(0x7f0000006840)={0x0, 0x0}) lstat(&(0x7f0000006880)='./file0\x00', &(0x7f00000068c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000006940)='./file0\x00', &(0x7f0000006980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000006a00)=0x0) lstat(&(0x7f0000006a40)='./file0\x00', &(0x7f0000006a80)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000006b00)={0x0, 0x0, 0x0}, &(0x7f0000006b40)=0xc) sendmsg$netlink(r0, &(0x7f0000006cc0)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x80000800}, 0xc, &(0x7f0000006540)=[{&(0x7f0000000200)={0x11e0, 0x1c, 0x900, 0x70bd26, 0x25dfdbff, "", [@nested={0x108c, 0x5f, [@generic="357a990c94259cf9d49762e002ee888ba9f9a42fd42afe46be736e45c1460676a93438ca10ae107e550b1ec77f43b0d27141b9e433ab743a1eb79439276b51f32c395c4cdbd5a4044bc9dda5e99b251a190a292fe26146db76440be41d96", @typed={0x8, 0x5c, @ipv4=@multicast1}, @typed={0xc, 0x81, @u64=0x35d}, @typed={0x8, 0x53, @fd=r2}, @typed={0x4, 0x2e}, @typed={0x8, 0x2c, @u32=0x2}, @generic="deb95f295f98c28d77009dbb1cd1c5db7c7beec22abbf4cd338927a8c33fb8e5945337d7639fe9e8a0577294a449b58c3af5d6a90528bda022d9ef60f8e36a34f69c118c32f93a6cc835b3f29c00ca01f79dc63c75b3e5f14f58f7679f4249b31a628cf5761e32c6e72b33d22aef8e9a7351991bbeb22a09e59b70813b06dd4f602d21df5d389a6041e4ff72aa3ed141dea4d6d9d9c0ad06a63305cb0136096e4452f9465bc386f975b74b00f560f4ae0fe0192ee55e972cae75e1b09a400d19c65b08c7f911a26f1cc7728fc749aad9571624cae6ad2a68f12fdf8c6b43c5d5d8efe14d87253ddd0f8ff5acd452ef72063cd13667106017013ce18544871568785af139467b192f13de6e3e23688d0471a915492a633fac662c80a1c77f29ddcb31f1ee0cc277222c12c9c76ca6965df17c3be795895c04d24a9b472f8ea8d62e94dd545362a3634b24fde77f21f8e3f2416746ae2fa7005a00203e2ac0b7e7b65c9b8534f64faee797916f05d7cec46d4493dfefb6b40769737d8ac82193c760e1f956639951a7bbfdab1b62d7dbf124222bda939e9e5038d50466e6525cf3063d8a944f1b4935637507745d939081486546539ae50f26f241204f5e2adb8ebaa306b627b9f6fa0db0646a3c4439b1489b85070eb78511b5de0d7806707ee2a367c434493cb8483071728f5fdc847eb90b9a5688a5dcd11636fb479f008b4bbee211763bb3da3dbcead806a05e913e985abb3715bdbf24133174888c75bd95b2b4288d0a0074f899bd9bc320978b696798022447de96030c73a043220d413930bbe379317737ce359b160a06670704f37922dbf5ed9f75e06e56b78ecd66d69d526ac6de71bc1e00f7bc3c10ef9c3463a41fc64028c482370e3f54aebebd6317a41cf77ed89f555fdc0822d37daecdbd368aff7f21397480ab5ea3ffcc0bd18e35ae5dd4cd0b6686ebc7a167b1535490cc79ff47340d998d5adca6b7a646abe4d45abc72cdabf75125144a3eedc54ee054bfc56852c3dc957d329f7019949adf6a7ae23fa818c7f5b451b8b7d7b15c8679419ef5f6435e7c353c73c6684bc9d1b251f5190f9f52886237f0a794ae9a2bd710f6d5d2e088b39e9b7347ad775899a122b449b72cdcec85c03bd1374e14abd77e0f3a34696627794a0706e56c635849e68a4984bca59302207495117f487501f14b89918f380b16215b911bd07f5ee5b268560e1db3534ead7a1f1bd2d77fb29b95291e1d224b809983bb39cc686554932b89b84bf09500d6abfa441baee0528cb281dadc719ffb2437b07c53dd629a8bdd61228585987e93dec5f7b0fe12f57b5c8d7bce6567a62af2621e9809b12b52aef697e3f4301ec9e27e856ab4ef77b3497226d4156acfb0dc6cd2b4252fdaaa235ebaf97fda409994774b0bb8bc0a440d81ddf9509cfa1a370a13cab89a110d91b93f2ca6d483aa9a0757e9932e1705ecda28359193a9b1951b8323693e328d37b0cbcded391808d8b7815fc0f31fa8306ccec8e2baf9fec7ac5019f27c6f0cc84bf27d99d79a09a9e48b64256ff29f6e2f2655d2dc8e49c075215c3e2a87782cff63cf4b23e31dc1b9235969da191cc725163330e4c8d739f0dcb0848ca83fa6969e16b6e0e644b91b46a334006878da0a1fbb57633643f8b93b7e4b69c3ccbe29b8a9120cb6052a9fb8804756847580cb019865f3ef3521ab2bce4d507dbc5acd4999ce5d23e23ae1fe53fbaed0f192d6ba1a1b03707377a13be982590c6f3221117c33f172f184591ba0715bbad92944972e7a2b38e49861821d99ee6b6818db8c447f3c649b81e95e675b84141055c5c6d9b900b12a61404e02cd6788d477b9851f86b7a7f3f083e0d103bdfdf7f68974a8626b6bb779f14b1c3e2b6d02e7d98496bd960cb2b59f5eaca06cbe0e02be8e51f9ce140dcf112f5436d7c1e8b97ece78de35137ff15423bc88153a7e4dffdfec83e9be56656e317cf20afccd657f52f31fb6a504a9703ff05c5b0bb77adbff043d2f2aed4a9f87aafc7de6f2c15ec6c54f5983abd9093883f34d5b0f554fb9f1b5292e1197456f38de2c09eccc8fe9b4ecb4a169543c7e034d00ec13e678eb6ce54ff6a79d73ad66b95041fb7b4b22abb01bd91b6dbcbdeac9d4e5bef00cfe821c2e16aaa200adf8020ce6983a4cc91dc7f8be16a9901180308f69c8f594a9f1ab256656fea081681887d7c207eca9bb09d8c994a8e7ab02f2451ad2469e8d9b8a55678460c2370601dd682055b083f482a205ff2fc5fd04d849707b83c4d2d532b8b143bcc8691646b27a4fc741eb34267d78ae1527fbc2834dddadc2e1b3600b87e6a89a74788dfabaa3722e19cccd259bf2970ee6cdf26f11b22d39344834ae19b46cb0f98a316dcb67d3036d5898dbd738d4d2d504ad19ef1d5522e7b398a1dda34420fb6676ae7bc6880eb91e04149947efcabb9fd813f748d012e3c31998b48bda5a30ec0290f64093a9848ea24ccb94afc2e417e26722c81b059a077a0fe65fd2d4a93a09548da1a4e8a9b6118fd23441495b80f44e868267633be52f11b62ddfc2d55e5fd1ae4bc3963f2e784fcf07a038fcf47d16e8796998c207c4be794b4135e4d02d5bfeb44cf3581ac18dfd47ebdd7b62a962bbb69265eddffe1fbb879e61b1e297f244b189570f0951119653322d1b30c59b5ac3cf158e1ba435d7a8d9ef632ac92a0c21556648013a17b37bd72c7b457b4bf8b19afca3c22f3990536c895a030c1ddd139906beca06cbbacb690b0ea52b9d2bd9699292be5267efe508e5012a3a85dbd7d6d3f15f91ceb45d949843b7ee8ce9f91488eea5a1eed3f0ac5dfc3792e30fc5ae5065d6e2d03eb8344b9921485e9baeba6ea888ccd177b9de4f4a8e13604d158a79cc5f56d4939239db0d2d2e57af9df6f3a19a6c3abde3cc87b9935e2057734ff74cefd1e3b220821b40d9ac60bec1313c81ab13c84576a514e563aece58e4f4b4bb6db7e09895b9fef2ce9a0241bca559f2db36f0a3a7e9eb8b7465b54853f1de2f0aa6f6ddd1312e723213265c0ca71d0101b47777ed52d3ae83494c721ccabcbe49257dff6b50c09a651c0e44de68f3f4e38c907e37dc9964824659b318074b809744d23e908231865edb558e59975ed993fdbe7cfe88327524ecdd177aa1ab7dc7e4d0e09efb30e1c3ae8863889ab887526b19b55df80810d1b2a8305c282d55bbca3de06afe932beea6a4953dffe3989984fc84ab682ed6ca8f14c66fb127c74163a40a4b8bb453f8a8027da338722d65003377d7b2354184dba91d38acaf12a5ae0582adae872692a65669288632ba6688856f8d7ab3084369a2a0516bb5cb23f8df5cf539892bc8cad19773ea8ebb357c9e406a6a6238fb2227a3e5a44e10036b0924e4f1446b7fc2eb38b0b72cc45e1b5c24bd93068dd204c17120a3e64b7a50847f18254fc82c9932c5dbb58dc383089ec940a13591c8c11bc391d2c10eb57089d76a1557fc0de4010f457df42a7eb60059dcf133141d51200717b0a7682aa49412af2ba3633ac047a0e78f2fc722fcbc78ba8d5e5aaaeebaa9b8eee2bac2691f948c89734d8c1caa5acb58cbf084f45b904cf35996380c84b82f43bdae9e653ec7eeb677d30168baee300243e61aa9538a13318ddf8d7d83d9547629d2bf33b5910b6ff6ec2f11c5a231c09a54b49382f62f0aaabfb876b61c1878eb099d37c63ea4d913d451a205515bbf133d97f570993b4583183f2818e621edb6ee12090f307a4677906752d2c59ad846e87c3e29edf16cabd8caa01a5f87a8041c9542ce7da6d8d4df3933c282a35c24925f4296fa242d0bb276fbf216b99070fa7a64a034823f94032bca02d868eac49c45a51430c155a0cc61c32d550124adffd07594d18a0a64662743ae2caf35b1a81ca21c816482da26ac8732646ba34e79eca0fb28c97b28c377b9329812ace3c64752e8567026edf694e5cfc26116d962355632eb127e7ab7728e9add4f8e1c51ab5ce13c50212c9cc0df803590dc7f0bcbea89f1854313518d15e00c730dfe7b3dd8e812891380c79fd84221ca5f16561ff174edf5c23699665d0cf31bfc11858e99bb72a7d2afde6466687502828655a13b00bc24f0987bc041a6bb1e941a1bef4680e6e2af87fc6c10700b7149ebeb9782c1d69b79923e7f210a42e5ba626ba51ab15cf759e11749dcd313ed5827488b3e9f8c33ad58d37d47926501484ca67718a40a9ee5779026536ee77cb7fbc8084fcaf92206c1208e4dfbdd0d2ee80b1b2d9951659097376be9b5cfcf96812cf9a12135a7b34a06c0de4c0e1af867d1818b693ccafe0cf084927dc46bd4bb9837d02a526cc823fbda96f515405540571935b00edd469397099296b28ef6f647f63f6e9068f384675c088067c4c0a3a2078762437fe39ebe3f48bf99fb56c8c0e55d6d749cfc610de349320d7a964f9a4a7a81c1e14e596fa6ea153c37d9aaafeacd60aa281ea6b1461e5599774668a1fef4c614eeb2d026f9441bfb324866da4fa4d78c56d89cb70d31b3a2cb0b9e9f7f1a79f0e146384bb4353d22bbd0c3ffa26c5856350b2e33b94e2d2ed30196bf3efcd7dbd1b7c598fc962eb453b8365eaf87481f511675dfe3f91808c0c39f7807313cbb65cddf8cc1a8ac8385114b7e4ee9ab3f2a3a70d16a2d6b582bf428e06f909b4562b265c002b2f5059f8bf3e13521bfeb7b5e0238bb876ae6af2f71013e4c01eca80d9484be07ebf63aed5411ccae073a1942acbadbb7bf45e8409f13e912c1d212421a30ee8e6ceb0b12398f4202b02cbfa7a7157772e1d245de1d0f13ceb4de9b89f3f6f2b30c942353f985f17d66933f5b06ccfd40c864ca532a550ccb0ab0cb55ba6690c753e575f752338b88e64b5801035d3cda508e0931c4a4b237b760a0d7a03b904f537e01e161be91f4076eb318e09ea8c029591ecc5651985ede0028e4e9929922c430b15a5737fb3fb8fccc6a3386d9a2524c486ed426a5306e2bcfd812e2f053048952acae37fac807d834f80b5eadcbeb913de87cf098ff45a2990b51baad3e4159b1533db41e0e1ccff2bb86e3089418f64dec316bfada2c5ed1f3ef288b296fe79daaf87950084523f3692e23d2bae5f92523f96f3e66ff6ccbb17917a391868fdb696c98b40b4868865d48db0f3b9d86e372e4ba1bab3e7a2acb972ca8f5364ca6007655e03e2020a7be84cd8ce8c94de963ab13baa18c44d9d2f30f5e93f3565bc19b20957b5b72a450bd176f102f18a5199a59bbeecc652ef6bf42a5fc734ce5d2f1a90120ac535d01e58485c25ccd14517cac3812b5e8bc0c878689bdfc6032c97b401ff908071ece9630b1efbc3b771afb552cc153a7ae9c902ccaf49e8595af4823ca7cbcc5046b902013a3f5d094f04b2e5173b9e91e6d43bf94ebeea66201e81f5cf1567baec73f0b09db6d145a47137bb1f6eaed87b853827a36496caf844be0f243fa7d7547d2d222a3322faa3d2200ab8cc4abf1d2f5efcc7e3e6a0a70a24759eaa629a63c82e4450fe9b2840449db295050aa1aec1e4b8e04413c11d7541adcda97b9d92c0353b313dbe57c1802b5a2e12ac92e3c4343d478df043b3e7578c1c1dba586868dcec71ed9db96fad58533564e6eb4be80aca6dbfc3b2bdfa9dc5b6c1a8b0cd50c37b486ceb92a03e10577b5fe47dc50f8d83891577f210ed66e299fa6f543c2d984c75122c7b45d1f880c29aad45cd93527f705d43232c94e86dd120caba8b1facd071b83a7b65954fb5b81dc5c9da4a7206f6621"]}, @nested={0x144, 0x86, [@generic="0bec7fbe440d73b853807d3bf27e60985ad92ecd0c1e6eb17f0fba69f2b758ba3e2d25cc8391da83aaf011616ec9568729c226262d84db59751dc8b264f8a3fc31a3bbb8107b5387603a479f8d3f35f8f6302286689b06c1b968ea45204366a1cf26dfa6fb8f2843424ff5093969adc8558f7c22fb798f749152bde7041d335c6015feb971042834aeb4dec02ea757009e31604eadb54502938a907bbfd4ccfd9a8fe74362e0ad109ac4889ae64456a401b52cebd375b9a159c14398d6a606611d84c001de40e3cd21910fb5e380c737d23718baa77d88507eb403689b4f241af0a438271d7a4bcc230a75aa773ba168f4a0c97a676979a703551b07d4395e", @generic="e3cc3436492ea2e8efd8419e79888594a97c1e77d6eef9727a8642104df6c80bc8eb0884396907acd00d10a1", @typed={0xc, 0x3b, @u64}, @typed={0x8, 0x42, @fd=r0}]}]}, 0x11e0}, {&(0x7f00000014c0)={0x374, 0x40, 0x100, 0x70bd2d, 0x25dfdbfd, "", [@typed={0x14, 0x76, @ipv6=@loopback}, @typed={0x8, 0x7f, @str='\x00'}, @generic="7733ae52a6b6b2753cdf8193f5f0294b2c943c247c75ca7c089e84ead5e3d9e4e340490131b98fddbcdae126dac0ea482894288074b7022a769f2054c0715af7b5c808d04f8dbc56fba26d6104e249a5f1fda0061a7f5945e253eb5b6a0655059956f2963d775dd5b10b51d6500ea5c696803462495af5a97e768f358411aea0a9269833926c5bac7b0b1a4fb189565b60be3a4c5544209ccb87", @nested={0x18c, 0x4f, [@generic="d5f577059b255a9fe9831dc0109d1d3b4d87f0e5beddb9b9524eb5ee25a56b0772951e01f7482ac417dc0717a48714a9b82404ab2072ee9d8371d33c84d3b7d12ccfbc24f81e1c7bd3614e33cc18ae09756229f7d4518c8b623ae74916e0baed2dbe63359601b8de36da41c19e60332eff2bcf3eef447a37f221cc07e4a5b87704d505c4a72bc420cdd90a066aa9e508f373f8c701fb248d7b901028ce8fb7a9b7fa512080d88a0188c6e974d7c38160c41f0e13e3a78b9460425ea3ab6fa52e4f2e0d23a38192b36ba58665e803a7db3f0ae7", @typed={0x4, 0x66}, @typed={0x8, 0x57, @uid=r4}, @typed={0xa4, 0x92, @binary="7b302265b2ac816b1595bc328a26078d49cb2353aa7a6d37747fb9da2856e72e1869087091658f36195a2247ee7f698d0ee5af76eb3909cb8289474009ebe4d8be5dd85a0cf3836211682508067db8a34b8ec0254236aa3b2f69719c6d161ed59ce7737d0efa05e5f2e0744a44080d68f8fc11d433d003bd74edc5de18a7dd9522a85588f260c08bc8e01eaee75bb1431835b3aa933262c266cb95d2d9"}, @generic="6dc82230dd"]}, @nested={0xdc, 0x83, [@typed={0x8, 0x42, @uid=r5}, @generic="769d7bbdac6ff2e0d0eb1af9cb36aba88e56768c4f89c7afe935616b1dc7c24754a5e68d95d0cad65a57cc12846b59536d1d45e620c82cd564499ba989c1c05e75e6a29eb899d9bc68b7fb8968480597ddd51ceac2cce0189ecbc129f805b6cc448782258070a88a4a78725eb2ef08f4c4bb2a09c2f015179d1f7b415cf1f754597d0be0a2a0c725302e037e7526938950e771ba33", @typed={0x10, 0x30, @str='/dev/vbi#\x00'}, @typed={0x8, 0x7b, @ipv4=@remote}, @typed={0x8, 0x30, @uid=r6}, @generic="2d828bc9ccf6bc2ff13edacc5a3312d3af294b52f2eb6b2f"]}, @generic="046fcf8c517e3d3a2de405a62e440ee32a4b28b1a928c0055b2ee9f14d0bd068898010c5e5c7e6bd16c2e4dd7d56586963e1774c3210ad8f9c8ab453979847eff0fe90de"]}, 0x374}, {&(0x7f0000001a00)={0x1994, 0x20, 0x20, 0x70bd28, 0x25dfdbfb, "", [@generic="eb31dd6fa50cd094a0ef56c50ebbb89da468e90a47e5fd5c444861970629968ceb862a9041c27128b4e4bf7a0bcc115e3281f2e6d42a5a2d4a8b9f5ad26618e40965c950e43d6c8f850f258a53415e4d05d914ae90b3bcbe0364a16051683021a8ff9fe6a4a4455a5d7993c799742fb39715d08594f314e545accba4195b01c9f304f11ac18d1ca9a2f8bc5e20e17d69dff69ab6c9cbd2b7da94ee4f1634d94eb774e417", @nested={0x2d0, 0x46, [@generic="a679c780e8afd79afa247bcb2c826039452e979b09344fa037f6594607e13cbd50138359b4ab9c2e6ac2729ffeaef2564237d7faf0cb3e83e66697b0cdfb9a8331f2a13e3845", @typed={0x14, 0x19, @ipv6=@local}, @generic="608c29c0510b0e81945920e9f548b4f3b918f0c94aedb7ca598ed74717a6331a0564c8f454f03c14347b90d25f423479dda01d904b39d89d1a20e52893d4a58626d8746afb2404a5e26c6c56d1713777820e3704059865e959c134dd021fab7abfb74d484c957a6c1c9ce9b9b135b986d5bcd067702672fb4454f19279e57fdb9d52aa1464bd708f243e03cc4b09beb8bf1b23847e31c03f18379f7dd374bd3874a6976c6c9add0bc3f1cd8b5b6dd7085c55d282a944b99f859c7d0e9424027fa19ad53f3418ae5f8cb69be6c4061ded36e1375e880be56fcab2991013e8694105e47e7893ea9ab3b079cb08256915e7004542be29ef15cfadf5d26a6a0f", @generic="786529fdcfdc3207c2875f816363abbe66e858a942591951fce3a1fabb2d7bda762eb3ad276a0d22c3f2b9bf63d843c8950152a8a788d55c246b8f623e1aa12901f0b4e73faa6d8f43f5490d5c921168484f11289a7e92a8f033d0fbbda315e6281a0799a688bbaf677cec7ba7879485079c4aa590dedb0322c580459cbce316167e4290240a32754f2003f1ac6772c2727d0542af4810e9f6a41cb1546f8708a3588f140341e5ca6b79fecad84dd1e70459532a6ffe7e6b145afead036c77ee01fa17dc06be4d671f10acc12b3ad204368eea257ac47a04a6119dafb70a0e", @typed={0x8, 0x32, @pid=r7}, @generic="5f1911e3d6035a8f500024214aa75e8923c0a5affbffb4f3b6888fa09b9f213239a1f20d3f863085135c1d709a090cd1b549fbf73bd23494d385380e3f38a357beeec055df58da6ef81961d43889caa39ca604905af29d9108a01d371c13ecc9da2818afb15c2ed7f165f45170e24a86af9492afc18cf94dfcf03ae1a5125794f525c3", @generic, @typed={0x8, 0x81, @u32=0x2ca}]}, @typed={0x8, 0x4b, @ipv4=@multicast1}, @typed={0xa0, 0x71, @binary="a6fe497c1d75530d89354da5e9a5db1b1a55ce0b3366894134be686a3d4f0203a158b18a924106d725ae4af2a79509e8b808735ca76e6fc92a2a7ced85c86b1bda6e67678a372b53aa8f3b1ceb0d784279d0530a112fe53b4fd0d243dfe76d832c4592f33e1363789d2fce8518d281d75dfa6fe7c7c39d31e1eb523f93750f6552ba434c895c4e456baefda647b8244b83d7d9dbb210de3c1876"}, @nested={0x1414, 0x44, [@generic="43c7bed14097f5e93d06404c51031d0a673b195985e9b2e276506e10d06bd4e4452b8bd35c8a9f8d5e5e93a53d406ff86bf28a21fb9fa498c2b60236c2245863dd1c3f9a74e88e0a26d6526848a4861069a89bd69a480514a8d9fd1baf26483331feb219b1474105b0359b0223ebc423a409d814257ff236c780df3ddfd614a7ef49a057b201f98f48817853c25ba336f9b3c949a3b38da2f0a6f2de5d2424b016f5776d83ba90f0c6ae3587536c3140d809135804e2668ce98be456d3cf000d7da6d33c49e8af4a9e34d4a23df2541e78e667af2c1af3ffdc4d867e6f971f9ed2d2a429503f5b6a9718dd50e6d1bd3f696046141bff2d14c6402713317b", @generic="0add8cb21180cb73dea7708c8fd40cd546214d2140bb1733e565ca6f12a9cd0567ef0d0f0e79527e1672a04a715de123cc5b10e7b9a80f28686b645a863b66343d261ef581d8b3d7fb5a59f5b1e4ad4235f7ad938d4a6342afa0f504efa8166b5c462cde3a653c30bcc5c7f5d83ff8e48e2c890a173c9275937f22b1b77e73e53103261015bad4dcd9d7743304998fbe89cdd4ff7d7c61516ed5d3cc77323a6987feff261cddd3f71b22482bd3b20d7c078cb815e2e20add615534d0cf8aa694e59248a6aacb0b6805a63924de026697bfda92a5b325fe4ca2d62d54c78495254f0b16f91fc18908c4068ef1cc3f8d0d9cfccfa63ec423d5b2f24bb74e5cf46bbc0ad65038ea3a8d08b9f8663b8d5f9dcc59ad5ff6f16738f70bec037fcde7704ee4501ca6588e980b435f3a56da6c6a3749da604ea2ef62e4682de497fbb93069370a0e8d00603373eb423e36394c4570569d70f3f62692c429cf1c1eaf2874010637448976886a83fcf2f922f9105184b5cc15911ddc8d9fcd9532cabd84236f628913aaa59bf10938bd6220b0e9666f53fec6b5ad7d8bde109a988b6877abfd2441bd8d87a237a4d61d7752879ce3045d98482b3086adf537d26e7406e30b2e213dff57e7933f7963792095f32eb06dfab7c898e0938c484386103886f2b038178d939e436e80c4f69988f8fe7d48ee99aeca86c1b230fba364b3157d558385098089362e8bd20b3a46b8e88e34fd7e140fb8b7c5d4c5715e8dc767490a067009a3950e41909c0c9a48de579e45cdd7fd106b10a634dc1e89b3f759f4ac3e0e609a1abbb9390740344ffea1d66419777d53093ba2c7a05a861dbe6feeca5722fd09aff0be69043935b65ef02a856e964f287700a0aa6ecf4d6b05a2f0ff784092c4da8ee49cf3ff40170790ace1517f804943bbb9cd035c6d93439e87e4278d8d497f9e698579e538054b7d39aaaca2abb7ce07f1ca52d89adb0d2069f3f829313cd3ae67614372bc2dabae6deb7238b72c543cea5d27bf9b14309e08d860b3930bcd826dbd6d64bc768ba9c8447b7d0c160b0f0095dc5598c210bb33670446eebfcba85ab9cd5343cf376522f95c103d1f626c410bec28400a16428f221a90c6bab984c32ed96cab836ccacee1c9e102af57bb0d8d327239ee1062ecc495d9eef7302c9aaef9e2ad7b7f36e702483bde07d8dfde8eecfa8beb9d5a954221244dce8cf4752fcf5a53ed584bcf8b97b1d05c00a057f761102638362cd89bd353e76bcfd08e39b6b12f87c2df0e5a36c11bf2137c7e46805b2c24ae0349dc4a89898ed7441bed40ef9facc97cebcd547d2afd3c76c4fc4aa3b55524fba5adacb3daf041458f5b4d4eca93fe0730ba78aef546cef18bf4001008eff76832915bd4c1cbd6f9d7db665f7cfe35e1876f47b3b259c17b00f89b7dff5501f32073429fbecaa493b23839b37310159857166c62df37eafc2f07ae0525b2433d492e287d4d3d76490080844fa1619f09713f8f14478f539a174f761cf2bbbcf2bc7e19e16f954d9a298d52280bc2e70ee035b32e88b97ef1dfcaa99d466090fc8b6b8752bb673e066ab19a264044d42b8f93c13533068651c83ba12ee71a54a256d6fba054656a4131f404fb59048fd572a673d064527b75056a583f6527e1b78c4d69975c35adccb58586b4aa2bc585686354c8dc93c9790bbb47c70c5d1cb74742f05287d9eefbdfc936805914454e801443fbdc52f0e2f0fe2b9bbad035ee06a9fb0a73d0d5b28d7ef44027107fa3498410db1e04868fc7db38d4f3c09dbdc5aefcd4fc32f72b017addd3834ad23a9ecd16ee578dd1955d0410d38e81307e8b50409d9eb2e5515e727a6b32d160b129bb66dfa9a27960a627402064d2ffa8e1d1f322201511c05785b433927d65843738fc26f77aa54e2f06e3eaeb1c7e1a76e57ca1ee5461d8aaad1ded6c7ec6b3f5e87bc5711dd47f1257d9db315686634da92387f0ed8a497fa2a74cb153e4228320b7fd4fab2178cf63663dea69677c99087f61c8947f1624ff4d05bbe45ec9b9d489479e35148c5ba17f12a047855ac78988a19668873fa8da169bb465a9eb42def3c0ae887a46f341d95cb890401eea54682a67ab227f1ba6af5b237caf44483d6b17fc864c53f90dd92065d613c980930d9a6af548a27c08cad780bd3d888a1a2c27d239a8bc274c1d9229a74678e84a81f1de99d361f1ab53db668c88613903fe35e46ca370465f83835a2a399342849028aa809c513c0d87bc1e9ab387182884a57ce19012b9f202b388947086f879d8bbf09b0d578668b957fa00b4d630e3475bd9d85090e059b243a0b0bc0fe11d66c802e867d4ff96a77a3dd15ff7a2ddbe6b174487a299f6be99086e46a1a19d0127939d464a05228c7200d17847b24c36081a46865ee0ce9c94664be0ea34412744afdc3c7f3df6c8bf56747315ee88bfbca71dba507a4908fdb50807ffc23e7f482519c9ab3af73c32614865b2c45d25cd7de32127ea74e6158305333c92b1d5c74da95202d980c2844c2a5c7b2cd55bea2d346f535dc4cfd7359d7584cb7b6cb401c03588855ecc76a76ff6c78d2c465e43cf7bc35f1d460dab9c7b8f0a350d7106ba1f31ef3aa0ab94dace8317525fae2d310f632c75e17b7cbb57783514fd80d8730c928c97c686fe5bcf0f530f672f48c2316b5b973c48d82b7f3f267080e60ebf2aae035bc4e5140061e5cb48fd106b7c490efc3fb60b4c3c7a41c89500de802905de274d2951166df27dd99dc3f9a239eb7551e90d788e7eebef2d2eee245c7c1e310bfdbb08122cfed6d3af069862835b4ed717d2f916ddd7c1be1110b0a932663af22196ba519a2b8a207a3ccef44691990fa135269cc9c5feba44beed61fcf94527387aa1f9e1ceed111bf974fc6235ada4589363ccd2852405b476f253b573172e745f843cdf89b863be3b1a3c7b0628c95fba8406e78de01cf557ad09654f976a0f796a895be0c3cd754c0af8520d183fc85b0581a8a34f1725eccaa475d38c6bf74d6238ba43e292623bd0ba802f34dea92aef2e45d4b759d50046c81b242316ae72a2d5608cb84225a66553b230710e86de1f0f4e94a3695b70a89007cd851b83fcd5a6ffc4926a4d3b7cc0113bbed12a01b2e687f3ebf6b158b494af9071de0a40087842541cd2748ac7fdac0cff8abe415cb8cf3ce0f439780981ca585be47e910fca76d47a9e7c7c28f430d5ff30b1bb9e28973bcc2821a1cf6b3a9197bb9c1335f71511774af14cd933e85ad913c3cce0eddacc022e3860a85038e173a46c18ead73fe773adc4701e0f0d05ed613671158d43df4bf6e20761340527401f05921ccd6b9a523d41c2d4912b8d390b5024fc6fbd987375a23d99b34a55e799024da72fde24cf24730f1afe13c931513ace82ffae3e0f5dfe163c90ef09b592aa20d15e240c61e3a033431643df84415dbc1e3f50f097ed5097ac1f72e31fabae3173f9ddd2acf6c90a9dd9a06afafafcff7990fd78f9a667ce13f0cda3c85597b1ff0db59647fa5ee1a176c61bec091a521933f7827b8d535a9887275b105a4fa3555c19b40728f14ae385cad8549b9b8ade4b44b79d0f9f5bfd51f90efd4d5a03d10c1b15156aeb1a430857b0e280c814a2b3e3053ea63816a855521966d7cfcbdf0debb09fb234d0c22bac87b98a76652fc7af01a585be741a507648f80ff8f0c3afb8ceffc532b1fba8c59e36e2542c2fe5936a5596fc2e24d08a70b47285f21ede3daaa98e6f163afbe9f8f93f2c651979b50229849a6562cf712bf8a5b1bf0a628866a2ce981952b89718d3154d2f26b8ec0528573b4e3da965db4994bac7467a2014bd0d3a5a8fff2d8b22e807b3b31b9c2ce9d1e393ae13ad2dd5f2485f3733d4e00a5ce23788941f0182717f87df44e16cf01cfba5a9bd9aea319b7cbd2779c0b0c5a033b8ad4ab7996996396eb3a4f1bd1e62999adbeb5350f4d8987130de0fd621eb4b1b1b0f8cb7df274e0ce959ff060bc6c29faff399c98eedc1d08de508ffd7b3300014556251a424192b83ae49cca4d92b3d528c84086c381c8530a59c29a02202e6684a267678aaca97195bea85f62166021d35395c5ad3f58a2344f70ab447e3d5620d2a6484773f66dff8aa40d8e1ee176773dd5d9d6558163d596128afeef5b97570d55f8d2e17c64c4e41d35c84d5fa4d58e0d838d9a769fd92533e436a1a0fdf68379fe79ab8b7370312938a5f4bd30eda5414242435afe2913f6c515ce1fd92c1ddde7f10c0cb5ee671e33d09731fc8789ed5942c9251e60351435090503fbbed9c1f2b8e579afc786a579d1537e0d7202ed64417c8ac6891769db3e76c37747b554d4bf1d711022e56097d89b95e0be9b3550d77d84e1a9ef046016aa76316760e85d2a93fda038467838c2b0dc8873cb172abf3c86f889d6350f596230fc31c65d8a407c2fbd1745d3a393f7e0037625823c3d3ad9ca33470ffefe23ba90b74e51cdd22e7983d064935b0ed5e8c2bb426913c54431e73cba849f30db2b14314fa97e813cb87deec5b06ae6d620f0aebb8cd6e851fdb76041c41998f35d0a213f717ba8c05d64f90fca8d43f983edf69d9eb116c8dd79575aebb21f97685cff8d24d53518a4f29989469f1ecc243cc03ecd58430d0cb2de74c14b1d623c5d8609071eae15cb909d2097a9a8cde8de820c9e6b3e6569d151d8c2765d770c6e005ac50bf4ccb7cc705be606f967b1b4a21a92b3f93500f44d60e616660c141f32beb35c78dffb892fb0be063fc0f5121b1603f204e666754c4352d23c0e4bb133ed51b09e4627c13795a81b38e30fefa166d59b13c79f3d9e14b7f25845b9a0fc41a384b11df96f5a23a7cc6b281eb9da43d74099ef2757d450521e8e0ed72e28d05cbb65580c7cdbd974d221f4b043ec71d66cf0498fc2c7b16fb29b054cb5a30613177381c38366189136200925206dc6f51eab017281b469ab1efb815fa4b0ace5e6350d36ccf40b6879d1011def9ad556fb3ac68c7a98ac04357e7a538b3a26279049bf71c196fbba99887d0701eb839c84a924b594b5c114ce4b49bbef61fc0b0816c9d8da128b01687b0ab7ea13419d175f4fbae0e07720fbd50930ddc2800283c005eaff6b6ba4c6ad9808aba91017f6259dee5bbe43f5c71b43bca3fbdd08cce77e963dfbe1cd2435ba1bbdc41151a33d291cb0d8a170d6920c5a47a5064b94a894d7b212feac908dee36783c21927b02460f935e5e93ce66e159762ab29101d4978f6fae5c9924cf6a974ae93ffb1bf7ec40864300d8ce3462e0f21a3a0c16e91ff69708ab54f3ba8b08b2eb354250425d4bf6ca66179f59eaa9dc7ecf84d74d248552f657c4b9e4d4440af729c0ab2a66f47387889a9954fc254f3f3443d837f3346b404916fb1b9f7af246c6fd0fe23776e2036b05439ce58738416cff4554f699be94805e68b7cf37b27d00bd11d0e4333034fe4d210fd367b7673826d2200442546a27063fb80946011c8fd85580ccb8c9642ca6c228e9f58eb4a03eb61be12e8b8c45ed9e8504224eb08a483722515fe806ce581aab32281c18892d466fe4f59d0cbea87a4e43b10c6237ba44c9b9992522f915129ca20d6926ef8e0b5afdcf2f540c64d38f6c03749c2ea4a5f84b0ccba2f12ec5330b2bcb384af099622fbd882bfb2c01b144428258ffd51fee784d94bbc09dad39642c04f48eb9f37e4bbca62a723272b778a4742056002eb6647c59b3586642c8bc026cdb53e525f326d3d04cfc5acc8e05400", @generic="13421b7b60c1ca00ba1f068551e0869de7091b5cadcfaa491254cb215e4ff368baa46c7884e184f9f59ea0773f86f52e6e22f07b1373b9d681e322db2f28cbe335198bc7eeaf07e6c84ba0b84702744201215028e5fb51ec63f4", @typed={0x8, 0x4, @uid=r8}, @generic="10b3b62731836c325631c3b6da5907c962ac5d6142daa8d738f21739c74bb8a4ab4a8f480c7cfc2aa954da6894ee5a39939498d6349c380274c0fff4194fb9c248e8908bd7025547f4ec8efdc89ee2db27ed08629acd1be0e1b9be798a4848db4c63a609368511b9b7fdc58269709bc397def1af4ce30996410fecf26c157e4b645d41ab64c7d35bd5006fbacd66fdd1243bd26e115ca9f2f7ef75a4bcd2c9a54285ecea771a3c62d091b30434aba20cdddbc95430233fb1fe68e84a4841dc8cecc2a7e95ecf9842e2e027b12200e1159238b38bfd626bd0a577ce236c0966b54dd17cf3407698824250ddb4724541", @typed={0x8, 0x73, @fd=r3}, @generic="18689de74801a64aaf9cbf81ff36094f7dd6353243b6060b03936a68d1a83638477c080e87f200d2a6d5286b9804e0364ca4c57037e0d213799f8ac90140256b7f50194c7c4d5d340d84894498ac08999cc1dfd74769fc7058ad086975ad168f9d05e12a81bed34d2171001cf27fe2f52e95e374deb5d69a87aedcd98d90347b49254aa08ad331769a1cff567858aeddb67502fc301870bd501a040d92b3f369d6fd1fccfdbd9120d277bd37201504a10ed0b1291bd1a8f351eed2a590e1fcf0d3e386c8a73e7177584eb63b45aaedab4a2c43d4b25ddc70c2fc240309addcef", @generic="83cf3c8351a92b4c24a593df7d7f4c8230ad93", @typed={0x8, 0x11, @u32=0x79}, @generic="fbf052aab6763d9abdd5166b2a86a03f4e3d37c0852c37bda0c6b045b76fdc8ce6b54697f9741a6e6107d0fc37f9e79af176e1b39b7822386df5ee563232be766d928887126438b9fdfd32aac1176e779b08987ddc58c1bf8bd2928d6e9a7fdd8a033a2c2c88709767688e88e201aef5f8a9f3342b472eadd3402d0426c25296b15831b4f62422d683b9df386008ceaf9c91c0566d71fd9678beea8dbbef7313980ef19b907b924cb1250dd460575e3cb35976f599a04de9ea1c14d02407"]}, @generic="a5d06a134a6c8b977a64b9", @nested={0x148, 0x0, [@generic="299690", @typed={0x8, 0x2d, @pid=r9}, @generic="9a4950b146248e081c970a612f5e6630bb99650ff4672c384a99be17a56ffa593bf5feb71927aa97be5588563982301d5e72a72c18d332fe63d1b4d2", @generic="2c15ba667e8123aed84cef776f801c34c7be670dbe645d05b33772ded9e3a8b9f90b5cf37da157e44633510bc60a361c08ce862bd597f4be164893799e1347f2d4e36364cfec9f75f08089b4a8841e6442f7146193d27243770ed63a3bf1207b5a71d962a472efcf352d9595165338e0296d5f060dbf75500554892c47201c02849fb21f19972ddca6cba8", @typed={0x14, 0x87, @str='dns_resolver\x00'}, @generic="fac9a6be8edde1e433619f8e9392d6370438ebce24718046081dd615cd792b92c1b9861b11be492b64d7662d51410c12810ce75e2057b8d343529feb5f82f74eaad9c48b5c500203f611b78939f37a2fd476bb1117665baa400429a048e4"]}]}, 0x1994}, {&(0x7f00000033c0)={0x14, 0x42, 0x100, 0x70bd2a, 0x25dfdbfe, "", [@generic="545b6c93"]}, 0x14}, {&(0x7f0000003440)={0x25c, 0x35, 0x200, 0x70bd2c, 0x25dfdbfc, "", [@nested={0x244, 0x4c, [@typed={0x8, 0x7c, @pid=r10}, @typed={0x4, 0x36}, @generic="6099aa4094b0a983a9036dd6111ca270217af644030cb15cd05e06c520c6999108dd74ef0909d223572eb12722b78000bb6489cd56a3717a2f04763d063ba122fa62218bf8553f3513982985c264174bb66f6540b97dc102419c758ed4ac463716207da8f92faacd3ac7f553f879026619e6e264469ad4b02ec9dcf2ecd4499e0c1ecee0f29068f5d36e0a5c2315d16ddfe92b01109106f621d2781a2cc9de75fe11bab63f0a692481f8fd467e4f62107bac4089c61cfa21d21b7a11a67e0a580d70f377f513d1", @generic="625e31adcf39f929e400437d0cce2d3659ae3ab3b6e40e2ca5f8102bcd4565cb4f3526d6bca95d09d5818ab96211f6a34434d6fff7dfccbc619feaf16bcec2bd7feb2e9cf7067b980b88197758637db5606053b27387b655cb020b0e43ce649fe4329bb8bb57a85171ee8d1d51c5f83a9216f70e57f5f03ced3d75dac2d6bc2719d8d1d9aee49a08395bc7e975bb8f84718b2a3554e681e305fb560db5a12caefc7b9c9322963c6ba9a9f01a4bac52d979146c90a7df0de58e90dd16d6a4fc25a16bc0cea1a899d5c48d6fcf724c29340d98f0b6ec097218d5fa2682124dfe", @generic="e8a5f57136b798d6c7fe539589585e2b97bf5c749287939fa91ed4cd6424ba667028765903e7357ed44515d5636197eb982528ff0d70e5f517aad8b70e315ffaf71f10b14103c76c436288537f3006b151b30213ab98f0f7df894fe442b7977d1aa0044b3b38504412f0108f97bbdf39533b5dd651bdc4e325ee4b53c82d37f9ef8d28e2d7260fbd4d1f56b0ab"]}, @typed={0x8, 0x17, @u32=0xb8a}]}, 0x25c}, {&(0x7f0000003780)={0x490, 0x40, 0x208, 0x70bd2d, 0x25dfdbff, "", [@typed={0xc, 0x56, @str='cpuset\x00'}, @nested={0x104, 0x62, [@typed={0x14, 0x30, @ipv6}, @typed={0x8, 0x38, @fd=r0}, @generic="60bce2af0586e552b9d0fd0701a278d8588f77e88554ea73cd7c3a2edd0c91b360910572cc8e5c7eab57a59a25765a75ecda397ecf03964116a63bbac78377d1c8280f3c3be8436dbdbb006a9308e93972f6871ea1f989874b8bc4d5940ec3fcb90677ad870a4c7d778400b3c47ebfec22b714daaa21ffbdc83dfc24f912bc2eb04557e35c606ff91a11e62275560036bd086031bc788922dc72ada571370e7d1f20e91b65bb7cfb26c179d8ba746a31f7949c5625dd8294fb6810", @typed={0xc, 0x30, @u64=0x7fffffff}, @generic="a889cc624465d4ead31f5dae351b535ccb2c7a32174bd7cd25e4650e"]}, @generic="cd7be59fe8d0058836dd6d19f8aa24e281a031d429bff6254d2dc14b348055478aa4441728a6586a950a57dee30551ee83867ed4af9c2d89b202e6ef69105cc41a773b5d51ac511e1e67d69318e74d79335be905c9f11022cb2938acd775dc6261583c5f37f88289641c5106ad71ed730520be3399789a6ca03831143431b947cbc65bd38104cb421163aaa90e", @generic="5706538bcbd5e9a70f45ba243865737dfcf9f1ad848b6db9c0c106e5b3360f2283c7e52bd5b239", @nested={0x17c, 0x11, [@typed={0xc, 0x1a, @u64=0x9}, @generic="7ceb660d5a28d71deb3b68941a111509152d4306d40dc9925f8776535ea7d802494029d96c6df15090b89c180b194d3b5efe2a82dbeac8526dfc83bebf878020ed5fe94384c893fbb7e5d8fd707e0321aceb49995890603894b713e7c512be072265c5ceed1123981376299265da86b0aac74efb", @generic="b705b389e57603329f358638cbd2ef1115e9f4f9226972600577b1bdca0fce39188217ca3e8cdf533965796d1cb9f942e6fd096eb7d62203b5738fecde794dab81feee561405ae4f620fc6d97e27edd9f3d1599f900f024ea869d382ccf22dc54aa4ed3e505c615ff22df6f5cec119bdc1c656fd2d7fc1e61dc9170bbc39dcb3f454337252f574e0a926cc1aaff3dc60100a7cbb626307ad2c38faaa532f123db1c70c3b265c570e3a0227e972b71a65adefbff6706e6f8dfb77a041609774ce220d0841bef47ec6f2ad950ca8a2fbd3e3b828787ee5800058db61c9", @typed={0x8, 0x3c, @fd=r3}, @typed={0x14, 0x83, @ipv6=@mcast2}]}, @generic="816c8bfe28df3e0d4f9b4f56896dfd4a49ef130fa20306927b76e19e288ed2d86e4b85d9302d03021e6bbabf169e20d1663c611d84", @generic="ef9e388d2f3ecf448b8ac160a981f01db234e19f9a519213c696ba2754a3f6166ab228e9d80bb0f13c036fbeab26293e15dc79992a11efc1752427e99b229c2e6cd1bb1fd66c701676fd33d63c558e4e31", @typed={0x8, 0x5f, @ipv4=@rand_addr=0x3}, @typed={0x6c, 0x35, @binary="29a69af1f193758274e12c531cdf660b724a0a538f00fedffbe72659d751f54a95bd81b8fe20da203ca5d266af81fd5521a69c1dfa67278b6c27070bd9b22adbc710834a60cfe292057e45529d15fb2b5ef47d44416f244311364f258928817f0fe2a4116d8144"}, @nested={0x44, 0x2d, [@typed={0x8, 0x19, @ipv4=@dev={0xac, 0x14, 0x14, 0x15}}, @typed={0x8, 0x12, @ipv4=@dev={0xac, 0x14, 0x14, 0x10}}, @typed={0x10, 0x8b, @str='/dev/rtc0\x00'}, @typed={0x8, 0x7a, @pid=r11}, @generic="46bf0ac4587ab2117b2479a01c6ad2", @typed={0x8, 0xd, @pid=r12}]}]}, 0x490}, {&(0x7f0000003c40)={0x109c, 0x3b, 0x0, 0x70bd26, 0x25dfdbfe, "", [@generic="aeb1179c54533cb6087152b68cb561ca70bb635b67b285f3acee685a1ab4ddd65bf22ca4458c139728ad57a988ea77adcce2f4defd6c2863dd01bf3b3f70b428b7a1033f607b3a7d2ba79ebb7037506410c2bff21689c10d007802d98a2d78ef959e3681c2fe5b60af85d98d49e4cbfbdf385e85c77bffd5feee03b64006e9aa69afee8aafaeef83c80bd5282ffd03acd62b693821ec359c8f7718f6258028593280a04be9d70b63e4171a7424ac44e044e2a35e57884e1cd422969c70a8c11c965a5a1ae1e7b05cc4148db0be6ed8ad6d68a590b66ec16403e1ec1a663bf7347d5fcbc4032ca3f0714e8b060913599ece0576c83a137032c23864b7fbee2dd275dee9cb0b31a25d807904988b859c79e760d901745f032ef30ce01061b2de9fe04c34fc8579a24669d01551f63c510c422cae4b7bb2fd2a0e26e12ee5dd78c6dffadb061e48979bb2112ef20fd03fecf2a873588dc070a62293d145566228e4da9237a11f6aa5a1730cea4de4debc78ed749a1ea71bd5ad56f91a960e01e3ecd5007403572e2b81d35410aa535e0150d1f51b1692bb87a2ada4d3e5ac795ed28f6831e87e738a4a98bbd50d7469c2987e7591d79a0f6033e56326fd183619c62464fc309e3617ceb0fd6824e5d9b1da9652e7fb0122f1c7b32652dc1e5f9c621cd2a6d99cdb7f53fdf8ad91e1f6523ebc645e823affa3c131578e0ed07945eb484d04e7ea2065273c5f812d3a0a35ecdd3936637d1dacc7d720956f6aa6778e3dd9efb9f000f499953342ee059411d3b0e539c37fa484b471515542b2421cb84a7d3783ec69e8accd65774f6b9aa023ce0b6bbb1668017ae523481098724ded9d0944c8abca76781774495dfab72c999f3dee9e54a45d528fdb660501c1b4176b1919dfabbbb3fe5baea2a28185afb0cfcade716f80910982928f4f1a0787b9f1d4357c92cd39b34a4c60441cfdde6e954f5b48713f808ac39a945f3aec585737b5f754d6f6700fb8bef06fe1e431f9fe83e9c3ac9d0c15bcb4b4a82ace841b8984dd97a9f1a5bad2884e81da210c728e850bc7c6d1780fca16efd2120a4f84be5daf4859466287d84ccbb2bb155a89ceecac5b70383d3a4ad2fcf1d5fc26cb463854184b2e7a70dc64d154dd4354e4f6e369a627b165f77b814ea82afcc98f327ca93df02394f503fd585e560ce1ebbdc14671975d9babe4321d733e986d1602b7d677ecb9c682f3eabcd39535ec344e760ab927aff86984f785ab10d9570de5d43a7417f6ebc623a52c5c4252cef7441a649492a8e5c2243ddc8780fa4b8fababd1fcba071c441ab0859f205af37a61652dc33c02745b461b91b6a645e1b801ccf07ab217e1f497ade7783df76545ccd1d39e70aca4c708d355ff71c5d107f9728641f1d81edf69cc5f07072b1f5511a59b70523193535fa56dfbfb38f49bdbbf6e893b501b10cba023633bd5a2cdfa50344957b97948ebfe49e3e8d4db7fedca1c4b928707ed37b2f7e1cb87d6bd1e2e33563a3df52d972e41efb37aa570b69dbd0681a70563f028132f9f7d3a85f391fee43d93e5c64c910c28d89bf82a39c1a83092fc84d80b6560577d73844a50391b549599809da3895926790cc4290e3d30fbba1b498e9dc6e68a4022ac08f21f97ba199bab5c1878e7df9f5e0a19757c9e51fe7a55b3289c8c4722211d1a9a1666e865bb81016862c01d116d489083a62dd98db37a8bd090798c6ed2de80f6ef6b441f0f6a70cffeb3e83af20fd05fe5b17f5a23aaff75ab76d7852175a0d2d7e4f6c183e1a072f91c790e8ee5112a46212d3e8ce4de9fbfe98af8daa68aeb3607e0c9bcdbdfaa5fff5e50942cd983f1a40a40c8c93206db6e2bc81aced902d78ec9e89e9dc3a2eb5b21b04fa36042fcc5dd48e0f8c8b5e6b01b11bfec34f6c16583d8f9b7cf79e0fb2639ef02f9e2a2d9572a9f1abd131844c73d3224c616e51d1869cf36cfab07573653a43fcb82a45167820f0a5c0274dd3769cdf0bb0d77e357ac2013c410eb6f108709b1df859b5c87ddad91ae5a70d73eeb8149c8dabbee35ae992639e6450fcadf8f3720d1718e53a12b3e74eb25355653fda296078e605588861dff83553c8965c6e0c3553064833b0ad68d16fc5bf53b09ea54ebc37a432840e6ce3c5233f6d1d1b0204ca3d49efdddc8fb51f7983cd40208467758095e2fb2e72bf931758fcfd993a857dbb1baf7aab0728c92d83d55b5d9f9aa579014b6e48fd2065cdbdff09921c84c891880a1077e069001f2624dd0a5b405dd6d180edc33576d23e1ac53065bc8f4644ba0d3f40a82709d4437fbdbbdfd4917ec3111a4e805bc5dfc2c9c18b112913331afa070bd6e81a2e923bd29625df9b6fb8ba5783ca18b436491b10f3ea758cb7e65ffb28303ed231b0f8dc28fa470837f991bc274de406699afd9e4ab838983ec80323372319f469c8d3e64d98859edc523ed21c8e1fe454baf621727b0d437891a71d114bac569e07cab11cfd2e3edeb7d1fe667ef06fedbfb5446225fd0891578be7df30e6ac99a5517efeb4b37b38b3a5a7fdf315e1115aaa91c938ceda5319711a93eb7bb73bde462ae5a8998c220d0ca621b7f703f7b1330648538de5cd6eb3860e4057d7c346001663af39f3180d90482a8f000ac7b01f132e1cffa270aaba4f2bad31657adda86fa9046fefc44145dafd3b5e26ffc94cb28b540eeee212cf9dbd7efe12a89c4466af2b3e91ffd1a4d3d345f5addc49a726189a45abf93436c9d40f2873b5f76519e433469bd4e565fb781fde4e84a54fe90bb71474adbaa39368087f6842dd6e1feabc268a69c564f69031d38f77cf0327d2f5c2daa554732f77ecb55db7cb57d53d23527b78f363b849624a6357a67865df1546e4074c82bb095c15fde3cc77c9e0efd1bbebfc312e4b7d95379937ae44f0fbdbcc6062d6598f4ca56946768a84bb29a1b4dfab91e2ea8c10df8fc22ab4271b0bafc455bdaa0f0317bcb35b61c1ab871fc599fff2b1f2f2057b1720531b187869774cf7db7cd7ef9e899e94f04fa7959270485395d8c1db3058ce77db419a2e722b0b63cbe0d215f47bbad5149a42160977f03d81189aedd4bbd0a795e68323f3c01a09e21cb44c4614d40126a18158f81c7d8a11fa0f4ae1669e7b37cad663898b45e224a6939f19b281f4530bb8d0588337ced4e223c3ce5f2b1c9ef92113cf599553cc70cd785c0221a3a1a94db29122836fac06f980a0eba6d2dc5bbfb2b00a51d8ee8bf888448c2440829150261d7edd9908b9f8fd627f88d16ab27219880083ef1f78415571ff007d2debed769aa81e9f44f2e79f210a243ca80cffb86d2a5686b8b32e96e2bed75a8347a15559da6796441428ff73057c68afd3f7a89fb11d15e7d1f2d9ae9f20689f51cfdbf3923ae2afd96fedc0bfd44936c978767fe599b97e39c44d927c270492b0ea33ba94280809eda8d919fc2ceddb6cfdd00bc6e6a3c39f58e2c597f1d0be0985bd270bddba421cabc4571dd4e32454ce810b68b727c94d9740b06c3436ead0cf36534ddc8bcd11d1f1c6197bceb6ee5fb7cf4aa5f75c825111e676eb7f834e246fa5cf2b3a37afb6c316284bc8d9ba33835e9a66ba397016220456e30becb09f064e84ffc7c466abd6c6c93174398e58749acb29713c60b27865a55cf6f1557ea8a3f1c5e8e5afba24e4f9ce0394f0e1b041400c91cebcdf9cfce8c58c01e5205233e61dca4ef225790a4a655fb0525ce8395116ea515d704efd56d1e43280c3c9547bad5e44234f881147d6cebd904d9ba85405014c3f16155717265ecdf1f31a3b4f812b9c58c5d51d123e51c8c9dbe5e37ef9d5b218f0c095dd579eaf76f40da5a5c6d955b6815e6ddcc854fbd671ff246403b9271a0c3a4de5b2c532dbfa510153cc5d009b18d7997ed41f78850f31515ea1a87c9f37d66d70fe805908f4593fbf78271ff76035ddb72e81560662183fcfd91d56fbebfce7fa39626a5b133b9fcc1478b438caf78892d21ac6b31418919477146e67f5c58948cd947fe25eb0f7c28a0e63502480c780b1ebe022694df249559259b3280627069d6facd2a382e2c4bfa898c84d708893bba1d7c1a7d05c95cf0c46377a6a052e9ae7f110787a6716ea2fa44a4ad2be86283ca6b4aa4bd9e86abcd69588c18721b4f4aaab06e843b6e349f423ce471f8b43de5bcdba504481d639eecaffb893f47cc1a96a1f25b04b154df9db1863c60245f772971f83beb2cbbeab48802ffd8e4567a6bbb265916f56b3828707dcfa122ee98eab426a369b0d3a96c4d8bb43c08376d062b8b9d58956bb96157851c29a5ec9fd46d9002016633bc668da25cdcf97ec8aebc399140d8a2b2a02b0431abcdd5db728dc2ea456f3edb65b798b63ccd9bcfb85f967566e2034363059cbeef5077472dfaa1dfbadc9e680b4720b07b300352a14821f1d2d838d4210864e2e62cf7719e056021d498ee918beea41d77b9fa86276c7e6654c5d8362f20e31334692c466598513359088268066c2b0780b8d1982255d4e4dafc1406c80ba6dbb452549f59c6b48284058b206d3c0cb2fe50755c38c1fee46524c253c1443f9f2f9442d23f6425876d73566ab6a1a15ba97f688783660740f6c110fd1fad0a167d44cf2f7f4575ac9966092e2a89c6ee42070fcdb71c57db9c7c6a9935ca9e5dd82124c30ac58ac38cf5f08c486e60e2f2a390e40f1548ea5f6efc8e257b74802962483b30ceaf80d27b6a135264d0e28cd821029a189dd7270a3f478df3312fa37dc42420ac75ab608069cd36e06c73cdd85608d7728d9dd63d4d9ddf0fa4fc22634664b9c2cc1eee63ada793e1d6e3857d539c23d2bf5de31c24311e3b662e4b986566b868f598aec60cbeb68b7878a00db12b6c50a8cd5cf9efb86a4f79a3139f77d3bfb635f8793322af38486e17458b4d21ca91f4e1cd7e8e17a4454595eeb86ef176b6c7c84056e925cb67e59288de1453dac70b96f6106d9b0f64cd89be2d4ad3d12823a5c7a28f7956abc67c32cc8f7adfedcab11ace064c6b0efabea27fedcba85d20a0f8001a57483054dda4a53bbb65fd218f75e1d48e3dceaac007511bb956075134161a59b117277b4d647fdcb4f75727c5753db39384d03372057b710bb7c1bb0688fab3ac9419a76d38daeacb50ac49cd41cb39cb24bbfd9519b9772b7567758e030af9b32b826b80f5a02cf420f2540cf690164ed3971282b15b59c62ae5bc04cc21f889e9b6f1a2fbe7681ec54ede5c7ab2096fc4524968c91754de250e2f62a9fa62fbff8bfff4d417f2181ce0a707d1b20743b89d2b55433cfdec272ab3c97abb101a054863bc4fe93e965ef51d1b8e198c1846af7a19fcb52479ec2bfb649f797874073a6c4e4190c56c29a60dfda2dba85785fc867bcf866ce940946f4eb6a6ee738977c1f90f17dc268ca74285c5bb53db9b88d08372e6777b208a848f02cb4b8b30de2a54406fd99f1f5d4847f52718785e223ef89234ae5cfa6c03c02b7f6bde1d4abe7579144829270e9c5883f294e9763376808e5d9ef590da6fd6c231588239849eef39a99e8640be52d4fdff991e2fa00295e33edc5cc2cf73268861a469b2a37a9f5ad25df4dec8bce30f0c69867c1ae69420bf0b88ca3bfa3fdde47f405030c616401f202b51b3ab06a0f798410aa38721571a7bacdae8ff966b7f599a248e80b1d297d820bee68796e59eed2f556c76ae55b54ff6ff548dcbe19ad843a4bf271a26ade091ca94f8575d8e32e3c380de80eeb86485225e9f86", @generic="e1a0f314cb061ca8367a35753ccd45bd92b9ce0db0b17e0952dc536f83dcaee01f43811a5861873a51432b207b9f70675af0fe68e8818a43abc743030fe984a06e23259e70c521ae8e49c41d1e8e31ccd6ec180961f567e0f18747af95589d4adc19ca111a25ca1803f2b169e4b797c09650e445a5415463f48e92f269ee56b1b046aaed6614c0f2d3b4e9"]}, 0x109c}, {&(0x7f0000004d80)={0x24, 0x1f, 0x720, 0x70bd2a, 0x25dfdbfe, "", [@typed={0x4, 0x5d}, @nested={0x8, 0x75, [@typed={0x4, 0xe}]}, @typed={0x8, 0x8f, @uid=r13}]}, 0x24}, {&(0x7f0000004e80)={0x54c, 0x1c, 0x300, 0x70bd25, 0x25dfdbff, "", [@nested={0x4c, 0x55, [@typed={0x48, 0x73, @binary="7ecc4858070308d0612efeeff8de5fc3db1c8b5c9af0146747fa6ffd9d69c727cebd9a170d8601267d3e8fbff417e46e945c4ca97947f66c51d440a5eb92dc256baaa0"}]}, @nested={0x1c0, 0x57, [@typed={0x8, 0x47, @fd=r14}, @generic="64ea4e84019d46388e77406bb00223f0747b3885151af38352d6d9e89006ce10d385a37f9bc31cec40b7aac068ce1a1173f85a8f9463f5052351f2513772ac303115a5167c0d011b35a5e9cb6e6399e929993eff8a6f3e8b54e59b3faeaab8da63c70b07bb9ee1d16b11547d57cbeb7fd0acd66b036a203ccbc15efb612264a4f1ccda2f31a0469d51401d8eecfe2b5acc5d04671052a7deb94a00979aea0194d5f6e4cdcc128cab696560d1ef92d32dd2ff7d1aefe023c7b7e9c5e38ee50db42f52cae011eae713bbd5c6519875ac6be7f6d8c1c5ee18cbbb7596ec4e26fba7ef72dc3b62", @typed={0xc, 0x19, @u64=0x3}, @typed={0x14, 0x23, @ipv6}, @generic="0f5f245b5fc29782236ac1084daa2331cbbc677f42b00b3cee8a63aff3e0dc175d13efdd64b90f58c5bbc656e6c26d3075f23571f669a1495165b15dd539f234a507297d5950f675557c4dd2e64bef814ec6fa432fcae19511f4cc9f8aa1622ef9eace6e3f7f54ed64cd1d464e8a96605bff85502e1fc8ad7295bb00fab8b94cf425", @generic="f137e17ed5d79a063cbe1a2003c978eb4a3bbcfc7bb1597c29a59ca226a9933dd51f5ae83aa5fbf9123144ad"]}, @nested={0x58, 0x78, [@typed={0x8, 0x12, @uid=r15}, @typed={0x8, 0x1d, @u32=0x5}, @generic="590ee60b3d52f4b7c5b218e9acd8586a6a6524731b335e32e3306194aa73baf24861d77dab9370cab42287edbf7845eb7bafb7f9b3ace96b643006ea13ea58997a0297"]}, @generic="636bc9f36fe8f8c086f16f3c", @nested={0x240, 0x82, [@typed={0x4, 0x85}, @typed={0x10, 0x5, @str='/dev/vbi#\x00'}, @generic="37f76967b3b049c7316828cea06c0d0b3aa3851f6e6506f455994871b7a4f72edf9164702e8428d0c9e3e49ab24c66c06387d35d681dbf75c0542ce6a227caec3dae6a4a52196e", @typed={0xf0, 0x86, @binary="8c3f86cbc0e792c7445ee63c20403ba8bce91f118d15022f4532ad1a3d2edbb252403b8fb23b4e35f4668aafeba09d9fa0255aadbfd56ef600e482516d0ffac94268fddfa05e76f65ee430ad02c649b2d3ae6c2e614e32f186a8dec798440250267ea08df1c67cc65ecf5a27b37a0515d3cc2c753d4590c9e39abfa5402a829f60c0563f8f53c35c3f4fd71ee15fdfbd0ef36776644c77e9bbcd1f9008eb786748c8c66f5f127e698e04325d0c14a54a1cc6f7af4f14fd2f5445efa3f793c56a68c226ce33f3fad26d56b2324f5feee75201980e4bc9c004ae5f03370d8aba9c100657a5a07b92711235"}, @generic="229fb3982cda87e6770f6c35aaa83475", @generic="befd304595483970fe6931a5d1aa3c87198629553a0066e7b5a92b04836fcbd10818e9a462bb35caddb8c7681a38e694fe4765a076de2c8516733c6249f1dc5bb9c1292425aa1faab3fc6034aaea38a066e48ea672de349651461ed5a9fbd87af781747628d5f584cc35d4b826f3cb560ce58405702250c21442f89ccaf1f8c7cb8fbf26b301a52eaee3c7b1111d6ebe417203af4e765e01ae33069cd0fa498c96675ed1dc89bf921c190002c1698023da03bb0fd0369029fdfecee77f940264c261b1725f070db0db3eb053d4fe7ed855c15ca0d0ca4431ded0c2", @typed={0x4, 0x7e}]}, @generic="7376943e095c0ee666e6", @generic="692d1d4ba9681041bc554b232090c27d4931f11898ef4fbc450d4526b1e18e5c79a198cc099db2dce5e00d38f58f5b2f55002f2660d0fbb24e5c3679476dcd328418ae786a14cedb9b6e685caf835feb9f81b2fd15632d352e8bc603144292b51377e68b2e81cfcfd4c4dfedb04f8d05a679f538833f16e5a495631693018b"]}, 0x54c}, {&(0x7f0000005440)={0x10ec, 0x30, 0x200, 0x70bd25, 0x25dfdbfe, "", [@typed={0x8, 0x8d, @pid=r16}, @nested={0x1004, 0x11, [@generic="96c0200e7a463bfbe19846c3b9a6a17b90add64cfdeff95725816185aad531eed6efb8efd0f04b9be3f17e569dde99ab00ecf494278380b6eea4db057c56d90f505654c1bc628f29037f80b670a5d7acd64506fae9f73150a9b67db68bd81c42d270a4c0ac9d76e0bb8f821427adcf6bf4e4d4882fe6f84aff59fca0c338e1a64740591c33035f325e6d5ab54e5e628d1ee7e95fa3974df9c47a366e8e349b42e495fb6f58d52b5b318a714311ed89f748a98bcc2511e11830ff2c0c57ee4b0842ea4ff4ec5c22213c07aee1b6adad4dbbf5bcc1f5e2f47ee26b4acd96a465fce8eb166d446eb866013bd519c4495a164b62291cccaba37365de1ef8ac4d96b5e5c483425bbf0304b48b043b93a49eae78be961692477c0fb3088c121ac68c268001cf270f1132f2f4f073594c7665f0158af05e1d7fd3124cf50eed15de519c5b4f625395d5b68653be9f249112be38e12cdf1454d87c902cc5e800d94ba892bca77c9724e6f50037284a7f1a4d3acdb43177b27187dc27338f8d01ed7c6e2c0cc5af18ba0eb7bbc6241843876b11d3ae921300de3e76d6c69c77b7c434c549819b67528dc1e3f761d4bcf3c3d957bbd2a71244a149edc44a8147b65056143ad8d706056dbedeebb5e3dc11ec642740979e1aa4f41b8282f138bafd3ded26f5bb882740d9a45a5e92b147e53bfe01158048d7b5eef76ccec92e7104a48a4d6e59dd173c94b336d2f435aef3bd8b3b460573c929bb50f78743ca70a8d0f7bb31af04ea9b5249c1cd219a0a3230b10e025dc1c0276c39b024d5315803f33a9ca16f11ade90530b108470d01f59e3b1da3416914d0107ab4988fb6d84c41cb1554f8013a5a5b90d45e287288a2a67bc7393f92f479871d3e1b8199adf4554b3c11bc6c2048a3bc23c018b1e62be086286f18005ad69b3ac4a560a12a959a617a612a0354cf636d677a554753e85c9ce19c8f88965049bf128caddf8b47ccdf1b292c7767bfe21729a953cc966e6420c1081fac6035ec6609dd45b1849f4acd0b6e81f0ba4da8544ee1f04ced085ba07b45dca4e8cbd7279d1fd9c91fd51ad641e6aa7bb82f8b1a529e593a7182f22d819518e4aa3d4e75cb66d2204105e109937d315468b585dd72348ef1ab27567e4476276bc6df7e46c7a4386b67a0d796aef7ee732e0596259fb160ab4a1c4d4d51e703992e7a94a8a316e66606ae4334f10368c4ab708f137f682393f16cf1df7a8d138e18cda1d89f8766b484a36833a1483b0fb9048bb90f330cf5f2fa6bba3c519cadcb3ec877ce6fb5279efb09312383bf7b53efac52c11764ffc5bba758995c8d0a17a9a8e0fd943f3e472c34052e9e430b20ba373fbf49b4f75ea59506add05ba429d847be3f5c39e1ce84ebd34ccececec41a43a321cf025df50b0b5ba1ba0194f1998b1f2b157d6703b13d21e9fce043f6758cbb1efff395bde3af7192138dbdc0597879de9c1fa0f1c2d906685a6d1fea18fb2c618149ae322d6a08492b1c4bf95cd1085f636c48eee8157c73fffe4eac9f83d9a45a558051a39fd9ab2f3fc5291dfc02f468dfd1afeea69abcaac51bd6c22eca7a984c9559c3397f7af67731ed66c1879bc232943cc263ac112992fd2a6a1662a5c02171e7b5557735ff09fb37263d3bdde56464f8e535085bac634996d06f797f167db71d3d3727d564ecd44b636a60ea50ce3c4b0687bcac925ec86573397c3f2606c8e0eda7fb3f6e313785a7d8765b41e262ecb4f1d1186a3d7ceccd946a7e580e1f0cae0b134365ce28a56055084882702df28f6c86bdccbd55645406f399815cd04f604e1fbd7885779440349e47cbde7edd89c3cb9abe8bf47da270a2233269b60f56e29b0e8707ce55d67e040aa632cd4e7cfb7677cb1cd699a1b11fe950af5a514a8990c250a4e61a84c621f87e2475566b79e0bf56abf7f5b5374ea14da35154a11c2830d58f6f582437f9314db98e9b3bcdcdfcac4bdfe7734433bc2ab4ddbb9241a823389558dca8b0de06de2c8912be4b046e23733800ce4bdced3d91ae80453386f05f4591c32a791390667c83656071282a3d289844db77e9c90de4c0a83de6024abf217695064bd803a5db8b6c482049437a7eea3b1060e8a96736d55d586e2e23b41708bab54463da347fad1a16df2e9602e0221751b21620ac8136e99ae705e24ad6d5fe0c350487d9bfa3fd84657cbe0184a531cb80f3e8fbc33d247290709cf662b5cdc461b0fe5c14373afb292f69dd56cbe99979a0d40d0328d959d89c30795f0d7024c0dd3467b7b20c8f6c728ca3939a5ca73fe520ec14e25905dc0cf44c146b506e2f16ebc1ee95132ea885839df479885351997a7afbecbc054417f918f7443cb87ca4962873a2c6d00fb4a8218741f8608255395c5e7d2cb197f733aee99d55fcd13f45cc0f409d27dff031b57a1b53f1f5f4abdcfbd6479fdfec1fa16e16fe066313acfca120820ce9f72bddbc4be0ac69f0992517c241c2bf56494d75b611794b3ece0dcb2ebb9260cada86fdaed92a2ec47a57eb9cea523db49383d72b8682b29c67eee9cd3c7057939840133b483788742b8ea29f91a57fa4ebef39094c0a41db35cb5eb0f11643a8dbd9724f82622edf080d7c21e5450e6d953805fb2c3ea1c222453af6b745df9568eecec46276185a5e903707135aaf29eb121a28db904586b0fe6bf16b1cd177ca8041910ec11052485477feebf6c9b70c8a6c4a4f06585c3fad484969b77cbce215ef90e5edd866f44683c5ed4f60d2054c08a2c5bf827ad35ed2b4e8a592574ddfa6de528d4b728de91e64e2ba5010c6c025d33f8beb2641656b9612146cdc986a81568a42391f3d60d95db3c3b50d30c13699f4908b70cfc5ae29818cc72e79bc8576845c56387c5fbb4c74ef18502a1f18c1d9523dbe2af6da51fd5b7a68f2bc1b1b07fe6c7baa4bae910a2372a253b9b7a94294108c1a061a0fe8b2eec31f6ada7519acf2ea436ba1bb085f45665cf3e22d04c6c6081488bb9737c574a570755a1d4cde55c16fa47b23909f4bc2e03fc3cdd0977ba0341d34348b78d76d2a6fb74cf35b842e82733c8f63fb8d6d6d2d350e566f720faf5c8cb2f915263394635655e3c9a72d6943d621a24154ac3542235fb5a6ca0ccdabf98f5459c2ed7598e7654904a4a266e8402bbac5b287a3624af74c81a337337b7e32928b3fd3aebb3aad26912466a13c51279c572b65f58fafbd0f06e7d048b003a02ec3785d2fb8022ffa76e6c4cd2d42dbda1984fadc6259db73559c9b058ba0597454df4905a53a6cb3ce46e99b26cc21f0dd489a0a61d31a216a1118774b6c319df41a9e7f10049755ab84aab231c95bd1a80837109520ebee64eac1f80f9a5c4d68291fed5aa1bb57328b405fff24a5e9757a082847a1e19fff7bbcb05872b894e733e302f47b0c05580ca62fd6bdc5da0b1dc25c647803573537b9fae0242da6a7a46846df7db771844f7b1c2b7d72f70783bb6b995e8294848bca72a4398d6782d7bd9a040685d6ce01299d05b30ce90483adff90c1c3f68f8b55a1d1d9ab478b3c7d07e5f358b85dd4ec8baa796a295b424b5e1a058ab47fed6414e985bade18130d7be52095abe76ddb16cb75f0f08e957daa375ac8ee7cf0b9229fe22b806d70d2da8241ac69bfc7298524ef8313c464a50a2b787af79ff5874e06bcdf365db9e0048bb75d5d5b894e7851a91ff552014b5fb6a9f928e01c536f615a4ae898d681f4960ba447449d6720b45b0e4c66b8543f051c7b0e94f1b5363a51210164de6cc44463a8df0c7a25075fe97ddb0789869cba9dbea016e526ad49e5a678c8ce3d2d36d991b04a207a259b9c2c8ceb0e015b290d817e378d6303d8c2b5376cadf331c6b6ab61e946fa6eeec8ca2db244b8fc5ed1d61d526e3547d23a3e85c072ae1cb7dcb41e7abd0dc8dd613da7d5f8aaaa3cf349c72b6c8349185c7380508fd6aeb46fe8535cac56a8ea0b28fc33c5494f9e45d63b75f33a870f5aca49b27c0b16929da3cd931f57a263ca9cf033f4143424798d2d0cf6faa50356820e5298126144d99f0b1c0696c4a02e593661c2af70b448c664442cd1ff7bf2d7e36eb0300362e5a46f0fa5e981b23c35646c93b3e44d717ff9e4e0a3f2c00dcf622bb0bef97a71cf4a557e8ddc035c41fe49fee8cd975e8413f125f27174908771f6a50996a151f26a25c0985776a5b74f8000ded24d21c7f69b0b188abff7ea94b60bfc5bfde564b40977ed63277dac2ab274d63ad2a756aadca6f653e0a75cb1609547ac786ad72f29f89e0b05981449a383ce1294bb34ea5634b7eeed0a08e54c3d3f8a27f464ce17a689aec68a547b030cfa700d37046cdf261ffbe17872abd3f05f4d56231ca43c9f91403a1c43cfcc5f7c9bd755933258e8c0297b0e12272db0fcf9277d32eb01f982a51e6e7fde509ef72c66ce8e1ef8811a804a5a0d724a6f3d949049f3add11f429d756ce26678eb5b685e2ad32060c8c88863debda2d43e6d3525f9db3ec10d65c7e2432094c7d1baea71f5696f3fddcc9399e2929eb82a037485f5bce09c3f9d441a9386da734205bf409a7ad3867930f9b2c18d502502f474def1690c93022bcde5cd43504d0a4a027778f3f9a6bfae27b4497f10091f391a9d7b86632501ae553d5e83643be6320149360bed1550a6e7f1ab10dd18e0b005eb266b7e0ad159528a1997f4f34d996997a9729c5b7aa961717cc2c128f63dc026b898edb3da950ec3aca525f08bedbe1f2c416e1372e6637a79a104417b7b33788c740df065b19e8ab9b6e820d85a39ed71455e5784429a0292eed06d264dab9c4e22eacb4f29058c7256403793bfdcda668569a10ba652f73fb694e38302ed0501f86740b86b2b53ffcff097e97392afb327e734bcb2691d6452732dd932ffc310008675d6a16cc2f219f461679ab7bc4b59000c6e3f1936f277f48ba44667a4e50a89796ffae335e726fae3d8e642e65eeb4ded36f5ecdab5306f010b03c47447c34877339bb184f648c90ef1ecd179228e7788187222e6c5cf7909457dd4533ca130adada71c8ca9fa90def6b3fd27b31c0689235b194a75ae4dffefa8964efb5e7b1349ded1df1da77535fe3110687d637493a92d76b51f5e06bb37386528f65c6b67b17eebfc8fc344870f8d10eeac77ca42a8549ea9939e02256062822d52405c04e0330825570df1dc67965ae3a1bb0111eb4a0b7efe1e2a3096e11500f60bc208334ce16f3b0e83f35f1fda439834504f01e1e63a6627fda094e29a0fe29e29e0b761d1d79d43a211240699cd522ff9079057ebc7cf6463639ffc2b01b0f92a204f0bb4851958f0e0e60da49278056b5241f85ec1f28afa39510e0c3cc19cac5b53fed830fb4af841bbf674b9ddb6022644c73494169400f3126571c635032bb7265c8db66c9f43bc0f04be6fce1027aadda65ade1af92092d36b91ef91c0b009b5f041e78ec6fb584af2200f42f4043bc170921b5e2eb0946f19cf8beee0887542ff6bd4388399eced39819c34e371bb0d986f970c6cdb24381578365a2a819c9cfadeb74087924fbfc9f92c9fee9bd7ae42a585e81835e81928bd137b8e6edba6f90eb723240eb51d54004241641e34ee97c65a103f4ffe6f939767b7a624b6009f6c9ff04e48d5facdcf0c5440f6ae23516463c66db0c95fd0a3e7f03dfa493095e35e1e109cf7227bd692861a9a35c7a203f43cad3c73e2d413a68be04623bd6c4c5e90e221e3ace3bebf63a9d1690ebc1b3d826e77d274baba85"]}, @generic="d9c7b18926ae0bf6688dca22bd1f351099f740937f2d602be80277a9a379588997a5c0db410415ddf9791552", @nested={0xa4, 0xf, [@generic="5b0e6667d28b6c", @typed={0x98, 0x4b, @binary="f2196669a0e864e530a4b28dde6ac28dbe3d65901f632a2519929c4ad2d7353d2b5361b3a5f7b54554668e8682f85618f58a1b02e5b57f21c22c5d4e341a29903b76f02217091daf2e1529df46ed837df79eacccd0b2da93561e55c75f8b808243de82e9cc0a9e49ff3ef374a8377dfa214cb144d6e12c77bb71b84a1860b9b344a2f14ee6943b13e27c484032d8387bcd9d"}]}]}, 0x10ec}], 0xa, &(0x7f0000006b80)=[@rights={0x30, 0x1, 0x1, [r1, r2, r2, r3, r0, r1, r3, r2]}, @cred={0x20, 0x1, 0x2, r17, r18, r19}, @cred={0x20, 0x1, 0x2, r20, r21, r22}, @cred={0x20, 0x1, 0x2, r23, r24, r25}, @rights={0x18, 0x1, 0x1, [r1, r0]}, @rights={0x28, 0x1, 0x1, [r1, r3, r2, r2, r3]}, @rights={0x28, 0x1, 0x1, [r1, r2, r2, r1, r2, r2]}, @rights={0x20, 0x1, 0x1, [r1, r3, r1]}], 0x118, 0x40}, 0x80) mknodat(r0, &(0x7f0000000000)='./file0\x00', 0x20, 0x2) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 400.994685] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.999815] __alloc_pages_nodemask+0x366/0xec0 [ 401.004503] ? fpu__initialize+0x101/0x750 [ 401.008754] ? __alloc_pages_slowpath+0x2e00/0x2e00 [ 401.014052] ? find_held_lock+0x36/0x1c0 [ 401.018155] ? trace_hardirqs_off+0xb8/0x310 [ 401.022597] cache_grow_begin+0xa5/0x8c0 [ 401.022617] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.022635] ? check_preemption_disabled+0x48/0x280 [ 401.022657] kmem_cache_alloc+0x66a/0x730 [ 401.022682] getname_flags+0xd0/0x590 [ 401.022701] getname+0x19/0x20 06:11:46 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:46 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)="646e735f7265736f6c76657202", &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:46 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000000), 0x0, 0xfffffffffffffffb) 06:11:46 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:46 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x9, 0x1, 0x9, 0x0, r0, 0x2}, 0x2c) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 401.022717] do_sys_open+0x383/0x780 [ 401.022736] ? filp_open+0x80/0x80 06:11:47 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000180)={0xe, 0xffff, 0x1, 0x3ff, 0x23, "543b6cf0ae9ed107965fb6f75f00e443849d8c3e135e901374e4600f858ddac7ea672f"}, 0x2f) r3 = fcntl$getown(r0, 0x9) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000000)=0x0) getsockopt$inet6_tcp_int(r2, 0x6, 0x22, &(0x7f0000000040), &(0x7f0000000140)=0x4) kcmp(r3, r4, 0x4, r1, r2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:47 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 401.022752] ? trace_hardirqs_on+0x310/0x310 [ 401.022769] ? trace_hardirqs_off_caller+0x310/0x310 [ 401.022791] __x64_sys_open+0x7e/0xc0 [ 401.022809] do_syscall_64+0x1b9/0x820 [ 401.022826] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 401.022843] ? syscall_return_slowpath+0x5e0/0x5e0 [ 401.022858] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.022875] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.022896] ? prepare_exit_to_usermode+0x291/0x3b0 [ 401.022918] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.022941] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.022953] RIP: 0033:0x4112b1 [ 401.022969] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 401.022978] RSP: 002b:00007fab1fb997a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 401.022992] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 00000000004112b1 [ 401.023002] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007fab1fb99850 [ 401.023011] RBP: 000000000072bfa0 R08: 00007fab1fb997b0 R09: 000000000072bfa0 [ 401.023021] R10: 0000000000000064 R11: 0000000000000293 R12: 00007fab1fb9a6d4 [ 401.023030] R13: 00000000004c578a R14: 00000000004d9d90 R15: 0000000000000006 [ 401.184842] FAULT_FLAG_ALLOW_RETRY missing 70 [ 401.184865] CPU: 1 PID: 18466 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 401.184876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.184883] Call Trace: [ 401.184909] dump_stack+0x244/0x39d [ 401.184937] ? dump_stack_print_info.cold.1+0x20/0x20 [ 401.184956] ? preempt_schedule+0x4d/0x60 [ 401.184985] handle_userfault.cold.30+0x47/0x62 [ 401.185016] ? userfaultfd_ioctl+0x5610/0x5610 06:11:47 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="ca6465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 401.185035] ? mark_held_locks+0x130/0x130 [ 401.185057] ? find_held_lock+0x36/0x1c0 [ 401.185082] ? futex_wake+0x613/0x760 [ 401.185103] ? userfaultfd_ctx_put+0x830/0x830 [ 401.185126] ? kasan_check_read+0x11/0x20 [ 401.185145] ? print_usage_bug+0xc0/0xc0 [ 401.185160] ? do_raw_spin_trylock+0x270/0x270 [ 401.185177] ? print_usage_bug+0xc0/0xc0 [ 401.185197] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 401.185215] ? print_usage_bug+0xc0/0xc0 [ 401.185233] ? graph_lock+0x270/0x270 [ 401.185249] ? futex_wake+0x304/0x760 06:11:47 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 401.185294] ? find_held_lock+0x36/0x1c0 [ 401.185326] ? __handle_mm_fault+0x4d19/0x5b70 [ 401.185345] ? lock_downgrade+0x900/0x900 [ 401.185370] ? kasan_check_read+0x11/0x20 [ 401.185386] ? do_raw_spin_unlock+0xa7/0x330 [ 401.185402] ? do_raw_spin_trylock+0x270/0x270 [ 401.185422] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 401.185451] __handle_mm_fault+0x4d26/0x5b70 [ 401.185477] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 401.185497] ? graph_lock+0x270/0x270 [ 401.185514] ? kasan_check_read+0x11/0x20 [ 401.185531] ? graph_lock+0x270/0x270 [ 401.185549] ? rcu_read_unlock_special+0x370/0x370 [ 401.185577] ? graph_lock+0x270/0x270 [ 401.185592] ? graph_lock+0x270/0x270 [ 401.185609] ? find_held_lock+0x36/0x1c0 [ 401.185630] ? find_held_lock+0x36/0x1c0 [ 401.185656] ? handle_mm_fault+0x42a/0xc70 [ 401.185674] ? lock_downgrade+0x900/0x900 [ 401.185693] ? check_preemption_disabled+0x48/0x280 [ 401.185716] ? kasan_check_read+0x11/0x20 [ 401.185732] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 06:11:47 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x100, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000140)={0x11, 0x1b, r2, 0x1, 0x9, 0x6, @dev={[], 0x13}}, 0x14) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 401.185750] ? rcu_read_unlock_special+0x370/0x370 [ 401.185770] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.185799] ? check_preemption_disabled+0x48/0x280 [ 401.185828] handle_mm_fault+0x54f/0xc70 [ 401.185848] ? __handle_mm_fault+0x5b70/0x5b70 [ 401.185867] ? find_vma+0x34/0x190 [ 401.185890] __do_page_fault+0x5f6/0xd70 [ 401.185906] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.185932] do_page_fault+0xf2/0x7e0 [ 401.185950] ? vmalloc_sync_all+0x30/0x30 [ 401.185968] ? error_entry+0x70/0xd0 [ 401.185988] ? trace_hardirqs_off_caller+0xbb/0x310 06:11:47 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54a7d6bf, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f0000000140)={"0200"}, &(0x7f0000000040)="44e054435b2730eedf6c7cf500000000", 0x10, 0xfffffffffffffffb) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x2000, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 401.186005] ? trace_hardirqs_on_caller+0xc0/0x310 [ 401.186023] ? syscall_return_slowpath+0x5e0/0x5e0 [ 401.186039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.186057] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.186075] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 401.186093] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 401.186113] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 401.186129] ? __switch_to_asm+0x40/0x70 [ 401.186146] ? page_fault+0x8/0x30 [ 401.186166] ? trace_hardirqs_off_thunk+0x1a/0x1c 06:11:47 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 401.186185] ? page_fault+0x8/0x30 [ 401.186201] page_fault+0x1e/0x30 [ 401.186214] RIP: 0033:0x4510a0 [ 401.186233] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 401.186250] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 401.186265] RAX: 00007f5dbe468850 RBX: 0000000000000003 RCX: 000000000000000e [ 401.186285] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 401.186296] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 401.186308] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe4696d4 [ 401.186317] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 401.256135] dns_resolver_preparse: 33 callbacks suppressed [ 401.256143] Invalid option length (1042293) for dns_resolver key [ 401.332420] FAULT_FLAG_ALLOW_RETRY missing 70 [ 401.397188] Invalid option length (1042293) for dns_resolver key [ 401.410945] Invalid option length (1042293) for dns_resolver key [ 401.422473] Invalid option length (6141) for dns_resolver key [ 401.424195] Invalid option length (6141) for dns_resolver key [ 401.485439] CPU: 0 PID: 18490 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 401.531448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.531455] Call Trace: [ 401.531478] dump_stack+0x244/0x39d [ 401.531501] ? dump_stack_print_info.cold.1+0x20/0x20 [ 401.531532] handle_userfault.cold.30+0x47/0x62 [ 401.544756] ? userfaultfd_ioctl+0x5610/0x5610 [ 401.544781] ? mark_held_locks+0x130/0x130 [ 401.544800] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 401.557294] ? futex_wait_setup+0x266/0x3e0 [ 401.557327] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 401.557349] ? userfaultfd_ctx_put+0x830/0x830 [ 401.557371] ? print_usage_bug+0xc0/0xc0 [ 401.557388] ? print_usage_bug+0xc0/0xc0 [ 401.611594] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 401.611614] ? print_usage_bug+0xc0/0xc0 [ 401.619716] ? graph_lock+0x270/0x270 [ 401.619731] ? futex_wake+0x304/0x760 [ 401.619757] ? find_held_lock+0x36/0x1c0 [ 401.619784] ? __handle_mm_fault+0x4d19/0x5b70 [ 401.635381] Invalid option length (1042293) for dns_resolver key [ 401.637279] ? lock_downgrade+0x900/0x900 [ 401.637305] ? kasan_check_read+0x11/0x20 [ 401.637319] ? do_raw_spin_unlock+0xa7/0x330 [ 401.637336] ? do_raw_spin_trylock+0x270/0x270 [ 401.665722] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 401.671746] FAULT_FLAG_ALLOW_RETRY missing 70 [ 401.676174] __handle_mm_fault+0x4d26/0x5b70 [ 401.676197] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 401.676216] ? graph_lock+0x270/0x270 [ 401.698824] ? kasan_check_read+0x11/0x20 [ 401.698845] ? graph_lock+0x270/0x270 [ 401.736984] ? rcu_read_unlock_special+0x370/0x370 [ 401.737011] ? graph_lock+0x270/0x270 [ 401.737028] ? graph_lock+0x270/0x270 [ 401.758837] ? find_held_lock+0x36/0x1c0 [ 401.758858] ? find_held_lock+0x36/0x1c0 [ 401.758886] ? handle_mm_fault+0x42a/0xc70 [ 401.758908] ? lock_downgrade+0x900/0x900 [ 401.817000] Invalid option length (1042293) for dns_resolver key [ 401.824350] ? check_preemption_disabled+0x48/0x280 [ 401.824375] ? kasan_check_read+0x11/0x20 [ 401.824388] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 401.824406] ? rcu_read_unlock_special+0x370/0x370 [ 401.872352] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.872371] ? check_preemption_disabled+0x48/0x280 [ 401.872394] handle_mm_fault+0x54f/0xc70 [ 401.881625] ? __handle_mm_fault+0x5b70/0x5b70 [ 401.881644] ? find_vma+0x34/0x190 [ 401.881664] __do_page_fault+0x5f6/0xd70 [ 402.037618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.037646] do_page_fault+0xf2/0x7e0 [ 402.037662] ? vmalloc_sync_all+0x30/0x30 [ 402.037679] ? error_entry+0x70/0xd0 [ 402.037697] ? trace_hardirqs_off_caller+0xbb/0x310 [ 402.037712] ? trace_hardirqs_on_caller+0xc0/0x310 [ 402.037729] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.037744] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.037762] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.037779] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 402.037795] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 402.037814] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 402.037829] ? __switch_to_asm+0x40/0x70 [ 402.037843] ? page_fault+0x8/0x30 [ 402.037860] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.037878] ? page_fault+0x8/0x30 [ 402.037894] page_fault+0x1e/0x30 [ 402.037905] RIP: 0033:0x4510a0 [ 402.037922] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 402.037930] RSP: 002b:00007fab1fb997a8 EFLAGS: 00010202 [ 402.037942] RAX: 00007fab1fb99850 RBX: 0000000000000003 RCX: 000000000000000e [ 402.037952] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fb99850 [ 402.037960] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 402.037969] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fb9a6d4 [ 402.037978] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 402.038013] CPU: 1 PID: 18505 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 402.038021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.038026] Call Trace: [ 402.038045] dump_stack+0x244/0x39d [ 402.038064] ? dump_stack_print_info.cold.1+0x20/0x20 [ 402.038082] ? preempt_schedule+0x4d/0x60 [ 402.038109] handle_userfault.cold.30+0x47/0x62 [ 402.038136] ? userfaultfd_ioctl+0x5610/0x5610 [ 402.038158] ? mark_held_locks+0x130/0x130 [ 402.038177] ? find_held_lock+0x36/0x1c0 [ 402.038209] ? futex_wake+0x613/0x760 [ 402.038228] ? userfaultfd_ctx_put+0x830/0x830 [ 402.038250] ? kasan_check_read+0x11/0x20 [ 402.038266] ? print_usage_bug+0xc0/0xc0 [ 402.038280] ? do_raw_spin_trylock+0x270/0x270 [ 402.038296] ? print_usage_bug+0xc0/0xc0 [ 402.038313] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 402.038326] ? print_usage_bug+0xc0/0xc0 [ 402.038340] ? graph_lock+0x270/0x270 [ 402.038353] ? futex_wake+0x304/0x760 [ 402.038380] ? find_held_lock+0x36/0x1c0 [ 402.038401] ? __handle_mm_fault+0x4d19/0x5b70 [ 402.038413] ? lock_downgrade+0x900/0x900 [ 402.038430] ? kasan_check_read+0x11/0x20 [ 402.038441] ? do_raw_spin_unlock+0xa7/0x330 [ 402.038453] ? do_raw_spin_trylock+0x270/0x270 [ 402.038469] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 402.038492] __handle_mm_fault+0x4d26/0x5b70 [ 402.038515] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 402.038533] ? graph_lock+0x270/0x270 [ 402.038549] ? kasan_check_read+0x11/0x20 [ 402.038565] ? graph_lock+0x270/0x270 [ 402.038582] ? rcu_read_unlock_special+0x370/0x370 [ 402.038608] ? graph_lock+0x270/0x270 [ 402.038623] ? graph_lock+0x270/0x270 [ 402.038639] ? find_held_lock+0x36/0x1c0 [ 402.038660] ? find_held_lock+0x36/0x1c0 [ 402.038686] ? handle_mm_fault+0x42a/0xc70 [ 402.038708] ? lock_downgrade+0x900/0x900 [ 402.038725] ? check_preemption_disabled+0x48/0x280 [ 402.038747] ? kasan_check_read+0x11/0x20 [ 402.038761] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 402.038778] ? rcu_read_unlock_special+0x370/0x370 [ 402.038797] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.038814] ? check_preemption_disabled+0x48/0x280 [ 402.038839] handle_mm_fault+0x54f/0xc70 [ 402.038857] ? __handle_mm_fault+0x5b70/0x5b70 [ 402.038872] ? find_vma+0x34/0x190 [ 402.038892] __do_page_fault+0x5f6/0xd70 [ 402.038908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.038927] do_page_fault+0xf2/0x7e0 [ 402.038941] ? vmalloc_sync_all+0x30/0x30 [ 402.038956] ? error_entry+0x70/0xd0 [ 402.038970] ? trace_hardirqs_off_caller+0xbb/0x310 [ 402.038983] ? trace_hardirqs_on_caller+0xc0/0x310 [ 402.039000] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.039015] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.039032] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.039049] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 402.039066] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 402.039085] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 402.039100] ? __switch_to_asm+0x40/0x70 [ 402.039115] ? page_fault+0x8/0x30 [ 402.039134] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.039153] ? page_fault+0x8/0x30 [ 402.039170] page_fault+0x1e/0x30 [ 402.039182] RIP: 0033:0x4510a0 [ 402.039210] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 402.039219] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 402.039231] RAX: 00007f5dbe468850 RBX: 0000000000000003 RCX: 000000000000000e [ 402.039241] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 402.039250] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 06:11:48 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="d76465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:48 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:48 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:48 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) get_robust_list(r1, &(0x7f00000001c0)=&(0x7f0000000180)={&(0x7f0000000040), 0x0, &(0x7f0000000140)}, &(0x7f0000000200)=0x18) ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f0000000380)=0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000240)) socket$nl_crypto(0x10, 0x3, 0x15) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000300)={{0x3b, @local, 0x4e20, 0x0, 'lc\x00', 0x10, 0x2, 0x2c}, {@empty, 0x4e22, 0x1, 0x0, 0x7, 0x7}}, 0x44) 06:11:48 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000500)='/dev/vbi#\x00', 0x2, 0x2) r2 = add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$SO_COOKIE(r1, 0x1, 0x39, &(0x7f00000001c0), &(0x7f0000000200)=0x8) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000340)={0x0, 0xfffffffffffffff8, 0xffff, 0x3fe}, &(0x7f0000000380)=0x10) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000440)={0x1, 0x5, [@empty, @remote, @random="15dd913d0bf1", @empty, @local]}) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000003c0)=@assoc_id=r3, &(0x7f0000000400)=0x4) getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f00000002c0)={'nat\x00', 0x0, 0x4, 0x4e, [], 0x4, &(0x7f0000000000)=[{}, {}, {}, {}], &(0x7f0000000140)=""/78}, &(0x7f0000000040)=0x78) add_key(&(0x7f0000000240)='.dead\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, r2) [ 402.039260] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe4696d4 [ 402.039270] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 402.087096] Invalid option length (1042293) for dns_resolver key [ 402.093206] Invalid option length (1042293) for dns_resolver key 06:11:48 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c86465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:48 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 402.702453] Invalid option length (6085) for dns_resolver key [ 402.777435] FAULT_FLAG_ALLOW_RETRY missing 70 [ 402.781992] CPU: 1 PID: 18540 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 402.791103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.800464] Call Trace: [ 402.800490] dump_stack+0x244/0x39d [ 402.800511] ? dump_stack_print_info.cold.1+0x20/0x20 [ 402.800541] handle_userfault.cold.30+0x47/0x62 [ 402.806746] ? userfaultfd_ioctl+0x5610/0x5610 [ 402.806765] ? mark_held_locks+0x130/0x130 [ 402.806783] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 402.806796] ? futex_wait_setup+0x266/0x3e0 [ 402.806824] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 402.840493] ? userfaultfd_ctx_put+0x830/0x830 [ 402.845095] ? print_usage_bug+0xc0/0xc0 [ 402.849176] ? print_usage_bug+0xc0/0xc0 [ 402.853244] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 402.858429] ? print_usage_bug+0xc0/0xc0 [ 402.858453] ? graph_lock+0x270/0x270 [ 402.858467] ? futex_wake+0x304/0x760 [ 402.858492] ? find_held_lock+0x36/0x1c0 06:11:48 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) socket$bt_rfcomm(0x1f, 0x1, 0x3) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) pipe(&(0x7f0000000140)={0xffffffffffffffff}) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x0}, {}, {}, {}]}) write$apparmor_exec(r1, &(0x7f0000000180)={'exec ', '/dev/vbi#\x00'}, 0xf) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000240)={r3, &(0x7f0000000380)=""/202}) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000001c0)='tls\x00', 0x1) 06:11:48 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) fcntl$notify(r1, 0x402, 0x8000001c) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000001c0)={0x0, 0x0, {0x3f, 0x0, 0x3017, 0x6, 0x0, 0x8, 0x1, 0x7}}) mkdirat$cgroup(r0, &(0x7f0000000240)='syz0\x00', 0x1ff) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x6, @local, 0x2da}, 0x1c) ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000180)={0x2, 0x1, 0x7}) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) fsetxattr$security_smack_entry(r2, &(0x7f0000000040)='security.SMACK64\x00', &(0x7f0000000140)='bdev#vmnet0trusted\x00', 0x13, 0x1) [ 402.874194] ? __handle_mm_fault+0x4d19/0x5b70 [ 402.879128] ? lock_downgrade+0x900/0x900 [ 402.883301] ? kasan_check_read+0x11/0x20 [ 402.887468] ? do_raw_spin_unlock+0xa7/0x330 [ 402.892067] ? do_raw_spin_trylock+0x270/0x270 [ 402.896671] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 402.902324] __handle_mm_fault+0x4d26/0x5b70 [ 402.906748] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 402.911608] ? graph_lock+0x270/0x270 [ 402.915953] ? kasan_check_read+0x11/0x20 [ 402.915971] ? graph_lock+0x270/0x270 06:11:48 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x18000, 0x0) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 402.915989] ? rcu_read_unlock_special+0x370/0x370 [ 402.928875] ? graph_lock+0x270/0x270 [ 402.932692] ? graph_lock+0x270/0x270 [ 402.936502] ? find_held_lock+0x36/0x1c0 [ 402.940575] ? find_held_lock+0x36/0x1c0 [ 402.944660] ? handle_mm_fault+0x42a/0xc70 [ 402.948910] ? lock_downgrade+0x900/0x900 [ 402.953069] ? check_preemption_disabled+0x48/0x280 [ 402.958123] ? kasan_check_read+0x11/0x20 [ 402.962282] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 402.967564] ? rcu_read_unlock_special+0x370/0x370 [ 402.967587] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.967611] ? check_preemption_disabled+0x48/0x280 [ 402.967636] handle_mm_fault+0x54f/0xc70 [ 402.967655] ? __handle_mm_fault+0x5b70/0x5b70 [ 402.967672] ? find_vma+0x34/0x190 [ 402.967691] __do_page_fault+0x5f6/0xd70 [ 402.967708] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.973309] FAULT_FLAG_ALLOW_RETRY missing 70 [ 402.978171] do_page_fault+0xf2/0x7e0 [ 402.978189] ? vmalloc_sync_all+0x30/0x30 [ 402.978205] ? error_entry+0x70/0xd0 [ 402.978223] ? trace_hardirqs_off_caller+0xbb/0x310 [ 402.978237] ? trace_hardirqs_on_caller+0xc0/0x310 [ 402.978251] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.978262] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.978280] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.995430] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 402.995450] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 402.995468] ? prepare_exit_to_usermode+0x291/0x3b0 [ 402.995486] ? page_fault+0x8/0x30 [ 403.050023] dns_resolver: Unsupported server list version (0) [ 403.051829] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.051852] ? page_fault+0x8/0x30 [ 403.051869] page_fault+0x1e/0x30 [ 403.051882] RIP: 0033:0x4510a0 [ 403.051897] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 403.051911] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 403.110560] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 403.118345] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 06:11:48 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x20}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000140)={r2, 0xa4, "8121f95e1f47078da4720457ee56f947d3f446058bc10864d45cf4c3d8773e6c8473dea5f4c02b01c06fbc81fa64026051bfabad7c9a9ec0432e318f9f89afb1b64fe1896d45427e234bfd21b6d081ce3ccfc5bc2b526ebb9e778015aeeab98be1c51053d73062ab89b6260e86a3cc4b64ad74e0ede4d523738d54be496b5b80a3a2fc5d7f01d325967702cbcd0d7f024674e731a8ec1b2a5f6b2323730d707974f6559e"}, &(0x7f0000000200)=0xac) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 403.125622] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 403.132903] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 403.140183] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 403.148932] CPU: 0 PID: 18547 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 403.157531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.166896] Call Trace: [ 403.166918] dump_stack+0x244/0x39d [ 403.166938] ? dump_stack_print_info.cold.1+0x20/0x20 [ 403.173149] ? preempt_schedule+0x4d/0x60 [ 403.182469] handle_userfault.cold.30+0x47/0x62 [ 403.187167] ? userfaultfd_ioctl+0x5610/0x5610 [ 403.191769] ? mark_held_locks+0x130/0x130 [ 403.196023] ? find_held_lock+0x36/0x1c0 [ 403.200117] ? futex_wake+0x613/0x760 [ 403.203934] ? userfaultfd_ctx_put+0x830/0x830 [ 403.208554] ? kasan_check_read+0x11/0x20 [ 403.210347] Option 'Ký!¶ÐÎ<Ïż+Rn»žw€®ê¹‹áÅS×0b«‰¶&†£ÌKd­tàíäÕ' to dns_resolver key: bad/missing value [ 403.212733] ? print_usage_bug+0xc0/0xc0 [ 403.212747] ? do_raw_spin_trylock+0x270/0x270 [ 403.212765] ? print_usage_bug+0xc0/0xc0 [ 403.235697] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 403.240898] ? print_usage_bug+0xc0/0xc0 [ 403.244984] ? graph_lock+0x270/0x270 [ 403.248806] ? futex_wake+0x304/0x760 [ 403.252624] ? find_held_lock+0x36/0x1c0 [ 403.256717] ? __handle_mm_fault+0x4d19/0x5b70 [ 403.261315] ? lock_downgrade+0x900/0x900 [ 403.265482] ? kasan_check_read+0x11/0x20 [ 403.269639] ? do_raw_spin_unlock+0xa7/0x330 [ 403.274061] ? do_raw_spin_trylock+0x270/0x270 06:11:49 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0xfffffffffffffffa) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x80000, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000180)={0x6, 0x1}) setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000000)=0xffff, 0x4) [ 403.278674] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 403.284316] __handle_mm_fault+0x4d26/0x5b70 [ 403.288745] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 403.293599] ? graph_lock+0x270/0x270 [ 403.297411] ? kasan_check_read+0x11/0x20 [ 403.301561] ? graph_lock+0x270/0x270 [ 403.305350] ? rcu_read_unlock_special+0x370/0x370 [ 403.310274] ? graph_lock+0x270/0x270 [ 403.314069] ? graph_lock+0x270/0x270 [ 403.317863] ? find_held_lock+0x36/0x1c0 [ 403.321909] ? find_held_lock+0x36/0x1c0 [ 403.325962] ? handle_mm_fault+0x42a/0xc70 [ 403.330185] ? lock_downgrade+0x900/0x900 [ 403.334320] ? check_preemption_disabled+0x48/0x280 [ 403.339327] ? kasan_check_read+0x11/0x20 [ 403.343460] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 403.348760] ? rcu_read_unlock_special+0x370/0x370 [ 403.353717] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.359243] ? check_preemption_disabled+0x48/0x280 [ 403.364252] handle_mm_fault+0x54f/0xc70 [ 403.368301] ? __handle_mm_fault+0x5b70/0x5b70 [ 403.372869] ? find_vma+0x34/0x190 [ 403.376399] __do_page_fault+0x5f6/0xd70 [ 403.380447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.385991] do_page_fault+0xf2/0x7e0 [ 403.389776] ? vmalloc_sync_all+0x30/0x30 [ 403.393910] ? error_entry+0x70/0xd0 [ 403.397613] ? trace_hardirqs_off_caller+0xbb/0x310 [ 403.402611] ? trace_hardirqs_on_caller+0xc0/0x310 [ 403.407525] ? syscall_return_slowpath+0x5e0/0x5e0 [ 403.412439] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.417271] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.422287] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 403.427727] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 403.432731] ? prepare_exit_to_usermode+0x291/0x3b0 [ 403.437733] ? page_fault+0x8/0x30 [ 403.441259] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.446088] ? page_fault+0x8/0x30 [ 403.449615] page_fault+0x1e/0x30 [ 403.453061] RIP: 0033:0x4510a0 [ 403.456258] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 403.475150] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 403.480499] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 403.487751] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 403.495021] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 403.502290] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 403.509547] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:49 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='Qdev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:49 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f0000000000)={0x0, 0x0, 0x301d, 0x7ff, 0x6, 0x6, 0x8, 0x1}) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) 06:11:49 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:49 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:49 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000140)) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) prctl$PR_SET_KEEPCAPS(0x8, 0x0) perf_event_open$cgroup(&(0x7f0000000000)={0x5, 0x70, 0x1, 0xffff, 0x8f, 0x1f, 0x0, 0x20f, 0x2800, 0x2, 0x3ff, 0x2, 0xd68, 0x6, 0x92, 0x1ff, 0x3, 0x0, 0x1, 0x2, 0xdfd1, 0xe542, 0x1000, 0xffffffff, 0xec18, 0x2, 0x2d, 0x7fffffff, 0x5, 0x5, 0x2, 0x8000, 0xc00000000000, 0xffffffff, 0x0, 0x1, 0x0, 0x7, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x4}, 0x20, 0x6, 0x3a27, 0x6, 0x400, 0xfff, 0xa0eb}, r1, 0x9, r0, 0x1) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:49 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='Qdev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:49 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 403.737296] FAULT_FLAG_ALLOW_RETRY missing 70 [ 403.741312] FAULT_FLAG_ALLOW_RETRY missing 70 [ 403.751748] CPU: 0 PID: 18590 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 403.760354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.769714] Call Trace: [ 403.772323] dump_stack+0x244/0x39d [ 403.775968] ? dump_stack_print_info.cold.1+0x20/0x20 [ 403.781176] ? preempt_schedule+0x4d/0x60 06:11:49 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"026c00"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 403.785344] handle_userfault.cold.30+0x47/0x62 [ 403.790056] ? userfaultfd_ioctl+0x5610/0x5610 [ 403.794651] ? mark_held_locks+0x130/0x130 [ 403.798904] ? find_held_lock+0x36/0x1c0 [ 403.802980] ? futex_wake+0x613/0x760 [ 403.806819] ? userfaultfd_ctx_put+0x830/0x830 [ 403.811413] ? kasan_check_read+0x11/0x20 [ 403.815567] ? print_usage_bug+0xc0/0xc0 [ 403.819638] ? do_raw_spin_trylock+0x270/0x270 [ 403.824229] ? print_usage_bug+0xc0/0xc0 [ 403.828301] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 403.833501] ? print_usage_bug+0xc0/0xc0 06:11:49 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 403.837574] ? graph_lock+0x270/0x270 [ 403.841382] ? futex_wake+0x304/0x760 [ 403.845205] ? find_held_lock+0x36/0x1c0 [ 403.849288] ? __handle_mm_fault+0x4d19/0x5b70 [ 403.853882] ? lock_downgrade+0x900/0x900 [ 403.858057] ? kasan_check_read+0x11/0x20 [ 403.862207] ? do_raw_spin_unlock+0xa7/0x330 [ 403.866885] ? do_raw_spin_trylock+0x270/0x270 [ 403.871481] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 403.877127] __handle_mm_fault+0x4d26/0x5b70 [ 403.881554] ? vmf_insert_mixed_mkwrite+0x40/0x40 06:11:49 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 403.886408] ? graph_lock+0x270/0x270 [ 403.890219] ? kasan_check_read+0x11/0x20 [ 403.894379] ? graph_lock+0x270/0x270 [ 403.898190] ? rcu_read_unlock_special+0x370/0x370 [ 403.903146] ? graph_lock+0x270/0x270 [ 403.906959] ? graph_lock+0x270/0x270 [ 403.910767] ? find_held_lock+0x36/0x1c0 [ 403.914841] ? find_held_lock+0x36/0x1c0 [ 403.918917] ? handle_mm_fault+0x42a/0xc70 [ 403.923169] ? lock_downgrade+0x900/0x900 [ 403.927328] ? check_preemption_disabled+0x48/0x280 [ 403.932484] ? kasan_check_read+0x11/0x20 [ 403.936636] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 403.941928] ? rcu_read_unlock_special+0x370/0x370 [ 403.946872] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.952419] ? check_preemption_disabled+0x48/0x280 [ 403.957455] handle_mm_fault+0x54f/0xc70 [ 403.961530] ? __handle_mm_fault+0x5b70/0x5b70 [ 403.966125] ? find_vma+0x34/0x190 [ 403.969681] __do_page_fault+0x5f6/0xd70 [ 403.973751] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.979310] do_page_fault+0xf2/0x7e0 [ 403.983125] ? vmalloc_sync_all+0x30/0x30 06:11:49 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020060"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 403.987279] ? error_entry+0x70/0xd0 [ 403.991009] ? trace_hardirqs_off_caller+0xbb/0x310 [ 403.996037] ? trace_hardirqs_on_caller+0xc0/0x310 [ 404.000978] ? syscall_return_slowpath+0x5e0/0x5e0 [ 404.005937] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.010789] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.015813] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 404.021273] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 404.026302] ? prepare_exit_to_usermode+0x291/0x3b0 [ 404.031332] ? page_fault+0x8/0x30 06:11:49 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02003f"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 404.034884] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.039741] ? page_fault+0x8/0x30 [ 404.043293] page_fault+0x1e/0x30 [ 404.046751] RIP: 0033:0x4510a0 [ 404.049951] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 404.068855] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 404.074227] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 404.081504] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 404.088776] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 404.096050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 404.103330] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 404.110628] CPU: 1 PID: 18589 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 404.119224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.128588] Call Trace: [ 404.131197] dump_stack+0x244/0x39d [ 404.135373] ? dump_stack_print_info.cold.1+0x20/0x20 [ 404.135405] handle_userfault.cold.30+0x47/0x62 [ 404.135435] ? userfaultfd_ioctl+0x5610/0x5610 [ 404.135453] ? mark_held_locks+0x130/0x130 [ 404.135471] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 404.135485] ? futex_wait_setup+0x266/0x3e0 [ 404.135520] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 404.135540] ? userfaultfd_ctx_put+0x830/0x830 [ 404.135564] ? print_usage_bug+0xc0/0xc0 [ 404.135580] ? print_usage_bug+0xc0/0xc0 [ 404.135599] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 404.135614] ? print_usage_bug+0xc0/0xc0 [ 404.135631] ? graph_lock+0x270/0x270 [ 404.135645] ? futex_wake+0x304/0x760 [ 404.135675] ? find_held_lock+0x36/0x1c0 [ 404.135702] ? __handle_mm_fault+0x4d19/0x5b70 [ 404.135719] ? lock_downgrade+0x900/0x900 [ 404.135744] ? kasan_check_read+0x11/0x20 [ 404.135759] ? do_raw_spin_unlock+0xa7/0x330 [ 404.135774] ? do_raw_spin_trylock+0x270/0x270 [ 404.135792] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 404.135819] __handle_mm_fault+0x4d26/0x5b70 [ 404.135844] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 404.135861] ? graph_lock+0x270/0x270 [ 404.135877] ? kasan_check_read+0x11/0x20 [ 404.135892] ? graph_lock+0x270/0x270 [ 404.135908] ? rcu_read_unlock_special+0x370/0x370 [ 404.135934] ? graph_lock+0x270/0x270 [ 404.135949] ? graph_lock+0x270/0x270 [ 404.135963] ? find_held_lock+0x36/0x1c0 [ 404.135992] ? find_held_lock+0x36/0x1c0 [ 404.136017] ? handle_mm_fault+0x42a/0xc70 [ 404.136034] ? lock_downgrade+0x900/0x900 [ 404.136052] ? check_preemption_disabled+0x48/0x280 [ 404.136073] ? kasan_check_read+0x11/0x20 [ 404.136087] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 404.136104] ? rcu_read_unlock_special+0x370/0x370 [ 404.136121] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.136137] ? check_preemption_disabled+0x48/0x280 [ 404.136160] handle_mm_fault+0x54f/0xc70 [ 404.136179] ? __handle_mm_fault+0x5b70/0x5b70 [ 404.136197] ? find_vma+0x34/0x190 [ 404.136218] __do_page_fault+0x5f6/0xd70 [ 404.136234] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.136257] do_page_fault+0xf2/0x7e0 [ 404.136272] ? vmalloc_sync_all+0x30/0x30 [ 404.136287] ? error_entry+0x70/0xd0 [ 404.136304] ? trace_hardirqs_off_caller+0xbb/0x310 [ 404.136319] ? trace_hardirqs_on_caller+0xc0/0x310 [ 404.136335] ? syscall_return_slowpath+0x5e0/0x5e0 [ 404.136350] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.136366] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.136382] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 404.136399] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 404.136416] ? prepare_exit_to_usermode+0x291/0x3b0 [ 404.136431] ? page_fault+0x8/0x30 [ 404.136449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.136468] ? page_fault+0x8/0x30 [ 404.136484] page_fault+0x1e/0x30 [ 404.136500] RIP: 0033:0x4510a0 [ 404.136516] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 404.136524] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 404.136536] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 404.136546] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 404.136555] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 404.136563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 404.136572] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:50 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='Vdev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:50 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020700"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:50 executing program 5: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c86465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:50 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200004}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x90, r1, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x18, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x101}]}, @TIPC_NLA_MEDIA={0x38, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x22}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x2c, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xfb}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x800}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x4048080}, 0x40040c5) 06:11:50 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:50 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c06465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 404.599391] FAULT_FLAG_ALLOW_RETRY missing 70 [ 404.603967] CPU: 1 PID: 18629 Comm: syz-executor5 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 404.612561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.622251] Call Trace: [ 404.624859] dump_stack+0x244/0x39d [ 404.628506] ? dump_stack_print_info.cold.1+0x20/0x20 [ 404.633725] handle_userfault.cold.30+0x47/0x62 [ 404.638428] ? userfaultfd_ioctl+0x5610/0x5610 [ 404.643029] ? mark_held_locks+0x130/0x130 [ 404.647278] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 404.652307] ? futex_wait_setup+0x266/0x3e0 [ 404.656659] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 404.661869] ? userfaultfd_ctx_put+0x830/0x830 [ 404.666475] ? print_usage_bug+0xc0/0xc0 [ 404.671066] ? print_usage_bug+0xc0/0xc0 [ 404.675143] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 404.680344] ? print_usage_bug+0xc0/0xc0 [ 404.684415] ? graph_lock+0x270/0x270 [ 404.688233] ? futex_wake+0x304/0x760 [ 404.692061] ? find_held_lock+0x36/0x1c0 [ 404.696145] ? __handle_mm_fault+0x4d19/0x5b70 [ 404.700744] ? lock_downgrade+0x900/0x900 [ 404.704916] ? kasan_check_read+0x11/0x20 [ 404.709089] ? do_raw_spin_unlock+0xa7/0x330 [ 404.713771] ? do_raw_spin_trylock+0x270/0x270 [ 404.718371] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 404.724018] __handle_mm_fault+0x4d26/0x5b70 [ 404.728460] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 404.733318] ? graph_lock+0x270/0x270 [ 404.737132] ? kasan_check_read+0x11/0x20 [ 404.741295] ? graph_lock+0x270/0x270 [ 404.745127] ? rcu_read_unlock_special+0x370/0x370 [ 404.745155] ? graph_lock+0x270/0x270 [ 404.745172] ? graph_lock+0x270/0x270 [ 404.757686] ? find_held_lock+0x36/0x1c0 [ 404.761765] ? find_held_lock+0x36/0x1c0 [ 404.765847] ? handle_mm_fault+0x42a/0xc70 [ 404.770542] ? lock_downgrade+0x900/0x900 [ 404.774712] ? check_preemption_disabled+0x48/0x280 [ 404.774734] ? kasan_check_read+0x11/0x20 [ 404.783884] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 404.789689] ? rcu_read_unlock_special+0x370/0x370 [ 404.794628] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.800185] ? check_preemption_disabled+0x48/0x280 [ 404.805222] handle_mm_fault+0x54f/0xc70 [ 404.809307] ? __handle_mm_fault+0x5b70/0x5b70 [ 404.813899] ? find_vma+0x34/0x190 [ 404.817469] __do_page_fault+0x5f6/0xd70 [ 404.821547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.827109] do_page_fault+0xf2/0x7e0 [ 404.828086] FAULT_FLAG_ALLOW_RETRY missing 70 [ 404.830924] ? vmalloc_sync_all+0x30/0x30 [ 404.830943] ? error_entry+0x70/0xd0 [ 404.830958] ? trace_hardirqs_off_caller+0xbb/0x310 06:11:50 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:50 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = request_key(&(0x7f0000000040)='.request_key_auth\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='/dev/vbi#\x00', 0xfffffffffffffff9) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x0, r1) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:50 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:50 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 404.830976] ? trace_hardirqs_on_caller+0xc0/0x310 [ 404.853242] ? syscall_return_slowpath+0x5e0/0x5e0 [ 404.854344] FAULT_FLAG_ALLOW_RETRY missing 70 [ 404.858178] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.858199] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.858214] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 404.858230] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 404.858246] ? prepare_exit_to_usermode+0x291/0x3b0 [ 404.858260] ? page_fault+0x8/0x30 [ 404.858279] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.867603] ? page_fault+0x8/0x30 [ 404.867621] page_fault+0x1e/0x30 [ 404.867632] RIP: 0033:0x4510a0 [ 404.867648] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 404.878085] RSP: 002b:00007fcd05d3c7a8 EFLAGS: 00010202 [ 404.878096] RAX: 00007fcd05d3c850 RBX: 0000000000000003 RCX: 000000000000000e [ 404.878105] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fcd05d3c850 [ 404.878114] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 404.878123] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcd05d3d6d4 [ 404.878131] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 404.956516] CPU: 1 PID: 18644 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 404.967666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.967673] Call Trace: [ 404.967701] dump_stack+0x244/0x39d [ 404.967725] ? dump_stack_print_info.cold.1+0x20/0x20 [ 404.967744] ? preempt_schedule+0x4d/0x60 [ 404.967769] handle_userfault.cold.30+0x47/0x62 [ 404.967798] ? userfaultfd_ioctl+0x5610/0x5610 [ 404.967814] ? mark_held_locks+0x130/0x130 [ 404.967834] ? find_held_lock+0x36/0x1c0 [ 404.967856] ? futex_wake+0x613/0x760 [ 404.967875] ? userfaultfd_ctx_put+0x830/0x830 [ 404.967895] ? kasan_check_read+0x11/0x20 [ 404.967920] ? print_usage_bug+0xc0/0xc0 [ 404.967936] ? do_raw_spin_trylock+0x270/0x270 [ 404.967953] ? print_usage_bug+0xc0/0xc0 [ 404.967975] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 404.967992] ? print_usage_bug+0xc0/0xc0 [ 404.968008] ? graph_lock+0x270/0x270 [ 404.968023] ? futex_wake+0x304/0x760 [ 404.968051] ? find_held_lock+0x36/0x1c0 [ 404.985974] ? __handle_mm_fault+0x4d19/0x5b70 [ 404.992149] ? lock_downgrade+0x900/0x900 [ 405.001453] ? kasan_check_read+0x11/0x20 [ 405.010668] ? do_raw_spin_unlock+0xa7/0x330 [ 405.018939] ? do_raw_spin_trylock+0x270/0x270 [ 405.018959] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 405.018983] __handle_mm_fault+0x4d26/0x5b70 [ 405.019004] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 405.019022] ? graph_lock+0x270/0x270 [ 405.106275] ? kasan_check_read+0x11/0x20 [ 405.106294] ? graph_lock+0x270/0x270 [ 405.106309] ? rcu_read_unlock_special+0x370/0x370 [ 405.106332] ? graph_lock+0x270/0x270 [ 405.122977] ? graph_lock+0x270/0x270 [ 405.126793] ? find_held_lock+0x36/0x1c0 [ 405.130872] ? find_held_lock+0x36/0x1c0 [ 405.134966] ? handle_mm_fault+0x42a/0xc70 [ 405.139212] ? lock_downgrade+0x900/0x900 [ 405.144081] ? check_preemption_disabled+0x48/0x280 [ 405.149111] ? kasan_check_read+0x11/0x20 [ 405.153270] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 405.158555] ? rcu_read_unlock_special+0x370/0x370 [ 405.163508] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.169441] ? check_preemption_disabled+0x48/0x280 [ 405.169465] handle_mm_fault+0x54f/0xc70 [ 405.169482] ? __handle_mm_fault+0x5b70/0x5b70 [ 405.169500] ? find_vma+0x34/0x190 [ 405.186675] __do_page_fault+0x5f6/0xd70 [ 405.190752] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.196311] do_page_fault+0xf2/0x7e0 06:11:50 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) write$P9_RRENAME(r0, &(0x7f0000000000)={0x7, 0x15, 0x1}, 0x7) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) accept4$bt_l2cap(r0, 0x0, &(0x7f0000000040), 0x80000) 06:11:50 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)="646e735f7265736f6c766572ff", &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 405.200127] ? vmalloc_sync_all+0x30/0x30 [ 405.204284] ? error_entry+0x70/0xd0 [ 405.208012] ? trace_hardirqs_off_caller+0xbb/0x310 [ 405.213040] ? trace_hardirqs_on_caller+0xc0/0x310 [ 405.218004] ? syscall_return_slowpath+0x5e0/0x5e0 [ 405.223061] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.227927] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.232956] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 405.238425] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 405.243456] ? prepare_exit_to_usermode+0x291/0x3b0 [ 405.248489] ? page_fault+0x8/0x30 [ 405.252044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.256910] ? page_fault+0x8/0x30 [ 405.260462] page_fault+0x1e/0x30 [ 405.263921] RIP: 0033:0x4510a0 [ 405.267123] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 405.286539] RSP: 002b:00007fab1fb997a8 EFLAGS: 00010202 [ 405.286552] RAX: 00007fab1fb99850 RBX: 0000000000000003 RCX: 000000000000000e [ 405.286562] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fb99850 [ 405.286572] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 405.286580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fb9a6d4 [ 405.286589] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 405.287803] CPU: 1 PID: 18643 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 405.306597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.306604] Call Trace: [ 405.306627] dump_stack+0x244/0x39d [ 405.306647] ? dump_stack_print_info.cold.1+0x20/0x20 [ 405.306665] ? preempt_schedule+0x4d/0x60 [ 405.306689] handle_userfault.cold.30+0x47/0x62 [ 405.306716] ? userfaultfd_ioctl+0x5610/0x5610 [ 405.328513] ? mark_held_locks+0x130/0x130 [ 405.349006] ? find_held_lock+0x36/0x1c0 [ 405.380106] ? futex_wake+0x613/0x760 [ 405.380130] ? userfaultfd_ctx_put+0x830/0x830 [ 405.380153] ? kasan_check_read+0x11/0x20 [ 405.380172] ? print_usage_bug+0xc0/0xc0 [ 405.380185] ? do_raw_spin_trylock+0x270/0x270 [ 405.380201] ? print_usage_bug+0xc0/0xc0 [ 405.380221] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 405.380237] ? print_usage_bug+0xc0/0xc0 [ 405.380254] ? graph_lock+0x270/0x270 [ 405.380268] ? futex_wake+0x304/0x760 [ 405.380299] ? find_held_lock+0x36/0x1c0 [ 405.380325] ? __handle_mm_fault+0x4d19/0x5b70 [ 405.380342] ? lock_downgrade+0x900/0x900 [ 405.380364] ? kasan_check_read+0x11/0x20 [ 405.380384] ? do_raw_spin_unlock+0xa7/0x330 [ 405.380399] ? do_raw_spin_trylock+0x270/0x270 [ 405.380418] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 405.380445] __handle_mm_fault+0x4d26/0x5b70 [ 405.380469] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 405.380487] ? graph_lock+0x270/0x270 [ 405.380499] ? kasan_check_read+0x11/0x20 [ 405.380515] ? graph_lock+0x270/0x270 [ 405.411138] ? rcu_read_unlock_special+0x370/0x370 [ 405.418985] ? graph_lock+0x270/0x270 [ 405.418998] ? graph_lock+0x270/0x270 [ 405.419012] ? find_held_lock+0x36/0x1c0 [ 405.419029] ? find_held_lock+0x36/0x1c0 [ 405.419053] ? handle_mm_fault+0x42a/0xc70 [ 405.419067] ? lock_downgrade+0x900/0x900 [ 405.419089] ? check_preemption_disabled+0x48/0x280 [ 405.435643] ? kasan_check_read+0x11/0x20 [ 405.435660] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 405.435675] ? rcu_read_unlock_special+0x370/0x370 [ 405.435695] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.448803] ? check_preemption_disabled+0x48/0x280 [ 405.448831] handle_mm_fault+0x54f/0xc70 [ 405.448852] ? __handle_mm_fault+0x5b70/0x5b70 [ 405.448877] ? find_vma+0x34/0x190 [ 405.448896] __do_page_fault+0x5f6/0xd70 06:11:51 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/\nev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:51 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x80, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54a7d6bf, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f0000000140)={"0200"}, &(0x7f0000000040)="44e054435b2730eedf6c7cf500000000", 0x10, 0xfffffffffffffffb) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x2000, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:51 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="5b000000c6aa6d8bd210a30406d0ffe2eac8ebe88c5db23a32460e7deaeaada9a7c69e92bd35e2197eaa2c3658a98de7071d44f59f314eeed400042d9faba5f837466c249ad013d720c0540db82de0fa4faba74fc983bfe9ca50f440b2e0477796d1fcd9f0357c130458"], &(0x7f0000000140)=0x63) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0}, &(0x7f00000002c0)=0xc) getgroups(0x8, &(0x7f0000000300)=[0xee01, 0xee00, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff, 0xee01, 0xee01, 0xee01]) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='fuse\x00', 0x20, &(0x7f0000000580)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000000000,user_id=', @ANYRESDEC=r3, @ANYBLOB=',group_id=', @ANYRESDEC=r4, @ANYBLOB="2c616c6c6f775f6f746865722c616c6c6f775f6f746865722c616c6c6f775f6f746865722c6d61785f726561643d3078303030303030303030303030303030342c616c6c6f775f6f746865722c61756469742c7569643c943c24eda03987841228976b164c059eeece13e6209a6a8d078a255608e526cead156c50bec1c0c785693e5bc5957b742a9725942f8ff9e436c5fe4c5ce6e32dfd226e2490b33be91f5e3afeb278f9d7a174", @ANYRESDEC=r5, @ANYBLOB=',fsname=/dev/rtc0\x00,mask=MAY_EXEC,\x00']) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r2, 0x4, 0x10001}, &(0x7f00000001c0)=0xc) syz_genetlink_get_family_id$team(&(0x7f0000000500)='team\x00') ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:51 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={'.\x00'}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:51 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020068"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 405.448913] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.448935] do_page_fault+0xf2/0x7e0 [ 405.560577] ? vmalloc_sync_all+0x30/0x30 [ 405.560595] ? error_entry+0x70/0xd0 [ 405.560615] ? trace_hardirqs_off_caller+0xbb/0x310 [ 405.573961] ? trace_hardirqs_on_caller+0xc0/0x310 [ 405.573979] ? syscall_return_slowpath+0x5e0/0x5e0 [ 405.573995] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.574013] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.574029] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 405.574046] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 405.574064] ? prepare_exit_to_usermode+0x291/0x3b0 [ 405.574081] ? page_fault+0x8/0x30 [ 405.574099] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.574118] ? page_fault+0x8/0x30 [ 405.574135] page_fault+0x1e/0x30 [ 405.574147] RIP: 0033:0x4510a0 [ 405.574164] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 405.574173] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 405.574186] RAX: 00007f5dbe468850 RBX: 0000000000000003 RCX: 000000000000000e [ 405.574197] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 405.574206] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 405.574215] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe4696d4 [ 405.574225] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 405.728457] FAULT_FLAG_ALLOW_RETRY missing 70 [ 405.753757] CPU: 1 PID: 18690 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 405.763482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.775230] Call Trace: [ 405.793176] dump_stack+0x244/0x39d [ 405.793197] ? dump_stack_print_info.cold.1+0x20/0x20 [ 405.793214] ? preempt_schedule+0x4d/0x60 [ 405.793242] handle_userfault.cold.30+0x47/0x62 [ 405.799445] ? userfaultfd_ioctl+0x5610/0x5610 [ 405.808751] ? mark_held_locks+0x130/0x130 [ 405.808772] ? find_held_lock+0x36/0x1c0 [ 405.808794] ? futex_wake+0x613/0x760 [ 405.808812] ? userfaultfd_ctx_put+0x830/0x830 [ 405.808842] ? kasan_check_read+0x11/0x20 [ 405.818060] ? print_usage_bug+0xc0/0xc0 [ 405.818075] ? do_raw_spin_trylock+0x270/0x270 [ 405.818091] ? print_usage_bug+0xc0/0xc0 [ 405.818112] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 405.818126] ? print_usage_bug+0xc0/0xc0 [ 405.818143] ? graph_lock+0x270/0x270 [ 405.864649] ? futex_wake+0x304/0x760 [ 405.864684] ? find_held_lock+0x36/0x1c0 [ 405.864712] ? __handle_mm_fault+0x4d19/0x5b70 [ 405.864730] ? lock_downgrade+0x900/0x900 [ 405.864756] ? kasan_check_read+0x11/0x20 [ 405.864772] ? do_raw_spin_unlock+0xa7/0x330 [ 405.864788] ? do_raw_spin_trylock+0x270/0x270 [ 405.864807] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 405.864848] __handle_mm_fault+0x4d26/0x5b70 [ 405.864874] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 405.864892] ? graph_lock+0x270/0x270 [ 405.864909] ? kasan_check_read+0x11/0x20 [ 405.864924] ? graph_lock+0x270/0x270 [ 405.864942] ? rcu_read_unlock_special+0x370/0x370 [ 405.864970] ? graph_lock+0x270/0x270 [ 405.864985] ? graph_lock+0x270/0x270 [ 405.865000] ? find_held_lock+0x36/0x1c0 [ 405.865022] ? find_held_lock+0x36/0x1c0 [ 405.865047] ? handle_mm_fault+0x42a/0xc70 [ 405.865065] ? lock_downgrade+0x900/0x900 [ 405.865083] ? check_preemption_disabled+0x48/0x280 [ 405.865104] ? kasan_check_read+0x11/0x20 [ 405.865120] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 405.865137] ? rcu_read_unlock_special+0x370/0x370 [ 405.865157] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.865174] ? check_preemption_disabled+0x48/0x280 [ 405.865198] handle_mm_fault+0x54f/0xc70 [ 405.865218] ? __handle_mm_fault+0x5b70/0x5b70 [ 405.865237] ? find_vma+0x34/0x190 [ 405.865259] __do_page_fault+0x5f6/0xd70 [ 405.865275] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.865300] do_page_fault+0xf2/0x7e0 [ 405.865332] ? vmalloc_sync_all+0x30/0x30 [ 405.865350] ? error_entry+0x70/0xd0 [ 405.865369] ? trace_hardirqs_off_caller+0xbb/0x310 [ 405.865385] ? trace_hardirqs_on_caller+0xc0/0x310 [ 405.865401] ? syscall_return_slowpath+0x5e0/0x5e0 [ 405.865416] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.865434] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.865450] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 405.865466] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 405.865484] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 405.865498] ? __switch_to_asm+0x40/0x70 [ 405.865513] ? page_fault+0x8/0x30 [ 405.865531] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.865550] ? page_fault+0x8/0x30 [ 405.865566] page_fault+0x1e/0x30 [ 405.865579] RIP: 0033:0x4510a0 [ 405.865595] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 405.865603] RSP: 002b:00007fab1fb997a8 EFLAGS: 00010202 [ 405.865616] RAX: 00007fab1fb99850 RBX: 0000000000000003 RCX: 000000000000000e [ 405.865626] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fb99850 06:11:51 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="d06465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:51 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020005"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:51 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000040)='./file0\x00', 0xffffffffffff1d53, 0x3, &(0x7f00000012c0)=[{&(0x7f0000000140)="70ab16a6409d40a9f32c9a84499178b5790c8f0c68d07ab29b388867a8a33e12056c860c72e0f8c5624f944ad2b3b17e240a17698b93ba219e415d45a69aa4a6811cfc8b410fbb92835df572d89ddb4436499f8e7d6d", 0x56, 0x2}, {&(0x7f00000001c0)="ad53328dd7669691b6196deadce1d4fce4ab0479177856fc89152f874d59861f01576636548712a00b324c216d2814c0e99aa69a9059439d6896b6e438cec60c4f4e418d4bcd71d69cae4d7051e020eeac24cbebbdece268a88f39ed98d314062ce838dbe9cbd8e187612a8c9c178510e82bc33576b2e38cf2eb3e9d1bcbf5d7c9041d5cc8cef6e80bfb8243ed6e302ddc24e95f21a09e40062704dbceacc9780712feae8ae709ad29d2b1c89737967002f9e417c4b9ced420978f559b7b6408087b43066d4d41edaf4810849712789d24b7426b9a00a104636286eb47ea3a220ba9b4e47667b24cc176d39f486d939d50288b53939b", 0xf6, 0x3}, {&(0x7f00000002c0)="4d93ae1ccb02022bf6025cf91c20a74b6e8f34711adcc282557828a16504686b542d69b7e9fd2b42728f9be2c611139d9d22d7922648bafbf2776606c9a68483dd78850eb0e016bd7716cd8018ecdc21494e5f13dbb55aa8ea8414d867346f68442e44d801fee12c59dce13c0228996221d7ebdfaf0338adcb363605de66c8674e92c9a92153e5553612f7329f282a9003de527e458da5d45d0a1ad5ac3409c70096c898f271effe106eb12727c16e69d637eecf10f7257d38fc76fee893728f1ca0d4cbc88f5f8bef50f36850278939d1416255646127336b6fb01240fb4c6eb770b39cd62f3c423c750b0121ec3d148ea35e4cb92f6f4e79eb8cc543a0e69be95cb561a798366a3adbfd5354e65992df962527d2440f91385ed2d6acb7592fb2173373832049488fc8592167c854fdb627e01a360e0843abfd235503645270e343bd7b39a764b686338621994c037af5b5156052e629b54cf4846f8d6c1bf47940fcb346688dc03e7b3a2e465111513c4113f0dc7a1559825665f76c8a76f3e940d94246e657bfc06b416952ffd4f17b0e7c634fbbe43e98d37b8ee88360f9570f2da1bfd3d8734533a6c8231c86e9e7ef43ec64dd2edbe078164160155a417edd63d707ebe0f0551984d728753089152c89ff8ffd05126e7c43dfa7ed43542fa90b6673c129f629537bab9483e8bb9ee44dd8853551dce07c7b3205fdbbe9dd07ab704a68b9565726155f770c381d31595eaf45be5df0380ffb94e3aa82d5f6e89ea06bd8b25cd3250e1ae7304f6ba84f3bebb6efbb4ae9942bbba7520f3f37d9328acf1a856ff5f7be9929a2adbf048194e5068d3bff169ade794f90a7500ea3d2e063551220b8a8eda18f34b78a84aeb1168f09ebe339671da032afbd657fa6f9fded08bc87e91e382c0880271315c0d3ff8b00e1493726720a0fd683b169011c2d4465795b556654937ac4a5aa47b7230957197bc3f75a0c0efd9284cb182cc744ea450988b8c2b41969f9777b1969bd13da3f99ac268b1e623ef1dc7e1cded6aa5374533b2566aee207d17e4633822750f319958601442927df9e4be951667d3f497533614b92a3a2f473679220ccd6bb6770e5f253ce24fdf3e99c54be0525263ea54a4c402c784cbc6ce35316583e0302920b1dcc83384e16349f07dc5bec121bf231f7bff5954da8e4669ee29525ecba3f68fe5a82bd02390f3d961cbae23b7d3df776da14ed3360a92387e734cba42573e64a7f8a7f9958e96369a1b8213537d9527aab9289846986ac738d5fc0300cf64c68850c743b905af10a57d33b0ca7f0b6677dbd480b57135178677e626e136e1bc650d9d5e1ff95b91eea436a6a71e4daba3f328853600ee4c10c2c1ca4beff9f8cde1eb921a3dfed60bbf2ab03fa32ff591767f5706213e2588c9842256538b3eb0fa0f4966668cbd5556123e723cc8cdabaa80c4c44668733d89552e11d785014d962d404b74eb5e57084a4dda748603b0bd8a64d722373b2814705b42443b8b8c8830c1f39ffc113fd22bfb1c42c893571482fcdd1ffef3dec293372476cce12743b289a4b64ce44a68e0570547396c0256fe1340f712d6ff07a6928fada2d3085d6a9d1dde27e197085d5367cd7cfba708da566caa8550bb9dda3d724f2233c0ed74e30d778c6e34dbfea904b9165425f44a59dde3e1af58bebb84199e2efcd015c37979cff64601c3a5fc5c3258fd36e3d7b6515b61f3ecc9c5afa735dc713225dd3bb021d74636706290aad7b8788ab174ac1a2caf302208ef13603db7c368089720447e5c44c59a9c5878bdf94085163346f5b0b13138c796a7b019f8f8335c7b60adfc931a05f9fd93d27270109d68e7b3efe2fcace4e2d987f1d40f487c72a3be53f4fa18f9057f25929777fdd1f766513f1b846f4952472b3ca59b28a799b6f0f6b1de840a369697de77bce1aa518de1c0eb2f7ef117c496de03a65e98f4a6cd51dacc6eb7516a1a7cd44266d5cfe22653ec1369572ae88d7c888f59c3ea8dcbb9a69af3167a5efbeca56eae331a424f7153d17a87972aca4cfb490bfc41d47dfad1cd436af6e27367f9059cae1ef909740bf864b94e7de8539aa700e5eeed7d44e7820c1f7eed191d3c6d773a5abe13c42af9101c328363500f9e30c952052db1c93d54ad55c9b9826ba43f9f3c895c918995e2ccbbb17d9f5a7a5e4e2274433041529fe57f7e3dc5fdb5acfb5bd1b1619c48a3ecc7c44983cc6b4e02890b01e1eeb9085c0fa3092b11c9a0ceebc9b9df821a72e28d37d5891dc638f7e130dcc7cbd8d9c55b80c968056346d3286e8b475f350c0d5f64b86f6388fa87d791c966bc3986774b65af0b6407571c23598dff8905e47337bcac6eb86fdeff1681d5c64ffd533b7315f4d0352be66e46d76adba89a69b5a9b17372b99695e1e593e705be482bd377ee200186574b62fa6515651da8bc5b118962111acc0dea18ac16d7abfd8f7d1691d5b5d0865e09c0354a27ca384d99e9bc6f684f702e64af4dbb8b50893dec1aeb881c7663b43513bbd3119368861358e9e347b168844562a6031c87cf97b662a81dbff857b14225e8c5aea2454f69ab1f1563927ee7c2c89791d338d28f144f587f113c44f60f7725252e911edb114b131336e2e521a9660c1e383bc6d01d7ee5b093725e5b5f3b28269d78fd01a15c0340d3610da6935e891c77da693af5faf3372aef7416636f8b71bc53591e6940c357731abc83c9cfd1ad72e9a20ef9e25d4f43d6a631c66577c0e14abf46a582ae52aa7b6dc3701547ce1cba2ca4a05c319ffb2fab30f77fc764d2253d3943a80ecc33a7e4f04009c7b6f0317c501db52c06466381a1ddcc4f0ff2fb0554ba55a41e6e452a5a38978bfef0c2cd5ec7f8d5a904d6edb348b6febf1f6ccb10c516d53883558250060981a6a4dee6c38cf5dc51dc5d4e16a34e6c2a0f14fc88d6244b0ba866f93da02f932dbd20ae64be46c43c41c119b94270ec5bbcdc58fec197b2b87eaf6d0e4804a4e6ee5be5bc30daf4a58eeb12845e32c2ad97ce1e838bcefc750b0dc09c8dc38e6877f008d2712f89c93e990df902750feaa8c07e45f2ca347703962d769f7e617d60656bb52e1c59fe793cbb8b6f8379b13f9d6c848c31c7d65d1a0fae2307423f9cca2474a2364c16581dc240ebee908f2d41b63a041514a0f3742a230889392e210baba474a9471a204b0f0123a997b7400625ff97ca618abea63270b86fa2155fe04e40d7c05a74538a2b88910ff267a79b3c82f8797c4852ab7cdf98dcadf47d57989e88b346e6beeaa0e55a7b2ef6c45d9b31e50667fd6ca86b383f4f5543d60c94699f780a00dc3eb5030dd579caf7f57e484e6aa63c8bc1ff8e58803c77ac360a3509ad2fdf3ee263a21203d7b67a46e209152abe3c56f76f67e70435df256755c4f633ecac7d62cf12b266992d0acd3f728d9034fd5bbd80c0b19a06e3237b5f92955b3955b3488c2cfdc493900e7f407cf0313f80d16e5e64e17ba1a1ecf67d79f361e25b48bb755ed94b3ddfa899cbd5c0a5772f7755b4559f64fb1859867cac35075c3f80678a9d82940af5818a2a14f54800ca24eccec8c0f5570aa0e2051fe1e509a56164e7f8e6303093600f26f3c37612f4efb14dabadd8de1f11d44fdcef2a096777fddc644f60417029aa90dc36877f7a8ea3daf0ff12221f2840ada8e7110cbe50ee5a39048e5f484eeb514ecf33967845f698ed9a89d47a8db54436412403bb0369753835574f4bd46756cf5beee5b334b13269aba3ba8c85611a6efee17c9a99951e02a6432e44e411e03bf9313f951376906f325584465db921fdb941dc86ce7566c331ade5c3bf7c7a113a5803b7f52056c42192bb71ebf43b8157f4e6be7be3e2bca7a41939600b89f948efe6fd591947f32267a3b5cfb17c4cf54a6eb5b8754eb6daaf5f93e8d7dc7f76698e5fc5adee2a0bf4116b5afd3f48314f468a06e0683e5c3aa686980d668151a9bb66cf71030b00286fdd5d9473c92a1f9c7b02a202398a4e67fb60c80e53f1f3cafcdba220e4ed889e628bd55f05858da1afb59da4fe9a86c972154e304573589bcb64936f02a8a693af389d2c391f19b7e9f2618f29fd9ce17c05ba484cafbd6c665670391e14d35bbca37d05df7292c5949de5969cd4da9a7eda20a30f6566eee932f4dd5d520b96f441888b8fb403420bd3c8799e44bc107c4bcbf170586f8e6848bdf3cf537e159209c9b173ce6a27329a58c278d8094935c8cdfd40ac16313db5db4bc9b0dd834e90c5d0703d359c5450282c0a69bb84be730f23f9ed3a37ca7339460050e182731f387a71caafbf31a851dadbfeaf941fea9b6a3f8960d017e8654549a9fdec937d058769f333f5041234dfec563df80867197a347ea13f03c0c707a19e8566b181dd74335b4e335b64663fa388f87e2fecb5fa445d9657c68c846665f3e1817a542a6e122a8d0e0d204c9c4542e949f3ae6f80ffbf320e97ab401d2d02dbac035055872776b924e46432d4787e5643856734593c66f20d444878d685af06f9b2bf87c99a1072153fc78d3dd1dba153d5efa2d74ab34a7b98026cb6142819269e31900242946c1a81c1cde6292692c9fa0950990d52a41d5be3dcc27e1c8285de96e32cfc3228a0cad2c3edf21cef2277608101c9b17ccaafcaf0876e6fee01d267a4fced4bc9b0f64fea0c87ae36a541ef8959a4c9de57b4620f25fc7eaa117014161cc224602f4c0bcb21ecfdc3375c9f070ec049da315e2d6a37f24409e3c7c9d3667f8eed56f7890f7de240fe194f996e5ceaacd99e08f952904ba79a63c91d2c0e2b9394205ea6e4b2b2a0aa682977babbbfbbe5e3cd7e33579c6da2b697982238bb0f4bad1149ad79977b6ad70ccb5ea9791b41a600868527c1f11cc8df5ab649eeca0891c2d1ed77610c78791f00ffcd3ce2bc4d79c3269fe6887f509c630bebf6647b346e098196b3b119953c4879dcb20ff0d271020adc0b0c725f6d670f301b902848ab318a69a748b6f16fff39e292531111e3bfa0213ffda3e3740fec10b5cd0388ae78449ecc1a706a5dae6915554cca2209b433a96ff5b3d8af1ba10d181ef100f21d2487fdf5c7dfea4e1156c8d855ade5275794e2ca8101d8226f874bf5e63e8176497491bdc8c866d6eddd43a9c6b7da30df1fcec3d361388803d0179a6c1b465ac43e8eeb3bba4e64875b879c63bc08c3fc3e6cb09d3de52eff24aef3b0fa05f24e1fbdca65bb1db10266a75c4e5f7dd8515f181cd22c58ea4f91f4c75e9d1a66b638a0ca7f3ca585550aa77511df2e4748536b429de2dd397f01f7b9e0b96dc65f7bd2cfc2730efbf3fb9b386302dfae16be998f5d1ce581df91436b24d546a3e6835a514ff7c6a1b04ba71dad6c8114180008be4269b0f7c8c3f3147850d970fd81fce15179c316d736d400389b8b0b3e68b6e5411e9bedb0aba9c1675be3c7aa6cc002bfadd20fa4ae6fcc2c5cf4cedfa2a4708ba666cd7b1d98f1892080b90549a1c1ecf86269243938b8c0960971fdb7d48fcfab200bc3db290d6abcf7b43d56be05792550c1d1b8a9e5f2207d5570c0ad28fcbbde6481498ff7cbbfb7d3e5d93c2fe7e9dcec3dcf6e79250f17703a4063c7be2d74f11771e584b335e87d563390063611b5b7373a4ede5557866cf6f1e04b2e3859d183709e3b95707612f9faf415bab76a97e52ecdddadae37a12debd985765a0b2134aefae6d5845c8d27ae2a045669e8442b58bc8511356bcbcbb884671a2f427cfb9f15b", 0x1000, 0x2}], 0x10001, &(0x7f0000001340)={[{@discard_size={'discard', 0x3d, 0x39fe}}, {@discard_size={'discard', 0x3d, 0x10000}}, {@discard='discard'}], [{@dont_measure='dont_measure'}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@smackfsfloor={'smackfsfloor'}}]}) 06:11:51 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x9, 0x1, 0x9, 0x0, r0, 0x2}, 0x2c) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:51 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"c200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 405.865636] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 405.865645] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fb9a6d4 [ 405.865655] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:51 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2fd765762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 406.264425] Option 'UdRpãC½{9§d¶†3†!™Lzõµ`Ræ)µLô„olôy@ü³FhÀ>{:.FQQ˜Ó{Žèƒ`ùW-¡¿ÓØsE3¦È' to dns_resolver key: bad/missing value [ 406.280367] FAULT_FLAG_ALLOW_RETRY missing 70 [ 406.285253] CPU: 1 PID: 18707 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 406.293863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.298158] dns_resolver_preparse: 36 callbacks suppressed [ 406.298183] Invalid option length (1042293) for dns_resolver key [ 406.303237] Call Trace: [ 406.303267] dump_stack+0x244/0x39d [ 406.303297] ? dump_stack_print_info.cold.1+0x20/0x20 [ 406.303326] handle_userfault.cold.30+0x47/0x62 [ 406.315411] Invalid option length (1042293) for dns_resolver key [ 406.317696] ? userfaultfd_ioctl+0x5610/0x5610 [ 406.317716] ? mark_held_locks+0x130/0x130 [ 406.317735] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 406.317751] ? futex_wait_setup+0x266/0x3e0 [ 406.317787] ? __sanitizer_cov_trace_switch+0x53/0x90 06:11:52 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 406.317805] ? userfaultfd_ctx_put+0x830/0x830 [ 406.317825] ? print_usage_bug+0xc0/0xc0 [ 406.369897] ? print_usage_bug+0xc0/0xc0 [ 406.369918] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 406.379160] ? print_usage_bug+0xc0/0xc0 [ 406.383236] ? graph_lock+0x270/0x270 [ 406.387050] ? futex_wake+0x304/0x760 [ 406.390870] ? find_held_lock+0x36/0x1c0 [ 406.394956] ? __handle_mm_fault+0x4d19/0x5b70 [ 406.399552] ? lock_downgrade+0x900/0x900 [ 406.403723] ? kasan_check_read+0x11/0x20 [ 406.407880] ? do_raw_spin_unlock+0xa7/0x330 [ 406.412317] ? do_raw_spin_trylock+0x270/0x270 [ 406.412418] Invalid option length (1042293) for dns_resolver key [ 406.416910] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 406.416940] __handle_mm_fault+0x4d26/0x5b70 [ 406.416963] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 406.416980] ? graph_lock+0x270/0x270 [ 406.416997] ? kasan_check_read+0x11/0x20 [ 406.417009] ? graph_lock+0x270/0x270 [ 406.417026] ? rcu_read_unlock_special+0x370/0x370 [ 406.454671] ? graph_lock+0x270/0x270 [ 406.458480] ? graph_lock+0x270/0x270 06:11:52 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 406.462307] ? find_held_lock+0x36/0x1c0 [ 406.466383] ? find_held_lock+0x36/0x1c0 [ 406.470932] ? handle_mm_fault+0x42a/0xc70 [ 406.475183] ? lock_downgrade+0x900/0x900 [ 406.479347] ? check_preemption_disabled+0x48/0x280 [ 406.484398] ? kasan_check_read+0x11/0x20 [ 406.488565] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 406.493857] ? rcu_read_unlock_special+0x370/0x370 [ 406.498803] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.499212] Invalid option length (1042293) for dns_resolver key [ 406.504351] ? check_preemption_disabled+0x48/0x280 [ 406.504378] handle_mm_fault+0x54f/0xc70 [ 406.504397] ? __handle_mm_fault+0x5b70/0x5b70 [ 406.524188] ? find_vma+0x34/0x190 [ 406.527761] __do_page_fault+0x5f6/0xd70 [ 406.531834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.532124] FAULT_FLAG_ALLOW_RETRY missing 70 [ 406.537388] do_page_fault+0xf2/0x7e0 [ 406.537406] ? vmalloc_sync_all+0x30/0x30 [ 406.537423] ? error_entry+0x70/0xd0 [ 406.537440] ? trace_hardirqs_off_caller+0xbb/0x310 [ 406.537454] ? trace_hardirqs_on_caller+0xc0/0x310 [ 406.537468] ? syscall_return_slowpath+0x5e0/0x5e0 [ 406.537482] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.537496] ? trace_hardirqs_on_caller+0x310/0x310 [ 406.537511] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 406.537527] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 406.537541] ? prepare_exit_to_usermode+0x291/0x3b0 [ 406.537553] ? page_fault+0x8/0x30 [ 406.537568] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.537584] ? page_fault+0x8/0x30 [ 406.537597] page_fault+0x1e/0x30 [ 406.537608] RIP: 0033:0x4510a0 06:11:52 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:52 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) linkat(r1, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000040)='./file0\x00', 0x400) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:52 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:52 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 406.537623] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 406.537630] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 406.537641] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 406.537651] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 406.537658] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 406.537666] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 406.537675] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 406.662897] Invalid option length (1042293) for dns_resolver key [ 406.686684] CPU: 1 PID: 18718 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 406.695299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.703644] Invalid option length (1042293) for dns_resolver key [ 406.704663] Call Trace: [ 406.704688] dump_stack+0x244/0x39d [ 406.704708] ? dump_stack_print_info.cold.1+0x20/0x20 [ 406.715181] Invalid option length (1042293) for dns_resolver key [ 406.717061] ? preempt_schedule+0x4d/0x60 [ 406.717088] handle_userfault.cold.30+0x47/0x62 [ 406.717118] ? userfaultfd_ioctl+0x5610/0x5610 [ 406.717135] ? mark_held_locks+0x130/0x130 [ 406.717157] ? find_held_lock+0x36/0x1c0 [ 406.748343] Invalid option length (1042293) for dns_resolver key [ 406.750155] ? futex_wake+0x613/0x760 [ 406.750179] ? userfaultfd_ctx_put+0x830/0x830 [ 406.750202] ? kasan_check_read+0x11/0x20 [ 406.750221] ? print_usage_bug+0xc0/0xc0 [ 406.773176] ? do_raw_spin_trylock+0x270/0x270 [ 406.777779] ? print_usage_bug+0xc0/0xc0 [ 406.781859] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 406.787064] ? print_usage_bug+0xc0/0xc0 [ 406.791668] ? graph_lock+0x270/0x270 [ 406.795480] ? futex_wake+0x304/0x760 [ 406.799312] ? find_held_lock+0x36/0x1c0 [ 406.803405] ? __handle_mm_fault+0x4d19/0x5b70 [ 406.808009] ? lock_downgrade+0x900/0x900 [ 406.812175] ? kasan_check_read+0x11/0x20 [ 406.816334] ? do_raw_spin_unlock+0xa7/0x330 [ 406.820760] ? do_raw_spin_trylock+0x270/0x270 [ 406.820782] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 406.820807] __handle_mm_fault+0x4d26/0x5b70 [ 406.835407] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 406.840265] ? graph_lock+0x270/0x270 [ 406.840282] ? kasan_check_read+0x11/0x20 [ 406.840295] ? graph_lock+0x270/0x270 [ 406.840310] ? rcu_read_unlock_special+0x370/0x370 [ 406.840333] ? graph_lock+0x270/0x270 [ 406.840347] ? graph_lock+0x270/0x270 [ 406.840360] ? find_held_lock+0x36/0x1c0 [ 406.840375] ? find_held_lock+0x36/0x1c0 [ 406.840397] ? handle_mm_fault+0x42a/0xc70 [ 406.840413] ? lock_downgrade+0x900/0x900 [ 406.840431] ? check_preemption_disabled+0x48/0x280 [ 406.840453] ? kasan_check_read+0x11/0x20 [ 406.864683] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 406.864701] ? rcu_read_unlock_special+0x370/0x370 [ 406.864731] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.864749] ? check_preemption_disabled+0x48/0x280 [ 406.864775] handle_mm_fault+0x54f/0xc70 06:11:52 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="ab6465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:52 executing program 5: ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000080)={&(0x7f0000cf1000/0x2000)=nil, 0x0, 0x0, 0x0, &(0x7f0000ffe000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000bb4000/0x2000)=nil}) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000000c0)=0x20, 0x4) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, 0x0}, 0x0) r2 = msgget$private(0x0, 0x20) r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x3, 0x82) setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0) ioctl$VIDIOC_ENCODER_CMD(r3, 0xc028564d, &(0x7f00000002c0)={0x1, 0x0, [0x9, 0x9, 0x1, 0x8000, 0x7, 0x4, 0x80000001, 0x8000]}) msgctl$IPC_STAT(r2, 0x2, &(0x7f0000000780)=""/4096) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x4}, &(0x7f0000000340)=0xc) setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000380)={r5}, 0x8) r6 = openat$cgroup_int(r4, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f00000004c0)=ANY=[@ANYBLOB="06077e5545d7d82ecb2e8fed160db5f5db8cf28ea7b776bbe112feb198391a05be5c216650028ac0a71adc38ece25c6df01016865163e130c6af5c437540ae58055da3716643462cf998cef8ccd3f27db0dff9a443ff80095e12506f57c42588a1a73456b744682a7b12188d82175a82ffed7de60b92cd589aa038cbb851cf34684c3b07ae828cdc5140edf354de352f57", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000140)=0x1c) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000180)={r7, @in={{0x2, 0x4e22, @loopback}}, 0x2}, &(0x7f0000000240)=0x90) mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x40000000001) writev(r6, &(0x7f0000000700), 0x10000000000000b7) 06:11:52 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 406.873322] ? __handle_mm_fault+0x5b70/0x5b70 [ 406.873342] ? find_vma+0x34/0x190 [ 406.873363] __do_page_fault+0x5f6/0xd70 [ 406.873380] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.873402] do_page_fault+0xf2/0x7e0 [ 406.873418] ? vmalloc_sync_all+0x30/0x30 [ 406.881777] ? error_entry+0x70/0xd0 [ 406.881798] ? trace_hardirqs_off_caller+0xbb/0x310 [ 406.881813] ? trace_hardirqs_on_caller+0xc0/0x310 [ 406.881830] ? syscall_return_slowpath+0x5e0/0x5e0 [ 406.881846] ? trace_hardirqs_off_thunk+0x1a/0x1c 06:11:52 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 406.881865] ? trace_hardirqs_on_caller+0x310/0x310 [ 406.896276] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 406.896297] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 406.896315] ? prepare_exit_to_usermode+0x291/0x3b0 [ 406.896333] ? page_fault+0x8/0x30 [ 406.896351] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.896366] ? page_fault+0x8/0x30 [ 406.896383] page_fault+0x1e/0x30 [ 406.896394] RIP: 0033:0x4510a0 06:11:52 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'dummy0\x00', {0x2, 0x4e23, @local}}) ioctl$KDENABIO(r0, 0x4b36) accept$nfc_llcp(r0, &(0x7f0000000140), &(0x7f0000000040)=0x60) ioctl$sock_SIOCGPGRP(r1, 0x8904, 0x0) [ 406.896408] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 406.896416] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 406.896428] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 406.896437] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 406.896445] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 406.896453] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 406.896466] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 406.946806] Invalid option length (1042293) for dns_resolver key [ 407.041900] syz-executor5 (18746) used greatest stack depth: 7792 bytes left [ 407.112481] Invalid option length (1042293) for dns_resolver key 06:11:52 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/d\nv/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:52 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = memfd_create(&(0x7f0000000140)="2d42d54e49c56aba707070f00884a26d003a2900bb8dacac76617d6b6e6823cb290fc8c03a9c631064eea98b4363ad899c6bdec5e936dd55a93dcd4a78aa8f7eb93061a9b2044b98933f8851f7d61da1ce8b19eaefe3abb6a52434d6fe370fe7d924ce20ab4eaec9bdd36740e127730e90f2cd72b828", 0x0) pwrite64(r2, &(0x7f0000000240)='/', 0x1, 0x1) fcntl$setlease(r2, 0x400, 0x0) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, 0x0, 0x0) lseek(r2, 0x0, 0x2) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000000100)=0x7) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000004c0)={0x0, 0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000480)='/dev/rtc0\x00', 0xffffffffffffffff}, 0x30) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r3, 0x4, &(0x7f0000000500)=""/34) sendfile(r2, r2, &(0x7f00000000c0), 0x7f8) fsetxattr(r1, &(0x7f00000001c0)=@known='security.evm\x00', &(0x7f0000000280)="2d42d54e49c56aba707070f00884a26d003a2900bb8dacac76617d6b6e6823cb290fc8c03a9c631064eea98b4363ad899c6bdec5e936dd55a93dcd4a78aa8f7eb93061a9b2044b98933f8851f7d61da1ce8b19eaefe3abb6a52434d6fe370fe7d924ce20ab4eaec9bdd36740e127730e90f2cd72b828", 0x76, 0x1) ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000000540)={0xffffffffffffff80, {0x2, 0x4e22, @rand_addr=0xe491}, {0x2, 0x4e20}, {0x2, 0x4e24, @broadcast}, 0x4, 0x100000001, 0x2, 0x2, 0x3, 0x0, 0x0, 0x5d07e887, 0x5}) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x4000, 0x0) ioctl$RTC_WKALM_RD(r2, 0x80287010, &(0x7f0000000440)) syz_open_pts(r0, 0x2000) getsockname$unix(r4, &(0x7f0000000600)=@abs, &(0x7f00000003c0)=0x6e) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/net/pfkey\x00', 0x101200, 0x0) rename(&(0x7f0000000280)='./file0\x00', &(0x7f0000000340)='./file0\x00') lstat(&(0x7f00000006c0)='./file0/file0\x00', &(0x7f0000000a80)) syz_mount_image$btrfs(&(0x7f00000005c0)='btrfs\x00', 0x0, 0x80, 0x1, &(0x7f0000000a00)=[{&(0x7f0000000900), 0x0, 0x3f}], 0x800000, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x10000014c) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100)={0x20}, &(0x7f0000000140)={0x8}, &(0x7f0000000200)={0x0, r5+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000400)=0xfffffffffffffeb2) 06:11:52 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:52 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="a56465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:53 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0x1}, &(0x7f0000000140), 0x1bf, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:53 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:53 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:53 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c76465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 407.387316] dns_resolver: Unsupported server list version (0) [ 407.427702] dns_resolver: Unsupported server list version (0) 06:11:53 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:53 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000000380)={0xaae, 0x9, 0x3, 0x80000000, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]}) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000000)={r1}) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:53 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02ffff"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:53 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='}dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:53 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f64d7762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 407.877348] handle_userfault: 6 callbacks suppressed [ 407.877355] FAULT_FLAG_ALLOW_RETRY missing 70 [ 407.896377] CPU: 0 PID: 18827 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 407.904988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.914349] Call Trace: [ 407.916955] dump_stack+0x244/0x39d [ 407.920598] ? dump_stack_print_info.cold.1+0x20/0x20 [ 407.925821] handle_userfault.cold.30+0x47/0x62 [ 407.930511] ? userfaultfd_ioctl+0x5610/0x5610 [ 407.935104] ? mark_held_locks+0x130/0x130 [ 407.939346] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 407.944363] ? futex_wait_setup+0x266/0x3e0 [ 407.948731] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 407.953932] ? userfaultfd_ctx_put+0x830/0x830 [ 407.958525] ? print_usage_bug+0xc0/0xc0 [ 407.962588] ? print_usage_bug+0xc0/0xc0 [ 407.966673] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 407.971867] ? print_usage_bug+0xc0/0xc0 [ 407.975937] ? graph_lock+0x270/0x270 [ 407.979741] ? futex_wake+0x304/0x760 [ 407.983562] ? find_held_lock+0x36/0x1c0 [ 407.987647] ? __handle_mm_fault+0x4d19/0x5b70 [ 407.992235] ? lock_downgrade+0x900/0x900 [ 407.996397] ? kasan_check_read+0x11/0x20 [ 408.000549] ? do_raw_spin_unlock+0xa7/0x330 [ 408.004961] ? do_raw_spin_trylock+0x270/0x270 [ 408.009549] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 408.015190] __handle_mm_fault+0x4d26/0x5b70 [ 408.019622] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 408.024470] ? graph_lock+0x270/0x270 [ 408.028278] ? kasan_check_read+0x11/0x20 [ 408.032431] ? graph_lock+0x270/0x270 [ 408.036233] ? rcu_read_unlock_special+0x370/0x370 [ 408.041163] ? graph_lock+0x270/0x270 [ 408.044944] ? graph_lock+0x270/0x270 [ 408.048727] ? find_held_lock+0x36/0x1c0 [ 408.052773] ? find_held_lock+0x36/0x1c0 [ 408.056824] ? handle_mm_fault+0x42a/0xc70 [ 408.061044] ? lock_downgrade+0x900/0x900 [ 408.065178] ? check_preemption_disabled+0x48/0x280 [ 408.070178] ? kasan_check_read+0x11/0x20 [ 408.074308] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 408.079568] ? rcu_read_unlock_special+0x370/0x370 [ 408.084482] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.090003] ? check_preemption_disabled+0x48/0x280 [ 408.095005] handle_mm_fault+0x54f/0xc70 [ 408.099054] ? __handle_mm_fault+0x5b70/0x5b70 [ 408.103627] ? find_vma+0x34/0x190 [ 408.107154] __do_page_fault+0x5f6/0xd70 [ 408.111199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.116742] do_page_fault+0xf2/0x7e0 [ 408.120525] ? vmalloc_sync_all+0x30/0x30 [ 408.124663] ? error_entry+0x70/0xd0 [ 408.128372] ? trace_hardirqs_off_caller+0xbb/0x310 [ 408.133371] ? trace_hardirqs_on_caller+0xc0/0x310 [ 408.138286] ? syscall_return_slowpath+0x5e0/0x5e0 [ 408.143199] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.148030] ? trace_hardirqs_on_caller+0x310/0x310 [ 408.153030] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 408.158462] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 408.163461] ? prepare_exit_to_usermode+0x291/0x3b0 [ 408.168469] ? page_fault+0x8/0x30 [ 408.171996] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.176823] ? page_fault+0x8/0x30 [ 408.180348] page_fault+0x1e/0x30 [ 408.183794] RIP: 0033:0x4510a0 [ 408.186977] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 408.205859] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 408.211204] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 408.218459] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 408.225709] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 408.232963] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 408.240228] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:54 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = memfd_create(&(0x7f0000000140)="2d42d54e49c56aba707070f00884a26d003a2900bb8dacac76617d6b6e6823cb290fc8c03a9c631064eea98b4363ad899c6bdec5e936dd55a93dcd4a78aa8f7eb93061a9b2044b98933f8851f7d61da1ce8b19eaefe3abb6a52434d6fe370fe7d924ce20ab4eaec9bdd36740e127730e90f2cd72b828", 0x0) pwrite64(r2, &(0x7f0000000240)='/', 0x1, 0x1) fcntl$setlease(r2, 0x400, 0x0) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, 0x0, 0x0) lseek(r2, 0x0, 0x2) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000000100)=0x7) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000004c0)={0x0, 0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000480)='/dev/rtc0\x00', 0xffffffffffffffff}, 0x30) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r3, 0x4, &(0x7f0000000500)=""/34) sendfile(r2, r2, &(0x7f00000000c0), 0x7f8) fsetxattr(r1, &(0x7f00000001c0)=@known='security.evm\x00', &(0x7f0000000280)="2d42d54e49c56aba707070f00884a26d003a2900bb8dacac76617d6b6e6823cb290fc8c03a9c631064eea98b4363ad899c6bdec5e936dd55a93dcd4a78aa8f7eb93061a9b2044b98933f8851f7d61da1ce8b19eaefe3abb6a52434d6fe370fe7d924ce20ab4eaec9bdd36740e127730e90f2cd72b828", 0x76, 0x1) ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000000540)={0xffffffffffffff80, {0x2, 0x4e22, @rand_addr=0xe491}, {0x2, 0x4e20}, {0x2, 0x4e24, @broadcast}, 0x4, 0x100000001, 0x2, 0x2, 0x3, 0x0, 0x0, 0x5d07e887, 0x5}) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x4000, 0x0) ioctl$RTC_WKALM_RD(r2, 0x80287010, &(0x7f0000000440)) syz_open_pts(r0, 0x2000) getsockname$unix(r4, &(0x7f0000000600)=@abs, &(0x7f00000003c0)=0x6e) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/net/pfkey\x00', 0x101200, 0x0) rename(&(0x7f0000000280)='./file0\x00', &(0x7f0000000340)='./file0\x00') lstat(&(0x7f00000006c0)='./file0/file0\x00', &(0x7f0000000a80)) syz_mount_image$btrfs(&(0x7f00000005c0)='btrfs\x00', 0x0, 0x80, 0x1, &(0x7f0000000a00)=[{&(0x7f0000000900), 0x0, 0x3f}], 0x800000, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x10000014c) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100)={0x20}, &(0x7f0000000140)={0x8}, &(0x7f0000000200)={0x0, r5+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000400)=0xfffffffffffffeb2) 06:11:54 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x2803, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:54 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:54 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:54 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="a96465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:54 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465d72f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:54 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 408.414162] FAULT_FLAG_ALLOW_RETRY missing 70 [ 408.418988] FAULT_FLAG_ALLOW_RETRY missing 70 [ 408.430591] CPU: 1 PID: 18839 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 408.439198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.448557] Call Trace: [ 408.451177] dump_stack+0x244/0x39d [ 408.454826] ? dump_stack_print_info.cold.1+0x20/0x20 [ 408.460046] handle_userfault.cold.30+0x47/0x62 [ 408.465249] ? userfaultfd_ioctl+0x5610/0x5610 [ 408.469846] ? mark_held_locks+0x130/0x130 [ 408.474103] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 408.479133] ? futex_wait_setup+0x266/0x3e0 [ 408.483481] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 408.488690] ? userfaultfd_ctx_put+0x830/0x830 [ 408.493290] ? print_usage_bug+0xc0/0xc0 [ 408.497357] ? print_usage_bug+0xc0/0xc0 [ 408.497377] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 408.497393] ? print_usage_bug+0xc0/0xc0 [ 408.497409] ? graph_lock+0x270/0x270 [ 408.497423] ? futex_wake+0x304/0x760 [ 408.497449] ? find_held_lock+0x36/0x1c0 [ 408.506690] ? __handle_mm_fault+0x4d19/0x5b70 [ 408.506708] ? lock_downgrade+0x900/0x900 [ 408.506731] ? kasan_check_read+0x11/0x20 [ 408.506745] ? do_raw_spin_unlock+0xa7/0x330 [ 408.506758] ? do_raw_spin_trylock+0x270/0x270 [ 408.506772] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 408.506797] __handle_mm_fault+0x4d26/0x5b70 [ 408.554589] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 408.559448] ? graph_lock+0x270/0x270 06:11:54 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 408.563745] ? kasan_check_read+0x11/0x20 [ 408.567905] ? graph_lock+0x270/0x270 [ 408.571714] ? rcu_read_unlock_special+0x370/0x370 [ 408.576657] ? graph_lock+0x270/0x270 [ 408.580464] ? graph_lock+0x270/0x270 [ 408.584275] ? find_held_lock+0x36/0x1c0 [ 408.588347] ? find_held_lock+0x36/0x1c0 [ 408.592429] ? handle_mm_fault+0x42a/0xc70 [ 408.596674] ? lock_downgrade+0x900/0x900 [ 408.600833] ? check_preemption_disabled+0x48/0x280 [ 408.605861] ? kasan_check_read+0x11/0x20 [ 408.610019] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 408.615305] ? rcu_read_unlock_special+0x370/0x370 [ 408.620253] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.626107] ? check_preemption_disabled+0x48/0x280 [ 408.631144] handle_mm_fault+0x54f/0xc70 [ 408.635219] ? __handle_mm_fault+0x5b70/0x5b70 [ 408.639810] ? find_vma+0x34/0x190 [ 408.643360] __do_page_fault+0x5f6/0xd70 [ 408.647428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.652980] do_page_fault+0xf2/0x7e0 [ 408.656789] ? vmalloc_sync_all+0x30/0x30 [ 408.661463] ? error_entry+0x70/0xd0 [ 408.665188] ? trace_hardirqs_off_caller+0xbb/0x310 [ 408.670212] ? trace_hardirqs_on_caller+0xc0/0x310 [ 408.675148] ? syscall_return_slowpath+0x5e0/0x5e0 [ 408.680093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.684945] ? trace_hardirqs_on_caller+0x310/0x310 [ 408.689969] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 408.695434] ? prepare_exit_to_usermode+0x291/0x3b0 [ 408.700460] ? page_fault+0x8/0x30 [ 408.704008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.708862] ? page_fault+0x8/0x30 [ 408.712412] page_fault+0x1e/0x30 [ 408.715869] RIP: 0033:0x4510a0 [ 408.719072] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 408.738069] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 408.743439] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 408.750799] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 408.758078] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:11:54 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x20000000002400, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000100)={0x1, 0x70, 0x5, 0x8, 0x5, 0x80000000, 0x0, 0x2d2, 0x820c0, 0x8, 0x7, 0x8, 0x4, 0x6, 0x40, 0xffffffffffffffff, 0x80000001, 0x44, 0x3, 0xffff, 0x100000000, 0x1000, 0x80000000, 0x20, 0x6, 0x4, 0x8, 0xffff, 0x2, 0x2, 0x6ae07abd, 0xa76, 0xe2, 0x5, 0x8, 0x4ac4, 0x3, 0x4690, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000040), 0x4}, 0x1c2c3, 0x1, 0x5, 0x1, 0x8, 0x401, 0x5c}) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 408.765869] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 408.773231] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 408.800682] CPU: 1 PID: 18845 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 408.809300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.818657] Call Trace: [ 408.821255] dump_stack+0x244/0x39d [ 408.824893] ? dump_stack_print_info.cold.1+0x20/0x20 [ 408.830102] handle_userfault.cold.30+0x47/0x62 [ 408.834804] ? userfaultfd_ioctl+0x5610/0x5610 [ 408.839395] ? mark_held_locks+0x130/0x130 [ 408.843648] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 408.848688] ? futex_wait_setup+0x266/0x3e0 [ 408.853043] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 408.858248] ? userfaultfd_ctx_put+0x830/0x830 [ 408.863359] ? print_usage_bug+0xc0/0xc0 [ 408.867431] ? print_usage_bug+0xc0/0xc0 [ 408.871507] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 408.876711] ? print_usage_bug+0xc0/0xc0 [ 408.880784] ? graph_lock+0x270/0x270 [ 408.884612] ? futex_wake+0x304/0x760 [ 408.888439] ? find_held_lock+0x36/0x1c0 [ 408.892518] ? __handle_mm_fault+0x4d19/0x5b70 [ 408.897132] ? lock_downgrade+0x900/0x900 [ 408.901295] ? kasan_check_read+0x11/0x20 [ 408.905447] ? do_raw_spin_unlock+0xa7/0x330 [ 408.909867] ? do_raw_spin_trylock+0x270/0x270 [ 408.914461] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 408.920105] __handle_mm_fault+0x4d26/0x5b70 [ 408.924535] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 408.929390] ? graph_lock+0x270/0x270 [ 408.933218] ? kasan_check_read+0x11/0x20 [ 408.933235] ? graph_lock+0x270/0x270 [ 408.933252] ? rcu_read_unlock_special+0x370/0x370 [ 408.933279] ? graph_lock+0x270/0x270 [ 408.933294] ? graph_lock+0x270/0x270 [ 408.933309] ? find_held_lock+0x36/0x1c0 [ 408.933330] ? find_held_lock+0x36/0x1c0 [ 408.933356] ? handle_mm_fault+0x42a/0xc70 [ 408.933373] ? lock_downgrade+0x900/0x900 06:11:54 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020006"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'aegis256-generic\x00'}, 0x58) recvmmsg(0xffffffffffffffff, &(0x7f0000003e00)=[{{&(0x7f00000012c0)=@nfc_llcp, 0x80, &(0x7f0000002540)=[{&(0x7f0000000180)=""/4, 0x4}, {&(0x7f0000000000)=""/103, 0x67}], 0x2, &(0x7f00000025c0)=""/134, 0xff5b}}], 0x1, 0x40000000, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="71e67a111fde54fe46b904832c8fff73d41196c3cdf8311cfc093a52a7d10000", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000003b80)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000003c0)="e054c4ad1f4f0249c5229a656302a0bcd343edc79a91c7fbf60ff87bdff39efc1515628e108ca8a51572ee9309e811a3d3553f8579a1d294efd49416c5cf607b", 0x40}], 0x1, &(0x7f00000000c0)}, 0x0) recvmmsg(r1, &(0x7f0000002480), 0x871, 0x0, &(0x7f00000001c0)={0x77359400}) 06:11:54 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200fe"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 408.933391] ? check_preemption_disabled+0x48/0x280 [ 408.933412] ? kasan_check_read+0x11/0x20 [ 408.933427] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 408.933445] ? rcu_read_unlock_special+0x370/0x370 06:11:54 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) stat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000500)={0x0, 0x0}, &(0x7f0000000540)=0xc) stat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$iso9660(&(0x7f0000000240)='iso9660\x00', &(0x7f0000000280)='./file0\x00', 0x80, 0x3, &(0x7f00000003c0)=[{&(0x7f00000002c0)="167a5dec6cadb766adb944fdd614dc11054826e0e5f07e657242190604fe1be02931a7bf873e4f8ff495ceb1e35db314931f155eaa7eada5faf415abd0898c9ba0f6539cc4b9b0918de9", 0x4a, 0x4fe2}, {&(0x7f0000000340)="87988ceeae2ff4ab863877cff8dee7fb50e134018a6c4512389611863ad9b29ad4be5d65dd7e8efbd7fa79", 0x2b, 0x6}, {&(0x7f0000000380)="4f33428f110bd1dc8cece433517c657ec7", 0x11, 0x1}], 0x20001, &(0x7f0000000640)={[{@unhide='unhide'}, {@unhide='unhide'}, {@mode={'mode', 0x3d, 0x80}}, {@nocompress='nocompress'}, {@check_strict='check=strict'}, {@norock='norock'}], [{@hash='hash'}, {@appraise_type='appraise_type=imasig'}, {@euid_gt={'euid>', r1}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@uid_lt={'uid<', r2}}, {@euid_eq={'euid', 0x3d, r3}}]}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r4 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x9, 0x20, 0x2, 0x2}, &(0x7f0000000040)=0x18) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000140)={r5, @in6={{0xa, 0x4e20, 0xd08, @remote, 0x5}}, 0x7, 0x7}, &(0x7f0000000200)=0x90) [ 408.933463] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.933480] ? check_preemption_disabled+0x48/0x280 06:11:54 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 408.933503] handle_mm_fault+0x54f/0xc70 06:11:54 executing program 5: r0 = syz_open_dev$amidi(&(0x7f0000000300)='/dev/amidi#\x00', 0x6, 0x400000) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000340)={0x0, 0x81}, &(0x7f0000000380)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000003c0)={r1, 0xffffffff80000001}, &(0x7f0000000400)=0x8) r2 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x2, 0x200) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000180)={0x0, 0x100000000}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000280)={0x3, 0x1, 0x2, 0x8, 0xfffffffffffffffb, 0x2, 0x80, 0x8d5, r3}, &(0x7f00000002c0)=0x20) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$VIDIOC_ENUMSTD(r4, 0xc0485619, &(0x7f0000000000)={0x4, 0x320007, "844488817cfe403597114c64cf1b18a7a312f30d59c74571", {0x8, 0x9}, 0x8}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0x40085112, &(0x7f0000000200)={{0xfffffffe}}) shutdown(r4, 0x1) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r4, 0x84, 0x74, &(0x7f0000000440)=""/71, &(0x7f0000000100)=0xffd6) [ 408.933531] ? __handle_mm_fault+0x5b70/0x5b70 06:11:55 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 408.933549] ? find_vma+0x34/0x190 [ 408.933571] __do_page_fault+0x5f6/0xd70 [ 408.933587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.933611] do_page_fault+0xf2/0x7e0 [ 408.933628] ? vmalloc_sync_all+0x30/0x30 [ 408.933645] ? error_entry+0x70/0xd0 [ 408.933663] ? trace_hardirqs_off_caller+0xbb/0x310 [ 408.933678] ? trace_hardirqs_on_caller+0xc0/0x310 [ 408.933696] ? syscall_return_slowpath+0x5e0/0x5e0 [ 408.933711] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.933728] ? trace_hardirqs_on_caller+0x310/0x310 [ 408.933744] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 408.933761] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 408.933778] ? prepare_exit_to_usermode+0x291/0x3b0 [ 408.933793] ? page_fault+0x8/0x30 [ 408.933812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.933831] ? page_fault+0x8/0x30 [ 408.933847] page_fault+0x1e/0x30 [ 408.933860] RIP: 0033:0x4510a0 [ 408.933875] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 408.933884] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 408.933896] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e 06:11:55 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="826465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:55 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:55 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:55 executing program 5: clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) clock_nanosleep(0x8, 0x0, &(0x7f00000002c0)={0x0, r0+10000000}, &(0x7f00000000c0)) timer_create(0x0, &(0x7f0000044000)={0x0, 0x1000000000012, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$EVIOCGABS2F(r1, 0x8018456f, &(0x7f0000000040)=""/100) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(0x0, 0x1004000000016) 06:11:55 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020005"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:55 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/devQinput/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 408.933906] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 408.933915] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 408.933925] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 408.933934] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 409.024430] dns_resolver: Unsupported server list version (0) 06:11:55 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 409.614435] Unknown ioctl -2145893009 [ 409.621588] FAULT_FLAG_ALLOW_RETRY missing 70 [ 409.629056] CPU: 0 PID: 18924 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 409.637653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.647007] Call Trace: [ 409.649614] dump_stack+0x244/0x39d [ 409.653253] ? dump_stack_print_info.cold.1+0x20/0x20 [ 409.658476] handle_userfault.cold.30+0x47/0x62 [ 409.663198] ? userfaultfd_ioctl+0x5610/0x5610 [ 409.667790] ? mark_held_locks+0x130/0x130 [ 409.672041] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 409.677066] ? futex_wait_setup+0x266/0x3e0 [ 409.681429] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 409.686646] ? userfaultfd_ctx_put+0x830/0x830 [ 409.691264] ? print_usage_bug+0xc0/0xc0 [ 409.695332] ? print_usage_bug+0xc0/0xc0 [ 409.699407] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 409.704607] ? print_usage_bug+0xc0/0xc0 [ 409.708680] ? graph_lock+0x270/0x270 [ 409.712504] ? futex_wake+0x304/0x760 [ 409.716327] ? find_held_lock+0x36/0x1c0 [ 409.720405] ? __handle_mm_fault+0x4d19/0x5b70 [ 409.724997] ? lock_downgrade+0x900/0x900 [ 409.729165] ? kasan_check_read+0x11/0x20 [ 409.733318] ? do_raw_spin_unlock+0xa7/0x330 [ 409.733335] ? do_raw_spin_trylock+0x270/0x270 [ 409.733356] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 409.733385] __handle_mm_fault+0x4d26/0x5b70 [ 409.733408] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 409.733426] ? graph_lock+0x270/0x270 [ 409.742405] ? kasan_check_read+0x11/0x20 [ 409.742422] ? graph_lock+0x270/0x270 [ 409.742453] ? rcu_read_unlock_special+0x370/0x370 [ 409.742480] ? graph_lock+0x270/0x270 [ 409.742496] ? graph_lock+0x270/0x270 [ 409.781552] ? find_held_lock+0x36/0x1c0 [ 409.785625] ? find_held_lock+0x36/0x1c0 [ 409.789707] ? handle_mm_fault+0x42a/0xc70 [ 409.793951] ? lock_downgrade+0x900/0x900 [ 409.798112] ? check_preemption_disabled+0x48/0x280 [ 409.803145] ? kasan_check_read+0x11/0x20 [ 409.807306] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 06:11:55 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:55 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020002"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:55 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 409.812591] ? rcu_read_unlock_special+0x370/0x370 [ 409.817538] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.823089] ? check_preemption_disabled+0x48/0x280 [ 409.828123] handle_mm_fault+0x54f/0xc70 [ 409.828143] ? __handle_mm_fault+0x5b70/0x5b70 [ 409.836773] ? find_vma+0x34/0x190 [ 409.836798] __do_page_fault+0x5f6/0xd70 [ 409.836821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.849930] do_page_fault+0xf2/0x7e0 [ 409.853756] ? vmalloc_sync_all+0x30/0x30 [ 409.857914] ? error_entry+0x70/0xd0 [ 409.861640] ? trace_hardirqs_off_caller+0xbb/0x310 [ 409.863463] Unknown ioctl -2145893009 [ 409.866664] ? trace_hardirqs_on_caller+0xc0/0x310 [ 409.866680] ? syscall_return_slowpath+0x5e0/0x5e0 [ 409.866699] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.885178] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.890201] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 409.895662] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 409.900693] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.905720] ? page_fault+0x8/0x30 [ 409.909275] ? trace_hardirqs_off_thunk+0x1a/0x1c 06:11:55 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 409.914137] ? page_fault+0x8/0x30 [ 409.917683] page_fault+0x1e/0x30 [ 409.921141] RIP: 0033:0x4510a0 [ 409.924339] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 409.943247] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 409.948614] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 409.955891] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 06:11:55 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 409.963163] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 409.970542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 409.977816] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 409.996620] FAULT_FLAG_ALLOW_RETRY missing 70 [ 410.001189] CPU: 0 PID: 18926 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 410.001200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.001206] Call Trace: [ 410.001231] dump_stack+0x244/0x39d [ 410.001256] ? dump_stack_print_info.cold.1+0x20/0x20 [ 410.001288] handle_userfault.cold.30+0x47/0x62 [ 410.001320] ? userfaultfd_ioctl+0x5610/0x5610 [ 410.001337] ? mark_held_locks+0x130/0x130 [ 410.001353] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 410.001368] ? futex_wait_setup+0x266/0x3e0 [ 410.001398] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 410.001435] ? userfaultfd_ctx_put+0x830/0x830 [ 410.001460] ? print_usage_bug+0xc0/0xc0 [ 410.001489] ? print_usage_bug+0xc0/0xc0 [ 410.001507] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 410.001523] ? print_usage_bug+0xc0/0xc0 [ 410.001541] ? graph_lock+0x270/0x270 [ 410.035507] ? futex_wake+0x304/0x760 [ 410.035542] ? find_held_lock+0x36/0x1c0 [ 410.035568] ? __handle_mm_fault+0x4d19/0x5b70 [ 410.044354] ? lock_downgrade+0x900/0x900 [ 410.044379] ? kasan_check_read+0x11/0x20 [ 410.044395] ? do_raw_spin_unlock+0xa7/0x330 [ 410.044409] ? do_raw_spin_trylock+0x270/0x270 [ 410.044440] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 410.119951] __handle_mm_fault+0x4d26/0x5b70 [ 410.119979] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 410.119999] ? graph_lock+0x270/0x270 [ 410.120019] ? kasan_check_read+0x11/0x20 [ 410.129259] ? graph_lock+0x270/0x270 [ 410.129277] ? rcu_read_unlock_special+0x370/0x370 [ 410.129305] ? graph_lock+0x270/0x270 [ 410.129320] ? graph_lock+0x270/0x270 [ 410.129334] ? find_held_lock+0x36/0x1c0 [ 410.129354] ? find_held_lock+0x36/0x1c0 [ 410.129382] ? handle_mm_fault+0x42a/0xc70 [ 410.165928] ? lock_downgrade+0x900/0x900 [ 410.170093] ? check_preemption_disabled+0x48/0x280 [ 410.175119] ? kasan_check_read+0x11/0x20 [ 410.175137] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 410.175154] ? rcu_read_unlock_special+0x370/0x370 [ 410.175174] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.184579] ? check_preemption_disabled+0x48/0x280 [ 410.184606] handle_mm_fault+0x54f/0xc70 [ 410.184626] ? __handle_mm_fault+0x5b70/0x5b70 [ 410.184643] ? find_vma+0x34/0x190 [ 410.212257] __do_page_fault+0x5f6/0xd70 [ 410.216332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.221892] do_page_fault+0xf2/0x7e0 [ 410.225709] ? vmalloc_sync_all+0x30/0x30 [ 410.229868] ? error_entry+0x70/0xd0 [ 410.233592] ? trace_hardirqs_off_caller+0xbb/0x310 [ 410.238637] ? trace_hardirqs_on_caller+0xc0/0x310 [ 410.238655] ? syscall_return_slowpath+0x5e0/0x5e0 [ 410.238670] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.238688] ? trace_hardirqs_on_caller+0x310/0x310 [ 410.238703] ? __bpf_trace_preemptirq_template+0x30/0x30 06:11:56 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="b46465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:56 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:56 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x28, 0x6, &(0x7f0000000000), 0xfffffffffffffeff) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000040), &(0x7f0000000140)=0x18) syz_open_dev$sndpcmc(&(0x7f0000000240)='/dev/snd/pcmC#D#c\x00', 0x10001, 0x2) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000002c0)) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000180)=ANY=[@ANYBLOB="0500000000000000000001000000000007000000ffffe9ff0200000000000000000012000000000500000000000000080000000000000000000000000000000000000000000000040000000000000000000000000000000180000000004000010000000000000008000000000000000000000000000000000000000000000000040019000000000000000000000000"]) socket$inet6_udplite(0xa, 0x2, 0x88) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x200, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:56 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:56 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 410.238720] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 410.238738] ? prepare_exit_to_usermode+0x291/0x3b0 [ 410.238754] ? page_fault+0x8/0x30 [ 410.238772] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.238790] ? page_fault+0x8/0x30 [ 410.238807] page_fault+0x1e/0x30 [ 410.238820] RIP: 0033:0x4510a0 [ 410.238835] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 410.238844] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 410.238857] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 410.238867] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 410.238877] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 410.238886] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 410.238901] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 410.389054] Option 'D' to dns_resolver key: bad/missing value 06:11:56 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/devVinput/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:56 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:56 executing program 5: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:56 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 410.457897] FAULT_FLAG_ALLOW_RETRY missing 70 [ 410.506410] CPU: 0 PID: 18971 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 410.515051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.524420] Call Trace: [ 410.527024] dump_stack+0x244/0x39d [ 410.530675] ? dump_stack_print_info.cold.1+0x20/0x20 [ 410.535879] ? preempt_schedule+0x4d/0x60 [ 410.540064] handle_userfault.cold.30+0x47/0x62 [ 410.544832] ? userfaultfd_ioctl+0x5610/0x5610 [ 410.544872] ? mark_held_locks+0x130/0x130 06:11:56 executing program 5: creat(&(0x7f0000000080)='.//ile0\x00', 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/file0\x00', 0xfffffdfffffffffc) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e3a66696c65302c776f726b646900002e2f66696c65217668cbb1b632ad1e700e462e3ceb066c8abeb478a3f1368643abbf35da82cc35f0a466453ee3784b9addacaeb736daa2b30dfd658dc308b79425ae666c02f270a145c8f41429540f1ca3d45ab6c5ea33ce2cf919c90a84647eaeb50530f530239cf6d9d5d89158009f5ea600000000"]) syz_init_net_socket$llc(0x1a, 0x20021, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000004c0)="0a5c2d0240316285717070") renameat(r0, &(0x7f0000000240)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 410.553696] ? find_held_lock+0x36/0x1c0 [ 410.557772] ? futex_wake+0x613/0x760 [ 410.561585] ? userfaultfd_ctx_put+0x830/0x830 [ 410.566183] ? kasan_check_read+0x11/0x20 [ 410.570347] ? print_usage_bug+0xc0/0xc0 [ 410.574434] ? do_raw_spin_trylock+0x270/0x270 [ 410.579028] ? print_usage_bug+0xc0/0xc0 [ 410.583113] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 410.588313] ? print_usage_bug+0xc0/0xc0 [ 410.592398] ? graph_lock+0x270/0x270 [ 410.595381] overlayfs: unrecognized mount option "workdi" or missing value [ 410.596225] ? futex_wake+0x304/0x760 [ 410.596258] ? find_held_lock+0x36/0x1c0 [ 410.596286] ? __handle_mm_fault+0x4d19/0x5b70 [ 410.596304] ? lock_downgrade+0x900/0x900 [ 410.596327] ? kasan_check_read+0x11/0x20 [ 410.603977] FAULT_FLAG_ALLOW_RETRY missing 70 [ 410.607140] ? do_raw_spin_unlock+0xa7/0x330 [ 410.607156] ? do_raw_spin_trylock+0x270/0x270 [ 410.607176] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 410.607207] __handle_mm_fault+0x4d26/0x5b70 [ 410.633396] overlayfs: unrecognized mount option "workdi" or missing value 06:11:56 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000004c0)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffe8ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000"]}, 0x108) [ 410.633450] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 410.659870] ? graph_lock+0x270/0x270 [ 410.663685] ? kasan_check_read+0x11/0x20 [ 410.667840] ? graph_lock+0x270/0x270 [ 410.671654] ? rcu_read_unlock_special+0x370/0x370 [ 410.676597] ? graph_lock+0x270/0x270 [ 410.680405] ? graph_lock+0x270/0x270 [ 410.684219] ? find_held_lock+0x36/0x1c0 [ 410.688399] ? find_held_lock+0x36/0x1c0 [ 410.692483] ? handle_mm_fault+0x42a/0xc70 [ 410.696733] ? lock_downgrade+0x900/0x900 [ 410.700891] ? check_preemption_disabled+0x48/0x280 [ 410.705925] ? kasan_check_read+0x11/0x20 [ 410.710088] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 410.715391] ? rcu_read_unlock_special+0x370/0x370 [ 410.715512] kernel msg: ebtables bug: please report to author: bad policy [ 410.720328] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.720362] ? check_preemption_disabled+0x48/0x280 [ 410.720387] handle_mm_fault+0x54f/0xc70 [ 410.720405] ? __handle_mm_fault+0x5b70/0x5b70 [ 410.720422] ? find_vma+0x34/0x190 [ 410.750042] __do_page_fault+0x5f6/0xd70 06:11:56 executing program 5: r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) connect$pptp(r0, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast2}}, 0x1e) connect$pptp(r0, &(0x7f00000000c0), 0x1e) r1 = semget$private(0x0, 0x4, 0x400) semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000100)=[0x200, 0x2]) openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x420080, 0x0) [ 410.754117] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.759758] do_page_fault+0xf2/0x7e0 [ 410.763567] ? vmalloc_sync_all+0x30/0x30 [ 410.767725] ? error_entry+0x70/0xd0 [ 410.771716] ? trace_hardirqs_off_caller+0xbb/0x310 [ 410.776738] ? trace_hardirqs_on_caller+0xc0/0x310 [ 410.781674] ? syscall_return_slowpath+0x5e0/0x5e0 [ 410.786608] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.791700] ? trace_hardirqs_on_caller+0x310/0x310 [ 410.796718] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 410.802178] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 410.807203] ? prepare_exit_to_usermode+0x291/0x3b0 [ 410.812223] ? page_fault+0x8/0x30 [ 410.815767] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.820615] ? page_fault+0x8/0x30 [ 410.824158] page_fault+0x1e/0x30 [ 410.827610] RIP: 0033:0x4510a0 [ 410.830811] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 410.849713] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 410.855077] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 410.862384] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 410.869660] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 410.876930] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 410.884197] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 410.891489] CPU: 1 PID: 18987 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 410.900074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.900079] Call Trace: [ 410.900100] dump_stack+0x244/0x39d [ 410.900119] ? dump_stack_print_info.cold.1+0x20/0x20 [ 410.900138] ? preempt_schedule+0x4d/0x60 [ 410.925017] handle_userfault.cold.30+0x47/0x62 [ 410.929718] ? userfaultfd_ioctl+0x5610/0x5610 [ 410.934314] ? mark_held_locks+0x130/0x130 [ 410.938566] ? find_held_lock+0x36/0x1c0 [ 410.942635] ? futex_wake+0x613/0x760 [ 410.946452] ? userfaultfd_ctx_put+0x830/0x830 [ 410.951048] ? kasan_check_read+0x11/0x20 [ 410.955213] ? print_usage_bug+0xc0/0xc0 [ 410.959278] ? do_raw_spin_trylock+0x270/0x270 [ 410.959296] ? print_usage_bug+0xc0/0xc0 [ 410.959315] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 410.959341] ? print_usage_bug+0xc0/0xc0 [ 410.973161] ? graph_lock+0x270/0x270 [ 410.973177] ? futex_wake+0x304/0x760 [ 410.973203] ? find_held_lock+0x36/0x1c0 [ 410.988860] ? __handle_mm_fault+0x4d19/0x5b70 [ 410.993437] ? lock_downgrade+0x900/0x900 [ 410.997582] ? kasan_check_read+0x11/0x20 [ 411.001717] ? do_raw_spin_unlock+0xa7/0x330 [ 411.006114] ? do_raw_spin_trylock+0x270/0x270 [ 411.010690] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 411.016312] __handle_mm_fault+0x4d26/0x5b70 [ 411.020732] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 411.025564] ? graph_lock+0x270/0x270 [ 411.029358] ? kasan_check_read+0x11/0x20 [ 411.033496] ? graph_lock+0x270/0x270 [ 411.037286] ? rcu_read_unlock_special+0x370/0x370 [ 411.042213] ? graph_lock+0x270/0x270 [ 411.046000] ? graph_lock+0x270/0x270 [ 411.049791] ? find_held_lock+0x36/0x1c0 [ 411.053844] ? find_held_lock+0x36/0x1c0 [ 411.057900] ? handle_mm_fault+0x42a/0xc70 [ 411.062125] ? lock_downgrade+0x900/0x900 [ 411.066776] ? check_preemption_disabled+0x48/0x280 [ 411.071789] ? kasan_check_read+0x11/0x20 [ 411.075925] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 411.081189] ? rcu_read_unlock_special+0x370/0x370 [ 411.086123] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.091665] ? check_preemption_disabled+0x48/0x280 [ 411.096677] handle_mm_fault+0x54f/0xc70 [ 411.100741] ? __handle_mm_fault+0x5b70/0x5b70 [ 411.105320] ? find_vma+0x34/0x190 [ 411.108852] __do_page_fault+0x5f6/0xd70 [ 411.112899] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.118432] do_page_fault+0xf2/0x7e0 [ 411.122221] ? vmalloc_sync_all+0x30/0x30 [ 411.126359] ? error_entry+0x70/0xd0 [ 411.130064] ? trace_hardirqs_off_caller+0xbb/0x310 [ 411.135069] ? trace_hardirqs_on_caller+0xc0/0x310 [ 411.139988] ? syscall_return_slowpath+0x5e0/0x5e0 [ 411.144909] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.149745] ? trace_hardirqs_on_caller+0x310/0x310 [ 411.154747] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 411.160191] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.165636] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.170642] ? page_fault+0x8/0x30 [ 411.174172] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.179005] ? page_fault+0x8/0x30 [ 411.182534] page_fault+0x1e/0x30 [ 411.185971] RIP: 0033:0x4510a0 [ 411.189154] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 411.208041] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 411.213393] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 411.220650] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 411.227911] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 411.235166] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 411.242423] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:57 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="d36465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:57 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:57 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:57 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$sock_bt_bnep_BNEPCONNDEL(r0, 0x400442c9, &(0x7f0000000000)={0x1, @dev={[], 0x1e}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) 06:11:57 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f646576d7696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:57 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/wireless\x00') sendmsg(r0, &(0x7f0000002fc8)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=ANY=[], 0xffffff21}, 0x0) preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000) 06:11:57 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x804, 0x400) connect$inet6(r1, &(0x7f0000000100), 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000180)=0x580, 0x4) sendto$inet6(r2, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000b85fe4)={0xa, 0x4e24, 0x0, @loopback}, 0x1c) setsockopt$inet6_int(r2, 0x29, 0x33, &(0x7f0000001200)=0x8, 0x4) recvmsg(r2, &(0x7f00000000c0)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000000140)=""/36, 0x24}, 0x2000) sendmmsg(r1, &(0x7f00000000c0), 0x182, 0x0) [ 411.462944] dns_resolver_preparse: 42 callbacks suppressed [ 411.462953] Invalid option length (1042293) for dns_resolver key [ 411.497372] FAULT_FLAG_ALLOW_RETRY missing 70 [ 411.501605] Invalid option length (1042293) for dns_resolver key 06:11:57 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000000)={0x7, 0xd6bb}) [ 411.502179] CPU: 0 PID: 19016 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 411.516657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.526009] Call Trace: [ 411.526037] dump_stack+0x244/0x39d [ 411.532237] ? dump_stack_print_info.cold.1+0x20/0x20 [ 411.537463] handle_userfault.cold.30+0x47/0x62 [ 411.542157] ? userfaultfd_ioctl+0x5610/0x5610 [ 411.546746] ? mark_held_locks+0x130/0x130 [ 411.546763] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 411.546777] ? futex_wait_setup+0x266/0x3e0 06:11:57 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200ff"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 411.546802] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 411.565528] ? userfaultfd_ctx_put+0x830/0x830 [ 411.570133] ? print_usage_bug+0xc0/0xc0 [ 411.574210] ? print_usage_bug+0xc0/0xc0 [ 411.578293] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 411.583483] ? print_usage_bug+0xc0/0xc0 [ 411.587542] ? graph_lock+0x270/0x270 [ 411.587557] ? futex_wake+0x304/0x760 [ 411.587584] ? find_held_lock+0x36/0x1c0 [ 411.587608] ? __handle_mm_fault+0x4d19/0x5b70 [ 411.603815] ? lock_downgrade+0x900/0x900 [ 411.607987] ? kasan_check_read+0x11/0x20 [ 411.612144] ? do_raw_spin_unlock+0xa7/0x330 [ 411.616567] ? do_raw_spin_trylock+0x270/0x270 [ 411.621162] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 411.626807] __handle_mm_fault+0x4d26/0x5b70 [ 411.631236] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 411.636108] ? graph_lock+0x270/0x270 [ 411.639921] ? kasan_check_read+0x11/0x20 [ 411.644109] ? graph_lock+0x270/0x270 [ 411.646498] Invalid option length (1042293) for dns_resolver key [ 411.647913] ? rcu_read_unlock_special+0x370/0x370 [ 411.647943] ? graph_lock+0x270/0x270 [ 411.647956] ? graph_lock+0x270/0x270 [ 411.647973] ? find_held_lock+0x36/0x1c0 [ 411.670777] ? find_held_lock+0x36/0x1c0 [ 411.674855] ? handle_mm_fault+0x42a/0xc70 [ 411.679098] ? lock_downgrade+0x900/0x900 [ 411.683248] ? check_preemption_disabled+0x48/0x280 [ 411.688284] ? kasan_check_read+0x11/0x20 [ 411.692422] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 411.697708] ? rcu_read_unlock_special+0x370/0x370 [ 411.702627] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.708154] ? check_preemption_disabled+0x48/0x280 [ 411.713168] handle_mm_fault+0x54f/0xc70 [ 411.717236] ? __handle_mm_fault+0x5b70/0x5b70 [ 411.721817] ? find_vma+0x34/0x190 [ 411.725347] __do_page_fault+0x5f6/0xd70 [ 411.729400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.734930] do_page_fault+0xf2/0x7e0 [ 411.738722] ? vmalloc_sync_all+0x30/0x30 [ 411.742858] ? error_entry+0x70/0xd0 [ 411.746559] ? trace_hardirqs_off_caller+0xbb/0x310 [ 411.751562] ? trace_hardirqs_on_caller+0xc0/0x310 [ 411.756481] ? syscall_return_slowpath+0x5e0/0x5e0 [ 411.761396] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.766228] ? trace_hardirqs_on_caller+0x310/0x310 [ 411.771257] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 411.776707] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.781714] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.786721] ? page_fault+0x8/0x30 [ 411.790262] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.795094] ? page_fault+0x8/0x30 [ 411.798622] page_fault+0x1e/0x30 [ 411.802064] RIP: 0033:0x4510a0 [ 411.805259] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 411.824148] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 411.829495] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 411.836752] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 411.844007] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 411.851267] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 06:11:57 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x200000000000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 411.858524] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 411.876464] FAULT_FLAG_ALLOW_RETRY missing 70 [ 411.881003] CPU: 0 PID: 19023 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 411.881014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.881020] Call Trace: [ 411.881044] dump_stack+0x244/0x39d [ 411.881065] ? dump_stack_print_info.cold.1+0x20/0x20 [ 411.881085] ? preempt_schedule+0x4d/0x60 [ 411.898467] Invalid option length (1042293) for dns_resolver key [ 411.899037] handle_userfault.cold.30+0x47/0x62 [ 411.899070] ? userfaultfd_ioctl+0x5610/0x5610 [ 411.899089] ? mark_held_locks+0x130/0x130 [ 411.910470] ? find_held_lock+0x36/0x1c0 [ 411.910496] ? futex_wake+0x613/0x760 [ 411.910519] ? userfaultfd_ctx_put+0x830/0x830 [ 411.910542] ? kasan_check_read+0x11/0x20 [ 411.916829] Invalid option length (1042293) for dns_resolver key [ 411.920822] ? print_usage_bug+0xc0/0xc0 06:11:57 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) recvfrom$unix(r0, &(0x7f0000000880)=""/4096, 0x1000, 0x2021, 0x0, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) sendmsg$kcm(r0, &(0x7f0000000840)={&(0x7f0000000000)=@in={0x2, 0x4e24, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000140)="79bb87e725a1cd6dcf696d94cd3b0016a18452904d6092aa219aaad3de271aa37b9e92efef2cf9f35e796b865cd61ce6f1fe26e94345953558ff333f0286d7a1cdc2aac35bdfc5d312cdb3f560af2324fbf784beb7a78948800d9d05a8f8bda448b4f061e2e874244c4f9c22a474459fd91ca3fe3c690a0915d7790a7791352779721f2a1087553a05d7a26c9cf85b6d6dbba868f3165e630e76e02c0493efed55008715af289fe919dada8b3ea87b00d46ae6d0661b1fe31d61c275304fe02c5255987e648d", 0xc6}, {&(0x7f0000000240)="26287aae7cf4d68d7e58034eb3478dec9e08e844bb8f05aee3fd67aea5bead81bdc27bbd58726fbee6ed762d59b95caa1c6ab51217a006931ed0df73d56ca560db2d4ae4ebeff8dba5ef34f67c2e0d870c44e83f6fec7fb3866c8e3c036d0479c26642ac076b2d9bca1ad76083ea5534fd2eee19595cb6bf6f0e7196484c8890b90ff2281e443b5aae906716f89134328f9bca632c3b2e199fd93799fb1b6aaf5616", 0xa2}], 0x2, &(0x7f0000000340)=ANY=[@ANYBLOB="880000000000000006000000ff000000cca77423aa3d111e04d8aa44e2cc746ea3f6a22e05cbd9bddf2381423e9f2ed75067c80324535c9d8faf9541aa0882e4f7445ddb8da2dd5bedb6e8f14786405647d3c89867b29fc5eaabfff93b306cf0e2c61a1447431773cacb4c16412dd63280c749dba1ead1dc8972ec50628d7cdf0696cbfba500000060000000000000000b010000080000007803388569933aa74c12de56e786af14fffcc60120b120ea57f76197abcb8cb1b70b8b73a2cc6a9fc8a5e70951d1648d20ce70b0716f72dbfaa59493bc9eade8c2e8411e58a2792deac7d5000000000010010000000000003b01000084c500006bf5f1aa9a1ce33dd725a1491ee4bef7e295b609e365609d9f2468056342ddb26c3026982ba53d045929f5d75ddde9b2a247af59d5633324e153044a3f902f0f44ed1bf0d9182474a2e3f82906a7999b68a27f600812b2fb8b46c77827494e54214e673ccaf2899082fcec559931eb924c4f98d1666bd28ff269773cdd068cbc68e9e768044446436aed3eac496ebd8992f5dcd46c7b33add4ec6342360f578d84f16502afc69cf2bf339b5fea937aabe287c6e828ba6452ddc4c4120f3a7bb6f9afbc03a5933260be3b326f914d3dac90e0fb38a79a54dd3306211fc0402d47fdeb580419f279bed759f52dff7889dea2fb42625d5a697faabcdb0000000000f0000000000000001701000007000000b09407478133991eae78cc4b69c7163f7cbe6a22098d3817bf63e6178c3238f1ed6de18863d8f2e3f6631ffa6d2a05301e006b9cd6fc428a79b3cc7aa733442a983052cf6c5da7f6509e1eb684643c61a9de83950b176e4102472ccfb877f23c44419656a9f3b35562ee2d58e7625835a1e0a6324027c4ad414252792b08a511e19f37668d227aee259095132dca3578b3ea3a0d1b4477232c9cad14381b739a5384159df0889592ace73c19320f0b31ab93361d0e2802c8ee6861cb790e6e6810ac25a65c2bc4af006661f8a8f83411841527d95079b3a9c00878dcf63d6600a8000000000000001f01000001040000d18055a2549b51aad2fbf5628412add55ea2051450165861fbca269cd1aa2c11dc779627f9a21df01610107716f578ce4a08320dee732c01bda76d37e9f0bf58c05d1e53f8d6b3ec898af6db991b12c818601ec33e502a2c524f808ad32b39bcc62aa06ec7847801f2bc940f601e801f9e800325df2afb2c38e4dde2d99cdd53dae466ff5c0d000808ce1f54f01307953afb0a9c0a00000010000000000000003a0000000300000010010000000000003a00000000000000697eb00306e35aed55cd333621eb10bf943f2c74402d2596decadc1517d1e4e7cd35a356fd0294c12d902373a85aed5a3bb7fa9cde7a40f703169de23a32516b694f4961ac3c7a55ee0266859ae8703353fd55b062b89a2ba1c209c017d2611fa0a71feceb822e8891b3f0023f2ecb56b583bc4aaccd12283c66ca266051d317f47ae3a0773d5f729bb3c9978af05b9da6f00cb0be8fcdac7e0e542cafb45a48ba93c63c02e2381698b61380f74f3dcb2b85383ef6757c48c21dfa74543916fd079a7ba2e60bea50cd7221a161a3277abe07fed6775dfcde09a20cb21742bb901ffc6914118ecac0bb6cc9d84ff12cf327c98d7ef6442695a597e0984c28000030000000000000001f010000020000001f021540678c3870ebd84aa563ed57eb64f8a4677d71672d3573d0c86c000000"], 0x4e0}, 0x40) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 411.920838] ? do_raw_spin_trylock+0x270/0x270 [ 411.920855] ? print_usage_bug+0xc0/0xc0 [ 411.920874] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 411.920891] ? print_usage_bug+0xc0/0xc0 [ 411.965654] ? graph_lock+0x270/0x270 [ 411.978930] ? futex_wake+0x304/0x760 [ 411.978962] ? find_held_lock+0x36/0x1c0 [ 411.978992] ? __handle_mm_fault+0x4d19/0x5b70 [ 411.979010] ? lock_downgrade+0x900/0x900 [ 411.979032] ? kasan_check_read+0x11/0x20 [ 412.003452] ? do_raw_spin_unlock+0xa7/0x330 [ 412.007852] ? do_raw_spin_trylock+0x270/0x270 [ 412.012426] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 412.018044] __handle_mm_fault+0x4d26/0x5b70 [ 412.022450] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 412.027284] ? graph_lock+0x270/0x270 [ 412.031075] ? kasan_check_read+0x11/0x20 [ 412.035211] ? graph_lock+0x270/0x270 [ 412.039013] ? rcu_read_unlock_special+0x370/0x370 [ 412.043938] ? graph_lock+0x270/0x270 [ 412.047729] ? graph_lock+0x270/0x270 [ 412.051519] ? find_held_lock+0x36/0x1c0 [ 412.055571] ? find_held_lock+0x36/0x1c0 [ 412.059629] ? handle_mm_fault+0x42a/0xc70 [ 412.063857] ? lock_downgrade+0x900/0x900 [ 412.067997] ? check_preemption_disabled+0x48/0x280 [ 412.073019] ? kasan_check_read+0x11/0x20 [ 412.077155] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 412.082419] ? rcu_read_unlock_special+0x370/0x370 [ 412.087337] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.092873] ? check_preemption_disabled+0x48/0x280 [ 412.097881] handle_mm_fault+0x54f/0xc70 [ 412.101931] ? __handle_mm_fault+0x5b70/0x5b70 [ 412.106503] ? find_vma+0x34/0x190 [ 412.110037] __do_page_fault+0x5f6/0xd70 [ 412.114087] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.119619] do_page_fault+0xf2/0x7e0 [ 412.123407] ? vmalloc_sync_all+0x30/0x30 [ 412.127546] ? error_entry+0x70/0xd0 [ 412.131249] ? trace_hardirqs_off_caller+0xbb/0x310 [ 412.136258] ? trace_hardirqs_on_caller+0xc0/0x310 [ 412.141181] ? syscall_return_slowpath+0x5e0/0x5e0 [ 412.146104] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.150937] ? trace_hardirqs_on_caller+0x310/0x310 [ 412.155942] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 412.161381] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 412.166392] ? prepare_exit_to_usermode+0x291/0x3b0 [ 412.171401] ? page_fault+0x8/0x30 [ 412.174929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.179760] ? page_fault+0x8/0x30 [ 412.183287] page_fault+0x1e/0x30 [ 412.186730] RIP: 0033:0x4510a0 [ 412.189914] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 412.208804] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 412.214150] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 412.221404] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 412.228672] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 412.235929] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 412.243183] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 412.253048] Invalid option length (1042293) for dns_resolver key 06:11:58 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x1, 0x100) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0xffffffff00000000, 0x38000) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x0, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/qat_adf_ctl\x00', 0xc00, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000005040)=[{{&(0x7f0000000280)=@ethernet={0x0, @broadcast}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000300)=""/223, 0xdf}, {&(0x7f0000000400)}], 0x2, &(0x7f0000000480)=""/231, 0xe7}, 0x3}, {{&(0x7f0000000580)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80, &(0x7f0000001a40)=[{&(0x7f0000000600)=""/111, 0x6f}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/119, 0x77}, {&(0x7f0000001700)=""/95, 0x5f}, {&(0x7f0000001780)=""/199, 0xc7}, {&(0x7f0000001880)=""/244, 0xf4}, {&(0x7f0000001980)=""/118, 0x76}, {&(0x7f0000001a00)=""/11, 0xb}], 0x8, &(0x7f0000001ac0)=""/85, 0x55}, 0x7646}, {{&(0x7f0000001b40)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000003d80)=[{&(0x7f0000001bc0)=""/4096, 0x1000}, {&(0x7f0000002bc0)=""/4096, 0x1000}, {&(0x7f0000003bc0)=""/9, 0x9}, {&(0x7f0000003c00)=""/127, 0x7f}, {&(0x7f0000003c80)}, {&(0x7f0000003cc0)=""/148, 0x94}], 0x6, &(0x7f0000003e00)=""/191, 0xbf}, 0x2}, {{&(0x7f0000003ec0)=@nfc_llcp, 0x80, &(0x7f0000004f40)=[{&(0x7f0000003f40)=""/4096, 0x1000}], 0x1, &(0x7f0000004f80)=""/134, 0x86}, 0xfffffffffffffe00}], 0x4, 0x23, &(0x7f0000005140)={0x0, 0x989680}) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000000)={r1}) setsockopt$inet_dccp_buf(r3, 0x21, 0xe, &(0x7f00000000c0)="a48c5748478f45a9eaeea4861be29b9798069119ae5c08b58de9be35d0a7eaab4af23bd13bfb83d5d90276184629378bebd58963761b5cf6c1a810ffadca530ed68550d53646a5559e376bb2354b0a6131f500a4bd7f2a4a02e575afbb57b2a3fbee5df1c687808e27b8b86148bca7bb2d27a0f25892e30562852a1b9fb36e17882b0a1de6add19fa0ae5e6d553ce62441c60ce237d5de92836e4d9232e5008850661f5f5aa72ce9d6835527b50aaa3a22e6eeb09c6fed3b6604cf182a2c065018c643aec81db403646b176583dc303fa183da95b8deeac6b5759903d0d0cffb3c935dc9575fdd9ae4e240", 0xeb) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc4c85512, &(0x7f0000000400)={0x24, 0xf3}) [ 412.291489] Invalid option length (1042293) for dns_resolver key [ 412.367431] Invalid option length (1042293) for dns_resolver key 06:11:58 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c36465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:58 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/%nput/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:58 executing program 5: r0 = socket$inet6(0xa, 0x803, 0x7) r1 = dup3(r0, r0, 0x80000) bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfe}, 0xfffffffffffffe99) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000140)={0x84, @rand_addr, 0x0, 0x0, "7368000000d000", 0xffffffffffffffff, 0x8, 0x2}, 0x2c) 06:11:58 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x2, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) getsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000140), &(0x7f0000000180)=0x4) recvfrom$llc(r1, &(0x7f0000000000)=""/62, 0x3e, 0x100, &(0x7f0000000040)={0x1a, 0x102, 0x49f8607e, 0xcfb, 0x8, 0x800}, 0x10) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1) acct(&(0x7f00000001c0)='./file0\x00') 06:11:58 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:58 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0xfeffff00000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 412.415716] Invalid option length (1042293) for dns_resolver key 06:11:58 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000140)="37e123a46c25cff8e762e7f56bc4be51b9388a361ef34f45a80511179080df19ff63fe57e559d3694e28df0f64a08b3b7ab7e90362a891be5c87b469d631c3797acde3b6335c6fd4f12faadc2d8020955f060d3b95ca0246d29cd234cd3d9582ba5756cd2c928107587403f36917310d446da07e046a6e4fe5b581baaf1e0d88e36f1b251fd26a1b70730627c15fb18083f7f0124531c33240950d7ca94c0edc769d4a93eae81c54c9633a6158ebb21cdb45f90ce1d5ebc5fd283c7bba8ac24fcf174fdeb078fffa9d2bba6704616a334902b066fd655abc08eb976071b82190ba03fd21456c5d3d4adc9ef8d7bb7cd8b618fef3118418fdce62a0cd2a5b0644e3632e6a8316b08cf5b41aee602996e6dc831df22713654440343962b9f6c493e83c0c80e6def28f5cf0c900000000000000000000000000000000", 0x115, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 412.508675] IPVS: ip_vs_svc_hash(): request for already hashed, called from do_ip_vs_set_ctl+0x1b25/0x1d70 [ 412.516677] Invalid option length (1042293) for dns_resolver key [ 412.579754] FAULT_FLAG_ALLOW_RETRY missing 70 06:11:58 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020060"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:58 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x2000004e24, 0x0, @ipv4={[], [], @empty}}, 0x1c) recvmsg(r0, &(0x7f0000000080)={0x0, 0xfffffffffffffed2, 0x0, 0x0, 0x0, 0x79}, 0x40010020) [ 412.601377] CPU: 1 PID: 19070 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 412.610008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.619368] Call Trace: [ 412.619394] dump_stack+0x244/0x39d [ 412.619416] ? dump_stack_print_info.cold.1+0x20/0x20 [ 412.626109] handle_userfault.cold.30+0x47/0x62 [ 412.635955] ? userfaultfd_ioctl+0x5610/0x5610 [ 412.640554] ? mark_held_locks+0x130/0x130 [ 412.644805] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 412.649836] ? futex_wait_setup+0x266/0x3e0 [ 412.654199] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 412.659411] ? userfaultfd_ctx_put+0x830/0x830 [ 412.664522] ? print_usage_bug+0xc0/0xc0 [ 412.668607] ? print_usage_bug+0xc0/0xc0 [ 412.672691] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 412.677897] ? print_usage_bug+0xc0/0xc0 [ 412.681983] ? graph_lock+0x270/0x270 [ 412.685796] ? futex_wake+0x304/0x760 [ 412.689624] ? find_held_lock+0x36/0x1c0 [ 412.693714] ? __handle_mm_fault+0x4d19/0x5b70 06:11:58 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x1000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 412.698322] ? lock_downgrade+0x900/0x900 [ 412.702496] ? kasan_check_read+0x11/0x20 [ 412.706654] ? do_raw_spin_unlock+0xa7/0x330 [ 412.711077] ? do_raw_spin_trylock+0x270/0x270 [ 412.715681] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 412.721334] __handle_mm_fault+0x4d26/0x5b70 [ 412.725770] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 412.730633] ? graph_lock+0x270/0x270 [ 412.734449] ? kasan_check_read+0x11/0x20 [ 412.738597] ? graph_lock+0x270/0x270 [ 412.738613] ? rcu_read_unlock_special+0x370/0x370 [ 412.738637] ? graph_lock+0x270/0x270 06:11:58 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:58 executing program 5: mkdir(&(0x7f0000000040)='./file0\x00', 0x7c) lsetxattr$system_posix_acl(&(0x7f0000000440)='./file0\x00', &(0x7f00000004c0)='system.posix_acl_default\x00', &(0x7f0000000e00)={{}, {}, [{0x2, 0x2}, {0x2, 0x3}, {0x2, 0x4}, {0x2, 0x6}, {}], {0x4, 0x1}, [{0x8, 0x2}], {}, {0x20, 0x1}}, 0x54, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f00000000c0)={0x0, 0xfb, 0xb0, 0x0, 0x0, "6c7c47b627601c72b66fb5140929dcbd", "89f31e6c1e4e8b6f78712c856fa378eaf45446c222a5e7d98bd8f0b34fb5ad57aa1c0261929be9ac6fdafb698ea16f83f8a4cdc84d1725e2132843c94f19f0650abcc3b28d6f84b1e1c5b6b03f4a33ac179d779d2f2c4a59aee4ed94c0c507dfe297933cd18f6239eac654a882b0808102336fb027d58326a1990d781ba7990849eefd5fc531760581286560e2baa8732cdfe24cc9f03a46763e70"}, 0xb0, 0x0) mkdir(&(0x7f0000000200)='./file0/file0\x00', 0x21) lsetxattr$trusted_overlay_opaque(&(0x7f0000000340)='./file0\x00', &(0x7f0000000300)='trusted.overlay.opaque\x00', &(0x7f0000000280)='y\x00', 0xfd6f, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x2, 0x0) connect$unix(r0, &(0x7f0000000380)=@file={0x1, './file0/file0\x00'}, 0x6e) [ 412.738650] ? graph_lock+0x270/0x270 [ 412.738668] ? find_held_lock+0x36/0x1c0 [ 412.738686] ? find_held_lock+0x36/0x1c0 [ 412.738709] ? handle_mm_fault+0x42a/0xc70 [ 412.768040] ? lock_downgrade+0x900/0x900 [ 412.772201] ? check_preemption_disabled+0x48/0x280 [ 412.772228] ? kasan_check_read+0x11/0x20 [ 412.781392] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 412.786696] ? rcu_read_unlock_special+0x370/0x370 [ 412.792143] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.797713] ? check_preemption_disabled+0x48/0x280 [ 412.797736] handle_mm_fault+0x54f/0xc70 [ 412.797755] ? __handle_mm_fault+0x5b70/0x5b70 [ 412.797772] ? find_vma+0x34/0x190 [ 412.797793] __do_page_fault+0x5f6/0xd70 [ 412.797809] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.797831] do_page_fault+0xf2/0x7e0 [ 412.828395] ? vmalloc_sync_all+0x30/0x30 [ 412.832567] ? error_entry+0x70/0xd0 [ 412.836289] ? trace_hardirqs_off_caller+0xbb/0x310 [ 412.841319] ? trace_hardirqs_on_caller+0xc0/0x310 [ 412.846260] ? syscall_return_slowpath+0x5e0/0x5e0 [ 412.851205] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.856064] ? trace_hardirqs_on_caller+0x310/0x310 [ 412.861097] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 412.867032] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 412.872065] ? prepare_exit_to_usermode+0x291/0x3b0 [ 412.877188] ? page_fault+0x8/0x30 [ 412.880747] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.885606] ? page_fault+0x8/0x30 [ 412.889178] page_fault+0x1e/0x30 [ 412.892639] RIP: 0033:0x4510a0 [ 412.895848] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 412.914753] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 412.914767] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 412.914777] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 412.914787] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 412.914802] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 06:11:58 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c46465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 412.927576] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:11:58 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465762fd76e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:58 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x2000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:58 executing program 5: r0 = socket$packet(0x11, 0x20000000000003, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bond0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r1, 0x2, 0x6}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f0000000040)='bcsf0\x00') ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000180)='bridge_slave_0\x00') 06:11:58 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:58 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 413.048425] handle_userfault: 1 callbacks suppressed [ 413.048434] FAULT_FLAG_ALLOW_RETRY missing 70 [ 413.122732] CPU: 1 PID: 19103 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 413.131372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.140736] Call Trace: [ 413.143349] dump_stack+0x244/0x39d [ 413.146999] ? dump_stack_print_info.cold.1+0x20/0x20 [ 413.147424] FAULT_FLAG_ALLOW_RETRY missing 70 [ 413.152220] handle_userfault.cold.30+0x47/0x62 [ 413.152251] ? userfaultfd_ioctl+0x5610/0x5610 [ 413.166481] ? mark_held_locks+0x130/0x130 [ 413.170740] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 413.175770] ? futex_wait_setup+0x266/0x3e0 [ 413.180126] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 413.185336] ? userfaultfd_ctx_put+0x830/0x830 [ 413.189943] ? print_usage_bug+0xc0/0xc0 [ 413.194018] ? print_usage_bug+0xc0/0xc0 [ 413.198095] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 413.203313] ? print_usage_bug+0xc0/0xc0 [ 413.207390] ? graph_lock+0x270/0x270 [ 413.211198] ? futex_wake+0x304/0x760 [ 413.215021] ? find_held_lock+0x36/0x1c0 06:11:58 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 413.219130] ? __handle_mm_fault+0x4d19/0x5b70 [ 413.223728] ? lock_downgrade+0x900/0x900 [ 413.227897] ? kasan_check_read+0x11/0x20 [ 413.232069] ? do_raw_spin_unlock+0xa7/0x330 [ 413.236504] ? do_raw_spin_trylock+0x270/0x270 [ 413.241111] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 413.246766] __handle_mm_fault+0x4d26/0x5b70 [ 413.251200] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 413.256061] ? graph_lock+0x270/0x270 [ 413.259863] ? kasan_check_read+0x11/0x20 [ 413.264529] ? graph_lock+0x270/0x270 [ 413.264550] ? rcu_read_unlock_special+0x370/0x370 06:11:59 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 413.273293] ? graph_lock+0x270/0x270 [ 413.277118] ? graph_lock+0x270/0x270 [ 413.280926] ? find_held_lock+0x36/0x1c0 [ 413.285004] ? find_held_lock+0x36/0x1c0 [ 413.289091] ? handle_mm_fault+0x42a/0xc70 [ 413.293352] ? lock_downgrade+0x900/0x900 [ 413.297517] ? check_preemption_disabled+0x48/0x280 [ 413.302547] ? kasan_check_read+0x11/0x20 [ 413.302564] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 413.302582] ? rcu_read_unlock_special+0x370/0x370 [ 413.302601] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 413.302625] ? check_preemption_disabled+0x48/0x280 [ 413.322507] handle_mm_fault+0x54f/0xc70 [ 413.331579] ? __handle_mm_fault+0x5b70/0x5b70 [ 413.336181] ? find_vma+0x34/0x190 [ 413.339734] __do_page_fault+0x5f6/0xd70 [ 413.343810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.349368] do_page_fault+0xf2/0x7e0 [ 413.353184] ? vmalloc_sync_all+0x30/0x30 [ 413.357347] ? error_entry+0x70/0xd0 [ 413.361081] ? trace_hardirqs_off_caller+0xbb/0x310 [ 413.366632] ? trace_hardirqs_on_caller+0xc0/0x310 [ 413.371573] ? syscall_return_slowpath+0x5e0/0x5e0 [ 413.376533] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.381392] ? trace_hardirqs_on_caller+0x310/0x310 [ 413.386428] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 413.391887] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 413.396917] ? prepare_exit_to_usermode+0x291/0x3b0 [ 413.401950] ? page_fault+0x8/0x30 [ 413.405502] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.410362] ? page_fault+0x8/0x30 [ 413.413919] page_fault+0x1e/0x30 [ 413.417383] RIP: 0033:0x4510a0 [ 413.420587] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 413.439507] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 413.444885] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 413.452176] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 413.459456] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 413.467213] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 06:11:59 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 413.474497] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 413.484493] CPU: 1 PID: 19120 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 413.493118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.502474] Call Trace: [ 413.505070] dump_stack+0x244/0x39d [ 413.508729] ? dump_stack_print_info.cold.1+0x20/0x20 [ 413.513947] handle_userfault.cold.30+0x47/0x62 [ 413.518649] ? userfaultfd_ioctl+0x5610/0x5610 06:11:59 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0x40184152, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f00000000c0)={0x8, 0x6, 0x6}) 06:11:59 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_dccp_buf(r0, 0x21, 0x8f, &(0x7f0000000140)=""/237, &(0x7f0000000000)=0xed) socket$nl_crypto(0x10, 0x3, 0x15) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000040)=0x10001, 0x4) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0) [ 413.523247] ? mark_held_locks+0x130/0x130 [ 413.527499] ? find_held_lock+0x36/0x1c0 [ 413.531581] ? futex_wake+0x613/0x760 [ 413.535409] ? userfaultfd_ctx_put+0x830/0x830 [ 413.540007] ? kasan_check_read+0x11/0x20 [ 413.544159] ? print_usage_bug+0xc0/0xc0 [ 413.544173] ? do_raw_spin_trylock+0x270/0x270 [ 413.544189] ? print_usage_bug+0xc0/0xc0 [ 413.544209] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 413.544225] ? print_usage_bug+0xc0/0xc0 [ 413.544243] ? graph_lock+0x270/0x270 [ 413.544258] ? futex_wake+0x304/0x760 [ 413.544297] ? find_held_lock+0x36/0x1c0 [ 413.562306] ? __handle_mm_fault+0x4d19/0x5b70 [ 413.562327] ? lock_downgrade+0x900/0x900 [ 413.562352] ? kasan_check_read+0x11/0x20 [ 413.562370] ? do_raw_spin_unlock+0xa7/0x330 [ 413.595331] ? do_raw_spin_trylock+0x270/0x270 [ 413.599942] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 413.605606] __handle_mm_fault+0x4d26/0x5b70 [ 413.610048] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 413.614928] ? graph_lock+0x270/0x270 [ 413.618755] ? kasan_check_read+0x11/0x20 [ 413.622928] ? graph_lock+0x270/0x270 [ 413.626749] ? rcu_read_unlock_special+0x370/0x370 [ 413.631722] ? graph_lock+0x270/0x270 [ 413.635545] ? graph_lock+0x270/0x270 [ 413.639367] ? find_held_lock+0x36/0x1c0 [ 413.643454] ? find_held_lock+0x36/0x1c0 [ 413.647542] ? handle_mm_fault+0x42a/0xc70 [ 413.651805] ? lock_downgrade+0x900/0x900 [ 413.655969] ? check_preemption_disabled+0x48/0x280 [ 413.661004] ? kasan_check_read+0x11/0x20 [ 413.665643] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 06:11:59 executing program 5: utimes(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={{}, {0x0, 0x7530}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000080)=""/104) kexec_load(0x0, 0xf, &(0x7f0000000180), 0x0) [ 413.670963] ? rcu_read_unlock_special+0x370/0x370 [ 413.670984] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 413.671004] ? check_preemption_disabled+0x48/0x280 [ 413.686475] handle_mm_fault+0x54f/0xc70 [ 413.690563] ? __handle_mm_fault+0x5b70/0x5b70 [ 413.695191] ? find_vma+0x34/0x190 [ 413.698751] __do_page_fault+0x5f6/0xd70 [ 413.702816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.702840] do_page_fault+0xf2/0x7e0 [ 413.712164] ? vmalloc_sync_all+0x30/0x30 [ 413.716322] ? error_entry+0x70/0xd0 [ 413.720042] ? trace_hardirqs_off_caller+0xbb/0x310 [ 413.720067] ? trace_hardirqs_on_caller+0xc0/0x310 [ 413.720084] ? syscall_return_slowpath+0x5e0/0x5e0 [ 413.720101] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.720118] ? trace_hardirqs_on_caller+0x310/0x310 [ 413.720135] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 413.750296] ? prepare_exit_to_usermode+0x291/0x3b0 [ 413.750315] ? page_fault+0x8/0x30 [ 413.750335] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.750353] ? page_fault+0x8/0x30 [ 413.750370] page_fault+0x1e/0x30 [ 413.750383] RIP: 0033:0x4510a0 [ 413.750399] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 06:11:59 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="846465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:59 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0xfeffff}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:59 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:11:59 executing program 3: openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x4000, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000a00)) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) sendmsg$netlink(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000019000), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r3, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="0000000010000000000000002fafdead01000000"], 0x40}, 0x0) 06:11:59 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465762f69d77075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:11:59 executing program 5: r0 = memfd_create(&(0x7f0000000400)="e83779d80efa45bb7f48bebc95870bd0cd39bd2830ee47afe7b33fc778bde252c50d2e", 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, "7175657565310000000000000000313b0000000000000000000000000000000000000000060000000000ccbf7ddd00"}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, "7175657565318000000000000000000000000000000000000000000000000000000000000000000000000000000000576c00"}) ioctl$VIDIOC_S_CROP(r2, 0x4014563c, &(0x7f00000000c0)={0x8, {0x100000001, 0x700000}}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f0000000040)={0x2, 0x7, 0x20}) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) [ 413.750407] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 413.750419] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 413.750429] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 413.750438] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 413.750447] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 413.750457] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 414.076579] FAULT_FLAG_ALLOW_RETRY missing 70 [ 414.084866] CPU: 1 PID: 19157 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 414.093481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.102852] Call Trace: [ 414.105455] dump_stack+0x244/0x39d [ 414.109109] ? dump_stack_print_info.cold.1+0x20/0x20 [ 414.114319] ? preempt_schedule+0x4d/0x60 [ 414.118493] handle_userfault.cold.30+0x47/0x62 [ 414.123205] ? userfaultfd_ioctl+0x5610/0x5610 [ 414.127810] ? mark_held_locks+0x130/0x130 [ 414.132067] ? find_held_lock+0x36/0x1c0 [ 414.136157] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.141720] ? check_preemption_disabled+0x48/0x280 [ 414.146762] ? debug_smp_processor_id+0x1c/0x20 [ 414.151427] ? perf_trace_lock_acquire+0x15b/0x800 [ 414.156351] ? kasan_check_read+0x11/0x20 [ 414.160520] ? perf_trace_lock+0x7a0/0x7a0 [ 414.165269] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 414.170452] ? print_usage_bug+0xc0/0xc0 [ 414.174509] ? graph_lock+0x270/0x270 [ 414.178304] ? futex_wake+0x304/0x760 [ 414.182111] ? find_held_lock+0x36/0x1c0 [ 414.186176] ? __handle_mm_fault+0x4d19/0x5b70 [ 414.190754] ? lock_downgrade+0x900/0x900 [ 414.194906] ? kasan_check_read+0x11/0x20 [ 414.199047] ? do_raw_spin_unlock+0xa7/0x330 [ 414.203448] ? do_raw_spin_trylock+0x270/0x270 [ 414.208033] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 414.213660] __handle_mm_fault+0x4d26/0x5b70 [ 414.218070] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 414.222913] ? perf_trace_lock+0x7a0/0x7a0 [ 414.227157] ? graph_lock+0x270/0x270 [ 414.230950] ? graph_lock+0x270/0x270 [ 414.234748] ? find_held_lock+0x36/0x1c0 [ 414.238815] ? handle_mm_fault+0x42a/0xc70 [ 414.243048] ? lock_downgrade+0x900/0x900 [ 414.247192] ? check_preemption_disabled+0x48/0x280 [ 414.252207] ? kasan_check_read+0x11/0x20 [ 414.256352] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 414.261622] ? rcu_read_unlock_special+0x370/0x370 [ 414.267048] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.272583] ? check_preemption_disabled+0x48/0x280 [ 414.277600] handle_mm_fault+0x54f/0xc70 [ 414.281660] ? __handle_mm_fault+0x5b70/0x5b70 [ 414.286240] ? find_vma+0x34/0x190 [ 414.289788] __do_page_fault+0x5f6/0xd70 [ 414.293847] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.299493] do_page_fault+0xf2/0x7e0 [ 414.303292] ? vmalloc_sync_all+0x30/0x30 [ 414.307434] ? error_entry+0x70/0xd0 [ 414.311146] ? trace_hardirqs_off_caller+0xbb/0x310 [ 414.316177] ? trace_hardirqs_on_caller+0xc0/0x310 [ 414.321100] ? syscall_return_slowpath+0x5e0/0x5e0 [ 414.326026] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.330866] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.335886] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 414.341330] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 414.346341] ? prepare_exit_to_usermode+0x291/0x3b0 [ 414.351354] ? page_fault+0x8/0x30 [ 414.354890] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.359734] ? page_fault+0x8/0x30 [ 414.363271] page_fault+0x1e/0x30 [ 414.367224] RIP: 0033:0x4510a0 [ 414.370418] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 414.389324] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 414.394680] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 414.401942] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 414.409202] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 414.416462] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 06:12:00 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:00 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x2}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 414.423733] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:00 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xe, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d030100000000009500000000006706000002000000bf25000000000000720ae3ff0e0000001f65000000000000bf540000000000000704000004faff00084301000000000095000000000000005d54000000000000bf250000000000000f65000000000000070500000e000000bf540000000000000704000000000095000000000000006154000000000000bf02000000000000070500000e0000001f65000000000300072be4319e6e06050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095fbffffffffffff4c54000000000000bd000000000000009500"], 0x0}, 0x48) openat$random(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0x42081, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x400000, 0x0) getpeername$inet6(r0, &(0x7f0000000100), &(0x7f0000000140)=0x1c) [ 414.500281] FAULT_FLAG_ALLOW_RETRY missing 70 [ 414.505062] CPU: 1 PID: 19172 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 414.513653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.523019] Call Trace: [ 414.525631] dump_stack+0x244/0x39d [ 414.529286] ? dump_stack_print_info.cold.1+0x20/0x20 [ 414.534507] ? preempt_schedule+0x4d/0x60 [ 414.538684] handle_userfault.cold.30+0x47/0x62 [ 414.543405] ? userfaultfd_ioctl+0x5610/0x5610 06:12:00 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0xfffffe00}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 414.548012] ? mark_held_locks+0x130/0x130 [ 414.552266] ? find_held_lock+0x36/0x1c0 [ 414.556340] ? futex_wake+0x613/0x760 [ 414.560156] ? userfaultfd_ctx_put+0x830/0x830 [ 414.564755] ? kasan_check_read+0x11/0x20 [ 414.569374] ? error_exit+0xb/0x20 [ 414.572948] ? trace_hardirqs_off_caller+0xbb/0x310 [ 414.572966] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.572991] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.573009] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 414.573026] ? print_usage_bug+0xc0/0xc0 [ 414.573044] ? graph_lock+0x270/0x270 [ 414.573065] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.573084] ? native_iret+0x7/0x7 [ 414.573107] ? find_held_lock+0x36/0x1c0 [ 414.573134] ? __handle_mm_fault+0x4d19/0x5b70 [ 414.573153] ? lock_downgrade+0x900/0x900 [ 414.573179] ? kasan_check_read+0x11/0x20 [ 414.573194] ? do_raw_spin_unlock+0xa7/0x330 [ 414.573209] ? do_raw_spin_trylock+0x270/0x270 [ 414.573228] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 414.573256] __handle_mm_fault+0x4d26/0x5b70 [ 414.573269] ? error_exit+0xb/0x20 06:12:00 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x100000000000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 414.573291] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 414.654028] ? error_exit+0xb/0x20 [ 414.657584] ? trace_hardirqs_off_caller+0xbb/0x310 [ 414.662606] ? error_exit+0xb/0x20 [ 414.666758] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.671780] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.676821] ? graph_lock+0x270/0x270 [ 414.676836] ? graph_lock+0x270/0x270 [ 414.676858] ? find_held_lock+0x36/0x1c0 [ 414.688510] ? handle_mm_fault+0x42a/0xc70 [ 414.692759] ? lock_downgrade+0x900/0x900 06:12:00 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="e86465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 414.696920] ? check_preemption_disabled+0x48/0x280 [ 414.701971] ? kasan_check_read+0x11/0x20 [ 414.706134] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 414.711429] ? rcu_read_unlock_special+0x370/0x370 [ 414.716368] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.716387] ? check_preemption_disabled+0x48/0x280 [ 414.716412] handle_mm_fault+0x54f/0xc70 [ 414.716431] ? __handle_mm_fault+0x5b70/0x5b70 [ 414.726981] ? find_vma+0x34/0x190 [ 414.727001] __do_page_fault+0x5f6/0xd70 [ 414.727017] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 06:12:00 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02007a"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:00 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x7) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070") lsetxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:dhcpd_initrc_exec_t:s0\x00', 0x29, 0x3) socket$inet_tcp(0x2, 0x1, 0x0) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x0) clone(0x10002102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f00000000c0)={0x3f}) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) 06:12:00 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 414.727046] do_page_fault+0xf2/0x7e0 [ 414.752596] ? vmalloc_sync_all+0x30/0x30 [ 414.756757] ? error_entry+0x70/0xd0 [ 414.760493] ? trace_hardirqs_off_caller+0xbb/0x310 [ 414.765908] ? trace_hardirqs_on_caller+0xc0/0x310 [ 414.770849] ? syscall_return_slowpath+0x5e0/0x5e0 [ 414.775806] ? trace_hardirqs_off_thunk+0x1a/0x1c 06:12:00 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x201000ff, 0xfffffffffffffffb) [ 414.775826] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.775843] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 414.775860] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 414.775879] ? prepare_exit_to_usermode+0x291/0x3b0 [ 414.775896] ? page_fault+0x8/0x30 [ 414.775915] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.775943] ? page_fault+0x8/0x30 [ 414.775970] page_fault+0x1e/0x30 [ 414.775983] RIP: 0033:0x4510a0 [ 414.775999] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 414.776008] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 414.776021] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 414.776031] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 414.776040] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 414.776049] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 414.776059] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 414.908694] EXT4-fs warning (device sda1): verify_group_input:105: Cannot add at group 63 (only 16 groups) [ 414.930703] EXT4-fs warning (device sda1): verify_group_input:105: Cannot add at group 63 (only 16 groups) [ 415.006173] FAULT_FLAG_ALLOW_RETRY missing 70 [ 415.060219] CPU: 0 PID: 19210 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 415.074493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.074500] Call Trace: [ 415.074525] dump_stack+0x244/0x39d [ 415.074547] ? dump_stack_print_info.cold.1+0x20/0x20 [ 415.074565] ? preempt_schedule+0x4d/0x60 [ 415.108658] handle_userfault.cold.30+0x47/0x62 [ 415.108693] ? userfaultfd_ioctl+0x5610/0x5610 [ 415.121754] ? mark_held_locks+0x130/0x130 [ 415.121776] ? find_held_lock+0x36/0x1c0 [ 415.121797] ? futex_wake+0x613/0x760 [ 415.167960] ? userfaultfd_ctx_put+0x830/0x830 [ 415.167981] ? kasan_check_read+0x11/0x20 [ 415.176710] ? print_usage_bug+0xc0/0xc0 [ 415.176728] ? do_raw_spin_trylock+0x270/0x270 [ 415.185354] ? print_usage_bug+0xc0/0xc0 06:12:00 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/i%put/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x14, 0x28, 0xb03, 0x0, 0x0, {0x4}}, 0x14}}, 0x0) 06:12:00 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020004"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:00 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)={0x0, @aes128, 0x1, "b64ca3b341aeb6e1"}) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:00 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 415.189428] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 415.194624] ? print_usage_bug+0xc0/0xc0 [ 415.198695] ? graph_lock+0x270/0x270 [ 415.202507] ? futex_wake+0x304/0x760 [ 415.206326] ? find_held_lock+0x36/0x1c0 [ 415.210407] ? __handle_mm_fault+0x4d19/0x5b70 [ 415.215026] ? lock_downgrade+0x900/0x900 [ 415.219215] ? kasan_check_read+0x11/0x20 [ 415.223369] ? do_raw_spin_unlock+0xa7/0x330 [ 415.227775] ? do_raw_spin_trylock+0x270/0x270 [ 415.227795] ? fault_dirty_shared_page.isra.87+0x320/0x320 06:12:01 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) [ 415.227819] __handle_mm_fault+0x4d26/0x5b70 [ 415.227841] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 415.247267] ? graph_lock+0x270/0x270 [ 415.251086] ? kasan_check_read+0x11/0x20 [ 415.255251] ? graph_lock+0x270/0x270 [ 415.259062] ? rcu_read_unlock_special+0x370/0x370 [ 415.264014] ? graph_lock+0x270/0x270 [ 415.267828] ? graph_lock+0x270/0x270 [ 415.271637] ? find_held_lock+0x36/0x1c0 [ 415.275719] ? find_held_lock+0x36/0x1c0 [ 415.279815] ? handle_mm_fault+0x42a/0xc70 [ 415.279833] ? lock_downgrade+0x900/0x900 [ 415.279852] ? check_preemption_disabled+0x48/0x280 [ 415.279877] ? kasan_check_read+0x11/0x20 [ 415.293267] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 415.302663] ? rcu_read_unlock_special+0x370/0x370 [ 415.302684] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 415.302703] ? check_preemption_disabled+0x48/0x280 [ 415.302726] handle_mm_fault+0x54f/0xc70 [ 415.302745] ? __handle_mm_fault+0x5b70/0x5b70 [ 415.326811] ? find_vma+0x34/0x190 [ 415.330371] __do_page_fault+0x5f6/0xd70 [ 415.334447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 06:12:01 executing program 3: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCBRDELBR(r1, 0x89a1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x200000000000000c) wait4(0x0, 0x0, 0x40000000, 0x0) [ 415.340008] do_page_fault+0xf2/0x7e0 [ 415.343821] ? vmalloc_sync_all+0x30/0x30 [ 415.347979] ? error_entry+0x70/0xd0 [ 415.351705] ? trace_hardirqs_off_caller+0xbb/0x310 [ 415.356731] ? trace_hardirqs_on_caller+0xc0/0x310 [ 415.361695] ? syscall_return_slowpath+0x5e0/0x5e0 [ 415.364219] FAULT_FLAG_ALLOW_RETRY missing 70 [ 415.366632] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.366652] ? trace_hardirqs_on_caller+0x310/0x310 [ 415.366668] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 415.366683] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 415.366704] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 415.386468] ? __switch_to_asm+0x40/0x70 [ 415.386485] ? page_fault+0x8/0x30 [ 415.386505] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.386523] ? page_fault+0x8/0x30 [ 415.386540] page_fault+0x1e/0x30 [ 415.398208] RIP: 0033:0x4510a0 [ 415.398223] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 415.398232] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 415.398244] RAX: 00007f5dbe468850 RBX: 0000000000000003 RCX: 000000000000000e [ 415.398258] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 415.459577] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 415.466863] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe4696d4 [ 415.474145] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 415.481611] CPU: 1 PID: 19238 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 415.490204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.499562] Call Trace: [ 415.502168] dump_stack+0x244/0x39d [ 415.505816] ? dump_stack_print_info.cold.1+0x20/0x20 [ 415.511027] ? preempt_schedule+0x4d/0x60 [ 415.515196] handle_userfault.cold.30+0x47/0x62 [ 415.519895] ? userfaultfd_ioctl+0x5610/0x5610 [ 415.524487] ? mark_held_locks+0x130/0x130 [ 415.528735] ? find_held_lock+0x36/0x1c0 [ 415.532832] ? futex_wake+0x613/0x760 [ 415.532866] ? userfaultfd_ctx_put+0x830/0x830 [ 415.532899] ? kasan_check_read+0x11/0x20 [ 415.532917] ? print_usage_bug+0xc0/0xc0 [ 415.532932] ? do_raw_spin_trylock+0x270/0x270 [ 415.532948] ? print_usage_bug+0xc0/0xc0 [ 415.532968] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 415.532985] ? print_usage_bug+0xc0/0xc0 [ 415.533001] ? graph_lock+0x270/0x270 [ 415.533015] ? futex_wake+0x304/0x760 [ 415.533046] ? find_held_lock+0x36/0x1c0 [ 415.533072] ? __handle_mm_fault+0x4d19/0x5b70 [ 415.533089] ? lock_downgrade+0x900/0x900 [ 415.533113] ? kasan_check_read+0x11/0x20 [ 415.533127] ? do_raw_spin_unlock+0xa7/0x330 [ 415.533142] ? do_raw_spin_trylock+0x270/0x270 [ 415.533161] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 415.533189] __handle_mm_fault+0x4d26/0x5b70 [ 415.533214] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 415.533232] ? graph_lock+0x270/0x270 [ 415.533247] ? _raw_spin_unlock_irq+0x60/0x80 [ 415.533262] ? graph_lock+0x270/0x270 [ 415.533292] ? graph_lock+0x270/0x270 [ 415.533307] ? graph_lock+0x270/0x270 [ 415.533321] ? find_held_lock+0x36/0x1c0 [ 415.533342] ? find_held_lock+0x36/0x1c0 [ 415.533366] ? handle_mm_fault+0x42a/0xc70 [ 415.533383] ? lock_downgrade+0x900/0x900 [ 415.533407] ? check_preemption_disabled+0x48/0x280 [ 415.533427] ? kasan_check_read+0x11/0x20 [ 415.533443] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 415.533460] ? rcu_read_unlock_special+0x370/0x370 [ 415.533477] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 415.533494] ? check_preemption_disabled+0x48/0x280 [ 415.533517] handle_mm_fault+0x54f/0xc70 [ 415.533537] ? __handle_mm_fault+0x5b70/0x5b70 [ 415.533555] ? find_vma+0x34/0x190 [ 415.533577] __do_page_fault+0x5f6/0xd70 [ 415.533593] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.533617] do_page_fault+0xf2/0x7e0 [ 415.533634] ? vmalloc_sync_all+0x30/0x30 [ 415.533649] ? error_entry+0x70/0xd0 [ 415.533668] ? trace_hardirqs_off_caller+0xbb/0x310 [ 415.533683] ? trace_hardirqs_on_caller+0xc0/0x310 [ 415.533700] ? syscall_return_slowpath+0x5e0/0x5e0 [ 415.533716] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.533733] ? trace_hardirqs_on_caller+0x310/0x310 [ 415.533749] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 415.533769] ? prepare_exit_to_usermode+0x291/0x3b0 [ 415.533784] ? page_fault+0x8/0x30 [ 415.533803] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.533821] ? page_fault+0x8/0x30 [ 415.533837] page_fault+0x1e/0x30 [ 415.533849] RIP: 0033:0x4510a0 [ 415.533866] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 415.533874] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 415.533894] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 415.533904] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 415.533913] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:12:01 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="976465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:01 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x20000000021) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 06:12:01 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100)="2992b2bec0acff4ac2961eb5c86261243ddbb173c8cfd33858652033f0f0846f2e19947d9a30ea18deff716e8cf0e4de81ece03d1981f4c98ca262d86b14f84585c2aecb7345665adf3bc68201abab9a7f30c798bfef0fada4cb64b2c2aae407a2be22ebd0b2af2c54e03f8af3ab", 0x6e, 0xfffffffffffffffb) 06:12:01 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:01 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:01 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465762f696ed775742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 415.533922] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 415.533932] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:01 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) splice(r0, &(0x7f0000000000)=0x4117b5bf, r0, &(0x7f0000000040), 0x40, 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:01 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x31c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x57df1f00}, 0x14) inotify_add_watch(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x00') io_setup(0x2, &(0x7f0000000040)=0x0) io_submit(r3, 0x1, &(0x7f0000000100)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000200), 0xfffffdcc}]) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[], 0x7fffffff) recvfrom(r1, &(0x7f0000000180)=""/184, 0xfffffffffffffd84, 0x10100, 0x0, 0xfffffffffffffd51) pivot_root(&(0x7f0000000240)='./file0/file0\x00', 0x0) [ 416.046255] FAULT_FLAG_ALLOW_RETRY missing 70 [ 416.059756] CPU: 0 PID: 19271 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 416.068370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.077728] Call Trace: [ 416.080333] dump_stack+0x244/0x39d [ 416.083981] ? dump_stack_print_info.cold.1+0x20/0x20 [ 416.089191] ? preempt_schedule+0x4d/0x60 06:12:01 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 416.093365] handle_userfault.cold.30+0x47/0x62 [ 416.098061] ? userfaultfd_ioctl+0x5610/0x5610 [ 416.102659] ? mark_held_locks+0x130/0x130 [ 416.106908] ? find_held_lock+0x36/0x1c0 [ 416.110982] ? futex_wake+0x613/0x760 [ 416.114796] ? userfaultfd_ctx_put+0x830/0x830 [ 416.119406] ? kasan_check_read+0x11/0x20 [ 416.123569] ? print_usage_bug+0xc0/0xc0 [ 416.127643] ? do_raw_spin_trylock+0x270/0x270 [ 416.132236] ? print_usage_bug+0xc0/0xc0 [ 416.136314] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 416.141509] ? print_usage_bug+0xc0/0xc0 [ 416.145579] ? graph_lock+0x270/0x270 [ 416.149383] ? futex_wake+0x304/0x760 [ 416.153196] ? find_held_lock+0x36/0x1c0 [ 416.157278] ? __handle_mm_fault+0x4d19/0x5b70 [ 416.161870] ? lock_downgrade+0x900/0x900 [ 416.166038] ? kasan_check_read+0x11/0x20 [ 416.170198] ? do_raw_spin_unlock+0xa7/0x330 [ 416.174626] ? do_raw_spin_trylock+0x270/0x270 [ 416.179224] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 416.184872] __handle_mm_fault+0x4d26/0x5b70 [ 416.189300] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 416.194154] ? graph_lock+0x270/0x270 [ 416.197967] ? kasan_check_read+0x11/0x20 [ 416.202122] ? graph_lock+0x270/0x270 [ 416.205932] ? rcu_read_unlock_special+0x370/0x370 [ 416.210880] ? graph_lock+0x270/0x270 [ 416.214687] ? graph_lock+0x270/0x270 [ 416.218496] ? find_held_lock+0x36/0x1c0 [ 416.222569] ? find_held_lock+0x36/0x1c0 [ 416.226643] ? handle_mm_fault+0x42a/0xc70 [ 416.230885] ? lock_downgrade+0x900/0x900 [ 416.235041] ? check_preemption_disabled+0x48/0x280 [ 416.240071] ? kasan_check_read+0x11/0x20 06:12:02 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 416.244229] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 416.249516] ? rcu_read_unlock_special+0x370/0x370 [ 416.254459] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 416.260006] ? check_preemption_disabled+0x48/0x280 [ 416.265090] handle_mm_fault+0x54f/0xc70 [ 416.269291] ? __handle_mm_fault+0x5b70/0x5b70 [ 416.269310] ? find_vma+0x34/0x190 [ 416.269328] __do_page_fault+0x5f6/0xd70 [ 416.269347] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.277458] do_page_fault+0xf2/0x7e0 [ 416.277476] ? vmalloc_sync_all+0x30/0x30 06:12:02 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:02 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 416.277493] ? error_entry+0x70/0xd0 [ 416.298696] ? trace_hardirqs_off_caller+0xbb/0x310 [ 416.303722] ? trace_hardirqs_on_caller+0xc0/0x310 [ 416.308657] ? syscall_return_slowpath+0x5e0/0x5e0 [ 416.313592] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.318433] ? trace_hardirqs_on_caller+0x310/0x310 [ 416.318450] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 416.318468] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 416.318485] ? prepare_exit_to_usermode+0x291/0x3b0 [ 416.318500] ? page_fault+0x8/0x30 [ 416.318518] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.328962] ? page_fault+0x8/0x30 [ 416.328980] page_fault+0x1e/0x30 [ 416.328991] RIP: 0033:0x4510a0 [ 416.329008] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 416.350895] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 416.350909] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 416.350918] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 416.350931] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 416.376455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 416.376465] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 416.389394] FAULT_FLAG_ALLOW_RETRY missing 70 [ 416.476647] CPU: 0 PID: 19274 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 416.485270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.486067] dns_resolver_preparse: 30 callbacks suppressed [ 416.486092] Invalid option length (1042293) for dns_resolver key [ 416.494637] Call Trace: [ 416.494663] dump_stack+0x244/0x39d [ 416.494684] ? dump_stack_print_info.cold.1+0x20/0x20 [ 416.494702] ? preempt_schedule+0x4d/0x60 [ 416.494728] handle_userfault.cold.30+0x47/0x62 [ 416.494758] ? userfaultfd_ioctl+0x5610/0x5610 [ 416.494776] ? mark_held_locks+0x130/0x130 [ 416.494810] ? find_held_lock+0x36/0x1c0 [ 416.494834] ? futex_wake+0x613/0x760 [ 416.494854] ? userfaultfd_ctx_put+0x830/0x830 [ 416.494875] ? kasan_check_read+0x11/0x20 [ 416.494892] ? print_usage_bug+0xc0/0xc0 [ 416.494907] ? do_raw_spin_trylock+0x270/0x270 [ 416.494923] ? print_usage_bug+0xc0/0xc0 [ 416.494942] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 416.494957] ? print_usage_bug+0xc0/0xc0 [ 416.494974] ? graph_lock+0x270/0x270 [ 416.494990] ? futex_wake+0x304/0x760 [ 416.495017] ? find_held_lock+0x36/0x1c0 [ 416.495045] ? __handle_mm_fault+0x4d19/0x5b70 [ 416.495062] ? lock_downgrade+0x900/0x900 [ 416.495085] ? kasan_check_read+0x11/0x20 [ 416.495099] ? do_raw_spin_unlock+0xa7/0x330 [ 416.495114] ? do_raw_spin_trylock+0x270/0x270 [ 416.495133] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 416.495160] __handle_mm_fault+0x4d26/0x5b70 [ 416.495186] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 416.495203] ? graph_lock+0x270/0x270 [ 416.495218] ? kasan_check_read+0x11/0x20 [ 416.495234] ? graph_lock+0x270/0x270 [ 416.495250] ? rcu_read_unlock_special+0x370/0x370 [ 416.495277] ? graph_lock+0x270/0x270 [ 416.495290] ? graph_lock+0x270/0x270 [ 416.495314] ? find_held_lock+0x36/0x1c0 [ 416.522587] ? find_held_lock+0x36/0x1c0 [ 416.522614] ? handle_mm_fault+0x42a/0xc70 [ 416.536066] ? lock_downgrade+0x900/0x900 [ 416.536081] ? check_preemption_disabled+0x48/0x280 [ 416.536101] ? kasan_check_read+0x11/0x20 [ 416.564288] Invalid option length (1042293) for dns_resolver key [ 416.565330] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 416.565348] ? rcu_read_unlock_special+0x370/0x370 [ 416.565368] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 416.565387] ? check_preemption_disabled+0x48/0x280 [ 416.565414] handle_mm_fault+0x54f/0xc70 [ 416.565440] ? __handle_mm_fault+0x5b70/0x5b70 [ 416.590876] ? find_vma+0x34/0x190 [ 416.599154] __do_page_fault+0x5f6/0xd70 [ 416.599172] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.599192] do_page_fault+0xf2/0x7e0 [ 416.599206] ? vmalloc_sync_all+0x30/0x30 [ 416.599222] ? error_entry+0x70/0xd0 [ 416.599240] ? trace_hardirqs_off_caller+0xbb/0x310 [ 416.599253] ? trace_hardirqs_on_caller+0xc0/0x310 [ 416.599272] ? syscall_return_slowpath+0x5e0/0x5e0 [ 416.748446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.748466] ? trace_hardirqs_on_caller+0x310/0x310 [ 416.758328] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 416.763796] ? prepare_exit_to_usermode+0x291/0x3b0 [ 416.768825] ? page_fault+0x8/0x30 [ 416.768846] ? trace_hardirqs_off_thunk+0x1a/0x1c 06:12:02 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="866465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:02 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:02 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:02 executing program 4: pipe2(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340)='TIPCv2\x00') ioctl$RTC_PIE_OFF(r0, 0x7006) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x90, r1, 0x301, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x18, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8000000000}]}, @TIPC_NLA_NET={0x2c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8b3a}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x90b}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}]}, @TIPC_NLA_SOCK={0x38, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x56}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x370}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x4000000}, 0x44055) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) rt_sigtimedwait(&(0x7f00000004c0)={0x2}, &(0x7f0000000500), &(0x7f0000000580)={0x0, 0x1c9c380}, 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) write$UHID_GET_REPORT_REPLY(r2, &(0x7f0000000180)={0xa, 0x3, 0x9, 0x9}, 0xa) open$dir(&(0x7f00000001c0)='./file0\x00', 0x400001, 0x1ca) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) write$binfmt_script(r3, &(0x7f0000000200)={'#! ', './file0', [{0x20, 'em1/,@'}, {0x20, 'security+'}, {0x20, 'keyring")ppp0}'}, {0x20, 'dns_resolver\x00'}, {0x20, '\'.selinux.'}, {0x20, 'nodev-'}], 0xa, "4a8542d3efdc51d4022d3162ea96dba26843f21ac4dfce313b4d5fa0240e73f9d52ef102f71e4e2088c1653e9e96ca"}, 0x7a) lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="00fb1c70f0032339a00d265b29ca21c2000000000000000000000000"], 0x1c, 0x2) ioctl$sock_bt_bnep_BNEPCONNDEL(r2, 0x400442c9, &(0x7f0000000280)={0x2, @local}) [ 416.777220] ? page_fault+0x8/0x30 [ 416.781268] page_fault+0x1e/0x30 [ 416.784727] RIP: 0033:0x4510a0 [ 416.788014] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 416.806912] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 416.812280] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 416.819552] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 06:12:02 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 416.819563] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 416.819573] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 416.819581] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 416.858966] Invalid option length (1042293) for dns_resolver key 06:12:02 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465762f696e1075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 416.929128] Invalid option length (1042293) for dns_resolver key [ 416.949724] FAULT_FLAG_ALLOW_RETRY missing 70 [ 416.961543] CPU: 1 PID: 19310 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 416.970612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.979989] Call Trace: [ 416.980020] dump_stack+0x244/0x39d [ 416.986224] ? dump_stack_print_info.cold.1+0x20/0x20 [ 416.991443] handle_userfault.cold.30+0x47/0x62 [ 416.996143] ? userfaultfd_ioctl+0x5610/0x5610 [ 417.000761] ? mark_held_locks+0x130/0x130 [ 417.005013] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 417.010036] ? futex_wait_setup+0x266/0x3e0 [ 417.014384] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 417.019594] ? userfaultfd_ctx_put+0x830/0x830 [ 417.019622] ? print_usage_bug+0xc0/0xc0 06:12:02 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 417.019639] ? print_usage_bug+0xc0/0xc0 [ 417.019659] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 417.019675] ? print_usage_bug+0xc0/0xc0 [ 417.019691] ? graph_lock+0x270/0x270 [ 417.019708] ? futex_wake+0x304/0x760 [ 417.028359] ? find_held_lock+0x36/0x1c0 [ 417.028387] ? __handle_mm_fault+0x4d19/0x5b70 [ 417.028403] ? lock_downgrade+0x900/0x900 [ 417.028428] ? kasan_check_read+0x11/0x20 [ 417.028442] ? do_raw_spin_unlock+0xa7/0x330 [ 417.028456] ? do_raw_spin_trylock+0x270/0x270 [ 417.028475] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 417.033477] FAULT_FLAG_ALLOW_RETRY missing 70 [ 417.037707] __handle_mm_fault+0x4d26/0x5b70 [ 417.037742] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 417.037760] ? graph_lock+0x270/0x270 [ 417.037777] ? kasan_check_read+0x11/0x20 [ 417.037791] ? graph_lock+0x270/0x270 [ 417.037806] ? rcu_read_unlock_special+0x370/0x370 [ 417.037829] ? graph_lock+0x270/0x270 [ 417.057678] Invalid option length (185) for dns_resolver key [ 417.058090] ? graph_lock+0x270/0x270 [ 417.121400] ? find_held_lock+0x36/0x1c0 [ 417.121421] ? find_held_lock+0x36/0x1c0 [ 417.121445] ? handle_mm_fault+0x42a/0xc70 [ 417.133352] ? lock_downgrade+0x900/0x900 [ 417.133372] ? check_preemption_disabled+0x48/0x280 [ 417.133396] ? kasan_check_read+0x11/0x20 [ 417.133414] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 417.156178] ? rcu_read_unlock_special+0x370/0x370 [ 417.161137] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 417.167209] ? check_preemption_disabled+0x48/0x280 [ 417.172244] handle_mm_fault+0x54f/0xc70 [ 417.176312] ? __handle_mm_fault+0x5b70/0x5b70 [ 417.180897] ? find_vma+0x34/0x190 [ 417.184448] __do_page_fault+0x5f6/0xd70 [ 417.188512] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.194058] do_page_fault+0xf2/0x7e0 [ 417.197864] ? vmalloc_sync_all+0x30/0x30 [ 417.202016] ? error_entry+0x70/0xd0 [ 417.205740] ? trace_hardirqs_off_caller+0xbb/0x310 [ 417.210759] ? trace_hardirqs_on_caller+0xc0/0x310 [ 417.215691] ? syscall_return_slowpath+0x5e0/0x5e0 [ 417.220628] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.225472] ? trace_hardirqs_on_caller+0x310/0x310 [ 417.230488] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 417.235945] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 417.240970] ? prepare_exit_to_usermode+0x291/0x3b0 [ 417.245987] ? page_fault+0x8/0x30 [ 417.249539] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.254383] ? page_fault+0x8/0x30 [ 417.257932] page_fault+0x1e/0x30 [ 417.261389] RIP: 0033:0x4510a0 [ 417.264594] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 417.283939] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 417.289302] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 417.296569] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 417.303839] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 417.311111] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 417.318382] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 417.325679] CPU: 0 PID: 19321 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 417.334275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.343630] Call Trace: [ 417.346227] dump_stack+0x244/0x39d [ 417.349873] ? dump_stack_print_info.cold.1+0x20/0x20 [ 417.355072] ? preempt_schedule+0x4d/0x60 [ 417.359242] handle_userfault.cold.30+0x47/0x62 [ 417.363940] ? userfaultfd_ioctl+0x5610/0x5610 [ 417.368536] ? mark_held_locks+0x130/0x130 [ 417.372788] ? find_held_lock+0x36/0x1c0 [ 417.376863] ? futex_wake+0x613/0x760 [ 417.380675] ? userfaultfd_ctx_put+0x830/0x830 [ 417.385282] ? kasan_check_read+0x11/0x20 [ 417.389424] ? print_usage_bug+0xc0/0xc0 [ 417.393474] ? do_raw_spin_trylock+0x270/0x270 [ 417.398045] ? print_usage_bug+0xc0/0xc0 [ 417.402098] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 417.407279] ? print_usage_bug+0xc0/0xc0 [ 417.411326] ? graph_lock+0x270/0x270 [ 417.415112] ? futex_wake+0x304/0x760 [ 417.418908] ? find_held_lock+0x36/0x1c0 [ 417.422962] ? __handle_mm_fault+0x4d19/0x5b70 [ 417.427534] ? lock_downgrade+0x900/0x900 [ 417.431677] ? kasan_check_read+0x11/0x20 [ 417.435824] ? do_raw_spin_unlock+0xa7/0x330 [ 417.440222] ? do_raw_spin_trylock+0x270/0x270 [ 417.444792] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 417.450412] __handle_mm_fault+0x4d26/0x5b70 [ 417.454817] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 417.459651] ? graph_lock+0x270/0x270 [ 417.463441] ? kasan_check_read+0x11/0x20 [ 417.467589] ? graph_lock+0x270/0x270 [ 417.471380] ? rcu_read_unlock_special+0x370/0x370 [ 417.476303] ? graph_lock+0x270/0x270 [ 417.480092] ? graph_lock+0x270/0x270 [ 417.483878] ? find_held_lock+0x36/0x1c0 [ 417.487933] ? find_held_lock+0x36/0x1c0 [ 417.491994] ? handle_mm_fault+0x42a/0xc70 [ 417.496222] ? lock_downgrade+0x900/0x900 [ 417.500363] ? check_preemption_disabled+0x48/0x280 [ 417.505372] ? kasan_check_read+0x11/0x20 [ 417.509506] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 417.514773] ? rcu_read_unlock_special+0x370/0x370 [ 417.519702] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 417.525225] ? check_preemption_disabled+0x48/0x280 [ 417.530232] handle_mm_fault+0x54f/0xc70 [ 417.534288] ? __handle_mm_fault+0x5b70/0x5b70 [ 417.538858] ? find_vma+0x34/0x190 [ 417.542393] __do_page_fault+0x5f6/0xd70 [ 417.546446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.551999] do_page_fault+0xf2/0x7e0 [ 417.555787] ? vmalloc_sync_all+0x30/0x30 [ 417.559924] ? error_entry+0x70/0xd0 [ 417.563628] ? trace_hardirqs_off_caller+0xbb/0x310 [ 417.568634] ? trace_hardirqs_on_caller+0xc0/0x310 [ 417.573553] ? syscall_return_slowpath+0x5e0/0x5e0 [ 417.578471] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.583305] ? trace_hardirqs_on_caller+0x310/0x310 [ 417.588320] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 417.593762] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 417.598769] ? prepare_exit_to_usermode+0x291/0x3b0 [ 417.603771] ? page_fault+0x8/0x30 [ 417.607299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.612128] ? page_fault+0x8/0x30 [ 417.615658] page_fault+0x1e/0x30 [ 417.619109] RIP: 0033:0x4510a0 [ 417.622725] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 417.641612] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 417.646962] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 417.654217] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 417.661474] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 417.668750] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 417.676005] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:03 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) 06:12:03 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0xffffffffffffffff, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x180000) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:03 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:03 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:03 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="d46465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:03 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inplt/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 417.817398] Invalid option length (1042293) for dns_resolver key 06:12:03 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:03 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:03 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) [ 417.867741] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the (last) chain 06:12:03 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="d26465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:03 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:03 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inppt/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 417.949400] Invalid option length (1042293) for dns_resolver key 06:12:03 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:03 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) 06:12:03 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 418.021874] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the (last) chain [ 418.084011] handle_userfault: 2 callbacks suppressed [ 418.084019] FAULT_FLAG_ALLOW_RETRY missing 70 [ 418.086923] FAULT_FLAG_ALLOW_RETRY missing 70 [ 418.092913] CPU: 1 PID: 19370 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 418.106773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.116130] Call Trace: [ 418.118742] dump_stack+0x244/0x39d [ 418.122386] ? dump_stack_print_info.cold.1+0x20/0x20 [ 418.127611] handle_userfault.cold.30+0x47/0x62 [ 418.132487] ? userfaultfd_ioctl+0x5610/0x5610 [ 418.136467] Invalid option length (1042293) for dns_resolver key [ 418.137079] ? mark_held_locks+0x130/0x130 [ 418.137099] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 418.137114] ? futex_wait_setup+0x266/0x3e0 [ 418.137148] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 418.137167] ? userfaultfd_ctx_put+0x830/0x830 [ 418.167026] ? print_usage_bug+0xc0/0xc0 [ 418.171102] ? print_usage_bug+0xc0/0xc0 [ 418.175178] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 418.180372] ? print_usage_bug+0xc0/0xc0 [ 418.184441] ? graph_lock+0x270/0x270 [ 418.188247] ? futex_wake+0x304/0x760 [ 418.192065] ? find_held_lock+0x36/0x1c0 [ 418.196147] ? __handle_mm_fault+0x4d19/0x5b70 [ 418.200733] ? lock_downgrade+0x900/0x900 [ 418.204893] ? kasan_check_read+0x11/0x20 [ 418.209043] ? do_raw_spin_unlock+0xa7/0x330 [ 418.213451] ? do_raw_spin_trylock+0x270/0x270 [ 418.218045] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 418.223682] __handle_mm_fault+0x4d26/0x5b70 [ 418.228105] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 418.232955] ? graph_lock+0x270/0x270 [ 418.236758] ? kasan_check_read+0x11/0x20 [ 418.240913] ? graph_lock+0x270/0x270 [ 418.244719] ? rcu_read_unlock_special+0x370/0x370 [ 418.249669] ? graph_lock+0x270/0x270 [ 418.253477] ? graph_lock+0x270/0x270 [ 418.257287] ? find_held_lock+0x36/0x1c0 [ 418.261358] ? find_held_lock+0x36/0x1c0 [ 418.265909] ? handle_mm_fault+0x42a/0xc70 [ 418.270158] ? lock_downgrade+0x900/0x900 [ 418.274312] ? check_preemption_disabled+0x48/0x280 [ 418.279348] ? kasan_check_read+0x11/0x20 [ 418.283505] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 418.288789] ? rcu_read_unlock_special+0x370/0x370 [ 418.293729] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 418.299267] ? check_preemption_disabled+0x48/0x280 [ 418.304293] handle_mm_fault+0x54f/0xc70 [ 418.308361] ? __handle_mm_fault+0x5b70/0x5b70 [ 418.312945] ? find_vma+0x34/0x190 [ 418.316496] __do_page_fault+0x5f6/0xd70 [ 418.320569] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.326130] do_page_fault+0xf2/0x7e0 [ 418.329941] ? vmalloc_sync_all+0x30/0x30 06:12:04 executing program 4: r0 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x2, 0x28000) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r0, 0xc0405519, &(0x7f0000000180)={0x2, 0x7, 0xce6d, 0xfffffffffffffe3d, 'syz1\x00', 0x5}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) fstat(r0, &(0x7f00000001c0)) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={r1, 0x1, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0], 0x2}, 0x20) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) fchdir(r3) mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x10, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@posixacl='posixacl'}, {@version_u='version=9p2000.u'}, {@mmap='mmap'}, {@noextend='noextend'}, {@cache_fscache='cache=fscache'}], [{@audit='audit'}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@smackfstransmute={'smackfstransmute'}}, {@smackfsdef={'smackfsdef'}}, {@smackfsdef={'smackfsdef', 0x3d, '('}}, {@fsmagic={'fsmagic', 0x3d, 0x5}}]}}) mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4003, &(0x7f0000000400), 0x4, 0x4) r4 = creat(&(0x7f0000000240)='./file0\x00', 0x0) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000440)={0x1, r4}) [ 418.334099] ? error_entry+0x70/0xd0 [ 418.337831] ? trace_hardirqs_off_caller+0xbb/0x310 [ 418.342865] ? trace_hardirqs_on_caller+0xc0/0x310 [ 418.347801] ? syscall_return_slowpath+0x5e0/0x5e0 [ 418.352740] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.357591] ? trace_hardirqs_on_caller+0x310/0x310 [ 418.362630] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 418.368580] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 418.373622] ? prepare_exit_to_usermode+0x291/0x3b0 [ 418.377966] Invalid option length (1042293) for dns_resolver key [ 418.378649] ? page_fault+0x8/0x30 [ 418.378670] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.378686] ? page_fault+0x8/0x30 [ 418.378703] page_fault+0x1e/0x30 [ 418.400175] RIP: 0033:0x4510a0 [ 418.403382] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 418.407763] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the (last) chain [ 418.422282] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 418.422296] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 418.422306] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 418.422316] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 418.422325] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 418.422335] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 418.434762] CPU: 0 PID: 19373 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 418.453668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.468179] Call Trace: [ 418.468202] dump_stack+0x244/0x39d [ 418.468224] ? dump_stack_print_info.cold.1+0x20/0x20 [ 418.484054] handle_userfault.cold.30+0x47/0x62 [ 418.484083] ? userfaultfd_ioctl+0x5610/0x5610 [ 418.498407] Invalid option length (6206) for dns_resolver key [ 418.499622] ? mark_held_locks+0x130/0x130 [ 418.499640] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 418.499655] ? futex_wait_setup+0x266/0x3e0 06:12:04 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 418.499682] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 418.514081] ? userfaultfd_ctx_put+0x830/0x830 [ 418.529190] ? print_usage_bug+0xc0/0xc0 [ 418.547305] ? print_usage_bug+0xc0/0xc0 [ 418.551386] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 418.556607] ? print_usage_bug+0xc0/0xc0 [ 418.560683] ? graph_lock+0x270/0x270 [ 418.564498] ? futex_wake+0x304/0x760 [ 418.568320] ? find_held_lock+0x36/0x1c0 06:12:04 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:04 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x800, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000040)={r2, 0x80000, r1}) add_key(&(0x7f0000000080)="586e735f7265736f6b2a067200", &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) 06:12:04 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) [ 418.572417] ? __handle_mm_fault+0x4d19/0x5b70 [ 418.572433] ? lock_downgrade+0x900/0x900 [ 418.572457] ? kasan_check_read+0x11/0x20 06:12:04 executing program 5: r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 418.572470] ? do_raw_spin_unlock+0xa7/0x330 [ 418.572483] ? do_raw_spin_trylock+0x270/0x270 [ 418.572500] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 418.572524] __handle_mm_fault+0x4d26/0x5b70 [ 418.572547] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 418.572563] ? graph_lock+0x270/0x270 [ 418.572577] ? kasan_check_read+0x11/0x20 [ 418.572606] ? graph_lock+0x270/0x270 [ 418.572622] ? rcu_read_unlock_special+0x370/0x370 [ 418.572645] ? graph_lock+0x270/0x270 [ 418.572658] ? graph_lock+0x270/0x270 [ 418.572672] ? find_held_lock+0x36/0x1c0 [ 418.572690] ? find_held_lock+0x36/0x1c0 [ 418.572712] ? handle_mm_fault+0x42a/0xc70 [ 418.572727] ? lock_downgrade+0x900/0x900 [ 418.572743] ? check_preemption_disabled+0x48/0x280 [ 418.572761] ? kasan_check_read+0x11/0x20 [ 418.572775] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 418.572790] ? rcu_read_unlock_special+0x370/0x370 [ 418.572806] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 418.572821] ? check_preemption_disabled+0x48/0x280 [ 418.572842] handle_mm_fault+0x54f/0xc70 [ 418.572859] ? __handle_mm_fault+0x5b70/0x5b70 [ 418.572876] ? find_vma+0x34/0x190 [ 418.572895] __do_page_fault+0x5f6/0xd70 [ 418.572909] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.572931] do_page_fault+0xf2/0x7e0 [ 418.572945] ? vmalloc_sync_all+0x30/0x30 [ 418.572961] ? error_entry+0x70/0xd0 [ 418.572979] ? trace_hardirqs_off_caller+0xbb/0x310 [ 418.572992] ? trace_hardirqs_on_caller+0xc0/0x310 [ 418.573008] ? syscall_return_slowpath+0x5e0/0x5e0 [ 418.573021] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.573036] ? trace_hardirqs_on_caller+0x310/0x310 [ 418.573050] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 418.573065] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 418.573082] ? prepare_exit_to_usermode+0x291/0x3b0 [ 418.573095] ? page_fault+0x8/0x30 [ 418.573112] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.573128] ? page_fault+0x8/0x30 [ 418.573143] page_fault+0x1e/0x30 [ 418.573154] RIP: 0033:0x4510a0 [ 418.573169] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 418.573176] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 418.573187] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e 06:12:04 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="856465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:04 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) 06:12:04 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:04 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000000)={0x1, 0xa0bb}) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$KVM_SET_TSC_KHZ(r0, 0xaea2, 0xff) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x18080, 0x0) 06:12:04 executing program 5: r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:04 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inpct/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 418.573196] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 418.573204] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 418.573212] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 418.573221] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 418.704178] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the (last) chain [ 419.051949] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the (last) chain 06:12:04 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) 06:12:04 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 419.148861] FAULT_FLAG_ALLOW_RETRY missing 70 [ 419.155159] FAULT_FLAG_ALLOW_RETRY missing 70 [ 419.165423] CPU: 0 PID: 19436 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 419.174012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.183355] Call Trace: [ 419.185938] dump_stack+0x244/0x39d [ 419.189565] ? dump_stack_print_info.cold.1+0x20/0x20 [ 419.194760] handle_userfault.cold.30+0x47/0x62 [ 419.199429] ? userfaultfd_ioctl+0x5610/0x5610 [ 419.204000] ? mark_held_locks+0x130/0x130 [ 419.208227] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 419.213232] ? futex_wait_setup+0x266/0x3e0 [ 419.217567] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 419.222750] ? userfaultfd_ctx_put+0x830/0x830 [ 419.227323] ? print_usage_bug+0xc0/0xc0 [ 419.231384] ? print_usage_bug+0xc0/0xc0 [ 419.235437] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 419.240621] ? print_usage_bug+0xc0/0xc0 [ 419.244675] ? graph_lock+0x270/0x270 [ 419.248468] ? futex_wake+0x304/0x760 [ 419.252267] ? find_held_lock+0x36/0x1c0 [ 419.256324] ? __handle_mm_fault+0x4d19/0x5b70 [ 419.260911] ? lock_downgrade+0x900/0x900 [ 419.265058] ? kasan_check_read+0x11/0x20 [ 419.269191] ? do_raw_spin_unlock+0xa7/0x330 [ 419.273598] ? do_raw_spin_trylock+0x270/0x270 [ 419.278172] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 419.283792] __handle_mm_fault+0x4d26/0x5b70 [ 419.288195] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 419.293025] ? graph_lock+0x270/0x270 [ 419.296814] ? kasan_check_read+0x11/0x20 [ 419.300947] ? graph_lock+0x270/0x270 [ 419.304737] ? rcu_read_unlock_special+0x370/0x370 [ 419.309661] ? graph_lock+0x270/0x270 [ 419.313450] ? graph_lock+0x270/0x270 [ 419.317239] ? find_held_lock+0x36/0x1c0 [ 419.321289] ? find_held_lock+0x36/0x1c0 [ 419.325342] ? handle_mm_fault+0x42a/0xc70 [ 419.329567] ? lock_downgrade+0x900/0x900 [ 419.333703] ? check_preemption_disabled+0x48/0x280 [ 419.338714] ? kasan_check_read+0x11/0x20 [ 419.342850] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 419.348116] ? rcu_read_unlock_special+0x370/0x370 [ 419.353037] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 419.358566] ? check_preemption_disabled+0x48/0x280 [ 419.363588] handle_mm_fault+0x54f/0xc70 [ 419.367639] ? __handle_mm_fault+0x5b70/0x5b70 [ 419.372212] ? find_vma+0x34/0x190 [ 419.375742] __do_page_fault+0x5f6/0xd70 [ 419.379789] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 419.385317] do_page_fault+0xf2/0x7e0 [ 419.389106] ? vmalloc_sync_all+0x30/0x30 [ 419.393246] ? error_entry+0x70/0xd0 [ 419.396960] ? trace_hardirqs_off_caller+0xbb/0x310 [ 419.401965] ? trace_hardirqs_on_caller+0xc0/0x310 [ 419.406880] ? syscall_return_slowpath+0x5e0/0x5e0 [ 419.411799] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.416629] ? trace_hardirqs_on_caller+0x310/0x310 [ 419.421631] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 419.427072] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 419.432080] ? prepare_exit_to_usermode+0x291/0x3b0 [ 419.437084] ? page_fault+0x8/0x30 [ 419.440612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.445446] ? page_fault+0x8/0x30 [ 419.448976] page_fault+0x1e/0x30 [ 419.452416] RIP: 0033:0x4510a0 [ 419.455597] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 419.474485] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 419.479844] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 419.487100] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 419.494354] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 419.501608] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 419.508864] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 419.524708] CPU: 0 PID: 19433 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 419.533314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.542669] Call Trace: [ 419.545271] dump_stack+0x244/0x39d 06:12:05 executing program 3: clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) 06:12:05 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020074"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 419.548952] ? dump_stack_print_info.cold.1+0x20/0x20 [ 419.554171] handle_userfault.cold.30+0x47/0x62 [ 419.558879] ? userfaultfd_ioctl+0x5610/0x5610 [ 419.563489] ? mark_held_locks+0x130/0x130 [ 419.564540] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the (last) chain [ 419.567749] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 419.567766] ? futex_wait_setup+0x266/0x3e0 [ 419.567795] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 419.567815] ? userfaultfd_ctx_put+0x830/0x830 [ 419.598241] ? print_usage_bug+0xc0/0xc0 [ 419.602315] ? print_usage_bug+0xc0/0xc0 [ 419.606380] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 419.606397] ? print_usage_bug+0xc0/0xc0 [ 419.606411] ? graph_lock+0x270/0x270 [ 419.606428] ? futex_wake+0x304/0x760 [ 419.619461] ? find_held_lock+0x36/0x1c0 [ 419.627304] ? __handle_mm_fault+0x4d19/0x5b70 [ 419.631897] ? lock_downgrade+0x900/0x900 [ 419.636060] ? kasan_check_read+0x11/0x20 [ 419.640222] ? do_raw_spin_unlock+0xa7/0x330 [ 419.644642] ? do_raw_spin_trylock+0x270/0x270 06:12:05 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) [ 419.649245] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 419.654888] __handle_mm_fault+0x4d26/0x5b70 [ 419.659321] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 419.664181] ? graph_lock+0x270/0x270 [ 419.667996] ? kasan_check_read+0x11/0x20 [ 419.672156] ? graph_lock+0x270/0x270 [ 419.675970] ? rcu_read_unlock_special+0x370/0x370 [ 419.680923] ? graph_lock+0x270/0x270 [ 419.684732] ? graph_lock+0x270/0x270 [ 419.688537] ? find_held_lock+0x36/0x1c0 [ 419.692610] ? find_held_lock+0x36/0x1c0 [ 419.696690] ? handle_mm_fault+0x42a/0xc70 06:12:05 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 419.700935] ? lock_downgrade+0x900/0x900 [ 419.705098] ? check_preemption_disabled+0x48/0x280 [ 419.710128] ? kasan_check_read+0x11/0x20 [ 419.714284] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 419.719587] ? rcu_read_unlock_special+0x370/0x370 [ 419.719608] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 419.719628] ? check_preemption_disabled+0x48/0x280 [ 419.719650] handle_mm_fault+0x54f/0xc70 [ 419.739178] ? __handle_mm_fault+0x5b70/0x5b70 [ 419.739196] ? find_vma+0x34/0x190 [ 419.747322] __do_page_fault+0x5f6/0xd70 [ 419.751417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 419.751597] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the (last) chain [ 419.756966] do_page_fault+0xf2/0x7e0 [ 419.756983] ? vmalloc_sync_all+0x30/0x30 [ 419.757001] ? error_entry+0x70/0xd0 [ 419.757023] ? trace_hardirqs_off_caller+0xbb/0x310 [ 419.785443] ? trace_hardirqs_on_caller+0xc0/0x310 [ 419.790394] ? syscall_return_slowpath+0x5e0/0x5e0 [ 419.795331] ? trace_hardirqs_off_thunk+0x1a/0x1c 06:12:05 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='>dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:05 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 419.800182] ? trace_hardirqs_on_caller+0x310/0x310 [ 419.805210] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 419.810671] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 419.815688] ? prepare_exit_to_usermode+0x291/0x3b0 [ 419.820713] ? page_fault+0x8/0x30 [ 419.824260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.829116] ? page_fault+0x8/0x30 [ 419.832671] page_fault+0x1e/0x30 [ 419.836140] RIP: 0033:0x4510a0 06:12:05 executing program 5: r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:05 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x4008fffd, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:05 executing program 3: socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e40000"]}, 0x108) [ 419.839354] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 419.858278] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 419.858293] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 419.858304] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 419.858314] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 419.858324] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 419.858333] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:05 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inpdt/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:05 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:05 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x108) [ 419.990899] dns_resolver: Unsupported server list version (0) 06:12:05 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 420.056715] FAULT_FLAG_ALLOW_RETRY missing 70 [ 420.061936] CPU: 1 PID: 19465 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 420.070535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.079895] Call Trace: [ 420.082496] dump_stack+0x244/0x39d [ 420.086145] ? dump_stack_print_info.cold.1+0x20/0x20 [ 420.091353] ? preempt_schedule+0x4d/0x60 [ 420.095528] handle_userfault.cold.30+0x47/0x62 [ 420.100225] ? userfaultfd_ioctl+0x5610/0x5610 06:12:05 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0}, 0x108) 06:12:05 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x0, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 420.104837] ? mark_held_locks+0x130/0x130 [ 420.104862] ? find_held_lock+0x36/0x1c0 06:12:05 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 420.104887] ? futex_wake+0x613/0x760 [ 420.104911] ? userfaultfd_ctx_put+0x830/0x830 [ 420.104933] ? kasan_check_read+0x11/0x20 [ 420.104957] ? print_usage_bug+0xc0/0xc0 [ 420.104972] ? do_raw_spin_trylock+0x270/0x270 [ 420.104988] ? print_usage_bug+0xc0/0xc0 [ 420.105010] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 420.105028] ? print_usage_bug+0xc0/0xc0 [ 420.105046] ? graph_lock+0x270/0x270 [ 420.105063] ? futex_wake+0x304/0x760 [ 420.105096] ? find_held_lock+0x36/0x1c0 [ 420.105125] ? __handle_mm_fault+0x4d19/0x5b70 [ 420.105144] ? lock_downgrade+0x900/0x900 [ 420.105169] ? kasan_check_read+0x11/0x20 [ 420.105183] ? do_raw_spin_unlock+0xa7/0x330 [ 420.105199] ? do_raw_spin_trylock+0x270/0x270 [ 420.105217] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 420.105245] __handle_mm_fault+0x4d26/0x5b70 [ 420.105271] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 420.105288] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 420.105306] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 420.105322] ? retint_kernel+0x2d/0x2d [ 420.105339] ? trace_hardirqs_on_caller+0xc0/0x310 [ 420.105353] ? graph_lock+0x270/0x270 [ 420.105369] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 420.105388] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 420.105416] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 420.105448] ? find_held_lock+0x36/0x1c0 [ 420.105473] ? handle_mm_fault+0x42a/0xc70 [ 420.105490] ? lock_downgrade+0x900/0x900 [ 420.105509] ? check_preemption_disabled+0x48/0x280 [ 420.105530] ? kasan_check_read+0x11/0x20 [ 420.105546] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 420.105563] ? rcu_read_unlock_special+0x370/0x370 [ 420.105581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 420.105597] ? check_preemption_disabled+0x48/0x280 [ 420.105621] handle_mm_fault+0x54f/0xc70 [ 420.105642] ? __handle_mm_fault+0x5b70/0x5b70 [ 420.105660] ? find_vma+0x34/0x190 [ 420.105682] __do_page_fault+0x5f6/0xd70 [ 420.105698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.105724] do_page_fault+0xf2/0x7e0 [ 420.105740] ? vmalloc_sync_all+0x30/0x30 [ 420.105756] ? error_entry+0x70/0xd0 [ 420.105773] ? trace_hardirqs_off_caller+0xbb/0x310 [ 420.105788] ? trace_hardirqs_on_caller+0xc0/0x310 [ 420.105805] ? syscall_return_slowpath+0x5e0/0x5e0 [ 420.105820] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.105838] ? trace_hardirqs_on_caller+0x310/0x310 [ 420.105853] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 420.105870] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 420.105887] ? prepare_exit_to_usermode+0x291/0x3b0 [ 420.105902] ? page_fault+0x8/0x30 [ 420.105921] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.105940] ? page_fault+0x8/0x30 [ 420.105963] page_fault+0x1e/0x30 [ 420.105976] RIP: 0033:0x4510a0 [ 420.105991] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 420.106000] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 420.106013] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 420.106023] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 420.106033] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 420.106043] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 420.106052] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 420.177743] kernel msg: ebtables bug: please report to author: Wrong len argument [ 420.267190] FAULT_FLAG_ALLOW_RETRY missing 70 [ 420.305620] CPU: 1 PID: 19498 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 420.319457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.319463] Call Trace: [ 420.319486] dump_stack+0x244/0x39d [ 420.319509] ? dump_stack_print_info.cold.1+0x20/0x20 [ 420.319528] ? preempt_schedule+0x4d/0x60 [ 420.319553] handle_userfault.cold.30+0x47/0x62 [ 420.334042] ? userfaultfd_ioctl+0x5610/0x5610 [ 420.342481] ? mark_held_locks+0x130/0x130 [ 420.342505] ? find_held_lock+0x36/0x1c0 [ 420.342529] ? futex_wake+0x613/0x760 [ 420.342549] ? userfaultfd_ctx_put+0x830/0x830 [ 420.351251] ? kasan_check_read+0x11/0x20 [ 420.351269] ? print_usage_bug+0xc0/0xc0 [ 420.351284] ? do_raw_spin_trylock+0x270/0x270 [ 420.351300] ? print_usage_bug+0xc0/0xc0 [ 420.351321] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 420.361493] ? print_usage_bug+0xc0/0xc0 [ 420.361510] ? graph_lock+0x270/0x270 [ 420.361526] ? futex_wake+0x304/0x760 [ 420.361557] ? find_held_lock+0x36/0x1c0 [ 420.361584] ? __handle_mm_fault+0x4d19/0x5b70 [ 420.674759] ? lock_downgrade+0x900/0x900 [ 420.674783] ? kasan_check_read+0x11/0x20 [ 420.683088] ? do_raw_spin_unlock+0xa7/0x330 [ 420.683106] ? do_raw_spin_trylock+0x270/0x270 [ 420.688278] FAULT_FLAG_ALLOW_RETRY missing 70 [ 420.692076] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 420.692105] __handle_mm_fault+0x4d26/0x5b70 [ 420.692128] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 420.711454] ? graph_lock+0x270/0x270 [ 420.715266] ? kasan_check_read+0x11/0x20 [ 420.719414] ? graph_lock+0x270/0x270 [ 420.723221] ? rcu_read_unlock_special+0x370/0x370 [ 420.728160] ? graph_lock+0x270/0x270 [ 420.731964] ? graph_lock+0x270/0x270 [ 420.735763] ? find_held_lock+0x36/0x1c0 [ 420.739830] ? find_held_lock+0x36/0x1c0 [ 420.743910] ? handle_mm_fault+0x42a/0xc70 [ 420.748147] ? lock_downgrade+0x900/0x900 [ 420.752303] ? check_preemption_disabled+0x48/0x280 [ 420.757330] ? kasan_check_read+0x11/0x20 [ 420.761478] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 420.766758] ? rcu_read_unlock_special+0x370/0x370 [ 420.771689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 420.777232] ? check_preemption_disabled+0x48/0x280 [ 420.782260] handle_mm_fault+0x54f/0xc70 [ 420.786768] ? __handle_mm_fault+0x5b70/0x5b70 [ 420.791887] ? find_vma+0x34/0x190 [ 420.795434] __do_page_fault+0x5f6/0xd70 [ 420.799499] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.805048] do_page_fault+0xf2/0x7e0 [ 420.808857] ? vmalloc_sync_all+0x30/0x30 [ 420.813016] ? error_entry+0x70/0xd0 [ 420.816735] ? trace_hardirqs_off_caller+0xbb/0x310 [ 420.821755] ? trace_hardirqs_on_caller+0xc0/0x310 [ 420.826690] ? syscall_return_slowpath+0x5e0/0x5e0 [ 420.831622] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.836467] ? trace_hardirqs_on_caller+0x310/0x310 [ 420.841483] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 420.846938] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 420.851958] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 420.858627] ? __switch_to_asm+0x40/0x70 [ 420.862687] ? page_fault+0x8/0x30 [ 420.866231] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.871079] ? page_fault+0x8/0x30 [ 420.874623] page_fault+0x1e/0x30 [ 420.878073] RIP: 0033:0x4510a0 [ 420.881270] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 420.900671] RSP: 002b:00007fab1fb997a8 EFLAGS: 00010202 [ 420.900685] RAX: 00007fab1fb99850 RBX: 0000000000000003 RCX: 000000000000000e [ 420.900695] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fb99850 [ 420.900704] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 420.900713] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fb9a6d4 [ 420.900723] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 420.900757] CPU: 0 PID: 19474 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 420.900766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.900771] Call Trace: [ 420.900793] dump_stack+0x244/0x39d [ 420.900814] ? dump_stack_print_info.cold.1+0x20/0x20 [ 420.900843] handle_userfault.cold.30+0x47/0x62 [ 420.900870] ? userfaultfd_ioctl+0x5610/0x5610 [ 420.900887] ? mark_held_locks+0x130/0x130 [ 420.900903] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 420.900916] ? futex_wait_setup+0x266/0x3e0 [ 420.900943] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 420.900959] ? userfaultfd_ctx_put+0x830/0x830 [ 420.900980] ? print_usage_bug+0xc0/0xc0 [ 420.900996] ? print_usage_bug+0xc0/0xc0 [ 420.901014] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 420.901028] ? print_usage_bug+0xc0/0xc0 [ 420.901042] ? graph_lock+0x270/0x270 [ 420.901056] ? futex_wake+0x304/0x760 [ 420.901081] ? find_held_lock+0x36/0x1c0 [ 420.901106] ? __handle_mm_fault+0x4d19/0x5b70 [ 420.901121] ? lock_downgrade+0x900/0x900 [ 420.901146] ? kasan_check_read+0x11/0x20 [ 420.901161] ? do_raw_spin_unlock+0xa7/0x330 [ 420.901175] ? do_raw_spin_trylock+0x270/0x270 [ 420.901192] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 420.901216] __handle_mm_fault+0x4d26/0x5b70 [ 420.901239] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 420.901255] ? graph_lock+0x270/0x270 [ 420.901271] ? kasan_check_read+0x11/0x20 [ 420.901284] ? graph_lock+0x270/0x270 [ 420.901302] ? rcu_read_unlock_special+0x370/0x370 [ 421.086627] ? graph_lock+0x270/0x270 [ 421.090422] ? graph_lock+0x270/0x270 [ 421.094209] ? find_held_lock+0x36/0x1c0 [ 421.098261] ? find_held_lock+0x36/0x1c0 [ 421.102327] ? handle_mm_fault+0x42a/0xc70 [ 421.106557] ? lock_downgrade+0x900/0x900 [ 421.110709] ? check_preemption_disabled+0x48/0x280 [ 421.115709] ? kasan_check_read+0x11/0x20 [ 421.119842] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 421.125106] ? rcu_read_unlock_special+0x370/0x370 [ 421.130024] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 421.135555] ? check_preemption_disabled+0x48/0x280 [ 421.140573] handle_mm_fault+0x54f/0xc70 [ 421.144624] ? __handle_mm_fault+0x5b70/0x5b70 [ 421.149195] ? find_vma+0x34/0x190 [ 421.152722] __do_page_fault+0x5f6/0xd70 [ 421.156782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.162309] do_page_fault+0xf2/0x7e0 [ 421.166095] ? vmalloc_sync_all+0x30/0x30 [ 421.170226] ? error_entry+0x70/0xd0 [ 421.173929] ? trace_hardirqs_off_caller+0xbb/0x310 [ 421.178928] ? trace_hardirqs_on_caller+0xc0/0x310 [ 421.183839] ? syscall_return_slowpath+0x5e0/0x5e0 [ 421.188756] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.193583] ? trace_hardirqs_on_caller+0x310/0x310 [ 421.198584] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 421.204019] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 421.209021] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 421.215762] ? __switch_to_asm+0x40/0x70 [ 421.219816] ? page_fault+0x8/0x30 [ 421.223352] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.228183] ? page_fault+0x8/0x30 [ 421.231705] page_fault+0x1e/0x30 [ 421.235142] RIP: 0033:0x4510a0 [ 421.238323] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 421.257218] RSP: 002b:00007f5dbe4687a8 EFLAGS: 00010202 [ 421.262564] RAX: 00007f5dbe468850 RBX: 0000000000000003 RCX: 000000000000000e 06:12:07 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="ce6465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:07 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:07 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[]}, 0x78) 06:12:07 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) r1 = syz_open_dev$swradio(&(0x7f0000000140)='/dev/swradio#\x00', 0x1, 0x2) ioctl(r0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r2, 0x8c) r3 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x13}}}, 0x1c) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r4 = socket(0x11, 0x80002, 0x0) bind$packet(r4, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt(r4, 0x107, 0x5, &(0x7f0000001000), 0xc5) r5 = accept4(r2, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg(r5, &(0x7f0000003d40)=[{{&(0x7f0000001b00)=@l2={0xc9, 0xa00000000000000}, 0x80, &(0x7f0000001d00), 0x0, &(0x7f0000001d40)}}, {{&(0x7f0000002300)=@nl, 0x80, &(0x7f0000003740), 0x0, &(0x7f00000037c0)}}], 0x4000000000001eb, 0x0) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000000)) fsetxattr$trusted_overlay_origin(r5, &(0x7f0000000180)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$VIDIOC_G_PRIORITY(r1, 0x80045643, 0x3) 06:12:07 executing program 5: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:07 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inpxt/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 421.269830] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe468850 [ 421.277097] RBP: 000000000072bfa0 R08: 00000000000003ff R09: 0000000000000000 [ 421.284351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe4696d4 [ 421.291617] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:07 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[]}, 0x78) [ 421.337452] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 421.420847] FAULT_FLAG_ALLOW_RETRY missing 70 [ 421.438537] CPU: 0 PID: 19524 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 421.447161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.449577] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 421.456524] Call Trace: [ 421.456552] dump_stack+0x244/0x39d 06:12:07 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[]}, 0x78) [ 421.456577] ? dump_stack_print_info.cold.1+0x20/0x20 [ 421.456607] handle_userfault.cold.30+0x47/0x62 [ 421.456638] ? userfaultfd_ioctl+0x5610/0x5610 [ 421.456655] ? mark_held_locks+0x130/0x130 [ 421.456676] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 421.485368] ? futex_wait_setup+0x266/0x3e0 [ 421.485399] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 421.485420] ? userfaultfd_ctx_put+0x830/0x830 [ 421.494661] ? print_usage_bug+0xc0/0xc0 [ 421.494680] ? print_usage_bug+0xc0/0xc0 06:12:07 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB]}, 0x78) 06:12:07 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020003"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 421.494697] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 421.494714] ? print_usage_bug+0xc0/0xc0 [ 421.516528] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 421.516868] ? graph_lock+0x270/0x270 [ 421.537940] ? futex_wake+0x304/0x760 [ 421.541772] ? find_held_lock+0x36/0x1c0 [ 421.545885] ? __handle_mm_fault+0x4d19/0x5b70 [ 421.550502] ? lock_downgrade+0x900/0x900 [ 421.554690] ? kasan_check_read+0x11/0x20 [ 421.558849] ? do_raw_spin_unlock+0xa7/0x330 [ 421.563268] ? do_raw_spin_trylock+0x270/0x270 06:12:07 executing program 5: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:07 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB]}, 0x78) [ 421.567875] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 421.572492] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 421.573538] __handle_mm_fault+0x4d26/0x5b70 [ 421.573565] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 421.573585] ? graph_lock+0x270/0x270 [ 421.586037] ? kasan_check_read+0x11/0x20 [ 421.598788] ? graph_lock+0x270/0x270 [ 421.598805] ? rcu_read_unlock_special+0x370/0x370 [ 421.598832] ? graph_lock+0x270/0x270 [ 421.598849] ? graph_lock+0x270/0x270 [ 421.615145] ? find_held_lock+0x36/0x1c0 [ 421.619231] ? find_held_lock+0x36/0x1c0 [ 421.623357] ? handle_mm_fault+0x42a/0xc70 [ 421.627612] ? lock_downgrade+0x900/0x900 [ 421.631776] ? check_preemption_disabled+0x48/0x280 [ 421.636814] ? kasan_check_read+0x11/0x20 [ 421.640979] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 421.646271] ? rcu_read_unlock_special+0x370/0x370 [ 421.651232] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 421.656793] ? check_preemption_disabled+0x48/0x280 [ 421.661829] handle_mm_fault+0x54f/0xc70 [ 421.665908] ? __handle_mm_fault+0x5b70/0x5b70 [ 421.667147] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 421.670500] ? find_vma+0x34/0x190 [ 421.670524] __do_page_fault+0x5f6/0xd70 [ 421.670542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.670563] do_page_fault+0xf2/0x7e0 [ 421.695528] ? vmalloc_sync_all+0x30/0x30 [ 421.699690] ? error_entry+0x70/0xd0 [ 421.703417] ? trace_hardirqs_off_caller+0xbb/0x310 [ 421.708450] ? trace_hardirqs_on_caller+0xc0/0x310 [ 421.713397] ? syscall_return_slowpath+0x5e0/0x5e0 [ 421.718330] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.723174] ? trace_hardirqs_on_caller+0x310/0x310 [ 421.728201] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 421.733655] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 421.738683] ? prepare_exit_to_usermode+0x291/0x3b0 [ 421.743714] ? page_fault+0x8/0x30 [ 421.747271] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.752162] ? page_fault+0x8/0x30 [ 421.755724] page_fault+0x1e/0x30 [ 421.759186] RIP: 0033:0x4510a0 [ 421.762394] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 421.781394] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 421.786744] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 421.793999] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 421.801255] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 421.808524] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 421.815776] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 421.829613] dns_resolver_preparse: 14 callbacks suppressed [ 421.829621] Invalid option length (1042293) for dns_resolver key [ 421.837665] FAULT_FLAG_ALLOW_RETRY missing 70 [ 421.861986] CPU: 1 PID: 19530 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 421.870608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.879972] Call Trace: [ 421.882583] dump_stack+0x244/0x39d [ 421.886221] ? dump_stack_print_info.cold.1+0x20/0x20 [ 421.891430] handle_userfault.cold.30+0x47/0x62 [ 421.896139] ? userfaultfd_ioctl+0x5610/0x5610 [ 421.900738] ? mark_held_locks+0x130/0x130 [ 421.904990] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 421.910024] ? futex_wait_setup+0x266/0x3e0 [ 421.914357] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 421.919541] ? userfaultfd_ctx_put+0x830/0x830 [ 421.924111] ? print_usage_bug+0xc0/0xc0 [ 421.928155] ? print_usage_bug+0xc0/0xc0 [ 421.932203] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 421.937378] ? print_usage_bug+0xc0/0xc0 [ 421.941422] ? graph_lock+0x270/0x270 [ 421.945208] ? futex_wake+0x304/0x760 [ 421.948999] ? find_held_lock+0x36/0x1c0 [ 421.953052] ? __handle_mm_fault+0x4d19/0x5b70 [ 421.957621] ? lock_downgrade+0x900/0x900 [ 421.961760] ? kasan_check_read+0x11/0x20 [ 421.965898] ? do_raw_spin_unlock+0xa7/0x330 [ 421.970291] ? do_raw_spin_trylock+0x270/0x270 [ 421.974857] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 421.980516] __handle_mm_fault+0x4d26/0x5b70 [ 421.984912] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 421.989739] ? graph_lock+0x270/0x270 [ 421.993529] ? kasan_check_read+0x11/0x20 [ 421.997663] ? graph_lock+0x270/0x270 [ 422.001447] ? rcu_read_unlock_special+0x370/0x370 [ 422.006364] ? graph_lock+0x270/0x270 [ 422.010159] ? graph_lock+0x270/0x270 [ 422.013941] ? find_held_lock+0x36/0x1c0 [ 422.017990] ? find_held_lock+0x36/0x1c0 [ 422.022040] ? handle_mm_fault+0x42a/0xc70 [ 422.026278] ? lock_downgrade+0x900/0x900 [ 422.030420] ? check_preemption_disabled+0x48/0x280 [ 422.035422] ? kasan_check_read+0x11/0x20 [ 422.039554] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 422.044818] ? rcu_read_unlock_special+0x370/0x370 [ 422.049731] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 422.055263] ? check_preemption_disabled+0x48/0x280 [ 422.060278] handle_mm_fault+0x54f/0xc70 [ 422.064332] ? __handle_mm_fault+0x5b70/0x5b70 [ 422.068914] ? find_vma+0x34/0x190 [ 422.072441] __do_page_fault+0x5f6/0xd70 [ 422.076492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 422.082021] do_page_fault+0xf2/0x7e0 [ 422.085805] ? vmalloc_sync_all+0x30/0x30 [ 422.089937] ? error_entry+0x70/0xd0 [ 422.093636] ? trace_hardirqs_off_caller+0xbb/0x310 [ 422.098634] ? trace_hardirqs_on_caller+0xc0/0x310 [ 422.103548] ? syscall_return_slowpath+0x5e0/0x5e0 [ 422.108458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.113286] ? trace_hardirqs_on_caller+0x310/0x310 [ 422.118287] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 422.123720] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 422.128725] ? prepare_exit_to_usermode+0x291/0x3b0 [ 422.133725] ? page_fault+0x8/0x30 [ 422.137257] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.142087] ? page_fault+0x8/0x30 [ 422.145610] page_fault+0x1e/0x30 [ 422.149047] RIP: 0033:0x4510a0 [ 422.152225] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 06:12:07 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="e96465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:07 executing program 5: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:07 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB]}, 0x78) 06:12:07 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$TIOCCBRK(r0, 0x5428) getrusage(0x0, &(0x7f0000000140)) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:07 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02006c"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:07 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inpit/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 422.171116] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 422.176726] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 422.184007] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 422.191264] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 422.198515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 422.205769] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:08 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x48, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff00000000000000000000000000000000000000000000000000000000"]}, 0xc0) [ 422.285264] Invalid option length (1042293) for dns_resolver key [ 422.287348] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 422.339333] FAULT_FLAG_ALLOW_RETRY missing 70 [ 422.344755] Invalid option length (1042293) for dns_resolver key [ 422.368075] CPU: 1 PID: 19565 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 422.376693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.386564] Call Trace: [ 422.389167] dump_stack+0x244/0x39d [ 422.392821] ? dump_stack_print_info.cold.1+0x20/0x20 [ 422.398040] handle_userfault.cold.30+0x47/0x62 [ 422.402746] ? userfaultfd_ioctl+0x5610/0x5610 [ 422.407339] ? mark_held_locks+0x130/0x130 [ 422.411608] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 422.416634] ? futex_wait_setup+0x266/0x3e0 [ 422.420982] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 422.426188] ? userfaultfd_ctx_put+0x830/0x830 [ 422.428724] Invalid option length (1042293) for dns_resolver key [ 422.430798] ? print_usage_bug+0xc0/0xc0 [ 422.430817] ? print_usage_bug+0xc0/0xc0 [ 422.430837] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 422.441376] Invalid option length (1042293) for dns_resolver key [ 422.441530] ? print_usage_bug+0xc0/0xc0 [ 422.460999] ? graph_lock+0x270/0x270 [ 422.464813] ? futex_wake+0x304/0x760 [ 422.468637] ? find_held_lock+0x36/0x1c0 [ 422.472729] ? __handle_mm_fault+0x4d19/0x5b70 [ 422.477328] ? lock_downgrade+0x900/0x900 [ 422.481499] ? kasan_check_read+0x11/0x20 [ 422.483336] Invalid option length (1042293) for dns_resolver key [ 422.486172] ? do_raw_spin_unlock+0xa7/0x330 [ 422.486188] ? do_raw_spin_trylock+0x270/0x270 [ 422.486218] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 422.486250] __handle_mm_fault+0x4d26/0x5b70 [ 422.511378] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 422.516242] ? graph_lock+0x270/0x270 [ 422.520053] ? kasan_check_read+0x11/0x20 [ 422.524226] ? graph_lock+0x270/0x270 [ 422.528035] ? rcu_read_unlock_special+0x370/0x370 [ 422.532982] ? graph_lock+0x270/0x270 [ 422.536161] Invalid option length (1042293) for dns_resolver key [ 422.536786] ? graph_lock+0x270/0x270 [ 422.536802] ? find_held_lock+0x36/0x1c0 [ 422.536823] ? find_held_lock+0x36/0x1c0 [ 422.536851] ? handle_mm_fault+0x42a/0xc70 [ 422.536870] ? lock_downgrade+0x900/0x900 [ 422.563265] ? check_preemption_disabled+0x48/0x280 [ 422.568300] ? kasan_check_read+0x11/0x20 [ 422.572454] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 422.577733] ? rcu_read_unlock_special+0x370/0x370 [ 422.577752] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 422.577771] ? check_preemption_disabled+0x48/0x280 [ 422.577796] handle_mm_fault+0x54f/0xc70 [ 422.577814] ? __handle_mm_fault+0x5b70/0x5b70 [ 422.577834] ? find_vma+0x34/0x190 [ 422.605972] __do_page_fault+0x5f6/0xd70 [ 422.610053] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 422.615616] do_page_fault+0xf2/0x7e0 [ 422.619434] ? vmalloc_sync_all+0x30/0x30 [ 422.623891] ? error_entry+0x70/0xd0 [ 422.627615] ? trace_hardirqs_off_caller+0xbb/0x310 [ 422.632643] ? trace_hardirqs_on_caller+0xc0/0x310 [ 422.637583] ? syscall_return_slowpath+0x5e0/0x5e0 [ 422.639741] Invalid option length (1042293) for dns_resolver key [ 422.642517] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.642538] ? trace_hardirqs_on_caller+0x310/0x310 [ 422.642555] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 422.642569] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 422.642588] ? prepare_exit_to_usermode+0x291/0x3b0 [ 422.674019] ? page_fault+0x8/0x30 [ 422.677578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.682432] ? page_fault+0x8/0x30 [ 422.686448] page_fault+0x1e/0x30 [ 422.686461] RIP: 0033:0x4510a0 [ 422.686477] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 422.686485] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 422.717378] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 422.724664] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 422.731951] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 06:12:08 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:08 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:08 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:08 executing program 5: perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:08 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:08 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="e16465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:08 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:08 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:08 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000040)=0x6, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 422.739231] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 422.743961] kernel msg: ebtables bug: please report to author: entries_size too small [ 422.746506] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:08 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x48, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff00000000000000000000000000000000000000000000000000000000"]}, 0xc0) [ 422.783098] Invalid option length (1042293) for dns_resolver key [ 422.841136] dns_resolver: Unsupported server list version (0) [ 422.893025] dns_resolver: Unsupported server list version (0) [ 422.899275] kernel msg: ebtables bug: please report to author: entries_size too small 06:12:08 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inpot/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:08 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:08 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:08 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='=dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:08 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x48, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff00000000000000000000000000000000000000000000000000000000"]}, 0xc0) 06:12:08 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000380)) r1 = syz_open_dev$vbi(&(0x7f0000000240)='/dev/vbi#\x00', 0x2, 0x2) fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000003c0)='trusted.overlay.redirect\x00', &(0x7f0000000400)='./file0\x00', 0x8, 0x3) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000280)={0x0, 0x0, 0x8, 0x9, 0x101, 0x1}, &(0x7f00000002c0)=0x14) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000300)=@assoc_value={r2, 0x1000}, &(0x7f0000000340)=0x8) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000140)="f9a7a57f4e65e7328f0959bf5cf1a9715ae3465b54df0f0e834d1a83f6861ee13c8ded28e521dd89bd0cdf8bd99850c965d9050a4064b1e96ee9d3507fccfd096609de8a6eede25d0cd8155ff7dc7a9d67e4def6192d830f3fb9be514ce61321f7c2c1f58b313366715434ceea5931e8349d3bdd3f817e36c0cb0218cabe84229597b83f7a7a9c51326d7e09c5b3f1d930595d4d4464d004d69e009cf26ea4a38e93c76291c8bc3a3fd95473db9a95cbbe523bdc9566325d308f9ebaab68f5ce4da1c883beda306230f4219ab69fd45d8b0f373b01cc03928dfd4b44", 0xdc, r1}, 0x68) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000440)={0x81, "00ac5f5f171dc5a9df9cdb1fe438ec50732e1de1362205c0616f6467fdd76026", 0x1, 0x7, 0x4, 0x400000, 0x600, 0x4}) 06:12:08 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 423.009440] Invalid option length (1042293) for dns_resolver key [ 423.036950] kernel msg: ebtables bug: please report to author: entries_size too small [ 423.094136] handle_userfault: 3 callbacks suppressed [ 423.094145] FAULT_FLAG_ALLOW_RETRY missing 70 [ 423.118338] CPU: 0 PID: 19636 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 423.126984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.136342] Call Trace: [ 423.138949] dump_stack+0x244/0x39d [ 423.142599] ? dump_stack_print_info.cold.1+0x20/0x20 [ 423.147822] handle_userfault.cold.30+0x47/0x62 [ 423.152523] ? userfaultfd_ioctl+0x5610/0x5610 [ 423.157125] ? mark_held_locks+0x130/0x130 [ 423.161391] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 423.166415] ? futex_wait_setup+0x266/0x3e0 [ 423.170747] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 423.175930] ? userfaultfd_ctx_put+0x830/0x830 [ 423.180509] ? print_usage_bug+0xc0/0xc0 [ 423.184561] ? print_usage_bug+0xc0/0xc0 [ 423.188618] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 423.193797] ? print_usage_bug+0xc0/0xc0 [ 423.197851] ? graph_lock+0x270/0x270 [ 423.201643] ? futex_wake+0x304/0x760 [ 423.205458] ? find_held_lock+0x36/0x1c0 [ 423.209531] ? __handle_mm_fault+0x4d19/0x5b70 [ 423.214101] ? lock_downgrade+0x900/0x900 [ 423.218248] ? kasan_check_read+0x11/0x20 [ 423.222385] ? do_raw_spin_unlock+0xa7/0x330 [ 423.226782] ? do_raw_spin_trylock+0x270/0x270 [ 423.231355] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 423.236975] __handle_mm_fault+0x4d26/0x5b70 [ 423.241382] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 423.246218] ? graph_lock+0x270/0x270 [ 423.250010] ? kasan_check_read+0x11/0x20 [ 423.254157] ? graph_lock+0x270/0x270 [ 423.257964] ? rcu_read_unlock_special+0x370/0x370 [ 423.262907] ? graph_lock+0x270/0x270 [ 423.266698] ? graph_lock+0x270/0x270 [ 423.270490] ? find_held_lock+0x36/0x1c0 [ 423.274546] ? find_held_lock+0x36/0x1c0 [ 423.278602] ? handle_mm_fault+0x42a/0xc70 [ 423.282826] ? lock_downgrade+0x900/0x900 [ 423.286964] ? check_preemption_disabled+0x48/0x280 [ 423.291973] ? kasan_check_read+0x11/0x20 [ 423.296109] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 423.301387] ? rcu_read_unlock_special+0x370/0x370 [ 423.306309] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 423.311834] ? check_preemption_disabled+0x48/0x280 [ 423.316843] handle_mm_fault+0x54f/0xc70 [ 423.320899] ? __handle_mm_fault+0x5b70/0x5b70 [ 423.325473] ? find_vma+0x34/0x190 [ 423.329006] __do_page_fault+0x5f6/0xd70 [ 423.333054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 423.338589] do_page_fault+0xf2/0x7e0 [ 423.342382] ? vmalloc_sync_all+0x30/0x30 [ 423.346520] ? error_entry+0x70/0xd0 [ 423.350225] ? trace_hardirqs_off_caller+0xbb/0x310 [ 423.355230] ? trace_hardirqs_on_caller+0xc0/0x310 [ 423.360160] ? syscall_return_slowpath+0x5e0/0x5e0 [ 423.365081] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.369913] ? trace_hardirqs_on_caller+0x310/0x310 [ 423.374916] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 423.380356] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 423.385365] ? prepare_exit_to_usermode+0x291/0x3b0 [ 423.390370] ? page_fault+0x8/0x30 [ 423.393900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.398736] ? page_fault+0x8/0x30 [ 423.402265] page_fault+0x1e/0x30 [ 423.405704] RIP: 0033:0x4510a0 [ 423.408889] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 423.427780] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 423.433142] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e 06:12:09 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='%dev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:09 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x6c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000"]}, 0xe4) 06:12:09 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000000)={0x7, "7259fd787e864119e97ec4554647c987f5b69234e924147ec64f7e3a659485a1", 0x3, 0x6, 0x2, 0x37fb87, 0x0, 0x4}) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 423.440401] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 423.447659] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 423.454915] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 423.462174] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:09 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:09 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x6c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000"]}, 0xe4) [ 423.511690] kernel msg: ebtables bug: please report to author: entries_size too small [ 423.584789] FAULT_FLAG_ALLOW_RETRY missing 70 [ 423.606046] CPU: 0 PID: 19652 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 423.611445] kernel msg: ebtables bug: please report to author: entries_size too small [ 423.614667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.614675] Call Trace: [ 423.614700] dump_stack+0x244/0x39d [ 423.614722] ? dump_stack_print_info.cold.1+0x20/0x20 [ 423.643434] handle_userfault.cold.30+0x47/0x62 [ 423.648142] ? userfaultfd_ioctl+0x5610/0x5610 [ 423.652734] ? mark_held_locks+0x130/0x130 [ 423.656984] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 423.662007] ? futex_wait_setup+0x266/0x3e0 [ 423.662037] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 423.671548] ? userfaultfd_ctx_put+0x830/0x830 [ 423.676149] ? print_usage_bug+0xc0/0xc0 [ 423.676168] ? print_usage_bug+0xc0/0xc0 [ 423.676187] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 423.689471] ? print_usage_bug+0xc0/0xc0 [ 423.693539] ? graph_lock+0x270/0x270 [ 423.693554] ? futex_wake+0x304/0x760 [ 423.693581] ? find_held_lock+0x36/0x1c0 [ 423.705215] ? __handle_mm_fault+0x4d19/0x5b70 [ 423.705234] ? lock_downgrade+0x900/0x900 [ 423.713950] ? kasan_check_read+0x11/0x20 [ 423.718118] ? do_raw_spin_unlock+0xa7/0x330 [ 423.722538] ? do_raw_spin_trylock+0x270/0x270 [ 423.727140] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 423.732786] __handle_mm_fault+0x4d26/0x5b70 [ 423.737220] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 423.742081] ? graph_lock+0x270/0x270 [ 423.745910] ? kasan_check_read+0x11/0x20 [ 423.750062] ? graph_lock+0x270/0x270 06:12:09 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inpst/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:09 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x6c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000"]}, 0xe4) 06:12:09 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 423.750079] ? rcu_read_unlock_special+0x370/0x370 [ 423.750114] ? graph_lock+0x270/0x270 [ 423.758814] ? graph_lock+0x270/0x270 [ 423.758829] ? find_held_lock+0x36/0x1c0 [ 423.758850] ? find_held_lock+0x36/0x1c0 [ 423.758875] ? handle_mm_fault+0x42a/0xc70 [ 423.779712] ? lock_downgrade+0x900/0x900 [ 423.783875] ? check_preemption_disabled+0x48/0x280 [ 423.788908] ? kasan_check_read+0x11/0x20 [ 423.793065] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 423.798364] ? rcu_read_unlock_special+0x370/0x370 06:12:09 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x7e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000"]}, 0xf6) [ 423.802494] kernel msg: ebtables bug: please report to author: entries_size too small [ 423.803311] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 423.803331] ? check_preemption_disabled+0x48/0x280 [ 423.803354] handle_mm_fault+0x54f/0xc70 [ 423.803373] ? __handle_mm_fault+0x5b70/0x5b70 [ 423.830495] ? find_vma+0x34/0x190 [ 423.830519] __do_page_fault+0x5f6/0xd70 [ 423.830537] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 423.830558] do_page_fault+0xf2/0x7e0 [ 423.838242] ? vmalloc_sync_all+0x30/0x30 [ 423.838259] ? error_entry+0x70/0xd0 [ 423.838278] ? trace_hardirqs_off_caller+0xbb/0x310 [ 423.838290] ? trace_hardirqs_on_caller+0xc0/0x310 [ 423.838310] ? syscall_return_slowpath+0x5e0/0x5e0 [ 423.870521] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.875376] ? trace_hardirqs_on_caller+0x310/0x310 [ 423.880408] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 423.885873] ? prepare_exit_to_usermode+0x291/0x3b0 [ 423.890900] ? page_fault+0x8/0x30 [ 423.894458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.895872] kernel msg: ebtables bug: please report to author: entries_size too small 06:12:09 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x7e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000"]}, 0xf6) [ 423.899332] ? page_fault+0x8/0x30 [ 423.899350] page_fault+0x1e/0x30 [ 423.899362] RIP: 0033:0x4510a0 [ 423.899379] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 423.899389] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 423.899401] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 423.899408] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 06:12:09 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:09 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) exit_group(0x80000000) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 423.899422] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 423.936431] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 423.936442] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 424.018038] kernel msg: ebtables bug: please report to author: entries_size too small [ 424.025283] FAULT_FLAG_ALLOW_RETRY missing 70 [ 424.031480] CPU: 1 PID: 19678 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 424.040081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.049442] Call Trace: [ 424.052049] dump_stack+0x244/0x39d [ 424.055703] ? dump_stack_print_info.cold.1+0x20/0x20 [ 424.060909] ? preempt_schedule+0x4d/0x60 [ 424.065089] handle_userfault.cold.30+0x47/0x62 [ 424.069783] ? userfaultfd_ioctl+0x5610/0x5610 [ 424.074376] ? mark_held_locks+0x130/0x130 [ 424.078629] ? find_held_lock+0x36/0x1c0 [ 424.082703] ? futex_wake+0x613/0x760 [ 424.087023] ? userfaultfd_ctx_put+0x830/0x830 [ 424.091626] ? kasan_check_read+0x11/0x20 [ 424.095787] ? print_usage_bug+0xc0/0xc0 [ 424.099853] ? do_raw_spin_trylock+0x270/0x270 [ 424.104445] ? print_usage_bug+0xc0/0xc0 [ 424.108519] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 424.113715] ? print_usage_bug+0xc0/0xc0 [ 424.117785] ? graph_lock+0x270/0x270 [ 424.121605] ? futex_wake+0x304/0x760 [ 424.125429] ? find_held_lock+0x36/0x1c0 [ 424.129509] ? __handle_mm_fault+0x4d19/0x5b70 [ 424.134101] ? lock_downgrade+0x900/0x900 [ 424.138265] ? kasan_check_read+0x11/0x20 [ 424.142427] ? do_raw_spin_unlock+0xa7/0x330 [ 424.146842] ? do_raw_spin_trylock+0x270/0x270 [ 424.151440] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 424.157095] __handle_mm_fault+0x4d26/0x5b70 [ 424.161552] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 424.161579] ? graph_lock+0x270/0x270 [ 424.161597] ? kasan_check_read+0x11/0x20 [ 424.161613] ? graph_lock+0x270/0x270 [ 424.161630] ? rcu_read_unlock_special+0x370/0x370 [ 424.161658] ? graph_lock+0x270/0x270 [ 424.161672] ? graph_lock+0x270/0x270 [ 424.161687] ? find_held_lock+0x36/0x1c0 [ 424.161706] ? find_held_lock+0x36/0x1c0 [ 424.161731] ? handle_mm_fault+0x42a/0xc70 [ 424.161746] ? lock_downgrade+0x900/0x900 [ 424.161763] ? check_preemption_disabled+0x48/0x280 [ 424.161783] ? kasan_check_read+0x11/0x20 [ 424.161798] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 424.161815] ? rcu_read_unlock_special+0x370/0x370 [ 424.161833] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 424.161849] ? check_preemption_disabled+0x48/0x280 [ 424.161872] handle_mm_fault+0x54f/0xc70 [ 424.161891] ? __handle_mm_fault+0x5b70/0x5b70 [ 424.161910] ? find_vma+0x34/0x190 [ 424.161932] __do_page_fault+0x5f6/0xd70 [ 424.161947] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.161973] do_page_fault+0xf2/0x7e0 [ 424.161990] ? vmalloc_sync_all+0x30/0x30 [ 424.162007] ? error_entry+0x70/0xd0 [ 424.162026] ? trace_hardirqs_off_caller+0xbb/0x310 [ 424.162041] ? trace_hardirqs_on_caller+0xc0/0x310 [ 424.162068] ? syscall_return_slowpath+0x5e0/0x5e0 [ 424.162083] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.162100] ? trace_hardirqs_on_caller+0x310/0x310 [ 424.162116] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 424.162133] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 424.162152] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 424.162167] ? __switch_to_asm+0x40/0x70 [ 424.162182] ? page_fault+0x8/0x30 [ 424.162200] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.162219] ? page_fault+0x8/0x30 [ 424.162235] page_fault+0x1e/0x30 [ 424.162247] RIP: 0033:0x4510a0 [ 424.162264] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 424.162272] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 424.162286] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 424.162295] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 424.162310] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 424.162320] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 06:12:10 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="d16465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:10 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x0, 0x2) setsockopt$TIPC_MCAST_REPLICAST(r0, 0x10f, 0x86) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:10 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:10 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020007"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:10 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x7e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000"]}, 0xf6) 06:12:10 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465762f696e70d7742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) [ 424.162329] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 424.474989] kernel msg: ebtables bug: please report to author: entries_size too small 06:12:10 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 424.559108] FAULT_FLAG_ALLOW_RETRY missing 70 [ 424.564393] FAULT_FLAG_ALLOW_RETRY missing 70 [ 424.573613] CPU: 0 PID: 19716 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 424.582216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.591571] Call Trace: [ 424.594168] dump_stack+0x244/0x39d [ 424.597815] ? dump_stack_print_info.cold.1+0x20/0x20 [ 424.603051] handle_userfault.cold.30+0x47/0x62 [ 424.607732] ? _raw_spin_unlock_irq+0x27/0x80 [ 424.612241] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 424.616848] ? userfaultfd_ioctl+0x5610/0x5610 [ 424.621922] ? mark_held_locks+0x130/0x130 [ 424.626166] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.631722] ? _raw_spin_unlock_irq+0x60/0x80 [ 424.636228] ? finish_task_switch+0x1f4/0x910 [ 424.640737] ? finish_task_switch+0x1b4/0x910 [ 424.645241] ? __switch_to_asm+0x34/0x70 [ 424.649313] ? preempt_notifier_register+0x200/0x200 [ 424.654476] ? __switch_to_asm+0x34/0x70 06:12:10 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:10 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 424.658695] ? __switch_to_asm+0x34/0x70 [ 424.662762] ? __switch_to_asm+0x40/0x70 [ 424.666828] ? __switch_to_asm+0x34/0x70 [ 424.670897] ? __switch_to_asm+0x40/0x70 [ 424.674966] ? __switch_to_asm+0x34/0x70 [ 424.679045] ? __switch_to_asm+0x40/0x70 [ 424.684081] ? __switch_to_asm+0x34/0x70 [ 424.688156] ? print_usage_bug+0xc0/0xc0 [ 424.692223] ? __switch_to_asm+0x40/0x70 [ 424.696293] ? __switch_to_asm+0x34/0x70 [ 424.700356] ? __switch_to_asm+0x40/0x70 [ 424.704430] ? __schedule+0xa49/0x21e0 06:12:10 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 424.708324] ? print_usage_bug+0xc0/0xc0 [ 424.712397] ? graph_lock+0x270/0x270 [ 424.716209] ? mark_held_locks+0xc7/0x130 [ 424.720367] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 424.725143] ? find_held_lock+0x36/0x1c0 [ 424.729235] ? __handle_mm_fault+0x4d19/0x5b70 [ 424.733832] ? lock_downgrade+0x900/0x900 [ 424.738010] ? kasan_check_read+0x11/0x20 [ 424.742165] ? do_raw_spin_unlock+0xa7/0x330 [ 424.746583] ? do_raw_spin_trylock+0x270/0x270 [ 424.751179] ? fault_dirty_shared_page.isra.87+0x320/0x320 06:12:10 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x4000000000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f00000001c0)="646e735f7265736f6c766572006f28e5c23693b8788cbf9c3691e6ce3ce8d52aa535b8352be94912f15ab393cecaa40bd810e03c627163e03fb0e4eca6bdaaf1c41f933066ad07e7ed000aae257dcd", &(0x7f0000000040)={"0200", 0x0}, &(0x7f0000000000), 0x5f, 0xfffffffffffffff9) [ 424.756826] __handle_mm_fault+0x4d26/0x5b70 [ 424.761253] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 424.766109] ? graph_lock+0x270/0x270 [ 424.769921] ? kasan_check_read+0x11/0x20 [ 424.774079] ? graph_lock+0x270/0x270 [ 424.777887] ? rcu_read_unlock_special+0x370/0x370 [ 424.782833] ? graph_lock+0x270/0x270 [ 424.786640] ? graph_lock+0x270/0x270 [ 424.790666] ? find_held_lock+0x36/0x1c0 [ 424.794743] ? find_held_lock+0x36/0x1c0 [ 424.798825] ? handle_mm_fault+0x42a/0xc70 [ 424.803069] ? lock_downgrade+0x900/0x900 06:12:10 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 424.807218] ? check_preemption_disabled+0x48/0x280 [ 424.807241] ? kasan_check_read+0x11/0x20 [ 424.807256] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 424.807271] ? rcu_read_unlock_special+0x370/0x370 [ 424.807287] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 424.807305] ? check_preemption_disabled+0x48/0x280 [ 424.837175] handle_mm_fault+0x54f/0xc70 [ 424.841256] ? __handle_mm_fault+0x5b70/0x5b70 [ 424.845850] ? find_vma+0x34/0x190 [ 424.849400] __do_page_fault+0x5f6/0xd70 [ 424.853469] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.859034] do_page_fault+0xf2/0x7e0 [ 424.862842] ? vmalloc_sync_all+0x30/0x30 [ 424.867012] ? error_entry+0x70/0xd0 [ 424.870733] ? trace_hardirqs_off_caller+0xbb/0x310 [ 424.875759] ? trace_hardirqs_on_caller+0xc0/0x310 [ 424.880874] ? syscall_return_slowpath+0x5e0/0x5e0 [ 424.885806] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.890659] ? trace_hardirqs_on_caller+0x310/0x310 [ 424.895690] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 424.901153] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 424.906185] ? prepare_exit_to_usermode+0x291/0x3b0 [ 424.911210] ? page_fault+0x8/0x30 [ 424.914762] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.919617] ? page_fault+0x8/0x30 [ 424.923169] page_fault+0x1e/0x30 [ 424.926630] RIP: 0033:0x4510a0 [ 424.929830] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 424.949544] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 424.954912] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 424.962186] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 424.969457] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 424.976729] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 424.984012] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 425.021876] CPU: 0 PID: 19713 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 425.030495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.039858] Call Trace: [ 425.042470] dump_stack+0x244/0x39d [ 425.046122] ? dump_stack_print_info.cold.1+0x20/0x20 [ 425.051340] handle_userfault.cold.30+0x47/0x62 [ 425.056009] ? userfaultfd_ioctl+0x5610/0x5610 [ 425.060581] ? mark_held_locks+0x130/0x130 [ 425.064805] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 425.069810] ? futex_wait_setup+0x266/0x3e0 [ 425.074129] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 425.079310] ? userfaultfd_ctx_put+0x830/0x830 [ 425.083885] ? print_usage_bug+0xc0/0xc0 [ 425.087950] ? print_usage_bug+0xc0/0xc0 [ 425.092021] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 425.097241] ? print_usage_bug+0xc0/0xc0 [ 425.101301] ? graph_lock+0x270/0x270 [ 425.105090] ? futex_wake+0x304/0x760 [ 425.108885] ? find_held_lock+0x36/0x1c0 [ 425.112942] ? __handle_mm_fault+0x4d19/0x5b70 [ 425.117540] ? lock_downgrade+0x900/0x900 [ 425.121682] ? kasan_check_read+0x11/0x20 [ 425.125814] ? do_raw_spin_unlock+0xa7/0x330 [ 425.130212] ? do_raw_spin_trylock+0x270/0x270 [ 425.134787] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 425.140406] __handle_mm_fault+0x4d26/0x5b70 [ 425.145007] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 425.149850] ? graph_lock+0x270/0x270 [ 425.153659] ? kasan_check_read+0x11/0x20 [ 425.157800] ? graph_lock+0x270/0x270 [ 425.161593] ? rcu_read_unlock_special+0x370/0x370 [ 425.166516] ? graph_lock+0x270/0x270 [ 425.170302] ? graph_lock+0x270/0x270 [ 425.174103] ? find_held_lock+0x36/0x1c0 [ 425.178154] ? find_held_lock+0x36/0x1c0 [ 425.182212] ? handle_mm_fault+0x42a/0xc70 [ 425.186461] ? lock_downgrade+0x900/0x900 [ 425.190606] ? check_preemption_disabled+0x48/0x280 [ 425.195638] ? kasan_check_read+0x11/0x20 [ 425.199794] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 425.205091] ? rcu_read_unlock_special+0x370/0x370 [ 425.210059] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 425.215614] ? check_preemption_disabled+0x48/0x280 [ 425.220760] handle_mm_fault+0x54f/0xc70 [ 425.224814] ? __handle_mm_fault+0x5b70/0x5b70 [ 425.229495] ? find_vma+0x34/0x190 [ 425.233039] __do_page_fault+0x5f6/0xd70 [ 425.237101] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.242631] do_page_fault+0xf2/0x7e0 [ 425.246465] ? vmalloc_sync_all+0x30/0x30 [ 425.250618] ? error_entry+0x70/0xd0 [ 425.254437] ? trace_hardirqs_off_caller+0xbb/0x310 [ 425.259475] ? trace_hardirqs_on_caller+0xc0/0x310 [ 425.264397] ? syscall_return_slowpath+0x5e0/0x5e0 [ 425.269323] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.274155] ? trace_hardirqs_on_caller+0x310/0x310 [ 425.279166] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 425.284608] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 425.289724] ? prepare_exit_to_usermode+0x291/0x3b0 [ 425.294730] ? page_fault+0x8/0x30 [ 425.298260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.303093] ? page_fault+0x8/0x30 [ 425.306622] page_fault+0x1e/0x30 [ 425.310064] RIP: 0033:0x4510a0 [ 425.313251] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 425.332228] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 425.337580] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 425.344839] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 425.352097] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 425.359356] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 425.366632] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:11 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="986465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:11 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02007f"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:11 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x87, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]}, 0xff) 06:12:11 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:11 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inp%t/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:11 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x87, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]}, 0xff) [ 425.458091] kernel msg: ebtables bug: please report to author: entries_size too small [ 425.464753] dns_resolver: Unsupported server list version (0) [ 425.520604] FAULT_FLAG_ALLOW_RETRY missing 70 [ 425.528189] CPU: 1 PID: 19759 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 425.536829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.546191] Call Trace: [ 425.548813] dump_stack+0x244/0x39d [ 425.552010] kernel msg: ebtables bug: please report to author: entries_size too small [ 425.552463] ? dump_stack_print_info.cold.1+0x20/0x20 [ 425.565636] handle_userfault.cold.30+0x47/0x62 [ 425.566708] FAULT_FLAG_ALLOW_RETRY missing 70 [ 425.570325] ? userfaultfd_ioctl+0x5610/0x5610 [ 425.570345] ? mark_held_locks+0x130/0x130 [ 425.570367] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 425.588673] ? futex_wait_setup+0x266/0x3e0 [ 425.593030] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 425.598239] ? userfaultfd_ctx_put+0x830/0x830 [ 425.602840] ? print_usage_bug+0xc0/0xc0 [ 425.605893] kernel msg: ebtables bug: please report to author: entries_size too small [ 425.606916] ? print_usage_bug+0xc0/0xc0 [ 425.606937] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 425.606954] ? print_usage_bug+0xc0/0xc0 [ 425.606976] ? graph_lock+0x270/0x270 [ 425.632026] ? futex_wake+0x304/0x760 [ 425.635780] cgroup: fork rejected by pids controller in [ 425.635840] ? find_held_lock+0x36/0x1c0 [ 425.635878] /syz3 [ 425.641313] ? __handle_mm_fault+0x4d19/0x5b70 [ 425.641329] ? lock_downgrade+0x900/0x900 [ 425.641355] ? kasan_check_read+0x11/0x20 [ 425.660875] ? do_raw_spin_unlock+0xa7/0x330 [ 425.665302] ? do_raw_spin_trylock+0x270/0x270 [ 425.669895] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 425.675545] __handle_mm_fault+0x4d26/0x5b70 [ 425.679969] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 425.684821] ? graph_lock+0x270/0x270 [ 425.688627] ? kasan_check_read+0x11/0x20 [ 425.692782] ? graph_lock+0x270/0x270 [ 425.696587] ? rcu_read_unlock_special+0x370/0x370 [ 425.701531] ? graph_lock+0x270/0x270 [ 425.705334] ? graph_lock+0x270/0x270 [ 425.709149] ? find_held_lock+0x36/0x1c0 [ 425.713216] ? find_held_lock+0x36/0x1c0 [ 425.717289] ? handle_mm_fault+0x42a/0xc70 [ 425.721540] ? lock_downgrade+0x900/0x900 [ 425.725697] ? check_preemption_disabled+0x48/0x280 [ 425.730728] ? kasan_check_read+0x11/0x20 [ 425.735058] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 425.740349] ? rcu_read_unlock_special+0x370/0x370 [ 425.745284] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 425.750831] ? check_preemption_disabled+0x48/0x280 [ 425.756378] handle_mm_fault+0x54f/0xc70 [ 425.760545] ? __handle_mm_fault+0x5b70/0x5b70 [ 425.765138] ? find_vma+0x34/0x190 [ 425.768693] __do_page_fault+0x5f6/0xd70 [ 425.772763] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.778315] do_page_fault+0xf2/0x7e0 [ 425.782216] ? vmalloc_sync_all+0x30/0x30 [ 425.786376] ? error_entry+0x70/0xd0 [ 425.790608] ? trace_hardirqs_off_caller+0xbb/0x310 [ 425.795634] ? trace_hardirqs_on_caller+0xc0/0x310 [ 425.800576] ? syscall_return_slowpath+0x5e0/0x5e0 [ 425.805510] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.810381] ? trace_hardirqs_on_caller+0x310/0x310 [ 425.815408] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 425.820869] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 425.825907] ? prepare_exit_to_usermode+0x291/0x3b0 [ 425.830932] ? page_fault+0x8/0x30 [ 425.834482] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.839331] ? page_fault+0x8/0x30 [ 425.842880] page_fault+0x1e/0x30 [ 425.846348] RIP: 0033:0x4510a0 [ 425.849549] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 06:12:11 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x87, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]}, 0xff) 06:12:11 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x8c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"]}, 0x104) [ 425.869125] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 425.874494] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 425.881766] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 425.889124] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 425.896397] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 425.903667] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 425.910962] CPU: 0 PID: 19764 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 425.919553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.928916] Call Trace: [ 425.931516] dump_stack+0x244/0x39d [ 425.935152] ? dump_stack_print_info.cold.1+0x20/0x20 [ 425.940366] ? preempt_schedule+0x4d/0x60 [ 425.944537] handle_userfault.cold.30+0x47/0x62 [ 425.949236] ? userfaultfd_ioctl+0x5610/0x5610 [ 425.953941] ? mark_held_locks+0x130/0x130 [ 425.958183] ? find_held_lock+0x36/0x1c0 [ 425.962258] ? futex_wake+0x613/0x760 [ 425.966068] ? userfaultfd_ctx_put+0x830/0x830 [ 425.970665] ? kasan_check_read+0x11/0x20 [ 425.974823] ? print_usage_bug+0xc0/0xc0 [ 425.978901] ? do_raw_spin_trylock+0x270/0x270 [ 425.983486] ? print_usage_bug+0xc0/0xc0 [ 425.987556] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 425.992758] ? print_usage_bug+0xc0/0xc0 [ 425.996831] ? graph_lock+0x270/0x270 [ 426.000640] ? futex_wake+0x304/0x760 [ 426.004463] ? find_held_lock+0x36/0x1c0 [ 426.008545] ? __handle_mm_fault+0x4d19/0x5b70 [ 426.013137] ? lock_downgrade+0x900/0x900 [ 426.017302] ? kasan_check_read+0x11/0x20 [ 426.021458] ? do_raw_spin_unlock+0xa7/0x330 [ 426.025898] ? do_raw_spin_trylock+0x270/0x270 [ 426.030493] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 426.036133] __handle_mm_fault+0x4d26/0x5b70 [ 426.040559] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 426.045410] ? graph_lock+0x270/0x270 [ 426.049217] ? kasan_check_read+0x11/0x20 [ 426.053369] ? graph_lock+0x270/0x270 [ 426.057202] ? rcu_read_unlock_special+0x370/0x370 [ 426.062163] ? graph_lock+0x270/0x270 [ 426.065975] ? graph_lock+0x270/0x270 06:12:11 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:11 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) fchmod(r0, 0xda) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:11 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020002"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 426.069782] ? find_held_lock+0x36/0x1c0 [ 426.073850] ? find_held_lock+0x36/0x1c0 [ 426.077938] ? handle_mm_fault+0x42a/0xc70 [ 426.082179] ? lock_downgrade+0x900/0x900 [ 426.086340] ? check_preemption_disabled+0x48/0x280 [ 426.091370] ? kasan_check_read+0x11/0x20 [ 426.095522] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 426.100810] ? rcu_read_unlock_special+0x370/0x370 [ 426.105751] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.111293] ? check_preemption_disabled+0x48/0x280 [ 426.116317] handle_mm_fault+0x54f/0xc70 [ 426.116335] ? __handle_mm_fault+0x5b70/0x5b70 [ 426.116352] ? find_vma+0x34/0x190 [ 426.116372] __do_page_fault+0x5f6/0xd70 [ 426.116391] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.138236] do_page_fault+0xf2/0x7e0 [ 426.142053] ? vmalloc_sync_all+0x30/0x30 [ 426.146213] ? error_entry+0x70/0xd0 [ 426.149946] ? trace_hardirqs_off_caller+0xbb/0x310 [ 426.154965] ? trace_hardirqs_on_caller+0xc0/0x310 [ 426.154983] ? syscall_return_slowpath+0x5e0/0x5e0 [ 426.154999] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.155016] ? trace_hardirqs_on_caller+0x310/0x310 [ 426.155034] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 426.174774] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 426.174826] ? prepare_exit_to_usermode+0x291/0x3b0 [ 426.174881] ? page_fault+0x8/0x30 [ 426.174897] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.174914] ? page_fault+0x8/0x30 [ 426.193921] page_fault+0x1e/0x30 [ 426.193935] RIP: 0033:0x4510a0 [ 426.193952] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 426.193960] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 426.208948] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 426.208962] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 426.247775] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 426.255055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 426.262331] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:12 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:12 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c16465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:12 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:12 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$FICLONE(r1, 0x40049409, r2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r2}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000040)={r3, 0x80000, r0}) 06:12:12 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 426.519932] FAULT_FLAG_ALLOW_RETRY missing 70 [ 426.527351] CPU: 0 PID: 19800 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 426.535950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.545311] Call Trace: [ 426.547938] dump_stack+0x244/0x39d [ 426.551599] ? dump_stack_print_info.cold.1+0x20/0x20 [ 426.556836] ? preempt_schedule+0x4d/0x60 [ 426.561026] handle_userfault.cold.30+0x47/0x62 [ 426.565723] ? userfaultfd_ioctl+0x5610/0x5610 [ 426.570325] ? mark_held_locks+0x130/0x130 [ 426.574576] ? find_held_lock+0x36/0x1c0 [ 426.578655] ? futex_wake+0x613/0x760 [ 426.582578] ? userfaultfd_ctx_put+0x830/0x830 [ 426.587174] ? kasan_check_read+0x11/0x20 [ 426.591333] ? print_usage_bug+0xc0/0xc0 [ 426.595399] ? do_raw_spin_trylock+0x270/0x270 [ 426.599992] ? print_usage_bug+0xc0/0xc0 [ 426.604065] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 426.609269] ? print_usage_bug+0xc0/0xc0 [ 426.613338] ? graph_lock+0x270/0x270 [ 426.617149] ? futex_wake+0x304/0x760 [ 426.621479] ? find_held_lock+0x36/0x1c0 [ 426.625560] ? __handle_mm_fault+0x4d19/0x5b70 [ 426.630148] ? lock_downgrade+0x900/0x900 [ 426.634318] ? kasan_check_read+0x11/0x20 [ 426.638475] ? do_raw_spin_unlock+0xa7/0x330 [ 426.642887] ? do_raw_spin_trylock+0x270/0x270 [ 426.647482] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 426.653130] __handle_mm_fault+0x4d26/0x5b70 [ 426.657562] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 426.662416] ? graph_lock+0x270/0x270 [ 426.666222] ? kasan_check_read+0x11/0x20 [ 426.670377] ? graph_lock+0x270/0x270 [ 426.674183] ? rcu_read_unlock_special+0x370/0x370 [ 426.679134] ? graph_lock+0x270/0x270 [ 426.682943] ? graph_lock+0x270/0x270 [ 426.686753] ? find_held_lock+0x36/0x1c0 [ 426.690837] ? find_held_lock+0x36/0x1c0 [ 426.694929] ? handle_mm_fault+0x42a/0xc70 [ 426.699171] ? lock_downgrade+0x900/0x900 [ 426.703326] ? check_preemption_disabled+0x48/0x280 [ 426.708363] ? kasan_check_read+0x11/0x20 [ 426.712527] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 426.717823] ? rcu_read_unlock_special+0x370/0x370 [ 426.722767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.728330] ? check_preemption_disabled+0x48/0x280 [ 426.733364] handle_mm_fault+0x54f/0xc70 [ 426.737447] ? __handle_mm_fault+0x5b70/0x5b70 [ 426.742038] ? find_vma+0x34/0x190 [ 426.745589] __do_page_fault+0x5f6/0xd70 [ 426.749659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.755217] do_page_fault+0xf2/0x7e0 [ 426.759026] ? vmalloc_sync_all+0x30/0x30 [ 426.763181] ? error_entry+0x70/0xd0 [ 426.766906] ? trace_hardirqs_off_caller+0xbb/0x310 [ 426.771937] ? trace_hardirqs_on_caller+0xc0/0x310 [ 426.776877] ? syscall_return_slowpath+0x5e0/0x5e0 [ 426.781830] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.786676] ? trace_hardirqs_on_caller+0x310/0x310 [ 426.786693] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 426.786708] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 426.786724] ? prepare_exit_to_usermode+0x291/0x3b0 [ 426.786742] ? page_fault+0x8/0x30 [ 426.811227] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.816080] ? page_fault+0x8/0x30 [ 426.819627] page_fault+0x1e/0x30 [ 426.823099] RIP: 0033:0x4510a0 [ 426.826290] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 426.826299] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 426.826311] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 426.826321] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 426.826330] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 426.826339] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 426.826352] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:12 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inpXt/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:12 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:12 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 426.974182] dns_resolver_preparse: 22 callbacks suppressed [ 426.974191] Invalid option length (1042293) for dns_resolver key [ 427.059568] FAULT_FLAG_ALLOW_RETRY missing 70 [ 427.064245] CPU: 1 PID: 19822 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 427.072823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.082164] Call Trace: [ 427.084878] dump_stack+0x244/0x39d [ 427.088509] ? dump_stack_print_info.cold.1+0x20/0x20 [ 427.093699] handle_userfault.cold.30+0x47/0x62 [ 427.098374] ? userfaultfd_ioctl+0x5610/0x5610 [ 427.102949] ? mark_held_locks+0x130/0x130 [ 427.107178] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 427.112181] ? futex_wait_setup+0x266/0x3e0 [ 427.116494] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 427.121674] ? userfaultfd_ctx_put+0x830/0x830 [ 427.126249] ? print_usage_bug+0xc0/0xc0 [ 427.130309] ? print_usage_bug+0xc0/0xc0 [ 427.134357] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 427.139536] ? print_usage_bug+0xc0/0xc0 [ 427.143599] ? graph_lock+0x270/0x270 [ 427.147385] ? futex_wake+0x304/0x760 [ 427.151179] ? find_held_lock+0x36/0x1c0 [ 427.155248] ? __handle_mm_fault+0x4d19/0x5b70 [ 427.159855] ? lock_downgrade+0x900/0x900 [ 427.164005] ? kasan_check_read+0x11/0x20 [ 427.168139] ? do_raw_spin_unlock+0xa7/0x330 [ 427.172535] ? do_raw_spin_trylock+0x270/0x270 [ 427.177117] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 427.182734] __handle_mm_fault+0x4d26/0x5b70 [ 427.187197] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 427.192032] ? graph_lock+0x270/0x270 [ 427.195822] ? kasan_check_read+0x11/0x20 [ 427.199957] ? graph_lock+0x270/0x270 [ 427.203750] ? rcu_read_unlock_special+0x370/0x370 [ 427.208681] ? graph_lock+0x270/0x270 [ 427.212563] ? graph_lock+0x270/0x270 [ 427.216495] ? find_held_lock+0x36/0x1c0 [ 427.220550] ? find_held_lock+0x36/0x1c0 [ 427.224605] ? handle_mm_fault+0x42a/0xc70 [ 427.228833] ? lock_downgrade+0x900/0x900 [ 427.232984] ? check_preemption_disabled+0x48/0x280 [ 427.238000] ? kasan_check_read+0x11/0x20 [ 427.242135] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 427.247404] ? rcu_read_unlock_special+0x370/0x370 [ 427.252319] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 427.257846] ? check_preemption_disabled+0x48/0x280 [ 427.262855] handle_mm_fault+0x54f/0xc70 [ 427.266923] ? __handle_mm_fault+0x5b70/0x5b70 [ 427.271494] ? find_vma+0x34/0x190 [ 427.275044] __do_page_fault+0x5f6/0xd70 [ 427.279095] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.284623] do_page_fault+0xf2/0x7e0 [ 427.288425] ? vmalloc_sync_all+0x30/0x30 [ 427.292573] ? error_entry+0x70/0xd0 [ 427.296286] ? trace_hardirqs_off_caller+0xbb/0x310 [ 427.301288] ? trace_hardirqs_on_caller+0xc0/0x310 [ 427.306238] ? syscall_return_slowpath+0x5e0/0x5e0 [ 427.311165] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.316010] ? trace_hardirqs_on_caller+0x310/0x310 [ 427.321013] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 427.326454] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 427.331460] ? prepare_exit_to_usermode+0x291/0x3b0 [ 427.336460] ? page_fault+0x8/0x30 [ 427.339988] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.344820] ? page_fault+0x8/0x30 [ 427.348458] page_fault+0x1e/0x30 [ 427.351900] RIP: 0033:0x4510a0 [ 427.355092] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 427.373997] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 427.379346] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 427.386600] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 427.393859] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 427.401113] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 427.408367] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:13 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x8c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"]}, 0x104) 06:12:13 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x200000000000003c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000500)={{{@in6=@remote, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}}}, &(0x7f0000000600)=0xe8) lstat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000700)={0x0, 0x0}, &(0x7f0000000740)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000780)={{{@in6=@ipv4={[], [], @dev}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000000880)=0xe8) syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000040)='./file0\x00', 0x4, 0x5, &(0x7f0000000480)=[{&(0x7f0000000140)="413c5176d1b3028760812bbbe777b650a74bd8023b2d2852b3f2f573325295665edd10ec1f1a0b30ac32987477d90a6f1c4d2cc253fee4cc2c825e070174693118bba19ae58dfd1f10ac23b416270a3e618b2f65b2be8e6a52bd257f178a09e6f2eda7cdb1", 0x65, 0x1000}, {&(0x7f00000001c0)="fab8a3de47de0de379a7f9ba26fef1c7c37a85e27872a0ebedfe2d34c642870d5a69d9963f0d642ffe3fe28a453e07752a3b3ab2964fab29b2532a7c65763459d54ae0c517575562a209c35934e4854825de31a9e8fa757c3fc4cbe48fd36a0162a0a2623f72e236e77f53af96515c3f3acfc3079e43e60be1b2875436ae401fb0b5839cd2a86c92b7b46bb28f691320c9f0c18cb30c5482358e305fca8536e1022a3c884b044d4fe41a87b31501840184788523c8066ad11219c62be24a64c1a4ee6e396d26bcabc713a7889af6306ece5ee38d9aab18c7362bf2b045628e3a8a835eedbb77503841318bc3bbe2", 0xee, 0x4}, {&(0x7f00000002c0)="f71ed36f2cd97ba2e7b6aa428272b28ade5f97f1e5e5144398ecb02326a1edf03938c17648729ec6ff0fd20325ebe9c3b72385d794bcd7258b621a3dc017e17d2c0e6fdd23bcaf069dee42e408999f630d984851ac813894b796cc187ba56e5fccb41b253a2a02e98b4398d031f67ed3d524140b5adb4dd04842c43af4d1a6d5efceb38bb02a33c883b05c0dfeb1bea0d12d7299", 0x94, 0x4}, {&(0x7f0000000380)="a578545c6bf4318cd74c9309f00e07fc9be0a4d2dd1acd52", 0x18, 0xff}, {&(0x7f00000003c0)="4b19a0de92f4269818c31504f61c165886ab400e0feb0f71b9b0886f15c8462ac5d96b1b217befaacbc22d5da99d396dab72b4a17bacb4bab49b5153f6f1279fccbfaf648d2a52c0a1b2b67fa35935e723ea33efcf254625221fceeed53a4b11a160829eaaf96ac89d177e89ba71f7204073cdaf43371d8ea2cad0a5c77379031be18d84a84520a4e841df8c3bb36d599f4c47462fea9cda30e1e12f1e28f828d7f6416d1431414591c575ef8ba59184bb", 0xb1, 0x9}], 0x80, &(0x7f00000008c0)={[{@uid={'uid', 0x3d, r1}}, {@errors_remount='errors=remount-ro'}, {@uid={'uid', 0x3d, r2}}, {@uid={'uid', 0x3d, r3}}, {@errors_remount='errors=remount-ro'}, {@errors_remount='errors=remount-ro'}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}], [{@appraise_type='appraise_type=imasig'}, {@fowner_lt={'fowner<', r4}}, {@fsname={'fsname', 0x3d, ':wlan1{'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}]}) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:13 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:13 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:13 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465762f696e7075d72f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:13 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="996465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:13 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 427.523389] Invalid option length (1042293) for dns_resolver key 06:12:13 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 427.584276] FAULT_FLAG_ALLOW_RETRY missing 70 [ 427.588077] Invalid option length (1042293) for dns_resolver key [ 427.593650] CPU: 0 PID: 19834 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 427.603574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.612928] Call Trace: [ 427.615528] dump_stack+0x244/0x39d [ 427.619162] ? dump_stack_print_info.cold.1+0x20/0x20 [ 427.624373] handle_userfault.cold.30+0x47/0x62 [ 427.629132] ? userfaultfd_ioctl+0x5610/0x5610 06:12:13 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200ff"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 427.633761] ? mark_held_locks+0x130/0x130 [ 427.638017] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 427.642959] Invalid option length (1042293) for dns_resolver key [ 427.643058] ? futex_wait_setup+0x266/0x3e0 [ 427.653563] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 427.658771] ? userfaultfd_ctx_put+0x830/0x830 [ 427.663365] ? print_usage_bug+0xc0/0xc0 [ 427.667437] ? print_usage_bug+0xc0/0xc0 [ 427.671504] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 427.676690] ? print_usage_bug+0xc0/0xc0 [ 427.676722] ? graph_lock+0x270/0x270 06:12:13 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020006"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 427.676737] ? futex_wake+0x304/0x760 [ 427.676763] ? find_held_lock+0x36/0x1c0 [ 427.692971] ? __handle_mm_fault+0x4d19/0x5b70 [ 427.697565] ? lock_downgrade+0x900/0x900 [ 427.701745] ? kasan_check_read+0x11/0x20 [ 427.701818] Invalid option length (1042293) for dns_resolver key [ 427.705895] ? do_raw_spin_unlock+0xa7/0x330 [ 427.705910] ? do_raw_spin_trylock+0x270/0x270 [ 427.705928] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 427.705952] __handle_mm_fault+0x4d26/0x5b70 [ 427.731177] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 427.736028] ? graph_lock+0x270/0x270 [ 427.739840] ? kasan_check_read+0x11/0x20 [ 427.744002] ? graph_lock+0x270/0x270 [ 427.747813] ? rcu_read_unlock_special+0x370/0x370 [ 427.752797] ? graph_lock+0x270/0x270 [ 427.756611] ? graph_lock+0x270/0x270 [ 427.757543] Invalid option length (1042293) for dns_resolver key [ 427.760416] ? find_held_lock+0x36/0x1c0 [ 427.760438] ? find_held_lock+0x36/0x1c0 [ 427.760462] ? handle_mm_fault+0x42a/0xc70 [ 427.778941] ? lock_downgrade+0x900/0x900 06:12:13 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020068"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 427.783099] ? check_preemption_disabled+0x48/0x280 [ 427.788150] ? kasan_check_read+0x11/0x20 [ 427.792303] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 427.792319] ? rcu_read_unlock_special+0x370/0x370 [ 427.792340] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 427.802527] ? check_preemption_disabled+0x48/0x280 [ 427.802577] handle_mm_fault+0x54f/0xc70 [ 427.817152] ? __handle_mm_fault+0x5b70/0x5b70 [ 427.821763] ? find_vma+0x34/0x190 [ 427.825339] __do_page_fault+0x5f6/0xd70 [ 427.829415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 06:12:13 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 427.834978] do_page_fault+0xf2/0x7e0 [ 427.837608] Invalid option length (1042293) for dns_resolver key [ 427.838804] ? vmalloc_sync_all+0x30/0x30 [ 427.838822] ? error_entry+0x70/0xd0 [ 427.838843] ? trace_hardirqs_off_caller+0xbb/0x310 [ 427.857831] ? trace_hardirqs_on_caller+0xc0/0x310 [ 427.862792] ? syscall_return_slowpath+0x5e0/0x5e0 [ 427.867734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.867752] ? trace_hardirqs_on_caller+0x310/0x310 [ 427.867770] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 427.877604] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 427.877622] ? prepare_exit_to_usermode+0x291/0x3b0 [ 427.877639] ? page_fault+0x8/0x30 [ 427.877660] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.901458] ? page_fault+0x8/0x30 [ 427.904984] page_fault+0x1e/0x30 [ 427.908442] RIP: 0033:0x4510a0 [ 427.911760] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 427.912856] Invalid option length (1042293) for dns_resolver key [ 427.930689] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 427.930734] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 427.930744] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 427.930752] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 427.930761] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 427.930770] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 428.032401] Invalid option length (232) for dns_resolver key [ 428.088686] jfs: Unrecognized mount option "appraise_type=imasig" or missing value [ 428.124661] IPVS: ftp: loaded support on port[0] = 21 [ 428.170469] Invalid option length (232) for dns_resolver key [ 428.178619] jfs: Unrecognized mount option "appraise_type=imasig" or missing value [ 428.586133] bridge0: port 1(bridge_slave_0) entered blocking state [ 428.592701] bridge0: port 1(bridge_slave_0) entered disabled state [ 428.599756] device bridge_slave_0 entered promiscuous mode [ 428.627582] bridge0: port 2(bridge_slave_1) entered blocking state [ 428.634386] bridge0: port 2(bridge_slave_1) entered disabled state [ 428.641398] device bridge_slave_1 entered promiscuous mode [ 428.667606] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 428.693725] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 428.770573] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 428.799954] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 428.916914] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 428.924035] team0: Port device team_slave_0 added [ 428.950357] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 428.957696] team0: Port device team_slave_1 added [ 428.983146] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 429.010930] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 429.039730] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 429.070645] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 429.315392] bridge0: port 2(bridge_slave_1) entered blocking state [ 429.321949] bridge0: port 2(bridge_slave_1) entered forwarding state [ 429.328629] bridge0: port 1(bridge_slave_0) entered blocking state [ 429.335021] bridge0: port 1(bridge_slave_0) entered forwarding state [ 430.225901] 8021q: adding VLAN 0 to HW filter on device bond0 [ 430.311845] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 430.398720] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 430.404862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 430.412133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 430.493125] 8021q: adding VLAN 0 to HW filter on device team0 06:12:16 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x8e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e4"]}, 0x106) 06:12:16 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:16 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inputQevent#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:16 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:16 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="c26465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:16 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000)) [ 431.006890] kernel msg: ebtables bug: please report to author: entries_size too small 06:12:16 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x8e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e4"]}, 0x106) 06:12:16 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"020048"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 431.098595] kernel msg: ebtables bug: please report to author: entries_size too small [ 431.121245] handle_userfault: 1 callbacks suppressed [ 431.121253] FAULT_FLAG_ALLOW_RETRY missing 70 [ 431.125426] FAULT_FLAG_ALLOW_RETRY missing 70 [ 431.148742] CPU: 1 PID: 20142 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 431.157465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.166824] Call Trace: [ 431.169428] dump_stack+0x244/0x39d [ 431.173076] ? dump_stack_print_info.cold.1+0x20/0x20 [ 431.178286] handle_userfault.cold.30+0x47/0x62 [ 431.182974] ? userfaultfd_ioctl+0x5610/0x5610 [ 431.187570] ? mark_held_locks+0x130/0x130 [ 431.191819] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 431.196835] ? futex_wait_setup+0x266/0x3e0 [ 431.201200] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 431.206904] ? userfaultfd_ctx_put+0x830/0x830 [ 431.211494] ? print_usage_bug+0xc0/0xc0 [ 431.215560] ? print_usage_bug+0xc0/0xc0 [ 431.219628] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 431.224821] ? print_usage_bug+0xc0/0xc0 [ 431.228893] ? graph_lock+0x270/0x270 [ 431.232698] ? futex_wake+0x304/0x760 [ 431.236514] ? find_held_lock+0x36/0x1c0 [ 431.240589] ? __handle_mm_fault+0x4d19/0x5b70 [ 431.245174] ? lock_downgrade+0x900/0x900 [ 431.249334] ? kasan_check_read+0x11/0x20 [ 431.253488] ? do_raw_spin_unlock+0xa7/0x330 [ 431.257901] ? do_raw_spin_trylock+0x270/0x270 [ 431.262490] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 431.268127] __handle_mm_fault+0x4d26/0x5b70 [ 431.272548] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 431.277403] ? graph_lock+0x270/0x270 [ 431.281206] ? kasan_check_read+0x11/0x20 [ 431.285366] ? graph_lock+0x270/0x270 [ 431.289172] ? rcu_read_unlock_special+0x370/0x370 [ 431.294111] ? graph_lock+0x270/0x270 [ 431.297913] ? graph_lock+0x270/0x270 [ 431.301713] ? find_held_lock+0x36/0x1c0 [ 431.306278] ? find_held_lock+0x36/0x1c0 [ 431.310350] ? handle_mm_fault+0x42a/0xc70 [ 431.314597] ? lock_downgrade+0x900/0x900 [ 431.318749] ? check_preemption_disabled+0x48/0x280 [ 431.323771] ? kasan_check_read+0x11/0x20 [ 431.327919] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 431.333197] ? rcu_read_unlock_special+0x370/0x370 [ 431.338130] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 431.343670] ? check_preemption_disabled+0x48/0x280 [ 431.348698] handle_mm_fault+0x54f/0xc70 [ 431.352778] ? __handle_mm_fault+0x5b70/0x5b70 [ 431.357371] ? find_vma+0x34/0x190 [ 431.360918] __do_page_fault+0x5f6/0xd70 [ 431.364981] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.370526] do_page_fault+0xf2/0x7e0 [ 431.374326] ? vmalloc_sync_all+0x30/0x30 [ 431.378480] ? error_entry+0x70/0xd0 [ 431.382197] ? trace_hardirqs_off_caller+0xbb/0x310 [ 431.387211] ? trace_hardirqs_on_caller+0xc0/0x310 [ 431.392144] ? syscall_return_slowpath+0x5e0/0x5e0 [ 431.397076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.401919] ? trace_hardirqs_on_caller+0x310/0x310 [ 431.407407] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 431.412864] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 431.417887] ? prepare_exit_to_usermode+0x291/0x3b0 [ 431.422907] ? page_fault+0x8/0x30 [ 431.426451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.431324] ? page_fault+0x8/0x30 [ 431.434874] page_fault+0x1e/0x30 [ 431.438329] RIP: 0033:0x4510a0 [ 431.441529] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 431.460427] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 431.465787] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 431.473056] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 431.480324] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 431.487600] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 06:12:17 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 431.494871] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 431.502164] CPU: 0 PID: 20146 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 431.510754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.520112] Call Trace: [ 431.522717] dump_stack+0x244/0x39d [ 431.526379] ? dump_stack_print_info.cold.1+0x20/0x20 [ 431.527466] kernel msg: ebtables bug: please report to author: entries_size too small [ 431.531578] ? preempt_schedule+0x4d/0x60 [ 431.531606] handle_userfault.cold.30+0x47/0x62 [ 431.531632] ? userfaultfd_ioctl+0x5610/0x5610 [ 431.553032] ? mark_held_locks+0x130/0x130 [ 431.557293] ? find_held_lock+0x36/0x1c0 [ 431.561381] ? futex_wake+0x613/0x760 [ 431.565193] ? userfaultfd_ctx_put+0x830/0x830 [ 431.569791] ? kasan_check_read+0x11/0x20 [ 431.573949] ? print_usage_bug+0xc0/0xc0 [ 431.578015] ? do_raw_spin_trylock+0x270/0x270 [ 431.582589] ? print_usage_bug+0xc0/0xc0 [ 431.586647] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 431.591828] ? print_usage_bug+0xc0/0xc0 [ 431.595878] ? graph_lock+0x270/0x270 [ 431.599670] ? futex_wake+0x304/0x760 [ 431.603469] ? find_held_lock+0x36/0x1c0 [ 431.607533] ? __handle_mm_fault+0x4d19/0x5b70 [ 431.612106] ? lock_downgrade+0x900/0x900 [ 431.616268] ? kasan_check_read+0x11/0x20 [ 431.620411] ? do_raw_spin_unlock+0xa7/0x330 [ 431.624808] ? do_raw_spin_trylock+0x270/0x270 [ 431.629471] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 431.635092] __handle_mm_fault+0x4d26/0x5b70 [ 431.639495] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 431.644354] ? graph_lock+0x270/0x270 [ 431.648147] ? kasan_check_read+0x11/0x20 [ 431.652284] ? graph_lock+0x270/0x270 [ 431.656077] ? rcu_read_unlock_special+0x370/0x370 [ 431.661004] ? graph_lock+0x270/0x270 [ 431.664792] ? graph_lock+0x270/0x270 [ 431.668592] ? find_held_lock+0x36/0x1c0 [ 431.672641] ? find_held_lock+0x36/0x1c0 [ 431.676699] ? handle_mm_fault+0x42a/0xc70 [ 431.680925] ? lock_downgrade+0x900/0x900 [ 431.685061] ? check_preemption_disabled+0x48/0x280 [ 431.690086] ? kasan_check_read+0x11/0x20 [ 431.694224] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 431.699499] ? rcu_read_unlock_special+0x370/0x370 [ 431.704520] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 431.710047] ? check_preemption_disabled+0x48/0x280 [ 431.715058] handle_mm_fault+0x54f/0xc70 [ 431.719127] ? __handle_mm_fault+0x5b70/0x5b70 [ 431.723701] ? find_vma+0x34/0x190 [ 431.727232] __do_page_fault+0x5f6/0xd70 [ 431.731283] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.736817] do_page_fault+0xf2/0x7e0 [ 431.740607] ? vmalloc_sync_all+0x30/0x30 [ 431.744747] ? error_entry+0x70/0xd0 [ 431.748450] ? trace_hardirqs_off_caller+0xbb/0x310 [ 431.753457] ? trace_hardirqs_on_caller+0xc0/0x310 [ 431.758378] ? syscall_return_slowpath+0x5e0/0x5e0 [ 431.763298] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.768139] ? trace_hardirqs_on_caller+0x310/0x310 [ 431.773142] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 431.778583] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 431.783591] ? prepare_exit_to_usermode+0x291/0x3b0 [ 431.788593] ? page_fault+0x8/0x30 [ 431.792124] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.796960] ? page_fault+0x8/0x30 [ 431.800487] page_fault+0x1e/0x30 [ 431.803930] RIP: 0033:0x4510a0 [ 431.807114] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 431.826018] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 431.831368] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 431.838625] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 06:12:17 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x8e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e4"]}, 0x106) [ 431.845885] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 431.853144] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 431.860404] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:17 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:17 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:17 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000140)={0x0, 0x7a247d19, 0x7fff, 0xfc00000000000000, 0xfffffffffffff801, 0x9, 0x7fffffff, 0xe4, {0x0, @in={{0x2, 0x4e24, @multicast2}}, 0xffffffffffffff1a, 0xffffffff, 0x6, 0x4, 0x200000000000000}}, &(0x7f0000000000)=0xb0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000200)={r1, 0xa9, "4b26852f257635bdba4f11ac562dfd40d62613f998a6cf11b42ef273935d45f5083cc2a9fcf0af1d410d6112dde331e71556a6944d8c48fcaa18badb9b5f07f49d3867dc7c0dc09d8f53310e285dd24a5e63f167a267f21651bbb464819cf3fa8248e175548bd02090dd17bc425598d92e1bb167b467bda6e81045c8daf14f09cda044138a80361f6d609d6d6547ce0116408e48fc7e26894aab1c0b883f6b7c339ea8d87527305c59"}, &(0x7f0000000040)=0xb1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:17 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x8f, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000002000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00e400"]}, 0x107) [ 431.959767] kernel msg: ebtables bug: please report to author: entries_size too small [ 432.034417] dns_resolver_preparse: 4 callbacks suppressed [ 432.034425] Invalid option length (1042293) for dns_resolver key [ 432.045470] Invalid option length (1042293) for dns_resolver key 06:12:17 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/inputVevent#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:17 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="e26465762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:17 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4), 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:17 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) socket$alg(0x26, 0x5, 0x0) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:17 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 432.149171] kernel msg: ebtables bug: please report to author: entries_size too small [ 432.208292] FAULT_FLAG_ALLOW_RETRY missing 70 [ 432.213096] FAULT_FLAG_ALLOW_RETRY missing 70 [ 432.218065] CPU: 0 PID: 20188 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 432.224961] Invalid option length (1042293) for dns_resolver key [ 432.226653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.226660] Call Trace: [ 432.226687] dump_stack+0x244/0x39d [ 432.226712] ? dump_stack_print_info.cold.1+0x20/0x20 [ 432.226747] handle_userfault.cold.30+0x47/0x62 [ 432.226777] ? userfaultfd_ioctl+0x5610/0x5610 [ 432.226795] ? mark_held_locks+0x130/0x130 [ 432.226812] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 432.226826] ? futex_wait_setup+0x266/0x3e0 [ 432.226856] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 432.226877] ? userfaultfd_ctx_put+0x830/0x830 [ 432.226900] ? print_usage_bug+0xc0/0xc0 [ 432.226918] ? print_usage_bug+0xc0/0xc0 [ 432.226938] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 432.226954] ? print_usage_bug+0xc0/0xc0 [ 432.226971] ? graph_lock+0x270/0x270 [ 432.226987] ? futex_wake+0x304/0x760 [ 432.227014] ? find_held_lock+0x36/0x1c0 [ 432.249756] Invalid option length (1042293) for dns_resolver key [ 432.253903] ? __handle_mm_fault+0x4d19/0x5b70 [ 432.253924] ? lock_downgrade+0x900/0x900 [ 432.330235] ? kasan_check_read+0x11/0x20 [ 432.334395] ? do_raw_spin_unlock+0xa7/0x330 [ 432.338802] ? do_raw_spin_trylock+0x270/0x270 [ 432.338821] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 432.338844] __handle_mm_fault+0x4d26/0x5b70 [ 432.349051] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 432.349071] ? graph_lock+0x270/0x270 [ 432.349087] ? kasan_check_read+0x11/0x20 [ 432.349101] ? graph_lock+0x270/0x270 [ 432.349116] ? rcu_read_unlock_special+0x370/0x370 [ 432.349141] ? graph_lock+0x270/0x270 [ 432.349153] ? graph_lock+0x270/0x270 [ 432.349165] ? find_held_lock+0x36/0x1c0 [ 432.349182] ? find_held_lock+0x36/0x1c0 [ 432.349204] ? handle_mm_fault+0x42a/0xc70 [ 432.349219] ? lock_downgrade+0x900/0x900 [ 432.349235] ? check_preemption_disabled+0x48/0x280 [ 432.349262] ? kasan_check_read+0x11/0x20 [ 432.349281] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 432.349296] ? rcu_read_unlock_special+0x370/0x370 [ 432.349312] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.349330] ? check_preemption_disabled+0x48/0x280 [ 432.410024] Invalid option length (1042293) for dns_resolver key [ 432.413745] handle_mm_fault+0x54f/0xc70 [ 432.413765] ? __handle_mm_fault+0x5b70/0x5b70 [ 432.444050] ? find_vma+0x34/0x190 [ 432.447606] __do_page_fault+0x5f6/0xd70 [ 432.451673] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 06:12:18 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 432.457229] do_page_fault+0xf2/0x7e0 [ 432.461049] ? vmalloc_sync_all+0x30/0x30 [ 432.465205] ? error_entry+0x70/0xd0 [ 432.468928] ? trace_hardirqs_off_caller+0xbb/0x310 [ 432.473954] ? trace_hardirqs_on_caller+0xc0/0x310 [ 432.478888] ? syscall_return_slowpath+0x5e0/0x5e0 [ 432.483827] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.488683] ? trace_hardirqs_on_caller+0x310/0x310 [ 432.493714] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 432.499180] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 432.504203] ? prepare_exit_to_usermode+0x291/0x3b0 [ 432.509228] ? page_fault+0x8/0x30 [ 432.512785] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.517630] ? page_fault+0x8/0x30 [ 432.521173] page_fault+0x1e/0x30 [ 432.524624] RIP: 0033:0x4510a0 [ 432.527833] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 432.546755] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 432.552153] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 432.559424] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 432.566696] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 432.573963] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 432.581246] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 432.588543] CPU: 1 PID: 20193 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 432.597130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.606956] Call Trace: 06:12:18 executing program 3: capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000804000)) msgsnd(0x0, &(0x7f0000000240)={0x3}, 0x8, 0x0) 06:12:18 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4), 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:18 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10200, 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000)=0x8) ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000140)=""/201) fcntl$getownex(r0, 0x10, &(0x7f0000000280)) write$P9_RRENAMEAT(r1, &(0x7f0000000240)={0x7, 0x4b, 0x1}, 0x7) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 432.609558] dump_stack+0x244/0x39d [ 432.613213] ? dump_stack_print_info.cold.1+0x20/0x20 [ 432.618454] handle_userfault.cold.30+0x47/0x62 [ 432.618486] ? userfaultfd_ioctl+0x5610/0x5610 06:12:18 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"02004c"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 432.618504] ? mark_held_locks+0x130/0x130 [ 432.618521] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 432.618536] ? futex_wait_setup+0x266/0x3e0 06:12:18 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x400000009) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000140)) [ 432.618565] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 432.618587] ? userfaultfd_ctx_put+0x830/0x830 [ 432.618610] ? print_usage_bug+0xc0/0xc0 [ 432.618627] ? print_usage_bug+0xc0/0xc0 [ 432.618646] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 432.618662] ? print_usage_bug+0xc0/0xc0 [ 432.618679] ? graph_lock+0x270/0x270 [ 432.618694] ? futex_wake+0x304/0x760 [ 432.618724] ? find_held_lock+0x36/0x1c0 [ 432.618999] ? __handle_mm_fault+0x4d19/0x5b70 [ 432.619012] ? lock_downgrade+0x900/0x900 [ 432.619026] ? kasan_check_read+0x11/0x20 [ 432.619035] ? do_raw_spin_unlock+0xa7/0x330 [ 432.619043] ? do_raw_spin_trylock+0x270/0x270 [ 432.619053] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 432.619068] __handle_mm_fault+0x4d26/0x5b70 [ 432.619083] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 432.619093] ? graph_lock+0x270/0x270 [ 432.619101] ? kasan_check_read+0x11/0x20 [ 432.619110] ? graph_lock+0x270/0x270 [ 432.619120] ? rcu_read_unlock_special+0x370/0x370 [ 432.619134] ? graph_lock+0x270/0x270 [ 432.619142] ? graph_lock+0x270/0x270 06:12:18 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4), 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 432.619150] ? find_held_lock+0x36/0x1c0 [ 432.619161] ? find_held_lock+0x36/0x1c0 [ 432.619175] ? handle_mm_fault+0x42a/0xc70 [ 432.619184] ? lock_downgrade+0x900/0x900 [ 432.619195] ? check_preemption_disabled+0x48/0x280 [ 432.619207] ? kasan_check_read+0x11/0x20 [ 432.619215] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 432.619224] ? rcu_read_unlock_special+0x370/0x370 [ 432.619247] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.619264] ? check_preemption_disabled+0x48/0x280 [ 432.619287] handle_mm_fault+0x54f/0xc70 [ 432.619307] ? __handle_mm_fault+0x5b70/0x5b70 [ 432.619325] ? find_vma+0x34/0x190 [ 432.619346] __do_page_fault+0x5f6/0xd70 [ 432.619361] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.619386] do_page_fault+0xf2/0x7e0 [ 432.619403] ? vmalloc_sync_all+0x30/0x30 [ 432.619419] ? error_entry+0x70/0xd0 [ 432.619438] ? trace_hardirqs_off_caller+0xbb/0x310 [ 432.619453] ? trace_hardirqs_on_caller+0xc0/0x310 [ 432.619480] ? syscall_return_slowpath+0x5e0/0x5e0 [ 432.619495] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.619511] ? trace_hardirqs_on_caller+0x310/0x310 [ 432.619526] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 432.619543] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 432.619560] ? prepare_exit_to_usermode+0x291/0x3b0 [ 432.619574] ? page_fault+0x8/0x30 [ 432.619592] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.619610] ? page_fault+0x8/0x30 [ 432.619626] page_fault+0x1e/0x30 [ 432.619638] RIP: 0033:0x4510a0 [ 432.619652] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 432.619661] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 432.619673] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 432.619683] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 432.619692] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 432.619719] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 432.619728] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 432.620989] Invalid option length (1042293) for dns_resolver key [ 432.745821] Invalid option length (1042293) for dns_resolver key [ 432.750872] Invalid option length (1042293) for dns_resolver key [ 432.771239] Invalid option length (1042293) for dns_resolver key 06:12:18 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2f6465762f696e707574d76576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:18 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.ev/input/event#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:18 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) getresuid(&(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)=0x0) r3 = getegid() lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$HDIO_GETGEO(r1, 0x301, &(0x7f00000006c0)) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0}, &(0x7f0000000400)=0xc) mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='fuse\x00', 0x40000, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r3}, 0x2c, {[{@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x1e00}}, {@default_permissions='default_permissions'}, {@blksize={'blksize'}}, {@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0xc00}}, {@max_read={'max_read', 0x3d, 0x7}}], [{@hash='hash'}, {@subj_role={'subj_role', 0x3d, '/dev/rtc0\x00'}}, {@fsname={'fsname', 0x3d, 'dns_resolver\x00'}}, {@fowner_gt={'fowner>', r4}}, {@measure='measure'}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@euid_eq={'euid', 0x3d, r5}}, {@smackfsfloor={'smackfsfloor', 0x3d, '+*wlan1eth1.cpuset'}}, {@appraise='appraise'}, {@dont_appraise='dont_appraise'}]}}) r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000640)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_DQBUF(r6, 0xc0585611, &(0x7f0000000140)={0x0, 0x5, 0x4, 0x1054000, {0x77359400}, {0x2, 0x2, 0x9, 0x1, 0x5, 0xfc, '_5Y;'}, 0x4, 0x4, @planes=&(0x7f0000000040)={0x400, 0x0, @fd=r0, 0x1}, 0x4}) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) linkat(r1, &(0x7f0000000000)='./file1\x00', r1, &(0x7f0000000680)='\x00', 0x1400) 06:12:18 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:18 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x6000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:18 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r2) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 06:12:18 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") r1 = socket$inet(0x15, 0x5, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x20, @local}, 0x10) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @rand_addr=0x5}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0) [ 433.183128] Invalid option length (1042293) for dns_resolver key 06:12:19 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:19 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x3}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 433.290320] FAULT_FLAG_ALLOW_RETRY missing 70 [ 433.295230] CPU: 1 PID: 20256 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 433.303821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.313191] Call Trace: [ 433.315796] dump_stack+0x244/0x39d [ 433.319449] ? dump_stack_print_info.cold.1+0x20/0x20 [ 433.324674] handle_userfault.cold.30+0x47/0x62 [ 433.329371] ? userfaultfd_ioctl+0x5610/0x5610 [ 433.333969] ? mark_held_locks+0x130/0x130 [ 433.338224] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 433.343252] ? futex_wait_setup+0x266/0x3e0 [ 433.346287] FAULT_FLAG_ALLOW_RETRY missing 70 [ 433.347614] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 433.347635] ? userfaultfd_ctx_put+0x830/0x830 [ 433.361878] ? print_usage_bug+0xc0/0xc0 [ 433.365951] ? print_usage_bug+0xc0/0xc0 [ 433.370513] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 433.375719] ? print_usage_bug+0xc0/0xc0 [ 433.379783] ? graph_lock+0x270/0x270 [ 433.383576] ? futex_wake+0x304/0x760 [ 433.387376] ? find_held_lock+0x36/0x1c0 [ 433.391436] ? __handle_mm_fault+0x4d19/0x5b70 [ 433.396005] ? lock_downgrade+0x900/0x900 [ 433.400160] ? kasan_check_read+0x11/0x20 [ 433.404298] ? do_raw_spin_unlock+0xa7/0x330 [ 433.408697] ? do_raw_spin_trylock+0x270/0x270 [ 433.413286] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 433.418905] __handle_mm_fault+0x4d26/0x5b70 [ 433.423310] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 433.428145] ? graph_lock+0x270/0x270 [ 433.431948] ? kasan_check_read+0x11/0x20 [ 433.436105] ? graph_lock+0x270/0x270 [ 433.439895] ? rcu_read_unlock_special+0x370/0x370 [ 433.444838] ? graph_lock+0x270/0x270 [ 433.448628] ? graph_lock+0x270/0x270 [ 433.452416] ? find_held_lock+0x36/0x1c0 [ 433.456469] ? find_held_lock+0x36/0x1c0 [ 433.460523] ? handle_mm_fault+0x42a/0xc70 [ 433.464749] ? lock_downgrade+0x900/0x900 [ 433.469466] ? check_preemption_disabled+0x48/0x280 [ 433.474479] ? kasan_check_read+0x11/0x20 [ 433.478618] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 433.483884] ? rcu_read_unlock_special+0x370/0x370 [ 433.488805] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 433.494341] ? check_preemption_disabled+0x48/0x280 [ 433.499353] handle_mm_fault+0x54f/0xc70 [ 433.503407] ? __handle_mm_fault+0x5b70/0x5b70 [ 433.507981] ? find_vma+0x34/0x190 [ 433.511517] __do_page_fault+0x5f6/0xd70 [ 433.515565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 433.521097] do_page_fault+0xf2/0x7e0 [ 433.524888] ? vmalloc_sync_all+0x30/0x30 [ 433.529039] ? error_entry+0x70/0xd0 [ 433.532746] ? trace_hardirqs_off_caller+0xbb/0x310 [ 433.537750] ? trace_hardirqs_on_caller+0xc0/0x310 [ 433.542683] ? syscall_return_slowpath+0x5e0/0x5e0 [ 433.547603] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.552451] ? trace_hardirqs_on_caller+0x310/0x310 [ 433.557456] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 433.562897] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 433.568387] ? prepare_exit_to_usermode+0x291/0x3b0 [ 433.573391] ? page_fault+0x8/0x30 [ 433.576921] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.581752] ? page_fault+0x8/0x30 [ 433.585281] page_fault+0x1e/0x30 [ 433.588721] RIP: 0033:0x4510a0 [ 433.591905] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 433.610793] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 433.616151] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 433.623410] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 433.630667] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 433.637922] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 433.645199] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 433.670758] CPU: 0 PID: 20257 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 433.679369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.688733] Call Trace: 06:12:19 executing program 4: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0x3}, &(0x7f0000000140)="a5aed88a2f48f68b779e17e0084ef372b4d686711c378d0f641d7674283785d32f883255ccf2256b732569c2b6513ef1e0281b7c30bfbfd07a0251dd5054af4f746121d76f0d6f6bbc0f4f817e67da7736829af221bde3b3915ae8b2e708f035254de278d46042912cd9253576f2d1638cc1ecc63a2e07ad8585e63a80f5c53d6658", 0x22, 0xfffffffffffffffb) 06:12:19 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:19 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x6c}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 433.691336] dump_stack+0x244/0x39d [ 433.694990] ? dump_stack_print_info.cold.1+0x20/0x20 [ 433.695023] handle_userfault.cold.30+0x47/0x62 [ 433.695054] ? userfaultfd_ioctl+0x5610/0x5610 [ 433.695072] ? mark_held_locks+0x130/0x130 [ 433.695090] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 433.695104] ? futex_wait_setup+0x266/0x3e0 [ 433.695149] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 433.695170] ? userfaultfd_ctx_put+0x830/0x830 [ 433.695195] ? print_usage_bug+0xc0/0xc0 [ 433.695212] ? print_usage_bug+0xc0/0xc0 [ 433.695232] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 433.695248] ? print_usage_bug+0xc0/0xc0 [ 433.695265] ? graph_lock+0x270/0x270 [ 433.695280] ? futex_wake+0x304/0x760 [ 433.695312] ? find_held_lock+0x36/0x1c0 [ 433.695340] ? __handle_mm_fault+0x4d19/0x5b70 [ 433.695358] ? lock_downgrade+0x900/0x900 [ 433.695383] ? kasan_check_read+0x11/0x20 [ 433.695397] ? do_raw_spin_unlock+0xa7/0x330 [ 433.695413] ? do_raw_spin_trylock+0x270/0x270 [ 433.695432] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 433.695460] __handle_mm_fault+0x4d26/0x5b70 [ 433.695486] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 433.695505] ? graph_lock+0x270/0x270 [ 433.695521] ? kasan_check_read+0x11/0x20 [ 433.695537] ? graph_lock+0x270/0x270 [ 433.695554] ? rcu_read_unlock_special+0x370/0x370 [ 433.695581] ? graph_lock+0x270/0x270 [ 433.695596] ? graph_lock+0x270/0x270 [ 433.695611] ? find_held_lock+0x36/0x1c0 [ 433.695632] ? find_held_lock+0x36/0x1c0 [ 433.695658] ? handle_mm_fault+0x42a/0xc70 [ 433.695677] ? lock_downgrade+0x900/0x900 [ 433.695695] ? check_preemption_disabled+0x48/0x280 [ 433.695717] ? kasan_check_read+0x11/0x20 [ 433.695732] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 433.695749] ? rcu_read_unlock_special+0x370/0x370 [ 433.695767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 433.695784] ? check_preemption_disabled+0x48/0x280 [ 433.695807] handle_mm_fault+0x54f/0xc70 [ 433.695828] ? __handle_mm_fault+0x5b70/0x5b70 [ 433.695846] ? find_vma+0x34/0x190 [ 433.695868] __do_page_fault+0x5f6/0xd70 [ 433.695884] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 433.695909] do_page_fault+0xf2/0x7e0 [ 433.695926] ? vmalloc_sync_all+0x30/0x30 [ 433.695942] ? error_entry+0x70/0xd0 [ 433.695960] ? trace_hardirqs_off_caller+0xbb/0x310 [ 433.695976] ? trace_hardirqs_on_caller+0xc0/0x310 [ 433.695993] ? syscall_return_slowpath+0x5e0/0x5e0 [ 433.696009] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.696026] ? trace_hardirqs_on_caller+0x310/0x310 [ 433.696042] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 433.696060] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 433.696078] ? prepare_exit_to_usermode+0x291/0x3b0 [ 433.696093] ? page_fault+0x8/0x30 [ 433.696112] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.696144] ? page_fault+0x8/0x30 [ 433.696161] page_fault+0x1e/0x30 [ 433.696173] RIP: 0033:0x4510a0 06:12:19 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x68}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 433.696190] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 433.696199] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 433.696212] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e [ 433.696222] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 433.696231] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 433.696241] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 433.696250] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff 06:12:19 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) dup2(r0, r0) syz_open_procfs(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r2 = userfaultfd(0x0) setsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140), 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)="2fc165762f696e7075742f6576656e742300", 0x0, 0x0) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x0) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:19 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:19 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000), 0x4) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) 06:12:19 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f00000000c0)={{}, {0x608, 0x401}, 0x0, 0x1, 0x6}) r2 = syz_open_procfs(0x0, 0x0) r3 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x7ab, 0x0) r4 = userfaultfd(0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000200)=0xffffffffffff3586, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000001fe8)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/\nvent#\x00', 0x0, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fffffff) ioctl$UFFDIO_WAKE(r4, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000012000/0x3000)=nil, 0x3000}) 06:12:19 executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) mount(&(0x7f0000000500)=ANY=[], &(0x7f000000aff8)='./file0\x00', &(0x7f0000000400)='devtmpfs\x00', 0x0, &(0x7f000001c000)) r1 = fcntl$getown(r0, 0x9) prctl$PR_SET_PTRACER(0x59616d61, r1) munmap(&(0x7f0000551000/0x2000)=nil, 0x2000) chdir(&(0x7f0000000480)='./file0\x00') ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000200)=0x0) r3 = getpgrp(r2) sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x7) r4 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$binfmt_elf64(r4, &(0x7f0000000080)=ANY=[], 0xfffffef6) write$cgroup_type(0xffffffffffffffff, 0x0, 0x0) getgid() getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000b80)={{{@in=@multicast1, @in6=@mcast2}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f0000000c80)=0xe8) fstat(r0, &(0x7f0000000cc0)) lstat(&(0x7f00000024c0)='./file0\x00', &(0x7f0000002500)) getegid() sendmmsg$unix(r4, &(0x7f00000025c0)=[{&(0x7f0000000d80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002400)=[{&(0x7f0000002300)="f6fb97bc7429c3a0ebefd4d938b6a65a04017aca22f13613e863ec9842c78e4ec079a2d70b74b29927a5c24fe0dcf4155a3fb4d1de3df1d9f260dac780e5b41992e7415cc4a7f58448bf12848502bd5f254a023c0a19261e88e506a6d1e6b6adfbc792eac50da2bd88c0f75e68cbf495d08c75c3a9832c278a26f3e0cca715f2763dd8795192271e128222e89264ee0d6154772905fb23331b5f223f22bb9b219fdcb0036c5c406d092519ec8130bc6c0db6cef11c4cf62c55582b5657f9e5c082f8377851018cabfab38b49bb80", 0xce}], 0x1, 0x0, 0x0, 0x10}], 0x1, 0x40001) getsockname$inet6(0xffffffffffffffff, 0x0, 0x0) r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) ioctl$EVIOCREVOKE(r5, 0x40044591, &(0x7f0000000240)=0x1ef0) write$eventfd(r5, &(0x7f0000000080), 0xfffffe5e) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x201) r6 = add_key(&(0x7f0000000100)='rxrpc\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000280)="6dbd6c1b4f50611bb9ba05e96b2ef5a59ac365fae4581f1aec2d8d6502a34eb70f92435b8c0f825f195bfc6a1a0991eb953da125c2ed47f6848d4ab95bbe44d3b7a628355898195402178adda5939b49bae17b1f7c1af4d98fd70a35bb94018b55d53f4359f41e713cf9ebe79432092e6925159f2015b09112", 0x79, 0xfffffffffffffffe) r7 = add_key(&(0x7f00000001c0)='trusted\x00', &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000e00)="c82362e4a877d16596cd066a42d85793113115adc3f8d69bfaca1a2feee6ab523d08d8ba41aa5cb22dfb14ef18b99d4b154771285f4ff5649558a24a415de85ab39a26777610a6491d5d7d752e4e7f0dc521905b653fc1db2f75447086937b1951271b0589cb7b57dfed5188aea972253e388b33b84eddb2a6724e796977a4b95607bd5df65db59615049c16282c82c9e3f326818fdfc8a87485a903b84060462c0eb21dfa4ea1176730198b949cc95482802fbcf7cbcd8c1a51597d6d608222a05e90f02c0f36cf3e509eda4d076ec42f8e58821fc012087e7222fd5927c326cabc4fc1ff56f10a7f41e4dfe7ca9420a5b1ff63db7fa2974b4e98496bc1112fa0086b4d8f3dc87f974a942ca53c8c816c4f7eea6fc63dc5458305b17a3123aceea7208802b445f32f464b9d2cf54c293864ab45536806333fd99c2e15b3a901f392efbe86f06bb4a5cf1f15234b66ccc0cf5b6618018c15b2db0375829853ad7a1642bc07230ffc1814ae43a19a95ad1e1c0ff90e73a105cad4de542416e081444c0430490f6560d2c264fd9d52aa68b07a34a3e0e7077468a881f0f4a39b06f7464628ea19a7d13fed3e7c9ab0ea48d919d9ae3eb83ed305fd6fa2d4643b44e84d1b089088d4acbd94bf17e989b0d384bb184bf6167a64c5e3eb624048ecc7e4497a850f84c3b6563581b541b4b4d3a929d6aabd6970fb9b6ad721800d8d82689c368dad94da61db1f063f71a119aa49f40a82d76de25c1be10475a8c4b8a77545de55f4a582d2c7d1d8daf0bd8a18cb5fe31974ea4877fd5daf70b2cb1561daca767f3450ce0782cb4c7d5f63a3e431fe6e25dea5c5d18aa36d0b46b12e2ff023b404dee96622e2b845464dda2b65de90c306b5debf0ac633439c294dedd2b5f7d650a36b25ce01dfc3f60ec261f6c8b57564803e73fbb9740ca65b85ac5d02d7f1aab3863024d2e51db03f74b1602787a2ab67abf4d646835dc40f15c93b6ff41e6279b9101ec057851d4c478a7a7d7480d4566d3b7a1e0b0d288f8e4207da41190fa9abac906961f9148ec211cfba0bcb0a64d72c373b00383af6a1fbe0e25b46d0f95f81d82bb5f66bbd49610f0298592d587b21f5b2359d749ff3c4ba09d9e537920e3d21adb9bb527c1789e735cdc7fe1607ad0044e9ce3202b4e355d51b21e37066f4c8b9e13c973b47ecbb13da2d52fed6e71a561b14b83f709344ec9d4cfd63a6255d1b1ecf1247d3329a7e6e0d23ca1bafaba5e869bf777187190cff18c6bafad1ee5011d0709276772636613d2ab9aa9e64a79e0dd9aab7c35588b874fb54ebf319cbd8892ff1c1526c2c5e3e0aab3f9ce300d65aa04892212b776a44a9cf77a70deaf5c7ff5fa5c2e8577fed2dd51bbfdbf39fabaa342dc8cec782a4c9e3bcce0d3c8308aa7a39f6f3810ee5faf6b01f1438eb52eeb82ac909160133b5240ba96c247a7dd3eae0ead4fabb0a8489383287d59b58cbd0f98e495d1ea0e9b62c28de89714c87fd50c748762124db4d0d720204981cfb9a68de6e31b052d782d9bd0336c59f0fe7b6878c7eabc5df4ce06190339002bca4c8c954584967dbe6d937c33a5c5a8559581bdd39f720236b4503403e209378d7007aa7e05dc402c84ded767d7ec35a7d02895279f0198cb00372ce4c0082823ba7d751f0ade0717a88b22030f31b6d3d4e9cf554f6dd52a01abc7dbc38e3cfe11ff1438fe1621df312627e9b461ca87a73f700bb3b71f9878e816e402e92f14c4d7778df2ecf9199fbe9c1bab795ba6c962391843ce6240857b78782492964302796f9cb72b9988127d5f1fa569b9263698af191b8ac9a6118e2f0f0823e8de8b41c5ac9181e843e9a56f3de5ab8a4125b730cbdddf2f657f2a747e99799db154057a18a8f31cd87f99ddb64feacaabeab389979fdbab7afaf10f9046fff95b1e29769e8c47cbf3eceb88d4529fcc00606d8ccecb176c05607cfe9f8d7d0fa791e1324b61e2fb231a867b0faf9730f8f61e8b075a85bdb09754e31604bb1c50f61575e6d9ad389f3a4cb2bb08897beca2863eb2c1effdf4862a2083b44ab5bddd0928992a0f440f9c577d89b8c4a2ba213ba6fb19d042d38a2bd086705069419018c04ffd4012cf4597dd17f109e2467c373aeda1c59883b375f915fc890407230ecac49f9373b0ffb70825f0b781b268394c3570a7c65d81d0ad6c755f6e3248594025cd5617b110926cde5b7829e32ab9c74d9b746f49ffd754a928a04edd1db2a3a8e62a7d5b326ffe4caf24214150b34d9b06f89287ea60ed6c7b7ed65d587b54e9aacb3dec2581b35738142ea769cb79125f34905f770558e289ef5cdb9955035ea8c9b2dec7ee6595b455ecd4a40668946dbfa7cbfa4ab6b4816f50d786dcf1a60c77fdeb5c77984f7ff5b987b96eed60a33791f6a5435febcb2453c87947cbb3494f9e6b97f25dd6496ca05b4f8adcb80b3c45f86fc06b6f92e04222b1dbb9acd769fcd7a26193a862a608397a35306f41861b12f6627c9d20293dacc3f15635cbb8ed411ed588f847b35cd8e0e2540a3274bd855cc782cba43db593b17c624a4b92770773a9ca61ce4fd70571c85503dcdcfe90a937766fb77a8cfebaa247ca3a948dfef89be2f0128457183f56cae777487af2c6aad822df456723cab05ff4c69080b505498082c624950ce60784606464714f7a5480cb8b20e2b9f92f780aa4478879f4e6434e8e14208282da10d13dc83f31f94c6cff0f521730da2e2f11877a881765d80106af5c1b3b9b10648171b7e2f8dc5c07ef3f7950d7b1300d79b86f2b8ee23e17b28b9724c435f60696dab5450ee88691db435904323c71d64eab066f608eead00af6c3e938313cd30432851a943c957798637ef6fe4ee01c1a1c7a15456fb92d75269c05d022f2a42825b9ad736b3f694d430d6139e2197b8e09868459ecda513b8056e7d6df58778c1a9e75f13354203ac22791672e32085243ef9c4428864f7769a9b0f925e58fe99fc3284174f1a1ef79168b7a16fa1b6a8afaf97ab9ded0d8da5107cf6d06f5c09c8cfe1285a2a605d22466ed56362d41b68c2591d1d722ec33b5041d73b06d137f13818841598f6bfedce14e352672f70bab137191f7890c13309367f427b9260a2a02728843347c7575a963b6e00a0f5cafa4188a9fb33ff36e20baa33a426cae48bea2844b109191d862ce193954af609d841cfd4e1c5631302da848a50633fe42c269ab359f616a57ab701522d2df8c3070671bd4d4f79e2d06b06d2c50cf41ae70ca88bf94f8a98a647f17feb5ed67b4254565b915a2a9e368a0b4ced186ba5f7ef42a5839f42bd28999a289054ee617661852c70c92d0ca510bac5ea149d85f0292b6a5137f90a75674fa8c2b4b928d0437270df9f992c5ff7c5c7b044def388056423c9a85168ff4b93bcf413163039461bc50146455a939d8a5ab39fa2eb52cdec94846ea56c0a3cebfbb8a97a80d028a143449a1e045f52095001dfa4f76adea1c6a1a58517a545e28541c7fc69adf07bc08d5faa11a729f6b3b506e73cdff1e6d1b5b4e50e61819da1b34e6a436c2b398d789aea5c26ae5983a1a8267afcf7d595a3d2ba8487107c667b69dae866a2831bc3c4ebd7583469089b454977f294cc323b41460eef4b7e07a96092e7d3d52f89072208fde4e9a752e859092bcc30ddc079458fbbe25a5229b0d8c8d19b00ddefa5330b8151abad6759d37d400bb92adda5f7011d7b8affbc878bdb3fd94724bd42a4a0ba68789779eb441054ff06f76805b4cf7040fd195d7f91dc473926d3093782aebfe66d411a34b6bdfd904c7c5ec9ad68be710581aadfd7de9baf9555518bfb08417c9d9b44f952a5ad04e878bb613c2b87bb00c2ab07a98e548e157b8fd42f4b95949c1651e24b90cb4ad64ba521ea82f07f7c8c5888d16faa96fc0f59ff79f0365038bca472eb3fa35bf140d2833788b9710901c1b31162d8b115164d266505c4ba0752f8f8dc0b7b108e27b6628b1b466e93a369a9901043b87a3dc8663b77281a9a7e222d74441ed2fb19e09320408e29c67d3c9cde62e16c9b04be85dc58929566e4a28cf0bdf5f736b337e5bcd8863952fedb95519684477c76782d1ed9d188825dc4c87ba6c34c82d31e0ccc3c47025af782d8c2c052a8566288c3305206fa4b490775eb36d4377bcc57a87a3fd6598096d16f2317335f1678ec28f6b90ece2bcb6bbf7d5ccfc4dbffa78885057ea8cb455df8b37a76f07759575afb698b7e80c773f0e69d1659f339453725974be028580b65f87cc912669c4cec6645168d0ad73ff82bbcc178839193c7a4e5fa723b33754ded6c10ccfc34856ca13be70c7a5a02a05709cdb752dbb8f2ab7cab099c8c94bff445b96b8b4fb4160d9cc3706447587090cdf0359f4bf37d4b49d8aab83b327198b7b1490b89927a7e7d663d824a1ee5c3585ed94131a8913f61e0a312cd5f0b67d923977b5176fcd19431baa25b9921dec8891814aeb2b9742dc91c068907245a6379987b0bda4014ca2131a9acdfdbe1ed8c828517dcce53eb35604c75fadf3ebcd2d5146b718ab4fc918106e8efa5ec6423ed8af31ee329133598cde752f69bbd3616e998414c29406ef6404531a209077a7ce8df5f0b2a6ba98897dd4704cd2dd63d2dfc71c8e5e57eb821438dc123f60c168ec565f95424b71c0fb5b716d7c66c57ced51d8fcfe561970d7f2dc7f39a71f944b796c29829f7e8ce2661ab2fab98e233e2b0e73e40114720ee6edf4fc08f90b631709f99fe1b40fcbdcf29df3b64ed44f94b6c6d829911675cad1eb13c12a28add0cca0338ee703e44fd2f479b0973f08e570d97031be7f60ac53b17e2e9b2bf32b402171802c45d0b042a3121810456dd14ed319d47639b29b77b69783575b25b9ffb81a3f3e7aee649be3ec3592887449cb927e6819c44ef01eb9c33b408884c512e633a35e47fe27e403c70ab9f6402213dbdfb9cb7f692b0ce9d5e0ab8ea07a50e887142c8edc21df3635bb0d0df70a2905e3066f5d29f53323aa264520984a5ec08bb3efe4ef3b2b1d95656228f7bed5bb263f3e3e77a743573a68b4756755da3944e8e2ddd6b78e142698be8539c12912c23a778af4116474845058b1c7919d57e892139a02b54675b19d2f62c021ed6e4b08c25183bb5fbe6a1b3e77ed8c0ef5168f4d545dcaa9a8ac1080ed70f4aae06ea4469ca40e5553915535c4fa881028a420db8738acaba80d04d75017349c19edb88670cb67b95f821562150495a60370a47ff9fce9b4f331ac240fe44d61e78e7e07632cdcb0c179c9d9b5a2fd6dc1a07899469a3fa68c4c0cb3059ff4823c394f5d73f19035c09c689bf4e16bc956a8718a341fdb60a3116f685c4c547bad8a9a3ec75cd9effe0efde36e7bc3ff67b9391b36acc7e91ef0d7779be7b0f5ae8993d45e73d999e15fc44e016ae5f176fe8fcc0ca3a710ff3aabd75e098c187e30244ce720e0e82e9bce673c7b2a83cfcd5ac3f56f646e4751f8332888d41ffbafc41427c2eed775d683060bb91fb73fb9ccc9bdacf528cc152f882bc9c6790d5b3ff025573a49e35fbbb4cc66dd2e2d7fdd2138f2cec1401d1f7863eff8fbf439b8a2ea7e16a1a7b106004a77112e3bfba1b8524dcdf5bd05c0f9b1a9bb6c8e3d11bae5c4cec4c8b45bd4c1e0a0fd95667571fbb2ffd13a8200f8d29b13d6de036ee7f9e2fdf124aae728a620d01603cc55953e34344357e8bcadf9d6303ee32b2eab3ccf8782083678ba9e164c0c85ecc9151d2be8bdcc3", 0x1000, 0xfffffffffffffffd) keyctl$unlink(0x9, r6, r7) add_key(&(0x7f0000000140)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0) 06:12:20 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, r1, 0x328, 0x70bd2c, 0x25dfdbfe, {{}, 0x0, 0x4108, 0x0, {0x4c, 0x18, {0x100000001, @link='syz1\x00'}}}, ["", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200"}, &(0x7f0000000240)="6f538884c7d3836a3e92f98a9aa4f8e9d85866c66767d0eb8f70a92e67844dae64b0f9c646be74ea426f34605ff5d13387422697d7daba0c0f277a6020f876115f995cb803e4c3", 0x47, 0xfffffffffffffffb) 06:12:20 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 06:12:20 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x2000000000000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 434.357979] FAULT_FLAG_ALLOW_RETRY missing 70 [ 434.378039] FAULT_FLAG_ALLOW_RETRY missing 70 [ 434.382742] CPU: 1 PID: 20305 Comm: syz-executor1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 434.391808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.401169] Call Trace: [ 434.403777] dump_stack+0x244/0x39d [ 434.407426] ? dump_stack_print_info.cold.1+0x20/0x20 [ 434.412645] handle_userfault.cold.30+0x47/0x62 [ 434.417349] ? userfaultfd_ioctl+0x5610/0x5610 [ 434.421948] ? mark_held_locks+0x130/0x130 [ 434.426197] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 434.431223] ? futex_wait_setup+0x266/0x3e0 [ 434.435660] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 434.440886] ? userfaultfd_ctx_put+0x830/0x830 [ 434.445488] ? print_usage_bug+0xc0/0xc0 [ 434.449566] ? print_usage_bug+0xc0/0xc0 [ 434.453644] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 434.458852] ? print_usage_bug+0xc0/0xc0 [ 434.462926] ? graph_lock+0x270/0x270 [ 434.466736] ? futex_wake+0x304/0x760 [ 434.470568] ? find_held_lock+0x36/0x1c0 [ 434.474648] ? __handle_mm_fault+0x4d19/0x5b70 [ 434.479238] ? lock_downgrade+0x900/0x900 [ 434.483406] ? kasan_check_read+0x11/0x20 [ 434.487577] ? do_raw_spin_unlock+0xa7/0x330 [ 434.487595] ? do_raw_spin_trylock+0x270/0x270 [ 434.487615] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 434.487646] __handle_mm_fault+0x4d26/0x5b70 [ 434.496633] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 434.496653] ? graph_lock+0x270/0x270 [ 434.496670] ? kasan_check_read+0x11/0x20 [ 434.496685] ? graph_lock+0x270/0x270 [ 434.496700] ? rcu_read_unlock_special+0x370/0x370 [ 434.496725] ? graph_lock+0x270/0x270 [ 434.532008] ? graph_lock+0x270/0x270 [ 434.535825] ? find_held_lock+0x36/0x1c0 [ 434.539990] ? find_held_lock+0x36/0x1c0 [ 434.544084] ? handle_mm_fault+0x42a/0xc70 [ 434.548332] ? lock_downgrade+0x900/0x900 [ 434.552490] ? check_preemption_disabled+0x48/0x280 [ 434.557526] ? kasan_check_read+0x11/0x20 [ 434.561686] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 434.566974] ? rcu_read_unlock_special+0x370/0x370 [ 434.571914] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 434.577460] ? check_preemption_disabled+0x48/0x280 [ 434.582496] handle_mm_fault+0x54f/0xc70 [ 434.586577] ? __handle_mm_fault+0x5b70/0x5b70 [ 434.591616] ? find_vma+0x34/0x190 [ 434.595174] __do_page_fault+0x5f6/0xd70 [ 434.599261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.604818] do_page_fault+0xf2/0x7e0 [ 434.608630] ? vmalloc_sync_all+0x30/0x30 [ 434.612784] ? error_entry+0x70/0xd0 [ 434.616512] ? trace_hardirqs_off_caller+0xbb/0x310 [ 434.621851] ? trace_hardirqs_on_caller+0xc0/0x310 [ 434.626797] ? syscall_return_slowpath+0x5e0/0x5e0 [ 434.631737] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 434.636599] ? trace_hardirqs_on_caller+0x310/0x310 [ 434.641622] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 434.647081] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 434.652109] ? prepare_exit_to_usermode+0x291/0x3b0 [ 434.657136] ? page_fault+0x8/0x30 [ 434.660686] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 434.665538] ? page_fault+0x8/0x30 [ 434.669095] page_fault+0x1e/0x30 [ 434.672555] RIP: 0033:0x4510a0 [ 434.675757] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 434.695111] RSP: 002b:00007f5dbe4897a8 EFLAGS: 00010202 [ 434.700487] RAX: 00007f5dbe489850 RBX: 0000000000000003 RCX: 000000000000000e 06:12:20 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x3f000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 434.707763] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007f5dbe489850 [ 434.715044] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 434.722320] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5dbe48a6d4 [ 434.729597] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 434.748695] ================================================================== [ 434.756430] BUG: KASAN: use-after-free in __list_del_entry_valid+0xf1/0x100 [ 434.761665] CPU: 1 PID: 20306 Comm: syz-executor2 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 434.763548] Read of size 8 at addr ffff8881c5e72bb0 by task kworker/0:1/12 [ 434.772131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.779125] [ 434.788939] Call Trace: [ 434.793622] dump_stack+0x244/0x39d [ 434.797256] ? dump_stack_print_info.cold.1+0x20/0x20 [ 434.802458] handle_userfault.cold.30+0x47/0x62 [ 434.807138] ? userfaultfd_ioctl+0x5610/0x5610 [ 434.811720] ? mark_held_locks+0x130/0x130 [ 434.815952] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 434.820962] ? futex_wait_setup+0x266/0x3e0 [ 434.825301] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 434.830499] ? userfaultfd_ctx_put+0x830/0x830 [ 434.835089] ? print_usage_bug+0xc0/0xc0 [ 434.839253] ? print_usage_bug+0xc0/0xc0 [ 434.843315] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 434.848504] ? print_usage_bug+0xc0/0xc0 [ 434.852583] ? graph_lock+0x270/0x270 [ 434.856379] ? futex_wake+0x304/0x760 [ 434.860191] ? find_held_lock+0x36/0x1c0 [ 434.864262] ? __handle_mm_fault+0x4d19/0x5b70 [ 434.868842] ? lock_downgrade+0x900/0x900 [ 434.872996] ? kasan_check_read+0x11/0x20 [ 434.877148] ? do_raw_spin_unlock+0xa7/0x330 [ 434.881556] ? do_raw_spin_trylock+0x270/0x270 [ 434.886146] ? fault_dirty_shared_page.isra.87+0x320/0x320 [ 434.892230] __handle_mm_fault+0x4d26/0x5b70 [ 434.896648] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 434.901492] ? graph_lock+0x270/0x270 [ 434.905294] ? kasan_check_read+0x11/0x20 [ 434.909443] ? graph_lock+0x270/0x270 [ 434.913245] ? rcu_read_unlock_special+0x370/0x370 [ 434.918182] ? graph_lock+0x270/0x270 [ 434.921978] ? graph_lock+0x270/0x270 [ 434.925785] ? find_held_lock+0x36/0x1c0 [ 434.929851] ? find_held_lock+0x36/0x1c0 [ 434.933920] ? handle_mm_fault+0x42a/0xc70 [ 434.938156] ? lock_downgrade+0x900/0x900 [ 434.942307] ? check_preemption_disabled+0x48/0x280 [ 434.947329] ? kasan_check_read+0x11/0x20 [ 434.951474] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 434.956749] ? rcu_read_unlock_special+0x370/0x370 [ 434.961692] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 434.967226] ? check_preemption_disabled+0x48/0x280 [ 434.972246] handle_mm_fault+0x54f/0xc70 [ 434.976308] ? __handle_mm_fault+0x5b70/0x5b70 [ 434.980890] ? find_vma+0x34/0x190 [ 434.984438] __do_page_fault+0x5f6/0xd70 [ 434.988499] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.994538] do_page_fault+0xf2/0x7e0 [ 434.998337] ? vmalloc_sync_all+0x30/0x30 [ 435.002482] ? error_entry+0x70/0xd0 [ 435.006204] ? trace_hardirqs_off_caller+0xbb/0x310 [ 435.011217] ? trace_hardirqs_on_caller+0xc0/0x310 [ 435.016149] ? syscall_return_slowpath+0x5e0/0x5e0 [ 435.021076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.025920] ? trace_hardirqs_on_caller+0x310/0x310 [ 435.030933] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 435.036382] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 435.041397] ? prepare_exit_to_usermode+0x291/0x3b0 [ 435.046413] ? page_fault+0x8/0x30 [ 435.049957] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.054799] ? page_fault+0x8/0x30 [ 435.058348] page_fault+0x1e/0x30 [ 435.061799] RIP: 0033:0x4510a0 [ 435.065000] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 435.083897] RSP: 002b:00007fab1fbba7a8 EFLAGS: 00010202 [ 435.089261] RAX: 00007fab1fbba850 RBX: 0000000000000003 RCX: 000000000000000e [ 435.097081] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007fab1fbba850 [ 435.104347] RBP: 000000000072bf00 R08: 00000000000003ff R09: 0000000000000000 [ 435.111611] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fab1fbbb6d4 [ 435.118877] R13: 00000000004c578a R14: 00000000004d9d90 R15: 00000000ffffffff [ 435.126182] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 4.20.0-rc6-next-20181210+ #164 [ 435.134338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.143762] Workqueue: events_power_efficient neigh_periodic_work [ 435.150012] Call Trace: [ 435.152613] dump_stack+0x244/0x39d [ 435.156258] ? dump_stack_print_info.cold.1+0x20/0x20 [ 435.161457] ? printk+0xa7/0xcf [ 435.164747] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 435.169514] ? print_usage_bug+0xc0/0xc0 [ 435.173592] print_address_description.cold.4+0x9/0x1ff [ 435.178970] ? __list_del_entry_valid+0xf1/0x100 [ 435.183751] kasan_report.cold.5+0x1b/0x39 [ 435.188005] ? __list_del_entry_valid+0xf1/0x100 [ 435.192776] ? __list_del_entry_valid+0xf1/0x100 [ 435.197543] __asan_report_load8_noabort+0x14/0x20 [ 435.202478] __list_del_entry_valid+0xf1/0x100 [ 435.207070] neigh_mark_dead+0x13b/0x410 [ 435.211237] ? neigh_change_state+0x680/0x680 [ 435.215849] ? kasan_check_write+0x14/0x20 [ 435.220094] ? do_raw_write_lock+0x14f/0x310 [ 435.224515] ? do_raw_read_unlock+0x70/0x70 [ 435.228849] ? __lock_is_held+0xb5/0x140 [ 435.232931] neigh_periodic_work+0x89a/0xc30 [ 435.237358] ? neigh_table_clear+0x390/0x390 [ 435.241778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.247338] ? check_preemption_disabled+0x48/0x280 [ 435.252385] ? __lock_is_held+0xb5/0x140 [ 435.256491] process_one_work+0xc90/0x1c40 06:12:21 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 435.260746] ? mark_held_locks+0x130/0x130 [ 435.265016] ? pwq_dec_nr_in_flight+0x4a0/0x4a0 [ 435.269697] ? __switch_to_asm+0x34/0x70 [ 435.273762] ? __switch_to_asm+0x34/0x70 [ 435.277824] ? __switch_to_asm+0x40/0x70 [ 435.277839] ? __switch_to_asm+0x34/0x70 [ 435.285946] ? __switch_to_asm+0x40/0x70 [ 435.285961] ? __switch_to_asm+0x34/0x70 [ 435.294565] ? __switch_to_asm+0x34/0x70 [ 435.298633] ? __switch_to_asm+0x34/0x70 [ 435.302696] ? __switch_to_asm+0x40/0x70 [ 435.306760] ? __switch_to_asm+0x34/0x70 [ 435.310843] ? __switch_to_asm+0x40/0x70 [ 435.314924] ? __switch_to_asm+0x34/0x70 [ 435.319021] ? __sched_text_start+0x8/0x8 [ 435.323178] ? graph_lock+0x270/0x270 [ 435.327011] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 435.331607] ? find_held_lock+0x36/0x1c0 [ 435.335680] ? lock_acquire+0x1ed/0x520 [ 435.339696] ? worker_thread+0x3e0/0x1390 [ 435.343864] ? kasan_check_write+0x14/0x20 [ 435.348105] ? do_raw_spin_lock+0x14f/0x350 [ 435.352439] ? __schedule+0x21e0/0x21e0 [ 435.356423] ? rwlock_bug.part.2+0x90/0x90 06:12:21 executing program 0: openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$vbi(&(0x7f0000001980)='/dev/vbi#\x00', 0x3, 0x2) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={"0200", 0xffffffffffffffff, 0x4000000}, &(0x7f0000000100), 0xfffff, 0xfffffffffffffffb) [ 435.360668] ? trace_hardirqs_on+0x310/0x310 [ 435.365094] worker_thread+0x17f/0x1390 [ 435.369093] ? preempt_notifier_register+0x200/0x200 [ 435.374211] ? process_one_work+0x1c40/0x1c40 [ 435.378702] ? __schedule+0xa49/0x21e0 [ 435.378724] ? __sched_text_start+0x8/0x8 [ 435.378738] ? __sched_text_start+0x8/0x8 [ 435.378771] ? __kthread_parkme+0xce/0x1a0 [ 435.395157] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 435.400276] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 435.405388] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 435.409995] ? trace_hardirqs_on+0xbd/0x310 [ 435.414324] ? kasan_check_read+0x11/0x20 [ 435.418480] ? __kthread_parkme+0xce/0x1a0 [ 435.422724] ? trace_hardirqs_off_caller+0x310/0x310 [ 435.427839] ? __schedule+0x21e0/0x21e0 [ 435.431827] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 435.436947] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 435.442509] ? __kthread_parkme+0xfb/0x1a0 [ 435.446755] ? process_one_work+0x1c40/0x1c40 [ 435.451260] kthread+0x35a/0x440 [ 435.454636] ? kthread_stop+0x900/0x900 [ 435.458621] ret_from_fork+0x3a/0x50 06:12:21 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x802, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) [ 435.462347] [ 435.464044] Allocated by task 8166: [ 435.467684] save_stack+0x43/0xd0 [ 435.471144] kasan_kmalloc+0xcb/0xd0 [ 435.474862] __kmalloc_node_track_caller+0x4d/0x70 [ 435.479798] __kmalloc_reserve.isra.38+0x41/0xe0 [ 435.484556] __alloc_skb+0x155/0x770 [ 435.488326] netlink_sendmsg+0xb29/0xfc0 [ 435.492418] sock_sendmsg+0xd5/0x120 [ 435.492433] ___sys_sendmsg+0x7fd/0x930 [ 435.500098] __sys_sendmsg+0x11d/0x280 [ 435.500110] __x64_sys_sendmsg+0x78/0xb0 [ 435.500124] do_syscall_64+0x1b9/0x820 [ 435.500137] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.500141] [ 435.500147] Freed by task 8166: [ 435.500159] save_stack+0x43/0xd0 [ 435.500175] __kasan_slab_free+0x102/0x150 [ 435.529709] kasan_slab_free+0xe/0x10 [ 435.533517] kfree+0xcf/0x230 [ 435.536627] skb_free_head+0x99/0xc0 [ 435.540348] skb_release_data+0x70c/0x9a0 [ 435.544500] skb_release_all+0x4a/0x60 [ 435.548410] consume_skb+0x1ae/0x570 [ 435.552125] netlink_unicast+0x5ad/0x760 [ 435.556201] netlink_sendmsg+0xa18/0xfc0 [ 435.560266] sock_sendmsg+0xd5/0x120 [ 435.563992] ___sys_sendmsg+0x7fd/0x930 [ 435.567980] __sys_sendmsg+0x11d/0x280 [ 435.571876] __x64_sys_sendmsg+0x78/0xb0 [ 435.575956] do_syscall_64+0x1b9/0x820 [ 435.579847] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.585031] [ 435.586667] The buggy address belongs to the object at ffff8881c5e72940 [ 435.586667] which belongs to the cache kmalloc-1k of size 1024 [ 435.599336] The buggy address is located 624 bytes inside of [ 435.599336] 1024-byte region [ffff8881c5e72940, ffff8881c5e72d40) [ 435.611315] The buggy address belongs to the page: [ 435.611330] page:ffffea0007179c80 count:1 mapcount:0 mapping:ffff8881da800ac0 index:0xffff8881c5e72dc0 compound_mapcount: 0 [ 435.611346] flags: 0x2fffc0000010200(slab|head) [ 435.611364] raw: 02fffc0000010200 ffffea00072cf188 ffffea00075d0c08 ffff8881da800ac0 [ 435.611383] raw: ffff8881c5e72dc0 ffff8881c5e72040 0000000100000005 0000000000000000 [ 435.647974] page dumped because: kasan: bad access detected [ 435.653678] [ 435.655303] Memory state around the buggy address: [ 435.660238] ffff8881c5e72a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 435.667612] ffff8881c5e72b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 435.667622] >ffff8881c5e72b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 435.667628] ^ [ 435.667639] ffff8881c5e72c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 435.667650] ffff8881c5e72c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 435.667655] ================================================================== [ 435.667665] Disabling lock debugging due to kernel taint [ 435.704369] kobject: 'loop5' (00000000a3f9d928): kobject_uevent_env [ 435.709378] Kernel panic - not syncing: panic_on_warn set ... [ 435.727054] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G B 4.20.0-rc6-next-20181210+ #164 [ 435.736581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.736786] kobject: 'loop5' (00000000a3f9d928): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 435.745955] Workqueue: events_power_efficient neigh_periodic_work [ 435.761580] Call Trace: [ 435.764179] dump_stack+0x244/0x39d [ 435.767813] ? dump_stack_print_info.cold.1+0x20/0x20 [ 435.773017] ? __list_del_entry_valid+0x10/0x100 [ 435.777833] panic+0x2ad/0x632 [ 435.781030] ? add_taint.cold.5+0x16/0x16 [ 435.785185] ? trace_hardirqs_on+0xb4/0x310 [ 435.789515] ? __list_del_entry_valid+0xf1/0x100 [ 435.794274] end_report+0x47/0x4f [ 435.797728] kasan_report.cold.5+0xe/0x39 [ 435.801878] ? __list_del_entry_valid+0xf1/0x100 [ 435.806639] ? __list_del_entry_valid+0xf1/0x100 [ 435.811397] __asan_report_load8_noabort+0x14/0x20 [ 435.816332] __list_del_entry_valid+0xf1/0x100 [ 435.821181] neigh_mark_dead+0x13b/0x410 [ 435.825249] ? neigh_change_state+0x680/0x680 [ 435.829751] ? kasan_check_write+0x14/0x20 [ 435.833989] ? do_raw_write_lock+0x14f/0x310 [ 435.838399] ? do_raw_read_unlock+0x70/0x70 [ 435.842724] ? __lock_is_held+0xb5/0x140 [ 435.846795] neigh_periodic_work+0x89a/0xc30 [ 435.851209] ? neigh_table_clear+0x390/0x390 [ 435.855623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.861167] ? check_preemption_disabled+0x48/0x280 [ 435.866226] ? __lock_is_held+0xb5/0x140 [ 435.870326] process_one_work+0xc90/0x1c40 [ 435.874566] ? mark_held_locks+0x130/0x130 [ 435.878809] ? pwq_dec_nr_in_flight+0x4a0/0x4a0 [ 435.883482] ? __switch_to_asm+0x34/0x70 [ 435.887543] ? __switch_to_asm+0x34/0x70 [ 435.891606] ? __switch_to_asm+0x40/0x70 [ 435.895671] ? __switch_to_asm+0x34/0x70 [ 435.899730] ? __switch_to_asm+0x40/0x70 [ 435.903792] ? __switch_to_asm+0x34/0x70 [ 435.908040] ? __switch_to_asm+0x34/0x70 [ 435.912100] ? __switch_to_asm+0x34/0x70 [ 435.916163] ? __switch_to_asm+0x40/0x70 [ 435.920225] ? __switch_to_asm+0x34/0x70 [ 435.924286] ? __switch_to_asm+0x40/0x70 [ 435.928351] ? __switch_to_asm+0x34/0x70 [ 435.932423] ? __sched_text_start+0x8/0x8 [ 435.936574] ? graph_lock+0x270/0x270 [ 435.940391] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 435.944978] ? find_held_lock+0x36/0x1c0 [ 435.949044] ? lock_acquire+0x1ed/0x520 [ 435.953024] ? worker_thread+0x3e0/0x1390 [ 435.957183] ? kasan_check_write+0x14/0x20 [ 435.961416] ? do_raw_spin_lock+0x14f/0x350 [ 435.965742] ? __schedule+0x21e0/0x21e0 [ 435.969718] ? rwlock_bug.part.2+0x90/0x90 [ 435.973961] ? trace_hardirqs_on+0x310/0x310 [ 435.978389] worker_thread+0x17f/0x1390 [ 435.982364] ? preempt_notifier_register+0x200/0x200 [ 435.987476] ? process_one_work+0x1c40/0x1c40 [ 435.991977] ? __schedule+0xa49/0x21e0 [ 435.995971] ? __sched_text_start+0x8/0x8 [ 435.995984] ? __sched_text_start+0x8/0x8 [ 435.996007] ? __kthread_parkme+0xce/0x1a0 [ 435.996021] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 435.996034] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 435.996047] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 435.996062] ? trace_hardirqs_on+0xbd/0x310 [ 435.996076] ? kasan_check_read+0x11/0x20 [ 435.996090] ? __kthread_parkme+0xce/0x1a0 [ 435.996104] ? trace_hardirqs_off_caller+0x310/0x310 [ 435.996118] ? __schedule+0x21e0/0x21e0 [ 435.996133] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 435.996149] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 435.996161] ? __kthread_parkme+0xfb/0x1a0 [ 435.996174] ? process_one_work+0x1c40/0x1c40 [ 435.996187] kthread+0x35a/0x440 [ 435.996201] ? kthread_stop+0x900/0x900 [ 435.996214] ret_from_fork+0x3a/0x50 [ 435.997465] Kernel Offset: disabled