x0, @in6={{0xa, 0x4e24, 0xfffffffffffffffa, @mcast1={0xff, 0x1, [], 0x1}, 0x1}}, 0x5, 0x9ed}, &(0x7f0000000300)=0x90)
socket$kcm(0x29, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000440)={r3, 0x10000, 0x800, 0x4, 0xe8, 0x6}, &(0x7f0000000540)=0x14)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0)
getsockname$netlink(r4, &(0x7f0000000100), &(0x7f0000000240)=0xc)
close(r4)
io_setup(0xcb, &(0x7f0000000680))

2018/03/31 16:36:39 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)

2018/03/31 16:36:39 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = gettid()
r3 = dup3(r0, r1, 0x0)
setsockopt$ipx_IPX_TYPE(r3, 0x100, 0x1, &(0x7f0000000b80)=0xf3, 0x4)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000640)={{{@in6=@loopback, @in6=@ipv4={[], [], @loopback}}}, {{@in=@local}, 0x0, @in=@local}}, &(0x7f0000000740)=0xe8)
fstat(r0, &(0x7f0000000780))
sendmsg$alg(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000200)="b41c04bea7e0b1352b5edaae97df58914f36172657cffbb96fdf2d12ecc2a88f6228f17bfd3eef518263ae2a1940f302a7f526f0fb0a0ce50901288ca39789ee6e23b5b4", 0x44}, {&(0x7f0000000040)="b5ff3478ed48258a578cec940f8a3b6eb2f381a96c62be", 0x17}, {&(0x7f0000000280)="f6d09d98121b786e1298c6b7e17d6e0beae9145688a90d4aab8e16cb6726a9dda29a22d203d2cb9a9480f3237f6a2abd7f01692509add75dac279638c59d0c9ad14d4bf179d09220f91a952653b08826", 0x50}, {&(0x7f0000000300)="31ea8ce55e7bcc8faec123a460e9dca59aa92df9461ccbdaa7ec5625cc17e1010c58d9633309aa0e07548c9645f9eb3a16af0d0ec73aa9ccd7f0b365b34be4daf7d1f30422aa47d4e8dccdd7054d35bdbfe0fb13853bcd732c6578336af26ac0821cef57f72fda7b4c13af2648c6e1e1da47dd7ffa6bf23eb7174a46229c9864c3e8d9c1bacbe71b55bf26283c178cb2ada3e6885235758e3d4ee6", 0x9b}, {&(0x7f00000003c0)="e0868ce1a7ce12842f0fc8d78a8528213249fb4da4dde6fff998e07562b4efd0d1331f49f90b94db63e3f8f49f5513b3b32acf5968802f1e37400bb09c8963322035faa4bbbf9b74b7070767d2ccc0355443473f278c6bd13e7e0c6c64489bad10196171283e26468a237ad8f74ebfbffd01688a1d740606d1052e1902ccea2499a4ec97f87798d8cfaeeb5c6c49f6323a8850e277fbad2a", 0x98}, {&(0x7f0000000480)="7b2918a1b1af93eb8805a11cf176f19f6ad664975933a9c4b0343be5d4f92591122f56c46b2a5f3d6531c4729226db5facdf713a96a922dd684e7ff68051b43673fc930d3778de822921e8926f5daae142b16f52a945883b738854cbc473e8160b8f753d9ac19dacac03825a4c3e7c17be3e82ec265edc94a3909f4eafc4ba5b6da386216481b2827f1374fcace2b969780e874e769860335c10c4f64a842ce646a71eb89506b65b1ff54a648b3c044142333d4020ed208e58b05952d65173eb", 0xc0}, {&(0x7f0000000540)="aff85717c140d756c962fb1ec5bf2878ce23ddeca4e1b7f98343b6955823ea31ba75bdcaa9e616bf13c78251b2601bfa812875c7c734c6be9acb42326c50a20fdcd673b3b13bf275eb25d30bd7d657b4eeb6ad4b81e0367a7e71ae116f0c35902a141f7fbf44f69ac021434fc6b53fd352fb25550704d80f5ebeb8aef1b60799359706ad8b23e9c127e22a8afbc23ec8882a5331641899d82ef659aa0777b83364d406f52a6332457b59ed6fbbbdfee85d4d43e8f75a6c8dfe95e0870cf04424b6b65619c89d17c07ff746de9f35a88052ac6a2a63945cc7f0f4f718d4f7208f58cd711330c5f644ea85b1156b483c06ce46f5ac93", 0xf5}, {&(0x7f00000009c0)="c3dcd2b7c1b2927f90", 0x9}], 0x8, &(0x7f0000000c80)=[@op={0x18, 0x117, 0x3}, @iv={0x98, 0x117, 0x2, 0x7e, "6bd706603cc30a7ad81a8961bd8e7c34b062f5b7a5348a2dbef4ae1fc42bb005171e1a7851178986cd2970f5793f7f4043e5b991bd10b883e45a96fdc2d8827e363ff93a74b774db9c0cc8f7f97b1a0257f71289e342bcfc8a63be65e2525fb8a5b83835eae42cdeead41c8028cf140fc6271555f5ce42a03d20bffaf39b"}, @assoc={0x18, 0x117, 0x4, 0x101}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0x38, 0x117, 0x2, 0x1e, "3af41f6d4a4a714e1ccbbd08afbada976e2a4f531300cdec54adc878a225"}], 0x148, 0x20000000}, 0x40000)
ptrace$getsig(0x4202, r2, 0x7ff, &(0x7f0000000bc0))
fcntl$getownex(r1, 0x10, &(0x7f0000000800)={0x0, <r4=>0x0})
accept4$llc(r3, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000f00)=0x10, 0x800)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000980)=0x1000, 0x4)
ioprio_get$pid(0x1, r4)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000840)={{{@in=@multicast1, @in=@loopback}}, {{@in6=@dev}, 0x0, @in6=@ipv4={[], [], @rand_addr}}}, &(0x7f0000000940)=0xe8)
recvmmsg(r0, &(0x7f000030efc4)=[{{&(0x7f0000413ffa)=@hci, 0x80, &(0x7f0000b60000), 0x0, &(0x7f00004f9000)}}], 0x18d, 0x10000, 0x0)
r5 = socket$inet6(0xa, 0x80001, 0x5)
setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f00000000c0)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x1, 0x1, [{{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}]}, 0x110)
ioctl$TUNSETFILTEREBPF(r3, 0x800454e1, &(0x7f0000000000)=r3)

2018/03/31 16:36:39 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={<r4=>0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={r4, 0x1ff, 0x3, 0x2}, 0x10)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r6, r2, 0x80000)
ioctl$VT_OPENQRY(r5, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:39 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x0, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:39 executing program 7:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x4, 0x4, 0xa}, 0x2c)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r0, &(0x7f0000000100), &(0x7f00000001c0)=""/10}, 0x18)
fsync(r0)

2018/03/31 16:36:39 executing program 6:
pipe(&(0x7f0000000000))
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x4)

2018/03/31 16:36:39 executing program 4:
syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0xfffffffffffffffb, 0x40101)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000d12000))
perf_event_open(&(0x7f0000d2af88)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0xfffffffffffffffb, 0x161001)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000180)={<r1=>0x0, @in6={{0xa, 0x5, 0x2e7c, @loopback={0x0, 0x1}, 0x9}}, [0x2, 0xfffffffffffffffd, 0xfd, 0x4e1, 0x6, 0x637062d8, 0x8, 0x400000000, 0x90a6, 0xfffffffffffffffa, 0x2e2, 0x3, 0x1f, 0x800, 0x2]}, &(0x7f00000000c0)=0x100)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000280)={r1, 0x2, 0x7fff, 0x9}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000100), &(0x7f0000000140)=0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000300)=ANY=[@ANYBLOB="0201000008000000ffffffff0000000003000600000000007471b4d5000000000000000000000200000800005b6ab753b66e0001000000000000000000000000000000000000"], 0x40}, 0x1}, 0x0)
r3 = request_key(&(0x7f0000000380)='trusted\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000400)='/dev/admmidi#\x00', 0xfffffffffffffffe)
r4 = request_key(&(0x7f0000000440)='id_legacy\x00', &(0x7f0000000480)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000004c0)='/dev/loop#\x00', 0x0)
keyctl$link(0x8, r3, r4)

2018/03/31 16:36:39 executing program 7:
r0 = socket$inet(0x2, 0x100000003, 0x200000000fe)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)="626f6e64300000faffffffffffffff00", 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000683ff4)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc)
sendto$inet(r0, &(0x7f0000000380), 0x0, 0x0, &(0x7f0000000140)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r2, 0x800443d3, &(0x7f0000000040)={{0x0, 0x4, 0x3, 0x2a, 0x6, 0x7fff}, 0x7, 0x9, 0x800})

2018/03/31 16:36:39 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={<r4=>0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={r4, 0x1ff, 0x3, 0x2}, 0x10)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r6, r2, 0x80000)
ioctl$VT_OPENQRY(r5, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:39 executing program 2:
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$nl_route(r1, &(0x7f00000fa000)={&(0x7f0000c1b000)={0x10}, 0xc, &(0x7f000052aff0)={&(0x7f0000634000)=@delneigh={0x1c, 0x1d, 0x301, 0x0, 0x0, {0x1f}}, 0x1c}, 0x1}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000100)={r4}, 0x8)
write$rdma_cm(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRES32=<r5=>0xffffffff], @ANYBLOB="0200000000000000"], 0x20)
write$rdma_cm(r2, &(0x7f00000003c0)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, r5}}, 0x48)
write$rdma_cm(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="0c000000080000fa77791cf4dc1cb177a5d77c77d0c0d9d2d63fc05010bb64d3614903f50c3974c8067c353f1d39adb774510432d2ab4289554f9939d508e2269a7de538eb24e405cb127ec8233e768b1b94206e7edb304a2c707f77b3dcaf0fb77a579586103f02a000aa9f328eaa3d6e91000a42246cf3721bb59dd42298d96ec4cdede3dc01e1d44c90aa905848ff6e8598ad4d24b234ae89fd49a3aa721a1235eecd6bbb9133fecd9a600eca3f53bc101ed9c4c901bac74c729cc24f671c00"], 0xc1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000240))
geteuid()
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000683ff4)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000340)=ANY=[@ANYRES32=r1, @ANYRES16, @ANYRES64=r3, @ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYRES16, @ANYRES16=r0, @ANYPTR], @ANYPTR=&(0x7f0000000b40)=ANY=[@ANYBLOB]], 0x5)
uname(&(0x7f0000000540)=""/207)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0)
getpeername(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @loopback}}}, &(0x7f0000000080)=0x80)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000140)={<r8=>0x0, 0x4}, &(0x7f0000000180)=0x8)
ioctl$VHOST_SET_FEATURES(r7, 0x4008af00, &(0x7f00007a3000)=0x4000000)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000800)='/dev/rfkill\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000700)={r8, @in6={{0xa, 0x4e24, 0xfffffffffffff000, @empty, 0x10001}}, 0x3a7f, 0xfffffffffffffffb, 0xce, 0x80000001, 0x3a}, &(0x7f00000007c0)=0x98)
setsockopt$inet_mreqsrc(r7, 0x0, 0x27, &(0x7f0000000180)={@multicast2=0xe0000002, @loopback=0x7f000001, @dev={0xac, 0x14}}, 0xc)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000280)={0x8, 0x208, 0x2}, &(0x7f00000002c0)=0x10)
r9 = dup3(0xffffffffffffffff, r2, 0x80000)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r9, 0x84, 0x6c, &(0x7f0000000640)=ANY=[@ANYBLOB="ab0000000000000000f9eeb4153bc3cc81baf42c8cb30659e435db2205fa9c8865ee5db4c302b41676097deba30d2fd7b061029d775936748b3250d5e96b175a4871fa9a6cef3d96695fcb63953c1a1648af36ead9ec7b7d6097903baaf3f9d8425f02e511b9ba9418cbc9"], &(0x7f0000000200)=0x1)

2018/03/31 16:36:39 executing program 7:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
write$rdma_cm(r0, &(0x7f0000000640)=ANY=[@ANYBLOB="0c000000080000fa", @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004ed2b1c6aead8f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]], 0x10)
close(r0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
tkill(r1, 0x1000000000016)
listen(0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
writev(0xffffffffffffffff, &(0x7f0000e11ff0), 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000200))
stat(&(0x7f00000014c0)='./file0\x00', &(0x7f0000001500))
io_setup(0x0, &(0x7f0000c6b000))

2018/03/31 16:36:39 executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xe, 0x4, 0x4, 0x8}, 0x2c)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xb, 0x10, r1, 0x22)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f00000025c0)="08f2"}, 0x20)

2018/03/31 16:36:39 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={<r4=>0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={r4, 0x1ff, 0x3, 0x2}, 0x10)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r6, r2, 0x80000)
ioctl$VT_OPENQRY(r5, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:39 executing program 6:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:39 executing program 4:
r0 = socket$inet6(0xa, 0x5, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x30, 0x80000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000080)={0x80000001, 0x1})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000d74000)={@dev={0xfe, 0x80}, 0x0, 0x0, 0x3, 0x9}, 0x20)
sync()
openat(r1, &(0x7f00000001c0)='./file0\x00', 0x2, 0x20)
r2 = dup3(r1, r0, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f00000000c0)={<r3=>0x0, 0xffffffff7fffffff}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000140)={r3, 0x3ff}, &(0x7f0000000180)=0x8)

2018/03/31 16:36:39 executing program 1:
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = accept(r0, 0x0, &(0x7f00000001c0))
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000f35000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(ecb-camellia-aesni,sha1)\x00'}, 0x58)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)={&(0x7f0000000300)='./file0\x00', 0x0, 0x18}, 0x10)
getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000005640)={@empty, <r4=>0x0}, &(0x7f0000005680)=0x14)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f00000056c0)={@remote={0xac, 0x14, 0x14, 0xbb}, @loopback=0x7f000001, r4}, 0xffffffffffffffd2)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000000)={'lo\x00'})
socket$inet(0x2, 0x3, 0x7)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000080)={'lo\x00', 0x101})
getsockopt$inet_buf(r3, 0x0, 0x0, &(0x7f0000000200)=""/129, &(0x7f00000002c0)=0x81)
setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000440), 0x4)
connect$inet6(r1, &(0x7f0000000540)={0xa, 0x4e23, 0x3, @dev={0xfe, 0x80, [], 0xe}, 0xfffffffffffffff9}, 0x1c)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000005c0)={@multicast1=0xe0000001, @rand_addr}, 0xc)
accept$netrom(r1, 0x0, &(0x7f0000000640))
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000480), &(0x7f00000004c0)=0xc)
socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000600))
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000cdfffc)="3b692cec", 0x4)
ioctl$sock_inet_SIOCSIFBRDADDR(r2, 0x891a, &(0x7f0000000400)={'ip6gre0\x00', {0x2, 0x4e21, @broadcast=0xffffffff}})
r5 = socket(0x10, 0x2, 0x0)
write(r5, &(0x7f0000000000)="2400000026007f000000000000007701000000ff0100000000000000ffffffff0100ff10", 0x24)

2018/03/31 16:36:39 executing program 6:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:39 executing program 3:
syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa0800460000280000000000009078ac14ffaaffffffff834eafbf46000000040190780066377b00154c20"], &(0x7f0000000040))
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x81, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000000c0)={<r1=>0x0, 0x7}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r1, 0x800}, 0x8)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000200)=@mangle={'mangle\x00', 0x1f, 0x6, 0x6d0, 0x3e0, 0x140, 0x3e0, 0x3e0, 0x2a8, 0x600, 0x600, 0x600, 0x600, 0x600, 0x6, &(0x7f0000000180), {[{{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x8}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x1}}}, {{@ipv6={@mcast1={0xff, 0x1, [], 0x1}, @mcast2={0xff, 0x2, [], 0x1}, [0xff, 0x0, 0x0, 0xa4bcece882ef4f84], [0xffffff00, 0xff0000ff, 0x0, 0xff], 'irlan0\x00', 'vcan0\x00', {0xff}, {}, 0x36, 0x7f8c, 0x6, 0x2}, 0x0, 0x120, 0x168, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x3}}, @common=@unspec=@mark={0x30, 'mark\x00', 0x1, {0xfffffffffffff919, 0x9}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, @ipv6=@local={0xfe, 0x80, [], 0xaa}, 0x19, 0x25, 0x8000}}}, {{@ipv6={@dev={0xfe, 0x80, [], 0x18}, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, [0xffffffff, 0xffffff00, 0xff], [0xffffff00, 0xff000000, 0xffffffff], 'syzkaller0\x00', 'syzkaller1\x00', {0xff}, {0xff}, 0x88, 0x7, 0x6, 0x8}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@ipv6header={0x28, 'ipv6header\x00', 0x0, {0x4, 0x8, 0x1}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0x6, 0xd2a7}}}, {{@uncond, 0x0, 0xc8, 0xf0}, @HL={0x28, 'HL\x00', 0x0, {0x1, 0xf485}}}, {{@ipv6={@mcast1={0xff, 0x1, [], 0x1}, @remote={0xfe, 0x80, [], 0xbb}, [0xff0000ff, 0xffffff00, 0xffffffff, 0xffffff00], [0x0, 0x0, 0x0, 0xffffffff], 'irlan0\x00', 'ip6gre0\x00', {}, {0xff}, 0x2e, 0x0, 0x1}, 0x0, 0xf0, 0x130, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x2}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x2, 0x2, @ipv6=@ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x4e22}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x730)

2018/03/31 16:36:39 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={<r4=>0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={r4, 0x1ff, 0x3, 0x2}, 0x10)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r6, r2, 0x80000)
ioctl$VT_OPENQRY(r5, 0x5600, &(0x7f0000000040))

[   70.334958] device lo entered promiscuous mode
[   70.358317] device lo left promiscuous mode
[   70.365167] device lo entered promiscuous mode
2018/03/31 16:36:40 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x0, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000017000)='/dev/kvm\x00', 0x40000, 0x0)
unshare(0x8000400)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpgrp(0x0)
r3 = eventfd2(0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r3, 0x5bcc7cd2, 0x3, r3})
getpgid(r2)
getpgrp(r2)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f00000000c0))
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000000)={0xffffffffffffffff, 0x3})

2018/03/31 16:36:40 executing program 3:
syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x80000001, 0x102)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x2003, 0x0)
pread64(r0, &(0x7f0000000040)=""/78, 0x4e, 0x0)
ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f00000000c0)=0x8ba)

2018/03/31 16:36:40 executing program 6:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:40 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={<r4=>0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={r4, 0x1ff, 0x3, 0x2}, 0x10)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r6, r2, 0x80000)
ioctl$VT_OPENQRY(r5, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:40 executing program 1:
r0 = socket(0x11, 0x4000000000080003, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={<r1=>0x0}, &(0x7f0000000080)=0xc)
getsockopt$inet_int(r0, 0x0, 0x22, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
r2 = syz_open_procfs(r1, &(0x7f0000000140)='net/sockstat\x00')
ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000000300))
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x9, 0xffffff70)
r3 = mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x41053, r2, 0x5)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000200)={0x2c, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="03630840", @ANYRES64=r3, @ANYBLOB="076304400000000005630440000000000f630c400100000002000000000000003a5c67a4a31dcd3dbeb5cff3f1c49954c8f65b99c46588fb525e16c2152e26296912a1bb7530890d89725caaebbe41aad7bf65cdfaf2a5ab467e87d423160641d1571cfe1885f38fa81ee1f8e1fa402427a5c43cc052c03a741d24033e00dc79"], 0xc2, 0x0, &(0x7f00000003c0)="64779174c88c561fd674f74354497ea26ac8f15e276571d5ec3d19b21e4265dc66c73babe1630507bdefc4c5841eb783f50e9782417b7092187241cef2e185419c8b8462363117a631c7a242afe986bad6bca9ab45f540c7d8757f815a03a8fd55cb66cf15ca6c98b217f4ef1418f8111e83437e0cfe7828765d79f7ccfbddb997d7f4d3f3d4184d512f3e438ebe508f21e2f847dcbd1bdfb74917ad01214811f47dbb0da1109d44052b6824d06e6ff2907e6cf0073086c922a7b35ff5746fcf65a3"})
r4 = syz_open_dev$audion(&(0x7f0000000240)='/dev/audio#\x00', 0x4, 0x101800)
ioctl$EVIOCRMFF(r4, 0x40044581, &(0x7f0000000100)=0xffffffff)

2018/03/31 16:36:40 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
r1 = epoll_create(0x9)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000ab9ff4))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000f66ffc)=0x20080000004)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
vmsplice(r0, &(0x7f0000000200), 0x297, 0xa)
ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000380)='dummy0\x00')
ioctl$fiemap(r0, 0xc020660b, &(0x7f00000000c0)={0xe40, 0x1, 0x2, 0x8, 0x2, [{0x1, 0xffffffffe4016a99, 0x9, 0x0, 0x0, 0x100}, {0x1000, 0x9, 0x0, 0x0, 0x0, 0x100}]})
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_open_pts(r0, 0x0)
r4 = accept4$ax25(r1, &(0x7f0000000240), &(0x7f0000000280)=0x10, 0x80000)
setsockopt$ax25_buf(r4, 0x101, 0x19, &(0x7f0000000980)="2d0f962b03797fa2e654c1b7caae713fa0426ff343df8fc4216a814e187dd27c4ec01240494f377ca4180bebb9e8e4b0d08098fc2800fd0bce2ed1e7f9e37adec6a2de261c2a044a9329fbf0827d3c516b8460e0a9694286836acca0a2e765c686283320faabe6dd352588687f1614de7b83ac6275c2731d1a6ad996c150d1f2c9df9e92f69d55232a6c36e290f638c1882a425b10cccc66ac33", 0xffffffd8)
ioctl$fiemap(r4, 0xc020660b, &(0x7f0000000680)=ANY=[@ANYBLOB="0100000000000000000000000000a8c2020000000000000003000000000000007f000000000000000100000000000000030000000000000000000000000000000000000000000000000800000000000000faffffffffffffff0001000000000002000000000000002f21000000000000000000000000000000000000000000000820000000000000000000000000000081000000000000000000000000000000000000000000000000000000000082100000000000000000000000000000"])
poll(&(0x7f0000a81fc0)=[{r1}, {r0, 0x40}, {r3}], 0x3, 0xffffffff)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='cgroup.controllers\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000400)={<r6=>0x0, 0xb0, "1bcdb58b681d7bb523781b37ee596425a500eabcdeb4ea8ada92c2b328f8e45dfde0c521f19666ed10c9dd4222a5fca8eff0014d2b4a5fe14151e0e77aebe4ed00d08f5b77849fcb80c783d656a9154c14a8e1f4f5f08e8d8c9b5ba1288dad31b5f12e85ae9b76a9ce193c4d11daf81fe69c45a93743ec682e61f22f39bd8f95903ad6f69b861ac1007cf0476a6651811e4db9cdba5ceeb3f07db6814697105a8a0ec2945bd101a16f51c429a0856234"}, &(0x7f00000004c0)=0xb8)
getsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0x11, &(0x7f0000000180)={r6, 0x401}, &(0x7f00000001c0)=0x8)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r5, 0x10e, 0x8, &(0x7f0000000040)=0x5, 0x4)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000600)={r6, 0xf4, &(0x7f0000000500)=[@in6={0xa, 0x4e24, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0x1}, @in6={0xa, 0x4e23, 0x2, @local={0xfe, 0x80, [], 0xaa}, 0x8}, @in6={0xa, 0x4e22, 0x1, @local={0xfe, 0x80, [], 0xaa}, 0x8}, @in={0x2, 0x4e20}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x16}}, @in6={0xa, 0x4e20, 0x6, @local={0xfe, 0x80, [], 0xaa}, 0x7fff}, @in={0x2, 0x4e23, @broadcast=0xffffffff}, @in6={0xa, 0x4e21, 0x7, @mcast1={0xff, 0x1, [], 0x1}, 0x6f98}, @in6={0xa, 0x4e22, 0x6, @mcast2={0xff, 0x2, [], 0x1}, 0xffff}, @in6={0xa, 0x4e23, 0x2, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}]}, &(0x7f0000000640)=0x10)
getsockopt$ARPT_SO_GET_INFO(r2, 0x0, 0x60, &(0x7f00000002c0)={'filter\x00'}, &(0x7f0000000080)=0x44)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$TCXONC(r3, 0x540a, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000fdd000)=0x2)

2018/03/31 16:36:40 executing program 3:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x8000, 0x0)
getsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000040)=0xfa8, &(0x7f0000000080)=0x4)
syz_emit_ethernet(0x3a, &(0x7f0000e4fecf)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x7, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @multicast1=0xe0000001, {[@cipso={0x86, 0x8, 0x0, [{0x0, 0x2}]}]}}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "d73cde", 0x0, "f53475"}}}}}}, 0x0)

2018/03/31 16:36:40 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={<r4=>0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000140)={r4, 0x1ff, 0x3, 0x2}, 0x10)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r6, r2, 0x80000)
ioctl$VT_OPENQRY(r5, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:40 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:40 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x1, 0x0)
ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000100)=""/105)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='bcsf0\x00', 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x35, &(0x7f0000000040)=0x1, 0x20)

2018/03/31 16:36:40 executing program 7:
perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
uname(&(0x7f0000000100)=""/250)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x0, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x8000000803, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000000c0)=@abs, 0x7)
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x10000004})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x80, 0x0)
epoll_wait(r4, &(0x7f0000000100)=[{}], 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f00000000c0)={0x7ff, 0x2})
syz_fuseblk_mount(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2018/03/31 16:36:40 executing program 1:
unshare(0x20000000)
clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff))
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ppp\x00', 0x1fffff, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000000c0)={0x7, <r1=>0x0, 0x0, 0x8ed8})
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_pts(r0, 0x2000)
perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0xc004743e, &(0x7f0000000f0a)=""/246)
acct(&(0x7f0000000180)='./file0\x00')
ioctl$EVIOCGREP(0xffffffffffffffff, 0x40107446, &(0x7f0000000380)=""/174)
r2 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000004000)={0x0, 0x0, &(0x7f000000cf90), 0x0, 0x0, &(0x7f0000005000)})
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f000000ffd0)={0x0, 0x0, &(0x7f000000f000), 0x1, 0x0, &(0x7f000000ef31)='b'})
mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x0, 0x0, &(0x7f00000000c0)})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000100)={0x5, r1})
wait4(0x0, 0x0, 0x40000000, &(0x7f0000781f70))
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f00000002c0)={0xfffffffffffffffa, 0x0, 0x0, 0x7})
utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)={{}, {0x77359400}})
ioctl$EVIOCGSND(0xffffffffffffffff, 0x8040451a, &(0x7f0000000040)=""/29)

2018/03/31 16:36:40 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x0, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:41 executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="b04bca5ef963fb95cf1b9c74918d6016d4aa1576d1fdd4ba2f9fb34e3e17ca306c00ae3d4d65d57a0034cb89edf4288b2c62d8afc34df130daa91e97881e3b9a4525b5171acc3500000000000000000000000000000000dd9c0dbef5c5ecca0eee5acff02b818a79e9cd6fecbd309eb266248ae684f1bb06abd71eebf18b68c7440078a1d72f526b45ca3b59c78bfeca276c323e64107defa2f347533d139351d8e2c0b72f9c09716bf0e79023615680153c1867064ebb6b04a8b3cbc025e9dd0b6ecf711c1b0337394920365a216a9d0eb798f05640e547e34cc9b70760eea3adcf4ca3fd7d55012f495e24543404848d4fcb61706891356906da0f58413736f86193adb6c67bfc97b96c8f3f16fe4141f61bf79856f0f571894e6425213be73ddcc98896b0bf7ebc8e9e3b71272d09d828a23d81769bf3fafbbc7082e21f17454bd736fffe662764ac1648aa77375a17ed2d0a4c88e8bf32d00000000000000000000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000009f3d)=""/195}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x25}, [@ldst={0x7}], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x437, &(0x7f000000cf3d)=""/195}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x0, 0xe, 0xf5, &(0x7f0000000040)="7dbde00ac77ecd96df6dbd486267", &(0x7f0000000100)=""/245}, 0x28)

2018/03/31 16:36:41 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:41 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000007ffc)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}, 0x8)

[   71.835181] binder_alloc: binder_alloc_mmap_handler: 6901 20000000-20002000 already mapped failed -16
2018/03/31 16:36:41 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:41 executing program 3:
clock_settime(0x3, &(0x7f00000000c0)={0x0, 0x989680})
r0 = socket$inet6(0xa, 0x7, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'lo\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="0b1500000400000000000000d271b1542da10a02bb2e0b1168a6ea744728cc25de779a965e0063014f54d993f3107d01f5eb74500b4499ab639c3bcc8a96d9315f3f6ccdf6d979db844c7a1f5664ac23c5b5ae798af0eee241eebc976f1f581ad146b12f224348c1ab167582ef9bcf93e8a758912ba3e095af4108d48879e369ec9fb13682da05fa6204091c8d17b6abea96f57236c64f54f38d"]})

2018/03/31 16:36:41 executing program 4:
perf_event_open(&(0x7f0000940000)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000740))
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000900)='/dev/rtc\x00', 0x800, 0x0)
poll(&(0x7f0000000780)=[{}, {0xffffffffffffffff, 0x8000}, {}], 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000340)={0x0, 0x0, 0x6})
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000001000)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}}, 0x108)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000ac0)='IPVS\x00')
socket$inet6_udp(0xa, 0x2, 0x0)
add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffd)
readv(0xffffffffffffffff, &(0x7f0000000400), 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000100)={@mcast2}, &(0x7f0000000140)=0x14)
setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000040)=ANY=[], 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x0, &(0x7f0000000400)={'lo\x00', @ifru_ivalue})
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x0)
request_key(&(0x7f0000000500)='id_legacy\x00', &(0x7f0000000540)={0x73, 0x79, 0x7a}, &(0x7f0000000580)='IPVS\x00', 0x0)
getsockopt$inet_tcp_int(r0, 0x6, 0xd, &(0x7f0000000080), &(0x7f0000000180)=0x4)
signalfd4(0xffffffffffffffff, &(0x7f0000000700), 0x8, 0x0)
request_key(&(0x7f0000000600)='cifs.idmap\x00', &(0x7f0000000640)={0x73, 0x79, 0x7a}, &(0x7f0000000680)='keyring]ppp1>\x00', 0xfffffffffffffffa)
keyctl$instantiate(0xc, 0x0, &(0x7f00000005c0), 0x0, 0x0)

2018/03/31 16:36:41 executing program 7:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f0000000100)=@pic={0x6, 0x6, 0x4, 0x0, 0x9, 0x0, 0x2, 0x1ff, 0x6, 0x3, 0x2, 0x5, 0x7f, 0x7, 0xf1ae, 0x5})
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in=@multicast2, @in=@dev}}, {{@in=@broadcast}, 0x0, @in=@multicast2}}, &(0x7f0000000040)=0xe8)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
sendto(r1, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000080)=@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "2908cbfefaf5932e8df436caeb7cde96b5efd18c39285b3003a531169f920e6e87ac53c0d0dda1e54038ceabf2b5255e7c031c5c905be5fc445cb3be6fec80"}, 0xfffffebb)

2018/03/31 16:36:41 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   72.735404] binder: BINDER_SET_CONTEXT_MGR already set
[   72.740872] binder: 6894:6948 ioctl 40046207 0 returned -16
2018/03/31 16:36:42 executing program 2:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000024ff8)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x2011, r0, 0x0)
r1 = userfaultfd(0x0)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x837, 0x400002)
ioctl$TIOCMGET(r2, 0x5415, &(0x7f0000000040))
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000006000)={0xaa})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f000087a000)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_UNREGISTER(r1, 0xc020aa04, &(0x7f0000d22ff0)={&(0x7f0000000000/0x2000)=nil, 0x2000})

2018/03/31 16:36:42 executing program 1:
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8000, 0x1)
clone(0x4018400, &(0x7f0000000080)="5e2481cfdf1cf7ce74c964e7853a8b2b862af92059ce03ea322151bc6f49954c75bdb2aebd79a541feaffbe9b42ca22aa6c8c8718a08daa1871432cacd8c2449badea1f08e8186b7e8741e81f3248df48238d535b7a657d9e73425ab37299c03c90401e988ce55b5319e1c90355fef0ed01e234c60e5ad4442d26130ce9490a1c73623272387a9f2ac97b12a967fd728c1e392f9f5ba4c6a66ac0c9bc5e0db7f52e3c63869b756afbef04931a046ef9c7b59aed21188724641d7fadd171630d9ab3085461989c27a4d6bfecb6260e0277f90701cb204830252", &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="e4477e6effac0f400002ace6071a9d6cde47e235335ad70feb2a3268d9a9dffa5f93d99b4d8f80af420608c5245128116b3606ad2171e066fd4071346a1042bc456cc7d616b0e9602b3800ffca8d74d03a432920")
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000040)={&(0x7f0000ffc000/0x3000)=nil, 0x3000})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_void(r1, 0x29, 0x104000000000000f, 0x0, 0x0)

2018/03/31 16:36:42 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x0, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:42 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/mcfilter6\x00')
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x2, 0x0, 0x7, 0x3, 0x8}})
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=<r2=>0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, <r3=>0x0})
kcmp(r2, r3, 0x1, r0, r0)
sendmsg$nl_generic(r0, &(0x7f0000008000)={&(0x7f000000c000)={0x10, 0x34000}, 0xc, &(0x7f0000007ff0)={&(0x7f0000000000)={0x18, 0x2e, 0x821, 0x0, 0x0, {0x3}, [@nested={0x4}]}, 0x18}, 0x1}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x64, r4, 0x110, 0x70bd27, 0x25dfdbfd, {0xf}, [@IPVS_CMD_ATTR_DAEMON={0x4, 0x3}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xa2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000)

2018/03/31 16:36:42 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x0, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:42 executing program 7:
futex(&(0x7f000000cffc)=0x1000000000, 0x800000000007, 0x4, &(0x7f0000000000), &(0x7f000001d000)=0x2000000000, 0x0)
futex(&(0x7f000000cffc), 0x7, 0x0, &(0x7f0000000040), &(0x7f0000048000)=0x20000000000000, 0x20000000002)

2018/03/31 16:36:42 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:42 executing program 3:
nanosleep(&(0x7f0000000180)={0x77359400}, &(0x7f00000001c0))
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000ff7)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000f0a)=""/246)
ioctl$EVIOCGREP(r0, 0x40107446, &(0x7f0000000380)=""/174)
r1 = syz_open_dev$sg(&(0x7f0000000300)='/dev/sg#\x00', 0xab, 0xc5d67be51df35b96)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000380)={0x3, &(0x7f0000000340)=[{}, {<r2=>0x0}, {}]})
ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f00000003c0)={r2, 0x1})
nanosleep(&(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f00005bfff0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
msgget(0x0, 0x100)
madvise(&(0x7f000089e000/0x4000)=nil, 0x4000, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.stat\x00', 0x0, 0x0)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f00000002c0)={0x0, 0x20}, 0x8)
getdents(r4, &(0x7f0000000200)=""/190, 0xbe)
getsockopt$netrom_NETROM_N2(r3, 0x103, 0x3, &(0x7f0000000400)=0x100000000, &(0x7f0000000440)=0x4)
socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000000))

2018/03/31 16:36:42 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
listen(r0, 0x43)
r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
connect$inet6(r2, &(0x7f0000966fe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000edc000)=0x3, 0x4)
sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmsg$netlink(r1, &(0x7f00009f3fc8)={0x0, 0x0, &(0x7f000070f000)=[{&(0x7f0000a77000)=ANY=[@ANYBLOB="00050000000000000000000000000000"], 0x2300}], 0x1, &(0x7f0000414000)}, 0x0)
write(r2, &(0x7f0000000300)='o', 0x1)
write(r2, &(0x7f00000000c0)=':', 0x1)
accept4(r0, 0x0, &(0x7f0000da8ffc), 0x0)

2018/03/31 16:36:42 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x8, 0x2}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[   72.888199] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[   72.918326] openvswitch: netlink: Flow get message rejected, Key attribute missing.
2018/03/31 16:36:43 executing program 2:
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000240)=<r1=>0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000280)={<r2=>0x0}, &(0x7f00000002c0)=0xc)
setpgid(r1, r2)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r4 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0xffffffffffffffff, 0x2000)
ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa04, &(0x7f0000000200)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
ioctl$KVM_HAS_DEVICE_ATTR(r4, 0x4018aee3, &(0x7f0000000140)={0x0, 0x200, 0x5, &(0x7f0000000100)})
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000eb4000)=@sack_info={0x0, 0x0, 0x1}, 0xc)
getsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000040), &(0x7f00000001c0)=0x4)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00002d7000), &(0x7f0000d42000)=0xc)
r5 = open(&(0x7f00000000c0)='./file0\x00', 0x800, 0xe0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x1, 0x1, 0x2, 0x2000, &(0x7f0000ffe000/0x2000)=nil})

2018/03/31 16:36:43 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, &(0x7f0000eb9fff), 0xfffffd65, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
r2 = accept4(r1, &(0x7f00003ad000)=ANY=[], &(0x7f00008f1ffc), 0x0)
setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000240)=@fragment, 0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2, 0x0)
socket$inet6(0xa, 0x800, 0x0)

2018/03/31 16:36:43 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:43 executing program 1:
r0 = socket(0x11, 0x100000802, 0x0)
r1 = syz_open_dev$tun(&(0x7f00000003c0)='/dev/net/tun\x00', 0x0, 0x10000)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000240)={'ifb0\x00', 0x4001})
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@local, @in6}}, {{@in6}, 0x0, @in6=@ipv4}}, &(0x7f0000000080)=0xe8)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'gre0\x00'}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000001d00)={0x1, 'vcan0\x00'}, 0x18)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000040)={'erspan0\x00', {0x2, 0x4e22, @rand_addr}})
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000100)={<r3=>0x0, 0x70, 0x10001, 0x3, 0xd4ef, 0xffff}, &(0x7f00000001c0)=0x14)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000200)={r3, 0x0, 0x7, 0x9, 0xda1, 0x7}, &(0x7f0000000380)=0x14)
r4 = dup2(r1, r0)
getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000440), &(0x7f00000004c0)=0x4)
ioctl$PIO_SCRNMAP(r4, 0x4b41, &(0x7f0000000a00)="6869891630847b948f547d62ae881ac07be88effd9bdecf4eea4962864d063872854f89b29d9b55e6ca67bb464c54d7082e796eb3177e97df5644a4a4f078cbc48abd39f17857ab9fe02e3d4e3c9afc5c4c67b7d603bd8961f99def2aaec59d38194223d2c8e69d03b30d679cd3b3be1a7bb74ea83f44e9a1c36623e214f92159bd040179f26b48a506a8b8a0c582463c8f5dca34392403c5ac95cd9e0d54525acda")
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={"68708b1309003000080000003f75ca00"})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000005, 0x50010, r4, 0x61)
syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x1, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r4, 0x118, 0x0, &(0x7f00000000c0)=0xfffffffffffffffc, 0x4)

2018/03/31 16:36:43 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x0, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:43 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x0)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:43 executing program 3:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = syz_open_dev$tun(&(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
tee(r1, r0, 0x7, 0xffffffffffffffff)
getsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000180), &(0x7f0000000240)=0xc)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'bridge0\x00', 0xfffffffffffffffd})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'gretap0\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'bridge0\x00', 0x22001})
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x200, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f00000002c0))
fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000040))
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'bridge0\x00\x00 \x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000006880)={{{@in6=@loopback, @in=@remote}}, {{@in=@rand_addr}, 0x0, @in6=@local}}, &(0x7f0000006980)=0xe8)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000580))
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000069c0)={@dev={0xfe, 0x80}}, 0x14)
lseek(r0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000300)={0x7f, 0x4, 0x6, 0x3}, &(0x7f0000000380)=0x10)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000600)={0x3, &(0x7f00000005c0)=[{0x6, 0xf412, 0x4, 0x401}, {0x190, 0x0, 0x0, 0xffffffff}, {0x4, 0x0, 0x400, 0x5d}]}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000440)={0x0, 0x4c, &(0x7f00000003c0)=[@in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x0, @multicast1=0xe0000001}, @in6={0xa, 0x4e24, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0x7}, @in={0x2, 0x4e21, @multicast1=0xe0000001}]}, &(0x7f0000000480)=0x10)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000080))
ioctl$LOOP_SET_FD(r2, 0x4c00, r2)
setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
setitimer(0x0, &(0x7f0000a0b000)={{}, {0x0, 0x7530}}, &(0x7f0000cd5000))
alarm(0x0)
fstat(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setgroups(0x1, &(0x7f0000000200)=[r3])
fchmod(0xffffffffffffffff, 0x101)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000540)={<r4=>0x0})
ioctl$DRM_IOCTL_GET_CTX(r2, 0xc0086423, &(0x7f0000000640)={r4, 0x1})
fcntl$getownex(r1, 0x10, &(0x7f0000000740))

2018/03/31 16:36:43 executing program 7:
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(0xffffffffffffffff, 0x800442d4, &(0x7f0000000200))
getsockname(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tpv3in6={0x0, 0x0, {0x0, <r0=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @loopback}}}, &(0x7f00000000c0)=0x80)
r1 = socket$bt_rfcomm(0x1f, 0x3, 0x3)
r2 = socket$pppoe(0x18, 0x1, 0x0)
r3 = userfaultfd(0x800)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000024c0)=<r4=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000002500)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f0000002600)=0xe8)
r6 = getegid()
r7 = getpgid(0x0)
r8 = getuid()
getresgid(&(0x7f0000002640), &(0x7f0000002680)=<r9=>0x0, &(0x7f00000026c0))
r10 = getpid()
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000002700)={{{@in=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@loopback}, 0x0, @in=@remote}}, &(0x7f0000002800)=0xe8)
stat(&(0x7f0000002840)='./file0\x00', &(0x7f0000002880)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
r13 = fcntl$getown(0xffffffffffffff9c, 0x9)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000002900)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@local}, 0x0, @in6=@remote}}, &(0x7f0000002a00)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002a40)={0x0, 0x0, <r15=>0x0}, &(0x7f0000002a80)=0xc)
socketpair$inet6(0xa, 0x4, 0x9, &(0x7f0000002ac0)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
r17 = dup(0xffffffffffffffff)
socketpair$inet6_icmp(0xa, 0x2, 0x3a, &(0x7f0000002b00)={<r18=>0xffffffffffffffff})
r19 = socket$inet6_udp(0xa, 0x2, 0x0)
r20 = accept4$inet(0xffffffffffffff9c, &(0x7f0000002e40)={0x0, 0x0, @multicast2}, &(0x7f0000002e80)=0x10, 0x80800)
r21 = syz_open_dev$adsp(&(0x7f0000002ec0)='/dev/adsp#\x00', 0x35e, 0x80)
r22 = accept$inet6(0xffffffffffffff9c, 0x0, &(0x7f0000002f00))
r23 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000002f40)='/dev/ptmx\x00', 0x0, 0x0)
r24 = accept4$unix(0xffffffffffffff9c, 0x0, &(0x7f0000002f80), 0x80000)
r25 = perf_event_open(&(0x7f0000003000)={0x7, 0x70, 0x22bd, 0x3, 0x9, 0x3, 0x0, 0x100000001, 0x30, 0x7, 0x0, 0x1f, 0xff, 0x8, 0x3, 0x6, 0x1000, 0x7, 0x3f, 0x401, 0x6e8, 0x2, 0x7, 0x8001, 0x6, 0x81, 0x3ac2829e, 0x91, 0xfffffffffffffff8, 0x0, 0x40, 0x3f, 0x0, 0x7, 0xb3, 0x3, 0x3, 0x401, 0x0, 0x80000001, 0x3, @perf_bp={&(0x7f0000002fc0), 0x4}, 0x0, 0x6d, 0x3ff, 0x6, 0x7, 0x164, 0x708}, 0xffffffffffffffff, 0xb, 0xffffffffffffff9c, 0xa)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={0xffffffffffffffff, <r26=>0xffffffffffffffff})
r27 = openat$vnet(0xffffffffffffff9c, &(0x7f00000030c0)='/dev/vhost-net\x00', 0x2, 0x0)
r28 = memfd_create(&(0x7f0000003100)='/dev/sg#\x00', 0x3)
r29 = syz_open_dev$urandom(&(0x7f0000003140)='/dev/urandom\x00', 0x0, 0xc000)
r30 = dup2(0xffffffffffffffff, 0xffffffffffffff9c)
r31 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000003180)='/dev/vga_arbiter\x00', 0x800, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000031c0)=<r32=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000003200)={{{@in6=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r33=>0x0}}, {{@in6=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000003300)=0xe8)
getresgid(&(0x7f0000003340), &(0x7f0000003380), &(0x7f00000033c0)=<r34=>0x0)
r35 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
r36 = accept4$ax25(0xffffffffffffffff, &(0x7f0000004a80), &(0x7f0000004ac0)=0x10, 0x80800)
r37 = socket$pptp(0x18, 0x1, 0x2)
socketpair(0x10, 0x4, 0x4, &(0x7f0000004b00)={<r38=>0xffffffffffffffff})
r39 = accept4$bt_l2cap(0xffffffffffffff9c, &(0x7f0000004b40), &(0x7f0000004b80)=0xe, 0x80800)
r40 = syz_open_dev$usbmon(&(0x7f0000004bc0)='/dev/usbmon#\x00', 0x8, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000004c00)={0x0, <r41=>0x0})
stat(&(0x7f0000004c40)='./file0\x00', &(0x7f0000004c80)={0x0, 0x0, 0x0, 0x0, <r42=>0x0})
r43 = getgid()
sendmmsg$unix(r0, &(0x7f0000004d80)=[{&(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000280)="746d981755712c071e677d6746b0ffc7c72a16273330", 0x16}, {&(0x7f0000000580)="a6169d3fd22a093950b9e4eb2520f17cba95614adb3d86be52c03c7e772143b82078eb1e2ee746e6c2f80eabbefee4afe191db11e01f13198d2e47069dada8d503bc5f7a9950b1ff1e1c1747a11bcf305880770af3187fc424e651db63a39af8e752452a0378e310e27e2f4a28f95345b7f70eab507df1f5d4f7912e7964f1042c808ebc7c09086482665447c0b1925d3f64936633d4e50465b7970b10120fd701e1e9c5fc97bdd3295723e965f813b5f81c93c01d114ca7b2d09bd6b7ac3dd7531a70e55d36b7436303b60c4fa5b9a2b01e2e757e6bf6a5fbe79d90dc0d8527b9ef5642bcb1e96ed495279a4bd4b54e0ce2c7c1644993273d1799", 0xfb}, {&(0x7f0000000440)="a937474e5470f1927a4adcc9cf6b2bbf3b79945c29ef0f6e1c4b201ddceaa23bd746c4ca21fb0f72159da41d7af86bea5ba677782b9f33303f0f00f4359bf38f209e84a3c8b6f9cf6267", 0x4a}, {&(0x7f00000004c0)="1484c44ad96560700b47c5603ee7dbbc2a88ca1ea52296e192c1", 0x1a}, {&(0x7f0000000680)="257259262be4245588f1097c0996a889f8512048180e6892428eea0e7a9cf7e32518d55832957c3b7a24510d116e9f8a14111952b8e7e9dbe2168dd4d786bd6efebf3169fc776870e43aaf0a650555c3", 0x50}, {&(0x7f0000000700)="a680fed6dc4c083182c9a2d37c64199ccee4f6a8e599e109e08dbb581014dea4cbeee76fc7c8b03ecaf65a0506aae9faaf4a1cb4963741afe0b607a238", 0x3d}, {&(0x7f0000000740)="e5d5b846af43e9f9ab448880fa69e75553298b6b3e634b4d8f9b076d606f153eddf999f5aaaf2f4520718d560db0489fd49ae64d6a26769ce1888b83067390fde4afb7fcf1411049b4245dc963092a3955836e8d4cf065bb28bdeb2030fca9ce2a2e41303cb8f51bd40b770d4b1af06a783795a115aeeb0f22dd2c42dc9d1ad7e4c41a63a95c45984011826828c590cfdf131956c4cc6776f26f7b", 0x9b}, {&(0x7f0000000800)="7c16f63ea5049f39322ae34f270d6d8b08ef3c1330366a008804ab136f0d4ce279d5eec3e317bbd7db0b0bdc2201508f08cea6d81f24b049fed6a04ee879d74d23f9560e71c5762522498be535601b78d4191c422731422f2f795a0d7d2e89c039db90ed5f66e128c4a84718b1c19fcc9ecfff6f0f2ddc30143cfcafa4611c41187a33fd05f92742f50f88", 0x8b}, {&(0x7f00000008c0)="b67853bda5cd8240fd4f01f954e8e8d190bbcb8b1c3f45d08183dd4634fbc49b77e2c5c3247a6bb844df973c16c598c006258bc752bd60939a07f3979a9d0377125c12c277f4abf4feac5cfbf36eaf3134661dba373c8a95147f44518531d4ecfe28524eb3b77b013f12cf93b7eb10b83c219b59049fd0d449b44a53ed06fa953831e35bdf7d0d59ba8863840b8f44bf335533ec47d717d05abe351e2d2742f401cf29329e4747ea0efcdf2d63fc14592c98f9180120c720373218db40648a5c6316ce3149112b66a35af2609c6ddcf346cfbb02e82b3695df182b0a1190e7e155b4", 0xe2}], 0x9, 0x0, 0x0, 0x800}, {&(0x7f0000000a80)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001f00)=[{&(0x7f0000000b00)="90670da5ef0e03b87c1c6d7e79463498a5311601e2fca20cdbd71869b29d0e89679b4a9870276c17caaa92b2de2b95c2767516ee8fed36191587e4dc7ba21a1b085e095024fff4238036c10a2041018e721da5e7ecfed86b3fe429390be472cb270054ee44e9a95c8b4114e03c874217655a0bd671e37ea6baed67ba606f049be34b976633fe3053dfdd6c106d82a02ac5925a223e6196a5b00f16c3e6b6682e8d290aac4e89f640599fe09bbbcd7f6f2356bf0fac72706c212e4f046f37dd6c4309820c614db85824c5a40e96c1545d89e8e033e077fcff805232d40546ee93e52888b73006dd8d1d44eb95ea60d1d7ab3ffc5b6cffdfa130b624fff42e372e1c1cfb7ed91233b955a48506f873a6d0c437402cca9f57028e1c6b55f850945892fb4088c75822c45567bd4ecacd16e2a384de71cab2579b9124b710e168ebce9d076275557115fbc25da0959e1a6eb9eb08ce197d012f085f7de6666c3d821a08a61aabe11340ce7ac80a0bef83372f70f58395eb94eba3b07329e570f853cd33a59fdc58f5c0c5dab6b202324235c7bf5db74fab12956d69a4752d17920d687d83f3edbd46552d404d128dd542c82ba581d4feabfbe5f233c74e11d021ea39a65fe054232cb6c1f252033b0397892c1ffb85844c741c4c1010d55d4bb85cad6229b9b57c95c24fed864dc80d37294a726235e171b86a6199ac88abc83f93bd1e8256cdb62a35fece58f81901c4576acc6464e58cd5f1601d52b9de32906cbfd1e4fe6164fcb83343f3a7c8b80f1fc5a1a327a72b224a8360c344b194998918cbceba7351e2de62ad220b996596ae1a0638c9bad133bbaea4a654c4ab6510fe20f8adbd2781baac25ccfc5faca1d5284b1fa7fca8831f1ca69331bca9fe0c9fcbbb8df3bd57acb54d4326071106baca434a932ec98e0fd64cbe932da54c5d3e26c8addc4f9f3516a32baf966f19208085226be0eb95b2941269871d72470df02cfa7019e85457713347a78b9912394f94b2355238a2d371af590d63ab08326d78b662b9827dc8fb297c2143e0ebe32240bc4cf816123b735e0349337e7665b6737d0f846a68f8c3007948447848aeb714de91033f2697562d1e5d6750de309b744f71c633452d1526c26050a086eef6a7b218dfd960fc398575c8ad0ea7a204ed295b57ad09af68c74c582f1165713457c72a267231840e18d22100c79dc4cb3702b7a2cc05ed11532aac4c375235d5366124785d7f8349c99022f5b040f968248ba76e54ca47758463e1fc8abfe0af23a92c57a614f33ed90453086ffcd558d1a6bfe99fdf89d233ed54314813054846f4e22bdd7ea8949489911bd3f2332926a0ce4cf32c642c5c1c7476a0aa777ee5af8f5baed4f808e55c2d1883ece06cf4338e8e47f867ad27615c3fa6e1d0f1ca30060ecb18ea31a09eaa38d5ee5360a634a9093f6b407bc170911f7646a10b38487bba80505a2b8a4f8b186562825517f533b430f5e889a9305a60feda0b5097f9d4bd3b50913d26fc1fab08fd34501f616794759cb0e9bfd33ed5e437f11467230bcd10176a491550f8216ea5238fb6ae94e150a82f536611eb23c41f07912f9ce74478bd650a630d09dedda41106ba35c2897416b2c63c7058db04cf069b0b4c32d3909f4da838c814759513d8ac7ede1c7d3a8476a160e59eb99f1e17dc919b60911d5b8e2e7888b1009658122540f4b209ac972bcd6191e93ebda91a7f48ce9c76d013490ac08ed91e74ad49433973a24db35b8a454b0b633e1e3eb623b78862581c56cfb36cbb8e018b031ff7ba780c55ad012f8d5d50341952f66ed9831114959ff10052e5488e03678437ce06a862640fd8c28d7332da242a9fb216074d476b56046698e3b694056930478307f9b2563a034cbaba473f0097eb1f750c6b597da7b10f0eed0906bc4c4aee659177a7763508db6ac25d9470691d5d376d48b2d408e7fe5d71c4783b01f5bb7be1a1631b89a5d38ccdc45da965cb9ab9b9d2149bea714f383c051d6782a7d4f3c567a4e0dc400814f591f726db06483073a8048fafbe938e7382e6665764e94fde483d2c960a6ce25824d5e852cc2e4887656c108930e0f45d8386997fb6113f0af03df1401888cd6ea18a63dd555d6ded66cb4961a799644a9f14d33bf49788c977720237a62803a1c0ecd715904c65eb9ca3ead45596c317ef6b080b86209579515e08c2041d5d6f59bf2faddf021d7d9604103907e0a7e9a04b5e100a0ba74a96db8f64beb28efa3ff63ae7392212b30d077e6f2534ec58648015eeeb4cc6a9b57598e9e72dd17f7e297c03ed5626ae0d3128c68f3366ba4e75fad3eb72742ca0fde3c9f071a88ecb2477160d455275b65f9e6b1ae3fa88ed7065a6991bba1a20678a379a5a0f0b7ada029e74bc3b16d034b4f846891d65edb266ccff96fedf08895538de12faa05ea5aa865ef619ebc68cb6eafc15d0ef6103b28d63d2e87d49efe1273bf71d64b65e8b6885521d8c3dc3ce918dc0c19683172077b601db4b09e405cdd848f949e858b3f153d0282329088f5dc6d5a18b52c0832f28b68d5a9ea65081ff23f754002d29b12605686316c72e1b0b0eddeb487834dcf7223c9020e3b86bc34d2cb24ddf6a9cc72dc32fadeef8e533721e498941813e0630dc8bbf63b5809eb3923d8d7ed30c5dc5cfd8be4b1489e93a12190d8290003abc5ccf10724100891da7989572a099850279c2740b53e73089545e22d18da85d904c4c280c9aa1b7d49d41c8ed0851c60f2726739e0f3c47a848191237274d8dda4eb3be466abcd3b14c7af95e1c832a37044692dc913d373c83be189aa79f41dad7bb4fe2155bbd88e2954c0b687e281c8bbb92e5d95276743322821de1323c781884301e9f0e99a2b6528eaaf327bfe67584509993c46167bb7c2f4faf17dba2af7161569e99caa82dc5603b124f5e703df3c6af2f8062f4807bdb99acdfc3650f59a0080746a4d87d7f76ac558a39650fa35b6a445f052797cbc7201b5e344ff73aa2af269e0e3613df366057128b6c1c782eaa380b1661ca81a99589592cf23e2036c60d19a747a96cd93d306f03573af2d321ab48e1300748e3f383aaa52c4d109d036f1299bf8394545db8c7ca6f445a53a77cbfd6a42d02c2dedbf39e8cb9dd9b0b87f6691828c6428f3a15a3b4885be4e60dfaf0396b9af0f33108f69f64a54475a682aedfca4fe390b0b4e594508e1aed4d303eb811cf05b2b10299e237ac231d1c74ad867faefd84bc56ee788fe8b9e516e698b607a405f477f2bdbec57e0da5d272d65b071a21dad50e0df58e76fe17409baf9a978fc913c8762247ee87e3a7d66a77805837da66023232e0f14d1c6e9a9507666e009696230b8b15b0198761381ca7fe7180237a126e2f5d722042310dec74afc2659fb9907fc918c6bb1e7f2c382e0eb6cbaed247b05e955555e864e118278432f1e40d19279140e85bd68c8c6f950de354274e904ad8685cfafe95e9a384b8090cd5d69bbff8a6fa04be08271a7268e1ba8095ea38b86d647729b09471307b323649d29075d1008498ce25e7961798d2010c908cb70a7061d8b0975dd70b033eec2071390d4532e0789bb48f0504dcf9dabd0d037711c108aa4a3259641df59f92e624d149303c2b4e2f23a2e997e43101022178a129c205575b9fe209ae5a1a20b5c97a17e9e5b0dd581472fe23922fe39a3291f193ae03816cbcfa4cdfaba2db54bb993eaa4a65226cbc7d3438bdb9fcab89bde3f2019901b31b259983637aa1cfd392ee10dfced477e1cbd794a17523a1b209eeef070c8d6a4d008f2caf8a91655bb10a166eeef65ef0ab86f1a504a99d3997538da1e343c51aeb91962dd8aa7542acc49acfa2fea92434f7da97973f6c2ce9262b141f29aef7133e7c3ce98a500aef172af78e9b3d36c93bb8d9e70b73794194cc0bf358ba796ec8c61fe0b5f4903a31e45780fedb20aaf7968f979349d938037d898d341f177365a931dfbcb89801a104cb9fa4b5d229c27d45bce121203975feb89810353d1e9322037f21f434296e408d6749cd012291e878a9fdb0657d60ab3973cacba644b1b6356235954b342ad3ca5a269e8931a7d25f5aa060111187b73a331f0782a215ea4061bef1227c7ba2b780a7a6858dfcf58a7e9c7ba4e19fe39e55ccebb77c7a722c313f3669282b36de8eef3540b8780f85e664f8678de4eb07bc0b64f885b2ec60a69b3fc14523683eba6aa4fd37939008adfc2588b0dc210df0e430b711a8a79cfd37f9fdabb23ff2cf3da9da30424c3208985c97bb4dac804d76001f4ff1c0ebcbcb188da1d3d4b466c9e446e904d5aa74080384da129941517e94c4c42eaf9f9c6d69e59830aa788d4c3d4731e5ce8bec6052a2d1ba0f6942c8544a44593daf7c05b3b2950b76825166361cd4362bf4048cb281ec34dea16618e12ad82e942665c96eea73c2928cb10e7f5aab488eb00f1f4399c346ecdc74a558f7ed4e9d71f140c5325b41c4e3886243aa6c3afa1c4164e069c3a63da80fdb46898e3b560faa3365f6bbca84947caee05eb5a00da20fcb71c75abbda395ffaab2f8d9823b2613b1f91a6382e502a28c7e22cbe6fa55d5125fda43724023f6d85ca96bbf70ba97dcfb776c1bbf0e167c6fb8fa54a1dbf9ee902eb9bb94b803a8ba9695df1d6c46df30ea2d1bc9b76ab66aba54196c5946805afe12e74b7f82ce4cfd87f31ae54e94bb04974e23b40fba3c9bc9ec547df089a520cc445c9a23b445185ae22b8153d6b41bafbb29e0480fe1d86fd3325baf07ff546621669da0be0a4e49b550caaf91cedb2d08c5ea042398b216fbd2cb9afa3a7edf14c20c0d125f2c0557a6d6cc7b7453bc7118b802a7781b96a9459531361fea759fa5cf3bda0613d8f3e7a3e36980ad70434a5f1dddc691b76b4000d5b98e3566704f85e475424106cd56fd7a517a5f22e86345ffd83ddd760f77e52c14c31195d73617032aa6af817fed1644f73a17947efa5a9e5f213c78c4675a82521b1565a6011bccc1e437501d17b5cf608122e227a473ab57b442178e2d73abcd481f28dd978a6dba4ec5e92a13c60d42a4bd34a6c2f229d291b626988dfaa7972fc8c6a82d22070b3b472633bc37ed80646054bb615074b167493d1e02a5072d5268f667cff15059f4e0e47e8fef1d37d20c81a177d33be52c9a8ba45c914ae7ef6ff4c11dedd3507fdbad10e599923943bd7986ad96cfd1957d88ee067cdbf6a89ff4b315453d575bcdbf71a105f06c5f6091edb4bc329da749768844306f0b7843eb6a59abdd308b597b09c1aca7b450ca6e9f3b607dea2ff6d9e1ce48e1a3fdaecde0bfadab8f5712b74d2e8bf17f3a773dd40fcc4b3dc17a5f234403544b83648b7efff80f06f814f1d9bf1a80d1cdd7cdbeedcbf9d2bd4e383a4e146cdbd62ce085bd942e6e508dc452a43135a4e7aba21de03a06ebdd1aace37ff8d86d1cf82f84cac9ca868c0d75975325c7a30e9bd485b6339e76b425abc80fb6168dbf2e1be96364f93f57fd184a8a598448177f74b01f2ab7cb1458fa50c7d67f6835f4f3dd10fa9178d2b49da6899b3605fc76be18752da81fec39c8018ee623375a1ff1d620c15b04e9e05fb46f6a439002484b1ea36d452f2fbb90f1dd500defb0b592087b657a4cebf0fec752e3d22dd6955ca1546dcf65f2a2454dc56c96d2333fdf209b4882cd06254e80c88ac465f7ba2fe6a8b24513aafdcc0ce25fc20169a016d3a34b9641519a6e46c7276ce4e903a7c5ce1dc", 0x1000}, {&(0x7f0000001b00)="8af7041ea84d41f0724580d34d2413c23b40b9f27b875d72af91543dbbd7c6c3bc69d3c47d05608c67d82d834e354bd9b5e9a99f9b4e01274b16729df5928fbb2f4c1dcf1d577e2c87431e591730582ae1442c38ddf1697b0a", 0x59}, {&(0x7f0000001b80)="06d1eccad816f8b45ce3626cc57304d1c3a7cd50690fd831e26d51914156a9bc6cf4add333f095d1b91313255cec32edb4a8c28d367127d74396c768797aecb5326a582b25e270e6269768795f908b00b1ff3b74a00143a20e0ea87e", 0x5c}, {&(0x7f0000001c00)="26709eba74a96e777954b68addbb19ddb567a9f27ce3f319fb33ae75795ea8fbcc67cc76b2a184a9f03550da4816d05fc6d352bd61990e15a6f6d12d2cc11720b9ddb9fe5d94d8ad822a2873632e528c46e01719b5e512f03a941ee824924e975b3936db2bc61330d95c9e8196c7385f8e9d4f1773cc37ef313bbc8394f808ff441829470211627ea81dead5e00737700206711de501100a4de80e782b735ca86232fa18b55b2c0e64e80e7faaafcc4a13703548b7d1d3b55c23f86f3eb0e78095e2d464", 0xc4}, {&(0x7f0000001d00)="2214de10306ff32360c44ef568089c15930a4a0a03158d430f1a348d51ed8f2dd0902da8d3a4ffa25a5b3983ec81fe4dabf666198bbedbe9f157db8cf35c7cecba2fa74f1f76052bdd4f01f88047d202d5b851e2ee69ea3d8384bf3db983747aa79099142211a8eeffa7182e74e127013f8aa5372bf413493b5411b00926105395c725c4cbd20c28cd70", 0x8a}, {&(0x7f0000001dc0)="9310a22c53e79af75965954198a8575b27f30f140f374517eae85548c64b8965eebe07fc286818e5e54ac8f642da5df8287469ae7b13afff61b8a3ab93096c7e", 0x40}, {&(0x7f0000001e00)="ab182b0863159060a32e9772ec5ee74e7a3e8c080e6b915bba1be6a129367f1f2c78966dc7576496dd1d5e5e9f502b0d0e7b8e3c8920a0fdcfca17bfad18310aafef3f0bbd7dac7f701b6e7737ecebfb985844df271a275b93b9ca53388da58145b90f15bd6685c50d7aad6fb74054d94cd664a3aac3fced2ba15df5289f34c0ade5fc926089bd71074782870b6dec2d1a05f36a8a0bf6018f4629b67273e67b11aaeccf68ddaae9792269ec5d4a99cc0c4ce3b070cbce946e73d9c655c2b0449ab055d86933d274500cecf3e1defb08ba11a3cd3c50813621ae1e4d0f004ea3d7032e", 0xe3}], 0x7, &(0x7f0000002200)=[@rights={0x18, 0x1, 0x1, [r1, r2]}, @rights={0x18, 0x1, 0x1, [r3]}], 0x30, 0x40}, {&(0x7f0000002240)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002480)=[{&(0x7f00000022c0)="5303779c338d2fc79c2d53b6ee08b242da6011abe540a870ca65d9fa5d157cecfbee689fd9466abf7845a435f5d7c95cd8d75f341c116ee829a8538c86a88b717da909d0fca96292c8369252cfef622d8533a65bdd72c773fdcbe52f74dac4c0dfed880cab1f8bc1c6a2323a9e1221f2d8fd034b4bcffadaa291f9b194680bd07c74768942ae0f3d748e2083449e615d43c46175a9e13a1a773b81aa8cd47da36f4acc971ab7424ac9fc8aa97d5fcab553491f2d3155e0fc2888a9d89f2e5bedeb6126cd0b8fcaf5af2aba6c74a433de8bc884c21e7f94c81e8e053552", 0xdd}, {&(0x7f00000023c0)="5bc1273603a29f164b50c95dd3779ded67b9b7d6c6dda33fe9e6d6533ab5482c0b8d7b371fd7cb6c5fa58bf01d35279e12397af787b143c575de8615a8feb5543ca7c91f19a70da9c156afb0a1f19ff0dae52462d24d555a1abfd9fe48e189e136db25ba0b4c471ad1fdba08f6ba1d1b78cf65f7840f89b171fd59924c6eb5918b640552d3d373df8fcb6161c24cd23863100afa9787395c14e2679f0204b6d2cf0a0a07b3", 0xa5}], 0x2, &(0x7f0000002b40)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @rights={0x20, 0x1, 0x1, [r16, r17, r18]}], 0xa0, 0x20000010}, {&(0x7f0000002c00)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002e00)=[{&(0x7f0000002c80)="a346a13b0dea8883f1317a98a8b027c212cb5475ad13871dcf8bdf4e31696be95ca64147079184697fa54d27472a16dd123a46a89e899bae704a1178659bed667903acd5c85c58d03290", 0x4a}, {&(0x7f0000002d00)="4d5c85ae98ed75fb6e7c47022b123e504d9f510f805421f86cec75b037137ce4a9f5a45cbfd8c9bf335279aad4def2f9d45a869d95dace12aaa66a3e23c5a8730560abdb961258745decc6386cb84419566deaefb9a4a03d77cc91452319f62bf4c3652c7569e9f923216cd1ce38f940228f400088c86cce2ef057d3559c0d098ad27f968e1a2bf232dcd161d0efe23c6fe3212970e814fb9e69b3e7ed77a724c63826730353d55fa24c72f20ffa93d01983a1c9da2c1105b78c49972ec55730a431c692ead2a28f276e10568f81fc6f47d36a9437b6ff33007697493c4f1fa86cbf6ea03ba34b9d092fc8870c1fbc99771088ea54", 0xf5}], 0x2, &(0x7f0000003400)=[@rights={0x20, 0x1, 0x1, [r19, r20, r21]}, @rights={0x38, 0x1, 0x1, [r22, r23, r24, r25, r26, r27, r28, r29, r30, r31]}, @cred={0x20, 0x1, 0x2, r32, r33, r34}], 0x78}, {&(0x7f0000003480)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000049c0)=[{&(0x7f0000003500)}, {&(0x7f0000003540)="877a07bd517a78cdd3740dd162630aefae1f8236bb2baf383fc359cf780f1edff51f8084b0f4b212ebb2b766376b3521ba92ddfeb9e6bb61cd410ccbeb3491176f9b5bcfaf0e3959a7a45d6b645374aa3b41cd57789bb55733076b6389c65160488242aac9f8206381962eef3462deab7064114d25aab2425607a592dd798c57d2166e6c35b0330443937a3b29ca8c3bf9b4ecec87dfb8acabaaf13ee414f23b8b67a94269bd8ca1913a1e0501d997cd309400e256c7f5bd4890030ffd05249953c01b93e386c15a797e373a768b0a63ccb634dd08d724a7849c36d4b5fc20e10043cae6ad2c55cfd0191a59bb17c277a6e2d9d83e1542b90286af", 0xfb}, {&(0x7f0000003640)="3d8eb04a2f2a8c4b1b3ec219ad013c888487b559f7b0335ecd9adde66a6d93c8b8883369f6c1cf40e947b392475968f2023e61e534b9bb5de8ecbd1fcb2a7dc9114e1e844c8c4cae53329ba425bf275ff602677eef7509b638be93704c12fd10278c2a4378d9d69ae00b40b7c25deb416833a774fe044704098f360ede43c7a5be8e565d7cec1b3825a7046ce583f602cb783f9ea72712f1a76a61ba8a31968960017933f08b3a2fec03c4843d1a35ee7b82486c3079151a36105d7950ca501d1a5e293c", 0xc4}, {&(0x7f0000003740)="3d85418f7b676a26a931c0a184088cf4542f9e8d05b50c3b415810481b041b34e4cd2d76afdc2a093a3d0633d862944a3113ed317b64d9bbb802612b9548d1d55e3a84b6d6c0a0e7dc07baac8f4055dec7dad6e14e21a0f4b891f1430841d95f524b76faf1567be6100e636b6c34acfe966fc4c23796de4ac2d19b29027fb885fe9da05f078dd51fa8a2d7c5c91b4053e5a7", 0x92}, {&(0x7f0000003800)="ea332a9793aedef18ae185acc7842e0592087d1d74601b173b4ac5af940249194a041192d5", 0x25}, {&(0x7f0000003840)="4729c6f483b43cb61b7be9c6457b32dbdf48e93b7aa602f487754579b06e2b94e2e7dbfa77d7212a01110518f595eafd0b3dba004703d5e54336cbf0a0a3fb3fdccbcaafdb430e3b9991f3a840feb3fcc6cf8e4d3cb7e83784e6830cfc0422bd18749b76f8290463a3d0982f48650ce44b42d0f008bbc486d9215ace69ed4f3042bf3f0cd7b4efa08ec3b583debd91992f5c2a49b42c263041fe67c3afe4e22b53ff4f5be8c24d9b305acd58da6a449b540fbe76b668296f1d7e8e8c509c0c2f456bb0fe92abc3c4939251b13705d99413d0e45991c414e05a628d3d06e3e5318810f845cd9e01e5e73f983567201836944b8192b90b941e0cebfd7510e62ce84e81310c94ef7e49fdab925d7985d739c12c5e80b0e09d28743b4714430e8c81fa6494768729f934902b9a04a010652efb61d651032d0fe0be715e171505bc76284eb594d6e2e4e126faf928dbe20b2fe750cacef6e04c9e72a870376fe6bd4153234b7a6975dd8f3bf0cb0703ffcf9afcb71bc288e9d16fc45e5ac9c5d1c60e5e7e325b2b38a7c74a5e5f74035869d178aeefb921f1ea00fd08147fd3fcd7f0c36b4bbc87396db5aca9698d6de0a583b05b8c44b01861daa0e667099a337b8db7592bf25b84959f1ffaa997c78ea34008a800fa30a698f53ff86c0c693a66052a5ca1bab7cb48cab61a0275190d9d92c0c865d70da775e23309df8deef9125b3ed624e1e404818e106267e3851e4a9755832d30a303b440809389dc204b21013b41e5e37e4e81fd2f011166bce5e5524b15a4e85b2e4e1f1fc45632984fee57b8dde78218885c1472c6ef7c8c7521d4b273136428d92cfd2c2b0c8bfed6425358ae454d83339768195b6eb5b2a2c19c893c5ec5216b69650481697b762f93b281d8b1939aaa14d281c977505fafcfd14b197f7a5f011deafe164e0018fe98459c425ecbfd302d8492f0b0547d86f99dbf52b988746f71f19b2fb666918f9dbdf84bd1846db57b04ab3915af6fa617c7cf884934ad1f0a6ec179c8138516bee5ff47b4d7ae204627b8f47b4ac9fbd4966154a655e6defb8ac91edeb15afb38f09210244e995a42a63d0161b9f83294666bfc4cdb490d749f0d9eeeb780924e8f030581c0dc66c847d2d244c1e2fae034d21f9b77a8922edb60bc3e174aa2166d62435a72875d14365eb8f9be52b08583a23a6fa08dada668006f3cff62b85e6f55e37fa754a62229a9bf898610d60f0380b62ef52d215b0ba3616fb1c33f23bb011eb2e6ef1aa0fa909f85098bdc5d8e145729b5c0a98bd344dfe18c561c26f81f01ad565d44e343e5f83f29e2242d8096671155ab4ace9f2c0228203b3bc84cc10acc23fd51fface26737b965612a9a75140e5a6e3e243f630603db8135b4754602e4756c55e755cc21eecb6beee83694ef01d6c99920442fcc744f47a1eb9702ad112d8f5493a83332ab4b92ff7fe94c1e54d566fa35e38ca40afbed73bf4cbf97efa75fdead9399b735b54523d356380300b266755b083f3edeaefb48ff0a9073d95343f15de5f662325724e734d736c81a6719fc40483f3d45e8b7650bc359c71b53a50f3bb7ca6753c21eac50b4f3821422ab09e7a3bd339ba9d132d84a45669aad44af1f8a0cb4c72c97a9926ed0a6070e153d3ac0bee7d21e587a33156cfbda423d1dbefd99335c6d0277f0d86b3266d52f89410f6ef1833dff2478862edbb4958842b2e7fb9bb8dac2fcd7528820d0ee8f67b7042e4be2ade9f813ac7227a7a8048211a509da56628a5107ff8ec57c43778940e66c1b2207ca04348579f2baff06f71db235e021f1d6403eabe9bb35859d00462fd7e9983ddb2fbd77351da2c28ae1ffe01da15479a2043b8ed509cb9dc76a4d6f0c61cabacc0409d29eeddbafd2ad9c13fcbb89a8a9cfdf615e36c9c0313f7b2603d4148c535dd8c6e75b16b4c25ca27d49a1f73d1a4ccc77c0a6a2656119ae4955b91ed3556c3c54b97543f0897450b97502f47da4b166aa6ae0dd4240738a7f474bcc12ceae16f5b22b188e6b29749878b8a525cedefed650db9c68efe485be6dd632be2660e746bcebdabb7c51b3ebcef77794140f28f93d5dd1e2b7e34d55496b4d7b1ae6b8d9703b06bf082f6147a4b3556e89468728049cdc68528f555585ea67ad7fb14926013b1bda885acd25deab45042bf884caec8b476549d49649b55d005c2c9e8c00b5b6de33d79cac28960ea3fd9f05ca328c43771001af2062e7207cd5af567a8190b97f37f2aec01a90fb2d36a9b43b9dc29fc3a548f2f1cce0700ad14a9567e10f70645814c5e7af58af20a68bd34624e53c307caef7402e21549de4b1d9988b0eaf4e02440fad47008a6f64f728c27458ba27a965e47c90f854b1f0c6a3bbf71d443320339d5881e179a3f0fa03854dbdcd93328bab72b4d6bda05d8adaa1589d6b2f42772b9b5026c098516b7714dac9d10e86c463f5701e6aa149c6ec596e5fd70b1591d66e5a0a1097e424ad54897f77491cfd43f01f2f76d1aee8bd5cf323dede1a85118def88e1586925708ab55967114b63c96a3b1762e94529a37fb3a5a020cfa8fbbc92e56d38c25904f0152086a46d9a8ea0db7479bc8cf6b3b13c5933ec7c931254293d3e830727b65608470dfdf6c133952c35b202f83bde39b4907c9fca9c65a527ac0162e0118940519d44f501585af4be99f1edfbd6494b7c4288feba5dadd85dd076cd3fe9ec686d95d94c156c917eb9a8cb453b6800fb6161346af95702f8794c81fd5abfa6051a2de704655fafc45c55f505f64dd2ca6da8d381558e2d28bb55cefbbaa9565162fe3fd1905b2674f0094494edbda7cbce4f0cc197fa151d6b7313e845fb2d96c44f3d1a4c881c55b6a5d62365933ba207b49806b54571dc68d8d59ca08ce693accec046cefe0ad0fac6bb9f7eca0cb646a133228e9d16b539338ff7fd54529cbc117682d7b3f65105fd32e952a811de61512745ad9dfbd6458fcae745d27ddbb5d9369b3f0ce967da14a4eb02b970dc574463e785518e5873d87ab72df1bfa82540d7e2e89e33af5b84ad5d8f7f9e89f6087c77cd9d05838bcd3cef8c00a07cd7c0b99800697e10bf7d4d4b7c96636ef82615113fc42cab0fb5d602eff0a39ebd0125d9b2ec49ced8e9565247f02787148a913f192a465f1c0c769c91ca94f7afaad850304dce5c4a0ff2b2ac9442e25f114c4115a0096d757b79a98c16801c248977b6277c76a615bf2403afe9b724b408835e4eeae19d372f48c61d68188960d447ca9160b726b2267832267a2e3f3018fd02bef99a5bf6bb5e0c0af6dfe77f17b0bae7f19286d3a3d5d8bee9aec1fc941d8c13ae22515c1694160e00fd9a5dd89b4343f18d1b06bb6079d0022f70ff94b85020519ad9f0bb6c0e1072432636bf55ae4a4fbbca70d6c1bfe1d170734ec561a78be45bc594c8bc6fb79470b4a97cade9115c3ee0f70489c9e540b2ddd60aad362c12bea84efd01557233ed6bb606240bd3725959e1c2b7ce3dcd29582e3aa0ef761891707bda4c3764d030782459809398731f05f80efa7173da15103937a893aede252b2dc0dd329b99fdaf78395e62aea61fc31641c1b5118c11e17e58f3700d2974eff297bc7ec355eed2529b0de8bdfeae3ef32c353f14f032863134569d59bf89737b802133dc7ccb903d70e98e5ee46d8b643a504ccab2c1ae378cd948b4fc0efdfae68b1ad4eb80721039af69142f03d8f63239faa94aa2044ff6df5089b5cdf6f3dc570106b796db3fbfdb864f2b21949fab5bebd91d2889c76ae1e34b6104f4feffcdbf14346e2c84c548395b813561c2c6b20f18c872d106d0c25a870d33836fc2eccf9c621b67b70ca5ec42157a99bcf3e9030ee31044b019eea95d61cbcd315c7ae4bffd764e98061d888eaac8ecf42838dbb702592680a1d04e309df7aad235fd87711357ecd0f3d0a8fd2cefe5a97a0c5ac8fe07f6d68d4a9e26db522f78ec43b0a5b52bcfe3a332a65c57f84dd949e9036eeadc035de4db2612045dcb4a69c9c609a8e7e2300a8486ea271bd4826e33cdc81e5f2aa28ab2fe2f6752e307dee4dc624bcee637ae4200c42ba224bd1eea3a038b10347a9397fd53f5cd3a083ff95762c2d303d997c070b040db7f1c6b0e7e7b34f6c6f43dc2997fea861750fdb866e1b804a8a17724c8d5dee8d898d3d78ca9c2f56ac1a1515ce77dd2927857ddc00f1663d0aaa114054c1528393fd03bbcd2cbd31afc6f5dc63ddcee6a542902f9765109460306c839f8182c3ba3f31b5cb63070c414faada86dea705db5b198ef7027b703a32d8ae2aa6f7eefae5cfee2c724f12df67d29fcbbbcd53de3aad07f8db56abdfcfb991e10803433f22fbb817ece0e590a8393a8beeec7732725804ed49f62015cdd77739a310a56d944da3ca11eb92119d99e32641053499460a0ce66c5ced76400ed60a54e2a6824c893f669742d4c3e2a1f502a391a95bb799dad8ff25d62d0877b55fc0233c0673d7f0d47954905372f35192f3ab456003d9febfb46c53437ddcb207eed75eb52a04a8219a3663b347bbfd8c5e4dce2be23edab77293406a4700b668cea55c9c4b251870ab21bb3c689f19dba190b1b1597d1417368a712dad7f5adf25e718e16b014db169fdbd1b0e5e9139afd0d2a3a71b22f90255df48a5c33082aa34b322468c1b0b7e2f8bdd3658812efdef3edb19b2c9b45e28ca83a9c6a6b1235559230ccaede629dfa1ad7eaa4f67fdc4d65906c147b7ef41da75f270c215387dbbc9c5f0137512dc6e3a22d2ca81191dbdd8bd6cc4c50f90b8a14e9829b5f53f6fdc4a1ba69cd6ebba565af9e143bf77da255687939ab944410f070d07ba72287f4dea57d0c976cf6ba46acae8e5a59cd7e29310489b62f777910bcb51f414b0e37c5330b67095a7167bfe9dcfb88d0d07dca367caccee7899eea767c840367099900a85ef137885eaf993c6e5f5b59245e09be09b34adeb5f44a86f9a2dd9699288724164d76692e9b4f9d7175977875c28cce17f5941b477d49d4aebff282d5a5fd12fd5bf286901e96dbb81a86fc35c38a0128d0c71bb2a25ee76ad428181733beed57fe6618fd88189863a84801a0aabb32c5252f6ce3fe209f239d0eab18f058abc9caabefb831a10dd0790bc3e4906d344f715e083069112d0fd7178f818a398ab89370412601073de63d573590d9a89420471f382bb8a0fecdaf946f2b6fd211e9f707baee4e9383198f6a6e96ae1a5ef351abfa6e5298bd1f48bf64afa6c3046da6a870509152aeef1a309494a3976502712cd732d568ac498149b339f5465d2ce521fb34c7c809c7a6bd1efcc4129d56eee494ea2f3715926a618f198c9b88cc514993e3ec237fa029dc92ec9965260f11933c9e66791bbeef630d64c862d6513098fb577cf809ac73a4ce6594c8ebbe7585268c348ea1414404dcc6f975db893383e2ce792c508525ee33342dcb8f2fca660d2ad85f0d455506ba8fb65bcf0edcc40b3e94e40ab2be9a1bd652620adb5aef08e3438ed416fa1c57f608f92ee5075457c604ce9940ffb50b7d32256525fd76fcea619e72a9f873adc7c1a5577383e4195302a344f44c8ce1d5bbdce68c68eb25614e769fa46c16452b320e1c96457f71dd1180c46531da9b413b7d8f50bd9fb3fa647ad54a4e6d2692584451cfd0dfe87c978507c08579c7558e5ec096d87a650b243799856ec94512db6a90a9ed5bdb4f31dbe5a3ecc42e0e43bda0128380c10cf4a9d89fe174eac9b1cd718e196c05a45d4f", 0x1000}, {&(0x7f0000004840)="46c0348b2efedf832018219941f2748db0dbad67653d", 0x16}, {&(0x7f0000004880)="f6fde4d62671fc019d9d293acfb87f8fd31238d6190026f262bb875cbb52e1dca63495a97a75d183dcce7c7c1b8572c5a2f70c88876892caa54070c0d3656066cde07f267a1e47ee9cf7521a800a22ffac2207fa24ec396e6817cd3e3b207d638b16748502f9011af2fa135782f46b7ca3f0c81874a2c6e203f8a4d22d67a6b13757a457025b4719b02ffbd698665d8df54dafdbee3f8f9b7dc05b267bc53622c1ffc6b402a26112a283feff3aed6598ee080ba01d9552b754f4a537289f48b79e9268b49ea75029efdd60f32c395ee255e8c92ee7eefb2e635074d5d2", 0xdd}, {&(0x7f0000004980)="47baf3d0525fa298f2d076098d6017d0e2baf19fdb0d0999d760f9f929d18c2bc5a41b4ce9624bba1b4bce", 0x2b}], 0x9, &(0x7f0000004d00)=[@rights={0x28, 0x1, 0x1, [r35, r36, r37, r38, r39, r40]}, @cred={0x20, 0x1, 0x2, r41, r42, r43}], 0x48, 0x4810}], 0x5, 0x1)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1f, &(0x7f0000000500)={@empty, <r44=>0x0}, &(0x7f0000000540)=0x14)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$unix(0x1, 0x4000000000000, 0x0)
r45 = socket$netlink(0x10, 0x3, 0x0)
write(r45, &(0x7f0000000040)="29000000140003b7ff100000040860eb01479f92f087bac98e7f13f8f5cb160010790000005300f00f", 0x29)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="020000"], 0x1}, 0x1}, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000))
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={r44, @local={0xac, 0x14, 0x14, 0xaa}, @local={0xac, 0x14, 0x14, 0xaa}}, 0xc)
r46 = syz_open_dev$sg(&(0x7f000051b000)='/dev/sg#\x00', 0x0, 0x0)
ioctl$KVM_SET_PIT(r46, 0xc0481273, &(0x7f000084cf90)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3}]})
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000002c0)={0x0, 0x38, "da727d29b6a31637534d0e91096da51bb909777ed77bec39fdbc97351d0fdef3d98d440886a68e4cae0d51dad4195efd8f61004960e6918c"}, &(0x7f0000000380)=0x40)

2018/03/31 16:36:43 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x0)
tee(r0, r0, 0x2, 0x4)

[   74.051876] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
2018/03/31 16:36:43 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000000c0)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x3b5)
r1 = semget$private(0x0, 0x1, 0x0)
semctl$IPC_INFO(r1, 0x6, 0x3, &(0x7f0000000340)=""/210)

2018/03/31 16:36:43 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   74.110653] IPVS: sync thread started: state = MASTER, mcast_ifn = gre0, syncid = 0, id = 0
[   74.119302] IPVS: stopping master sync thread 7015 ...
[   74.132765] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
2018/03/31 16:36:43 executing program 2:
r0 = socket$inet(0x2, 0xa, 0x7ffffffd)
pipe(&(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000900)=0xfffffffffffffff9, &(0x7f0000000980)=0x2)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x2, 0x2c0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000040], 0x0, &(0x7f0000000000), &(0x7f0000000c00)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000ffffffff020000001100000000000000000000766c616e3000000000000000002792b6a1821bd52d159d5ac4000000697036677265300000000000000000007663616e30000023a479c04d92b93a0000000000a076d9730000000000000000000000000000000000000000000070000000a0000000e80000004155444954000000000000000000000000000000000000000000000000000000080000000000000000000000000000005241544545535400000004000000000000000000000000000000000000000000200000000000000073797a30000000000000000000000000030000000000000000000000000000001d0000000000000000007465716c3000000000000000000000007663616e300000000000000000000000766c616e3000000000000000000000006966623000000000000000000000000056190635f233000000000000d238742a69de0000000000000000be91a2d3a8554d13a6e01c4e40a30e700000007000ff00000000000000544545535400000000000000000000000000000000000000000000000000200000000000000073797a300000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff000000001f1061fdd1c370d5d912f43237e41d60e8319efdf11090c15aa0d47a85043c606c2528655d85a7dc2c9badd1ff484354202490533cefee99ebec8857ac240231b8513e5e623ecc5f2e10bdbe7f1cef75bf38552d3deabc860c1b601adf8ebc4160b53d00000000000000000000bc108035ee6ae800546090863c79b398d1e28fd50b64b646dc1bd8b01d"]}, 0x338)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040), &(0x7f0000000080)=0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f00000009c0)=[@in6={0xa, 0x4e23, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0x200}, @in6={0xa, 0x4e24, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0x8}], 0x38)
r3 = socket$netlink(0x10, 0x3, 0x15)
getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f00000004c0)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000000000000000670000002c1d9da25b7dce895474fc8a18f60a370bea882811b3119a1f847eb77176e637b03e2374853db1d301bf6825c5ae97872027659c141ce876c6ca96b3c86f2db34a3a472fc53be8fda03fe6bafa0dcdeca431e97145e1e5aabf91e261254c000000000000000000"], &(0x7f0000000580)=0x1)
ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000f40)=@req={0x28, &(0x7f0000000f00)={'bpq0\x00', @ifru_addrs=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xf}}}})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000940)='IPVS\x00')
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000005c0)=0x24000000000, 0x4)
r4 = semget(0x2, 0x0, 0x32)
semctl$GETALL(r4, 0x0, 0xd, &(0x7f0000001080)=""/222)
getsockopt$inet6_dccp_buf(r2, 0x21, 0xd, &(0x7f0000000b00)=""/72, &(0x7f0000000b80)=0x48)
sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000140)=ANY=[@ANYBLOB="f8ff0000a7307a0f522eb40dde7719cc81e65699ddf12b9fc79f394dc831d3f3e32146814804270c048cd5f3a02a0cdcfa25a0e5935d3594f9ea575d3e8e1c1cb3bc76de3708030baf0923f6f684ea3508d9d2580aa35219b63c4051330f144037f9909c85cd5ad04fc0957714647a1c9b6c68945c894e52839f9955f7419bd9ec120389bba5253f6d70d3677094fc8d9828d150fe0201d277e3ec207cae2da3dda8c9ff11a8c6e2a2479661a08126cda8"], 0x1}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1208000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000f80)=ANY=[@ANYBLOB="381c06006302548da3468a71308e009252e2b472f13bf86045ec595d26fd7438297e9f390e5e80d731f0712fa4793f5bab731d2f6a9d65d188a3569271c78df71f996ec57d46eab986ab27defcc589f2f4533e1755c54064d748dd7a46cb3ac489201968c397d29046b92ea129e02956494b79e1cfff72b0abcac95f23c14f03fdc480f83384590f590691ea48a6f69a3717d8760416add16ec676b016fdac9c852bf211a83b34d5a87939", @ANYBLOB="28032dbd7000fedbdf25050000001c000100080001000a000000080006006e710000080006006f7666000800040008000000"], 0x2}, 0x1, 0x0, 0x0, 0x40000}, 0x48000)
setsockopt$sock_void(r0, 0x1, 0x3f, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000640)={0x9, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, {0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}, {0x2, 0x4e20, @broadcast=0xffffffff}, 0x80, 0x7, 0x1, 0x6, 0x0, &(0x7f0000000600)='syz_tun\x00', 0x2, 0x0, 0x9})
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f00000000c0)={{0x89, @empty, 0x4e22, 0x4, 'lc\x00', 0xc, 0x3, 0x3a}, {@multicast2=0xe0000002, 0x4e23, 0x0, 0xfffffffffffffff7, 0x5, 0x200}}, 0x44)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000bc0)={<r5=>0x0})
ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f0000000ec0)={r5, 0x3})
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000a00)="b549e6d9e631523e8aa870a79e9ea290fddee05bc1e6575d458abceb01ca37984645c42281cfae3d44c3577e8387bb9af3931423a18295d13c33bab77768b1b747e3c77e23d86a7e1dcdf506f604d1fbf75823920c3f05ead8c5f3407a82c4c9c3af7ac477ceebab457e7b80c5eda8b6fa7c23c9bd1e0d55e7c396873b63358faec129157e65cdc9f2c0fd62884b3033daf76073277670c20667db8309f2e8ce4a053e3f003564ad33446bbca4601788d7f9c2b684344250b9e543908eb49c40fcae92401eab9371704e4e492fe8594ad4ffc9bc441560013863f9e5bb4b0a6e62d7", 0xe2}], 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@broute={'broute\x00', 0x20, 0x1, 0x150, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000700], 0x0, &(0x7f00000006c0), &(0x7f0000000700)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x1b, 0x0, 0x0, 'bcsf0\x00', 'teql0\x00', 'ip_vti0\x00', 'erspan0\x00', @empty, [], @random="c8992de4105a", [], 0x70, 0x70, 0xc0}}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}}]}]}, 0x1c8)

2018/03/31 16:36:43 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   74.223796] IPVS: stopping master sync thread 7036 ...
[   74.233092] IPVS: sync thread started: state = MASTER, mcast_ifn = gre0, syncid = 0, id = 0
2018/03/31 16:36:44 executing program 3:
r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000340)={'broute\x00', 0x0, 0x0, 0x8b, [], 0x0, &(0x7f0000000240), &(0x7f0000000280)=""/139}, &(0x7f00000003c0)=0x78)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$sg(&(0x7f000028fff7)='/dev/sg#\x00', 0x0, 0x0)
ioctl(r1, 0x4000000000001276, &(0x7f0000000040))
msgget(0xffffffffffffffff, 0x800000000000)
getsockopt$nfc_llcp(r1, 0x118, 0x7, &(0x7f0000000740)=""/223, 0xdf)
execveat(r1, &(0x7f0000000340)='./file0\x00', &(0x7f0000000580), &(0x7f0000000680)=[&(0x7f00000005c0)='/dev/sg#\x00', &(0x7f0000000600)='/dev/sg#\x00', &(0x7f0000000640)='\x00'], 0x1d00)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x0, <r2=>0xffffffffffffffff, 0x1})
ftruncate(0xffffffffffffffff, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000700)='/dev/rfkill\x00', 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x0)
r4 = memfd_create(&(0x7f0000000000)='/dev/sg#\x00', 0x1)
r5 = add_key$user(&(0x7f0000000d80)='user\x00', &(0x7f0000000dc0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000240)="9ed6a70e5502a3be7fd56ef0239bd02d3719d6fadbc6cd1c363228811d2ba048c11663", 0x23, 0xfffffffffffffff9)
r6 = add_key(&(0x7f0000000e40)='asymmetric\x00', &(0x7f0000000e80)={0x73, 0x79, 0x7a}, &(0x7f0000000ec0)="84673a4debb1c015496118", 0xb, 0xfffffffffffffffc)
keyctl$negate(0xd, r5, 0x0, r6)
readv(r3, &(0x7f0000000d00), 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x400000, 0x10)
r7 = getpid()
wait4(r7, &(0x7f00000000c0), 0x20000002, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000300)={0x2})
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@loopback, @in=@loopback}}, {{}, 0x0, @in=@rand_addr}}, &(0x7f00000001c0)=0xe8)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000140)={r1})
stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000480))
clone(0x4000000, &(0x7f0000000f40)="86047fcfdb5ec091d5c3bfeed0b86267d507af4d", &(0x7f0000000f80), &(0x7f0000001040), &(0x7f0000001080)="0638637f06173180f0802415659c455ba0dcbc66e63ece47bf11341cdf48280f4b9d7cd266170607f644a22a0577dc5b0ea2f7c53dceeb6f0de89a5667f0906d2389b0f6a4948367e27abf276fc66ed4de79bdbd4de34e4e820559a384883cfe96a9933c6c21839fb494cd568466301a23c2b5665b1a3ae596ab5a6d8ed6221ae15d0482")
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000e00)=[@in={0x2, 0x4e24, @multicast1=0xe0000001}, @in6={0xa, 0x4e20, 0x10000, @loopback={0x0, 0x1}, 0x3}, @in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x3c)
ioctl$DRM_IOCTL_AGP_ALLOC(r3, 0xc0206434, &(0x7f0000000040)={0x13c24d0c, <r8=>0x0, 0x3, 0x6})
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000200)={0x3, r8})
ioctl$TUNSETOFFLOAD(r3, 0x400454d0, 0xb)
ftruncate(r0, 0x7)

2018/03/31 16:36:44 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000c93000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x20000, 0x0)
execveat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)=[&(0x7f00000000c0)='/dev/binder#\x00', &(0x7f0000000140)='/dev/binder#\x00', &(0x7f00000001c0)='/dev/binder#\x00', &(0x7f0000000200)='\x00', &(0x7f0000000240)='\x00'], &(0x7f0000000300)=[&(0x7f00000002c0)='/dev/binder#\x00'], 0x1400)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r2 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000007000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000002000)})
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = eventfd2(0x200000005, 0x80800)
readv(r3, &(0x7f0000001600)=[{&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000001500)=""/231, 0xe7}], 0x2)
close(r2)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000008fd0)={0x8, 0x0, &(0x7f0000008000)=[@release={0x400c630e}], 0x0, 0x0, &(0x7f0000000f4d)})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f000000dfd0)={0x14, 0x0, &(0x7f000000cf68)=[@request_death={0x400c630f}, @enter_looper={0x630c}], 0x1, 0x0, &(0x7f0000008f37)="c2"})
socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000000180))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000012fd0)={0xc, 0x0, &(0x7f0000007000)=[@dead_binder_done={0x40086310}], 0x0, 0x0, &(0x7f0000012000)})

2018/03/31 16:36:44 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x0)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:44 executing program 2:
perf_event_open(&(0x7f0000271000)={0x2, 0x70, 0x49, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
write$rdma_cm(r0, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r2=>0xffffffff}, 0x2}}, 0x20)
getpeername$netrom(0xffffffffffffffff, &(0x7f0000000100)=@full, &(0x7f0000000180)=0x48)
write$rdma_cm(r0, &(0x7f00000003c0)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, r2}}, 0x48)
r3 = dup3(r1, r0, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f00000004c0)=0x9, &(0x7f0000000500)=0x4)
getsockopt$EBT_SO_GET_ENTRIES(r3, 0x0, 0x81, &(0x7f0000000440)={'filter\x00', 0x0, 0x3, 0xf9, [], 0x3, &(0x7f0000000240)=[{}, {}, {}], &(0x7f0000000280)=""/249}, &(0x7f0000000380)=0x78)
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000200)=0x4)

2018/03/31 16:36:44 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000240)=<r1=>0x0)
fcntl$setownex(r0, 0xf, &(0x7f00000000c0)={0x3, r1})
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80000, 0x0)
ioctl$TIOCSTI(r2, 0x5412, 0x6)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000140)={<r3=>0x0, 0x38, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x8, @empty, 0xea}, @in6={0xa, 0x4e23, 0xffffffffffffffff, @remote={0xfe, 0x80, [], 0xbb}, 0x9}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000001c0)=@sack_info={r3, 0x8, 0x6}, &(0x7f0000000200)=0xc)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f0000000300)=0x7, 0x4)

2018/03/31 16:36:44 executing program 7:
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x1, 0x8972, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000271000)={0x0, 0xfffffffffffffde4, 0x4a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000080)={'NETMAP\x00'}, &(0x7f0000000140)=0x1e)
r1 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
write$evdev(r1, &(0x7f0000001fdc)=[{}, {}], 0x30)
ioctl$sock_netrom_SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000000280))
bind$inet6(0xffffffffffffffff, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x0)
sendto$inet6(r0, &(0x7f0000f6f000), 0x1000000c4, 0x20000001, &(0x7f0000faafe4)={0xa, 0x4e22}, 0x1c)
uname(&(0x7f00000002c0)=""/61)
mremap(&(0x7f0000a95000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
fchmodat(r0, &(0x7f0000000240)='./file0\x00', 0x74)
setsockopt$sock_void(r1, 0x1, 0x3f, 0x0, 0x0)
ioctl$sock_bt(0xffffffffffffffff, 0x8906, &(0x7f00000001c0)="c0d49d67d068c8ffda961e6e3c6329477a0d5dcb539d8995b11b3a48b432aea180e2a1b6cefd2da44d5ab6d1ead6ce6a8e2843759f2fd80f4b9ec9")
mprotect(&(0x7f000072d000/0x2000)=nil, 0x2000, 0x1000008)
mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x3000007, 0x1011, r1, 0x0)
r2 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000004000)={0x4, 0x0, &(0x7f000000cf90)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f0000005000)})
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f000000ffd0)={0x0, 0x0, &(0x7f000000f000), 0x1, 0x0, &(0x7f00000000c0)='b'})
mmap$binder(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000011f9d)})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100), 0x1, 0x0, &(0x7f00000002c0)="95"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000380)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), &(0x7f00000001c0)}}], 0x0, 0x0, &(0x7f0000000500)})
mremap(&(0x7f0000676000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000590000/0x4000)=nil)

2018/03/31 16:36:44 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:44 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r1, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:44 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(0xffffffffffffffff, r0, 0x2, 0x4)

2018/03/31 16:36:44 executing program 4:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, 0x0, @dev}, &(0x7f0000000040)=0x1c, 0x800)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@mcast1={0xff, 0x1, [], 0x1}, 0x6, 0x0, 0x3, 0x4, 0x9, 0x4, 0xfffffffffffffff8}, &(0x7f0000000100)=0x20)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={"776c616e300000021e00", &(0x7f0000000440)=@ethtool_regs={0x4, 0x0, 0x1, "1f"}})

2018/03/31 16:36:44 executing program 7:
r0 = socket(0x11, 0x100000802, 0x0)
r1 = syz_open_dev$tun(&(0x7f00000003c0)='/dev/net/tun\x00', 0x0, 0x10000)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000240)={'ifb0\x00', 0x4001})
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@local, @in6}}, {{@in6}, 0x0, @in6=@ipv4}}, &(0x7f0000000080)=0xe8)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r3, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'gre0\x00'}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r3, 0x0, 0x48c, &(0x7f0000001d00)={0x1, 'vcan0\x00'}, 0x18)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000040)={'erspan0\x00', {0x2, 0x4e22, @rand_addr}})
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000100)={<r4=>0x0, 0x70, 0x10001, 0x3, 0x0, 0xffff}, &(0x7f00000001c0)=0x14)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000200)={r4, 0x0, 0x7, 0x9, 0xda1, 0x7}, &(0x7f0000000380)=0x14)
r5 = dup2(r2, r0)
getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000140), &(0x7f0000000400)=0x4)
ioctl$PIO_SCRNMAP(r5, 0x4b41, &(0x7f0000000a00)="6869891630847b948f547d62ae881ac07be88effd9bdecf4eea4962864d063872854f89b29d9b55e6ca67bb464c54d7082e796eb3177e97df5644a4a4f078cbc48abd39f17857ab9fe02e3d4e3c9afc5c4c67b7d603bd8961f99def2aaec59d38194223d2c8e69d03b30d679cd3b3be1a7bb74ea83f44e9a1c36623e214f92159bd040179f26b48a506a8b8a0c582463c8f5dca34392403c5ac95cd9e0d54525acda")
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={"68708b1309003000080000003f75ca00"})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000005, 0x50010, r5, 0x61)
syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x1, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r5, 0x118, 0x0, &(0x7f00000000c0)=0xfffffffffffffffc, 0x4)

2018/03/31 16:36:44 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r1, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:44 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r1 = accept(r0, &(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, &(0x7f0000000080)=0x80)
poll(&(0x7f0000000280)=[{r0, 0x80}, {r0, 0x80}, {r0, 0x1000}, {r1, 0x8090}, {r1, 0x80}, {r1, 0x80}, {r1, 0x80}], 0x7, 0x9)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000b40)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="253fc8bb757ddb4262dc69aa5c44fab5067864ec96f6517fa2a98ec0dfb6318ce7afc5"], &(0x7f0000000100)=0x8)
syz_open_dev$urandom(&(0x7f0000000340)='/dev/urandom\x00', 0x0, 0x8000)
getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000300)=@assoc_id=r2, &(0x7f0000000500)=0x4)
socket$inet6(0xa, 0x0, 0x207)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000140)={r2, 0xdf, 0x5, [0x1, 0x1, 0xf5, 0x0, 0xffffffffffffff00]}, &(0x7f0000000180)=0x12)
execve(&(0x7f0000000380)='./file0\x00', &(0x7f0000000440)=[&(0x7f00000003c0)='md5sumeth1-\\)\x00', &(0x7f0000000400)='%losecurityvboxnet1.vboxnet1(\x00'], &(0x7f00000004c0)=[&(0x7f0000000480)='ppp1\x00'])
rename(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00)='./file0\x00')
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x10000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000005c0)={{0x2, 0x5, 0x1, 0x200000000, "a054b390f21c1e4873090b104e5f26b61cd62fe98f062298dbcd37f32115b436393507aed172539d32829188", 0x2}, 0x462, [0x9, 0x7, 0x8, 0x7, 0x800, 0xfff, 0x4, 0x40e, 0x101, 0x0, 0x3eeb, 0x100000000, 0x6, 0x80000001, 0xd1, 0x7fff, 0x0, 0x5, 0x9, 0x9, 0x32, 0x9, 0x0, 0x81, 0x0, 0x1000, 0x1000, 0x2, 0x3, 0xffffffffffffffff, 0x0, 0xab48, 0x9, 0x1d2, 0x3, 0xdd56, 0x9, 0x1, 0x6, 0xc60c, 0x8000, 0x4, 0x7d, 0x7f, 0x9, 0xff, 0x1841, 0x1, 0x100000001, 0x0, 0x20, 0x81, 0xffffffffffffea76, 0x3ff, 0x3, 0x10001, 0x0, 0x3, 0x9, 0x5, 0x5, 0x5, 0x0, 0x5, 0x2, 0x6, 0x8, 0x100000000, 0x101, 0x27c10434, 0x9, 0x5, 0x2, 0x3ff, 0x4000000000000000, 0x67af, 0x6, 0x800, 0x3, 0x4, 0x18, 0x81000, 0x9, 0x3, 0x8, 0x4, 0xfffffffffffff001, 0x400, 0xfffffffffffffff7, 0x3f, 0x9, 0x3421, 0x4, 0x6, 0x5, 0x6, 0x490, 0x80800000000000, 0x7ff, 0xffffffffffffff80, 0x4, 0xec29, 0x7, 0x5, 0x5, 0x7, 0x8, 0x4, 0x4, 0x100000000, 0x6, 0x7ff, 0x20, 0xf4, 0x1, 0x0, 0x7, 0x3, 0x10000, 0x6, 0xffffffff, 0x6, 0x40, 0x9, 0x0, 0x3eabb671, 0xffffffffffffff00, 0x3], {0x77359400}})
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r3, 0xc0045520, &(0x7f0000000540)=0x2)
r4 = accept(r0, 0x0, &(0x7f0000000580))
sendto$packet(r4, &(0x7f0000000600), 0x0, 0x0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}, 0x14)

[   75.027878] binder: 7060:7074 Acquire 1 refcount change on invalid ref 0 ret -22
2018/03/31 16:36:44 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(0xffffffffffffffff, r0, 0x2, 0x4)

2018/03/31 16:36:44 executing program 3:
r0 = socket$inet(0x2, 0x5, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="8860009d917ed1dd73c91ccecc9fb832eab58406856cdd1693615ad3297fe0f8c69f6e56e9adb77edeaf4c695fe135a8d978db01b719c1ac2fdb19dfcf7762f5f217f221859008776821e8472cbb117c7cba647a3739f2ef8bc87e9e51b219695c58dff295bfdb107b1b4310bd9d2d07baeca37cfb75f645cec66a"], 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000100)={0x0, {{0xa, 0x0, 0xb}}, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x108)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000040)={0x1, {{0x2, 0x4e23, @multicast1=0xe0000001}}}, 0x88)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_int(r0, 0x0, 0xce, &(0x7f0000912ffc), 0x4)

[   75.117620] IPVS: stopping master sync thread 7095 ...
[   75.124216] IPVS: sync thread started: state = MASTER, mcast_ifn = gre0, syncid = 0, id = 0
[   75.127609] binder: BINDER_SET_CONTEXT_MGR already set
[   75.177680] binder: 7060:7074 ioctl 40046207 0 returned -16
[   75.188701] IPVS: sync thread started: state = MASTER, mcast_ifn = gre0, syncid = 0, id = 0
[   75.198250] IPVS: stopping master sync thread 7106 ...
[   75.223657] binder: 7060:7074 Acquire 1 refcount change on invalid ref 0 ret -22
[   75.258538] binder: 7060:7098 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
2018/03/31 16:36:44 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x80000001, 0x8000)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000100)={0xb0, 0x5, 0xb200, 0x1f, 0x4, 0x4, 0x1, 0x3f, 0xd, 0x6898e5df, 0x8001, 0x20})
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000400)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x5}, 0x1c)
timerfd_gettime(r0, &(0x7f0000000140))
sendmsg(r1, &(0x7f0000000000)={&(0x7f0000000040)=@in={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x80, &(0x7f0000001440), 0x0, &(0x7f000001ef80)=ANY=[@ANYBLOB="20000000000000000000000000440f450300ef00009700000000000000000000"], 0x20}, 0x0)
mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000)

2018/03/31 16:36:44 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r1, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:44 executing program 3:
r0 = getgid()
lchown(&(0x7f0000000200)='./file0\x00', 0x0, r0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x4, 0x8}, 0x187)
r2 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400)
ioctl$sock_inet_SIOCRTMSG(r2, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x0, 0x4, 0x1, 0x7, 0x8, &(0x7f0000000480)='teql0\x00', 0x8001, 0xc1dd, 0x2})
r3 = open(&(0x7f0000000440)='./file0\x00', 0x14103f, 0x0)
fallocate(r3, 0x0, 0x4b99, 0x5)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8)
sendfile(r4, r4, &(0x7f0000000040), 0x80000001)
fallocate(r3, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r4, 0xc0406400, &(0x7f00000003c0)={0xffffffffffffffff, 0x9, 0xd85, 0x5e, &(0x7f0000000540)=""/94, 0xe3, &(0x7f00000005c0)=""/227, 0xd3, &(0x7f00000006c0)=""/211})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r4, &(0x7f00000000c0)={0xc})
sendfile(r4, r3, 0x0, 0xc08f)
r5 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000140), 0x6)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={<r6=>0x0}, &(0x7f0000000240)=0x29e)
capget(&(0x7f0000000180)={0x0, r6}, &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8})
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4)
r7 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0)
sync()
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0x80045301, &(0x7f0000000800))
getsockopt$IP6T_SO_GET_INFO(r4, 0x29, 0x40, &(0x7f0000000280)={'nat\x00'}, &(0x7f0000000380)=0x54)
lseek(r7, 0x0, 0x0)
r8 = fcntl$getown(r5, 0x9)
capget(&(0x7f0000000080)={0x399f1336, r8}, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x1aef, 0x800, 0x304c, 0x5})
fdatasync(r2)
ioctl$TCSETSW(r3, 0x5403, &(0x7f00000007c0)={0x22, 0x0, 0x6, 0x6, 0x1, 0x100000000, 0x3, 0x4, 0xce, 0xfffffffffffffff9, 0xffffffffffff5921, 0x9})

2018/03/31 16:36:45 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(0xffffffffffffffff, r0, 0x2, 0x4)

2018/03/31 16:36:45 executing program 7:
clone(0x200, &(0x7f00000005c0), &(0x7f0000000640), &(0x7f0000000380), &(0x7f0000000540)="967f4162909ecc571b2419e7fbf302")
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000000)={{{@in=@multicast2=0xe0000002, @in=@multicast1=0xe0000001}}, {{@in6}, 0x0, @in6=@loopback={0x0, 0x1}}}, 0xe8)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="b100485caa2a", @random="43333e128ef5", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @broadcast=0xffffffff}, @igmp={0x0, 0x0, 0x0, @multicast1=0xe0000001}}}}}, &(0x7f00003b5000))
mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000440)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6=@ipv4}}}, &(0x7f00000001c0)=0xe8)
getresuid(&(0x7f0000000200)=<r1=>0x0, &(0x7f00000002c0), &(0x7f0000000300))
setreuid(r0, r1)
execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000578fe8), &(0x7f0000775000))
r2 = syz_open_procfs(0x0, &(0x7f000042cff4)='io\x00')
pread64(r2, &(0x7f00009f3000), 0x352, 0x0)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0)
lseek(r2, 0x0, 0x3)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)="a83c0e5395d5e93d7d001398af3eae10923f14ac4f59ccadca7a1e6ae34616ecde42cdcd68c73bfd7c408f5c1b5b6ecddd532de8e360ed7e742c998af5f3602aafb638d2ef046d9f57d088813054e50ae6df4fc8f6ee505d2dd34545632befe547d02f0c11e6733393e297991414a02671e50dd331ce5cd43f656fa3972500d05e481c6fedeebef1f22115f0aecfb3de93eca2e3410709e907bdb02e3f7d6000e83050be31fc7b228dea93639950d0f4c548633f85a5adc2", 0xb8}, {&(0x7f0000000680)="0bcef7241206b24273d58d6cf79e582992ae2a88700d64315acb026220d5e493e10481e279fffc005269db6569a3fcfd36360afa22fbec05c55f2c5b58215208fedfa34bd2290234b95ec3d53e34f92891123a40731af36b2d982764d2157b67843660f9105abb43037ba32f53f988db25d9a0dcd6e613a34af0c39afe9132ed4946bc73b890fe7650dff05e08aa3b39fda8cd3cb640c4e7cb6d9c053e62351329ea87bc24be86924c5721f5147ed4a71c13a16482b834ac674bf2a9a70d6a4e2cd93ca470537287ca2f1467ebcc778f7d5f4585ed8d83f743d810a1d87c09b16d74d6700bc24ae4e332cb23fcfda8ce2d63bebdb62fa356879b05362b59dfde2267e879ceed66f18b4f53764e34cf0e1ea33e52b6c608b775ff4bee9cc877408132dc8146586bd9ac018b34aab4417b3e6973e3ab7bce9cde342959c60b7845c95919994d5768cc5b197363b0c5948c6bb77b5ef40e3855ca8e4800533e4792d7d0c14bd3b22e9fba8764d42e4d33e64bcb4d4dd7532789abcbb7a0ab9389e5f780476dba2a13fc86aade410e2b2bbde23da6e7236ec9d065554c90b6d833bd6a528dd722968f8cdebabef93212a77b7654d96d04f5ee92a332cb5489f6156dbb30b3c7d567c607de35a8c7e80c7c0ee551d90d02b870e275b9ed065a0de1673e4d132319d92f66394be2f9a8962c37f1ead5d7583c120916dfaeeeb0e6900b687e34b383ff93e3dc2c48c8c96daf2dfbbe76bcf0dfd9094ee8f75efb70945cc8549b91eb19b676b3b7e163f4c0251007fb0a390304e2d78e03106aa8fd33532ddf9b015d5a540af871a5f198c1285dad5ef05db3bd77f703154230663d6ba05b62dc8d64a751ab2b57fa3f9eac68da400258315938e4886bbce985aa13e015eaccadc64dd4547af387302044a790bf1b017a6a69a72fd95bb20637626133299d8688791125a3822f282a8ac4af01c4cfa49300f21601bd24061e900eae792cb2d74eeac8bf38f10e46621e4d11d23a465c0d8aade90a10f8a1cfa6581bf9c554a1c5919d012fc1c16517f6b09646df0f0b8aca64ddc1fbd4d550215cdea9562178a7fa96dfce5e6038d5c26c848dad1e09e2b66cb8abfa2fcfd6efd633bbdc063863e7106367a3386350e32a730011bb0dd9881f6e11f94fc458badffd719285de6b16fb4ee8c60a59260c6750cb60b7ec9d523101b1dba5fda8d04b77a04bc495d7bf4b19af0247578b9165354c8a4399b592546d5ec6ab7646970715ece90c1d839e8ac511918af7f19439eb8f1f7e5eb058421b7032af1ce0f72bbced5918349bc8c1d1748bf3cf16b6fcf7ee9fe119e47d884a7b6d1077297ec90c41d99491f066b321b6bc4489da4ddd4295c5f7ff24263df049e4bdc5e70db2d6f6c9ba8ec9c8b4c1e691bad7e3ded183d9db02fb89e90067d294170df5cdcfe353b0319de3ac60f36a9fb692cf8333045a20abfae6abef847272912c8c5eb882f249ded2d0b71d32c08930d796bffb5241a02ee04566a08145dd5c2669aaf00cda3e5fcf31f2624ed54a4531bd01500c35637d5bb6c4520d57ffa5b848d7f3f85c33deeb9f2051c4e58d08eec6713dfba59b0a3b52c89e2423feeb3fb68702f99114dedf2ba0ab0ae3127e8cd93b572d26f4e5175787a26c9d9f959b619a926c3fbdfe195f0db3962668a4540d78b8531a9ab808914e8639c977a036007cf468974902bda64824daf5a6c50bb6c72a31e682dbedc2499e97aa21792e0e8561be578092a4c572fb926a3c6beee52bb5429511ca35f9336fe49a4244c00e453f05ad77618b759a0fa3e901bd4198ba7cd0a82355c49ed5c362b18fa6d422de32ad300cf8fae5ae6b287680b9f34bd96f8bbc39a5eb5d7da12842b82bff7eeedaf4189642f372e367cf430642731c1a4036ebea4ae99995d0234aaa1f96531adffa6356db25564ca3216cb8377b7ab55c81a57b3dc0a20bd8fdbf145cdedd9ca4f9d7abd36d22632b06c75b623b23e1fa030b4d22b8674a0fbc0433d6d646b939c9c0acd3502e52d58b32a7f9bca7c9eb5dccf6a99c6c900f6472cb664c2459f0589edf3090c7dd67353b11cf2cc765b140f2dae3b74ffab583a0a11d0ca3bedd171bf2a05e8c4d0fb02934186ac34770f1ddd5de42fd088e6bc419584ce511e7a29cae4665febb04e36f8d115a770b3d2da48e904508fde48a11fa78e6c062c6bea93db4452b51f7791ef51880220020c772280c1c20239eb40d3345a001fdb0655477c86fb3123e87b9fd900edd5072b4d01b91cbdd724a3a635a143841ebfd94e71c882d96fa893bc2003cef19861e391a0e51c1d046d11594fde5c4d933374fcb834e0d78c03e9887efecf39dd9efe699058b19d3c2e570e32482cbe613edd5416b1c54abca99e506496494d797c66e2c3e08891481602d8bd85f41939bc24891abe149bcbd55f4f27aba2dbe625496f4a81a835866018b34265086b3ca5f4355d0ba0e58fb0599951e2df647fbec040b000af7e62eb9ac4fbecf7a0555b4b0aedcef3e50b09eb4d4696e66c49e64013d54b6d8b384f4ce5b10c311d66b73d477a64b378e2dd7da31d6062faeea93ac40852a778fcae9a19b9723260683be784704cdd28e1bb509f079212bcbb74046771eadc1a223f6d9c9fdbe9f531d551f2b31a60666ec16343b219cadf2bdbca6b83ce02603595c3aca68d55fcd4c344f46120837703b6f47964df0309d48bef488706fab8a19e88051b2ee6ae178ce077cdcf9fdfc3b91287726989ee5274ad8c08b54b6ea7bede49026dfb8aeb79129c508635fd6b8a2cde6c353d9f6f01c67c3ce6c845595bb14084f5998ca625b2b41c8163ce6836dc9e796627367aecd6b917789225968b80acc6cf574b081c5acb1df51384abcbaec53487a7743f0b381a658785bce5f1510803bb692bfb5f703e16de47eb51bb92fdf2a3c8b7788ac66af5a5e9b3243b1787b4ee2a9ee8c01af9fe0e4b6c49e7a12d5b302e76e76749c4d2547cada1d877a2348c5063cb35addf4bd83ab7ca7066667db5836ab904bf9adbb77af044a77272fb4085c0fb87b66e36d810b78fad37a30e3e9f75fee13a677522f295a0fef7c7bdbedf22d4eae126b50e023bdc9a1a17ee2c0ccba542c9e220ea7d6704775f5838b5ed98ae3bc31f548b9eab073b6b0e5cc15f93ecdf0ac3816ca33a6a7ce36cacb872c0d2d3fe7eb12dce444932e4203f442f671b949f531cde1eaffcbf450ed6961498754830fd6adcb34ecf24ebf533100cc0b76f0f1eaba6866b9abe945c5b3890e120639442c88a235192453088b3a6974f5134bebacfbf13de5b6a6ee5530b0ef56d6cc01376969b69737dd4797a9452aa4da910db0a9d8cae57e4bc9d1a52e073c222722793d63977b78d15ce491ae8aa5a1b59731ab96372f707661762bec2ea11e65c2a0f9f305dddc25a9fd35e4b747a365bceb0de411d5619c6e12540aef7a1e665aab4524be450f18e0f69c07b9a96e94263019118347b4a26a9f3c8114ea107358d0c9150ec2867bb1171f385197468a756ed56ebd440dae8119ba2ce345721c37bf404e3a6f15ef6484bbfb2475cb21c8585bbd66fe2c147ff4f25f246f40c1c6d12acade2590f46b7685084770d12d439b2a64b6b0d9d7dee533e9af839da0b5fa4d1a3f1e5c78cf08188c80ff2f6efc13980cf7cad4385c58e4d233d7513f8db3c338d7c052808d84b7a3189e24415d79c08bc21f4f41a9b38d1df6ab698643ec01e122869f6b9e114b1c72f8efa4cd7bf19832f7918951989a246d409ca59605162a4b52e99f558cb2b663b74e85141dfe9525498e55a0f8e0ded2434952049dcfc4a9af4f747222143b7966efbbb480f20ffedbcd8a3b29bba3436d034b89e4b4c48e2a4d1a0946f7722ca5350a211447791a593aaeaa651f7c470a13ac6de2efe1e6b71788df6403b28cd159199489ee6aa8495e926a3f71ad297324dd8d19397f7b2f9fce9261b5bf1a789bdfe4d579013b259b8677f6d55f922b2d03228c5415152a6689bcabfb2d287c7449d8ccc481c0e7ed93429a8f459aad3e175a0fef7d508bf8173b519ada44ec2146705a95ad37a3b5a26ef7e6002b6c2133170b45f477b56e0e95dbb459296d9b5b71fe55679bcd70e530529b5a2f783134d0561d26b2564a9a148b010f19818b875292f6530f02f9d7f5853da20d39834fbc7e87b52c5c26d5ed4a3d0a83add55702ad759aa927fa194517501b779b8e1234f1e48a8b77ad296ecdd84548e5239b7c357aebf4fea0af90343226144b0af8aa1a074c56f67ee3abdf4ad6c4ea6fcf987bc600b74854859a346ff32dab37b4c5d9aeadafb8623f8807472b5797074b0ea72bbcc62fd20a6ecfe3c9a92aebf4afadea87c3c1a04c9d972f27f6d9b5a271f8fa115a22d8e8a277d8de739a99ab08191afff0d6d75117fe96b4bb65cf0770b5cc567b7d9f780b2eb1bf4984ade7179b2573d2c8972119f3ff2e71fd9a65ce426ffba4508c4df3c9c463ddc60d5156be189486f74540ee49df1b595fe62e47696215f1868fa7f2f95e35e76ac0193b15cace146182865bac295540317be1c87c0949d57b9ed0897a6734b6ed341843048f97214993992a9134c314673f5b8d258a17811d01fec209f14685e48bbaa0935fc63edd9ef63c42eb96de62d01f15a9b02c95e54b1fdb8bbe1d1a0e3d736c683f70b007bcc6a7ae6fe85a1c66ec34b7e9ad897d429e6843ab8b985ae29130c36bb9e7144adc506542106fde350d08f62704e0fd6f4bb2bd1476310986238461dae1c971aab84da52964afccb42e35f783c3494e68419188abbf27e0435d20a93548861a4b32dac1edcb37e56392bc919c61986e4f0f17ef5392599f01bcf1235884250bda48f8eff6ece0520fe61e1a3fd87c738a88db7e8e79c99877403d37e6b3a0ea9dcbf88dd4a22108b13174d1c20271ca04f07e42ad55c2626593ec0e7181ff438933ab3dd491a15248a516996c2a65922fc3ebc6eb643b469b10b2ab4c3c6dccb8168ac4180bc7116cdd4c97e76ec837b5937c79e5f9d062b28c9d9c5fdc89bcbb3969199642caef654021e102e998ab2001ddf8cae784e82f9add1942752536a7b06b4089f370bbf55fc6aaaf60b788c3da11838c575b7ad6df2810437efa5fe11b2bfd93d861a0d91e9e4b6292291df744ecbc99570fe7817907e4a4337bab8ef149d8b403562f2c52044b66fc775925b901be8b96f623d9123fa718602339baeda747164a6c0f4172b5ec34b2a7fef37dc0d0cd6a877afe18ff381a30af53c5a18671334ade989fe7f60a8e61304063a9f9a94c1d26cff0c8cc9a4495cb09eb1ee47e701e525cc734d65c0915d28b907dfc70a1b158afa39e642e2ef322aad21d0ccae144c32274e27a14c13ec3fc73aa0fe8f9ff75882ba8f31665fcd04abe113fa6cf252b4b437b09a7e63457278c44b3d14d4c2fff08a944b07924332b454b9212bbde4ec444bdc06830c392263569b95d860ed8fb7596f32570ee3e567eff1dfd196aba2c99ec89d83cd963467ebca7e91aaee79f144586debc1399e5e39ff35ca5f37476d3b631f1912eb1bd4af635f4634c5d38c15c1570044d10c135751f44cefa752b30e20967abf95e93846daabbbe4753f232c6d48fcdfe2452b64123ea357d363ca8330f83fb637f1795562a32315b2b22f6c0912c52147c7c723d6be67583038a61ad5a69fbdd031a18030d3711c9be5319b9572fe02e21acd4896cf35d82046895c1b9a407aa67ad33ae9b9b44aadd3a63b21a60c8", 0x1000}], 0x2, &(0x7f00000003c0)=[{0x58, 0x113, 0x2, "64b8b5b017b3b7770f0d09de2ede35878a5774fa0bf728ca6ea13674fcf67d6ba7dd9da15472c91e16be07bf4a23817dd9ffc6cea68ce1882c1529955a3a5de5fc028095fa"}], 0x58, 0x24004001}, 0x90)
open$dir(&(0x7f0000296ff8)='./file0\x00', 0x27e, 0x0)

2018/03/31 16:36:45 executing program 2:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000f59000), 0x4)
sendto$inet(r0, &(0x7f0000fd0000), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10)
sendto$inet(r0, &(0x7f0000000140)="acbb915d6846975d5d248d4c727115f29ae03c05a1540f53036c3cc3396fab70b8f72443207b3bc9d2b76a2124327a8dc22115702dfd81d9c5daf3734095c968bb4c931a63cd94bbfe810cf243bdd2976b73d5c0d300e011c378c17bde5460ef55a7bcfe93f760a0a1928b8c0954a22b092351d191d71a236ce3666aa7ed8790364a", 0x82, 0x4000014, 0x0, 0x1f1)
sendto$inet(r0, &(0x7f0000000000)="c3056ac69b7d566106394ff9de0bd73845fa99d9fc254a0af3ac7012a9384acea85ab6", 0x23, 0x81, &(0x7f0000e66000)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
getpeername(r0, &(0x7f0000000200)=@pppol2tp={0x0, 0x0, {0x0, <r1=>0xffffffffffffffff, {0x0, 0x0, @remote}}}, &(0x7f0000000040)=0x80)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f00000000c0)={<r2=>0x0, 0x1}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f00000002c0)={r2, 0x800}, &(0x7f0000000300)=0x8)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10)
sendto$inet(r3, &(0x7f0000000080), 0xfffffffffffffd90, 0x20020003, &(0x7f0000385ff0)={0x2, 0x20000000004e21, @loopback=0x7f000001}, 0x10)
sendto$inet(r0, &(0x7f0000000080)="d1", 0x1, 0x0, &(0x7f0000000100)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)

2018/03/31 16:36:45 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:45 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x5000000000020a42, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x20000, 0x0)
r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0)
ftruncate(r1, 0x40007)
sendfile(r0, r1, &(0x7f000064d000)=0x5, 0xfffffffd)

2018/03/31 16:36:45 executing program 4:
r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xd38, 0x0)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000000080)=""/165)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)={0x1, 0x2, 0x2, 0x5}, 0x2c)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000140)=<r1=>0x0)
get_robust_list(r1, &(0x7f00000002c0)=&(0x7f0000000280)={&(0x7f00000001c0)={&(0x7f0000000180)}, 0x0, &(0x7f0000000240)={&(0x7f0000000200)}}, &(0x7f0000000300)=0x18)
prctl$getreaper(0x9, &(0x7f0000000000))
bpf$MAP_CREATE(0x4, &(0x7f0000000880)={0x13, 0x0, 0x1, 0x0, 0x0, 0x0}, 0x2c)

2018/03/31 16:36:45 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, 0xffffffffffffffff, 0x2, 0x4)

2018/03/31 16:36:45 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:45 executing program 3:
prctl$seccomp(0x16, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0xfd, 0x7fffffff, 0x7f, 0x200}, {0x9, 0x300000, 0x2, 0x9c0d}, {0x2, 0x9, 0xeb1, 0x7}]})
prctl$seccomp(0x21, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000ab9000)})

2018/03/31 16:36:45 executing program 4:
unshare(0x20000400)
clone(0x0, &(0x7f0000000140), &(0x7f00000003c0), &(0x7f0000000180), &(0x7f0000000400))
prctl$intptr(0x24, 0x6)
socketpair(0x10, 0x804, 0x75, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x2, <r1=>0x0, 0x1, 0x5})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000080)={0x81, r1, 0x10001, 0x9})

2018/03/31 16:36:54 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:54 executing program 3:
socketpair$inet(0x1e, 0x4, 0x0, &(0x7f0000f23ff8)={<r0=>0x0})
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = memfd_create(&(0x7f0000000040)='.\x00', 0x3)
ioctl$KVM_DEASSIGN_DEV_IRQ(r2, 0x4040ae75, &(0x7f0000000080)={0x1, 0x0, 0xdcb, 0x600})
fcntl$getownex(r1, 0x10, &(0x7f00000000c0)={0x0, <r3=>0x0})
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x7456, 0x9, 0x10001, 0x0, 0x5, 0x200, 0x8, 0x100000001, 0x81, 0xde28, 0x9, 0xff, 0xfffffffffffffffe, 0x9, 0xffffffffffffffc1, 0x400, 0xfffffffffffffffa, 0xfffffffffffff95a, 0x100, 0x7fff, 0x3ff, 0xd4, 0x2, 0x9, 0x6, 0x3, 0x8001, 0xffffffff, 0x5, 0xfd6, 0x9a97, 0x0, 0x3, 0x5, 0xfff, 0x0, 0x8893, 0x2, @perf_config_ext={0x4, 0x6}, 0x10000, 0x7f, 0xffffffffffffff32, 0x3, 0x9, 0x8, 0x2}, r3, 0x2, r2, 0x8)
perf_event_open(&(0x7f0000348f88)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000001780)=ANY=[], &(0x7f0000001480))
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(0xffffffffffffffff, &(0x7f0000000580)=""/123, 0x7b)
sendmsg$key(r0, &(0x7f0000f22000)={0x0, 0x0, &(0x7f0000f22000)={&(0x7f00001d7000)=ANY=[@ANYBLOB="1e0e1f00010000000000000400000000"], 0xfffffffffffffef2}, 0x1}, 0x0)
ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000100)={"0c96c7b31e4a9f8c3312c35ca6932eb152560d8e009088e4721c100dd912a334eb318a551bdb227e3618322504cf65cb134dfad9896f75479b4ff4dfbcf4aef400f8bfc8724d1c4bbd35981bc3e592c82f463704fc158e3619c74106a40b53f27c21abaa75979f059273984efe37ae04aa5f191eacb802c109d226c452028a7227ce34471a1a3f1205a71ecadfb439dbe41daceeebafae050182803fecc7d1e1bbdffb263dc512733b91de57e1cb6d4866cb7182c90fe804f6c5480a1fae4ac4fcdfe575d2ea398b1e1d66200c8d13857ad81bebf28710450698857aead8c07f67db3791b2d2fa16928bfdc5c4c90d6aca375b99e6a0d98b70cb3f39ea4549c0e9021525b1a4aa02642e4444395c490deff292212c816f2e10164c71bebf545ee76e4a73ac1c113eaee19cda54debaa10f1144f077509eff99b357249b618db2c20439abf1fc189cf3524ecbd158a46a9e4ca7aeeec8f68ecbac584af8fbc10782614f0e8f6907348f129b320dc77a6dbbfd0dc78dcc3a771b9275ca50d12741f60486c697318160f76d5c024257c558997eb054e45e9fe81f8576a7518eb4af35b0e061a74bf1d9718a92f7e0960f5353ddf07ddc908fda989e5c08989aa6ea47f522e4528f12370e4d4832d65f3b42c41c83c84d05ad9cc4d4aebe368f43a32046e9227dfc768b39d14b88491583b9fa37cd292e7d4b33b03f1dd4ad1c5437f41ff3f9d4ed4cb641383699e2f091245b4b3c8176db6269f21bc1d0bec6b05da91975e78ee7e8a1aa7e2df14fda3222f9a8d603cff6504200465991993ff64cfd9212f97dc6194e2074792c264bc588f3e9b95ce6971c3a2ea92b7b13f250b10165ffc6f98e5529a18e09fede27ac135d8fef509e174e7951a01f7545b1fc669e465229a3b04a71904db8799ab59c3a8ff1dd10360d791db0ec4c19f6f14bc551594722a101a95d1db8a1398de457e3f66cb5dd7736810aa0b390360334898b74fe8865147c96214d31ed5b3f469f514a6113ce9c55501c0935129b3561d16311f9649ee38c18b343e29f8e726f6a27c1cc34d4d22c02780eba1037501bf63f99f65e0bef41f187c58e96fea01b64bb0265a1bc08bdf1437c894256472db48e0440c00f6baf668086593cce5ed24b2a35c404676f9f2dee3930f918c90f5999fd313989d5c90de3cefe0c1d5ba7aac083592cf89a5652891960ae6372700cae8b080f6b009199806973ed64d75cff3fa494862b4769bc6540ee00c8bd32859482a8039c6daf56fc5bed7a7454ff520b77e236c97942afe324e77253db27685f3ec89dce0c4ea96c70feb71d719b5bea12f80836ea9890740a750299344eebd945467a44467e6a111c3ce69efe7ea1448982c615314ef3b1b4c2fb3d2c67889655d028aa001eb54889663755f2fab96be2c14d49fc83743738ba8af01c271f9f"})

2018/03/31 16:36:54 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, 0xffffffffffffffff, 0x2, 0x4)

2018/03/31 16:36:54 executing program 4:
epoll_create(0x2)
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000001000)={{}, {0x0, 0x989680}}, &(0x7f0000cf0000))
setns(r0, 0x4000000)

2018/03/31 16:36:54 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:54 executing program 7:
r0 = socket$packet(0x11, 0x3, 0x300)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000300)='/dev/cuse\x00', 0x40, 0x0)
syz_open_dev$vcsn(&(0x7f0000000500)='/dev/vcs#\x00', 0x9, 0x501000)
r1 = syz_open_dev$vcsn(&(0x7f0000000540)='/dev/vcs#\x00', 0x100000000, 0x400200)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000580)={"6272696467653800007000000000f000", 0x4000000000001005})
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'bridge0\x00'})
socketpair(0x0, 0x3, 0x40, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={'bridge8\x00', {0x2, 0x0, @dev={0xac, 0x14, 0x14}}})
syz_open_dev$urandom(&(0x7f00000000c0)='/dev/urandom\x00', 0x0, 0x2000)
r4 = epoll_create1(0x80000)
r5 = syz_open_dev$usbmon(&(0x7f0000000340)='/dev/usbmon#\x00', 0x6, 0x4000)
ioctl$LOOP_SET_FD(r5, 0x4c00, r0)
fchown(r4, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r5, 0xc0105303, &(0x7f00000002c0)={0x2, 0x8})
r6 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0x0)
unshare(0x20000000)
clone(0x0, &(0x7f0000000040), &(0x7f0000000080), &(0x7f0000000000), &(0x7f0000000100))
wait4(0x0, 0x0, 0x40000000, &(0x7f0000000380))
add_key$user(&(0x7f0000688000)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f0000000200)="b33ab76079ebe0d14f729cd653e520d29ad7ef0000000000000044c249b544230b9387fb8bd6ed056ccf59ef70995bf2e8e0ecd3fff32853747eda22d2818d08cade2389365666bbb7a0e6b9485f2d925493f62113e33e5f853b5fa638e3fc6b7f5b07e5849d2e875b066cd6401d36616fe0f3c3002801b4627ee7597689525e8e81f750a86eb580fb4690ea52246bd3d32b1a91f944edb74b1f50ae08c5387ed8fd0598b600579f3af3f864e1c324f6928f6672f98f7e149bd61bd78b506e8bc5", 0xc1, r6)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000400)=ANY=[@ANYRES32=0x0, @ANYBLOB="3e0000009587f813b066c7951b80971204b6cdb9f2b4d0db64cf1db38d0410ea6668bb650a804d6752bc920708000000e8d32862c129b65cb3082915962b131979b7"], &(0x7f0000000180)=0x46)
syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x6, 0x101c81)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f0000001980)={{}, 'port1\x00', 0x0, 0x20010, 0x1f, 0x0, 0x3, 0x40, 0x0, 0x0, 0x4, 0x6d1})
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r3, 0x6, 0x3d, &(0x7f0000000480)=""/90, &(0x7f00000001c0)=0x5a)

2018/03/31 16:36:54 executing program 1:
truncate(&(0x7f0000000200)='./file0\x00', 0x8)
r0 = syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000400)='/dev/rtc\x00', 0x202001, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000680)={0x5, 0x3})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f00000004c0)={0x7, 0x0, 0x200000000005, "717565756530000000000000000000000000000000000000000040000000000000000000000000f3ffffffffffffff0000000016000000003c00000000000100", 0x1})
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = syz_open_dev$vcsa(&(0x7f00000002c0)='/dev/vcsa#\x00', 0xfffffffffffffffd, 0x2000)
setns(r2, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer\x00', 0x0, 0x0)
sendto$ipx(r3, &(0x7f0000000300)="62ab46350b508045808b35f60f3ab807f050a308f4a59f24c3cf2311d0967b5ab6ecf688830952fd1881851c008e3ac13f0728c4fdf3fc94dc08e5b41a09c0977defb5a812e59127c480347859f1c6e19600693dcf", 0x55, 0x20040000, 0x0, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000000), 0xfffffffffffffddc)
setxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=@known='trusted.syz\x00', &(0x7f0000000100)='/vmnet0\x00', 0x11f, 0x0)
unlink(&(0x7f0000000580)='./file0\x00')
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000b40)={'IDLETIMER\x00'}, &(0x7f0000000b80)=0x1e)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000240)={0x2}, 0x18)
r4 = inotify_add_watch(r3, &(0x7f0000000380)='./file0\x00', 0x800)
inotify_rm_watch(r2, r4)
lsetxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@known='trusted.syz\x00', &(0x7f0000000440)='/dev/sequencer\x00', 0xf, 0x0)
accept$alg(r3, 0x0, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000003800)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040)={0x0, <r6=>0x0, 0x80000000})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(0xffffffffffffffff, 0xc058534b, &(0x7f00000005c0)={0x29, 0x3, 0x0, 0x20, 0xad1c, 0x3ff})
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000640)={0x1f, {0x0, 0x2, 0x8, 0x400, 0x0, 0x9}, 0x7fffffff}, 0xa)
syz_open_dev$vcsa(&(0x7f00000003c0)='/dev/vcsa#\x00', 0xff00000000000000, 0x400000)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0)={r6, 0x80000})
r7 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_ADD(r5, 0x4c81, r7)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c80, r7)
setsockopt$llc_int(r2, 0x10c, 0x7, &(0x7f0000000180)=0x8, 0x4)

2018/03/31 16:36:54 executing program 2:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f0000000040)=0x1c, 0x4)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc)
listen(r1, 0x0)
ioctl(r0, 0xa46b, &(0x7f0000000080)="bb6e91f5467d36ba5bef6232c92e0d69e7b41cff07fb2296774b3ae48df2b729d0e4dd01f03a53a94f4aac8d035e0ae0073bb9a7c1e77752b8da406dbb4f202a82696022877bf27186083333ff9ef9f0083775de127aca036889eb8467fe5ddf8166e9409faf56f2727b29")
connect$unix(r0, &(0x7f0000932000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc)
accept4$unix(r1, &(0x7f0000fd5ff8)=@abs, &(0x7f00007bdffc)=0x8, 0x0)

2018/03/31 16:36:54 executing program 4:
r0 = add_key(&(0x7f0000000080)='id_legacy\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f0000000140)="fb", 0x1, 0xfffffffffffffffb)
socket$can_bcm(0x1d, 0x2, 0x2)
keyctl$invalidate(0x15, r0)
keyctl$chown(0x4, r0, 0x0, 0x0)

2018/03/31 16:36:54 executing program 2:
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f0000000200)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f80100", 0xfffffe58}], 0x112, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000000380)='./file0/"ile0\x00', 0x4001, 0xfffffffffffffffc)
syz_mount_image$xfs(&(0x7f0000000480)='xfs\x00', &(0x7f0000000600)='./file2\x00', 0xfffffffffffffc05, 0x0, &(0x7f0000000400), 0x2003c, &(0x7f0000000680)={'\x00', {[{@quota='quota', 0x2c}, {@swidth={'swidth', 0x3d, [0x33, 0x32, 0x0, 0x31, 0x0]}, 0x2c}, {@rtdev={'rtdev', 0x3d, './file0\x00'}, 0x2c}]}})
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e666174", 0xb}], 0x0, &(0x7f0000000240)=ANY=[])
vmsplice(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000140)}], 0x3da, 0x7)
ftruncate(r0, 0xfffffffffffeffff)
syz_mount_image$minix(&(0x7f0000000140)='minix\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x3ff, 0x1, &(0x7f0000000a40)=[{&(0x7f0000000540)="3cd68f3af3ecaa2fd97f359de92ed4c69dfae23c7f60e5fa133e0b6e833158f5b6f498d54e82527dcb03f966dbf4d047a7a252dd21e52d48e06f0834544bdc04c9b9001748", 0x45, 0x2}], 0x140000, 0x0)
fsync(r0)
syz_mount_image$reiserfs(&(0x7f0000000b00)='reiserfs\x00', &(0x7f0000000b40)='./file0/"ile0/file0\x00', 0x5, 0x0, &(0x7f0000001300), 0x64043, &(0x7f0000000200)=ANY=[])
mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f00000003c0)={{0xffffffff, 0x40}, {0x8, 0x5}, 0x9, 0x5, 0x3})
umount2(&(0x7f0000000180)='./file0\x00', 0x0)
pread64(r0, &(0x7f0000000b80)=""/4096, 0x1000, 0x0)
fdatasync(0xffffffffffffffff)
symlinkat(&(0x7f0000000280)='./file0\x00', 0xffffffffffffffff, &(0x7f00000002c0)='./file0/file0\x00')
close(0xffffffffffffffff)
open(&(0x7f00000000c0)='./file0/"ile0\x00', 0x0, 0x10)
mkdir(&(0x7f0000000300)='./file0/"ile0\x00', 0x20)

2018/03/31 16:36:54 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, 0xffffffffffffffff, 0x2, 0x4)

2018/03/31 16:36:54 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:54 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001e00)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x25ffe19, 0x141200)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r2, 0x2, 0x8, r3})
sendmsg$kcm(r2, &(0x7f0000001600)={&(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x4e20}, 0x0, 0x2, 0x3, 0x2}}, 0x80, &(0x7f00000013c0)=[{&(0x7f0000000140)="6ffe0b057083cb507fa4bb71369d7ccef2a318d7800de6490bdec6f8209447a3623b0fd4b78cae13e8fb0e38fdd0b444a6d45614bf93e014259fcd47ea1910020e41af78c6958a0580abb3f65ee225f8ceb2bfcac339ea2e0cc2af74aa95060704ce0a213881ba72c64751bb33b588de8837b96d7f849a48957767d560b8f7d196cf87dd8c384f54ffc9f2ac13b0367264db5773d05c34c22756f5f44c031cf23a4af58a6014f5494aec394f63b8a04561c56f288f9cf0fff8d93753f7104e9180e2ab032dd77cdc66c74707d422a3cba9bf5258e3ee8c86fcc3743af39803ae4c34f982a998cf51569f911ea4f2dda837ed2a105ae3596405567f024f082ff2230092d47e8d5f769751987fd512a63ce128e92c151e816dbc31af6242a34b5d62162cc67595bd05297f40f2a835f8574be629ee8cfd961cc8007fb0cb621361289e0a3e57cf9b07d316573a28f82b4120f61e8ccb881d0d6fa5fd91a27bd6af519d73c87a226be4d919d3214924130233b2750fa73f4811b6fe8884a86e9770b7b704cd41dbc75a163b1e8e111ba15e1248201442d77320c93f0d38cf14b0c6bbfc103dd71c77b3ca673e3fe8ddde4a7d4159c681f1fccf9099c406b5097f60d5a8a12ee0b8d82b9f73b4b0beffcfd044129956b2e7b0e259663eeca115e16cc1494d0b76bebf425eb89019a5162fb80a18f715297313820df175eb5bb2ebbaee672e9c42d6a368e18b72d98a199bd6eeed6ad5b9a55e454e199cbd031e4f6944b03d59a87e93ec7eafba9b9a434a65c056b0cbc89376506516784e3868d88792fd65aafa4cbbd83286963859092d2ec45be189bd9ae4b1cd44f4a57e56f89a402bfb8e1097d89db22b17332f1e4ac8536974f4d5616c77c3a012f4b691c7753d42862c9b5653300cc53685545cb23d440dccc36121efedf9e48308a7221daf9fc2c1e6a9cdddf3cb7d366b1af50c7e787bc6d377c24a847579dbe8d4eee4e319876392473b63c217e154f7bc3ee808978f1621b27b006da207481469b5d165a0cbf0268f013bb0ab4b13529cd887464718bc1e67aa81e69954acdd1cc208690200a358291fbc5e6e4640d8a4fbf84d805d8fbe3933d59c4219de6ae9d8ab1bb99af097ac3681c50d962171dfa6e9f8299708214835058faff3eaae349df1969abad8596397e4cceff7341d4015111075bd0dc08e53b0c12eb188e54189fc512f563060171c117c0366c4cab82592dac3295710ad910494ce618d59d67b7baddf8030ea89936695f60492ba29aee8135c6731132932731b318c7502e768bddadc4f4c2493fd28c303501eac00d3633ea6bd4e8c6ec7da4c99c80ed8e6f1a55e1bec4341f6e2a7239e499b250de7f018958e960ad28f4d1ac19f65fd6653af9fbf9c5c57fd7ad517a9c0955a2f0a13e3aec0e033fe022204f0b884e3664d9e42435856943adf5e4b4dd89394bafa0c85ab5cc6254926ef4df7324df6e2235ccdf6218b7076125e750ff6c99c6ab9a9ef2e52f0a27f5d18db2c4b82c286c012aa4176a27ee007776348400c90c46456fcaf92d002cd7719f2bd65e290d02cd0ff77a45a509632bc914ca18a12ffdc60eb3e992cea0576625f959f23c7e8078fd78a0083008f407d834489fd279d21e03c038f4bf87d00e3ccab6f53ca2301367b10c1122b5fe40aa5a1c7c5cf0b15968236bdd809be77aff608f8f69d02f96da36aa14c5e2446648d78b0fc3df631b9f8c890e119a2625a6bc4b03d51b6d45c2d5a1cba316125c05adff724ba591891f3ad8c60bd79ed67cefb2cc93c7c4dbab3a56fa68900dbf6ee8126249fd872cb17bd0a2bcd568563d3c529c068829fdd250d0eef0e61ade9062f4c290935ca2bf35c0c433deb777f017d580a32523b1e49bb1f797fa4ba0ec4273f9e1f9a0d075ac3fe95092961ed11b7f41d2852cdce58fc52eafa2189d58739fe3d868cc87a505c076294836ccefeaa2b0b73ebaaf819852e30d820863b70f5b610026ed1ffb86e9322cb3594d02d762f3731c58eb77bf7dbe9af9062ccd3c3e08c94e03411ab381e81a07f10a539562aad06590866c5d8661def26cff4b25ccdc3aec295d431cdc1b2faf028db32ee050ad3b972de9879f87a6aac09f8506f566b66009ee8b8948c2fe364d440f1e655fa0c2317f36d43f9b0f3baa2b06b1f19d8ca10e08c6070f4fc1550db288fb790fe0a907dd1e704014b21b0fea8011c614fcd5073b773b4a319c19daec7aaa594498f5de469eb90b96440b8c18e29c212b23a3d661fcd099b527782c6bfff7dab23046c39504ab21a92cfe987ad3be94b89d7235e5379b5c378342010d6ccba87f51faae8967072e877d8a6e2e2ddf474c7762d949a276c76d0b036396267bc787997c3817c412f111102d3acf8186d82bffc961b8a670dc7ddb626a9558a38a6715cc1b034884f936e18d23ba2f2dae03dace3b9f3a45f05502366882f89517f94abb6516c5f3251c1423b6dab20bbec2da7f499afe128c5f1f86b90d5a4c0c3208e68361af97aa6b88fc86e79e2b9ab240522ba99292b1b036e6b6998b86315b6dbc47e84f602bc53205cb568a040b3cef53c49769977e51aee840a696cb259b305a2ada0118f6ed57ae65e08a7a2ca4fa3a8eed81677f176de2d1f8f89558c4f2f88f719c53db025535378b44125a14afb7738500e55dde7e9544c5b7364aab40b7600846088a4d1d9e10a160519e3912ae9d6dcf37db526634f26e45f36fea61ab14bde5546e6f6756a45fd89a75a9814a4cadb403fc41a3a63c0bdb00d8bab11ca647487baf7c2fe40fc318f89752dfd253b01918fb127f284a03a4c1de6542857dbd379d390de71aaa1f925406281037db50adbf2541cf6d60b9b224ff31ef336ac15a6bc1175815b376399854c5701c379e25217fc4737a06ea7d00d66b27d0e88807290490b293e5f1cf48526c4797099af52b8b4b7434937e757a64a8687681ae2f092f150c6f77c5bd9c31dc0b3a48b65359dbf52394f274feffc9cd772ba9c5b1b1028e53180de8baea32e565f1014588ab939c5752f7b086bd224acda78481f540fa0ff98e7fd4e77d4b378047f2d743804a2656f87a9b4bc9a6273ee0f53c26cace2f6de24dd4fa671e939e480d019e8f1985e783b2a447b34ca5e054df5158d5ad29404c210fca7fc9662ce701dde294b322ce20f17c9eb167f95d8e5bbac7379078acdd5667e2ec1e55c81bdf10340efa44014aa0c09b59dbaf94584faf739ec0456f0a3cf2408a50ff0b40ec013226e9ac89b2bb0c29b3ff6a918b2f70232e686141973426182b14a129537012ddf77e16c71b26de96e731ad27acbddf8e1a379f6f2b0f457a344d3f27b2117fb0ab583eabb57cc211b9ce3ab28eabe84e0dc554f1ba8c90a089a20a1f92c54c587371397519b1897efc45a091bdd940a5a470c5a212b971c481fa01ae824efe1963a2a8f84a3516a00d188b91ab11f3f04a7da1d4ccd90505687ea051cdce7693a5e23c024feb467a532c018c1dc9a95569816ecb1f0f06c691c7fc6d53d9d036b6b42bbe9501d836051b0a2d9cff57e66cd1c0b0ded261de2cfa7a97faec1ae2a29a06bdaf4b9c5b42d68000ecd9c464927e519ab59a895b10f36ce9e0f5f3a36fe073fb9b0617f32935021ba188348cd1a309909985d3f4c116df3ce54b38992e30e7898baad8f7e6805726a710a7b006f55521613ab932ad0f51e5030d5b8eb35c070cdfe4b17a79762c6282736beb81c2a0545f3ba66a668f3e56fa2cc119cdc238def8a4f99176e4c9eaf82acc656d0423dd5b1b70d1d1689d37ab58de6c20ffe50a35912efc293a528820306df74888af08601fe2a2d1d923c5ea51755ddc3fa136c731c7f4cf25e5dc0b838027962435441028a630bd3892029d634244f8f5e8c1b2df85c3e8ec95a3f1d5cf2130c6adaa3e79f955814c9b52107432e8308338b93b6a1e2b8454395b8d2702e5a0d1f7f90b8435f379d664c81dfe68438e2855d55d59d23ca7b6d3b1b9325ed9509920b01caad087bc8f61f92d8f6ad93ff4613a820614856cba745d8890126029a6edb4eff38db5064c587305b744b6aa5af6afd221c6031e4ca3aa24a270fa4ef8cb0149c2254bcb68716d5e93b592c52e5c631f5b556a59c110c9766a4fef822f03d0031ebd24a6181e2d5b1af8c3e373cb4ef439a258038e8039f57ae6e8a3c05f00198b1b633958621499afe1194f872454853221ac611c9ba261d2af731331315bc367e251a6d94588a147ebf3a8df994f0599a792865dda5febde08f6b5ce980b7b349417bdea8b17e2efff32c3d9bee7ef5519f67e0cee466414747d65d257f582307f86aa24a5f72a03caa8c7ece447d441fe891f8b628281b743c1d4ece374e4641074049424278b9969058d7c47c5c1f4e0e5a2c6bd0ee87565d7ab00b5400ce3d4418fd7526f399382c4fa30548d007c4ed09b864d354cca2bd7250be5ac4a5b8cd7067b2684a02855e0eab2e4561761c54e80dd7412f583209735cebee5f8e350268138fdf614aef37e2069a89f7aec06a3b50d4ec53e02cb0fb938a53c79bd6c5f676563934750f99a44aadd2ee4daf584d965cae488058b72ebffdb73803b9c882baf7385df32fc6d455c0029f0ccf9593660b44da37dbd48f7dcace45a866b78fb139575a8ba4a39e69ac8dd9caa20bd421062bb4850d747cb72e21ef7d1f7fbdfa1d2c897e96240bd07192f275a353eac8000b18aaa3b50ccfd20f4708a82abc1b18dffe5d3fc4cc7bdae96446a27f9609a48160d5abaa9cc3b26863fbb5a72223e18dd832b6d966ae3b9f0aa1b1f6895c932ef964c893396f2296001367fc8a6f04e5b33b50da9ff8ae143062c98249dda2cefc70ef1a67a0b730100e7f971dde2c691a2605c508b970940fc0d78ccd0f5867696270f2d150e2e888308910ce00d70447c72b9755aafe8775e4fc07aac1b0f8845c84b48930fac16f11a16c0fd5ad319884d9850a13862fadee595f6494c78e9f01f127e8c492c1338bde1af71548e1f689c3190ccc31ba12e0cee7ef78b5d8ae08fa2edfa45aad258b80d6a05a4250c5b397a26ceffc76741297e69186b44349b475c8581ee62dc8719abdc17f208a1f966add430664c369e181d09099c0169ddeecab20b6fc919cad881d5e3ebb22af60c9d8e738b2305eb59a1d88f10748cf1f7a8c378c2d94c212991b98d4bb06ce350e541107b3a0db20fcf9f441972c0028776d296e2ffc5a716909cc8b201b87930147f22c1d13505e1cd9c489af1af170838075140e70624c05f08a43364b01a28ec095d799b2f04d1d92c932d42cd1ea849ee81405c22d2db26c6f5d2afbfb09ba9260b7765b388b658979e716dc8aca8d4ce2f602e5bde3f0c172f47428d98f39d42d834e8a6ff4f5196bcb019bc12339bead961ff955e8a5c45e45b1e94dbea29e788d7648fad5e4ce6dfc098bd01e6bc56269a735792dda1aa188bf1136797a4a1d1821863998062e24cdc4fac1fa6bfa5a0dd4a96bd0981081c9f11aa141828b14cc43d55b3fb85c3f656970a8bdd4468f1559a2ae7d345717a51d91c66544865da81e2009666584e499dfd4b171eb1b24e417faa8834bb8140c21958940ec43e903579343fcf1ff13700c80f1333d9e0ba595800e05053ffca516874da74aea2fb1b3191214438f4c1d712fb0ca35c82fb86d99c55749a802cd18876721c5249696283524f6b0fc4a122b266bea24223318e88769b7238368a551300390909606528a11a6956fbed1ca5cdd8b4a820a25", 0x1000}, {&(0x7f0000001140)="d6baf904c31a43d04963edbb8f69ab1e95de52f050860f3e3546d2732bcf734fe65a9c41f3a31a2ea10fa9a475d9e8985523d38d3faf68175f1328a0630eb0da541118b3fd446daeba84851477c68cc7e68a3ab8888836a1a0239c70622f6e7a6961db1659b781b52f243f5f", 0x6c}, {&(0x7f00000011c0)="8c8ccdb44564c6decce867453c2e9ca544d5e791a42327040423ff6a1b4e2e2288a780dc2953db52d423bf7476eb0df9e594f441cb", 0x35}, {&(0x7f0000001e40)="3ece93bce1bb0b25d6bdd6f335a9238d3003eee5a6c73481765c46762bac2fdc6308243f64bf1e47cfe35848bac1503de99afa19afdf8fee92c69382a78eff7c886a2eb2ba6c32174e502b38e68690e70c17bf42a1871005aa14c3ed5eab85f90107165e801a0a18e1bec15c24d78ccdf6ee6fa134e78ca3a36e6d4bc391bf5fadb00a393f0064d4e346ce8771c025badbbaf7b86b9cf6866bdcce56381495ff342391f0ef4cfdcde65c3a494907311ec9450870debe43c10ee6851dcf30fe16ce3920ee5fc53ae8efa6b7743e45aa8356c00c854e8f05c2aadcc105fb8f60054f9ede1fe0c0864bb5c6cb0f7f98d247f4c9ffe5f9d515a83bf6321351753ad4a443eec501f70100d93dbbf033fa2859b5a83e3b79b5019b3a2f5f84716a013a334e94b44beb4d922a957d50dc9131137542dcd5b14fda432be7de01cb057a644a0b30845a9c2279f1ea5ad77e988d13ec95eb1fe5f70a3dbde3d13a3decc58c8d239e0ceaec7140b75e2dd501a13ad1177236c628b6e239d04f5887b46d7f8e9b0f76d7c3fa0c2339cba39141738d0971d8d77624642298eccbcd383e94438e602cebfa48fb33fcd9f5ed74eba8d266ca90011c3a715722dd5333f4434eca4b61998f6c5e994dac6d2c7b6470bf8085250c6f66c1d2f00a5b3e8c111080394d9d85611c2ff205deab4331e5d888ce106d67fdf248812395fc901bdd27329516b4a384836a0e4ddc3403ddbd4d09fec20b45e311617159306f54a61ccc4a54dfdb6bd8637ad9f53628c6fd14cad530e0071bb5daf07988f2d7007c0ef400b83518994246f0ff7dfcccd368ba2a1ee0cc396dcaa5fa45a91c5e86de9ba399e9cce17f51ccdbf11ce1fa93d706e4617af5907b0845d41f6ee79cfdd55981317d9ed93bb29b8547fdb21d2997124905ab6929962826b653e89ee9cc4d4a2041ef16749f8a91e3567b71e91703b3bece7b50a6206f8c815901de119ce34c2070a2d46ee0ee8137458a39e19fb057cbcf1cc13ad13bc453ea3cf01bda773ef52f1e2d353046ae6725a6d4502ac6fdd2363b1507953dcdb9257970ba79996af96d880333ff58ec3f454f0af236d964e458515f5cbd146241aecf5bc2ba21aded4c20ccfc2c3442d79c5a48d627c8e56276cdab9fe7f026f27f9ba013eaccf9a32bda807ee63b969b77c53db8a20ffca6c748adff187f3b1c06a8b9f3ffe7b93064f384102833cb9cfc46835919761295cbf29e7420bbcb82dc8d57105a184870e59bad43252f543021b2987c194eb1eab245f2e1b51064ea608a2999fb2a6317c46af674591a82c2d9ccda8844a4cce3ae54dcab60bf7088ee933855ba52419f845b0973452d5a79f399b93c3f71e4ed5b42b947a4a71737197f5b883a2764c54b5eb7d0b0a8febe600e76bbbf6cb9b1833990050ca66a128abe939f1e63049115c49b41f28f86c9ec225366a8ed8512ccd45293341b935e96682c5e262b1db2afa4b3f8ec2a72fb8f5b3d883d1f916c6dd246d96c93f515c8a6b6876339d9669cc46b3001032019f75e46e344cfa481723b48e77bd88317bf0cc1cdd47f362f3cddfd50839be94a69e2ddbdd1bc35c32e27ffcaf43a943df52db5d70036425ceaaace094c8335a47813b51e0e6ee21ea1c6a3c8f90020cdb8148998f92842b2a2e85d8c23fc0163685d57fd02b65582f891a3643ffe15c86bf52a6167df4765cc7a365cfd2d9a62a5cf8ecc2cc036a21979ec847b8a017ae7db36b71198f3166af91cf5f93f2c5e35cc9c84204d716a71b4874df8d75e51a7fef84309098cfaa199ad2f909d8ac08efba7aaa3d122d30d656bbbb17f11dfcbca34ef49f40ef6b4a0423282b653d8e8d04acc0e7ef7ecce70de8434b07d5d387f7617ff7b14c08b9a07761f1afa1bbc9cf7e04d600b0fa1b1cb016ecfbc45926819c07daec91209756e473f6818c967c9fff8a738648f809b3abb64e5dd981ac5a498de7ea982e4fa232bff361130973e04dda0e599b92a954ab5fa7376b54018269fea07120df822448904909b9893f6cd2ba8f5ce09fa4fe7750b5f18080c225156e5bce6ba757ca1cb970b9a110eee4f44d8797512586bef5617c8af77effcdfe9e475311c3ec6bd11b4d0bb232c80574f05c382a65b5ddad2065d2a8de85f6697af836535d46829e0687b99371d82873ce7d5ed3b4f7e450eef01267854c75061fde471a62f16d9b0e80cf80579840773612ee169386ee7e6d999ee6c57435884f37343424a86418f2d326ede6bae3b3684b82d97f91ca0141d8a2d84d94f3c154451f221d43df3be91f498a968e6cfc1ad02c096e65b09a363d2c6ae3293272523c4ea1334339426e5d7e16df3574de1b76feb17542ad390bef54cd9d74dc56716794b357d96c64cb91b8c6d1387fb6b6f8e8884494009bf6288a85aa555c4a1abdf240be7f8a06b11f5a982eaeadf22121a7f15e1744795062c48903ec4c64f7b1bd55fbd26753bd94d6d278aa51aed58c693d3e2e18fb611d59e7437b61950774775258fb8e9fece08c193ea3f5c684e04055dc677cc69de7e43052d48e3ee1b2e3bb9b585db423b8963cb47e3937d2234878a201b9b553bea86e0e0af3b180c55444c625463e12606f82338f3c878d264ddb5f7d1d439678c8416dd63f2454011b3cf31a74b31b1a74bbc8081fadfe66625008640f9a53ea2d463739cd519b5bbf87536288e8b59b6abae7f7c5f36a31bb1b98313b8c8d763341aed6a6f4c5dcc3077b25ca1f3aab9100876ce2e12c72289ede74997341b76611fd62c47791938a092f9b78749287a520f24a44e6cd90f6ea4a622b30550ef8dc3478e83bda1bc9d640f05a046cc175ddfce42a1663414d400f508dc70af5002ad3fb14505f46ad48cf5266b9447ac6d316b05e2c14646517074772ef45de710ceb53b96422434bf7bda68436374798f52f47c8cbb6791419425a4dbf30bea0153c826cc77f35350c551dd2c5025f60db36037fe41dc8ffb9faa3d266a3f5193e0829f8b77fc3799b11d20b23cb500c4a198649fd91b2d4c024e77b63b32d81f9f83d1e2f7c4570d54175ff0e2b137a84de87a103747972531e31e0f6825472302f1d70153a9e75dfc3fc4a3e5fb46419fc929a1f4058b642a935270bf7dd83dea57b2e37264ba435e2adb082829b41fc905a5edf57bdacf86ee025beb1cee2984a24cc97231c422a3d83b4899dc325c811a94703a2d8cd3f18ee3955f3b19f1342c93aab8df804a5196bb54968b3bbd16353b1cb4937dee1eccfee6ce1cef0713862fa68da06a51396915e240ea0769fab9955ea85ca449a0f021fe4a90bc09ce17bacb08d63df1febb9ae0b54078128bf9e314243e862633a7e1943e25c36b45697988768852b48b58943bf57201e47e20df07d97c01946029e98990baf906f1ea7b53bb0756e7028829b9f1c496a46783174e052b4be22d6fb2b42bcc371788fc24931c8c8ce487864700366e1d6b5bf6b950d4b7879c54cd14fe0a727f5c1e03bb6ee105b95a95d2df842167c995be6c5192cad88abac99e248046cbfd189366dbbea3b1745006af7c8eb5a1c79da80102826d8de27ea6b6900420fc104c49ec89e1ce075d03854e30d740184c2168035ba671da686d329a2eef700cec5b94427cb436ed3410e7d554480e486efe2bb7d59c809d0f0ff85b1c1a332f77cab1893c52ff65fa0859a59067cb62ed9cd711b920001cab3ee606970a8f054326523d3ee8098e13121b591375dbeb93f4d64a4b3bcfbddac32902868998dd83cf9ab9b7212c0e3b7c6ec86d4dfe0a4a4bfa6e7637ba4c48eb0ca6631cc5dcc5ea6d8d4f8e42587b11330b9c03da22daea78c0fb656fac882b8fc4acb23f8702feeefa81314d0b5138ba757f50b40a3621f483a294890e52bca80c881ab6fa8768188f4f485722e5ded1298e06327d734b000d7612063bd6a63424bee5b3fcc4c98f8003552c54ebdebe6b5976ff663eaf15738d7ee7596b8797d8beef55195637791be6cd0b2b1dc6980da25619242cb6603930723010bcbbfeea313f64fd72f3a1778147cd45c0b2e734a4b6f6658cf9e545fa77808c39ec973d3befa2e45421c96bbb71ff8067fcd4a25b2d96cbc3595b8e59f27c877d31df1a40e191cbf2a67b06f0d8db390f132c3ee5c673a0477e892f175f7ed058dc6c8fc7b7ddbb131962b4397e0ef83e47a6a787195d3dee51e350a274cdc97fafb9159fdb289d8d1f54f24972eec26013842300a224416c801fcd025bae4fa0b162a4ff100bad11280b6fd65e9ce0f55544d2c679de4d9eeeec30de5474a304134e84debad36a95fb4825a1939f92205d2c7b25f454d16820c049d1d70db3f13facd26a63e87ec25db3d1e16e83a0b40159765ce0561eae14a3caaeb1a695e6e765bd8ee922163dbf1c3cf8d423a561c26a7b79e6e12c9a1af4a4faeed4b0c366687838c4b306b2d6e56f27c87edd90bf3ac7147b08ee06bc2424112d4c68ee99970392cc3a8226579bd8428fdfb197650734634f2a00ca1e5e50a27175ea48076e495918f6eb6af808c58117c578d9b282fdf79219ca57eb2b1bd5399bb936244e3db1161fa063418e2139ac03e0dc9b08cc8a7bc6bc9164699f2d1830c8858a160bac997fa811063ad6ef2e6ae9cb0f7ad0f2fd1a56f80b9681a791abe5cb02fca8ee8b55a4370b7c3cbe20acf0b4381eeb87b8dcae550ebb438a113f27beaf22d82d657c56cf561b417a1ee25eecabb52c221e6e1f9fb6e055656b7cd65d5d0ee19013dadd87c7a3f21305d38c74b711f3c4c06795613ecd924efe10f94b95e729602de3a5f6299bf7f92743bf8e81d2c2ef372af1b6c84973ed0e22e9652797f8b769945f267fd80bf11c596a2f87a73a59abf066388791cc4a73a09c6c954f3874c84d9cf36b96e09770b6359d303b12ff4f7e82e4503e023d02a3fe6570efbded99776eec2056e78dd5ba02b60bc6a96b48e1e3f9bfcfe814b6338012bbb649ae1c47b9630d6b5a7709513fdbb1c8fcd22039c6269a3551366dffc2c5389f4287cfb82e705bc0cf00b58ae92c71a983c14bc944f61b5c1eb08ce92c9f6e4dbec6b0556acda90105b678d3a03b42d3237b52a6e8d7ef241d9d286d83104f4fb43c2ecc7f47aa25b7b4024b722ca12fd45b6f6179cb73f7824688a8d79fc33cf0ad982afd91a9636e26ed91305777100c1db4fe4bc6b6726cce06da34ff3b533d25d8b6ec4e69992ae171afd7eabf9df4d90d874373c94a86bc98b23f51944435237bc12e2655c38aa06d18015ed711c91e55f4e7b7e71091cf6c20799c05a974d6b2563159cabf65cbbbdf34bd9f380439f6887d2a11456714d93da99c4d0f5976a5ca083b95971277f467cae519f01999d91c11d7c25e0dccedf49a4749fa2214c80ba4be2e60b769fbe6d875483696d4a19a10199b7795099c6ec10e7baf5b9ae1ec2d86853d96cab46dc5c7a83bd8398c6ce7ce37482e1de641582a524e7fbcfafab7ee11c5134c071239928b1f41b15785c58add2ccd485fe7177428491e60b113988448afb6a2f3785d10beaec3a98a467f0b4ceded8066154fe07a503e719a0bcea1e1f7ed8bb165c7e0b467765c93f755a22fbfff965e480c34f8a12d08b3eb0e0b17bc5d8c8f2426f7638809f58a11236cf3e81188b1676396450072f601fbea1152df09b8122caefb6fc799ab01a40df9a23dad74eea5455b5598ef6dce55affc031c36846d436d3043876904670c038fcc61e1851890d460355264e1e6750f7d6da2f67d822391cb835cfa7193", 0x1000}, {&(0x7f0000001200)="f4fd309db90df94b49640523304b0f87307082046ac49f25cdd5251aa37cc4e6ec556d514cfe347f817df2e9f48045d0f53992c0386f261c0af34e209ff5c121512463fb814bcad87231cda7116a86f5204bad2d82d24914881eab0b6a2af60ab4e06660428c2018cb5e7c7574fef413280c51a46653065092b39dcb911782e2bdc5fe9515f83475163069a4a428133e00c8e67401e1d174ad64cdfc9c692cb781029a02e63567c4e9335336a12087a2cdcf620eff1ae2bedaa7521e26f44dc1a083bfae1092472bea4eaced7161edf27693cd1f1e24c59004f94971fdf511c9784689d8ce36ad95027578abe4c695", 0xef}, {&(0x7f0000001300)="5256024f9e19efab72fe71bad5ce2df78dfe71629efcc09775f733adc8c4a4bab463fc599941b6eb81683f1ab9c93a9876d896dea86d3b72dc2e9bc06e84ff7b8467e546b3c81a9972978bc210921d9253475ead2c0a6d66", 0x58}, {&(0x7f0000001380)="62e9ab99804fb1dbccf667233f20a8c8a149ac7aa0", 0x15}], 0x7, &(0x7f0000001440)=[{0x88, 0x19f, 0x5, "3115af52e7c00636b602e1e6c24b703b6f8ba7ac31a2e13359c68ccf71f382d94b9d2832c70035721bfc2aee9e1c2d952ed3e9f9459cf7822eadb002b1ff31b93cf65e92788298f7fcc0e7a093efbbbde274146ac2392ae6c4b832c2efa298714a60765928e052c5098169b790223692637d6731f989"}, {0x48, 0x104, 0x4, "a41568f35da4f98a7e6e35f6ea01264064dfb3b601b035ace4f472b6bfdf80d796b6848e4df72f5f0ea23451d5be47f761d8eaff"}, {0xc0, 0x112, 0x4a, "5c0422159d7efa453202cd7114ccdd65edfdd787294febd6787238200f8b344ac5e1d1bed5f1c3ff87f6349a8e7d804f94d9f0b36ca426ccf8ed5934ab10129c4b7b6916612cb4531cc3b13c44d1fd43c32f492fd365b2f02a3747b1dcfcdd3074deb1c4b724f001d34f87ad2095567e5a966700a4f9cedc8485831f0fe9c95b18011dfd81634802ed58a3bbb6926592fcc916765ed6fe0d6bfbb4fbc8a0415f24367b65fd76d6f678dc3b1480"}], 0x190, 0x20004810}, 0x0)
r4 = eventfd2(0x0, 0x0)
eventfd2(0x3, 0x80000)
ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000001840))
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000001640)=0xd44, 0x4)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000358fe0)={r4, 0x14})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000001680)={<r5=>0x0}, &(0x7f00000016c0)=0xc)
r6 = syz_open_procfs(r5, &(0x7f0000001700)='net/ip_tables_targets\x00')
setsockopt(r6, 0x4, 0x101, &(0x7f0000001740)="1f38e10cc78d7c93b2b71712f7a52af99700ca6623e0b48b17c7339b4e5c914d4065189c8aa6ad63dd92564be8f6ad4fbbd95542e07ca82e1ba69eed0d65e7b1b693cc21e8a97bf3e8a4893d5b50148a47b0b8c839e28a76f864c845fc3eb33bc9654330443cdea0e81f2bbc3a53ea7ee907fcd2702374c1b9a7214dc1702630ff23afa7ca81250995748dbadd8fef44b01f4aa80997a7ac1bfe37650cb50f4ce2774639dbb0eacce3ac08deaa30bc05abac08028eeccbaf755ceca5cb64f3941f32c4e5ef377e7d3e9578", 0xcb)

2018/03/31 16:36:54 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r2, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:54 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x200000, 0x1)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000100)={<r1=>0x0, 0x2, "7dd4"}, &(0x7f0000000140)=0xa)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r1, 0x0, 0x5}, &(0x7f00000001c0)=0xc)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00')
listxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/6, 0x6)
bind$alg(r2, &(0x7f0000466000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r4 = accept4$alg(r2, 0x0, 0x0, 0x0)
sendfile(r4, r3, &(0x7f0000807000), 0x3f)

2018/03/31 16:36:54 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x0, 0x4)

2018/03/31 16:36:54 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x200, @dev={0xfe, 0x80, [], 0xd}, 0x20000000000000}, 0x1c)
sendto$inet6(r0, &(0x7f0000f98000), 0xfffffffffffffff3, 0x2000000c, &(0x7f00004a5fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x101200)
r2 = semget(0x1, 0x3, 0x24)
semtimedop(r2, &(0x7f0000000100)=[{0x3, 0x0, 0x800}, {0x7, 0x5}], 0x2, &(0x7f0000000140)={0x0, 0x1c9c380})
getsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = socket$netlink(0x10, 0x3, 0x10)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f00000000c0)={0x1ff, 0x111a, 0x1000, 0x0, 0x8100000, 0x7, 0xb65a, 0xffffffff, 0x5, 0x100000000, 0x10001, 0x6, 0x0, 0x7, 0x8, 0x3ff, 0x0, 0x8000, 0x9})
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000009000000030000002003000038010000ffffffffffffffff38010000ffffffff50020000ffffffffffffffff50020000ffffffff03000000", @ANYPTR=&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="0000000000000000000000000000000100000000000000000000000000000000ffffff0000000000ffffffffffffffffff00000000000000000000000000000067726530000000000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c00010401000000000000000000000000000000f00038010000000000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000b0000000000000048004354000000000000000000000000000000000000000000000000000000000100f8ff0800000004000000707074700000000000000000000000000000000016fe000000000c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f800180100000000000000000000000000000000000000000000000030006672616700000000000000000000000000000000000000000000000000000000004009000000ffff00000402000020005452414345000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x380)
writev(r3, &(0x7f0000e11ff0)=[{&(0x7f0000299f3e)="580000001400192340834b80040d8c560a067fffffff810000000000000058000b4824ca944f64009400050028925aa8000000000000008000f0fffeffff09000000fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1)

[   85.349517] FAT-fs (loop2): Unrecognized mount option "vfat" or missing value
[   85.383785] FAT-fs (loop2): Unrecognized mount option "vfat" or missing value
[   85.450145] FAT-fs (loop2): Unrecognized mount option "vfat" or missing value
2018/03/31 16:36:55 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r2, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:55 executing program 7:
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000240)=@req={0x3f9, 0x0, 0x1}, 0x10)
r1 = socket(0x1e, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={<r2=>0x0}, &(0x7f0000000080)=0xc)
ptrace$getregset(0x4204, r2, 0x7, &(0x7f00000002c0)={&(0x7f0000000300)=""/198, 0xc6})
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3f9, 0x0, 0x1}, 0x10)
sendmsg(r1, &(0x7f0000030000)={&(0x7f00004aeb5c)=@generic={0x10000000001e, "02ed01000000000000000001e527cc573c5bf86c483700c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f9b1ff010003000024e7af50dd0700000000000000e3ad316a19830000000000000006cb24281e2780e503000076c3979ac40023bd07020078a1dfd300881a8365b186827436"}, 0x80, &(0x7f0000447ff0), 0x0, &(0x7f00008b2000)}, 0x0)
r3 = dup3(r0, r0, 0x80000)
ioctl$TUNGETVNETHDRSZ(r3, 0x800454d7, &(0x7f0000000100))
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000000)=0xad03, 0x8)

2018/03/31 16:36:55 executing program 1:
r0 = socket$inet(0x15, 0x0, 0x0)
ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000000)={'ip6gre0\x00', @ifru_names='teql0\x00'})

2018/03/31 16:36:55 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7f, 0x103000)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000040)={@loopback, @remote, <r2=>0x0}, &(0x7f0000000080)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0, <r3=>0x0}, &(0x7f0000000140)=0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, @in6=@loopback={0x0, 0x1}, 0x4e21, 0x0, 0x4e24, 0x53b3279b, 0xa, 0xa0, 0xa0, 0x3e, r2, r3}, {0x0, 0x4, 0xfffffffffffffffd, 0x400, 0x5, 0x3, 0x100000001, 0x1}, {0xaeb5, 0x1ff, 0x2, 0xffffffffffffffff}, 0x1, 0x6e6bb9, 0x0, 0x0, 0x1}, {{@in=@rand_addr=0x401, 0x4d4, 0xff}, 0x2, @in=@loopback=0x7f000001, 0x3502, 0x3, 0x3, 0x3ff, 0x4, 0x9, 0x8001}}, 0xe8)
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000100), 0xa05a077f74cf5a2f)

2018/03/31 16:36:55 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x0, 0x4)

2018/03/31 16:36:55 executing program 2:
r0 = socket$inet(0xa, 0x2, 0x0)
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000380)=@broute={'broute\x00', 0x20, 0x1, 0x280, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000400], 0x2, &(0x7f0000001d80), &(0x7f0000000780)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000000007663616e30000000000000000000000073797a5f74756e00000000000000000069726c616e300000000000000000000073797a6b616c6c657231000000000000aaaaaaaaaabb000000000000aaaaaaaaaaaa0000000000000000200100002001000050020000726174656573740000000000000000000000000000000000000000000000000048000000000000006c6f0000000000000000000000000000677265746170300000000000000000001400000000000000018000000000000000000000000000000400000000000000000000000000000064657667726f757000000000000000000000000000000000000000000000000018000000000000000d00000000000000560500000500000000000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a6576656e745f6465766963655f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff07000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000075f91b511991c711e83684595572b27c93fd0f1cfb1056f30654dfc020adf301150227a815c65787a8134c76f2af47207bf3e2b210896d3f4e1aefc28cc984043605cd854dcaa2885b26ad915225a5ce9606eb9324c9c846fef919610942e6283aee84ae3714053211aec81fd4f0437fb1aaae2828e3817aa44b49ac859cb9fe4ee8a2b5f642d9c3b280d7b95c4c958c07d3b55fcd897a31349f66ce2782c0d30868cea999d313bf2ddc9fe444afb7a1286b5206f51975be881fa71c43488637165d7a33ccc6dc7c4304a539e6b558bf9cc6f2d0535bba25cc72e9c03de8a823bb1340716064b405e2a45f3d5817a57dbf73cc0f6b68"]}, 0x3ee)

2018/03/31 16:36:55 executing program 3:
r0 = socket$pptp(0x18, 0x1, 0x2)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xa76, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000000c0)={<r2=>0x0, 0x56, "bb824fe977b32e1c8e4107389b7bc0f8c0d9cddff32e76950549d580445f3c1e38ed3b453601f8f1c8d2b3a23fde61cf85fdb728be522c64bc275bce7b09134de38175176290730b6e2d79bde4c30c08702b7f646cf6"}, &(0x7f0000000140)=0x5e)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000180)={r2, 0xffffffffffffff01}, &(0x7f00000001c0)=0x8)
r3 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x2, 0x0)
bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1)
dup(r3)

2018/03/31 16:36:55 executing program 5 (fault-call:2 fault-nth:0):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:55 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
recvfrom$ax25(0xffffffffffffffff, &(0x7f0000001100)=""/4096, 0x1000, 0x0, &(0x7f0000002100)={0x3, {"33384e91aaedba"}}, 0x10)
perf_event_open(&(0x7f0000002200)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000002fe2)=""/30, &(0x7f0000000000)=0x1e)

2018/03/31 16:36:55 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x0, 0x4)

2018/03/31 16:36:55 executing program 1:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
fallocate(r0, 0x0, 0x0, 0x7af1)
preadv(r0, &(0x7f00000010c0)=[{&(0x7f0000001080)=""/20, 0x14}], 0x1, 0x0)
lseek(r0, 0x0, 0x4)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000300))
read(r0, &(0x7f0000000080)=""/196, 0xc4)
ioctl$KDSKBLED(r0, 0x4b65, 0xaaf)
ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000000380)={"c234f6aaebfda41bf7a74bcdc704b0305415b203d7a4e3fd5f83519e51a2322d3d16d5c6e86c9b8206797ed0186504fa21bd41d6a2b9394d0ef844107ff3584e806c908624a98fc02cd625d88708965555047024543e67d51a43fa8383dcc090d42b372402ffa8133c3b6da808d46597aea26ba5a679c65e061737767b3208c630285eb14a431da02a3fc9f4fa0a2cead3fdcce974311757225713cc852fcc56ceafe02126251dc64bfeb4d9d02e75b532f2000b5be0a3910cb6b0f4fa9dce8933f41920ac37c92469eeba878186e1396cd6664ff6663b72513ec5405af422587d48224c9481682858be5408a08c5a0b96077e68eefa5096b18fb80f94e6576d4dcf5082f3a072db12450fbe14869466832279015aeb72d97526ee0a1b98b817100193a18316c45a26e31c79e0d6507fe7e04bc093acb95d454bdf652aa4351664148d58aed3e6f4408cda18ced0bbe56ee09f6a3368467d3c8e9808cc4cb1fd734357411cea6cfe750799026ed860056abd672c96fec5ac000734ad464dc52dc90930cfd3d4012b5430d31cea16342b4f240e14f8fe64dd7dc219fd409c8e4f31f98b70ca1f75d7615a6a309bd42dca6c631df08f7ca4481bf7d78f268746ae73613fdc632b236756a584747092a92751f835e10092f8137b09f302b6a58d1446eb8efd793e085fa3c8624ce7772f172e3911cedb18520a677b85f18d2950b1ae11be25c32823cc9ffa65ba9f10e084f326c61735cc58255ab7cec890dc8047da2b12def3089fb6925a42b1de1ce0c8db9cb8d1a0f8b446017dc358b86d7bbed7ff38b650dee8c0f2b6639d501f62a168417816162d09e6d56affbfb957bc7d19648a8a68d8833e25875c5f0d7d7d061226472fe600e7cb82c7a6eba5a0069d1b40834f983281cc257ed84d124a47e6eb0adfd2890c211023994053104364b497e0aa33be88bf90b4a29aa006d7f1e354a21de0ae31f4901a5bdeee0c5c6402f6a48820f0388fe084889fdf648b1ff550de07e555298a297e8d1b00a67859da50b0a980241e32235344feed0de290611113d4022f91962bb6b694e77cb4cefdc60f5a38f4f9de9e081c54562002de82a4af1c190666b92f8350ef5f576d9913780c46724efff0c213143f4f4f7215ec1e417a09452f7bf1f5579b9da500755d11fee84d5209200d05558564e5137911c6556726b0a1759950aac5f784a88db070b9c36cb788091c2be52913464dbd40a09365e576dbb1f964149278f7c5958d08a5c7ca46aa5a0eaf9e4186c1f51fed7e670017fc5290c71705e403f14760acfa79638ea66f00629dfeb20f23cb29d394364bde9b0506fb1f4cab67edb8d46527abe43aca1a2f6998b45e4cc66c62cfbf5dd01e1eb6e490e8b836e52d2ab9e8fe80aedaba5754df5a52aa0616daa3a8fe5ec5a27e89fbb0e56c423f8a9c32c1"})
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000040))

[   86.425083] kernel msg: ebtables bug: please report to author: Wrong len argument
[   86.440693] kernel msg: ebtables bug: please report to author: Wrong len argument
2018/03/31 16:36:55 executing program 7:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/vhost-vsock\x00', 0x2, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r2 = open(&(0x7f0000000240)='./file0/file0\x00', 0x3fdfa, 0x0)
pivot_root(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)='./file0/file0\x00')
write(r2, &(0x7f0000001200)="f858f0c637db5ccc708bd6cef167f826ab4a8a58266ae5093312240abe99b574541887d5e688c24bf3d745ace3a07e863db43e88d5d89df7727f717850b22b4e4ab511c59974b81f3f00e2506f772ea0b965d3540d01c1d7c141f88144c41ea48d6d7bc717399759cc4fcd8461ea8a9a4a7ea5cdcd2a53ec9aa6760ecd4ad5a7", 0x80)
ioctl$BINDER_THREAD_EXIT(r2, 0x40046208, 0x0)
r3 = open(&(0x7f0000000280)='./file0/file0\x00', 0x4001, 0x0)
pwrite64(r1, &(0x7f0000000340)="2056396eee515a0df7ba6afa1c278e3456884c27a3ceee844e1a82f8b548b4442e9e8db16a75643b517cc7938c84b73de4a26a29cf3cef5c3bb781bdadac1739e8584fceeb75890848b7b44fd00b370d4fb49142b69562e1a04285983ca824f41ebab1b9980e321312140dbd7d23489535cd35b89e7072e5df8f367bc27d3ca2c25a4e0464106e20cc4c703fae079d32abd372a61dac88b8b5a3f2e654a134baad46cc49dfd6f89573871f2419af36abf658e8476bca78a0d457682ef9a8534bf5ad48d0f735796b492210f63c914ca172e8f64551e12fdb437ce419522cf367915f249b", 0xe4, 0x0)
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ftruncate(r3, 0x80)
ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f00000002c0))
setsockopt$EBT_SO_SET_COUNTERS(r5, 0x0, 0x81, &(0x7f0000000180)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
fcntl$setstatus(r4, 0x4, 0x40800)
setsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000b80)=0x101, 0x4)
r6 = getpgrp(0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000140)={<r7=>0x0, 0x1f}, &(0x7f0000000a40)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000a80)={r7, @in6={{0xa, 0x4e22, 0xc000000000000000, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x100000001}}, 0x0, 0x600000000}, &(0x7f0000000b40)=0x90)
r8 = getuid()
stat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = gettid()
fstat(r1, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
fstat(r4, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
sendmsg$unix(r2, &(0x7f0000000940)={&(0x7f0000000480)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000000c0)=[{&(0x7f0000000500)="529339e34f0c747a4447ed6e831912076999dc35106994b98d540ed5c75ea6bbe3d8ce2918802be1d389e688e0c3cd5de15ea3209d36c9c105baeaafdd18d84f5b6551f5767a0657e2079727c876418ed5b746da94b76d6bf26962816a8b054dd51bd266b9b987f7d4b201a0474987786a6ead12415384f119d044fd120f108b5928fd5fabafeadd635a20b6584fb107a21d4f068fc1ac67df3e300bba60a4433000ce84b48d03123edb6946c5b91304c54c3d99cc995a2bf172ee60bd1d16d3d475642488cddfb51e9cd6af20c8dd06dd86ed56531055dd5672865480ec858a5fe903642e65f60fd88657bddd4eca2f16796e5c172940d34eba6fd987a4", 0xfe}, {&(0x7f0000001280)="57b9087a4d24ff012f19d05860d8ceda35b3a80402a034c403ccd81072c32339788a95ad5ef5f9766c695fbc5638fb80d5d2cbad19431167dc46ff508f315d4047b030dca261ef871cf5ee5a2a3c8f5e80a5defe6ff7957bb926c50c1f83f6781f50ac65a075d24777341bfe9c3e5cd0e1fbcdf064e3d63a84d8c3ec07af05ec83ebbc14e75a377cf966bbecf38f6e54471bde917ad04c1282b37f385a979ce7bd67ac980055ae8c0a3cd3cf1c9a810afa372e9493ed1625b84bcd303f4ca35a3d662e338172b820a59f3c33d7082b5abff5c9f263dc668683d3ace4b2f80efed68e9131e4ebf85ed41e2c45b98935a081715c5b601aa001b1d2e72e83cd5f6de430b7b72e048c66e0c443f4327051b4d830e84f09b883f6457e511b2e0aa71165016675231596933c2c9c21d2086ce2fe91fbba6e653b7e8459a34cbfc073c643ddbdecef5ae278751de5bd758a534a14d416f5e49b2f36a68db40486973be1f2b9892d0be372d9c2a6944925328b5f12fc85bcce352e609c8609e25d42fa40a8b025e67090c5aac36a61a3b0d40de64b270b594ab01c3d37e3159805cbdfcaba9811540b80282f1a1ada47ae9c26719e0341404f6dc1a0f66cbe3e5b22e85726cc9ee74e1be5ead8b9ec1479c6c50dc9ea796f870664d1f1e99d4e42e8938582bc5475a24dbacae0a38904346300b01b259420f29152d79c052ae6a65dcc65a150f610e9642cdfdd1a18ace796d224b921ca835088307dd8cf240112494326293c54711de96ea2921b2d71e40b1084985258b98578f2ec05c2811c0e5792cbcc01f5292064751305dc17809a8aef8a3fb23ad416302d3133e4f76d610772aa031c4e641ae39c5e4f77e615dc557170949bbd8bcd3fa776a69bb7070d496b04e9a7a9e4b2c8ab9bc9fb42601b59c3cf13745d3e2a82f7a1f0c3bbf1d50d1555967c03aebb3a383932253e40d5952a5f709897814ca1fce155df26facba41546c24b68e1b622b538d4116b5b7cb7f2ca52f4bd02ca25566ac39ba6f3c47eb349f885ff60cabe835d38acd690deb13cdba1604ecf45ef603d7d60dbe49cd04bbd17c8be9476a01d5d1470d447812768c79ccfe58afeff89e42baa4a57f98af10f8be8554cf608a9d51c1502fc093da3031bf32fb84e8470f1753e00df6af20ae7122a843ca57dd7c70b32083aa544f8143d285d5544c16626e6ec0a9b4ef9f7d3bbf66969d8a2970ef577d929ddb2bb4bdaec6c581c9dd9e1dda19314208366d771fb10e0a164d2e3a242bc890f792b6995e5621849ed4630f56c4802208e1f06add0614d990dfb6cbfd680317b2857292aad71e749ea70dec6e72ac4d710761d19f9c6a264bf7bbf88ea294b2c5704274247073717e58251bfddf3c89e77f79b7a78db2d938fcf1ad5243f56c8d265fe7004df4910e7fbbb404d45dc5cbd7bf773b2b55a4f6e1e7a5758a78980c342eac159090d02374014c9d2ae30696a7e8f933ab633a6e3e9629e17bfc41ebf98baf90458dc535bda9abfba6345e59dc225c07068d105094e5195fe4334436aa3260da64a76cef75574cc3619ae9772a99964343946b971a04341ff98f131201eb0f5857abaf109206fde1a78eb7220d8e5882f5d89428b406cfd0a1277203108ff2acab596599351d8a6235fcbe1a244f86b8a0e827cbe014b0c0dece28c10185fb9e8a4777dc73f2e51b643e238eed35b4679118bcbe649c056adfd061948810bb9d78593e10c35215a3ff13695975beeceec2cba00c3814c4d013e0e2261470b0fd7b706b08a31c0dd90151564de27fb7b73b39a8348202de17e8d1a71871ceb8f0a3302fb4c4f745a7d52732e96090435293bbf30b7701525352d2be75b35d183513d8158fc4eacfe440b8443d1089040f964229ad6b81247954a41f6217863850e3faec06646cbb170e2e0058f27bbeecb3ac116eb5569e4a17d9bd6ff3a466949be37454356cbee8b57927b2330a9984ad271c39bde3d84e11682281524f4d8b7e7ab0db27cb6abfdea7c6a2b181a29ae075a13305a5c0aae5d050fd9b68220c9e05343e2e5e83816a83bdc83e3d35622517d1a14d634a52ae02095f43aae48b2d22e29a5c82661e9c21d8a8020f307cab826f8b3f0d76317c801b0c101f1d3310475a846f376b896045e9d4268f4db70255013abf7f0965ec1913ebc0852a9ed5afd85f427e7150b43652be8a536e555ad98c1760bd75e83c97eca33bd4c4c3d6152a5b3092ff319fecca2dff7af4a5f7fd111281623d13e9bd356a8d078952042750a9691f9608c71a7ff7219ec153b688f1cdfe19e2459fa63a4487ae815f7d83cf957ff1e3c92d1e606558ecd811f7d641b2ea6f4e2ae50755113dd2aaef02625cc9d369df7e826fb20ea3be4644089edb45c0411b5ef322ee60e5126c07424d55269a52693245cf478b9731bb6590f9ac4e32626e7d007da5bfa34d859d1dc42863a84b44f1e1552416ed9c2dea53c14b96a11c5307361e34f92804bbdbc6011ba498b96fbc2e2a9a3f5b96d7ce1b38134aa920084a578906eb6a122dc7fe8a21753d949a6da41fa7f11184ecbba7826e3ceb47e9512125dadadf35e0d6be98ea4f798661750ba5f1626218c3978f8611526ff57313128202de9ea068701652f5b42e8f4b3e753ffb17ea34ceb48bac6be2bc47278eea7e22f1b5ea8f7493d64db6c543c1c77cc29f9ad4daf1250b709f4696c25536abeb9423b27121fbfa1d66169dba439ed32934759a41e231213c1fb84af7d32422a1d1d984ec0f2a3ee4a54fb28b58298cf38bd0eca40f1fb363bc1a7d289c710bf33f4b200dc64759154de1aaf14b23e6283fd8ca4cd232c42a0de6478099566a03e686562b17ac5514ac73620bcc31bf0cc0e68adaaf9c416744214a6964558c7f2825a77d9365d35f7631992ca162ce05414528af8442dfd02b7ee877e7486fbd6eeb9c060019de9a2cbabf41668582f9cddcea0fa29c592e14295cffb7ddf516a201817f4bd3eeea0a8099db8ed3590c56296dec677ac5179da53337f53757891bbb9d04c3946463fbbe513d97dbb53d3cad45243fea4e1fedae744b2bfe6f6965cb7fa99ed73a35cbcfd99603e5136609939ea71729e90b3fe778dade2d4c1893b18d13a3e66871e588d7e100aa4ea298f378564fb5b320b2a35994c0e7cfb738038f6df38ca382f93c1c50f1c99f6c688837f82fce1daad83840f91c302b4b497dbb652be4a520f3d14026ff1bb62c029a34ac6f203b306a6cb48d5abf549d7db608e6d1f1e9a68dde73b39bba14d3facf5752d3345f7f9db8a407a9b1e073c4f482be4ca2170833d3ca2d79c89d93c45c77c9e063db2a30ddc71258ac93b7e2f5e195db789d64c2ace2ccabe6089f55fd98594d671bf224a3b09215e65c6ff7c04b8ba465f4f69ccb39cd95a9470f8a3d3089b07b26c290d7064a9eb8f190180be335faee73386f6734d5b037a450cbc7d433412e6d5b983bc55ca916772644a843f7272d8cdecf5e76c419435d37307df64bc82f92c464a1c00f6feb1871945eddf7cad39bf0e787e71b6c3dba6f521cee80930efd32c9800e61979da523901af969f429db73b175f28487ff595fc0d3cfad965d20b4e94ed9135b11cd9805977643d6ae14e0702ce80ca6d7b2e07e5a5a07f69555a5b0fb07103497bd542f1acd2daa3c59ad6148a9ef2b8fea204c8f3164f100dc14ee8b545373d3dc841a2a779f664578779da2e9934417a9649e6dd081322cdfe1961d064712386530b4fd6b3bbf10b68233cdd06204e3fbada5207fdfde84362075754321160556b5eb264340939f15537d50286cc011a2cf7cf20b95d2441c9751cc56eca3b54e46524d471017201867ec221744200222dd4fb284ab71ec451a7402867c0b60cc78f2dd82c9d03c938e82c5df57db2518451ee9731de218f389af5bc31319cb97102ac1c68d57dd34c902a3260256bb03aeb72ec21083dd350b6b3a40c0b1c417fd114de76383fedf064db12fd9bd99b4568b7dedc60989dec783d9c1b8f4769efaf3fdc85d849a184ed1cd5c08d9c40415dc5712ecebb7d721d5a231c62f46db239df7f46d499621cff62ea2537f3a0fdf1e5ed6e6cfa185e2e442203442a8b5271aa754b2732bc36db019d0a201371c6ff01c504e601e90543ad7c57a13e557b0a237debc71f59c6a043fa2ccf9b3a91b0262e023a47eb956214462711963c995c55e97e70e6fb8df44348902d2bc44a443ea96948723223d1b9cb42d2a8c621a9d8b4e390176e2e1e5bdd02c15526046a63357434506ff246589006e10dcc53041022f6e0c654162e0d421834abe1c62e80f0517abb528dd04c7ffcf28cdd14856fb25e93e00bc0469d20e5a141efb487b0799bf9326c333b80db09fc4d60b58a56975b899957ab65f7af52de6aed5f117d28e5b5c81dcd1dee02ee3967ef79430d5c11706b73b98a7c836b9b588a69bf75da58aba6a5b0b0ecf41fd653cc205769492ad84d481f61fcc5ec71c0589238174af4b47c8d17458c72a1539be8b3b8abd39fa8ab9bbf19ce4c6e10a0e15a44fd39cdfcd4e1a7ae568932690c637b3458a0246792cf646f90ae7b688c2c8680395efda03ee415efc5a8b9b3b37ed09a1af1655a53db5660aebfec911163a073b0d5b1cbd3797586728eee6316c085b7cf973fad25a5a7c849df5c08fc3ac32324c97f1b218fca32f37b0d53899047eb03f2f1c37b42d14ff1c1c2fc14b9b210adb9697d5832b2006f05e09cad087fe25fdd179ec26a545f997659bc4ed1b2a32188757d19d1f1a12128e0ee98dcf00b2de5fd638915adf84f4e285aeaa2daeb2f2f644e44bc2a6d2e898f88ddd75c7e9eec12989996098cc2ea90f9729935d73545aac2753ac15dfd175433dbaf07d2149c233e55017a341a4cff3d93dc46792adaa15b251eb81a3deaae637d531b3ac3440d665ff0e00a997bc025090a546121c60c1e7ff0fda99194f2a5f3de9d30f584852f5d74c0168ccfc8cc247a7dd25f1fd86644581f03dd06612ae68d6dc4f19c9dd1249a19b8809e5d899da871ace5d1d18799ba07bb0f71f0f2449596180ca23a6516af840d7b84a93918d3d486956c3a64f69f148a1b33936ac235638ac4904a80eb86500ede72c635c3b273e218d311670db5b1adef9f576688a1d6c3c517683bd230fffee43a5c8cd05f0b70fc7e60b9b516e5fa774b41b437ff27499e8ec245590403c88d142ad077925e0cf73ae54404ccd18967cce6de5a27238c6e91cf4319219fb80c50f6bf203ac084fafa52ec5b231e69370986672d0d1f53d53b4b0dcfdfa9359ea98606eee71291141cf0b30b10a1cdffb95114f22a61bdab4c9f59679f51f96e7d06b3fd8616b57bea3902bc75ba4d882d2363b4d83229a5fec784010472ed504c16010c40d26bfdbe9871b2cc497041b2086aec19ddc94c0a396356fd2998698ad97c1fcb16d0770943784a2b9e49b634375db7e86def78fac78d3f4c00c34a07c5a5cd63a91360755b1dfa600cc29dccd5ddf6496942795780360cb47dfa8c4ca853a14bc4fb8c44338acb9c62f37af18de61c174a0f62ed42dcfc8666d6bb3948556eea0fd403080b1a770c0473cd6eb1d8d8f774bdea0fd8a7af592c6a00c18834af0dca4514e40ee8150bc2c1e0ed3e8f9c1146ee6af85ddb02091b6eb75f64700907f84f833a8a8fcaf94cd7bf2e3163de4a65b17d26b4894a149c63b790b2c3ad28019702550e159328fd4f11c3b1e26204592b519f288e0437a9d59a886bb640fb525d03475aed", 0x1000}, {&(0x7f0000000600)="1fb0d7feaf9454277b96af0b25f76292d6e2eb02d81275417aff905828b95353a7bb2c5c2fcd5bbdfb0b55fc39a0ed0b422b197e015cd735bacd0e50610be65e4fddc9ab32ab333b289bb0fd4680b814198c61fa56728567f54f144adf19f114708d6b7c3eece93764d19ec7aa493950a9dd77232ba5baf19ee07c9c51387c1111810a4fa40b8bd175d3654d88f7a1c71be2e594a3748b4cd98c90fb76e65c61061c0a582810d686d0905c7c1fe0181509a6fb3d790feea88142", 0xba}], 0x3, &(0x7f0000000880)=[@rights={0x38, 0x1, 0x1, [r3, r5, r3, r4, r1, r4, r1, r5, r0, r2]}, @rights={0x18, 0x1, 0x1, [r3, r4]}, @cred={0x20, 0x1, 0x2, r6, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}], 0x90, 0x44000}, 0x20000010)
ftruncate(r3, 0x1000)
getgid()
splice(r3, &(0x7f0000000080), r4, &(0x7f0000000200), 0x4, 0x4)
ioctl$SNDRV_TIMER_IOCTL_STATUS(r3, 0x80605414, &(0x7f0000000bc0))

2018/03/31 16:36:55 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = gettid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000380), &(0x7f0000000480)=0xc)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000004c0)={0x3, <r2=>r0})
kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x7, r0, &(0x7f0000000500)={r2, r0, 0x7})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00001fefe4)={0xa, 0x2, 0x0, @empty, 0x3}, 0xffffffffffffff94)
ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffff9c, 0xc018620b, &(0x7f0000000100)={<r4=>0x0})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f0000000180)={r4})
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080), 0x4)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f00000001c0)={'HL\x00'}, &(0x7f0000000280)=0x1e)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003c1000)="0a0775b0d5e383e5b3b60ced5c54db", 0xf)
gettid()
r5 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x80000000, 0x0)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000003c0), &(0x7f0000000400)=0xc)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000440))
r6 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000090d8b75e67e16b394342abb5158df87ea8984e79c93df7498b2b34796068700e29fbd789f9a031f23e16c96e30baed2961953b057f7a3222943acc4b8cfa4de553f8276731ddeb811efd44ea011e1a0db9074a28a826c88566b89c57cc3cca4aec41d37fa27c8daa19030d03139d0aea71d509d9a20ba7deceb656cc1308d9d1f111b6bd1595486f55e229923be4ed8cbfb78e86280b4cacf386bfa8840afb312a4c520a03b27f805d181bd09ea208931a36e888060a2d")
fsetxattr(r6, &(0x7f0000000140)=@known='user.syz\x00', &(0x7f0000000180)="363c51940180ebe7753205aff0fa0447a66dafe9356a7523588002a93724a0e1fe2d1192f3e19aec4d078b2ab1bb0365360f1339aa1b80de79356570d0a6b7a6025c471e7b8514989fa1e6746581add1157d812fd9ef438b5cd74178ad1fa3bb6cff15a3ede5d306b4f8d977fd65146e99d0c2b2c1d5f2c62577c3c094b374cc50eafec5b0a349c4b04ad425b5dd4d51856e426f359338dbcbe939c9da32b8ffb1f84e3df8dca651656e7818d949b14b5560d71c92335881a988a06f5c2b798dad13916946e32139ede4df933f525428b81464aea9a3c66c410bc4718ba27dab77cee9c682d9dcba6fdd36e36057a6bda603998e69e4aa516c825653071d26d991b749e7b19c2f076a0dc8f0240aabfae82984f0ee5172a6d18e0de0c1f674e57e4a71c0093db907000000000000000000000000000000", 0x137, 0x0)
fremovexattr(r6, &(0x7f0000000000)=@known='user.syz\x00')
ioctl$DRM_IOCTL_GET_CAP(r6, 0xc010640c, &(0x7f0000000340)={0x9})
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000002c0)={<r7=>0x0, 0x11, "59ecdf6a75ec3508c5a485aa301ebecb81"}, &(0x7f0000000300)=0x19)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000580)={r7, 0x1, 0x5, 0x1ff, 0x4, 0x8}, 0x14)
poll(&(0x7f0000000540)=[{r0, 0x20}, {r6, 0x3040}, {r3, 0x1205}, {r0, 0x4}], 0x4, 0x81)
sendfile(0xffffffffffffffff, r5, &(0x7f0000000340), 0x8000)
memfd_create(&(0x7f0000000040)='trusted\x00', 0x1)

2018/03/31 16:36:55 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r2, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:55 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x0)

2018/03/31 16:36:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SMI(r2, 0xaeb7)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000dc0000)='/dev/snd/controlC#\x00', 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x8, 0x82000)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000100)={<r5=>0x0, 0x401, 0x1000, 0xfffffffffffffff8}, &(0x7f00000002c0)=0x14)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f00000001c0)=@sack_info={<r6=>r5, 0x2, 0x4}, &(0x7f0000000200)=0xc)
ioctl$KVM_SMI(r2, 0xaeb7)
r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x40000, 0x0)
r8 = memfd_create(&(0x7f0000000240)='cpuset\x00', 0x2)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setfsgid(r9)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r6, 0x200}, 0x8)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x8, &(0x7f0000000300), &(0x7f00000009c0)=0x4)
setsockopt$inet_dccp_int(r7, 0x21, 0xe, &(0x7f0000000080)=0x80, 0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc2c45513, &(0x7f0000000480)={{0x80, 0x7, 0x0, 0x0, "38c93e6cf57a4befb62f0a17f3e8a45fe01b5e63a787711f0f2cf221bfd295c20e66b8b48071bd3eafe66f13", 0x8001}, 0x7ff, [0x6, 0x8001, 0x2cf2, 0x7, 0x2, 0x1c000, 0x4, 0x200, 0xfffffffffffffffe, 0x6, 0x800000, 0xffffffffffffffff, 0x81, 0x1ff, 0x6, 0x0, 0x4, 0x4, 0x9, 0x0, 0x8, 0x1, 0x1, 0x2, 0x5, 0x0, 0x4, 0xfffffffffffffffa, 0x541, 0x2, 0x50b, 0x4, 0x5, 0x6, 0x2, 0x5416, 0x3, 0x20, 0x2, 0x5, 0x3, 0x7ff, 0x20, 0x40, 0x79, 0x8001, 0x5, 0x3, 0x3, 0x0, 0xfffffffffffffffb, 0x6, 0x67, 0x5, 0xd3d5, 0x8, 0x6, 0x0, 0x8001, 0x0, 0xd1e, 0x0, 0x2, 0x0, 0x0, 0x8, 0x81, 0x3a, 0x7, 0x3, 0x3, 0xfe, 0x1000, 0x7ff, 0x3ff, 0x0, 0x4, 0x1f, 0x20, 0xffff, 0x1f, 0x100000000, 0x400, 0x800, 0x5, 0x2, 0xffffffffffffffe1, 0x4a, 0x0, 0x5, 0x4, 0x1, 0x2, 0x8001, 0xffffffffffffd6f3, 0x0, 0x2, 0xffffffffffffff42, 0xffffffff, 0x0, 0x7, 0x80000000, 0x5, 0x1, 0x3f, 0xd22, 0x1, 0x100000001, 0xffff, 0x3, 0x40, 0x7fff, 0x1, 0x8001, 0xfffffffffffffc01, 0x1, 0x57f, 0x80000000, 0x3, 0x400, 0x80000001, 0x7, 0x8001, 0x4d, 0xfffffffffffffffc, 0x6, 0xa0, 0x2], {0x77359400}})
ioctl$PERF_EVENT_IOC_ID(r8, 0x80082407, &(0x7f0000000000))
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, [], [], [], 0x0, 0x0, 0x0, 0x0, "28910c6910bd030af90aff5019526a08"})

2018/03/31 16:36:55 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x0)

2018/03/31 16:36:55 executing program 1:
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000002140)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000002d00fff0e9ffffffffff130000000000"], 0x14}, 0x1}, 0x0)
rt_sigreturn()

2018/03/31 16:36:55 executing program 4:
r0 = perf_event_open(&(0x7f0000223000)={0x2, 0x70, 0xe3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f0000000140)={0x9, 0x20})
fcntl$addseals(r0, 0x409, 0x5)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
r2 = socket$inet6(0xa, 0x0, 0x0)
ioctl$GIO_CMAP(r2, 0x4b70, &(0x7f0000000180))
getsockopt$bt_hci(r2, 0x0, 0x3, &(0x7f0000000040)=""/45, &(0x7f0000000100)=0xe)
ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f00000000c0)={0x0, 0x4})
ioctl$FIONREAD(0xffffffffffffffff, 0x80047437, &(0x7f0000000080))

[   86.522912] FAT-fs (loop7): bogus number of reserved sectors
[   86.528931] FAT-fs (loop7): Can't find a valid FAT filesystem
2018/03/31 16:36:55 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   86.574583] FAT-fs (loop7): Unrecognized mount option "./file0/file0" or missing value
2018/03/31 16:36:55 executing program 6:
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x0)

[   87.219247] FAULT_INJECTION: forcing a failure.
[   87.219247] name failslab, interval 1, probability 0, space 0, times 1
[   87.230474] CPU: 0 PID: 7361 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #8
[   87.237546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   87.246868] Call Trace:
[   87.249432]  dump_stack+0x194/0x24d
[   87.253033]  ? arch_local_irq_restore+0x53/0x53
[   87.257677]  ? release_sock+0x1d4/0x2a0
[   87.261629]  should_fail+0x8c0/0xa40
[   87.265313]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   87.270389]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   87.275376]  ? release_sock+0x1d4/0x2a0
[   87.279320]  ? trace_hardirqs_on+0xd/0x10
[   87.283438]  ? __local_bh_enable_ip+0x121/0x230
[   87.288078]  ? find_held_lock+0x35/0x1d0
[   87.292125]  ? check_same_owner+0x320/0x320
[   87.296419]  ? rcu_note_context_switch+0x710/0x710
[   87.301321]  should_failslab+0xec/0x120
[   87.305269]  kmem_cache_alloc_node+0x56/0x760
[   87.309742]  ? netlink_getsockopt+0x660/0x660
[   87.314206]  __alloc_skb+0xf1/0x780
[   87.317802]  ? skb_copy_and_csum_dev+0x370/0x370
[   87.322533]  ? _copy_from_user+0x99/0x110
[   87.326653]  ? rw_copy_check_uvector+0x1be/0x280
[   87.331382]  ? import_iovec+0x238/0x430
[   87.335330]  ? security_socket_getpeersec_dgram+0x91/0xc0
[   87.340840]  netlink_sendmsg+0xa86/0xe60
[   87.344874]  ? netlink_unicast+0x6b0/0x6b0
[   87.349082]  ? security_socket_sendmsg+0x89/0xb0
[   87.353808]  ? netlink_unicast+0x6b0/0x6b0
[   87.358021]  sock_sendmsg+0xca/0x110
[   87.361709]  ___sys_sendmsg+0x767/0x8b0
[   87.365656]  ? copy_msghdr_from_user+0x590/0x590
[   87.370384]  ? find_held_lock+0x35/0x1d0
[   87.374423]  ? __f_unlock_pos+0x19/0x20
[   87.378370]  ? lock_downgrade+0x980/0x980
[   87.382486]  ? get_pid_task+0xbc/0x140
[   87.386343]  ? __fget_light+0x2b2/0x3c0
[   87.390287]  ? fget_raw+0x20/0x20
[   87.393710]  ? find_held_lock+0x35/0x1d0
[   87.397744]  ? __mutex_unlock_slowpath+0xe9/0xac0
[   87.402558]  ? vfs_write+0x374/0x510
[   87.406242]  ? wait_for_completion+0x770/0x770
[   87.410799]  __sys_sendmsg+0xe5/0x210
[   87.414571]  ? __sys_sendmsg+0xe5/0x210
[   87.418514]  ? SyS_shutdown+0x290/0x290
[   87.422459]  ? __sb_end_write+0xa0/0xd0
[   87.426409]  ? SyS_read+0x220/0x220
[   87.430009]  SyS_sendmsg+0x2d/0x50
[   87.433520]  ? __sys_sendmsg+0x210/0x210
[   87.437554]  do_syscall_64+0x281/0x940
[   87.441415]  ? vmalloc_sync_all+0x30/0x30
[   87.445537]  ? _raw_spin_unlock_irq+0x27/0x70
[   87.450005]  ? finish_task_switch+0x1c1/0x7e0
[   87.454473]  ? syscall_return_slowpath+0x550/0x550
[   87.459375]  ? syscall_return_slowpath+0x2ac/0x550
[   87.464273]  ? prepare_exit_to_usermode+0x350/0x350
[   87.469260]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   87.474596]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   87.479414]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   87.484575] RIP: 0033:0x454e79
[   87.487736] RSP: 002b:00007f3bd31e9c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.495416] RAX: ffffffffffffffda RBX: 00007f3bd31ea6d4 RCX: 0000000000454e79
[   87.502655] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000013
[   87.509897] RBP: 000000000072bf58 R08: 0000000000000000 R09: 0000000000000000
2018/03/31 16:36:56 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f000012afe4)={0xa, 0x4e22}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xfff}]}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={<r3=>0x0, 0x6}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000000c0)={0x6d, 0x200, 0x5, 0x2, r3}, &(0x7f0000000180)=0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@ipv4={[], [], @local}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@broadcast}}, &(0x7f00000002c0)=0xe8)
setsockopt$inet6_mreq(r2, 0x29, 0xc5cc6a99a0cae0f3, &(0x7f0000000300)={@dev={0xfe, 0x80, [], 0xb}, r4}, 0x14)
listen(r1, 0x0)
sendto$inet6(r0, &(0x7f0000eb9fff), 0xffffff31, 0x20000003, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
shutdown(r1, 0x0)
r5 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x4, 0x8000)
ioctl$TUNSETLINK(r5, 0x400454cd, 0x200)

2018/03/31 16:36:56 executing program 7:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="544001819100000002c00008000a503f0081e800691848"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0x228, &(0x7f0000000300)=""/187}, 0x48)

2018/03/31 16:36:56 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:36:56 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000f35000)={0x26, "68617368000000000000000200", 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="ae7750f5e2728f2495ed3bcb235ae3223e1005ae9299397bd95f238a157ef6ddae07341806563c7076de9a02b01d7fe3f7ab02d5b809cc67d9597d40cb310e08cabc60856bad95c7c754e9d9438ee276857851ef2ba769e7322e9013c03caebe9f38aaa9844fc9c8556b7c71fa35a7f0493bc44672ecdea492c6c58d8149265a66b34b747d85aa56dcddf7b5885405066896502f5d592773b2eb08e9ea0ea9ab686cd68acfc2a57f3357492d", 0xffde)
r1 = accept$alg(r0, 0x0, 0x0)
sendto$inet(r1, &(0x7f0000e53000), 0x0, 0x2404c815, &(0x7f0000176000)={0x2, 0x0, @broadcast=0xffffffff}, 0x10)
accept$alg(r1, 0x0, 0x0)

2018/03/31 16:36:56 executing program 6 (fault-call:2 fault-nth:0):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:56 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:56 executing program 2:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f00000007c0)={0x1, 0x0, [{0x0, 0x0, 0x0, 0x0, @irqchip={0x0, 0x5}}]})
r0 = socket$inet6(0xa, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000f61fe4)={0xa, 0x8004e20}, 0x1c)
r1 = syz_open_dev$loop(&(0x7f0000000240)='/dev/loop#\x00', 0x0, 0x82)
r2 = memfd_create(&(0x7f0000614000)="74086e7500000000ba33ede3008c00", 0x0)
pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
r3 = socket$key(0xf, 0x3, 0x2)
socket$inet6(0xa, 0x3, 0x4)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000280)={<r4=>0x0, 0xc5, "76cb16e6bf4179415a28be2975d961ac71dff1d12aa706d1d61ee8b90de12f927ee83410c25f835f5b4124c227eb6df70ee6e481163ac974da2da9fd4edb0a38eaf60aeff686864a6b0bdaefd35daa853bb207b718803478fe587b5e15c4161dbd291e3587669621b15e7ea72ca40fcf978f5250b250f00f37589d7a2bb00e2a694cea97b49a73bc0bb1d21550bb04dfbc5477aeff7c102c814ea0073b8d68689a050a7bc0ba02126c6db5cd9d70504647e913ca401ab68729f75b68d7d0157b84df57b2a7"}, &(0x7f00000000c0)=0xcd)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000180)={r4, @in={{0x2, 0x4e20}}, 0x2, 0x3f, 0x1, 0x2, 0xd61b}, &(0x7f0000000380)=0x98)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000c9af18)={{{@in=@rand_addr, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast2=0xe0000002, 0x4d3, 0x3c}, 0x0, @in6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}, 0xe8)
sendmsg$key(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x7, 0x0, 0x7, 0x2}, 0x10}, 0x1}, 0x0)
close(r3)
sendfile(r1, r1, &(0x7f0000000080), 0x102000004)

2018/03/31 16:36:56 executing program 3:
r0 = syz_open_dev$amidi(&(0x7f0000000d00)='/dev/amidi#\x00', 0x0, 0x4101)
syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000840)='/dev/rtc\x00', 0x2000, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x1000008000000010)
r3 = syz_open_dev$vcsa(&(0x7f00000002c0)='/dev/vcsa#\x00', 0xfffffffffffffffd, 0x2000)
setns(r2, 0xffffffffffdffff9)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000000)=0x4, 0x5)
setxattr(&(0x7f0000000b00)='.', &(0x7f0000000200)=@random={'osx.', '\x00'}, &(0x7f0000000100)="b92100", 0x3, 0x0)
poll(&(0x7f0000000300)=[{r3}, {r2, 0x10}], 0x2ac, 0x8009)
ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000b40)=""/82)
r4 = getpid()
fsync(r0)
ioprio_get$pid(0x0, r4)
r5 = syz_open_procfs(0x0, &(0x7f00004c6f8b)='mounts\x00')
readv(r5, &(0x7f0000000740)=[{&(0x7f0000000380)=""/190, 0xbe}, {&(0x7f0000000440)=""/128, 0x80}, {&(0x7f00000004c0)=""/245, 0xf5}, {&(0x7f00000002c0)=""/32, 0x20}, {&(0x7f00000005c0)=""/68, 0x44}, {&(0x7f0000000640)=""/240, 0xf0}], 0x6)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
ioctl$KDENABIO(r5, 0x4b36)
recvmsg$netrom(r5, &(0x7f0000001080)={&(0x7f0000000c40)=@full={{0x3, {"7282f480557472"}, 0x5}, [{"ebf7770240fabd"}, {"fd3392e1e5fbd9"}, {"5089a3b8bb8de9"}, {"f9e32a3c758987"}, {"ee0142c39c651b"}, {"0b5be53646a75b"}, {"e8e76b720fe050"}, {"42931baa39f425"}]}, 0x48, &(0x7f0000000fc0), 0x0, &(0x7f0000003400), 0x0, 0x80}, 0x40000023)
sendto(r5, &(0x7f00000008c0), 0x0, 0x0, &(0x7f0000000900)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x1, 0x0, 0x2, {0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x80)
write(r3, &(0x7f0000000e40)="a6e4bae1960022b6c76d42178d7dea7adc2b08ca7a5c17840488b0f4cf05df7f6bc062315087298b5e0cd409808756c5785c1957e20658b52168bec151c385845fa66c85ff43d4907894dc431a24a7bfcdb1f0cfc25fbda6f73239b449e7d9f5d6872947b769815ae6354ca15c768d48de973cfad1fb899d3b3f9eb9da37adf333ce0d5c306a794ecefcead583b947427585c1d2ec51ffab75af1c3fc4bd52ddcd6bdb0bc8ac36e683ad8598ec9ee8092ae03f2b976c5465b764709e55264edd62205b03d043639e8ba818d4d3bd00896c411d651ccf97", 0xd7)
mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x1, &(0x7f00000007c0)="ad413983dce8fda692b19ca665e8ec77fa462cd42977c0457fd5e513959b8c97ae621bb4901c4e02feb9c506bb7a185e14ce240442c0569367f41339a6de4e23d1c7ab2eec7dc1dc53ce1c19d3504046b72e65dabe993f437b12590fe45fc9a1236595beacd35ff917e5a427d696b47b636d7b8a")
mount(&(0x7f0000000180)='./file0\x00', &(0x7f0000000880)='./file0\x00', &(0x7f00000009c0)='bdev\x00', 0x0, &(0x7f0000000bc0)="39e7bfb31b1f0f24b5ba6c3358229a56a7cd177ff5d07f093100729a69bc8a97543b7f301be2d2daf0ec6c2cddb28195c39cb3aa0d750e7c12753870f6a9e4e5ccab51")
mount(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='.', &(0x7f0000000040)="045b898f73", 0x0, 0x0)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='.', &(0x7f0000000140)='vxfs\x00', 0x3080, &(0x7f0000000200))
mount(&(0x7f00000008c0)='.', &(0x7f0000000a40)='./file0\x00', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f0000000980)="9af576624811f8f8bf3ff31413ad09a266f00a06")
mount(&(0x7f000000a000)='.', &(0x7f0000852000)='.', &(0x7f0000a60000)='ramfs\x00', 0x0, &(0x7f0000d1cfff)="d6")
ioctl$EVIOCGUNIQ(r5, 0x80404508, &(0x7f0000000d40)=""/225)
preadv(r5, &(0x7f00000023c0), 0x0, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080), &(0x7f00000001c0)=0x14)
unlink(&(0x7f0000000580)='./file0\x00')

[   87.517136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[   87.524375] R13: 00000000000004ea R14: 00000000006f9690 R15: 0000000000000000
[   87.564282] FAULT_INJECTION: forcing a failure.
[   87.564282] name failslab, interval 1, probability 0, space 0, times 0
[   87.575547] CPU: 0 PID: 7376 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   87.582620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   87.591947] Call Trace:
[   87.594509]  dump_stack+0x194/0x24d
[   87.598110]  ? arch_local_irq_restore+0x53/0x53
[   87.602757]  ? find_held_lock+0x35/0x1d0
[   87.606796]  should_fail+0x8c0/0xa40
[   87.610482]  ? trace_event_raw_event_lock+0x340/0x340
[   87.615644]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   87.620723]  ? find_held_lock+0x35/0x1d0
[   87.624765]  ? find_held_lock+0x35/0x1d0
[   87.628807]  ? check_same_owner+0x320/0x320
[   87.633104]  ? rcu_note_context_switch+0x710/0x710
[   87.638008]  ? wait_for_completion+0x770/0x770
[   87.642566]  should_failslab+0xec/0x120
[   87.646513]  __kmalloc+0x63/0x760
[   87.649944]  ? do_handle_open+0x10b/0x8a0
[   87.654064]  do_handle_open+0x10b/0x8a0
[   87.658010]  ? vfs_dentry_acceptable+0x10/0x10
[   87.662567]  ? SyS_write+0x184/0x220
[   87.666253]  ? SyS_read+0x220/0x220
[   87.669853]  SyS_open_by_handle_at+0x27/0x30
[   87.674230]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   87.678960]  do_syscall_64+0x281/0x940
[   87.682817]  ? vmalloc_sync_all+0x30/0x30
[   87.686939]  ? _raw_spin_unlock_irq+0x27/0x70
[   87.691408]  ? finish_task_switch+0x1c1/0x7e0
[   87.695875]  ? syscall_return_slowpath+0x550/0x550
[   87.700777]  ? syscall_return_slowpath+0x2ac/0x550
[   87.705680]  ? prepare_exit_to_usermode+0x350/0x350
[   87.710670]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   87.716005]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   87.720822]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   87.725983] RIP: 0033:0x454e79
[   87.729147] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   87.736825] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   87.744080] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   87.751320] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
2018/03/31 16:36:56 executing program 7:
r0 = epoll_create1(0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000b86ff6)='/dev/cuse\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00005f8ff4))
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000040)={'dummy0\x00', {0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}})
read$eventfd(r1, &(0x7f0000000000), 0x8)

2018/03/31 16:36:57 executing program 1:
truncate(&(0x7f00000011c0)='./file0/file0\x00', 0xffffffffffffff1f)
syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000680))
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000840)={0xb, 0x1000, 0x0, "717565756530000000000000000000000000000000000000000040000000000000000000000000f3ffffffffffffff0000000016000000003c00000000000100", 0x100000000001})
r0 = syz_open_dev$sndmidi(&(0x7f0000001040)='/dev/snd/midiC#D#\x00', 0x5, 0x0)
write(0xffffffffffffffff, &(0x7f0000a34f31)="1f0000001000077f0000000000", 0xd)
setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x2)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000d09ffc)=0x1, 0x4)
bind$inet(r2, &(0x7f0000eed000)={0x2, 0x1}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001180)='/dev/ppp\x00', 0x400000, 0x0)
syz_emit_ethernet(0x1, &(0x7f00000bb000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff08004500001c0000000000119078ac14ffa6e00000010000000100089078"], 0x0)
ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000595ff8)=0x8000000100000001)
write(r1, &(0x7f0000000040)="576b6ea92d54c062a4c54d597b34b9a87f6081817318cc176847e9c1aeae469f189d8d1d4b9877c2cabcbb31c9a5b0eb21012350b2ab0a2fb7145a7448575bb7563368a51996008c4b441d9891fe94b7e995cf7d56116da80350f51553b86f7a63f20ebc307b25aafc40255b4eb0b9f79c467f0c5a5a3d293d0d3b6983f69a09382ae4b21f2f5fb0d093101f62065d721e764593ceccbcfa1df5a53a0a64e19c89630f3f1bb8ba610463da9cd8fb17417817c65b8bee4bd4e74db65116f7bbb70143cd7f7710b94888c4a885744834420d7d0f15e82b5bba50a8e26a6c91825910020512f0db0ef5a83cf339537006f9da02363f9cbd815cb1303be21c96b755874a2e671fe4011825c814fd89d6721965d9c1c9fc8ad87a35a599373af093fb0e5b6b0e6d6bf18edc002523e195b305f632a5d2156a4c0cc22d3ddd2de0c80e785e9e91c3b66b04577166b23ed8d89f7ce11511945afb636790418ab70788cc2f045cfe6597bafed8a99e197890ae52da03e2f19039d7955252a52812429858caaff39366c54befe02a0dd068522c6b8986aa851f903c40afb6f58e61f8a7b10ea050a06802ce41a260b13cb4dd16bbda16f9b0bc6bdbd9f63f0d84edcfe2398ee2c0eff9660f7f2dbd924a3abfc1932d63305b2ccae1ae24844ec3a41cdb197eee5c7faafd8c899b90ae68fc3e631949494e8c8e9f8c9be759da1857ee5e43adea54f2ac2c9dc9f964b94d10d9f73e9942bcfb6178bfd8c2eed9d1de4e2dc35d509c8e47023e57e1e25959e2380e3d0b31927beb58a93d8404b520f48117303f83632d2592e67b67d3161da308f0a69f4b8c000d707917cd17fb784d36992f0bea8a436554bc9f28b5e9bdbf70b0082cb185d01632af2346c16b4dc8be2fc6f067212e8908fca1510d846ecdc32db959eeffa53e71f502033a9f5527c30a839ff12cc41b201c8885cc4e878cf5b09047dd1ea7b1d5abd192977604f424577aade8d32a2ce216d71a1c9a5b34a7c77e800eef1a4a36904d8d68271640d4c9fabd1115508b8c7ab14134a3b0ca018efa8fc3812b4c66f7aa7f40cbb9cddddaec7d58886944480091fec1f5b2146f30d75b7445e0e1f8018517afb5d045cc91f98166c1340c1bc1489d6b734e1a12913a406d6584b9a3bc8fffc34cc5ea64921f3f11438256fa4d517a783d0890fa7bf13376c300eba7ee97aca3b632b35b5d78f0cdb2ace40f889ee0e215844ebf4fff08ccb487ce3dcff245c2ec24ad536bbe6497bff33b08c08c236ce44de37cc326f8953a3798d615becf8febb14f95d1a517f87fc35caa754d746aeddd2eff638664b503c01e16838418c757058f15c1df95a3db843e6cd4837b30b1ee94a276317d90da64640377682abf44ad9dcdff922d74a155e0952670779a3890696d405381689635e0c7cd296837c304a972b39c9ae064e92e1aa8990a307d8096e399b403760945d51f22f7d10b46e282f6a9beba1b633f46f0782e42a9f9f090065fbe5cb2c2eefeedcae6cceb2f176bf52c0f299ded1081452c5820ad2b48034d7edb688e9dd222e39535aa559095f7ef3e28dc8868702c8970e8fb65f0c60cab99f7bbadc81424a4e84b8cb9b3f4d27c82ad4fa45afc890d94b0d49e1bcf5cbc9077eff612ab4be5464590d98cd8cffaac03aa5cc360c97e517c92e5ad8fb9403c70f0a4f88c33d5c242656fe23a13c72e6f71eef96815dbb6ac39018417753f1dee911b73f2b6ee8f1b45e67e79adc46866999fbe646c60a5c976ae2e1270cb8659802d19e0c7d5982aab16f0605373f0e044ad2db256fc4f52f6b6bf4ff95a03fa7ab98715bfd9ec3a31813471a4ee5e479dd6a13528ebf73c136b677a8949752acda935ad75d63d05976ac03ac459011dd072024e7a799f0c1a6f9cf919f9efbcd3aac9397679f0ab99ec66f826de3afb34f0f8e11b227593f69f07a50527c7999d22684a682e0e8897b13536929da41b5d7ce1d530e6ec85b6ff08ce0763b7c31ab529139f469c947420640634efdbd088337869a59936c0bdcee11dd34aece07a6d5cae07b716fd1f481860ea17b82d3ea350dd9cbb74a2257bf331fa63c6373b2676c7a6e4cdfb6f2626326ae1fd8185500eaffb767ab3882a3461f570ea61fbd4d6573a811f7459615f7da842709e52fff1768a3c220c9498f41f5fb7fa5495486e4cc8da81681a4ebc4e65bb3a989e563dc681945c676be26fc9131a20dbd7773a05399f5421fc5719054789dca39e6eff15439c47b5a0d0fa29a705ac828666a7e21547a30843de73466ccd968a9d3794f7541f13fbdc166cfcdcc0923d723e36cd003d19469f3c828a9baee681b50161af3ae15c513191a1c53df25c01cd206be0c2faccb871e51773c33373e06108c6ab59cc9ebd419f696853b2cb445e25059b4d3bcee1154d63d90d1272c868e3de8937789f1263100e240b840e73da07b775828407015cd86fc6ae7d1016dc9623ffd43b95a1998af582effb59ed7898fc599441bb0b8c1502035ca27495bdbe349fd68cfeb15a06f119bde4b261424b8c244b4c7f887c77d208e68e266c438eb183277f86ba699f65328d82a9cbb31249f3b511afa24ee95c1c8e7c80b97b96dba665de69cbcf2a6a89d0cee35cd0b74ec6ebdcc6f2cc91304e9d98e5f12fb318fddf659a99be032e6da06fc81143244c54d14059447c118810eb3a072f1414745eb9f87a2db206b70cd410d8b32beaafd78578e7f4bbf2cc661f3e0f2c74d06ee6596206e7280ddf316db2ef468b2a413c244a7838a9a89890468dae0035560621bdc2cfc4811df36800d4ac10ebd02d47b7450037c39946a1c2b09f6bf0bcdce75b6e09bd0164a6762965402bcc05aac34671cf09c2fe912972cbcce121f102a1f2cb0179d96e32d64d4882ee031a6c3c57ec891efa7366db307611f104932828e0c0eea4036fa9cc6badc56293b9565768f47bf5e08fd1d0138b042f1cc2c144692fc438cc824b528d79dd7c8e51ed15288553c32d2fa812cc416c355cc22ed9030ee95b8ac0b0900598ec7b399effe1d760cdb4e87b519329db08666780ebcee82ea7c427ecda9c2a0b16dea74e19adfe0e197685cb0bff96b0b376222b00f273cd2e88c4b51c736bccc095921bb2842efc6a4ac59b544cfe033c8d7d1f22955b3745544e16a57550d8cb213e6b24075ed7086e0103a88e17e75661114d806828149632c9655e83931eb26d8c5b9d9fe127277ba318d76aaa9d45a23393b0048fe52f11a92c66e4dc3d0f2b06278c4fddc1ac17c73d4740e9c011ebd1e1a3a4b4f7feed2f0998725f3ee9ecf8bc08abade7c14a7d723657497cc4a2f9b6b92b92fe951580d512c1cb6d797dc8181b5685253a514dcf85a7f5020e9b3bc3f0c3a12737aec91e4865f67ea2af80e9e67925839665d35cc8971e2c053009eb2126615e1b37534eaddf15d3a6bc78b173a0df98d0f6ae84096818abc4917482f57f8c68d9e9a1ef55dcce790c842e71f2ebce3abffa19f503b90b51bdf049ab1992eac896294df309f5bbc61480b2ca73f3d6b57bc165d72690b05708df35b2cade00d805bb74b9107c9ff09a824cc12405e00f08512495cb7ec2a34a263dfb42f601e80e4f898349451c9ae3d0cd75cfd54e081dd9ba42bcac728b3d45820d484a12ac862d35baa6481595d0fcbcfe295beab52fc28675aa5a22ffaad9a9d4a46319b6a5c2af24e960bc8aa791a7a379009d6208571311ff848c984e9a6ecaba0e21879e14c080a6d2ef78f012b5a8ff48af2b45312130f978db0870a742a912c73a142899d57c293445e38f98ea60428a1bdc54fcc7251ec16a1a02c27e3af5ddd0a4d09c78f9d797e1f62753e361981e04e02b06184901211d3baf69465c4af5f9b8954abaca850952f8ccf78e488df1f2b77d7ea59f8632d0c42c7c009d995c217d79a3ae4073519bc636af2e4f60c8ec194f8a8680b9a62c5366bcad4cb398d30f98cd074009374a8238dd42ef7f70f36c32d4ebddcf4848592761f0ef0b2b0c935c6cef5fb80d843eac7cb0a615a7211b1a8831dd48bd2f6bf7e2493c66516f80e7f827e4f93e79d46c36354673868b413249db878f93fd022cdb2458a708e5cc74b28379f6dbc29cc355c1fa1a97cfce9e655108c08f920163c2f4584cb440ae18743ab9a259b6c5f568644a54bfaffb5fa60c0bd372b00a86884ea38bd589b0f1d4d2dae7ea2ee397cbdb9a907b030bf61d6bfda1cc99f0916216d3253a453c8ef42460aef8a0c0ea30522dd67079901d68a78362a3355729d6e2b06fee500eefd1cc527e9c057680a52d743e78f4f1732827b7a98bfc6058ab3123ceec30c603f079db5d871f39d7952d9f3882d29209b1c30bfa1589087281885c8169398a967fc7f4d28b0e5ddad92c64e3e1e18855c24315f068658c1de22e7b85158026d68f414159e8adcaee43a36e42476178d20c8ef363bce1c3faa931783d756e9a90bbcd25ccac2de0d2f951f42df51003a62ef440256867ffe145630a442d4356fcd41ff751d52563fe20c11db4366a6f709eeae514c558609e9e3c08ae6e7555be0fcbf56b90fc589c2d2cc7a32838910804e6d15f73827d7e069595a8b202a11fb69d11cf91448902460a161cd4668a6db0241ed88a0010682dda64f41085a129f2e5d0b7a787c4ef1336253a8acaa40ab6f6eb14e9b70839fee023510f1dc48eec21fe4e8b8123b43b0cca42d3cc5ccc1b397afd7ac3cfa31ef27895323b68ddc47c48144c0e55ff00ca164d7421b6093b1f4e27a3503bdada77c5c0045f5a2b0303b6668b2e9c3b4b318e43722fcfb05c10fbe8863b14879b8f57061557f946da4c972aad3e1aa13c99b1e830e2a06e7b989d6d15055542c3e95c203a896d70958dac4eaaa7147b92ec79b166485ede2eb168b580411c45475c286f24b751689883e4248d99c597d4e5b08f39b0a79e9a965a8968922934c086d3d089f5ac438c7edcad211046d24001b02c7880a10771bf5ea16292a84cf69f57cb5c837fffa86ac7778f4ff678cd782f23a40ce44836feb94268b10e4d3eb6c2fbc43bbc79dc90ddd543cd4fd31499719e551a13e2f9e9c3cbe87c1386ca0f3205870f5b50f17ce8729d3badfff54bc9e80fc258d08448deec4aa4372be2b13a049e831088d68e9eea2d19d0e1084fb53db5f6d38353bbac4263ec87476d6f007b743832c02a386d8308c013aab53bc7dad9a860ab09e547acb3b5b19c2a991b1a21bb792036706b297c72e02e6e27cc3e01c2de2fb3aa7d14b437c4f6aa0d728e318d1eed206f0b50624b2f5fe8b69e6fd09c8a5df68be6a00551946ec94c2225fdd340636cbf6206b749652385b5b4c9e18c9bda38cda3451421f18c364b45dd70cf7d7526681033c6c590c80d14538d35ccf41de98d7e8cd0f0ee94b5d6279e99f9cbf3132c69493fc04e3b79065aea335543c05fadef5158c04c5569aa4123a1f63aca800bb95410717e5991e12c076b117c0c750f557273aea4dbda5940d96db0ec4bb6540085740f944a6208ebc5cf438dc67ec1a388a23553cfc12ba1c45b7984bfa5520938c487a0c25438b1d348d0044ef9a436e846d763319c2dd1fa154185242752fa93bb09b5b26640e6903cd8c4b44084970e79b84dbaa533e7d09d5ceee2336a110943507310283951e4be013e7bfd1b58928c77d2cbef40bcb4c6cae364aa8eb694de1ff2d1087a3553089e42bcfc092d770c0c8b280ce2d6ee534efc3068e41b4eec289d8379affcac25ceadab278f1d9175e20ad825", 0x1000)
ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000001100)={0x0, 0x1780000000000000, 0x10, &(0x7f0000001080)})
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r1, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0xe)
setns(0xffffffffffffffff, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f0000001140)='./file0/file0\x00', 0x40)
sendto$ipx(r3, &(0x7f0000000300), 0x0, 0x20040000, 0x0, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000b40)={'IDLETIMER\x00'}, &(0x7f0000000b80)=0x1e)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000240), 0x18)

2018/03/31 16:36:57 executing program 6 (fault-call:2 fault-nth:1):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:57 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   87.758562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   87.765890] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000000
2018/03/31 16:36:57 executing program 7:
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, &(0x7f0000527ff8), 0x1b, 0x0)
get_mempolicy(&(0x7f000029a000), &(0x7f00003e8000), 0x401, &(0x7f0000377000/0x1000)=nil, 0x2)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="3f3b3411f34d8470"], 0x4)

[   87.865073] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[   87.897973] FAULT_INJECTION: forcing a failure.
[   87.897973] name failslab, interval 1, probability 0, space 0, times 0
[   87.909317] CPU: 0 PID: 7407 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   87.916389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   87.925713] Call Trace:
[   87.928277]  dump_stack+0x194/0x24d
[   87.931879]  ? arch_local_irq_restore+0x53/0x53
[   87.936534]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   87.941710]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   87.946882]  should_fail+0x8c0/0xa40
[   87.950570]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   87.955646]  ? trace_event_raw_event_lock+0x340/0x340
[   87.960807]  ? lock_acquire+0x1d5/0x580
[   87.964753]  ? alloc_set_pte+0xefd/0x1590
[   87.968877]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   87.974039]  ? print_irqtrace_events+0x270/0x270
[   87.978769]  ? reacquire_held_locks+0x1f9/0x3e0
[   87.983408]  ? reacquire_held_locks+0x1f9/0x3e0
[   87.988047]  ? alloc_set_pte+0xefd/0x1590
[   87.992173]  ? check_same_owner+0x320/0x320
[   87.996467]  ? perf_trace_lock+0xd6/0x900
[   88.000584]  ? __lock_acquire+0x664/0x3e00
[   88.004794]  ? rcu_note_context_switch+0x710/0x710
[   88.009702]  should_failslab+0xec/0x120
[   88.013649]  kmem_cache_alloc+0x47/0x760
[   88.017681]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   88.022843]  ? trace_hardirqs_off+0x10/0x10
[   88.027137]  ? print_irqtrace_events+0x270/0x270
[   88.031876]  ext4_alloc_inode+0xc1/0x7e0
[   88.035913]  ? ext4_drop_inode+0x390/0x390
[   88.040124]  ? find_held_lock+0x35/0x1d0
[   88.044161]  ? iget_locked+0xda/0x550
[   88.047936]  ? lock_downgrade+0x980/0x980
[   88.052057]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   88.057220]  ? lock_release+0xa40/0xa40
[   88.061165]  ? print_irqtrace_events+0x270/0x270
[   88.065890]  ? do_raw_spin_trylock+0x190/0x190
[   88.070444]  ? mntput_no_expire+0x130/0xa90
[   88.074738]  ? ext4_drop_inode+0x390/0x390
[   88.078946]  alloc_inode+0x65/0x180
[   88.082544]  iget_locked+0x1da/0x550
[   88.086227]  ? ilookup+0x180/0x180
[   88.089738]  ? trace_event_raw_event_lock+0x340/0x340
[   88.094901]  ext4_iget+0x12f/0x3990
[   88.098497]  ? lock_downgrade+0x980/0x980
[   88.102617]  ? trace_hardirqs_off+0x10/0x10
[   88.106914]  ? ext4_get_projid+0x170/0x170
[   88.111123]  ? rcutorture_record_progress+0x10/0x10
[   88.116117]  ? find_held_lock+0x35/0x1d0
[   88.120151]  ? __fget+0x342/0x5b0
[   88.123579]  ? lock_downgrade+0x980/0x980
[   88.127701]  ? lock_release+0xa40/0xa40
[   88.131648]  ? __lock_is_held+0xb6/0x140
[   88.135687]  ext4_iget_normal+0x95/0xc0
[   88.139634]  ext4_nfs_get_inode+0xf4/0x180
[   88.143846]  ? ext4_lazyinit_thread+0xd30/0xd30
[   88.148489]  generic_fh_to_dentry+0xa2/0xf0
[   88.152784]  ext4_fh_to_dentry+0x34/0x40
[   88.156815]  ? ext4_fh_to_parent+0x40/0x40
[   88.161022]  exportfs_decode_fh+0x12b/0x5b0
[   88.165318]  ? drop_caches_sysctl_handler+0x160/0x160
[   88.170482]  ? find_acceptable_alias+0x1e0/0x1e0
[   88.175210]  ? __fget_light+0x2b2/0x3c0
[   88.179166]  ? fget_raw+0x20/0x20
[   88.182590]  ? __check_object_size+0x8b/0x530
[   88.187061]  ? __might_sleep+0x95/0x190
[   88.191021]  do_handle_open+0x374/0x8a0
[   88.194969]  ? vfs_dentry_acceptable+0x10/0x10
[   88.199521]  ? SyS_write+0x184/0x220
[   88.203207]  ? SyS_read+0x220/0x220
[   88.206807]  SyS_open_by_handle_at+0x27/0x30
[   88.211188]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   88.215919]  do_syscall_64+0x281/0x940
[   88.219780]  ? vmalloc_sync_all+0x30/0x30
[   88.223902]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   88.229413]  ? syscall_return_slowpath+0x550/0x550
[   88.234313]  ? syscall_return_slowpath+0x2ac/0x550
[   88.239217]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   88.244554]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   88.249372]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   88.254534] RIP: 0033:0x454e79
[   88.257695] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   88.265374] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   88.272615] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   88.279861] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   88.287102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   88.294342] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000001
2018/03/31 16:36:57 executing program 3:
mkdir(&(0x7f0000cb3ff8)='./file0\x00', 0x0)
r0 = open(&(0x7f0000625000)='./file0\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000280)='./file0/file0/file0/file0\x00', 0x11)
getresuid(&(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140), &(0x7f0000000180))
getresgid(&(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000200), &(0x7f0000000240))
syz_fuse_mount(&(0x7f00000000c0)='./file0\x00', 0xa002, r1, r2, 0x8, 0x2)
mkdirat(r0, &(0x7f0000643ff8)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r4 = openat(r3, &(0x7f00006e9ff8)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00009b9000)="0500de00667300", 0x1004, &(0x7f00006b8000))
symlinkat(&(0x7f000001fff7)='./file0/file0\x00', r4, &(0x7f000001fff8)='./file0\x00')
renameat2(r0, &(0x7f000068e000)='./file0\x00', r4, &(0x7f0000284000)='./file0/file0/file0/file0\x00', 0x0)

2018/03/31 16:36:58 executing program 4:
r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f000000affc))
r1 = syz_open_dev$sndpcmc(&(0x7f00006a6fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400)
close(0xffffffffffffffff)
read(r1, &(0x7f0000cb5000)=""/72, 0x48)

2018/03/31 16:36:58 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, 0xffffffffffffffff, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:58 executing program 7:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x5, 0x2)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xa00000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1935b667290945a46717664e00c5f33e6d027b594546b955f45fd9ea157231ae9ec3161e1d032ebf7df353c4f322b1876862a826c3781d2f0a229ed9740a65689c55317f40d28b23e46f5d187cda840662c19a82070189bfd7d9374713541ab30c5dd815822e01b803b3de140c591848f5ef673c4f11efd5599e07ba7c29ad97cf95d38f412397713aecb3052ef701b244a39dc32b24970c67c810a79f9501c06c1f247fd9403b265980a8c32edd88c519348082e822c0acdac90e700dd954fb526ba228e101be0c7b2623eb114d2379", @ANYBLOB="080028bd7000fbdbdf250a000000080005001f00000008000600990a000008000500010000005400030008000500e00000021400060000000000000000000000000000000001080001000200000014000600fe8000000000000000000000000000bb0800080003000000080001000000000008000400c3000000380003000800080006000000080007004e220000080001000300000008000100020000001400020062707130000000000000000000000000"], 0x2}, 0x1, 0x0, 0x0, 0x10}, 0x40)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000280)={0x401, {0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x80, 0x3, 0x8, 0x100000000, 0x6, &(0x7f0000000240)='bond0\x00', 0x9, 0x6, 0x2})
r1 = memfd_create(&(0x7f00000000c0)='/dev/midi#\x00', 0x6)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000540)='/dev/qat_adf_ctl\x00', 0x80, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000000002000006, 0x5011, r1, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x31, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r2 = socket(0x100000001e, 0x1, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2c, &(0x7f0000000740)={0x3, {{0xa, 0x4e22, 0x1f, @remote={0xfe, 0x80, [], 0xbb}, 0x8000}}, {{0xa, 0x4e24, 0x101, @local={0xfe, 0x80, [], 0xaa}, 0xf8}}}, 0x108)
getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f00000004c0)=0xd36b, &(0x7f0000000500)=0x2)
ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000100)=0x2)
setsockopt(r2, 0x10f, 0x81, &(0x7f0000000000)="00040000", 0x4)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl(r2, 0x81, &(0x7f0000000640)="5beb96a7ae96d415827c799a5f94675cbc3295ba03c467a2a3cf26cfa05c14425db78300af00b1fd5090c50eed6480a477ef6a1df74ff5f0af48d5ebfa80ac74e3b8b1842cadf14d125fa7d7d4100d477468c68d2b02ecd80b98d55b835cefc1ca416376a8c1c53c9f5f6a3b75837eb5f9682f53bc29de43888e241ccb79561848ba5a33f49df14bf8434044e67f0e09055795099c470164754f18d5866c3029a6bc0568dcf478ab136e9e9408629903e27c0e3ad19b2c0dab39af48c42ae29585cf42b2ccda9c6f664740d9ac0645a3b7254325")
preadv(r1, &(0x7f0000002380)=[{&(0x7f0000001380)=""/4096, 0x2}], 0x1, 0xfffffffe)

2018/03/31 16:36:58 executing program 2:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x101400, 0x0)
openat$cgroup_int(r0, &(0x7f00000001c0)='memory.low\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x80, 0x0)
openat$cgroup_type(r1, &(0x7f00000000c0)='cgroup.type\x00', 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net\x00')
rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00')
fchdir(r2)
syz_fuseblk_mount(&(0x7f0000000000)='2/file0\x00', &(0x7f0000dd3ff8)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = getpgid(0xffffffffffffffff)
perf_event_open(&(0x7f0000000240)={0x3, 0x70, 0x9, 0x2, 0xff, 0x1, 0x0, 0x467, 0x92200, 0x1, 0x5, 0xde94, 0x7, 0x9, 0xf2b, 0x401, 0x80000001, 0x5094744a, 0x8dea, 0xffffffffffff0001, 0x5, 0x10001, 0x0, 0xfffffffffffff453, 0x6, 0x3, 0x1, 0x363, 0x213c, 0x7fff, 0x1, 0x101, 0x7f, 0x5, 0xfffffffffffffbff, 0xffffffffffff7fff, 0x2, 0x401, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000200), 0xf}, 0x200, 0x4b, 0x1, 0x3, 0x7, 0x6, 0x7f}, r3, 0xb, r0, 0xa)

2018/03/31 16:36:58 executing program 6 (fault-call:2 fault-nth:2):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:58 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000004c0)=<r1=>0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000500)=0x3e85)
bind$inet(r0, &(0x7f000099e000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000de1fff), 0xfffffffffffffd43, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
clock_gettime(0x8000000000003, &(0x7f0000000540)={<r2=>0x0, <r3=>0x0})
futex(&(0x7f0000000000), 0x1, 0x0, &(0x7f0000000300)={r2, r3+10000000}, &(0x7f0000000340), 0x0)
r4 = syz_open_procfs(r1, &(0x7f0000000640)='net/nfsfs\x00')
ptrace$poke(0x4, r1, &(0x7f0000000600), 0x0)
mount(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240)='./file1/file0\x00', &(0x7f0000000280)='cgroup2\x00', 0xc0, &(0x7f00000002c0)="83757e53a6d6d6368c682ac46a")
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000380)="2f6578650000000000ff070000ddd9f191be10eebf000ee9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f349572d226d7a075fb35331ce39c5a3568641006d7c0206a74e333265316a175350e730ab2bce682b69d603fc05ead7fb5180de13a74155d8560fe23dfbba10724631067f955b8810f3402053f95a8798b0e3749d9c79cdd5f62547e59ab4352ab0a3827384665fd2c16ea53e5e2a1dc065b53520b9cd4eb30edc0f70cb82149f8ff5b628eabf1a9ab91915a78b5cb259f4a0fbfab4dacbd68f077")
syncfs(r5)
open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000340)='./file1\x00', &(0x7f0000015ff8)='./file0\x00', &(0x7f000001fffa)='ramfs\x00', 0x0, &(0x7f000001f000))
dup(0xffffffffffffffff)
r6 = perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3df}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r7=>0x0, <r8=>0x0})
setsockopt$inet_tcp_buf(r4, 0x6, 0x3f, &(0x7f00000000c0)="cc2cb57950bbba13443adeddb8dade7319a6cbd6cb5971dc72581a63c776f2c9cd499188c7ac9e1708e568565c3f8b9a2829c48e6e2404cea535d1bb67bfe87c838425ad7aa7ac1cbe5a03", 0x4b)
writev(r4, &(0x7f0000000c40)=[{&(0x7f0000000880)="f6f6bff58f82cf25989922d23ef7500185f33ae2ed70486703918b64bf5df13d41e1d06596d6ebb37de75f370146914f2db2b0f62ae9320b483cf1cb96ae69db348f2b008a2cee0dae85771c7da078a42b5b4ee20ae13f56ad258ac56a0359c95a07edea027013242f6cf6b6dd"}, {&(0x7f00000005c0)="29f34f066b9519d8501083cc17d57208deeb2f068b"}, {&(0x7f0000000900)="dff5c2827d316e07a0dbb04f9f840278780f34c4dfc640918b66c332621575472b0a7474ad7e2c99fa18cddbe405d51e18ad2a2d75825e1aa7b6de6455c3aca80820a02636183145d85655fd5945a6bf4633ae1872e4e0eb32c5439b9dddd0101be4296289bfd2e79716dc703db01a1370fa37ad169fe47aeceb34392fe19ed45816977497dcbb9b61be45cd1d4dd635740a66bf6cae9f95560fa1064b8c3a4b86582ea73afd565892791a4cf3f395ffa5170e08f97932f90fb8f1"}, {&(0x7f00000009c0)="c31582b7f08ae234ff5b1f5ce12c29719d8fafc1db4979a9d1ffa0de89a9daeee71b86ba9e7a383b08bc48b261fd730e432672e7f2bf421c1435c0e1c12cc8080f38a422a20c710937c56a3acf33d50849192632656d1472a9d8d8efd20941625fc0b1371847df6d6316095ae1d23fa35d4a0797754638bb206b0bca6a7391e5c4f385c6e5825ed1084823a7290005bfbb76f81d85a54b7d12f628fb60ab5a04c1dbf6eea38dd58b25cf08d41dd4ec470649a7"}, {&(0x7f0000001b00)="a6cfe1bc171b15b2d5d337a58a7490b0c5686424b975bfea5c7d709823e122025707d3d264e7875c79f92497be7f12cffdfe95ff2bb51e551430241e38427cadf06891254743cfdd172830b1474caf8dcc2b0d59002cbc3b3f74e43368a5f737b28c7e7f2a3f8d53d7eb1e01205fd45a746c4ce7c94fa2637de3bcdc5763edbe2f059cfa66ad85f343ced8a51a122565d91e791e5ac60f0f74dcbe32f86aaf6adefd3d9fe62e466e5f5ed693750834e0eae530ef49517d1a2d57236c40ff08e53dd1a5d8676fd2b5e8bf2aa5cd5e2cc6e23cee980b8134beba79fd7bdecbd5d7694e76a67b510293580691027756eedf07237ceb1a9604abaf4adf073a540622686c9cccb65b6f974f3701bc4d75b11060534d0e561133e28ebad90cc4a221bade3bebc23e612c9e4eb1401d412b01c3288e2004183c3ddd5ad33fca5604b2c1e770e276ea5d7a61f1b20ef52f5426a5107927630cde59ab4e55d94ac4b846e73ae2cbf1d3ed17f1756f558207c1bb8fab4968391a8bfdd320f539f436946a3b19e11beb7d1f5f436ac870f728ddbb1b656a03f353f8279f3f37c26ea5bf29336dd398ab176a7e010427a0d3b4b05b3a4d13fd98bf43107297d0fc654237e47d5a94b72f9027db26f41c3f3ef2fb9e821d78da612019d1d028f7025118b550eb09fe502459ec426186c289351f006ee24972863b11b5203569614faa28aabb5bf379cc55c409680eed11aaa0b8726c4d02d6d0b3d6113d41d7f2944cc3e5ebf7481b74b819217ca774737fcc918b88a419af4334e5e68a2ca40d6db7165eb1a70ea5a0162d139ce9385f951bc144a740977395b27ebf7a4e4d38b9579cca40cc75f2353f7f22902f7f85fa63bf55690c509f06856793d7736fe50879632ac313967f1ccd20a2e877cc458cf77449636739aee146a19b7574738fe6a839a48bab84f68f4a3622d63ec870e80aba544df55f7a2c98d7d4a6be75e85a0978ace70dc6cb9227d84c96e75eb5d21cc4169159eaa67b817f328b580ab0f896a1dfb9cd87ba73400fa50d149f019c1c633d1a2909821cabea68fbb73e45f482a0cf6b4ce087126c6a572480933ff4c5b35d8aa641236916a741239666107eeb9fc157a91fa7ae3823a9c72500029862aaefaccd3337b37f394ddf362171ef5d986762f1f28f56bf85e879e2323510e50d043eb8cb8b91bbad32bf4c341766d06fc76710ad34404c0eee56c9854ff406cd4ddaa020c2008c50b3041fea5891be06e01047473b6245e693312625af0249a565edeca1b684340a5e7f424a0b10e3fc260a4bd81c24cba31bfd6726828415fd5f4a9b24ac5a9c2890ce2493a1bbadc2003c87d82b6c0085eec51c2dca6a62ca343b93562f04acb3d61fb7dc97aa08b02e51ab3a0592f8a1de75f5217aa821745dfb1f388aadc73936454d4c626f41dc8d7188fca22d3416696affdedf19a932fc0ab860dd20d1af7acabb5190a436fd97dbe53af853f93d826818b3a54f71e73e437522fa08ce51f47aef1d0353b017fbdab5cc845b0d6c7caf66f9aaa70f5e064aac6479ca6874a61de34482e0398fc960323198e056c41640ac5ddfb71f42db1569e67de7175e4b2f2ebc1a9cb8ecb84423bc947b19adcd5a7993692523498f8429f68b6f482b70c0d533926719a8560dfc9142cdb248a747b7a2e026d228a467a2bf6dcea38a1e6a4a9fdfd920e03d2bbf8d5aebd9beb9bf4ea98e047a022b0d8c27dfb0d4935d6234023544ce8c8e47d11373fd244e9c4decfc698f1e5214968b5a1c4b33941653e9840723e1c5ff097f16c7d5e3e90f750dbd346c29962983d102293a0408bc28dfe739e892551909d083f205f81e4662287123ac694d8ef0c58bb67ad32bc8da72c8ab3cf150a10ccb2f963b18735e0919f1ba20b7ee3224e437e83046756734edabed2c48dec9532a3476e535bf9826b122394893961a6fa1559bae8797e7aca6bddcca57e09985341194b50bc025713031547c46a79986785a7014b5668d047cea82c7be8bac8077b84d4af530a553f20a4477751de60ed88723fd7ae408f37bce08b096998fb414d6ffbadd92e1e8f09a94e6a76ebbde4b818de73b8cc3d8a9a63b4d0b5b137255c889249668c48387e4057fe9347a7ae98897a80783cedf98f80d4d8b455d5f6ea77fe8ef4e917d796b081d20400f9b2d2b7063fd74b83308af78e22e2ad3b15bfc6f29c0f3cdd856aa529cb3c791ad6000889fb9ce3dfd3fbf1c2c5c989f3a2bca1dae1bb2a1befbed71ccb04e4bc04455dd5d744eb9ac557b60fcfc445fba2186651c46b0e06712cdc5975f44e882b308544895af8a547741c76f452a71ffa99aa994ec0900ff5f4b0c4db295230ea82f1a6307ff3a158e3384059341814e52fdb67d803116f3fd27929125c4d559e5f083b5bf9b4e889775ea7d073e7d1840716779c19024b4515a8627f271aff99b92be161828c110a40a364cd360b3df9ae0fda69409e73c6b13cc5e979ae03c69e037d14f07289ab71a4c1e273f41760c2c554af0aeca8581781fdf752facff1edc7623720db9dc1d594529fe5e6cce2888164a22b73306dc97b3f3e559375fd83bac43bc1d5502db8cee2128410e62c0d3fdacee551b2afaa84e3a7e712e2a944716504331058a4203115292b057cbd60b2bc14783c3c7698ae78a9226c730bc4ac0692403d8bf4f4cb557ec784eb906a60d4c66dc11b2c59aee31bdd41b368a60147dc0b4e472c80b87fe9e53a1ee3e3e6a32d76609540649543cf3c66665863b2efcf3e865039feb54db70ef18008d5bd6b97558c1ffabd0bd7e1421ae1f6edb1fef11a93dca722d25dd078cf7e40a3047c9d73d9af241f9867df36ce62c3a0af4b20d220d6427edda8ae9431b57f5b62b2c01f45a1ba5fb92c13b0e4e1afd2f29d02ef8a146548929b57904e4c1d61e9653b554f5a977b140ed98ba3cb850b66f52d7e58fddad17e4bf4ef8cc8c27626043ab81a1dde7e00bd756a2bbf8eb587b0430bc34b42207f6da80dbd09dd2132f059fd5af7ff64b213293a14c85f6466e2835ffb7cc76e26c16b566d8232c2b74815df2dc2f69a2e8691e7e26aeba8e45c61ba4d95071e2c74bca5c0e4601a80f2f306173e06039d8384dea13e5441b9bde8090125fd067455181528088ebeb5874acd34f78d06482b31f5972cc08e1a46c68ffac3941724003a8852057b918700bf911a99d167f7bd8722b9b9f1324934fc912532925c6fe1abf75ba3929f08775e423150b8bb97f004fbf9d0048796cebc84f7df2908f799900b9278e8b65a9eb6052adf3a1dab11c2728fe7f539435ae7c77659ab3adfd134d4b99d6994d5c045bbf22faf07a767b592e34366d5f33af4ad31c58f833fe33179719c82440a26cb3fa41b52d41e76b0a2ddaef794836a21358b2ccd93c751f900070740e0c9191df680694642ad55270edc5b15ed96f319fb3f5b7bb57c311aa2de0e681b73b331c37ced3f9c01d45bcf987a28e18f9526135ecb6e3728c6ae9a5b5e9f06fdce26243577be9b8f1d87749833cd3ac557c7785929ec586bc6f2c6d137872162e0a487ab172d32fa4fed7c3bcabb7ce9630c0dd8472a89e7d192b1419d9dd7d566ab5d26759727a03f1e026db417457ed7a5d4927b4f7df94f0f067c02a5c1f32e143894f28c34e0e8dbbaed8956aab54ba959e1d1f20c6b7b9a81e0c09af9a5e0cec1769a6933a2bf17f3477d3e18eff6a26692349e8cb0560bf74862aed998c35a4a5eec1548af4394265b216f74e10d0655541953f56f76070eeeeb00e0f9cecf70902297e19290dd9cdb9c02a7e5f68766f46b4ac48e9244a3d7aed13be1c1ab24091dc97c72f19b46626cc3efdbc6bef50ebf1dbef9a9d218d965ab6be1e982710b5e30105a4200c352aab305f9811e21910ce5e56cfa73e4f6cb068472db36f53b4fb41aeefdbed521ccd06b7dc49af21cb23549b7a6e5ae50abe53c7fdc69233bee4ac81d7ca033ff95ef4795bd7fbc73237c1b7cb844460aec62dcccc9a4dacc2f8197993b4496233c80c008b9be1efc3919b0351b613db0692aedab74ecb3f3b339e9c9e2ae443bd1f2e43e9271f3f408f6d9154ea673a6da1c36803e38d3c75ae0368cb541f5c74cea35984548522977f51ce24f4f369f43d7ca13a71231248e270f0731e896e6e414543be19635ca3b5d77c2c775973a4520d8783ba279869372e22c442527f73e74c476e67edcf99890f95fb46b1cd2e4b0ce1696f6631061833c25ba4cbfc7c0fa3ed6031f1d9dd8e1f772435207daa39b8c2f0777ae9ad74f834a93f940300cb89d778cc66640b705204c09a09ce389e8441ebf8807df5c5e471e13767e28898d64c195ffc7ee9a15739ecc070b829eacdd15cbe1b53421bf0b28f42cdc79d81738249441fdf4b887ed5e9bf225cdba6de3b0bd315936296c13f02297acf87be60440b772c4fb2e3d21cb5ca3efe1d9a9c84ae9efa8699b20970833510427ce2f9b0e3602db5f06c8e9858bcbcdf87d1edd53bc7ded54a5bcd5f5bdfa2ccff5fe9d15bcf0f403269a827a91c3c95771edca350aa30cc0336ef026dacacd04685e00df1aa244be25202348284b6d8a96081d87d130cdc90ee1304cf3dac63e426991db1cec4a7c7456f2a22cb93b9ad8b1f40d9583af3035ba74984fe02d93dd5b7172a67e7c09e59bde158f37c0ef1148aa6f22b0df841a237821e74002f9a779b41addb496c6fd0b47f0f02c4fd3c3f57f4e5416fb161eba7fb59f8f69b64594a65e23fd72b21a172c059cd923a7706c8a135b897d4db8c366eb1d7113e2ae15ebb84baf5e1b7b6323cad5c0e858ddb855e0a9dabea345e64a9e7b909385c1214f85ca9662cbe5a6ad4f5c796be09a9aec54a310df0ad0ae6214da21ef0a894d179701cb7a166e55f1f166ebba95eae3aa01f260f4a74d00547528e60fab5a661c6cb6fea715b71c844ecd4e61a720aeee4f17fe699fae6bbce88a2e12ba74cba052d0235a45be2bc37f9c2a6a1a161c7d38ed5e10d893736e348ab3a01fbf3cedd593cb5dea8dad7d4c1dd72a62c4b5c3bd2520051f8cc7c8224aa73eff53d5bf90ddffaa681503732c9cf422f7ba75905b0130c5085a2931024daff410ddf2db826d61b4c3f8163cb307975a0d41d1b3bdd5d2885a01ad51bffeed1930601dd416e9c1da2442e91f608bba64adcaf2349b40537eba69b281373153f971e63289ebd061c958c8b985169577232222ae370b677fda948af0dfa17c38f33407c2bf80a6a1058782ce0d0e16ffef99687cfdc4d86af193827246148903e4267bff245184b76c12e46edbb12908c7d95522a0f65c6f5832364e24b7afd1762fc6bbbd2441f34d706887e138a458268fc9422f5cd0bd87fff294118179c8ea6018b3223a39e161376325fe0ff8541b21fd7961f888a08b91498dd45806daeb92c0d594ee5f79de3a3fa01ff06db831d507716d80c1abc8b949555076f7533275514c40bd475bad395f4ccb5dbb793accc2d1f061060ca1ea8e7cbe8ca3353b3758c3546a3c41ec6df5dfc2e0f7cfcc3a790a8cf6c7b945e457bb0af6b09ea40c278f0d025fe71a6bc5a1a371637137cd775580ddf2db87e813386f14960f2d68c6d90c6af8ea31f4abb6f67c7a9fd0639091e61b1a23eece5af9b91a7f2ae28dbf5425496436766d06a63d2be5716cc1dec1efde3c436ab2093efd4741cc8e990a94b87b9cbf2b4de8e39d71310bc200bab310603520fe2e1ecaaccb5a9352bfdce0e931285ad3f655f485787d245ed543b2b"}, {&(0x7f0000000a80)="b2e88ae47b7ab16e5f7ff658819d628e72fb642addddc91a678720c31bf14acdcb9198c95ec989a2e8072a6a0a7c44db42bf186d51cd4eca1617d5881de852e0b582430bccd8156115b9"}, {&(0x7f0000000b00)="9b0a7943c63f73f97fbb8cc63cd97fffd2c70799a31516935be020d8826bf2010289b6af672216af7dad797fae3865e81b7ea0e4314ef6494f6a3f111579205c042d7ee4fb7af8ffe4ffb76bbf00c6f4a8a86d24d813443920d66e55993c0308174a8cfece45831a77a6a34c4d3d8ad8fe3ef759ce2e0d02f87dd7e7fdef342f458adc04ff5ac236b8e4592be64feb13731901ffb6743b63ec88509aa244fc"}, {&(0x7f0000000bc0)="a33b7114aa880ec2bc8b3bb4a2ccb2ccaa5b19c19ee5668ac091e8c515acad4781449dc07417d1d1368c41fadd15498390022884f61fc8"}, {&(0x7f0000000c00)="58c731ca848c7fed366902a29721487253cf245103bf8cff4a4fb4c2bf41ae69e4ea59bc1860bb40"}], 0x100000000000067f)
recvmsg(r7, &(0x7f0000005180)={&(0x7f0000004ac0)=@can, 0x80, &(0x7f0000000440), 0x0, &(0x7f0000001880)=""/93, 0x5d}, 0x10000)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000001a40))
sendmsg(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="c8000000000000000a01000003000000752c3e8201d12f50ee04d21329935c8849547c29bbe13747beb3d9f5e3106f278a2663b526ab6ed1aa7f3a3a63a0cb784d7c788e0c0f465750c515735ab5a9da87e2320fa8960f2df27c6034c56d6dfdb31c8dcebc11a20b9fd5ae01c1c3d249659fbc13f1588da2ffff89de7e206bbe07eacdf00523a748e01084e47d849380f38e74b9c81fc010a24e846ebdce23bc7c1d30b1fcb77a19129f304c49ecdd4a2c2a9b38c990520000000000000000000000000000000000454e7b0a3edfae1922dfcacccaeabe73765329ef4c32429ef3a2354ee6ea515de494b0e7b708932d8afecb2612ad378e0003c8cf63f5cb75ea681d2f940efa79c6a988536a09bc7ddbf5bda92eb91ebddb58a33ac990a2d5be50fa98a97e05bb9954ddaf009037a953647ee9dd7ec1f520419e80286f50ca5c7ee8fe913398cb456408d46b94aac1a5aba80ae36dbe940a49cd1b38d4ad01e43c698351d52fbe86f08879e48484cb1427fc04504ed2cd1f12cffcf3271e8a06f0b72f4611538c0d8a3ed981ad74f01b1a361b9a205a03984905ffb0a931e9a0dfa38195b9217ea2ee7890cf5018da1efccf038609c6e65bb7d99084600978524f3306885fab62ff070898e210b0c32b675cb03462e059f54e041e2113a19b569307c43e72491b3188f04858324e8256276856"], 0xc8}, 0x0)
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r6)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYRES32=0x0, @ANYBLOB="230654730566ac269fde2b2d44c75160473cdabac742d5e3255c494201aafcee2090bfc61a494677ec563378dcb36678c408e314660bf3740ba14fa030914189083cf974f6068d58bdfe0ea9b78df2bb118460213cee35af93221d7fd562cf24bc580aea0b233469131b1d966fe77b179a48c12dea18020b2ae3fabbb5c4f5c5b0e40a472bcd353c66f8ffd2b5744f2e30401c1bb97e3f7b2f30f1f0290485295fa5b62177d40145ba36b911945ae7fc5c9f121a3c40175e0316a0edf369199cad3c1362e26d0995e8122d3c07c66c3ac9dfd4261bf134904a1c2902a868731dbb05023f5e4c46"], &(0x7f0000001480)=0x2)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000014c0)={0x0, 0x0, 0x401}, &(0x7f0000001600)=0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000001740)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000001380)=""/229, 0xe5}, {&(0x7f0000000180)=""/15, 0xf}, {&(0x7f0000001500)=""/133, 0x85}], 0x3, &(0x7f0000001640)=""/208, 0xd0, 0x3ff}, 0x10000)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r4, 0x6, 0x2, &(0x7f0000000140), &(0x7f0000000480)=0x6)
mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000001a00)='9p\x00', 0x0, &(0x7f00000019c0))

2018/03/31 16:36:58 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14b047b40c9081465f2eb5d4c13f3bcc501ae70d"], 0x14}, 0x1}, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer2\x00', 0x200, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)
r2 = accept$inet(0xffffffffffffff9c, &(0x7f0000000080)={0x0, 0x0, @multicast2}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f00000001c0)=""/66, &(0x7f0000000240)=0x42)
r3 = socket$inet6(0xa, 0x80000, 0x401)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f00000002c0)={0xffffffffffffffff, {{0xa, 0x4e22, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0xff}}}, 0x88)
getsockname$inet6(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000500)=0x1c)

2018/03/31 16:36:58 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x80003, 0x1)
r1 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r1, 0x80046402, &(0x7f0000000000)=0x9)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@loopback={0x0, 0x1}, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f000074b000)={@ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x800, 0x1}, 0x20)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
rmdir(&(0x7f0000000080)='./file0//ile0\x00')

[   88.829535] FAULT_INJECTION: forcing a failure.
[   88.829535] name failslab, interval 1, probability 0, space 0, times 0
[   88.840798] CPU: 0 PID: 7467 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   88.847871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   88.857199] Call Trace:
[   88.859782]  dump_stack+0x194/0x24d
[   88.863392]  ? arch_local_irq_restore+0x53/0x53
[   88.868047]  should_fail+0x8c0/0xa40
[   88.871739]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   88.876822]  ? find_held_lock+0x35/0x1d0
[   88.880886]  ? find_held_lock+0x35/0x1d0
[   88.884943]  ? check_same_owner+0x320/0x320
[   88.889643]  ? _raw_spin_unlock+0x22/0x30
[   88.893775]  ? rcu_note_context_switch+0x710/0x710
[   88.898684]  should_failslab+0xec/0x120
[   88.902634]  kmem_cache_alloc+0x47/0x760
[   88.906677]  __d_alloc+0xc1/0xbd0
[   88.910114]  ? shrink_dcache_for_umount+0x290/0x290
[   88.915111]  ? do_raw_spin_trylock+0x190/0x190
[   88.919694]  ? _raw_spin_unlock+0x22/0x30
[   88.923820]  ? d_find_any_alias+0x133/0x1c0
[   88.928115]  ? path_check_mount+0x230/0x230
[   88.932424]  __d_obtain_alias.part.31+0x76/0xa0
[   88.937071]  ? ext4_lazyinit_thread+0xd30/0xd30
[   88.941716]  d_obtain_alias+0x3b/0x50
[   88.945492]  generic_fh_to_dentry+0xb2/0xf0
[   88.949788]  ext4_fh_to_dentry+0x34/0x40
[   88.953823]  ? ext4_fh_to_parent+0x40/0x40
[   88.958033]  exportfs_decode_fh+0x12b/0x5b0
[   88.962328]  ? drop_caches_sysctl_handler+0x160/0x160
[   88.967493]  ? find_acceptable_alias+0x1e0/0x1e0
[   88.972228]  ? __fget_light+0x2b2/0x3c0
[   88.976178]  ? fget_raw+0x20/0x20
[   88.979607]  ? __check_object_size+0x8b/0x530
[   88.984083]  ? __might_sleep+0x95/0x190
[   88.988039]  do_handle_open+0x374/0x8a0
[   88.991991]  ? vfs_dentry_acceptable+0x10/0x10
[   88.996550]  ? SyS_write+0x184/0x220
[   89.000240]  ? SyS_read+0x220/0x220
[   89.003844]  SyS_open_by_handle_at+0x27/0x30
[   89.008228]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   89.012960]  do_syscall_64+0x281/0x940
[   89.016820]  ? vmalloc_sync_all+0x30/0x30
[   89.020943]  ? _raw_spin_unlock_irq+0x27/0x70
[   89.025411]  ? finish_task_switch+0x1c1/0x7e0
[   89.029881]  ? syscall_return_slowpath+0x550/0x550
[   89.034783]  ? syscall_return_slowpath+0x2ac/0x550
[   89.039687]  ? prepare_exit_to_usermode+0x350/0x350
[   89.044678]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   89.050021]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   89.054844]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   89.060008] RIP: 0033:0x454e79
[   89.063172] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   89.070855] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
2018/03/31 16:36:58 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, 0xffffffffffffffff, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:58 executing program 6 (fault-call:2 fault-nth:3):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:58 executing program 7:
socket$can_bcm(0x1d, 0x2, 0x2)
syz_fuse_mount(&(0x7f00000000c0)='./file0\x00', 0xc000, 0xffffffffffffffff, 0x0, 0x2, 0x800)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x400000, 0x0)
syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x10000000000000, 0x8000)
ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000200)=0x8)
socketpair$inet6_icmp(0xa, 0x2, 0x3a, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = dup2(r1, r2)
ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000280)={0x0, 0x9, 0x5, &(0x7f0000000240)})
getpeername$ax25(r3, &(0x7f0000000040), &(0x7f0000000080)=0x10)
r4 = syz_open_dev$dspn(&(0x7f0000006000)='/dev/dsp#\x00', 0x1, 0x1)
write$tun(r4, &(0x7f0000000280)=ANY=[], 0x0)
ioctl$int_in(r4, 0x8000008010500c, &(0x7f0000000000))

[   89.078097] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   89.085339] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   89.092584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   89.099829] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000002
2018/03/31 16:36:58 executing program 2:
madvise(&(0x7f0000e1e000/0x2000)=nil, 0x2000, 0x1b)
pipe(&(0x7f0000000280))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x0)
ioctl$sock_ipx_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000665fe0)={"dbc78fc0a6caa717004720a0a32b5f0d", {0x4, 0x0, 0x8000, "e0b618b5a2e0", 0x4}})
clone(0x0, &(0x7f0000000040)="404df6f000dab79f4bd6212341f867b04655fa9de525dd51b735800570461bebc5c585aa009314aed0f0266f3d12d5961d1dc3abec922790b7b4dcee63373b0227ff80b70515d37fbe34347543a58cfe9f384848641534263fab", &(0x7f0000bb3000), &(0x7f0000000140), &(0x7f00000000c0))
pipe(&(0x7f0000652ff8))
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}})
getpgrp(0x0)
r1 = getpgrp(0x0)
getegid()
gettid()
capset(&(0x7f00000000c0)={0x19980330, r1}, &(0x7f0000000100)={0x3f, 0x6, 0x8, 0x9, 0x80000000, 0x5})
add_key(&(0x7f0000000040)='encrypted\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000001040), 0x0, 0xffffffffffffffff)
gettid()
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f00009ecff8), 0x2, 0x3)

2018/03/31 16:36:58 executing program 4:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_SET_LOG_BASE(r0, 0xaf01, &(0x7f0000307000)=&(0x7f0000989fff))
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000000)=ANY=[])
r1 = eventfd2(0x200000000000005, 0x208)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r2 = perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x8010000200000004, 0x7f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000dc0)={0x2, 0x8, 0xff, 0x7f, 0x8, 0x49, 0x6e, 0x8, 0x80, 0xfffffffe00000000, 0xef, 0x4})
fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f00000000c0))
r3 = syz_open_dev$vcsa(&(0x7f0000000b00)='/dev/vcsa#\x00', 0x70d, 0x212600)
getsockopt$ARPT_SO_GET_INFO(r3, 0x0, 0x60, &(0x7f0000000480)={'filter\x00'}, &(0x7f0000000bc0)=0xfffffeb1)
perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f0000000e00)=ANY=[@ANYRES32=r3, @ANYBLOB="00020000d20ebae715b1d5fcf7f6fa7262b8b50af8f45bb17e41a6db002c300482c4041748fa96fd1f7f65044157a5831397d1f3cb604bc53379d735ffaaaa935fdfe726025389a9fbe8824bd58df077fb00c8e7eb405de6de469befa8d023867f6500fc7f2dd896b9071a10ac4a5145cc3c547d3f93c29f81e88aceb702bab770384e0f805be2419ed68bf0bbf741d3d07fcd9aacfa204c84bfdcffac031843fc2fd49a39a8d71f12a348d9dacf8d5d0c8141be39789a6f7000000000000000000000000000"])
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000d40)=0x9, 0x4)
mount(&(0x7f0000dba000)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000))
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000c80)=r1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000df5fd8)={0x0, 0x1, &(0x7f0000000200)=""/105, &(0x7f0000bf6000)=""/228, &(0x7f0000000080)=""/199})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000cef000)={0x1, 0x0, &(0x7f000062a000)=""/167, &(0x7f0000aac000)=""/21, &(0x7f00002fdf52)=""/174})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000540)={0x0, r1})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000d80)='/dev/hwrng\x00', 0x105100, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000f82ffc)=0x4001)
r4 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x3, 0x101080)
recvmsg$netrom(r4, &(0x7f0000000a80)={&(0x7f00000003c0)=@full={{0x3, {"3106259f86fbe1"}, 0x62c1}, [{"9a50a8e045f3be"}, {"365d9084ad8b8d"}, {"7eca8955f41d52"}, {"670144ddad544b"}, {"fc4f5f498fad9a"}, {"fed9d0ed38d09f"}, {"50b9bba45ea7d7"}, {"97c302a02f539c"}]}, 0x48, &(0x7f0000000580), 0x0, &(0x7f00000005c0)=[{0x10, 0x110, 0x1000}, {0xe8, 0x103, 0x0, "a1b1086a4dfaece5d24b371997804a52358c54423178419157c5c5fc0efdd4844d872cd60d0e745e5f37024f667a941695e24f0d8672fd37866cc7f728564d47f84a643b768e258e2f63287fd4d482a25327d539a930282fa724a9ddf0dcdf5d1d18bb981a1a3a758a1bba77ffcf910292c849ebdc8e3682bd8ac79ab097457eb6a9d3affaa0ee809b750a0b0e3a85266bdc026c05328059093d313278def878838c2af99c936a45b90daa8481461d3485ad978c22342298fa4ee7ced26f30a31a529cd535164828f4f0695f80d8cfbdc5bda7a48af3aa"}], 0xf8, 0x20008040}, 0x0)
r5 = add_key$keyring(&(0x7f0000000cc0)='keyring\x00', &(0x7f0000000d00)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffff8)
add_key$user(&(0x7f0000000c00)='user\x00', &(0x7f0000000c40)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000f00)="2f0634e64a92980ecf22351698a5f8cc106fb1d0ba9b51640005b8586aca6374a6b3c9a76297f678c9fdcdc6663d9b7bc2c48264401286494f4bb7c19f42", 0x3e, r5)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840)=ANY=[@ANYBLOB="0100000000ffffffe300000000d6d536392a697f9cb000f7af2e00166b7dc9f4cc9c363eb848ad23acc9b313e4558e1d5ae41c7f3acaf11c98c4348bf29402063bccd6618d6eba1bd9f562bf982feb7300635fa5cd06713c6d7afbc78002dbe5fb6940b6aacc21f36d80c5bcfc92f4b62b6a5dd2790100609088f5fef27f51306b2264784f049ec0df780dfa41eecf2ad65e5c4779a0c2245609b02642cce8d554fc501c970937fc27685e3d879191e5697249e773f607cae538144b9b9d3cff540ad77020dc6750"])
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000ac0)=[{0xf, 0x134e}], 0x1)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_INFO_BUFS(r6, 0xc0106418, &(0x7f0000000280)={0xff, 0x9, 0x0, 0x9, 0x4, 0x1})
ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, &(0x7f0000000380)=&(0x7f0000000340))
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000040)={<r7=>0x0, 0x800}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000440)={r7, 0x9, 0xef29}, 0x8)

2018/03/31 16:36:58 executing program 3:
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10)
recvmsg$kcm(r0, &(0x7f000055efc8)={&(0x7f00008c9000)=@ipx, 0x10, &(0x7f0000fbdfe0)=[{&(0x7f0000c4f000)=""/4096, 0x1000}], 0x1, &(0x7f0000ce3f72)=""/142, 0x8e}, 0x0)
read(r0, &(0x7f0000034ff9)=""/7, 0x7)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80000, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000040)={0x81, 0xc5e, 0xffffffffffffffc1, 0x0, 0x0, [], [], [], 0x5354, 0x5})
sendmsg$key(r1, &(0x7f0000fc0fc8)={0x0, 0x0, &(0x7f00002e4000)={&(0x7f0000a9df70)={0x2, 0x0, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10)
writev(r3, &(0x7f000069c000)=[{&(0x7f0000dbd000)='T', 0x1}], 0x1)
write(r1, &(0x7f0000914000)='!', 0x1)
getsockopt$bt_BT_VOICE(r3, 0x112, 0xb, &(0x7f0000000300), &(0x7f0000000340)=0x2)
read(r0, &(0x7f0000f92f88)=""/120, 0x78)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1020}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r4, 0x0, 0x70bd26, 0x25dfdbfc, {0x1}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xc}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1ff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}]}, 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x40005)

[   89.200818] FAULT_INJECTION: forcing a failure.
[   89.200818] name failslab, interval 1, probability 0, space 0, times 0
[   89.212282] CPU: 1 PID: 7493 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   89.219356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   89.228689] Call Trace:
[   89.231255]  dump_stack+0x194/0x24d
[   89.234858]  ? arch_local_irq_restore+0x53/0x53
[   89.239499]  ? mark_page_accessed+0x507/0xb30
[   89.243969]  should_fail+0x8c0/0xa40
[   89.247656]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   89.252733]  ? __lock_acquire+0x664/0x3e00
[   89.256946]  ? print_irqtrace_events+0x270/0x270
[   89.261680]  ? __lock_is_held+0xb6/0x140
[   89.265723]  ? check_same_owner+0x320/0x320
[   89.270019]  ? print_irqtrace_events+0x270/0x270
[   89.274752]  ? rcu_note_context_switch+0x710/0x710
[   89.279667]  should_failslab+0xec/0x120
[   89.283615]  __kmalloc+0x63/0x760
[   89.287043]  ? is_bpf_text_address+0x7b/0x120
[   89.291518]  ? ext4_find_extent+0x6ae/0x930
[   89.295816]  ext4_find_extent+0x6ae/0x930
[   89.299943]  ext4_ext_map_blocks+0x264/0x4410
[   89.304418]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   89.309591]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[   89.314583]  ? find_held_lock+0x35/0x1d0
[   89.318628]  ? trace_hardirqs_off+0x10/0x10
[   89.322927]  ? trace_hardirqs_off+0x10/0x10
[   89.327224]  ? lock_downgrade+0x980/0x980
[   89.331353]  ? lock_release+0xa40/0xa40
[   89.335301]  ? trace_hardirqs_off+0x10/0x10
[   89.339604]  ? lock_acquire+0x1d5/0x580
[   89.343556]  ? lock_acquire+0x1d5/0x580
[   89.347504]  ? ext4_map_blocks+0xa8d/0x1830
[   89.351802]  ? lock_release+0xa40/0xa40
[   89.355752]  ? check_same_owner+0x320/0x320
[   89.360045]  ? ext4_es_cache_extent+0x600/0x600
[   89.364692]  ? rcu_note_context_switch+0x710/0x710
[   89.369597]  ? __might_sleep+0x95/0x190
[   89.373552]  ? down_read+0x96/0x150
[   89.377150]  ? ext4_map_blocks+0xa8d/0x1830
[   89.381445]  ? __down_interruptible+0x6b0/0x6b0
[   89.386090]  ? print_irqtrace_events+0x270/0x270
[   89.390826]  ext4_map_blocks+0xd69/0x1830
[   89.394948]  ? kernel_text_address+0xd1/0xe0
[   89.399331]  ? __unwind_start+0x169/0x330
[   89.403457]  ? ext4_issue_zeroout+0x170/0x170
[   89.407935]  ext4_getblk+0x110/0x500
[   89.411626]  ? ext4_iomap_begin+0x1150/0x1150
[   89.416095]  ? ext4_fh_to_dentry+0x34/0x40
[   89.420304]  ? memset+0x31/0x40
[   89.423559]  ext4_bread_batch+0x7e/0x350
[   89.427592]  ? trace_hardirqs_off+0x10/0x10
[   89.431896]  ext4_find_entry+0xa78/0x18d0
[   89.436029]  ? ext4_search_dir+0x650/0x650
[   89.440237]  ? __d_instantiate_anon+0x418/0x890
[   89.444880]  ? lock_downgrade+0x980/0x980
[   89.449002]  ? lock_release+0xa40/0xa40
[   89.452949]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   89.457944]  ? d_set_d_op+0x30b/0x400
[   89.461725]  ? lock_acquire+0x1d5/0x580
[   89.465680]  ? lock_release+0xa40/0xa40
[   89.469628]  ? check_same_owner+0x320/0x320
[   89.473922]  ? lock_downgrade+0x980/0x980
[   89.478046]  ? rcu_note_context_switch+0x710/0x710
[   89.482958]  ext4_get_parent+0x9a/0x360
[   89.486910]  ? ext4_lookup+0x630/0x630
[   89.490773]  ? down_read+0x150/0x150
[   89.494467]  reconnect_path+0x1a4/0x670
[   89.498416]  ? ext4_lookup+0x630/0x630
[   89.502277]  exportfs_decode_fh+0x28a/0x5b0
[   89.506582]  ? drop_caches_sysctl_handler+0x160/0x160
[   89.511749]  ? find_acceptable_alias+0x1e0/0x1e0
[   89.516481]  ? __fget_light+0x2b2/0x3c0
[   89.520438]  ? fget_raw+0x20/0x20
[   89.523865]  ? __check_object_size+0x8b/0x530
[   89.528341]  ? __might_sleep+0x95/0x190
[   89.532295]  do_handle_open+0x374/0x8a0
[   89.536244]  ? vfs_dentry_acceptable+0x10/0x10
[   89.540801]  ? SyS_write+0x184/0x220
[   89.544498]  ? SyS_read+0x220/0x220
[   89.548105]  SyS_open_by_handle_at+0x27/0x30
[   89.552484]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   89.557216]  do_syscall_64+0x281/0x940
[   89.561077]  ? vmalloc_sync_all+0x30/0x30
[   89.565199]  ? _raw_spin_unlock_irq+0x27/0x70
[   89.569666]  ? finish_task_switch+0x1c1/0x7e0
[   89.574133]  ? syscall_return_slowpath+0x550/0x550
[   89.579035]  ? syscall_return_slowpath+0x2ac/0x550
[   89.583941]  ? prepare_exit_to_usermode+0x350/0x350
[   89.588931]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   89.594269]  ? trace_hardirqs_off_thunk+0x1a/0x1c
2018/03/31 16:36:58 executing program 7:
perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mknod(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_fuse_mount(&(0x7f0000000080)='./file0\x00', 0x8000, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x8)
readlinkat(r0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=""/176, 0xb0)
r1 = getpgid(0x0)
umount2(&(0x7f0000000200)='./file0\x00', 0x3)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x3, &(0x7f0000000100)=""/135)

2018/03/31 16:36:58 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, 0xffffffffffffffff, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

[   89.599089]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   89.604251] RIP: 0033:0x454e79
[   89.607414] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   89.615096] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   89.622338] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   89.629581] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   89.636826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   89.644088] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000003
2018/03/31 16:36:58 executing program 2:
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x200000000000002, &(0x7f0000690ffc)=0x77, 0xfc)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='nv\x00', 0x3)
bind$inet(0xffffffffffffffff, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000f53fff), 0xfffffffffffffcf1, 0x20000000, &(0x7f000006d000)={0x2, 0x4e23}, 0x10)
socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000000080))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x410}, {0xffffffffffffffff, 0x4021}, {0xffffffffffffffff, 0x1}, {0xffffffffffffffff, 0x2}, {0xffffffffffffffff, 0x280}, {0xffffffffffffffff, 0x118c}, {0xffffffffffffffff, 0x1000}], 0x7, 0x0)
shutdown(0xffffffffffffffff, 0x1)

2018/03/31 16:36:58 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(0xffffffffffffffff, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r1, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

[   89.692851] 9pnet_virtio: no channels available for device ./file0/file0
[   89.913259] 9pnet_virtio: no channels available for device ./file0/file0
[   90.522614] QAT: Invalid ioctl
[   90.580324] QAT: Invalid ioctl
2018/03/31 16:36:59 executing program 6 (fault-call:2 fault-nth:4):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:36:59 executing program 2:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x1, 0x0)
ioctl$TIOCGWINSZ(0xffffffffffffffff, 0x5413, &(0x7f0000000040))
ioperm(0x0, 0x0, 0x0)
r0 = semget$private(0x0, 0x202, 0x0)
semtimedop(r0, &(0x7f0000f97000)=[{0x0, 0xfffffffffffffff9}], 0x1, &(0x7f0000efe000)={0x2000})
semctl$IPC_RMID(r0, 0x0, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000240))
r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x1fffe, 0x0)
r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000080)='./file0\x00', 0x4001, 0x0)
truncate(&(0x7f0000000400)='./file0\x00', 0x1000b)
sendfile(r3, r2, &(0x7f0000002b80), 0x8000007fffffff)
sendfile(r3, r2, &(0x7f0000000140), 0x1bbfbee5)
ftruncate(r1, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f0000000100)=0x8)
semget$private(0x0, 0x0, 0x0)

2018/03/31 16:36:59 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(0xffffffffffffffff, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r1, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:36:59 executing program 4:
r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x1c, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
utime(&(0x7f0000c4c000)='./file0\x00', &(0x7f0000000200))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x10006, 0x0, 0x0, 0x1000, &(0x7f0000a98000/0x1000)=nil})
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x18071, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000001000/0x5000)=nil, 0x5000, 0x2)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000002000))
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000003fe0))
madvise(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x9)
r4 = dup2(r3, r1)
setsockopt$EBT_SO_SET_COUNTERS(r4, 0x0, 0x81, &(0x7f0000000100)=ANY=[@ANYBLOB="73657375726974790000000000000000000002000800000000000000000000edff3f8ba1ffffffffffff00000000000000000000000000000000000000000000000000000000"], 0x1)
ioctl$sock_inet_SIOCSIFBRDADDR(r4, 0x891a, &(0x7f0000000540)={'ipddp0\x00', {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}})
ioctl$KVM_SMI(r3, 0xaeb7)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000c9bec8)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xfffffffffffffffc, 0x0, 0x0, 0x400060})
fcntl$getownex(r3, 0x10, &(0x7f00000005c0)={0x0, <r5=>0x0})
ptrace$setopts(0x4206, r5, 0x3, 0x0)
setsockopt$netrom_NETROM_N2(r4, 0x103, 0x3, &(0x7f0000000640)=0xfffffffffffff801, 0xffffffffffffff80)
mmap(&(0x7f0000000000/0xe62000)=nil, 0xe62000, 0x1000004, 0x400000000032, 0xffffffffffffffff, 0x0)
ioctl$KVM_TRANSLATE(r3, 0xc018ae85, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x40000000000})
r6 = syz_open_dev$sg(&(0x7f000051b000)='/dev/sg#\x00', 0x0, 0x0)
timerfd_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x77359400}}, &(0x7f00000002c0))
ioctl$KVM_SET_PIT(r6, 0xc0481273, &(0x7f000084cf90)={[{0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x8, 0x0, 0x5}, {0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}]})
r7 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x400, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r7, 0x84, 0x3, &(0x7f00000003c0), &(0x7f0000000240)=0x4)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r6, 0xc08c5336, &(0x7f0000000480)={0x8, 0xfff, 0x7, 'queue0\x00'})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r6, 0x84, 0x65, &(0x7f0000000300)=[@in={0x2, 0x4e20, @multicast2=0xe0000002}, @in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @rand_addr=0x80}, @in6={0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x19}}, @in6={0xa, 0x4e24, 0x4, @mcast1={0xff, 0x1, [], 0x1}}, @in6={0xa, 0x4e24, 0xfffffffffffffe01, @mcast2={0xff, 0x2, [], 0x1}, 0x1}], 0x481)

2018/03/31 16:36:59 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001b000)={<r0=>0xffffffffffffffff})
connect(r0, &(0x7f0000000080)=@ethernet={0x307, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x80)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x3f, 0x2002)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r1, 0x28, 0x0, &(0x7f0000000040)=0x7, 0x8)

2018/03/31 16:36:59 executing program 7:
r0 = perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x8280, 0x1}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r1 = getpgrp(0xffffffffffffffff)
perf_event_open(&(0x7f0000000540)={0x2, 0x70, 0x1, 0x3, 0x7fff, 0x3, 0x0, 0x3f, 0x8, 0x4, 0x80000001, 0x2, 0x8, 0x7fbfffff, 0xfffffffffffffff9, 0x200, 0x40, 0x8f, 0x2d8, 0x7, 0x200, 0x2, 0xb8, 0x4a, 0x5, 0xffffffffffff2c3b, 0x3, 0x4, 0x2, 0x80000001, 0xf26d, 0x0, 0x3, 0xfffffffffffff756, 0x10000, 0x5, 0x5, 0x85, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000500)}, 0x0, 0x1, 0x41, 0x0, 0x3, 0x5, 0x5}, r1, 0x0, r0, 0x9)
r2 = syz_open_dev$vcsa(&(0x7f0000000380)='/dev/vcsa#\x00', 0x9, 0x400000)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c)
listen(r3, 0x1003f)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [0x4], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, &(0x7f00000002c0))
perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x20, 0x2, 0x4, 0x0, 0x2e4, 0x0, 0x5ab056831d2ceb9, 0x3, 0x0, 0x0, 0x0, 0xffffffff, 0x80, 0xfffffffffffff801, 0x0, 0x0, 0x800, 0x7, 0x4, 0x6, 0x8, 0x800, 0x20, 0x1f, 0x0, 0x7, 0x8, 0x81, 0x5d9, 0x8, 0x4, 0x0, 0x80000001, 0x1, 0x0, 0x0, 0x10000, 0x4, @perf_config_ext={0xbd, 0x9}, 0x8000, 0x2, 0x80000000000000, 0x2, 0x0, 0x8, 0x9}, r2, 0x7, 0xffffffffffffffff, 0xa)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x20}, 0x1c)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/group.stat\x00', 0x2761, 0x0)
write$cgroup_pid(r4, &(0x7f0000000640)=ANY=[@ANYRES32=r2, @ANYRES16, @ANYRES16], 0x8)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0xc020660b, &(0x7f00000001c0))
ioctl$TCXONC(r2, 0x540a, 0x3f)
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000200)={{{@in=@remote, @in=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@rand_addr}}, &(0x7f0000000100)=0xe8)
ioprio_set$uid(0x3, 0x0, 0x7ff)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f00000003c0)={<r6=>0x0, @in6={{0xa, 0x4e20, 0xdfd, @mcast2={0xff, 0x2, [], 0x1}, 0x8}}, 0x0, 0x7}, &(0x7f00000000c0)=0x90)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000480)={r6, 0x6}, &(0x7f00000004c0)=0x8)
connect$l2tp(r4, &(0x7f00000005c0)=@pppol2tpv3={0x18, 0x1, {0x0, r5, {0x2, 0x4e23, @multicast1=0xe0000001}, 0x4, 0x3, 0x3, 0x2}}, 0x2e)
ioctl$VT_GETMODE(r4, 0x5601, &(0x7f0000000600))

2018/03/31 16:36:59 executing program 3:
r0 = syz_open_dev$usbmon(&(0x7f0000000400)='/dev/usbmon#\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0xe3, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
ioctl$KVM_SET_NR_MMU_PAGES(r0, 0x9201, 0x0)

2018/03/31 16:36:59 executing program 5:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c)
setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000080)={@dev={0xac, 0x14, 0x14, 0xd}, @multicast2=0xe0000002}, 0x8)
syz_emit_ethernet(0x15f, &(0x7f00000004c0)={@empty, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@mpls_uc={0x8847, {[{0x1f, 0xaa, 0x5, 0x5}, {0x0, 0x101, 0x80000001, 0xba3}, {0x9, 0x1000, 0x10000, 0x79d88298}, {0x250a, 0x2, 0x9, 0x8}, {0x7, 0x2, 0x0, 0x7fff}, {0x5, 0x7, 0x1, 0x101}, {0xffffffffffff01b9, 0x4000000000}, {0x100000001, 0xffffffffffffff80, 0xff, 0x7}], @ipv4={{0x3d, 0x4, 0x8bf, 0x2, 0x131, 0x64, 0xdd8, 0x4, 0x0, 0x0, @broadcast=0xffffffff, @multicast1=0xe0000001, {[@ssrr={0x89, 0x13, 0x0, [@multicast1=0xe0000001, @local={0xac, 0x14, 0x14, 0xaa}, @multicast2=0xe0000002, @broadcast=0xffffffff]}, @lsrr={0x83, 0x1f, 0x1, [@multicast1=0xe0000001, @rand_addr=0x3, @loopback=0x7f000001, @dev={0xac, 0x14, 0x14, 0xf}, @local={0xac, 0x14, 0x14, 0xaa}, @remote={0xac, 0x14, 0x14, 0xbb}, @empty]}, @ssrr={0x89, 0x23, 0x13, [@multicast1=0xe0000001, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14, 0xc}, @remote={0xac, 0x14, 0x14, 0xbb}, @rand_addr=0x9, @local={0xac, 0x14, 0x14, 0xaa}, @remote={0xac, 0x14, 0x14, 0xbb}, @empty]}, @lsrr={0x83, 0xf, 0x2, [@multicast2=0xe0000002, @multicast2=0xe0000002, @remote={0xac, 0x14, 0x14, 0xbb}]}, @timestamp={0x44, 0x40, 0xfffffffffffffffe, 0x1, 0x1, [{[], 0xca12}, {[@multicast2=0xe0000002], 0x10000}, {[], 0x6b}, {[], 0x4ae9}, {[@multicast1=0xe0000001]}, {[@multicast1=0xe0000001], 0xffff}, {[@empty], 0x35}, {[@remote={0xac, 0x14, 0x14, 0xbb}], 0xffffffffffff7fff}, {[], 0xfff}, {[], 0x3}]}, @cipso={0x86, 0x3a, 0xc5a2, [{0x0, 0x2}, {0x7, 0x6, "dd0cc558"}, {0x0, 0xb, "3ae1c0e723fa677df3"}, {0x2, 0x10, "45e964b14abf6803e892e155df61"}, {0x7, 0x11, "7e85b7f60a98d2cb49581e4a964e58"}]}]}}, @icmp=@redirect={0x5, 0x3, 0x0, @empty, {0xd, 0x4, 0x4, 0xffffffffdeb6833d, 0x7fff, 0x64, 0x2, 0x10001, 0x8b, 0x80000000, @dev={0xac, 0x14, 0x14, 0x14}, @local={0xac, 0x14, 0x14, 0xaa}, {[@ssrr={0x89, 0xf, 0xf55, [@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr=0x3c, @rand_addr=0x2a69]}, @timestamp={0x44, 0x10, 0x5, 0x0, 0x4, [{[], 0xffffffff00000001}, {[@local={0xac, 0x14, 0x14, 0xaa}], 0x100000000}]}]}}, "ed"}}}}}}, &(0x7f00000001c0)={0x1, 0x4, [0x86d, 0xb91, 0xc65, 0xec1]})
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r1, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

[   90.765208] FAULT_INJECTION: forcing a failure.
[   90.765208] name failslab, interval 1, probability 0, space 0, times 0
[   90.777059] CPU: 0 PID: 7539 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   90.784157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   90.793498] Call Trace:
[   90.796069]  dump_stack+0x194/0x24d
[   90.799679]  ? arch_local_irq_restore+0x53/0x53
[   90.804325]  ? save_stack+0x43/0xd0
[   90.807927]  ? __kasan_slab_free+0x11a/0x170
[   90.812312]  ? kasan_slab_free+0xe/0x10
[   90.816261]  ? kfree+0xd9/0x260
[   90.819518]  ? ext4_ext_map_blocks+0x1754/0x4410
[   90.824251]  should_fail+0x8c0/0xa40
[   90.827940]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   90.833024]  ? print_irqtrace_events+0x270/0x270
[   90.837760]  ? free_obj_work+0x690/0x690
[   90.841797]  ? trace_hardirqs_off+0x10/0x10
[   90.846094]  ? rcu_read_lock_sched_held+0x108/0x120
[   90.851086]  ? __kmalloc+0x46e/0x760
[   90.854776]  ? __lock_is_held+0xb6/0x140
[   90.858820]  ? rcu_read_lock_sched_held+0x108/0x120
[   90.863819]  ? ext4_ext_map_blocks+0x1803/0x4410
[   90.868548]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   90.873719]  should_failslab+0xec/0x120
[   90.877667]  kmem_cache_alloc+0x47/0x760
[   90.881702]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[   90.886690]  ? find_held_lock+0x35/0x1d0
[   90.890726]  ? __es_tree_search+0x181/0x1e0
[   90.895027]  __es_insert_extent+0x2a3/0x1050
[   90.899414]  ? ext4_es_free_extent+0x7e0/0x7e0
[   90.903973]  ? lock_release+0xa40/0xa40
[   90.907926]  ? __lock_is_held+0xb6/0x140
[   90.911965]  ext4_es_insert_extent+0x296/0x720
[   90.916786]  ? ext4_es_find_delayed_extent_range+0xae0/0xae0
[   90.922563]  ? __might_sleep+0x95/0x190
[   90.926513]  ? down_read+0x96/0x150
[   90.930114]  ? ext4_map_blocks+0xa8d/0x1830
[   90.935039]  ? __down_interruptible+0x6b0/0x6b0
[   90.939684]  ? print_irqtrace_events+0x270/0x270
[   90.944421]  ext4_map_blocks+0xbfd/0x1830
[   90.948541]  ? kernel_text_address+0xd1/0xe0
[   90.952925]  ? __unwind_start+0x169/0x330
[   90.957050]  ? ext4_issue_zeroout+0x170/0x170
[   90.961526]  ext4_getblk+0x110/0x500
[   90.965217]  ? ext4_iomap_begin+0x1150/0x1150
[   90.969685]  ? ext4_fh_to_dentry+0x34/0x40
[   90.973898]  ? memset+0x31/0x40
[   90.977153]  ext4_bread_batch+0x7e/0x350
[   90.981189]  ? trace_hardirqs_off+0x10/0x10
[   90.985491]  ext4_find_entry+0xa78/0x18d0
[   90.989619]  ? ext4_search_dir+0x650/0x650
[   90.993830]  ? __d_instantiate_anon+0x418/0x890
[   90.998471]  ? lock_downgrade+0x980/0x980
[   91.002595]  ? lock_release+0xa40/0xa40
[   91.006545]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   91.011536]  ? d_set_d_op+0x30b/0x400
[   91.015313]  ? lock_acquire+0x1d5/0x580
[   91.019265]  ? lock_release+0xa40/0xa40
[   91.023211]  ? check_same_owner+0x320/0x320
[   91.027509]  ? lock_downgrade+0x980/0x980
[   91.031634]  ? rcu_note_context_switch+0x710/0x710
[   91.036538]  ext4_get_parent+0x9a/0x360
[   91.040488]  ? ext4_lookup+0x630/0x630
[   91.044347]  ? down_read+0x150/0x150
[   91.048041]  reconnect_path+0x1a4/0x670
[   91.051991]  ? ext4_lookup+0x630/0x630
[   91.055857]  exportfs_decode_fh+0x28a/0x5b0
[   91.060151]  ? drop_caches_sysctl_handler+0x160/0x160
[   91.065316]  ? find_acceptable_alias+0x1e0/0x1e0
[   91.070046]  ? __fget_light+0x2b2/0x3c0
[   91.073993]  ? fget_raw+0x20/0x20
[   91.077424]  ? __check_object_size+0x8b/0x530
[   91.081898]  ? __might_sleep+0x95/0x190
[   91.085849]  do_handle_open+0x374/0x8a0
[   91.089797]  ? vfs_dentry_acceptable+0x10/0x10
[   91.094353]  ? SyS_write+0x184/0x220
[   91.098040]  ? SyS_read+0x220/0x220
[   91.101643]  SyS_open_by_handle_at+0x27/0x30
[   91.106027]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   91.110757]  do_syscall_64+0x281/0x940
[   91.114619]  ? vmalloc_sync_all+0x30/0x30
[   91.118739]  ? _raw_spin_unlock_irq+0x27/0x70
[   91.123207]  ? finish_task_switch+0x1c1/0x7e0
[   91.127675]  ? syscall_return_slowpath+0x550/0x550
[   91.132576]  ? syscall_return_slowpath+0x2ac/0x550
[   91.137566]  ? prepare_exit_to_usermode+0x350/0x350
[   91.142558]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   91.147897]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   91.152715]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   91.157879] RIP: 0033:0x454e79
2018/03/31 16:37:00 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(0xffffffffffffffff, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r1, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:00 executing program 1:
nanosleep(&(0x7f0000000180)={0x77359400}, &(0x7f00000001c0))
nanosleep(&(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f00005bfff0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000001200)="0c1117fc21376b651e83937a9b51079882f4c758e4cf1297762fd856f37cd8939bc233e036c211efc897a8417f2f4ca5fc6872dd06f2e0157a0469f54b9fa95f744801", 0x43, 0xfffffffffffffffa)
r1 = shmget$private(0x0, 0x1000, 0x100, &(0x7f0000590000/0x1000)=nil)
shmat(r1, &(0x7f0000ffd000/0x1000)=nil, 0x2000)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xffffffffffff58ae, 0x400000)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'gretap0\x00', 0x4c00})
keyctl$get_security(0x11, r0, &(0x7f0000001280)=""/238, 0xee)
r3 = request_key(&(0x7f0000001400)='.request_key_auth\x00', &(0x7f0000001440)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000001480)="fa00", 0xfffffffffffffffc)
add_key$keyring(&(0x7f0000001380)='keyring\x00', &(0x7f00000013c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r3)
socketpair(0xb, 0x807, 0x8, &(0x7f0000001940)={<r4=>0xffffffffffffffff})
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000001980)={'dummy0\x00', {0x2, 0x4e20, @broadcast=0xffffffff}})
mprotect(&(0x7f00002c5000/0x1000)=nil, 0x1000, 0x0)
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, &(0x7f0000000200)=""/4096, &(0x7f00000000c0)=0x1000)

[   91.161043] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   91.168724] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   91.175966] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   91.183211] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   91.190452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   91.197696] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000004
2018/03/31 16:37:00 executing program 6 (fault-call:2 fault-nth:5):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:00 executing program 7:
mkdir(&(0x7f00001a3000)='./file0\x00', 0x0)
mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000))
chdir(&(0x7f0000e3dff8)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
umount2(&(0x7f0000b1d000)='.', 0x0)

2018/03/31 16:37:00 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:00 executing program 3:
r0 = socket(0xa, 0x1, 0x0)
ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000400)=ANY=[])
ioctl(r0, 0x8916, &(0x7f0000000000))
connect$inet6(0xffffffffffffffff, &(0x7f00003b6fe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x8000, 0x0)
ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000180)={0x4, 0x0, [{}, {}, {}, {}]})
r2 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x101000)
read(r2, &(0x7f0000fb6000)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f000019ffe9)={0xc1})
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f0000000000))
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
socketpair(0x5, 0x4, 0x7, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$inet6_MCAST_LEAVE_GROUP(r3, 0x29, 0x2d, &(0x7f0000000340)={0x4, {{0xa, 0x4e22, 0x5, @local={0xfe, 0x80, [], 0xaa}, 0xcaa0}}}, 0x88)
r4 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x0, 0x2101)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000efb000)='/dev/sequencer2\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f00000000c0)={<r6=>0x0, 0x4}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r5, 0x84, 0x5, &(0x7f0000000280)={r6, @in6={{0xa, 0x4e20, 0x8001, @mcast2={0xff, 0x2, [], 0x1}, 0x5}}}, 0xfffffffffffffee1)
faccessat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0xa1, 0x1000)
ioctl(r0, 0x8936, &(0x7f0000000000))
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003fc0)=[{&(0x7f00000000c0)=@abs, 0x8, &(0x7f0000000080)}], 0x1, 0x0)
accept4(r0, 0x0, &(0x7f0000000140), 0x800)

[   91.302139] *** Guest State ***
[   91.305737] CR0: actual=0xffffffff9ffffffc, shadow=0xfffffffffffffffc, gh_mask=fffffffffffffff7
[   91.314620] CR4: actual=0x0000000000402060, shadow=0x0000000000400060, gh_mask=ffffffffffffe871
[   91.323487] CR3 = 0x0000000000000000
[   91.327264] PDPTR0 = 0x0000000000000000  PDPTR1 = 0x0000000000000000
[   91.333779] PDPTR2 = 0x0000000000000000  PDPTR3 = 0x0000000000000000
[   91.340315] RSP = 0x0000000000000000  RIP = 0x0000000000008000
[   91.346318] RFLAGS=0x00010002         DR7 = 0x0000000000000400
[   91.349356] FAULT_INJECTION: forcing a failure.
[   91.349356] name failslab, interval 1, probability 0, space 0, times 0
[   91.352315] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[   91.352332] CS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.352344] DS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.352358] SS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.352370] ES:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.363803] CPU: 1 PID: 7573 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   91.370481] FS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.378383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   91.378388] Call Trace:
[   91.378407]  dump_stack+0x194/0x24d
[   91.378423]  ? arch_local_irq_restore+0x53/0x53
[   91.386393] GS:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.394311]  should_fail+0x8c0/0xa40
[   91.394325]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   91.402300] GDTR:                           limit=0x00000000, base=0x0000000000000000
[   91.409334]  ? lock_release+0xa40/0xa40
[   91.409345]  ? trace_hardirqs_off+0x10/0x10
[   91.409358]  ? __brelse+0xda/0x130
[   91.417320] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.426623]  ? block_commit_write+0x30/0x30
[   91.426632]  ? mark_held_locks+0xaf/0x100
[   91.426642]  ? __find_get_block+0xa41/0xd90
[   91.426652]  ? trace_hardirqs_off+0x10/0x10
[   91.429225] IDTR:                           limit=0x00000000, base=0x0000000000000000
[   91.432808]  ? __find_get_block+0x2e0/0xd90
[   91.432822]  ? try_to_free_buffers+0x590/0x590
[   91.432828]  ? __getblk_gfp+0x67a/0xb80
[   91.432839]  ? __lock_is_held+0xb6/0x140
[   91.437503] TR:   sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000
[   91.445428]  should_failslab+0xec/0x120
[   91.445437]  kmem_cache_alloc+0x47/0x760
[   91.445449]  ? rcu_note_context_switch+0x710/0x710
[   91.449150] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[   91.454207]  ? mempool_destroy+0x30/0x30
[   91.454215]  mempool_alloc_slab+0x44/0x60
[   91.454223]  mempool_alloc+0x16a/0x4b0
[   91.454234]  ? remove_element.isra.4+0x1b0/0x1b0
[   91.462191] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[   91.466121]  ? __check_block_validity.constprop.77+0xcc/0x1f0
[   91.466134]  ? ext4_map_blocks+0xa3e/0x1830
[   91.466143]  ? kernel_text_address+0xd1/0xe0
[   91.470455] Interruptibility = 00000008  ActivityState = 00000000
[   91.473950]  ? __unwind_start+0x169/0x330
[   91.473965]  bio_alloc_bioset+0x3cd/0x760
[   91.473976]  ? bvec_alloc+0x2d0/0x2d0
[   91.481931] *** Host State ***
[   91.486214]  submit_bh_wbc+0x105/0x710
[   91.486224]  ? ext4_fh_to_dentry+0x34/0x40
[   91.486234]  ll_rw_block+0x156/0x190
[   91.490374] RIP = 0xffffffff811cdb66  RSP = 0xffff8801aff0f3b8
[   91.494650]  ext4_bread_batch+0x1c0/0x350
[   91.494659]  ? trace_hardirqs_off+0x10/0x10
[   91.494673]  ext4_find_entry+0xa78/0x18d0
[   91.498993] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[   91.506914]  ? ext4_search_dir+0x650/0x650
[   91.506925]  ? __d_instantiate_anon+0x418/0x890
[   91.506935]  ? lock_downgrade+0x980/0x980
[   91.511248] FSBase=00007fa4890b2700 GSBase=ffff8801db000000 TRBase=fffffe0000003000
[   91.515784]  ? lock_release+0xa40/0xa40
[   91.515794]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   91.515808]  ? d_set_d_op+0x30b/0x400
[   91.519774] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[   91.523791]  ? lock_acquire+0x1d5/0x580
[   91.523805]  ? lock_release+0xa40/0xa40
[   91.523815]  ? check_same_owner+0x320/0x320
[   91.531787] CR0=0000000080050033 CR3=0000000173f1c005 CR4=00000000001626f0
[   91.535693]  ? lock_downgrade+0x980/0x980
[   91.535705]  ? rcu_note_context_switch+0x710/0x710
[   91.535719]  ext4_get_parent+0x9a/0x360
[   91.539770] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87001610
[   91.544647]  ? ext4_lookup+0x630/0x630
[   91.544657]  ? down_read+0x150/0x150
[   91.544674]  reconnect_path+0x1a4/0x670
[   91.551067] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[   91.555078]  ? ext4_lookup+0x630/0x630
[   91.555091]  exportfs_decode_fh+0x28a/0x5b0
[   91.555099]  ? drop_caches_sysctl_handler+0x160/0x160
[   91.555108]  ? find_acceptable_alias+0x1e0/0x1e0
[   91.555120]  ? __fget_light+0x2b2/0x3c0
[   91.559250] *** Control State ***
[   91.563092]  ? fget_raw+0x20/0x20
[   91.563101]  ? __check_object_size+0x8b/0x530
[   91.563117]  ? __might_sleep+0x95/0x190
[   91.567858] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2
[   91.575268]  do_handle_open+0x374/0x8a0
[   91.575278]  ? vfs_dentry_acceptable+0x10/0x10
[   91.575289]  ? SyS_write+0x184/0x220
[   91.581157] EntryControls=0000d1ff ExitControls=0023efff
[   91.585433]  ? SyS_read+0x220/0x220
[   91.585447]  SyS_open_by_handle_at+0x27/0x30
[   91.585457]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   91.589855] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[   91.596037]  do_syscall_64+0x281/0x940
[   91.596046]  ? vmalloc_sync_all+0x30/0x30
[   91.596054]  ? _raw_spin_unlock_irq+0x27/0x70
[   91.596063]  ? finish_task_switch+0x1c1/0x7e0
[   91.600196] VMEntry: intr_info=80000306 errcode=00000000 ilen=00000000
[   91.604300]  ? syscall_return_slowpath+0x550/0x550
[   91.604310]  ? syscall_return_slowpath+0x2ac/0x550
[   91.604319]  ? prepare_exit_to_usermode+0x350/0x350
[   91.604330]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   91.608115] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[   91.611263]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   91.611278]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   91.611285] RIP: 0033:0x454e79
[   91.615164]         reason=80000021 qualification=0000000000000000
[   91.619347] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   91.619357] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   91.619363] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   91.619368] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   91.619374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   91.623077] IDTVectoring: info=00000000 errcode=00000000
[   91.628997] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000005
[   91.947006] TSC Offset = 0xffffffcc7f70e95c
[   91.951376] EPT pointer = 0x00000001cd4d001e
2018/03/31 16:37:01 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000923000)='/dev/snd/seq\x00', 0x0, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0)
ptrace$getregset(0x4204, 0x0, 0x203, &(0x7f0000000640)={&(0x7f0000000540)=""/207, 0xcf})
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={<r2=>0x0, 0x6, "c1cefb1f79b6"}, &(0x7f00000000c0)=0xe)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000240)=@sack_info={r2, 0x8000, 0x7a1}, 0xc)
r3 = syz_open_dev$mice(&(0x7f0000000440)='/dev/input/mice\x00', 0x0, 0x0)
getpgrp(0x0)
getdents64(0xffffffffffffffff, &(0x7f0000000680)=""/93, 0x5d)
getsockopt(r3, 0x0, 0x0, &(0x7f0000000140)=""/157, &(0x7f0000000200)=0x9d)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000340)={'nat\x00'}, &(0x7f00000003c0)=0x3699dbc96823a7de)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000700))
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc\x00', 0x200000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x84}, "706f72ff070000000000000000000000000b40000000000000002c0500000000000003000000ef000003ff02124e19080012000000000000000000000600", 0xc3})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x20002, 0x0)
close(r3)
signalfd4(r4, &(0x7f0000000040)={0x5}, 0x8, 0x0)

2018/03/31 16:37:01 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f00000001c0)=@nfc, 0x80, &(0x7f0000000140), 0xfffffffffffff3c, &(0x7f0000000b00)=""/167, 0xfffffffffffffd12}, 0x0)
recvmsg(r0, &(0x7f0000000940)={&(0x7f0000000a00)=@pptp={0x0, 0x0, {0x0, @multicast2}}, 0x80, &(0x7f0000000880)=[{&(0x7f00000002c0)=""/212, 0xd4}, {&(0x7f00000006c0)=""/61, 0x3d}, {&(0x7f0000000ac0)=""/41, 0x29}, {&(0x7f00000004c0)=""/242, 0x20d}, {&(0x7f00000005c0)=""/200, 0xc8}, {&(0x7f00000009c0)}, {&(0x7f0000000700)=""/189, 0x4d}, {&(0x7f0000000a80)=""/18, 0x12}, {&(0x7f0000000800)=""/13, 0xfffffd98}, {&(0x7f0000000840)=""/55, 0x37}], 0xa, 0x0, 0xffb0, 0x3}, 0x40000001)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x410000, 0x0)
ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f00000003c0))
open(&(0x7f0000000080)='./file0\x00', 0x40002, 0x14)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000027063103006de2533e2928d283660a0f0e1d65c8a6f14b8b2deafa1dd0c520f86fa3d0c4040000000000e0ffebd75438ce8a6bf445c42558ad39fa3c5395e5e29d27f810c441e4732f0c2b88a279e6ac79f2dd93e380a17e5cc7e51298dcd81779e668e8d724af874e7a8af9dfbcec3559f4b45e93532069"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:01 executing program 4:
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x4000000002283, &(0x7f0000139000)='4')
readv(r0, &(0x7f0000cc0f90)=[{&(0x7f0000a8efed)=""/19, 0x42}], 0x1)
r1 = openat(r0, &(0x7f00000001c0)='./file0\x00', 0x1418c1, 0x80)
write$evdev(r0, &(0x7f0000000080)=[{}, {}, {{0x0, 0x2710}}, {{0x77359400}}], 0x60)
ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000180)='bridge0\x00')
getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000100)=ANY=[@ANYBLOB="03000e0bfca19ab9de77"], &(0x7f0000000140)=0x1)
mkdir(&(0x7f0000000280)='./file0\x00', 0x2)
clock_gettime(0xfffffffffffffffd, &(0x7f0000000200)={<r2=>0x0, <r3=>0x0})
write$evdev(r1, &(0x7f0000000240)=[{{r2, r3/1000+30000}, 0x9, 0x0, 0xbf}], 0x18)
ioctl$EVIOCSABS3F(r0, 0x401845ff, &(0x7f0000000040)={0x2, 0xbd, 0x5, 0x33192c7c, 0x0, 0x8})
fcntl$setpipe(r0, 0x407, 0x9)

2018/03/31 16:37:01 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x13, &(0x7f0000ffbffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00005e3ffc)=0x2, 0x4)

2018/03/31 16:37:01 executing program 6 (fault-call:2 fault-nth:6):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:01 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000003c0)={0x101ff, 0x0, &(0x7f0000ffe000/0x1000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:01 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:01 executing program 3:
mmap(&(0x7f0000048000/0x3000)=nil, 0x3000, 0x0, 0x2000031, 0xffffffffffffffff, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f000000d000), &(0x7f0000048000), 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0xa040, 0x0)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x0, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x2, @empty, 'bcsf0\x00'}}, 0x1e)
write$fuse(r0, &(0x7f00000000c0)={0x28, 0x1, 0x5, @fuse_notify_store_out={0xfffffffffffffffc, 0x0, 0x9c0}}, 0x28)

2018/03/31 16:37:01 executing program 7:
r0 = add_key(&(0x7f00000003c0)='big_key\x00', &(0x7f0000001280)={0x73, 0x79, 0x7a}, &(0x7f00000032c0)="3192b61395cd5768cb664ff2cb7f9581b11cba2820373315a8d103c544aa520315305574dc5c4ca85ac68265c3092ca69ac61b8cdafa29cd8f03c5c0d8d38d55873b864fb0eaf1d8bd3834880e8ed251b257709b66fc8146bb377da4f9240450f125e695087c8faa6ceed4716ca078662bb2679bc6eaf90207a09079342d5b4e30acde2692e1cb8901dd6d2d449f79c1f0061026c0788bfad16d8bbfc1e83f829e52910f89fdda0ea0f57495c54cfeefaae96b089befd0b57d8e9400bf7c0f35ceeeb67b1f8a08b03fa865e2e667cc0b09f6a15553909150fede4d02162d261114a8fa6e941e08c060d5eff515089ccfc765a452e3cb7ae866aeeef526e8052f84e864a3be5f6938b96d601ca9e4d29da72bde87432ce10692b631e865c28623e5de0b6ee7bfd007431be9908bc7e27019eb8156df49928b6bd5c34a5f477b537b3e3ccdf2860470625d0f53b8c19faf73a73b94f9793ae43aa4b72da7988be64da2d51057c9c2695ae018981a657aa4cb69e96b017d5082b8b9afc660099b05994619d680207dfb69b1f08916b130a9147c833032a01f1666e2518caed7ccaff15257043e74cef0ffb4ab9aad2bd8a8573a2c2c90bb36842a312052158d4a943a48fc1fabda436d913239921cbeda4af92eb153795a00f19644f406df2ec72c0b2dc254f50eba1ff5d8d0dbddeb161ed39ff6f11688203e594e3fd6568bb20ee053fd186c7d39fff8c35596816c1b15dfb1227ca145207d09dc10abe3a9cfcac56bd42d9d0ede14171fb54727d9ab386de99d22d2b34a87727e3cd751653cb23281bb5273782cd427f133c471c34014aa918d0d9458b76326767be67f5ed1d0412abbd06151e1064a899683ac3d193c0308caf5478ade6a3a5da55d426d6990d520dec6c74e26aa493b1f73d08cb036cbb5d2f4d1aaed0cff2f71c85ca307b8e49acc341b2478dc4f9a6a5f1b81287e0662eebe01bfba8a277d58a5bfb27ccacd3ecf34a82066a372fea28cf28df37547a1e4c209a5dd4a0e21ab6dbf780c0af7d855433444e302ce037238a558f0b7321c5383cd80098c8d809791c31c6eb47165ae7feff197c134cee40522547a5df74c5c98083c32b68e8cc4151291a2e903952c4206aaf560256fbef712afb5d9c166c028be2e5fdcf36522cc754deac0e167583241db73ab5c617351dfed340418d6d39e1eed61938216e75aad77f3c5fd0f344b6cfe9171d1869325ca52fb79fb20b1fffd425774bc7c72fb453360fe1a0e77b2b51891228624ee302525dd827b5677bd1059d991800c857fba4be02b740883c57ad51b4f6a0e832989fc527a601f2ec5ad5508b38007c712f8a6687621db724587c329146a4015730b3a564734b7a9d1b2f8a21e5d22c502968e938dbb617865e387a146fbfeabc11ff02121867a0887e3545b49e41f9020107107e10a892191f79b700940381b45bd9cc4c5ef9d913f3b2675c1f25520f9936de9b5a6f36c07734baac3e9c81fe0d3ecdc9b18b5e8a59c079b8ba41a759d26dadbc10683bbb637794e54b4c341ffb78c6cbe5fd7596eba621accfa9c38cadc92fb155815ef3f1b58ec5a56d7ac69c6c88cd2761f8cd6908d7b9a4de23176cf9a1cc1e5d04d4e0edb576f9472c39ad5f16bcee8b7314a65ff9f04a0c2fb3f9661d7100336a9ea363d2d0183b3d1f742fb5f8bbc0115171e323941c6e5f502875bcc94a41bf090178f5c533d178a744f11e36b7febd1bad0652e6472109e58e074cb2c68127e7020d9a3eb5a7c95958f47c45f438e554a0fd094a0756dc6086526a905bb53ae23ab5c30aae44f7faba239f00e44f8472351b126988699dedbf739669203bfd23a5fa1c9e8c094e2138787e230578ab676ad5096b8e59536df58dff6d3736df81dea7f09698f17521bf616910ede5a0788364105dbd54c55041b2540dd230e57495f52234e9bdea25b1f57eff362b4aef87c4e0f7be61bedbefb68b29068a362928086eda00a0cd944268474dd28a6f80c7d6db74ad5b63e39e7bfb14c3540e97325d8aafc661313da2dca66efe7d7d5c8d797d0b0176b0e7e6e36c15c9af14c8216afa40ac75a0bbf5483d5c7b4551bedd36f0319cfaf13d0a8b010fe7af79d86d36287b4886140c37dbef74682e0cf8fcaf96b24f8e0fb50e070733867c654d0202a1ffeaff9965004b7a00924ea185c79b410b1b1ac6177520bb011eab63ecee77bc690d99c0de9164e819a49ad91853302c0270a859778a11a149e91cfef99fd4e9792b6905655cf79007d4d7cf5dc7145c9ee891f38638dfdf79c97ffecfe24a74a4614f19112a0dfeb307bb54d926fd51315a4bbd835c8080c95e7cebc21432612f84306fbc0aad704ca455149fe9a1b1292bb7fa9001e02457b61e35c3085ccc26c0d16b5f6c5547e11248fafa4d53fa5a5989fdef06c29e0be05d716f020c4f12788c3d4d446fb09377c27c7dd10914af2ecf9d1da5a7145ba9801a429c82ade988c9349e8c2147ef8b6ab4102867267287783a1d62555cefb7d2cca05ccf8fbeed8cad73e4b40fb303a7dde7202596ce6e4a4fb1eacd04b4425147a30ecd6084dc83c21b189357630fdbb710f3415df39a078f4ed5de17ae9adc81eb15ed6ee1aa49f1a27c06679582de71aff6a91ef0dff7d98bb7b797ebcd0fca0a139a2efae3d08cbda9c7d0c3b95df233daf4a40d1e0f2cc894b0772efef4eefad3439bdd3aa86cf5fbcab3864209d446972dadef78d79e5539fa1aa77383e6e337ea385a2a90d9a9f16af1023d6686c93718aa897b8621bd01c0631a11f7bd80ff7f88e40833afafd475b1c4273b3cf923f3040d84275", 0x7da, 0xfffffffffffffffc)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f00000000c0))
r3 = syz_open_dev$sg(&(0x7f0000000380)='/dev/sg#\x00', 0x800, 0x430000)
ioctl$TIOCMBIS(r2, 0x5416, &(0x7f0000000100)=0x6)
keyctl$read(0xb, r0, &(0x7f0000004ac0)=""/4096, 0xffffffffffffffb7)
ioctl$TUNSETLINK(r3, 0x400454cd, 0x33f)
futimesat(r2, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580))
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={<r4=>0x0, 0x40, &(0x7f0000000200)=[@in={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e21, @loopback=0x7f000001}, @in={0x2, 0x0, @multicast2=0xe0000002}, @in={0x2, 0x4e21, @loopback=0x7f000001}]}, &(0x7f0000000280)=0x10)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f00000002c0)=@assoc_id=<r5=>r4, &(0x7f0000000300)=0x4)
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(r6, 0x84, 0x0, &(0x7f0000000140)={r5, 0x2, 0x1, 0x1}, &(0x7f0000000340)=0x10)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r7, 0xc004743e, &(0x7f0000000a80)=""/246)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000000))
close(r7)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000640)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r8)
socket$inet(0x2, 0x0, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0xa)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000100)={0x3, 0x3, 0x5, 0x2})
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r7, 0xc008551c, &(0x7f0000000400)=ANY=[@ANYBLOB="0900000004001000000494df82d6826bc08bfbae7602ac713b1806000000000000003ca4de93222873927f2078057630efc69e98ca6c534f2fc4c14723592fd64f72f70048f54d14bffc6dbd24f3ad1cd871d9c346bbe170286e20d2665ee5326dfb39daebcdccfc4c04601fdf5b3df97acfe0afd2601559e2a6816ad91c290a5f0f7598700da0dedbdfb17470879bf768e21194a471c3cbd35694e2181c1aa9eb58b2d4492f9a0534c3f797f8edd9fc1adf6853071a19bad0c3c2ce95483365af9dba68073e3bc7a3e59665b800000000000000000000000000"])
clock_gettime(0x0, &(0x7f00000005c0)={<r9=>0x0, <r10=>0x0})
futimesat(r1, &(0x7f0000000500)='./file0\x00', &(0x7f0000000600)={{0x0, 0x7530}, {r9, r10/1000+30000}})
ioctl$KVM_SET_FPU(r7, 0x41a0ae8d, &(0x7f0000000680)={[], 0x3, 0x6, 0x6, 0x0, 0x630, 0x6000, 0x7000, [], 0xfffffffffffffff8})
setsockopt$RDS_FREE_MR(0xffffffffffffffff, 0x114, 0x3, &(0x7f0000000080)={{0x8, 0x80000000}, 0x50346584fa69266d}, 0x10)
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000880))
openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)

[   92.509068] FAULT_INJECTION: forcing a failure.
[   92.509068] name failslab, interval 1, probability 0, space 0, times 0
[   92.520401] CPU: 0 PID: 7616 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   92.527495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   92.536842] Call Trace:
[   92.539441]  dump_stack+0x194/0x24d
[   92.543071]  ? arch_local_irq_restore+0x53/0x53
[   92.547738]  ? __lock_acquire+0x664/0x3e00
[   92.551975]  should_fail+0x8c0/0xa40
2018/03/31 16:37:01 executing program 3:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000480)="2e2f6367726f757000361a6f74a1b774b8642f3dfdd313d92946ff0167415d8dc22791dcd496520c1c99f4b07d3b2a11090000000229210b73abdcd2986fc290ac9b6ace278586d39949a54fb276eb1fd3964b0cad27e417b33abb8d3b00e64e75e4dff47de27536dccdde5fc746b04faafcec34753f5bf7416c1ca9222829223e60a31b3a35a5f20bc949d75cbb763987", 0x200002, 0x0)
signalfd4(r0, &(0x7f0000000240)={0x6}, 0x8, 0x800)
r2 = openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000380)='/dev/vcs\x00', 0x2)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f00000003c0)={0x1, [0x400]}, 0x6)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x200, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r4, 0x10e, 0xa, &(0x7f0000000180)=0x1, 0x28e)
mknod(&(0x7f00000001c0)='./file0\x00', 0x1000, 0x8000)
memfd_create(&(0x7f0000000280)='\akeyring\x00', 0x0)
syncfs(r1)
readv(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)=""/47, 0x2f}, {&(0x7f0000000100)=""/13, 0xd}], 0x2)
ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f0000000940)={"5cdd19a6137dd3f27ac27b86ca0b674cb6e066035ef546d6d4114438408f8a862940d6b6e12606d4a0e94255998563399f870393fa2d3cfb9a1849af8a12e4027896792555571eea54c934c3445b23a55919edd6323d654ed12af1704f3ecd5f99535ba01b2d9accf0e09eb866f54b81809fa9e97ba2508d773bfbc726b599839ddcb6fe3e3b4a3e83f856d29c5f01b0bc2dba9f3bd6c349532f889b0b789b032b0887e62d6a84a1d179fe063ad92621fd86e05e03af175baff5127fae08f82bf01c7c705d2b87b675fb670682cc9ad3f5b6a73df56a8d1f9d42563837c3e35d0e59180fc89c0e6aae6710c50297f56d0aa6d85998cb0f5f1e13c27d12c48aadc2dea818fffd70e36b0839fe62ddd7629e44a2b4d63e323cbe8064cb49c73127d21f63a145937b5ce424b198f5a76bbf6d8b4c176f78205ace5de084f577ebeacee76d1bfa57efe51b667ae31a34337d3b9435750abc3dc8d6c7e4869cbcbbd3cf91dfac7557d42af99340807ffe46a9a16778ebc4eb9c4afe98f50e1a77601cff340e138c3928248afe8241315e8e6c5e1a1f6bfb2035e4883896a3b014514819e6aad1cd8862cf13468965290e5e647c4635d90ed420e260032af09d7a17a5907d032853a565b707d4126b8a78c021c7129102d7a0cb77c3dd062c30b36ac7a46d9175f2877f0626791890cdb1d86377b42cd0512733839cab1fb953524747419b2650e54eec11e4ab30ea0c232be7f628ce98463345822d901b811b0da56ccafa72b5413dee0abbc47606500dfc706db22a03003450355de5d50099f1d404f14f03209d07ea725e11133610f6509d581f6fdf079fb5c6bfdd4ee0396c6f8f5a543b48f2deafb88a514eae91040872b436953da2bc2ea93b3ecc800f098570ea771d5912cbc03d3441ee8e937db1ffa402c80941c835c33dd3ad0d5316610602d73f74c2190a8aaebdfbdafed4baaa6106bcdc0e32d733fa05b7d8a4f76ef7b8d7e65006a8a111c3ffbc90e6e9fb984439667ecba332dcf3039b392124fc5dfd7e11cf3e22df4f7019afa28c316427f45f0dcc4bb5d1d336ae14230868b4046cfe9b593bd6c804fd9ab25a93797444ce21fa29fffcaa9b07f72bdff3054f1c0372982bc4cde9ba7e94979e4db5e09b237138681fce5c8b4c12fdaec9346b0bca85c1f39f0e9fff9c6eabd8988e5fdfaacaa99cebad670886208f26fa9ba4127b01386edd778220cef9dbb1be10cf0dd4fd091187241b6d38ef1d9775c32bdb9117d7dbd11d1813cdecd6c1287bc8f2fb368e8dd232258e9a14c6e4067f6880e6111ec26131ae5029b7b6c84286939c9b374c4a3100e1e15192439897baa88a3c40b33234e35dd0c73a8536d7eba10f5f30c2ab3ca3f3a0aab80dd7084606fbcd534df2b8f3c8bcdb7644cd98af905a771de90def7406678706bc60b7de7a7d"})
lseek(r0, 0x0, 0x800000003)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2)
sendfile(r2, r2, &(0x7f0000000040), 0x1)
write(r4, &(0x7f00000002c0)="814835cefce9698bad8f07b0505bdcba51bdfcba3c2b776af30013e865c55418eb71dd558892cbde7f2d679ec7a20f33ca78b62310200d828ba32ae2ef7743068ff220673aebe028ec2eeabd6ceb8f579719058a22fc92155158019b47a3e19eb424ea08dbb30eab0e5dc7b76cc7ad24bf5391a342cc155aae5c06b13f695da2d4a96a42468fc292", 0x88)
dup2(r1, r2)

[   92.555689]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   92.560788]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   92.565972]  ? mark_page_accessed+0x507/0xb30
[   92.570467]  ? find_get_entry+0x53c/0x9e0
[   92.574607]  ? activate_page+0x830/0x830
[   92.578670]  ? find_get_pages_range_tag+0x1000/0x1000
[   92.583855]  ? __lru_cache_add+0x2a6/0x410
[   92.588526]  ? __lock_acquire+0x664/0x3e00
[   92.588540]  ? find_held_lock+0x35/0x1d0
[   92.588555]  ? trace_hardirqs_off+0x10/0x10
[   92.588570]  ? debug_check_no_locks_freed+0x3c0/0x3c0
2018/03/31 16:37:01 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000140)={<r1=>0x0, 0xffffffffffffffe0}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000002c0)={r1, 0xe7, "67c5922f8b02ca373aacf7723081a9501452c04a326377dac008d066fbbcaf4474c30a8ebc5b33b187893017aea20425cdd95ab9dc84467bc8c6306a41c5d9a1afebef6fa4380cc876c4e9285957a9ac8be0e440dd993675a3d6adb1c65bfe8055ac498ff9793d341ead1871a348de27725d5f96728d907f32500724bf769c7c9f05e2fca963c73027a317d8cb5d7544ec3581bd5190beb79ed0d6830ffcb8a1b6736212cb72274c628188ba492c2794efa969a5ea3456b4e1dcf0e2b368837ee0ac818fe5425e489bc26d4962f470a655f5b64f100107765eb868465a1edc92a39afa32cf9bc7"}, &(0x7f0000000200)=0xef)
r2 = gettid()
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f00000004c0)={0x300, 0x27, 0x331, 0x0, 0x0, {0x8}, [@typed={0x8, 0x77, @u32=0x7}, @typed={0x8, 0x14, @pid=r2}, @nested={0x30, 0x4b, [@typed={0x8, 0x18, @fd=r0}, @typed={0x4, 0x73}, @typed={0x20, 0x45, @str='proc*lo-self#losecurity.:%\x00'}]}, @typed={0x8, 0x81, @u32=0x4}, @typed={0x8, 0x69, @pid=r2}, @nested={0x20c, 0x1a, [@generic="a82faaadf5965594850295d65c5922696b2f3c683cfeccc99125954b33b704e18809b0c1db1a6aa2ecf2ef46ed79799ff3c9d5e57c7e9dfaf89899540cfc0d3c0bfd658d26736d7926deea191f352e748d4d7e6d6f9cb8f8d92b26e506e2d054fd997fd9f4efe62e2e1a08f0a51643b1dc5e6743b2db6529a814ba2c09259bb8275aba447daaf9b875361794c221846a11063b460f6abe969be943da368ee1831b92bead856f342ea734b3de1c95859cf0294a05d127e57af88e104e291c7acffd7753", @generic="fea6154540fb22ad03632701837130a0912d203b0dc1ecb27fe47179b1a4cc8837cbc2132ab9f2486e1a44acb3c92acde2abc53bf741412f789a055e89072f768234293c7571409f9f8d64581a991d99cf615cfcc77efeb6b1cb16f71021a81a98033f35fc42fdf9130261ddb6fa51d493a8d70aa007b791c158c66527347bef0b2e7a2ae8a079cc73a9b8aa034889cfd634aa4d8202f1eb92a3b97a82002ac02d76af77fbfc6916de89f5b40ce1ebbf620e7b919b91aaef426a45cb08d1e99c0fbcde89f1aa0ebd8d1f3708073bd462ed570011f884dd2416f41067fcf1961f6cc50cfaa1ab2090acbd16bf2cb9e0540bfb172e9499b0bc", @generic="e0821e09a0db59a30034a1b44995a56bda430752f0255d", @generic="569f038fbec8d60e3a4feb597df275467fd95751a45e86db4d80788ea2", @typed={0x18, 0x79, @str='ppp0vmnet1bdevppp1$\x00'}]}, @nested={0x18, 0x2e, [@typed={0x14, 0x28, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}]}, @generic="d61529fa7966f5fc01eb2528c149f468f94bf22079c780c9e94616e83421dd4e70510874dbc1326a9e80ddbb00467b2d8f1cd96258f9dedf63", @generic="24de5c1454fed3f6e3bffff78abe9c45c32fb46df76693a675e8fb56624e016ad7890b248e35341bb1854f8797075477defea71cf9991d9d952dae41dc1336"]}, 0x300}, 0x1}, 0x0)

2018/03/31 16:37:01 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:01 executing program 6 (fault-call:2 fault-nth:7):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[   92.588584]  ? trace_hardirqs_off+0x10/0x10
[   92.588596]  should_failslab+0xec/0x120
[   92.614986]  kmem_cache_alloc_node+0x56/0x760
[   92.615008]  create_task_io_context+0xb5/0x540
[   92.615020]  ? ioc_clear_queue+0x5e0/0x5e0
[   92.615032]  ? generic_make_request_checks+0x93f/0x2050
2018/03/31 16:37:01 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, 0x7})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, "706f7274310000000000000000000000000000000000001000", 0xc7, 0x80003})
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x4, 0x4080)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x6)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00004d1ff0)='/dev/sequencer2\x00', 0x8080, 0x0)
close(r2)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000280)=""/219, 0xdb}], 0x1)
ioctl$LOOP_SET_BLOCK_SIZE(r2, 0x4c09, 0x401)

[   92.615045]  ? lock_downgrade+0x980/0x980
[   92.615054]  ? rcu_read_lock_held+0xa9/0xc0
[   92.615063]  ? __disk_get_part+0x1b2/0x2b0
[   92.615075]  ? __lock_is_held+0xb6/0x140
[   92.615091]  generic_make_request_checks+0x189a/0x2050
[   92.615107]  ? trace_event_raw_event_block_rq_requeue+0x6e0/0x6e0
[   92.615114]  ? save_stack+0xa3/0xd0
[   92.615122]  ? save_stack+0x43/0xd0
[   92.615129]  ? kasan_kmalloc+0xad/0xe0
[   92.615137]  ? kasan_slab_alloc+0x12/0x20
[   92.615144]  ? kmem_cache_alloc+0x12e/0x760
[   92.615152]  ? mempool_alloc+0x16a/0x4b0
[   92.615160]  ? bio_alloc_bioset+0x3cd/0x760
[   92.615174]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   92.615184]  ? block_commit_write+0x30/0x30
[   92.615192]  ? mark_held_locks+0xaf/0x100
[   92.615203]  ? __find_get_block+0xa41/0xd90
[   92.615215]  ? trace_hardirqs_off+0x10/0x10
[   92.615226]  ? retint_kernel+0x10/0x10
[   92.615235]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   92.615246]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   92.615260]  ? __lock_is_held+0xb6/0x140
[   92.615270]  ? mempool_alloc_slab+0x44/0x60
[   92.615284]  generic_make_request+0xaa/0xdd0
[   92.615304]  ? blk_get_request+0x40/0x40
[   92.615314]  ? mempool_destroy+0x30/0x30
[   92.615321]  ? mempool_alloc_slab+0x44/0x60
[   92.615335]  ? find_held_lock+0x35/0x1d0
[   92.615351]  ? guard_bio_eod+0x1a3/0x560
[   92.615364]  ? lock_downgrade+0x980/0x980
[   92.615374]  ? rcu_read_lock_held+0xa9/0xc0
[   92.615385]  submit_bio+0x19a/0x4d0
[   92.615392]  ? submit_bio+0x19a/0x4d0
[   92.615402]  ? generic_make_request+0xdd0/0xdd0
[   92.615411]  ? bvec_alloc+0x2d0/0x2d0
[   92.615423]  ? guard_bio_eod+0x249/0x560
[   92.615435]  submit_bh_wbc+0x55f/0x710
[   92.615448]  ll_rw_block+0x156/0x190
[   92.615461]  ext4_bread_batch+0x1c0/0x350
[   92.615470]  ? trace_hardirqs_off+0x10/0x10
[   92.615482]  ext4_find_entry+0xa78/0x18d0
[   92.615500]  ? ext4_search_dir+0x650/0x650
[   92.615511]  ? __d_instantiate_anon+0x418/0x890
[   92.615521]  ? lock_downgrade+0x980/0x980
[   92.615533]  ? lock_release+0xa40/0xa40
[   92.615542]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   92.615557]  ? d_set_d_op+0x30b/0x400
[   92.615572]  ? lock_acquire+0x1d5/0x580
[   92.615588]  ? lock_release+0xa40/0xa40
[   92.615597]  ? check_same_owner+0x320/0x320
[   92.615607]  ? lock_downgrade+0x980/0x980
[   92.615618]  ? rcu_note_context_switch+0x710/0x710
[   92.615631]  ext4_get_parent+0x9a/0x360
[   92.615639]  ? ext4_lookup+0x630/0x630
[   92.615648]  ? down_read+0x150/0x150
[   92.615664]  reconnect_path+0x1a4/0x670
[   92.615673]  ? ext4_lookup+0x630/0x630
[   92.615684]  exportfs_decode_fh+0x28a/0x5b0
[   92.615693]  ? drop_caches_sysctl_handler+0x160/0x160
[   92.615704]  ? find_acceptable_alias+0x1e0/0x1e0
[   92.615716]  ? __fget_light+0x2b2/0x3c0
[   92.615725]  ? fget_raw+0x20/0x20
[   92.615735]  ? __check_object_size+0x8b/0x530
[   92.615748]  ? __might_sleep+0x95/0x190
[   92.615764]  do_handle_open+0x374/0x8a0
[   92.615775]  ? vfs_dentry_acceptable+0x10/0x10
[   92.615786]  ? SyS_write+0x184/0x220
[   92.615797]  ? SyS_read+0x220/0x220
[   92.615809]  SyS_open_by_handle_at+0x27/0x30
[   92.615818]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   92.615827]  do_syscall_64+0x281/0x940
[   92.615837]  ? vmalloc_sync_all+0x30/0x30
[   92.615845]  ? _raw_spin_unlock_irq+0x27/0x70
[   92.615854]  ? finish_task_switch+0x1c1/0x7e0
[   92.615864]  ? syscall_return_slowpath+0x550/0x550
[   92.615873]  ? syscall_return_slowpath+0x2ac/0x550
[   92.615883]  ? prepare_exit_to_usermode+0x350/0x350
[   92.615894]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   92.615906]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   92.615920]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   92.615928] RIP: 0033:0x454e79
[   92.615933] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   92.615943] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   92.615948] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   92.615954] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   92.615959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   92.615964] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000006
[   92.731512] FAULT_INJECTION: forcing a failure.
[   92.731512] name failslab, interval 1, probability 0, space 0, times 0
[   93.113081] CPU: 0 PID: 7642 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   93.120157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   93.129490] Call Trace:
[   93.132071]  dump_stack+0x194/0x24d
[   93.135687]  ? arch_local_irq_restore+0x53/0x53
[   93.140331]  ? _cond_resched+0x14/0x30
[   93.144194]  ? __getblk_gfp+0xfc/0xb80
[   93.148070]  should_fail+0x8c0/0xa40
[   93.151761]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   93.156840]  ? __check_block_validity.constprop.77+0xcc/0x1f0
[   93.162707]  ? __lock_acquire+0x664/0x3e00
[   93.166935]  ? ext4_map_blocks+0xa3e/0x1830
[   93.171240]  ? print_irqtrace_events+0x270/0x270
[   93.175975]  ? find_held_lock+0x35/0x1d0
[   93.180019]  ? __lock_is_held+0xb6/0x140
[   93.184081]  ? check_same_owner+0x320/0x320
[   93.188387]  ? ext4_iomap_begin+0x1150/0x1150
[   93.192865]  ? rcu_note_context_switch+0x710/0x710
[   93.197787]  should_failslab+0xec/0x120
[   93.201751]  __kmalloc+0x63/0x760
[   93.205187]  ? str2hashbuf_unsigned+0x250/0x250
[   93.209847]  ? ext4_htree_store_dirent+0x8b/0x580
[   93.214675]  ext4_htree_store_dirent+0x8b/0x580
[   93.219335]  htree_dirblock_to_tree+0x4e8/0xa00
[   93.223991]  ? dx_probe+0x1070/0x1070
[   93.227777]  ? save_stack+0xa3/0xd0
[   93.231382]  ? kmem_cache_alloc_trace+0x136/0x740
[   93.236199]  ? ext4_readdir+0x2285/0x3600
[   93.240323]  ? iterate_dir+0x1ca/0x530
[   93.244185]  ? get_name+0x52a/0x730
[   93.247793]  ? exportfs_get_name+0x1a0/0x240
[   93.252173]  ? reconnect_path+0x1f1/0x670
[   93.256299]  ? exportfs_decode_fh+0x28a/0x5b0
[   93.260785]  ? do_handle_open+0x374/0x8a0
[   93.264921]  ? SyS_open_by_handle_at+0x27/0x30
[   93.269495]  ? do_syscall_64+0x281/0x940
[   93.273546]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   93.278895]  ? __lock_acquire+0x664/0x3e00
[   93.283110]  ext4_htree_fill_tree+0x2bb/0xcb0
[   93.287587]  ? print_irqtrace_events+0x270/0x270
[   93.292328]  ? do_split+0x1d30/0x1d30
[   93.296125]  ? __lock_is_held+0xb6/0x140
[   93.300178]  ? ext4_readdir+0x2285/0x3600
[   93.304313]  ? rcu_read_lock_sched_held+0x108/0x120
[   93.309317]  ? kmem_cache_alloc_trace+0x459/0x740
[   93.314154]  ? do_syscall_64+0x281/0x940
[   93.318211]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   93.323578]  ? percpu_ref_put_many+0x11a/0x220
[   93.328160]  ? free_rb_tree_fname+0x9c/0xe0
[   93.332475]  ext4_readdir+0x206a/0x3600
[   93.336439]  ? debug_mutex_init+0x1c/0x60
[   93.340573]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   93.345580]  ? __ext4_check_dir_entry+0x320/0x320
[   93.350410]  ? lockref_get+0x42/0x50
[   93.354119]  ? lock_acquire+0x1d5/0x580
[   93.358070]  ? lock_acquire+0x1d5/0x580
[   93.362030]  ? iterate_dir+0xc3/0x530
[   93.365815]  ? lock_release+0xa40/0xa40
[   93.369766]  ? check_same_owner+0x320/0x320
[   93.374069]  ? _copy_to_user+0xc0/0xc0
[   93.377939]  ? rcu_note_context_switch+0x710/0x710
[   93.382861]  ? __might_sleep+0x95/0x190
[   93.386822]  ? down_read_killable+0x95/0x180
[   93.391208]  ? iterate_dir+0xc3/0x530
[   93.395005]  ? down_write+0x120/0x120
[   93.398800]  iterate_dir+0x1ca/0x530
[   93.402502]  get_name+0x52a/0x730
[   93.405939]  ? bl_cleanup_pipefs+0x30/0x30
[   93.410159]  ? exportfs_encode_fh+0x100/0x100
[   93.414638]  exportfs_get_name+0x1a0/0x240
[   93.418846]  ? exportfs_get_name+0x1a0/0x240
[   93.423236]  ? get_name+0x730/0x730
[   93.426840]  ? up_read+0x40/0x40
[   93.430202]  reconnect_path+0x1f1/0x670
[   93.434163]  exportfs_decode_fh+0x28a/0x5b0
[   93.438466]  ? drop_caches_sysctl_handler+0x160/0x160
[   93.443635]  ? find_acceptable_alias+0x1e0/0x1e0
[   93.448370]  ? __fget_light+0x2b2/0x3c0
[   93.452333]  ? fget_raw+0x20/0x20
[   93.455775]  ? __check_object_size+0x8b/0x530
[   93.460260]  ? __might_sleep+0x95/0x190
[   93.464226]  do_handle_open+0x374/0x8a0
[   93.468177]  ? vfs_dentry_acceptable+0x10/0x10
[   93.472737]  ? SyS_write+0x184/0x220
[   93.476433]  ? SyS_read+0x220/0x220
[   93.480056]  SyS_open_by_handle_at+0x27/0x30
[   93.484455]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   93.489206]  do_syscall_64+0x281/0x940
[   93.493094]  ? vmalloc_sync_all+0x30/0x30
[   93.497259]  ? _raw_spin_unlock_irq+0x27/0x70
[   93.501746]  ? finish_task_switch+0x1c1/0x7e0
[   93.506245]  ? syscall_return_slowpath+0x550/0x550
[   93.511166]  ? syscall_return_slowpath+0x2ac/0x550
[   93.516087]  ? prepare_exit_to_usermode+0x350/0x350
[   93.521095]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   93.526442]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   93.531270]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   93.536436] RIP: 0033:0x454e79
[   93.539601] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   93.547284] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   93.554527] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   93.561770] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   93.569022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   93.576271] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000007
2018/03/31 16:37:02 executing program 3:
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x9}}, &(0x7f0000040000))
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000002000)={0x1})
unshare(0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='cgroup\x00')
recvfrom$ipx(r0, &(0x7f0000000340)=""/71, 0x47, 0x20, &(0x7f0000000040)={0x4, 0x200, 0x8, "a8311dc74d3f", 0x1}, 0x10)
connect(0xffffffffffffffff, &(0x7f0000000400)=@sco={0x1f, {0x100, 0x7, 0x0, 0x0, 0x7, 0x1ff}}, 0xffffffffffffff77)
preadv(r0, &(0x7f0000b78f90)=[{&(0x7f0000000240)=""/195, 0xc3}], 0x1, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x1, 0x101100)
waitid(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000564000), &(0x7f0000000000)=0xffe4)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000010000))

2018/03/31 16:37:02 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e20, @loopback=0x7f000001}})
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000100)="27f39da6135c20e3a15a851ac17fcc8e137ce187850a992dfcbc5dadfc966db651cac020f813cd5be4086c125ef5a482ce9c37b55b068af3b225170114f12191800f802526804e", 0x47}], 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'syz_tun\x00'})
ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000200)=@buf={0x0, &(0x7f0000000640)})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f0000003940)=ANY=[@ANYBLOB="280000001400090500000000ca91f05c0e3302ff320000000002000000"], 0x1}, 0x1}, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000480)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000600)={&(0x7f0000000440)={0x10}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)={0xac, r2, 0x101, 0x70bd29, 0x25dedbfc, {0xb}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x857}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x101}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x10000}]}, 0xfffffdaf}, 0x1}, 0x20008000)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000d00))
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001140))
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000003780))
getpgrp(0x0)
request_key(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, &(0x7f0000000740)='\x00', 0xfffffffffffffffb)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x80100, 0x0)
bind$nfc_llcp(r3, &(0x7f00000002c0)={0x27, 0x0, 0x1, 0x7, 0xb8c, 0x5, "cffaa80beb4c8087b8df03d227d525acdba84f65c3a0b98d23952de8eee039e03fef7e5aa4278616a937ec9719aace44ab41d1e1a2e6ab79721288a06d39ca", 0x3c}, 0x60)
socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000780))
sendto$inet(r0, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000240)=0x2a91)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000200)={@loopback={0x0, 0x1}, 0x4})

2018/03/31 16:37:02 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000580)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r1, 0x0, 0x70bd28, 0x25dfdbfc, {0xb}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0xc001)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000005000000617f2334fa6ec9836d5e2d"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:02 executing program 7:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
remap_file_pages(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x2, 0x0)
symlink(&(0x7f0000001300)='./bus\x00', &(0x7f0000001480)='./file1\x00')
mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000032e000))
chdir(&(0x7f0000f95000)='./file0\x00')
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0)
ioctl$void(r0, 0xc0045878)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x111, 0x2, 0x1, 0x4)
pwritev(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f0000000140)="57f497c07989c619e48c28775f63e222da551e9b6789bb5d6fde46b2dc89543af1a8f144", 0x24}], 0x1, 0x0)
ftruncate(r0, 0x8000)
fgetxattr(r0, &(0x7f00000013c0)=@known='security.ima\x00', &(0x7f0000001600)=""/4096, 0x1000)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000001340), &(0x7f0000001380)=0x4)
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000001240), &(0x7f0000001280)=0x4)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000000000800002, 0x11, r1, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={<r2=>0x0, 0xffffffffffffffff, 0xffffffffffffffc0, 0x200, 0x0, 0x2}, &(0x7f0000000100)=0x14)
read(r0, &(0x7f0000000240)=""/4096, 0x1000)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14}}, {0x2, 0x0, @loopback=0x7f000001}, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000000)='syzkaller1\x00', 0x8001, 0x0, 0x81})
epoll_wait(0xffffffffffffffff, &(0x7f0000000200)=[{}, {}], 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000015c0)=ANY=[@ANYRES32=r2], &(0x7f00000012c0)=0x1)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6000)
pread64(r3, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0)
add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe)
request_key(&(0x7f0000000680)='dns_resolver\x00', &(0x7f0000000700)={0x73, 0x79, 0x7a}, &(0x7f00000006c0)="7b2d23776c616e3076626f786e657431766d6e657430142400", 0x0)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000440), 0x4)
ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000500))
request_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000140)='vboxnet1\x00', 0x0)
syz_open_dev$amidi(&(0x7f0000001400)='/dev/amidi#\x00', 0x6, 0x101480)
add_key$user(&(0x7f0000000280)='user\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000300)="3dde79763ec09bbf6917ffd1e8c401c99e25f23f4979b631bf4aa314195f066c86763061ba5fe74f345a408ba4c56bba2ac4f64642a19a81f72b1d3fb74e5d348e1ebba568683ff0239d512690e15513090485647b5e6cf3c325e2617b08d0977acc58881ccab2dee3754f484a36de5d157e161b881b08", 0x77, 0x0)

2018/03/31 16:37:02 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000003c0)={0x101ff, 0x0, &(0x7f0000ffe000/0x1000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:02 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:02 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(ccm(camellia))\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000b", 0x10)
sendmmsg$alg(r1, &(0x7f000000d100)=[{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000004c0)="9650f5cb983c3a559baef5e940d411aff37ab18acfbbf56dbbc39020d0abaa2d", 0x20}], 0x1}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000000480)={&(0x7f0000000040)=@nfc_llcp, 0x1e, &(0x7f0000b9c000)=[{&(0x7f000080f000)=""/4096, 0x1000}], 0x1, &(0x7f0000da2000)}, 0x0)
fdatasync(r0)
fcntl$getownex(r1, 0x10, &(0x7f0000000000))

2018/03/31 16:37:02 executing program 6 (fault-call:2 fault-nth:8):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[   93.763771] mmap: syz-executor7 (7677) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt.
[   93.807582] FAULT_INJECTION: forcing a failure.
[   93.807582] name failslab, interval 1, probability 0, space 0, times 0
[   93.818875] CPU: 0 PID: 7680 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   93.825970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   93.835312] Call Trace:
[   93.837885]  dump_stack+0x194/0x24d
[   93.841493]  ? arch_local_irq_restore+0x53/0x53
[   93.846140]  ? find_held_lock+0x35/0x1d0
[   93.850189]  should_fail+0x8c0/0xa40
[   93.853882]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   93.858962]  ? __lock_acquire+0x664/0x3e00
[   93.863180]  ? unwind_next_frame.part.6+0x1a6/0xb40
[   93.868187]  ? __lock_acquire+0x664/0x3e00
[   93.872405]  ? find_held_lock+0x35/0x1d0
[   93.876446]  ? __lock_is_held+0xb6/0x140
[   93.880494]  ? check_same_owner+0x320/0x320
[   93.884796]  ? rcu_note_context_switch+0x710/0x710
[   93.889705]  ? perf_trace_lock_acquire+0xe3/0x980
[   93.894531]  should_failslab+0xec/0x120
[   93.898482]  kmem_cache_alloc_trace+0x4b/0x740
[   93.903040]  ? do_syscall_64+0x281/0x940
[   93.907077]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   93.912425]  ext4_readdir+0x2285/0x3600
[   93.916375]  ? debug_mutex_init+0x1c/0x60
[   93.920515]  ? __ext4_check_dir_entry+0x320/0x320
[   93.925344]  ? lock_acquire+0x1d5/0x580
[   93.929295]  ? lock_acquire+0x1d5/0x580
[   93.933248]  ? iterate_dir+0xc3/0x530
[   93.937034]  ? lock_release+0xa40/0xa40
[   93.940986]  ? _copy_to_user+0xc0/0xc0
[   93.944855]  ? rcu_note_context_switch+0x710/0x710
[   93.949764]  ? __might_sleep+0x95/0x190
[   93.953720]  ? down_read_killable+0x95/0x180
[   93.958103]  ? iterate_dir+0xc3/0x530
[   93.961880]  ? down_write+0x120/0x120
[   93.965665]  iterate_dir+0x1ca/0x530
[   93.969363]  get_name+0x52a/0x730
[   93.972797]  ? bl_cleanup_pipefs+0x30/0x30
[   93.977020]  ? exportfs_encode_fh+0x100/0x100
[   93.981519]  exportfs_get_name+0x1a0/0x240
[   93.985728]  ? exportfs_get_name+0x1a0/0x240
[   93.990113]  ? get_name+0x730/0x730
[   93.993717]  ? up_read+0x40/0x40
[   93.997066]  reconnect_path+0x1f1/0x670
[   94.001030]  exportfs_decode_fh+0x28a/0x5b0
[   94.005329]  ? drop_caches_sysctl_handler+0x160/0x160
[   94.010495]  ? find_acceptable_alias+0x1e0/0x1e0
[   94.015233]  ? __fget_light+0x2b2/0x3c0
[   94.019186]  ? fget_raw+0x20/0x20
[   94.022617]  ? __check_object_size+0x8b/0x530
[   94.027093]  ? __might_sleep+0x95/0x190
[   94.031051]  do_handle_open+0x374/0x8a0
[   94.035004]  ? vfs_dentry_acceptable+0x10/0x10
[   94.039568]  ? SyS_write+0x184/0x220
[   94.043262]  ? SyS_read+0x220/0x220
[   94.046869]  SyS_open_by_handle_at+0x27/0x30
[   94.051254]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   94.055989]  do_syscall_64+0x281/0x940
[   94.059855]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   94.065370]  ? syscall_return_slowpath+0x550/0x550
[   94.070275]  ? syscall_return_slowpath+0x2ac/0x550
[   94.075187]  ? retint_user+0x18/0x18
[   94.078880]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   94.083706]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   94.088873] RIP: 0033:0x454e79
[   94.092039] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   94.099722] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
2018/03/31 16:37:03 executing program 0:
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r0, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(0xffffffffffffffff, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r4, r1, 0x80000)
ioctl$VT_OPENQRY(r3, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:03 executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xb, 0x43, 0x4, 0x100000002, 0x1}, 0x2c)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000000))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/84}, 0x18)
prctl$setname(0xf, &(0x7f0000000180)='\x00')

2018/03/31 16:37:03 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0xc000, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in=@local, @in=@broadcast}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000100)=0x19)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0x7ffff}, [@NDA_LLADDR={0xa, 0x2, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}]}, 0x28}, 0x1}, 0x0)
getpgrp(0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="0000040000000009800006003f5e3ba48568ff8cc645dce3e91b86203c97f30114ad587c37484c85c86583945ea336468b69021ce5588701c2b6cb0050a9829b2b444a6b03"], 0xe)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040))

[   94.106965] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   94.114212] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   94.121459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   94.128701] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000008
2018/03/31 16:37:03 executing program 6 (fault-call:2 fault-nth:9):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[   94.183688] device syz_tun entered promiscuous mode
2018/03/31 16:37:03 executing program 7:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x8000000)
shmget(0xffffffffffffffff, 0x3000, 0x1025, &(0x7f000029a000/0x3000)=nil)
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000969000/0x3000)=nil)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000380)={0x200, 0x2, 0x0, 0x100000000}, 0x10)
r2 = syz_open_dev$sndpcmp(&(0x7f00000003c0)='/dev/snd/pcmC#D#p\x00', 0x800, 0x10040)
ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000400000000000000000000003000000ffffffff0500000000000000070000000000000000000000000040000000008000000000000000000000000000000000000000000008000000000000000000000000000000040000000000000000000000000000000000000000000000020000000000000000000000000000090000000000000043c7000000000000090000000000000000000000000000000000000000000000011000000000000000000000000000008468ab48000000000200000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000700000000000000010100000000000081000000000000000000000000000000000000000000000080090000000000000000000000"])
unshare(0xc000000)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000400)=<r3=>0x0)
execveat(r1, &(0x7f0000000480)='./file0\x00', &(0x7f0000000580)=[&(0x7f00000004c0)='./cgroup.net/syz0\x00', &(0x7f0000000500)='^\x00', &(0x7f0000000540)='/dev/snd/pcmC#D#p\x00'], &(0x7f0000000800)=[&(0x7f00000005c0)='./cgroup.net/syz0\x00', &(0x7f0000000600)="76626f786e657431265ef000", &(0x7f0000000640)='wlan1cpuset@vmnet0\x00', &(0x7f0000000680)='\x00', &(0x7f00000006c0)='/dev/snd/pcmC#D#p\x00', &(0x7f0000000700)='selinuxusertrusted\x00', &(0x7f0000000740)='./cgroup.net/syz0\x00', &(0x7f0000000780)='/dev/snd/pcmC#D#p\x00', &(0x7f00000007c0)='/dev/snd/pcmC#D#p\x00'], 0x1d00)
sched_setaffinity(r3, 0x8, &(0x7f0000000440)=0xa938)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz0\x00', 0x1ff)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x1, 0xfffffffffffffdc4)
connect$netlink(r1, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x2}, 0xc)
ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f00000001c0)={[], 0x480, 0x5, 0x37, 0x0, 0x4, 0x11f001, 0xd000, [], 0x4})

2018/03/31 16:37:03 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:03 executing program 4:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$rdma_cm(r0, &(0x7f0000003900)=@disconnect={0xa, 0x4, 0xfa00}, 0xc)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000100)=""/216)

2018/03/31 16:37:03 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000033ff3)='\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x20005)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000037000)={0x0, 0x0, 0x0, "9ede7a8c5ae95e48000000000000007f4f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa0500000074dbcfa6dc4d"})
write$rdma_cm(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="4e3928bd09ebb2f23af1e02d500007ff"], 0x10)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000033000)={0xfb, @time})
write$rdma_cm(0xffffffffffffffff, &(0x7f0000000640)=ANY=[@ANYBLOB="1141c8ddfbc69392f19a7b8700000000000000"], 0x13)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="cc1373fc000000000000000000000000000000000000000000000000000000003030b86e0d5f4090902c6457136cf04d000001000000000001000000000000005f42485266535f4d070000000000000000204000000000000000020000000000000000000000000000000000000000000000c0010000000000700000000000000600000000000000010000000000000000100000001000000010000000100000610000000500000000000000000000000000000000000000000000004503000000000000000000000001000000000000000000c001000000000000180100000000001000000010000000100000000000000000000000000000000000000000000000000000", 0x105, 0x10000}], 0x0, &(0x7f0000016000)=ANY=[@ANYBLOB="05"])
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001240)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000080))
ioctl$KVM_GET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, &(0x7f0000001340)=@ioapic)
ioctl$EVIOCGABS20(0xffffffffffffffff, 0x80184560, &(0x7f0000001480)=""/215)
rt_sigreturn()
ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000040))

[   94.264576] FAULT_INJECTION: forcing a failure.
[   94.264576] name failslab, interval 1, probability 0, space 0, times 0
[   94.275910] CPU: 1 PID: 7705 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   94.283001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   94.292343] Call Trace:
[   94.294919]  dump_stack+0x194/0x24d
[   94.298530]  ? arch_local_irq_restore+0x53/0x53
[   94.303180]  ? _cond_resched+0x14/0x30
[   94.307049]  ? __getblk_gfp+0xfc/0xb80
[   94.310916]  ? update_load_avg+0x2b3/0x2eb0
[   94.315223]  should_fail+0x8c0/0xa40
[   94.318918]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   94.324003]  ? __check_block_validity.constprop.77+0xcc/0x1f0
[   94.329869]  ? __lock_acquire+0x664/0x3e00
[   94.334083]  ? trace_hardirqs_off+0x10/0x10
[   94.338383]  ? ext4_map_blocks+0xa3e/0x1830
[   94.342684]  ? print_irqtrace_events+0x270/0x270
[   94.347421]  ? find_held_lock+0x35/0x1d0
[   94.351466]  ? __lock_is_held+0xb6/0x140
[   94.355514]  ? check_same_owner+0x320/0x320
[   94.359812]  ? ext4_iomap_begin+0x1150/0x1150
[   94.364293]  ? rcu_note_context_switch+0x710/0x710
[   94.369207]  should_failslab+0xec/0x120
[   94.373160]  __kmalloc+0x63/0x760
[   94.376591]  ? str2hashbuf_unsigned+0x250/0x250
[   94.381240]  ? ext4_htree_store_dirent+0x8b/0x580
[   94.386066]  ext4_htree_store_dirent+0x8b/0x580
[   94.390715]  htree_dirblock_to_tree+0x4e8/0xa00
[   94.395372]  ? dx_probe+0x1070/0x1070
[   94.399154]  ? save_stack+0xa3/0xd0
[   94.402760]  ? kmem_cache_alloc_trace+0x136/0x740
[   94.407577]  ? ext4_readdir+0x2285/0x3600
[   94.411700]  ? iterate_dir+0x1ca/0x530
[   94.415567]  ? get_name+0x52a/0x730
[   94.419170]  ? exportfs_get_name+0x1a0/0x240
[   94.423557]  ? reconnect_path+0x1f1/0x670
[   94.427683]  ? exportfs_decode_fh+0x28a/0x5b0
[   94.432152]  ? do_handle_open+0x374/0x8a0
[   94.436276]  ? SyS_open_by_handle_at+0x27/0x30
[   94.440836]  ? do_syscall_64+0x281/0x940
[   94.444874]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   94.450215]  ? __lock_acquire+0x664/0x3e00
[   94.454430]  ext4_htree_fill_tree+0x2bb/0xcb0
[   94.458907]  ? print_irqtrace_events+0x270/0x270
[   94.463645]  ? do_split+0x1d30/0x1d30
[   94.467433]  ? __lock_is_held+0xb6/0x140
[   94.471477]  ? ext4_readdir+0x2285/0x3600
[   94.475606]  ? rcu_read_lock_sched_held+0x108/0x120
[   94.480603]  ? kmem_cache_alloc_trace+0x459/0x740
[   94.485422]  ? do_syscall_64+0x281/0x940
[   94.489458]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   94.494800]  ? percpu_ref_put_many+0x11a/0x220
[   94.499358]  ? free_rb_tree_fname+0x9c/0xe0
[   94.503660]  ext4_readdir+0x206a/0x3600
[   94.507612]  ? debug_mutex_init+0x1c/0x60
[   94.511739]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   94.516742]  ? __ext4_check_dir_entry+0x320/0x320
[   94.521561]  ? lockref_get+0x42/0x50
[   94.525257]  ? lock_acquire+0x1d5/0x580
[   94.529205]  ? lock_acquire+0x1d5/0x580
[   94.533156]  ? iterate_dir+0xc3/0x530
[   94.536937]  ? lock_release+0xa40/0xa40
[   94.540891]  ? check_same_owner+0x320/0x320
[   94.545190]  ? _copy_to_user+0xc0/0xc0
[   94.549057]  ? rcu_note_context_switch+0x710/0x710
[   94.553968]  ? __might_sleep+0x95/0x190
[   94.557921]  ? down_read_killable+0x95/0x180
[   94.562305]  ? iterate_dir+0xc3/0x530
[   94.566084]  ? down_write+0x120/0x120
[   94.569869]  iterate_dir+0x1ca/0x530
[   94.573566]  get_name+0x52a/0x730
[   94.576998]  ? bl_cleanup_pipefs+0x30/0x30
[   94.581218]  ? exportfs_encode_fh+0x100/0x100
[   94.585717]  exportfs_get_name+0x1a0/0x240
[   94.589929]  ? exportfs_get_name+0x1a0/0x240
[   94.594320]  ? get_name+0x730/0x730
[   94.597924]  ? up_read+0x40/0x40
[   94.601275]  reconnect_path+0x1f1/0x670
[   94.605234]  exportfs_decode_fh+0x28a/0x5b0
[   94.609535]  ? drop_caches_sysctl_handler+0x160/0x160
[   94.614702]  ? find_acceptable_alias+0x1e0/0x1e0
[   94.619438]  ? __fget_light+0x2b2/0x3c0
[   94.623391]  ? fget_raw+0x20/0x20
[   94.626825]  ? __check_object_size+0x8b/0x530
[   94.631302]  ? __might_sleep+0x95/0x190
[   94.635265]  do_handle_open+0x374/0x8a0
[   94.639219]  ? vfs_dentry_acceptable+0x10/0x10
[   94.643780]  ? SyS_write+0x184/0x220
[   94.647473]  ? SyS_read+0x220/0x220
[   94.651081]  SyS_open_by_handle_at+0x27/0x30
[   94.655468]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   94.660199]  do_syscall_64+0x281/0x940
[   94.664066]  ? vmalloc_sync_all+0x30/0x30
[   94.668195]  ? _raw_spin_unlock_irq+0x27/0x70
[   94.672667]  ? finish_task_switch+0x1c1/0x7e0
[   94.677142]  ? syscall_return_slowpath+0x550/0x550
[   94.682050]  ? syscall_return_slowpath+0x2ac/0x550
[   94.686957]  ? prepare_exit_to_usermode+0x350/0x350
[   94.691951]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   94.697294]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   94.702118]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   94.707286] RIP: 0033:0x454e79
2018/03/31 16:37:03 executing program 5:
r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x400, 0x0)
ioctl$sock_netrom_SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000080))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
signalfd(r1, &(0x7f0000000000)={0xffffffffffffffff}, 0x8)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="34000000270031030000000000000000080000001bc6b24420e51ffd85758661b8ed1d024caf511ec48eff2cbbc5c7bded2e48be6b7ada5d637784e00bd5fecbb2b1c928f35db3226a500cd1092aa70d5f093cfa536f3ab68ac7787656fc025bfdb2c40760f2239ea3a9ad8b0898038e187e08c1f5b33d11d38dee08e1700db978f02c63d614b5c8b0be636b046f"], 0x14}, 0x1}, 0x0)

[   94.710452] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   94.718139] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   94.725386] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   94.732635] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   94.739879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   94.747126] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000009
2018/03/31 16:37:04 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000003c0)={0x101ff, 0x0, &(0x7f0000ffe000/0x1000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:04 executing program 4:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndtimer(&(0x7f0000000ff1)='/dev/snd/timer\x00', 0x0, 0xc05fc)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0505405, &(0x7f0000011f08)={{}, 0x0, 0x0, 'id0\x00', 'timer0\x00'})
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x40c002, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)
flock(r0, 0x0)
socket$key(0xf, 0x3, 0x2)

2018/03/31 16:37:04 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:04 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_int(r0, 0x1, 0x13, &(0x7f0000000080)=0x8, 0x4)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:37:04 executing program 7:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000a80)=""/246)
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000000)={0x0, 0xffffffffffffffff})
ioctl$EVIOCGREP(r0, 0x40047451, &(0x7f0000000000)=""/174)
close(r0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000340))
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x0, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000000100)={0x3, 0x3, 0x5, 0x2})
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f00000001c0)=ANY=[@ANYBLOB="090000000400100000000000"])
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000880))
creat(&(0x7f0000000140)='./file0\x00', 0x4)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000080)={0x100000000006, r1})
openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r5 = creat(&(0x7f0000000500)='./file0\x00', 0x0)
write$cgroup_pid(r5, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000280)='./file1\x00', 0x0)
write(r5, &(0x7f00000004c0)="15", 0x1)
r6 = request_key(&(0x7f0000000240)='cifs.spnego\x00', &(0x7f0000000640)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000540)='keyring\x00', 0xfffffffffffffffa)
r7 = add_key$keyring(&(0x7f0000000600)='keyring\x00', &(0x7f0000000680)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffff8)
keyctl$search(0xa, r6, &(0x7f0000000580)='id_resolver\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x0}, r7)
ioctl$KVM_GET_SREGS(r4, 0x8138ae83, &(0x7f0000000380))
fallocate(0xffffffffffffffff, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
setsockopt$kcm_KCM_RECV_DISABLE(r5, 0x119, 0x1, &(0x7f0000000200)=0xb, 0xffffffffffffff69)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000000), &(0x7f0000000300)=0x4)

2018/03/31 16:37:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000006000)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7ff, 0x2)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={<r2=>0x0, 0xffffffffffffffb6}, &(0x7f0000000080)=0x8)
r3 = openat(r1, &(0x7f0000000540)='./file0\x00', 0x0, 0x181)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000500)=0x10b)
ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000340)={'bcsh0\x00', {0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}})
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f00000000c0)={r2, 0x5}, 0x8)
bind(r1, &(0x7f0000000380)=@vsock={0x28, 0x0, 0xffffffff, @any=0xffffffff}, 0x80)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x100003, 0xffffffffffffffff, 0x20000})
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000005000)=""/20)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000140)=<r4=>0x0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000001c0)={{{@in6=@mcast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{}, 0x0, @in=@rand_addr}}, &(0x7f00000002c0)=0xe8)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000300)={0x5, 0xff, r4, 0x6, r5, 0x7f, 0x1, 0x9})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r1)

2018/03/31 16:37:04 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00')
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000040)={0x2, 0x3, 0x9, 0x7, "f9333c7e7edf493c0035039385cd3d6f98ea73bd1307e6ff9d120749249f761671e0639418036319452b5522", 0x59eda73e})
ioctl$VT_RELDISP(r0, 0xb701)

2018/03/31 16:37:04 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   94.970381] BTRFS: device fsid 3030b86e-0d5f-4090-902c-6457136cf04d devid 1 transid 7 /dev/loop3
[   95.011614] BTRFS error (device loop3): superblock checksum mismatch
[   95.039691] BTRFS error (device loop3): open_ctree failed
2018/03/31 16:37:05 executing program 6 (fault-call:2 fault-nth:10):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:05 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f000070ffe3)={0xa, 0x800001000004e20}, 0x1c)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x4, 0x0, 0x731}, 0xffffffffffffff13)
sendto$inet6(r0, &(0x7f000023effe)="7f", 0x1, 0x0, &(0x7f000010e000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in={{0x2}}, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x98)
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040), &(0x7f0000000080)=0x8)

2018/03/31 16:37:05 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:05 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x0)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:05 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000005ff7)='/dev/ion\x00', 0x8000004, 0x0)
r1 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x7, 0x2)
ioctl$sock_bt_cmtp_CMTPCONNDEL(r1, 0x400443c9, &(0x7f0000000100)={{0x1f, 0x22, 0x4, 0x0, 0x4, 0x1}, 0x744})
syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x903, 0x1)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000140)={0x8000000000fffb, 0xa})

2018/03/31 16:37:05 executing program 7:
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0x4c})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000300)={0x8, 0x6, 0x2, 0x1})
r3 = creat(&(0x7f000009aff8)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'syz_tun\x00'})
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x6c, r4, 0x400, 0x70bd2d, 0x25dfdbfe, {0x9}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000001}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast2=0xe0000002}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x12}]}, 0x6c}, 0x1, 0x0, 0x0, 0x48005}, 0x24000800)
arch_prctl(0x1006, &(0x7f0000000280)="7bef689096331073a3b1c28bb96b3d59844b50d108ef4352f58c4a0fabcd14fd4cfe8c5e06fba6535890b8abf8d2ec591c169d11c883fdd0c2acfc0be1bec1cb8a3a8d9893828be2a5506496139247eb719ebbdffcc08bbdc6fcf910eeb3dc1fa11f5c76232106")
sendfile(r1, r0, &(0x7f0000000200)=0x29, 0x2)

2018/03/31 16:37:05 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000003c0)={0x101ff, 0x0, &(0x7f0000ffe000/0x1000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:05 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
dup2(r0, r0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)
r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x4, 0x80000)
getsockopt$sock_buf(r1, 0x1, 0x0, &(0x7f00000001c0)=""/188, &(0x7f0000000140)=0xbc)

2018/03/31 16:37:05 executing program 3:
clone(0x200, &(0x7f0000000000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f0000dacfc9))
mknod(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000578fe8), &(0x7f0000775000))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/autofs\x00', 0x80000, 0x0)
sendto$inet(r1, &(0x7f0000000400)="cd560245e51241d53097f01e216bb9a6696d2aaa2730b94b44bbbd60e9b3b045e091f3671275c83ad3d4090808d9d2760cb69e6e5eae606a8af5d5a507e7238618a50adb85761180b41c496d115b11561531f3133d8db6807df3bf9b3ccb60621de191f7490a0e548ebfd9", 0x6b, 0x4, &(0x7f0000000480)={0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc))
r2 = syz_open_pts(r0, 0x20201)
fcntl$setstatus(r0, 0x4, 0x44c00)
r3 = shmget(0x2, 0x1000, 0xfe, &(0x7f0000ffd000/0x1000)=nil)
shmctl$IPC_RMID(r3, 0x0)
socketpair(0x10, 0xd, 0x7, &(0x7f00000004c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r4, 0xc0a85352, &(0x7f0000000180)={{0xffffffff80000000, 0x7fffffff}, 'port0\x00', 0x0, 0x22, 0x2, 0x1, 0xbe, 0x1, 0x4e62, 0x0, 0x2, 0x9da5})
ioctl$TCXONC(r2, 0x540a, 0x0)
write(r2, &(0x7f0000fd6000)='z', 0x1)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={<r6=>0x0, 0xb7}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r5, 0x84, 0x6c, &(0x7f0000000500)=ANY=[@ANYRES32=r6, @ANYBLOB="de000000bb6255499eee6cecc68af43c63084a22c3ff263f6e022fe36f6ca67b21dda935bcee54653a798cb3089c159524c9098f698e90a0d41349366856991fe607da1c1fdb2b48ba65d1f29395a9e7c50acf895174d4ae4c4f2635a18e0d7db76a606ab3c371541d666bba2566f65fa605ba51b18e0a7c3fa7cbf1c99193800619bd1e0969fab8813faa46ffb1854ced9ecf1f0bc1b4a9a86ddd832f2c67515238e4dee15cfc8fbb64475e7c2801a45e83edb628a996c262ef5f134b92931ce9f7e20287f95861a34dbf0f76493ee924e85cd4cac61c64f50b2c9a0684809426819161b23d0907da4a27390a60394f5aecbaaaa2973cca4d0c1de2ba57e2556043770bdf3c9d09ab66368b151551da9b9054828f59a13f91"], &(0x7f0000000380)=0xe6)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000698000)=0xe)
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000000))
close(r0)
bind(0xffffffffffffffff, &(0x7f0000d01ff0)=ANY=[], 0x0)
shmget(0xffffffffffffffff, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil)
read(0xffffffffffffffff, &(0x7f0000000080)=""/93, 0x5d)

2018/03/31 16:37:05 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x0)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   95.881829] FAULT_INJECTION: forcing a failure.
[   95.881829] name failslab, interval 1, probability 0, space 0, times 0
[   95.893170] CPU: 0 PID: 7796 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   95.900265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   95.909613] Call Trace:
[   95.912208]  dump_stack+0x194/0x24d
[   95.915838]  ? arch_local_irq_restore+0x53/0x53
[   95.920506]  ? __save_stack_trace+0x7e/0xd0
[   95.924837]  should_fail+0x8c0/0xa40
2018/03/31 16:37:05 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000000c0)={r1, 0x1, 0x3, @random="7c2e1626459d"}, 0x1ce)
getsockopt$packet_buf(r0, 0x107, 0x2, &(0x7f0000000100)=""/206, &(0x7f0000000040)=0xce)
close(r0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000240)={0x0, 0x0, 0xffffffffffffff9c})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0xe, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, r3, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000700)=@filter={'filter\x00', 0xe, 0x2, 0x0, [0x0, 0x20000080, 0x200000b0, 0x200000e0], 0x0, &(0x7f0000000040), &(0x7f0000000080)=ANY=[@ANYBLOB]}, 0x78)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x1}}}, 0x88)
socketpair(0x10, 0x0, 0x80000000, &(0x7f0000000780)={<r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_VERSION(r4, 0xc0406400, &(0x7f0000000600)={0xf1, 0x40000040009, 0x800000008000, 0x41, &(0x7f00000007c0)=""/188, 0x44, &(0x7f0000000880)=""/176, 0xc2, &(0x7f0000000a80)=""/194})
ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000000))
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0x6, @random="7c2e1626459d"}, 0xffffffffffffff54)
gettid()
ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f0000000980)='bcsf0\x00')
ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000000)='bcsf0\x00')
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={0x0, 0x1, 0xac, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00')
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f00000000c0)={0x0, 'eql\x00'}, 0x18)
accept4$inet6(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000340)=0x1c, 0x807ff)

[   95.928552]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   95.930679] syz-executor4 (7787) used greatest stack depth: 15560 bytes left
[   95.933646]  ? kasan_kmalloc+0xad/0xe0
[   95.933656]  ? __kmalloc+0x162/0x760
[   95.933668]  ? ext4_htree_store_dirent+0x8b/0x580
[   95.933679]  ? htree_dirblock_to_tree+0x4e8/0xa00
[   95.933687]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[   95.933701]  ? exportfs_get_name+0x1a0/0x240
[   95.933709]  ? reconnect_path+0x1f1/0x670
[   95.933717]  ? exportfs_decode_fh+0x28a/0x5b0
[   95.933726]  ? do_handle_open+0x374/0x8a0
[   95.933734]  ? SyS_open_by_handle_at+0x27/0x30
[   95.933743]  ? do_syscall_64+0x281/0x940
[   95.933752]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   95.933765]  ? find_held_lock+0x35/0x1d0
[   95.997902]  ? __lock_is_held+0xb6/0x140
[   96.001965]  ? check_same_owner+0x320/0x320
[   96.006290]  ? rcu_note_context_switch+0x710/0x710
[   96.011217]  should_failslab+0xec/0x120
[   96.015188]  __kmalloc+0x63/0x760
[   96.018633]  ? str2hashbuf_unsigned+0x250/0x250
[   96.023297]  ? ext4_htree_store_dirent+0x8b/0x580
2018/03/31 16:37:05 executing program 7:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x80400, 0x0)
setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f00000000c0), 0x1)
r1 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c)
listen(r1, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x80)
statx(r2, &(0x7f0000000040)='./file0\x00', 0x0, 0x200, &(0x7f0000000140))
r3 = socket$inet6(0xa, 0x2000000000001, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6)
sendto$inet6(r3, &(0x7f0000000140), 0x0, 0x20000000, &(0x7f0000f62fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)

[   96.028140]  ext4_htree_store_dirent+0x8b/0x580
[   96.032807]  htree_dirblock_to_tree+0x4e8/0xa00
[   96.037473]  ? dx_probe+0x1070/0x1070
[   96.041271]  ? save_stack+0xa3/0xd0
[   96.044892]  ? kmem_cache_alloc_trace+0x136/0x740
[   96.049725]  ? ext4_readdir+0x2285/0x3600
[   96.053869]  ? iterate_dir+0x1ca/0x530
[   96.057751]  ? get_name+0x52a/0x730
[   96.061377]  ? exportfs_get_name+0x1a0/0x240
[   96.065788]  ? reconnect_path+0x1f1/0x670
[   96.069938]  ? exportfs_decode_fh+0x28a/0x5b0
[   96.074425]  ? do_handle_open+0x374/0x8a0
2018/03/31 16:37:05 executing program 7:
r0 = syz_open_procfs(0x0, &(0x7f0000000180)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000)=0x4, 0x4)
r1 = socket(0x40000000015, 0x5, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r2=>0x0}, &(0x7f0000000200)=0x5)
setuid(r2)
ioctl$DRM_IOCTL_RES_CTX(r0, 0x8004587d, &(0x7f0000000080)={0x20000000000000ee})

2018/03/31 16:37:05 executing program 7:
r0 = socket(0xa, 0x2, 0x0)
flock(0xffffffffffffffff, 0x6)
sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f00000009c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x21100000}, 0xc, &(0x7f0000000980)={&(0x7f0000000640)=ANY=[@ANYBLOB="3db6bbc0b37ced4e7c4fc2be94c37a9a07f86fd625985fa953ff0300000000"], 0x1}, 0x1, 0x0, 0x0, 0x50}, 0x20000884)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f00000003c0))
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200))
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, 0x1c)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}}, &(0x7f0000000380)=0x84)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu\x00', 0x200002, 0x0)
r1 = creat(&(0x7f0000000100)='./file1\x00', 0x0)
fallocate(0xffffffffffffffff, 0x1, 0x0, 0x20004d2d)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000)="1356c1f7a6f170d95ec6cfc0", 0xc, 0x0, &(0x7f0000000080)={0x2, 0x0, @rand_addr=0x2}, 0x10)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f000050dfc8)={&(0x7f0000000840)=@in6={0xa, 0x0, 0x80000001, @mcast1={0xff, 0x1, [], 0x1}, 0x3}, 0x1c, &(0x7f00000005c0), 0x0, &(0x7f0000576000)}, 0x0)
sendto$inet6(r0, &(0x7f0000000240), 0x0, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x1a}, 0x9}, 0x1c)
r2 = accept(0xffffffffffffffff, &(0x7f00000006c0)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000740)=0x80)
ioctl$TCSETA(r1, 0x5406, &(0x7f00000008c0)={0x5, 0x1, 0x9, 0x0, 0xfff, 0x8, 0xffffffff00000001, 0x0, 0x2, 0x7})
ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f00000004c0)={'sit0\x00'})
r3 = creat(&(0x7f00000005c0)='./file1\x00', 0x100)
ioctl$VT_SETMODE(r3, 0x5602, &(0x7f0000000540)={0x9, 0x67, 0x6, 0x5, 0x2})
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000780)='IPVS\x00')
sendmsg$IPVS_CMD_SET_DEST(r2, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x50080}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, r4, 0x200, 0x70bd25, 0x25dfdbfc, {0x6}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x16}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8090}, 0x20040005)
pipe2(&(0x7f0000000240)={<r5=>0xffffffffffffffff}, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000000)={{{@in=@multicast2, @in6=@dev}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000000140)=0xe8)
ioctl$TIOCLINUX3(r5, 0x541c, &(0x7f0000000680)=0x3)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000480)='IPVS\x00')
sendmsg$IPVS_CMD_SET_SERVICE(r5, &(0x7f0000000600)={&(0x7f0000000440)={0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000a00)=ANY=[@ANYBLOB="3400270080147c44bee7cc59be3a73cedf39fb9616be6d7bce1d59ae819ae9bd3c2cecf4bd6ee5bf4b337c69b477a0d15913a1ec8898323a251798354d19e67b07a8268da71c47e4aa2d33e4736e23b0efe0875808eaa78bd7f17b74dcd372d74d841ba47866f8149d260846ef45ca91aaf64900651eae143a88e05b4de692f9747be47aa820c1a4f6ddfd61e78eaf9d03786592a6387148bb691e99cda20dc521b4d650a2", @ANYRES16=r6, @ANYBLOB="00022dbd7000fcdbdf2502000000080004009f01000008000400400f0000080006005305000008000600a87cffff"], 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x4040000)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000180)={@local={0xfe, 0x80, [], 0xaa}, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, @local={0xfe, 0x80, [], 0xaa}, 0x0, 0x80000000, 0x0, 0x0, 0x10001})

[   96.078561]  ? SyS_open_by_handle_at+0x27/0x30
[   96.083150]  ? do_syscall_64+0x281/0x940
[   96.087204]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   96.092563]  ? __lock_acquire+0x664/0x3e00
[   96.096795]  ext4_htree_fill_tree+0x2bb/0xcb0
[   96.101284]  ? print_irqtrace_events+0x270/0x270
[   96.106038]  ? do_split+0x1d30/0x1d30
[   96.109848]  ? __lock_is_held+0xb6/0x140
[   96.113912]  ? ext4_readdir+0x2285/0x3600
[   96.118055]  ? rcu_read_lock_sched_held+0x108/0x120
[   96.123066]  ? kmem_cache_alloc_trace+0x459/0x740
[   96.127904]  ? do_syscall_64+0x281/0x940
[   96.131962]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   96.137338]  ? percpu_ref_put_many+0x11a/0x220
[   96.141916]  ? free_rb_tree_fname+0x9c/0xe0
[   96.146232]  ext4_readdir+0x206a/0x3600
[   96.150196]  ? debug_mutex_init+0x1c/0x60
[   96.154347]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   96.159353]  ? __ext4_check_dir_entry+0x320/0x320
[   96.164183]  ? lockref_get+0x42/0x50
[   96.167877]  ? lock_acquire+0x1d5/0x580
[   96.171827]  ? lock_acquire+0x1d5/0x580
[   96.175775]  ? iterate_dir+0xc3/0x530
[   96.179553]  ? lock_release+0xa40/0xa40
[   96.183505]  ? check_same_owner+0x320/0x320
[   96.187798]  ? _copy_to_user+0xc0/0xc0
[   96.191662]  ? rcu_note_context_switch+0x710/0x710
[   96.196566]  ? __might_sleep+0x95/0x190
[   96.200520]  ? down_read_killable+0x95/0x180
[   96.204900]  ? iterate_dir+0xc3/0x530
[   96.208674]  ? down_write+0x120/0x120
[   96.212452]  iterate_dir+0x1ca/0x530
[   96.216145]  get_name+0x52a/0x730
[   96.219576]  ? bl_cleanup_pipefs+0x30/0x30
[   96.223787]  ? exportfs_encode_fh+0x100/0x100
[   96.228271]  exportfs_get_name+0x1a0/0x240
[   96.232478]  ? exportfs_get_name+0x1a0/0x240
[   96.236859]  ? get_name+0x730/0x730
[   96.240458]  ? up_read+0x40/0x40
[   96.243801]  reconnect_path+0x1f1/0x670
[   96.247751]  exportfs_decode_fh+0x28a/0x5b0
[   96.252046]  ? drop_caches_sysctl_handler+0x160/0x160
[   96.257208]  ? find_acceptable_alias+0x1e0/0x1e0
[   96.261940]  ? __fget_light+0x2b2/0x3c0
[   96.265888]  ? fget_raw+0x20/0x20
[   96.269315]  ? __check_object_size+0x8b/0x530
[   96.273786]  ? __might_sleep+0x95/0x190
[   96.277739]  do_handle_open+0x374/0x8a0
[   96.281690]  ? vfs_dentry_acceptable+0x10/0x10
[   96.286246]  ? SyS_write+0x184/0x220
[   96.289945]  ? SyS_read+0x220/0x220
[   96.293554]  SyS_open_by_handle_at+0x27/0x30
[   96.297935]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   96.302664]  do_syscall_64+0x281/0x940
[   96.306526]  ? vmalloc_sync_all+0x30/0x30
[   96.310649]  ? trace_event_raw_event_sys_exit+0x260/0x260
[   96.316160]  ? syscall_return_slowpath+0x550/0x550
[   96.321064]  ? syscall_return_slowpath+0x2ac/0x550
[   96.325974]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   96.331312]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   96.336132]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   96.341294] RIP: 0033:0x454e79
[   96.344456] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   96.352138] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   96.359382] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   96.366623] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   96.373867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
2018/03/31 16:37:05 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x0)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:05 executing program 6 (fault-call:2 fault-nth:11):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[   96.381110] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000000a
[   96.393194] device bridge0 entered promiscuous mode
[   96.405449] device bridge0 left promiscuous mode
[   96.467326] device bridge0 entered promiscuous mode
[   96.478575] device bridge0 left promiscuous mode
[   96.483837] FAULT_INJECTION: forcing a failure.
[   96.483837] name failslab, interval 1, probability 0, space 0, times 0
[   96.495165] CPU: 0 PID: 7825 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   96.502252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   96.511587] Call Trace:
[   96.514164]  dump_stack+0x194/0x24d
[   96.517770]  ? arch_local_irq_restore+0x53/0x53
[   96.522425]  ? __save_stack_trace+0x7e/0xd0
[   96.526733]  should_fail+0x8c0/0xa40
[   96.530448]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   96.535539]  ? kasan_kmalloc+0xad/0xe0
[   96.539406]  ? __kmalloc+0x162/0x760
[   96.543107]  ? ext4_htree_store_dirent+0x8b/0x580
[   96.547931]  ? htree_dirblock_to_tree+0x4e8/0xa00
[   96.552756]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[   96.557403]  ? exportfs_get_name+0x1a0/0x240
[   96.561784]  ? reconnect_path+0x1f1/0x670
[   96.565906]  ? exportfs_decode_fh+0x28a/0x5b0
[   96.570375]  ? do_handle_open+0x374/0x8a0
[   96.574500]  ? SyS_open_by_handle_at+0x27/0x30
[   96.579065]  ? do_syscall_64+0x281/0x940
[   96.583109]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   96.588462]  ? find_held_lock+0x35/0x1d0
[   96.592509]  ? __lock_is_held+0xb6/0x140
[   96.596561]  ? check_same_owner+0x320/0x320
[   96.600875]  ? rcu_note_context_switch+0x710/0x710
[   96.605791]  should_failslab+0xec/0x120
[   96.609741]  __kmalloc+0x63/0x760
[   96.613172]  ? str2hashbuf_unsigned+0x250/0x250
[   96.617823]  ? ext4_htree_store_dirent+0x8b/0x580
[   96.622643]  ext4_htree_store_dirent+0x8b/0x580
[   96.627298]  htree_dirblock_to_tree+0x4e8/0xa00
[   96.631958]  ? dx_probe+0x1070/0x1070
[   96.635741]  ? save_stack+0xa3/0xd0
[   96.639351]  ? kmem_cache_alloc_trace+0x136/0x740
[   96.644166]  ? ext4_readdir+0x2285/0x3600
[   96.648289]  ? iterate_dir+0x1ca/0x530
[   96.652153]  ? get_name+0x52a/0x730
[   96.655757]  ? exportfs_get_name+0x1a0/0x240
[   96.660140]  ? reconnect_path+0x1f1/0x670
[   96.664275]  ? exportfs_decode_fh+0x28a/0x5b0
[   96.668761]  ? do_handle_open+0x374/0x8a0
[   96.672899]  ? SyS_open_by_handle_at+0x27/0x30
[   96.677467]  ? do_syscall_64+0x281/0x940
[   96.681515]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   96.686874]  ? __lock_acquire+0x664/0x3e00
[   96.691103]  ext4_htree_fill_tree+0x2bb/0xcb0
[   96.695595]  ? print_irqtrace_events+0x270/0x270
[   96.700347]  ? do_split+0x1d30/0x1d30
[   96.704141]  ? __lock_is_held+0xb6/0x140
[   96.708180]  ? ext4_readdir+0x2285/0x3600
[   96.712303]  ? rcu_read_lock_sched_held+0x108/0x120
[   96.717300]  ? kmem_cache_alloc_trace+0x459/0x740
[   96.722133]  ? do_syscall_64+0x281/0x940
[   96.726187]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   96.731553]  ? percpu_ref_put_many+0x11a/0x220
[   96.736117]  ? free_rb_tree_fname+0x9c/0xe0
[   96.740421]  ext4_readdir+0x206a/0x3600
[   96.744368]  ? debug_mutex_init+0x1c/0x60
[   96.748487]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   96.753480]  ? __ext4_check_dir_entry+0x320/0x320
[   96.758305]  ? lockref_get+0x42/0x50
[   96.762004]  ? lock_acquire+0x1d5/0x580
[   96.765968]  ? lock_acquire+0x1d5/0x580
[   96.769928]  ? iterate_dir+0xc3/0x530
[   96.773706]  ? lock_release+0xa40/0xa40
[   96.777654]  ? check_same_owner+0x320/0x320
[   96.781948]  ? _copy_to_user+0xc0/0xc0
[   96.785822]  ? rcu_note_context_switch+0x710/0x710
[   96.790732]  ? __might_sleep+0x95/0x190
[   96.794694]  ? down_read_killable+0x95/0x180
[   96.799082]  ? iterate_dir+0xc3/0x530
[   96.802865]  ? down_write+0x120/0x120
[   96.806652]  iterate_dir+0x1ca/0x530
[   96.810346]  get_name+0x52a/0x730
[   96.813785]  ? bl_cleanup_pipefs+0x30/0x30
[   96.818012]  ? exportfs_encode_fh+0x100/0x100
[   96.822517]  exportfs_get_name+0x1a0/0x240
[   96.826745]  ? exportfs_get_name+0x1a0/0x240
[   96.831140]  ? get_name+0x730/0x730
[   96.834741]  ? up_read+0x40/0x40
[   96.838083]  reconnect_path+0x1f1/0x670
[   96.842041]  exportfs_decode_fh+0x28a/0x5b0
[   96.846337]  ? drop_caches_sysctl_handler+0x160/0x160
[   96.851499]  ? find_acceptable_alias+0x1e0/0x1e0
[   96.856229]  ? __fget_light+0x2b2/0x3c0
[   96.860176]  ? fget_raw+0x20/0x20
[   96.863600]  ? __check_object_size+0x8b/0x530
[   96.868090]  ? __might_sleep+0x95/0x190
[   96.872061]  do_handle_open+0x374/0x8a0
[   96.876020]  ? vfs_dentry_acceptable+0x10/0x10
[   96.880587]  ? SyS_write+0x184/0x220
[   96.884272]  ? SyS_read+0x220/0x220
[   96.887876]  SyS_open_by_handle_at+0x27/0x30
[   96.892259]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   96.896986]  do_syscall_64+0x281/0x940
[   96.900849]  ? vmalloc_sync_all+0x30/0x30
[   96.904977]  ? _raw_spin_unlock_irq+0x27/0x70
[   96.909466]  ? finish_task_switch+0x1c1/0x7e0
[   96.913958]  ? syscall_return_slowpath+0x550/0x550
[   96.918872]  ? syscall_return_slowpath+0x2ac/0x550
[   96.923788]  ? prepare_exit_to_usermode+0x350/0x350
[   96.928798]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   96.934526]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   96.939346]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   96.944506] RIP: 0033:0x454e79
[   96.947668] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   96.955347] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   96.962592] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   96.969838] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   96.977087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   96.984332] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000000b
2018/03/31 16:37:06 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:06 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000001c0)=""/167, 0xa7}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x70bd2c, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:37:06 executing program 7:
syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0)
r0 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
r1 = getpgid(0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)
accept4$netrom(r0, 0x0, &(0x7f0000000180), 0x800)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc\x00', 0x0, 0x0)
sendto$unix(r3, &(0x7f0000000300)="c2326910560604da2c1d63c9820dbca2dd9e2a5ee974416db9585efacf81c069297cb466c34734346df106305b1ae1c04fdf19083ad1614f5c6c2823d7c35cef5f69e16e39d446c367ece587b381c6e27c4f313920a3895c8a3b8b02d96acccb8cd6348ce173c3a02bb0b2baf9797dd2c0436c80700b89aec088bd829364a5647c84d4dcc84831fd0b7d4b47bc883357620e9a0eccf5fd9aeec44dea3f2d3f633fd362b6076bc5d41f14dda49359ac1828e5a5dd40c07991d8e77e", 0xbb, 0x8000, 0x0, 0x0)
prctl$setptracer(0x59616d61, r1)
setsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000100)="b6ba888215e2883e9ac7e23848c28d17e87457870fcc6b3d0a15b76bec711080b35577a487036c33dadd07ffd47df9d9d96e615c897a1fd4ced9a680aea5156314b15cd4f54a4e728e3cb27b15817b1eb1bc14e3da55546dfd55a09f459b8fdd703b3e268396a607b89fdaf196b69f71", 0x70)
getsockopt$inet_buf(r3, 0x0, 0x2d, &(0x7f00000003c0)=""/139, &(0x7f0000000280)=0x8b)
accept4$unix(r0, &(0x7f00000001c0), &(0x7f00000002c0)=0x6e, 0x800)

2018/03/31 16:37:06 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x0, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:06 executing program 6 (fault-call:2 fault-nth:12):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:06 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000003c0)={0x101ff, 0x0, &(0x7f0000ffe000/0x1000)=nil})
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:06 executing program 3:
r0 = accept4(0xffffffffffffff9c, &(0x7f0000000b00)=@ipx, &(0x7f0000000b80)=0x80, 0x80000)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000bc0)={<r1=>0x0, 0x0, 0x100, 0x7, 0x3, 0x7, 0x2ff3, 0x5, {0x0, @in6={{0xa, 0x4e20, 0x29f, @remote={0xfe, 0x80, [], 0xbb}, 0x3}}, 0x0, 0x8001, 0x5, 0x7, 0x7fffffff}}, &(0x7f0000000c80)=0xb0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000cc0)={<r2=>r1, 0x6, "849406d7b93d"}, &(0x7f0000000d00)=0xe)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f0000c33f70)={0x1, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x90)
getsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000600)={<r6=>0x0, 0xb5, 0x1, 0x3ff}, &(0x7f0000000640)=0x10)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000680)={r6, 0x8}, 0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000ec0)=ANY=[@ANYRES16=r0, @ANYBLOB="6b00000040d0a52e2417a344c57f1353671ddfbcc117394e475e42a0c506e43a3c3be62e8ff9f4ae3ece15cb146423c9f6b85880c5af3e297ba4c4b836379916959f57f9301f00100000c4f28067861cef28b31480b29d7c6beeb4bdf53bd3af4a91a073c8369899bf93dc83ea21e014a270f96b5ec03d1d59bed0dbbac79340"], &(0x7f0000000e00)=0x2)
ioctl$DRM_IOCTL_AGP_ACQUIRE(r3, 0x6430)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x4e22, @broadcast=0xffffffff}, {0x2, 0x4e23}, {0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 0x1, 0x7, 0x8, 0xfff, 0x7, &(0x7f00000000c0)='sit0\x00', 0x3ff, 0x2, 0xd4d})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e20, @multicast1=0xe0000001}}, 0x7fff, 0x2}, 0x90)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000040)={<r7=>0x0, 0x3ff, 0x0, 0x0, 0x8001}, &(0x7f0000000080)=0x14)
setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f0000998f70)={0x100000001, {{0x2, 0x0, @multicast1=0xe0000001}}}, 0x90)
getpeername(r5, &(0x7f0000000540)=@pppol2tpin6={0x0, 0x0, {0x0, <r8=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @ipv4={[], [], @rand_addr}}}}, &(0x7f00000005c0)=0x80)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000d40)={r7, 0x46}, 0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000280)={r2, 0x525a, 0x7}, 0x8)
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f00000006c0)=ANY=[@ANYBLOB="ff0300000000000002004e2100ff0f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000700000002004e24ac14141900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e207f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ac14141600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e200000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1)
setsockopt$inet_MCAST_LEAVE_GROUP(r3, 0x0, 0x2d, &(0x7f0000000400)={0xffffffffffffffad, {{0x2, 0x4e24}}}, 0x88)
accept$alg(r0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r8, 0x84, 0x75, &(0x7f0000000500)={r7}, &(0x7f00000004c0)=0xa750c3cf254eb34f)
close(r4)
getuid()
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000100)={r7, @in={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}}, &(0x7f00000001c0)=0x84)

2018/03/31 16:37:06 executing program 4:
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, <r1=>0x0})
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000080)=r1)
getsockopt$llc_int(r0, 0x10c, 0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000100)=0x10000, 0x4)

2018/03/31 16:37:06 executing program 4:
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="4244d6e42ab1d6e42ab3010000050003000005fa000002000000080000040000001905df03617364000000000000000000000000000000000000000000000000000000000000000000030000180000001800000200000007000000020000000000000000000000000000000000636e6500000000484447342cb292b1000000000000000018000000000c000000000000000000001800000c000c", 0x9a, 0x400}, {&(0x7f0000010200)="0000000000000000010000030000000000000000000000000000000000000000020000070000000c", 0x28, 0x800}, {&(0x7f0000010500)="0000000000000000010000030000000200000003000000140000000100000006020000250000000c", 0x28, 0x2000}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000001f800f80078000e0000000200000000ff01000300000900000000010361736401000000000700000002d6e42ab1d6e42ab2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000020000030000000000000000000000000103617364", 0x98, 0x21e0}, {&(0x7f0000010b00)="00000000000000000000000000000000000001aa01b0017a014400d20060000e00000000000000000002000500002500000000010361736400000000000000000000000000000000000000000000000000000000000000012500000000020566696c65310000000000000000000000000000000000000000000000000000000000022500000000020566696c65340000000000000000000000000000000000000000000000000000000000052500000000110566696c65300000000000000000000000000000000000000000000000000000000000042500000000140066696c6530000000000000000000000000000000000000000000000000000000000006", 0x100, 0x25e0}, {&(0x7f0000010e00)="0000000000000000000000000000000001c4018e0158012200ec00b60080000e0000000400000002ff01000500000b00000000020566696c6534020082003f3f3f3f3f3f3f3f0000000000000000000000150000000000000000000000000000000000000000d6e42ab2d6e42ab200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e000000000208564944454f5f54530001000000000100000016d6e42ab2d6e42ab200000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000000000000000000018000000000212d181d18ed0b7d0bad0b0d0bbd0bbd0b5d18000020082003f3f3f3f3f3f3f3f0000000000000000000000180000000000100000020000000000000000000000d6e42ab2d6e42ab200000000000000000000000000000000000000000000001a0001000000000000000000000000000000000000000000000000060000000010000004000000000000000000000000020566696c65300000000000000000000000000000000000000000000000000000060000000011000003000000000000000000000000020566696c6531000000000000000000000000000000000000000000000000", 0x1e0, 0x29e0}, {&(0x7f0000011200)="000000000000000000000000000000000000018e0158012200b0007a0044000e", 0x20, 0x2de0}, {&(0x7f0000011400)="d181d18ed0b7d0bad0b0d0bbd0bbd0b5d1800a00000000000000000000000000", 0x20, 0x3a00}, {&(0x7f0000000140)="4244d6e42ab1d6e42ab1010000000003000005fa000002000000080000040000001005e203617364000000000000000000000000000000000000000000000000000000000000000000020000180000001800000000000000000000000000000000000000000000000000000000636e6500000000484447342cb292b1000000000000000018000000000c000000000000000000001800000c000c000000000000", 0xa0, 0xbfc00}], 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1bc44c7adbc0a3c0ef"])

[   97.138349] FAULT_INJECTION: forcing a failure.
[   97.138349] name failslab, interval 1, probability 0, space 0, times 0
[   97.149785] CPU: 0 PID: 7856 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   97.156881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   97.166236] Call Trace:
[   97.168825]  dump_stack+0x194/0x24d
[   97.172462]  ? arch_local_irq_restore+0x53/0x53
[   97.177129]  ? __save_stack_trace+0x7e/0xd0
[   97.181457]  should_fail+0x8c0/0xa40
2018/03/31 16:37:06 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[   97.185175]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   97.190275]  ? kasan_kmalloc+0xad/0xe0
[   97.194159]  ? __kmalloc+0x162/0x760
[   97.197876]  ? ext4_htree_store_dirent+0x8b/0x580
[   97.202725]  ? htree_dirblock_to_tree+0x4e8/0xa00
[   97.207563]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[   97.212230]  ? exportfs_get_name+0x1a0/0x240
[   97.216633]  ? reconnect_path+0x1f1/0x670
[   97.220780]  ? exportfs_decode_fh+0x28a/0x5b0
[   97.225270]  ? SyS_open_by_handle_at+0x27/0x30
[   97.229845]  ? do_syscall_64+0x281/0x940
[   97.233886]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   97.239235]  ? find_held_lock+0x35/0x1d0
[   97.243281]  ? __lock_is_held+0xb6/0x140
[   97.247339]  ? check_same_owner+0x320/0x320
[   97.251647]  ? rcu_note_context_switch+0x710/0x710
[   97.256559]  should_failslab+0xec/0x120
[   97.260513]  __kmalloc+0x63/0x760
[   97.263942]  ? str2hashbuf_unsigned+0x250/0x250
[   97.268590]  ? ext4_htree_store_dirent+0x8b/0x580
[   97.273417]  ext4_htree_store_dirent+0x8b/0x580
[   97.278067]  htree_dirblock_to_tree+0x4e8/0xa00
[   97.282722]  ? dx_probe+0x1070/0x1070
[   97.286502]  ? save_stack+0xa3/0xd0
[   97.290107]  ? kmem_cache_alloc_trace+0x136/0x740
[   97.294927]  ? ext4_readdir+0x2285/0x3600
[   97.299051]  ? iterate_dir+0x1ca/0x530
[   97.302918]  ? get_name+0x52a/0x730
[   97.306524]  ? exportfs_get_name+0x1a0/0x240
[   97.310909]  ? reconnect_path+0x1f1/0x670
[   97.315032]  ? exportfs_decode_fh+0x28a/0x5b0
[   97.319505]  ? do_handle_open+0x374/0x8a0
[   97.323629]  ? SyS_open_by_handle_at+0x27/0x30
[   97.328189]  ? do_syscall_64+0x281/0x940
[   97.332226]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   97.337568]  ? __lock_acquire+0x664/0x3e00
[   97.341782]  ext4_htree_fill_tree+0x2bb/0xcb0
[   97.346253]  ? print_irqtrace_events+0x270/0x270
[   97.350989]  ? do_split+0x1d30/0x1d30
[   97.354780]  ? __lock_is_held+0xb6/0x140
[   97.358823]  ? ext4_readdir+0x2285/0x3600
[   97.362945]  ? rcu_read_lock_sched_held+0x108/0x120
[   97.367938]  ? kmem_cache_alloc_trace+0x459/0x740
[   97.372754]  ? do_syscall_64+0x281/0x940
[   97.376792]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   97.382133]  ? free_rb_tree_fname+0x9c/0xe0
[   97.386434]  ext4_readdir+0x206a/0x3600
[   97.390388]  ? debug_mutex_init+0x1c/0x60
[   97.394522]  ? __ext4_check_dir_entry+0x320/0x320
[   97.399347]  ? lock_acquire+0x1d5/0x580
[   97.403299]  ? lock_acquire+0x1d5/0x580
[   97.407248]  ? iterate_dir+0xc3/0x530
[   97.411035]  ? lock_release+0xa40/0xa40
[   97.414991]  ? _copy_to_user+0xc0/0xc0
[   97.418867]  ? rcu_note_context_switch+0x710/0x710
[   97.423778]  ? __might_sleep+0x95/0x190
[   97.427734]  ? down_read_killable+0x95/0x180
[   97.432117]  ? iterate_dir+0xc3/0x530
[   97.435892]  ? down_write+0x120/0x120
[   97.439674]  iterate_dir+0x1ca/0x530
[   97.443368]  get_name+0x52a/0x730
[   97.446802]  ? bl_cleanup_pipefs+0x30/0x30
[   97.451023]  ? exportfs_encode_fh+0x100/0x100
[   97.455518]  exportfs_get_name+0x1a0/0x240
[   97.459728]  ? exportfs_get_name+0x1a0/0x240
[   97.464117]  ? get_name+0x730/0x730
[   97.467721]  ? up_read+0x40/0x40
[   97.471071]  reconnect_path+0x1f1/0x670
[   97.475032]  exportfs_decode_fh+0x28a/0x5b0
[   97.479335]  ? drop_caches_sysctl_handler+0x160/0x160
[   97.484503]  ? find_acceptable_alias+0x1e0/0x1e0
[   97.489236]  ? __fget_light+0x2b2/0x3c0
[   97.493187]  ? fget_raw+0x20/0x20
[   97.496617]  ? __check_object_size+0x8b/0x530
[   97.501096]  ? __might_sleep+0x95/0x190
[   97.505055]  do_handle_open+0x374/0x8a0
[   97.509012]  ? vfs_dentry_acceptable+0x10/0x10
[   97.513576]  ? SyS_write+0x184/0x220
[   97.517270]  ? SyS_read+0x220/0x220
[   97.520881]  SyS_open_by_handle_at+0x27/0x30
[   97.525265]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   97.529996]  do_syscall_64+0x281/0x940
[   97.533866]  ? vmalloc_sync_all+0x30/0x30
[   97.537987]  ? _raw_spin_unlock_irq+0x27/0x70
[   97.542458]  ? finish_task_switch+0x1c1/0x7e0
[   97.546932]  ? syscall_return_slowpath+0x550/0x550
[   97.551839]  ? syscall_return_slowpath+0x2ac/0x550
[   97.556751]  ? prepare_exit_to_usermode+0x350/0x350
[   97.561750]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   97.567094]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   97.571919]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   97.577087] RIP: 0033:0x454e79
[   97.580253] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
2018/03/31 16:37:06 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x11, 0x3, 0x6)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000540)=[&(0x7f0000000140)='\x00', &(0x7f0000000240)='systemem0\'-selinuxvboxnet1eth0.em0]mime_type\x00', &(0x7f0000000340)='^selfvboxnet0%\x00', &(0x7f0000000380)='bond0\x00', &(0x7f00000003c0)='/dev/snd/pcmC#D#c\x00', &(0x7f0000000400)='bond0\x00', &(0x7f0000000440)='/dev/snd/pcmC#D#c\x00', &(0x7f0000000480)='bond0\x00', &(0x7f00000004c0)='\x00', &(0x7f0000000500)='eth1vmnet0]\x00'], &(0x7f0000000600)=[&(0x7f00000005c0)='/dev/snd/pcmC#D#c\x00'])
ioctl$sock_SIOCGIFINDEX(r0, 0x8931, &(0x7f0000000000)={'bond0\x00'})
mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x7fffffff, 0x2000000208972, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x1, 0x101)
r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x20000, 0x10)
ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000280)=0x3f)
sendto$inet6(r2, &(0x7f0000001000)="c730eeb935fdba42f6b3049214b00bad5943362506cb6fde15e08e5a01f29b8cbe5be8c764f48be38218bd102c0ac4911b7c9d464bddac22d5bbec8a078f398879841f5194dc6a5190dcda5a342e52cbbf6a3e4d4ab111ece94468f55ce874bda7dbb27cdfce2661dcfc972f323d9d15d14a92d81d3bd9e249741372da971e1945f87f4ac2dd299b818a94ed38c83fd3e9f7c0c277ab4799ed338f24aca4d546592d2990f9ec32c5fb69d5c7ccd432470415604c9d52da506f9815fa2d80f2cf9655fd7b67e6b7f40b5202b8d76ad7e250b526dd7ad4fda0b011e7d2a2520691d83391659594bb7a2940c199778e6e02efdc02954267f38e406d1b116d8290a1ff31d554a6db0efb3a59920be0aa59a5cb5795ba418c691800fea8bf2dec7bb384eaa7a22e137aea5143eae2ebd09c060e03bddabdfd2a566c249d500c6055de20e61763dd242f5e39e86d17ec236bef4e6a843aa8659244e15a308b0cb09ff0b46f9fc935e86609f8cc3860aa0ea26e6c15e98b5300da3d2c64f9a148126cf6d703cdbfc55393ca16ab0ad986706a5d2249529de1993cedba671f218debc93fb283f3bf0a89f2146ee459096e97c81419aed1b42fcefae0ca6c198cf8f208c3dcc5ea3a5ef357670214bf5b12a11b82024134426f82b09b73c366d09d9078edf41f34906f00d45afbc9248813ed7b398668e279e58a6063816ded735bffa14bb73c9005d692385a7b6481db94936cd76077cd77024b82a66d178dc8bf18eb4a7e551a8833d2663f34914983340171139099ec7b374187428f600671f5e876b04b0f63b8d31161987aff4970190d34871b99bd2260b5a5e20adee3cebee96432203c24ba3862a889f7e5ec453c185ef833eb94a595a5c77bea87273a53469a60ca54dc4e80dfe45d55ea7526ac0da387727449199d7275698502351268bff8e3e2429ae7794cebccc995c1544fe0b688aaf1d03d701c75dc59d7d9b6f1e25470efcb2bb1835530d7dd619b4bc99607d90e6e9d087638d5a1db158799f231ba617b828cf620981d322607b19f99dc6462e4b5e2ab3cb699c28d8beed02ce934d467aff9db6518505bcc5635ba478e47a66117892e58b0e2a8f3915faf5c8763022c5ef2355db9408df86fd0653297fb3bffa432945c307216511b64ecd63b93494721ff810ff3bcb18251fa7eff63eb658c4ea5a51fc79fa1059611b7f3a9af34b8f0ee63fd6eb1df3c9ce9c378188f308ab5f66546a27aa8889fa51a31b8cbe3e2da8dc3b9109018bfd569120aef4ca964882f994baa355181f33a828602ebc46e8ad7273eccd0ae51f3192235d4af474e667d424d0c90cc27f921ce04efd06af849ba0526d7256ea9923784c49351c086d9577eb25e935d3bd703e45d368cdfdcdc2d635c0a02eb4ce6ef0d0a5d8fddaacd1f6d905c86d89945293f8a631c16e5d774ec352ecb08a6e7945c68f5fd4d83396329aa60f81ac8e6e22dad5051236c4c51e721af17e5bdb2ed7150770a654461a161b70e55b4515f406df6ab84f05b3335a294318b6ee076a478d9517419b22a9ae50c6f573d1e70c5557ea1afa2a21d547b3858221b068671a54a5f800fab8667f0af7f141ef7ca65a9dc64620d85a53d2a38ace1ae3ad223d91ca3cc5c7cce55c50541521f79c6465efb809f98b8c74003abad42b050cb64538fbb89065d2bac38dce3afda8d34c1d80c9a07cf837320b5a5f69688b2133f5ee663e703558def50abed530ff5d0cc8acb5ff31b156227d75e97bbe947b1fdaff101beff5326f5cad5d27388ed81f858cd0341711f44b599b97b294f6e5b99791f40ecc607b515e508aa0b24df7f9d863ebc65ed19afeae77fda37d57c6431acc4b42960910955c71ff650f3fb444cdfa30ad885e8d058c1fad5407bbc02feda4a5a0d69a53ddf71592ef319f9ce47d0610e26dbc8ac05fffd5ccb2494532b0de4c54711b92b4cac2b1b0016ac6535ce2dad62ad6e9dbbc4aaef0c0d8ec72f9740d8a061b1b7399a5baac333ca9ebef914afed137d7c5065b8c1f2d571744445c2e6e52ce65d6d5fcb4b4f4846628257fd3eef42f64b8fa9a68dc3eb7776f83af09bca91857ad867571f9f1f28572d7016b246cadee350a8603b0612e55fe3d67a170858a345fc738293e83ddc823384b1ddc52c892b4d3497a580c47b07a42e2c7c4a8fd79c8702a54a485049902a9e68efabe510c2bb3bbc2e18b4b617046119907debc7712e9d45123873ad7f488fe25193063cbf6db1d122e29cd9ea51563d32e78252083ee81e81aedac1e541883e6671f241192a14a0243699008e2aafc55e5ca9142cd6b060f677930a7781d85d36e9b35d0b136d5b4300bdc999d785453713a60e0fff73d3ffa45e6ccf352542c5c9fb95e759cecbe619a3a96f16984a89c8a03d18615cd510fe114637cac3e77189884a3bd9a6b7ee6655ceb808cdb67d4e9bc95e3c3e29bbacbab5dc1fd59e53a95036c3a5101439cedaf14b314913e20ec39934a955eab25b7fd82bbede5719b0c11fe449a821c543390840d6c3403be3235836632a1746800df93de0b1c8334cce02f8522cf93cd2fb6488ee100250f30172ff126628103e0e8482a2cfc00dab924eef488c3400fb8024aa2e3a91a051e72c328a428345abcf1ed1421e597ea407c708a1f76448d01d365a5e60c92a2d79a856ff33bfab4916199d14696b2b4c7659ff13558b97ccf3f83c23468d86967abdb3d33364ac37fb0115797a901ebcfc7666d1fa49137b60606baa7f7f502e6e397458b3fdbe001272f03f78a67064914c43185fb9a03492657144ae882f8243b396e705c1b80413bb0386357a182abc388423e72e36c83b82e47460ae3fb45b07705d00bbd76c9978b04445f800f68c3fea996217dc88cdf31d7180c53d46971e8c4314f3700d899b8b97d3022f7eda6fe7e00ab8db31f884f177d14c93c5d148db60a94c985bfa5291f905c3481bd1e5c3a873a12e22236d68591ce7c8654fd84b62cb1f1d3ed803582ee01757cddb137a6621e8040927d7c3006f9ba30e7ca44e0b4742ac981aad60f9c750750f3d3b6391bc61d85fff2d1dff2ef9e81613e7879d5967c30a797341cb0697218dd23a2a65a555464811e6536bb7ad77a00f04b44fef7bf7ee3c46a2f3e8e6f04270886388f8d7335700a19ca004d7031a79bd22f3785530343e09e749a2e471e2e04ec7034248c275cead9289cb6d8ebe39cc38f7f6e6d294350ab809b725773a4942613f28e7d47a16088f488ecec1a133a4a1466f7216eece04bee058f24ec590d2f832fb035ac5db41a3584e5051cb4739ac2609c56495e7d5a4c71624f6e4fb95edec74e31a724c4583db0ce8d20bb4068e189226fdaefb4e2c46b0369789853321f3839062564719d91b6e1bfb7a261176a47e6768120364b874c8a2e7711074f67b048315a7fca39c71fb174377823d4ecabacc9fe6e482cfedbf3ba57b65023013d15a63442e23a27b5ca7e808b904c46de9ea001667e32971c536517f6718a5acb3374c152497a403bd121369eac6879648a32049719eb6060b2f23797379d1777f0f21242d7b2d2dd6287aeca09422fa68ee80be77e3270d19e92a8a359f9d33410a6233f5a0b437890754e574be9b153ce7e7e7ec074707efff3352ed77bd00000fa6a85340496c698774917926b9fdf4b3086e80dfc8d8d3667b0e03cb5c9354408e9f18cb49047555d851eb6cf2eea74b4fb3ebfd8ac9d30dde5f4b9ea0f0306faecaa218bfac0bed7c2fa8127736e6f49decf1d2b1ac1e9e99d6ea0ef1815c59996197f5dc89c15c68b9baecd4a0c79cde10fa8e9ca1354332155c45e5c26ce9efc3544cdbebd488a1f554b065fb32ef983c4787528293b474c31b336be555eef427ee2ae3980d6844cd23b623edee60d067c284906b53332251a54e5844f8200320778e9de400f4463761fa162bdf42199b986e4633c4f7b54d26cbf9c750ae3791a4ca4edfba918a398fe9ef8caf39f89e7997949c1e7a4ac46ed74793ec703fe88989a74cdff219ad10106a35563144e5b23a89eb50da6a55e0402afc46b729d61b136893466125b5da3cc3527a27d4c4aad0d50029ec9022944dab1bd57cc666bc7b45189895ae1203ece50f62465d7dce60f9189e59b30c01a145723a41b9792e952a00fd6f69e00f9634fb46c1ee80363bbcf2adb740634fa8d84983e10f2b567e69a989074fe71bea5e78e86997ea1180938c216c12272876a3e98b9545df5620a2c09e8f2e9ad492d8e94dbe01f78ca69eac3bf4da55421a3127700408cd0a5ef68c8397aaa48ff41813109807e8a3467b5c20a670ab3a", 0xc00, 0x0, &(0x7f0000000300)={0xa, 0x100004e24, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x4}, 0x1c)
madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008)
ioctl$DRM_IOCTL_AGP_ACQUIRE(r1, 0x6430)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000100)={0x5, 0x1})
clone(0x0, &(0x7f0000000000), &(0x7f0000000ffc), &(0x7f0000000ffc), &(0x7f0000000000))
getsockopt$sock_buf(r1, 0x1, 0x37, &(0x7f0000000640)=""/43, &(0x7f0000000680)=0x2b)
mlock(&(0x7f0000a67000/0x2000)=nil, 0x2000)
ioctl$KVM_ASSIGN_DEV_IRQ(0xffffffffffffffff, 0x4040ae70, &(0x7f00000002c0)={0xf9, 0x3, 0x8, 0x1})
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0))
clock_gettime(0x0, &(0x7f00000000c0))

2018/03/31 16:37:06 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   97.587937] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[   97.595182] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   97.602428] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   97.609675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   97.617095] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000000c
[   97.660375] hfs: unable to parse mount options
[   97.692293] hfs: unable to parse mount options
2018/03/31 16:37:07 executing program 7:
r0 = socket$inet6(0xa, 0x80801, 0x44f)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000bbeff4))
shutdown(r0, 0x2)
epoll_wait(r1, &(0x7f0000000000)=[{}], 0x1, 0x0)

2018/03/31 16:37:07 executing program 6 (fault-call:2 fault-nth:13):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:07 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x0, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:07 executing program 4:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="050000000200c9407e3a"], &(0x7f0000000580)=0x1)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0), 0x0)
ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, &(0x7f0000000940)=""/4096)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xa)
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000480)={0x6, 0xc03a})
write$rdma_cm(r0, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r1=>0xffffffff}, 0x2}}, 0x20)
write$rdma_cm(r0, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r1}}, 0x48)
write$rdma_cm(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="0c000000080000fa", @ANYPTR=&(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000207df678bf68c628ac6622ebe5dfc60220c0132ff36bd0533ea5d9a7e47401d07c57e00918428547bd78a4c1e372f84697b5e0bf8a826daec5cf3b4478a4afffd282628bad1aabcc6d16b11c0135b6ccd106c1e196c0bde2b903a78c05772519343faf0c60c023fffef584ab6cd17f7b2237c9aca20c7323afed95585ee9432fcce657e517c89aef"]], 0x10)
r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6862, 0x80000)
ioctl$EVIOCGKEYCODE(r2, 0x80084504, &(0x7f0000000200)=""/234)

2018/03/31 16:37:07 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:07 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000003c0)={0x101ff, 0x0, &(0x7f0000ffe000/0x1000)=nil})
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:07 executing program 3:
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000265ff7)='/dev/sg#\x00', 0x0, 0x0)
ioctl(r0, 0x227b, &(0x7f0000d27862)="ff")
read(r0, &(0x7f0000000100)=""/154, 0x316)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000040), &(0x7f0000000080)=0x4)

2018/03/31 16:37:07 executing program 5:
r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffffff)
getpeername$unix(r0, &(0x7f0000001740)=@abs, &(0x7f00000017c0)=0x6e)
timer_create(0x7, &(0x7f0000000080)={0x0, 0xb, 0x6, @thr={&(0x7f0000000280)="99e5f97269ae3f4dac941013ad723f203aa982a82b5710c241675f8d5d25f2806efa944144aa26101758209a0802d87cb478dc32558a6a0cc4ed1f0164fc497a43bb374327cc1ea631adbe793194a985129282f5a60f54ed511f9bdd583fc71c15b2ee176fdadcccc132fd48658ab138cd79904ccda8c0bd9332161367a32666ce04989a72a575c7497ffc67e0524c50fb4bd7dbb765639f361ecbada4c2e6820da6b7dadb16f385e53b701782ad84231611eed439138cbc8859d9cdc681f8712d1dc51a621fcd31a14b8fbcae64476a6eb4ca04ac2b76c1a9d7e1", &(0x7f00000004c0)="1d1444d5db238fea8dd7f7811d0c2271b708ce4442cb97af16f8661c86e94815736055b7f148ceb4e53b5857723c92c4d95f9b30e486fd592e02468579b83509c4f0420708f0bc05977a1a27b0b26c1539a7137323dc116b66bd888ad469422caed9ee9d423b2b10e0a9efd63a0aa19977d8dc47763ecbc88103bebbcec782789276554a9729cd26fd5ad73553a329d40fba292996ced1ce25adea4d957e7022a8e588a170b44d3a84d1528c6721b7a7d0b4a585ba6249f36793029fa3b40c9adf0326e5d4ee998053"}}, &(0x7f0000000140)=<r1=>0x0)
timer_delete(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r2, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x10000000000000ad, &(0x7f00000003c0)=""/167, 0xa7, 0x6}, 0x1)
sendmsg$nl_generic(r2, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000027003103000000899e86eb20e6b07e00bd112191a6d615218ec34fdd8a1f84c9761c829713dc92cd3282938459379f149c19c4fe60e1acc585974a3157f7b67a610c811ce2b6b6d20d80583c3c85703d34fba33bd9edb72991cfd4efa09468117f1feb5db1f7ffffffd85a340f33ffb1da95d8a3c2a49b325a0cdd2c8402000000000000"], 0x14}, 0x1}, 0x0)

[   98.115568] FAULT_INJECTION: forcing a failure.
[   98.115568] name failslab, interval 1, probability 0, space 0, times 0
[   98.126958] CPU: 1 PID: 7909 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   98.134049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   98.143380] Call Trace:
[   98.145949]  dump_stack+0x194/0x24d
[   98.149556]  ? arch_local_irq_restore+0x53/0x53
[   98.154202]  ? __save_stack_trace+0x7e/0xd0
[   98.158510]  should_fail+0x8c0/0xa40
[   98.162206]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   98.167289]  ? kasan_kmalloc+0xad/0xe0
[   98.171159]  ? __kmalloc+0x162/0x760
[   98.174851]  ? ext4_htree_store_dirent+0x8b/0x580
[   98.179668]  ? htree_dirblock_to_tree+0x4e8/0xa00
[   98.184485]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[   98.189131]  ? exportfs_get_name+0x1a0/0x240
[   98.193519]  ? reconnect_path+0x1f1/0x670
[   98.197643]  ? exportfs_decode_fh+0x28a/0x5b0
[   98.202114]  ? SyS_open_by_handle_at+0x27/0x30
[   98.206676]  ? do_syscall_64+0x281/0x940
[   98.210717]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   98.216062]  ? find_held_lock+0x35/0x1d0
[   98.220104]  ? __lock_is_held+0xb6/0x140
[   98.224153]  ? check_same_owner+0x320/0x320
[   98.228457]  ? rcu_note_context_switch+0x710/0x710
[   98.233370]  should_failslab+0xec/0x120
[   98.237322]  __kmalloc+0x63/0x760
[   98.240758]  ? str2hashbuf_unsigned+0x250/0x250
[   98.245407]  ? ext4_htree_store_dirent+0x8b/0x580
[   98.250232]  ext4_htree_store_dirent+0x8b/0x580
[   98.254886]  htree_dirblock_to_tree+0x4e8/0xa00
[   98.259542]  ? dx_probe+0x1070/0x1070
[   98.263325]  ? save_stack+0xa3/0xd0
[   98.266932]  ? kmem_cache_alloc_trace+0x136/0x740
[   98.271750]  ? ext4_readdir+0x2285/0x3600
[   98.275876]  ? iterate_dir+0x1ca/0x530
[   98.279739]  ? get_name+0x52a/0x730
[   98.283339]  ? exportfs_get_name+0x1a0/0x240
[   98.287723]  ? reconnect_path+0x1f1/0x670
[   98.291845]  ? exportfs_decode_fh+0x28a/0x5b0
[   98.296315]  ? do_handle_open+0x374/0x8a0
[   98.300438]  ? SyS_open_by_handle_at+0x27/0x30
[   98.304998]  ? do_syscall_64+0x281/0x940
[   98.309042]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   98.314386]  ? __lock_acquire+0x664/0x3e00
[   98.318598]  ext4_htree_fill_tree+0x2bb/0xcb0
[   98.323074]  ? print_irqtrace_events+0x270/0x270
[   98.327809]  ? do_split+0x1d30/0x1d30
[   98.331599]  ? __lock_is_held+0xb6/0x140
[   98.335644]  ? ext4_readdir+0x2285/0x3600
[   98.339769]  ? rcu_read_lock_sched_held+0x108/0x120
[   98.344773]  ? kmem_cache_alloc_trace+0x459/0x740
[   98.349592]  ? do_syscall_64+0x281/0x940
[   98.353630]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   98.358972]  ? free_rb_tree_fname+0x9c/0xe0
[   98.363271]  ext4_readdir+0x206a/0x3600
[   98.367223]  ? debug_mutex_init+0x1c/0x60
[   98.371362]  ? __ext4_check_dir_entry+0x320/0x320
[   98.376188]  ? lock_acquire+0x1d5/0x580
[   98.380135]  ? lock_acquire+0x1d5/0x580
[   98.384087]  ? iterate_dir+0xc3/0x530
[   98.387867]  ? lock_release+0xa40/0xa40
[   98.391822]  ? _copy_to_user+0xc0/0xc0
[   98.395687]  ? rcu_note_context_switch+0x710/0x710
[   98.400599]  ? __might_sleep+0x95/0x190
[   98.404552]  ? down_read_killable+0x95/0x180
[   98.408937]  ? iterate_dir+0xc3/0x530
[   98.412715]  ? down_write+0x120/0x120
[   98.416499]  iterate_dir+0x1ca/0x530
[   98.420193]  get_name+0x52a/0x730
[   98.423626]  ? bl_cleanup_pipefs+0x30/0x30
[   98.427844]  ? exportfs_encode_fh+0x100/0x100
[   98.432339]  exportfs_get_name+0x1a0/0x240
[   98.436551]  ? exportfs_get_name+0x1a0/0x240
[   98.440938]  ? get_name+0x730/0x730
[   98.444538]  ? up_read+0x40/0x40
[   98.447891]  reconnect_path+0x1f1/0x670
[   98.451848]  exportfs_decode_fh+0x28a/0x5b0
[   98.456147]  ? drop_caches_sysctl_handler+0x160/0x160
[   98.461316]  ? find_acceptable_alias+0x1e0/0x1e0
[   98.466050]  ? __fget_light+0x2b2/0x3c0
[   98.470003]  ? fget_raw+0x20/0x20
[   98.473440]  ? __check_object_size+0x8b/0x530
[   98.477915]  ? __might_sleep+0x95/0x190
[   98.481876]  do_handle_open+0x374/0x8a0
[   98.485831]  ? vfs_dentry_acceptable+0x10/0x10
[   98.490392]  ? SyS_write+0x184/0x220
[   98.494087]  ? SyS_read+0x220/0x220
[   98.497696]  SyS_open_by_handle_at+0x27/0x30
[   98.502083]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[   98.506816]  do_syscall_64+0x281/0x940
[   98.510679]  ? vmalloc_sync_all+0x30/0x30
[   98.514807]  ? syscall_return_slowpath+0x550/0x550
[   98.519713]  ? syscall_return_slowpath+0x2ac/0x550
[   98.524622]  ? prepare_exit_to_usermode+0x350/0x350
[   98.529616]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[   98.534959]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   98.539786]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   98.544955] RIP: 0033:0x454e79
[   98.548120] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[   98.555805] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
2018/03/31 16:37:07 executing program 7:
r0 = socket(0x2, 0x3, 0x40000000000000ff)
readv(r0, &(0x7f0000000380)=[{&(0x7f0000000340)=""/26, 0x1a}], 0x1)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendto$inet(r0, &(0x7f0000000000)="36000000000040071901000000000000de008859eff71d45", 0x18, 0x0, &(0x7f00000001c0)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10)

2018/03/31 16:37:07 executing program 5:
getresgid(&(0x7f0000000140), &(0x7f0000000240), &(0x7f0000000200))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000023003107000000000e00000008000000"], 0x14}, 0x1}, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bcsf0\x00', 0x10)

2018/03/31 16:37:07 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x0, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[   98.563050] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[   98.570295] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[   98.577542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[   98.584790] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000000d
2018/03/31 16:37:08 executing program 3:
r0 = perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x400200)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140)={<r2=>0x0}, &(0x7f0000000180)=0xc)
perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x2458, 0x8, 0x7fffffff, 0x8, 0x0, 0x0, 0x2080, 0x3, 0x48, 0x1, 0x8, 0x401, 0x748e, 0xffffffffffffff8e, 0x6dd, 0x4, 0x8000, 0xfffffffffffffff8, 0x100, 0x6d0caba1, 0x80000001, 0x7, 0x400000, 0x3, 0xe16, 0x1, 0x4, 0x8, 0x8, 0x3, 0x1ff, 0x7, 0x8, 0xf6, 0x3, 0x7fe00000000000, 0x0, 0xfffffffffffffff8, 0x1, @perf_config_ext={0x1000, 0x6}, 0x0, 0x0, 0x9f, 0x4, 0x8, 0x6, 0x100000001}, r2, 0x10, r0, 0x2)
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000200))
connect$bt_sco(r1, &(0x7f0000000080)={0x1f, {0x1000, 0x3c9, 0x2, 0x9, 0x7ff, 0x2}}, 0x8)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x800, 0x0)
memfd_create(&(0x7f0000000240)=')$lokeyring+\x00', 0x1)
ustat(0xe, &(0x7f0000000040))

2018/03/31 16:37:08 executing program 6 (fault-call:2 fault-nth:14):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:08 executing program 4:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x2, 0x0)
ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000100)={0x4, 0xe48, 0x1, 0x4, 0x100000001})
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0xffffffffffffff7f, @local={0xfe, 0x80, [], 0xaa}, 0xfffffffffffffffe}, 0x1c)
sendto$inet6(r1, &(0x7f00005a0fff)='8', 0x1, 0x0, &(0x7f00007bcfe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000001c0)=@sack_info={0x0, 0x0, 0xffffffff}, 0xc)
ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000080))
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={<r3=>0x0, 0x1}, &(0x7f0000000200)=0x8)
accept$unix(r2, &(0x7f0000000400), &(0x7f0000000300)=0x6e)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000240)={0x8, 0xc, 0x8, 0x7, r3}, &(0x7f0000000280)=0x10)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000003c0)=r2, 0xe)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x5, @loopback={0x0, 0x1}, 0x1}, 0x1c)
write(r1, &(0x7f0000000340)="86", 0x1)
openat$cgroup_subtree(r2, &(0x7f00000002c0)='cgroup.subtree_control\x00', 0x2, 0x0)

2018/03/31 16:37:08 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000003c0)={0x101ff, 0x0, &(0x7f0000ffe000/0x1000)=nil})
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:08 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})

2018/03/31 16:37:08 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x0, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:08 executing program 7:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000140)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
clone(0x0, &(0x7f00003c4000), &(0x7f0000ea9ffc), &(0x7f0000bf2ffc), &(0x7f00003b8f33))
ptrace(0x4207, r1)
waitid(0x0, 0x0, &(0x7f0000000000), 0x8, &(0x7f0000000080))

2018/03/31 16:37:08 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x1, 0x0)
setsockopt$inet_tcp_buf(r1, 0x6, 0x0, &(0x7f00000004c0)="3fa97f0b7e47ae9084e9f2f6d669aeb8a9e0c5bd25bbf0a05c562d095770438f1bc9a0236f318be5b723eeade4c03f080ddd25db49fb901c71ceac12ad7f7a16d63931f2804a2dfe2b64eca564d82984498c4ff118c6c890ef3510c732033111e94650d0d7df78061bbb5ed9cf5372c141e8a77907cfaf53cbe174f5b7b3b0fecd40552437bf9b3f95e0014fc78f2823bed8127cf435c4426e308672fb2499007da30ad8a591953fab6886b3f14bf861bdfe8a16110dc4b05d1de6a1446515b968ca94a9d440e9dd47f1a38f77162f5e31f3c600199b3bf508f3257aa5f37cc591e6844bf8ff178799a25715efeb12a2992608bc96b6edc6c97de995b0a4ae52108d1f05b16d8ff36351e353ea404958d2198596fe032ce9009b6b9f7af980c0a77e19d84ae1434a7a291daf01c99e6054352cbff1a0d3d77473d153f54f2ff3d2118a50520ba568fe6197ca27f25555396623bfc977cc4a0b4dd6a3ae331d6b4fe03c65ea7ee24e7a374b842888ba2259b7fb350c3036eb42ad7f38396b8356483f42d67b4d54280b00eb38e5fabbb8ef8946ec9f51e74cf101f63af7da024c00cf4479397dc099acb05c354ce9c2db3ca9b4ea829467cf4a4d01fd8bcd926e9f88c60b19d0c89377e095791799afade235f19203ac763c8071c5b349a03fc62c03c1ecad04e8d0737916ce5f2d95ed79df21091c4b8c7ea9504a28ca9571cd04e3196f4f9956907ad518c898d68a8241a90d729d6f19a33eb201dc6d968325aff8565310c10fd7a9f08f274ec6fb19764ab65c5d9f64d33aecf2a2f29fca2af56b551c63386de9dfb7d82505fc88e05b726058a927a349a68f655506d90c95feb971a10778075034fd44ad0c5debc74c149e6221db1f3ea5a740a3f56b17d5ecf9db6b679715ee0e315b64f8787391346e1b8bd10b6ac5f7b81399b8601091f1217cc637cc5012b0dda75b13205f4cd950c15c3f010eafcfbd778e397dfbab228c7a8ccafa9a838ba927d151fd8fd4574601cddbc9239475ebd54d2cc8987dee385a28519feb0b1c81c08c4272c4fe9f3f7fb62272465700faec11f3f92e139184b7c69ab28b37e72f033c73c3f62ecb8ff92b7d1449b3ad61775c2dae8ff24cd553e2b2864c6194e24278f39df4b41876f96fee4cb617cacf6a341bcb8c8c00fb96ae5c7427fe769102e18d05426350fd28ecd351fe3767c84d88cab44f986e7a7812c5391a069a89e250965032dfaf835070a5336108ec9f9cbfa68d1d924565ede94365259968c256426c93cb6c0b19b9cd0b3a6f8a61df8451b3276b45a2bebe6d97767368278e833b8b0eb54af715e0463d03175b608680568e308cae2d15b6abda215088e71b429f16f3a054631dc286bc00e6dc310be1603dd453d8139a1d7c1b2ff22f956124bb47e78187063425fa7a39ebdd0d12bcb76745bec4cde3b8b933e20bf3075c3038fbb5d56abd466e395a0281d585e92d8e09063296b6919a13fc46a8c09343da8ef5dd5c72273d67568f29c2cdd35a958c19326320b8d962a773d71c2a90e09dca61b1b9056c2104b3fae8f3d04ec0b9cc77ffd24747696d778529e1790d7f91e65f543690427cec1681dfdc58b89c6650e61a75e2d805d76032b40b0bf87bc7eb86a1a794ddfbc24b88a8385f865a6449e236bdc0d761351d0579234f413a058a4e3c08c7b8021768943abf1af88de48a1498a3b40469b7e7be44544b58a5338db379f8d8c3cb77d787fa60f52f27be370a2ec98d4e3f89291ed1eef40e8d70dad9b06587462e25ee8886f5e9e7a9fadc1b587972a882fa5cc6ca4c9cbab56ecfd8c69197148f3ff7bb4292dab17feb69b5f661f7f637d23834f4860d7eacba7e8c99da8addb85f75dd1fda1dac689007568d5a4aab8266b9f67a34df4f93e7d7fedd30026037908419ba2e1d257df290c48fc54a8a23e89f66861fdaff52fc2d906d2d9ed64195ea8ccedd8fda84dcbf94ef478366955e9f9dce40713afb1559eddacf8d58d175c5ace9ccd5da63afe2b7122ea78f74aa1ebfb0a6aef1883cf24e249a0ebe004d096e04b08a188fc2cf3e9dd477413114dda1af405aa4dbdd7bda4777533854d95c1b204d40ebf564da1ad00b3d3eb1b4bb3cac93c8b7866a2bcad69bd5a6080d94638d5b50d493de230244f60846059cbc65fcee1d786be486ead1a2708889c83760de25ad233b0bfc006475beadcb3b1a190bca79f5f31e025d564bc515b9be8e391bd1b819600cf853e072ee24fa357aa5cf4f6f7fd024d7eed715617ed07ce0f2e25842f20b4b4e1dbda2fee619f0c36725ae357a55b5ed4699fa8290f85d42a1e75ba4c32de10633c204e42f71549130348f71d2b513d19df0626fc1cdecedc85f9c13cccf872e8c50fb8767bb79e89cc9135db6782e119370189ac99328a406b280f56eab55b4f1216ce2772b77d332507dbe0aa9752224752e17f32e4796bc7e07f9f70b2bc3954f294f590fb50b11262b45bcb2e1ea7cc264e93800fc3d64740c1a231ccf4c6188967236dc26120e87dd9d8ad91d2c600a0caf0a5d6e31f62517e7aa5df5f91e8e85a6da3f70877cb5297e5256c8be75f83d388a25a2c2157a00faa1b42b293127e39a059ee3dd60280fe045893ae5a9b967b91d4ae8be019bb9371879ac3f2f684abde4792d43aa3f7e12f760da2414af55b78d2611ab05f9ff5fb465bf6ae4a891f1ba6331923728f5da507eab6da00d4ce19d8fe731b10b523bda62bc695ff83a0df12787e368fd3feba7b3a7850cbd535cbef74093a2cbe739daa809f2a158bba2beb1328e2a268d80486bd8e5221fbf42230c1604a10fe05842e66909126bf994ad52cde465fcf042f40c64189e64dd8121ced462f5defc06a86b9498fcaa69f45de21ebced0b23fda2600e1d70fc96557284e59417bf11f52d4da95cca35814de11f3b0fe03780bbc288d8cf4096e2bdfbb49c8ca7c9f61573b631e38e81357bea3fe0df6fa943b8800bdff5ffccfc8aa21233466bbc79e47324ad3c2aa0c1aebfb9064ebaf0b832a2fdff9710d2d8d346acb08e21d0eca14e025cda89896e0282c8412ab6d072f553d3671dc1306ea6aa79f26aad09e00e3b5d76ff4d12fc71dbd2098c01007bd10bfe3aab417459b9de6d0879c5c04031f6f301c543aebc3a75afbba7b85001618f8f954f8b9bda4c9b1cf4d47686ca50ad29720ba82604efb3779e47393080b20d55b806fa75daba62993f96440110bc127b3bf0699aeb443c9ab6712b093cb27ed67d2809144533888687256e6e0091a8f814003fdcde0e81ea5718e5947d1c9ea270cdd2f94c757c29b6f78ee73077c6ed4c6d1f69e53bcdb0bfaeb3d30eb2c755a1ada5f36a6e7ce67c45547bc367d54f57417e963e3367c82542ce485a04bd91510d47364fcc0c2deafd73d2d7639098f61e269679b312b7342d434b4e3ef816c0d2d3c7c2f828248b56a5b7ca13a97efd9844a5ca73458d565393bde92697754320b8b5cc19bbc4910a27bb38944bb73d6a138c323d320bb1b2b943d33792d118167498654961865ac1a1b8b0b6c64ffa7af81c8c95afccae2cfd6b611bcf59971219f507a17e9ba94f528b6c5b15cabf18fe3582cbe2e97ca89484edb770ba0147aebdf6aa3c7d2e593d1242175a87c91e80c5b704e5ba14b24bfbee49fd81dd361ffe1f011b97eff928c5ecc00208ac8339cb8df9c7490d1bf47e2a24842b06ead2fceb0709a212b58dafdab71e5ced9d580fe8c8509ba36a50777965c7e36dc73d14ecb1b74d5d3c01df3d875267ed1c42c98431eb473dcb35f38e99eb686736b408547467ae43dcf63960c2f52afa4f530943ac370804faffe8704a1f8874fd64412f6d8578d4c20f0ca15d4a44b26dc079648bd3c2124bfae0edda914b4f4e3dec5f79eae399d282a5e5213aefaca1a0e39be712a2b1119114ae03892e6cbcaa66c3370ea2375c35dd799c794658e5251566e2748827aa50cd5d77594f76008d58ef6139ea634269d4b6e4ab717f44f66af76b59f824e6aa3e74d2a7f0d755b95b115220d98f8a38164c9c726f8c865c24edd379b9de282aa978fa15ba0fa6f81385f09307e0521d043b3ca0bf1c7085bd4128a2c0143ebec962598e9b84f7b29e42704ed7c011d85109225edce4aca41c236d9c0f6543d07ffcdc2ac235bf158e3e005aa13ecbb3656b558737d687a09a442125275df7af05eb281796d8a043be77bf93b44e5876c34f459976caf294a3749736abbaa30b6a105fee9b51faa4104670b8bec0861ed2437e72876a76e5b6a071301e10dd1dd1e3de38fbc17f6862dbc30c9ef956c95c28588187c7b06174da08c465f5cb191f031111bc66119bf12f21a605934f668862a92f97ba8a8dbf96216cea9d1c863c0b48b5c388f4dd5bb458f2b4b9c59f5af43a21a26ad07145f1c11ecf068cf599311bf60982a67b64c56c6e220831b396048dc5d4d20ddb7bdf68d90faf74d60abcabf6a107ca2d7b687da5d019515000e1bce058b905bc69a2282b63890b0dc79a06a33b1203abc41d3e048b088d09bd3ffee4d6456e8aa388064a68bd324add8aef808d22a8838ba24dc437dceaa689bd0984053330af2c87c75b361e9ecfef281729073e070780552ce494e7bc8349f262c6dbb794c3284132b7f689f579ac6b2fe6dabe1f7f392b072074fa07167e94d808324b1588ab0f13cc1098f93f39a647e1f5842cf191e26081992805d7ba7d4d55c42a268aff7d02e4b9518d305462f3f57ee5f777ec38800506bd1fc16b5d4637626528d77943c7fba3c64bd94d5e7e698d5e1437357cff63562b3c6a6f35ab614feea8bce1463af496cd59ff110d5ddd3cd55f66cadc19523c5218488cef681d75e6fd3425e7c175c9b7c490c4d288adb8ad7260cebbc301baedc2225a630c7630c26f27999796f7e3b3333681b854b9f47c3e8210931b0d2abadb3785192aae9cfea766c4b3440dd8759ab409e34ca409fce6cff29cd69f1b48f7f0d81287f30db3e2232aedf23b49d7b83b7f251c25fc9bcc2302299bd4f6c13c5be401f366bd615eb9c35b512e7e6baa0d02a6ab6fe0d38ed3ff6ba3c81a680fbc8e7e40bdabe718d06628180b3c3c336fe8196be9a7becf36d16f36c0a43f6f6073d2d57b5ff5caae175e689f15e3daf1a5499641f9e1cd8bb23c5065f4f98fa701a5df05303dc089113d41655821445b6d804768c760899aeb03ed3f87e633e161ba3cf497c6631ffcec4903ef58d85554d5a42ba569c359e97ed9762f8f571f84fff32b18891fb85190da920747e35b53755a16f9d73dd3ed0506b9001567c93a0f7d298c0158b961786c2bbd9e91e6f4300fcbb6672b23cf4258142629c69b95c6c3a45e0eb94f721ac739292756be8adfb5c306115fa64168f27d44d7e1767a7d0af26b6a256fab08730391280c19e5d481818866e4ea5b101f880a681234ca0c2ab1a21082ba5ac7c6d9e6b938fee5a6a847fbb2ef9925920cacf2f8bf7c614be047a03b82f77703272c4999b91bcba3b8af3a7e7404da1e7fdd9a1dfa58857e51c98c0e6a799ac60960feed39c94d4986d58a5c2f516b71bfdb8e5ef9ffd9bbd60c92eeeb8917eee7a7911516874455afbbda8f3d4f577df150c00f1a43b29a0d0690ce403c9cb0797d3c7a69a47d036880892cc0543551f330be43b15291ffd7a905a1931e1a27f99c86591479d798edb9ffec6823957acaa97dd5e71ed55c4d85b1b39c500a90b822ccebb98b6d1e737c51d16f870a351c8226ec49b0229755e6857538f83ed860", 0x1000)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
recvmsg(r0, &(0x7f0000001ac0)={&(0x7f00000001c0)=@in={0x0, 0x0, @remote}, 0x80, &(0x7f0000001a00)=[{&(0x7f0000000240)=""/214, 0xd6}, {&(0x7f00000014c0)=""/134, 0x86}, {&(0x7f0000001580)=""/205, 0xcd}, {&(0x7f0000001680)=""/132, 0x84}, {&(0x7f0000000340)=""/51, 0x33}, {&(0x7f0000001740)=""/162, 0xa2}, {&(0x7f0000001800)=""/113, 0x71}, {&(0x7f0000001880)=""/226, 0xe2}, {&(0x7f0000001980)=""/94, 0x5e}], 0x9, &(0x7f0000000380)=""/18, 0x12, 0x200}, 0x40)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000027003103000000000000800008000000a9ec3603c6169ebd6c6091320f821e7f30cda99da01df7fea51c1b1716b134ae88"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:08 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})

[   99.709579] FAULT_INJECTION: forcing a failure.
[   99.709579] name failslab, interval 1, probability 0, space 0, times 0
[   99.720864] CPU: 0 PID: 7940 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[   99.727958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   99.737302] Call Trace:
[   99.739888]  dump_stack+0x194/0x24d
[   99.743511]  ? arch_local_irq_restore+0x53/0x53
[   99.748180]  ? __save_stack_trace+0x7e/0xd0
[   99.752510]  should_fail+0x8c0/0xa40
[   99.756226]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[   99.761328]  ? kasan_kmalloc+0xad/0xe0
[   99.765209]  ? __kmalloc+0x162/0x760
[   99.768926]  ? ext4_htree_store_dirent+0x8b/0x580
[   99.773761]  ? htree_dirblock_to_tree+0x4e8/0xa00
[   99.778597]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[   99.783266]  ? exportfs_get_name+0x1a0/0x240
[   99.787682]  ? reconnect_path+0x1f1/0x670
[   99.791828]  ? exportfs_decode_fh+0x28a/0x5b0
[   99.796321]  ? SyS_open_by_handle_at+0x27/0x30
[   99.800902]  ? do_syscall_64+0x281/0x940
[   99.804962]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   99.810322]  ? find_held_lock+0x35/0x1d0
[   99.814368]  ? __lock_is_held+0xb6/0x140
[   99.818418]  ? check_same_owner+0x320/0x320
[   99.822722]  ? rcu_note_context_switch+0x710/0x710
[   99.827638]  should_failslab+0xec/0x120
[   99.831599]  __kmalloc+0x63/0x760
[   99.835035]  ? str2hashbuf_unsigned+0x250/0x250
[   99.839685]  ? ext4_htree_store_dirent+0x8b/0x580
[   99.844509]  ext4_htree_store_dirent+0x8b/0x580
[   99.849161]  htree_dirblock_to_tree+0x4e8/0xa00
[   99.853815]  ? dx_probe+0x1070/0x1070
[   99.857594]  ? save_stack+0xa3/0xd0
[   99.861203]  ? kmem_cache_alloc_trace+0x136/0x740
[   99.866024]  ? ext4_readdir+0x2285/0x3600
[   99.870151]  ? iterate_dir+0x1ca/0x530
[   99.874020]  ? get_name+0x52a/0x730
[   99.877628]  ? exportfs_get_name+0x1a0/0x240
[   99.882022]  ? reconnect_path+0x1f1/0x670
[   99.886146]  ? exportfs_decode_fh+0x28a/0x5b0
[   99.890615]  ? do_handle_open+0x374/0x8a0
[   99.894741]  ? SyS_open_by_handle_at+0x27/0x30
[   99.899297]  ? do_syscall_64+0x281/0x940
[   99.903333]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   99.908677]  ? __lock_acquire+0x664/0x3e00
[   99.912893]  ext4_htree_fill_tree+0x2bb/0xcb0
[   99.917367]  ? print_irqtrace_events+0x270/0x270
[   99.922099]  ? do_split+0x1d30/0x1d30
[   99.925886]  ? __lock_is_held+0xb6/0x140
[   99.929929]  ? ext4_readdir+0x2285/0x3600
[   99.934054]  ? rcu_read_lock_sched_held+0x108/0x120
[   99.939048]  ? kmem_cache_alloc_trace+0x459/0x740
[   99.943866]  ? do_syscall_64+0x281/0x940
[   99.947905]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   99.953249]  ? free_rb_tree_fname+0x9c/0xe0
[   99.957548]  ext4_readdir+0x206a/0x3600
[   99.961499]  ? debug_mutex_init+0x1c/0x60
[   99.965639]  ? __ext4_check_dir_entry+0x320/0x320
[   99.970465]  ? lock_acquire+0x1d5/0x580
[   99.974415]  ? lock_acquire+0x1d5/0x580
[   99.978366]  ? iterate_dir+0xc3/0x530
[   99.982148]  ? lock_release+0xa40/0xa40
[   99.986101]  ? _copy_to_user+0xc0/0xc0
[   99.989969]  ? rcu_note_context_switch+0x710/0x710
[   99.994882]  ? __might_sleep+0x95/0x190
[   99.998846]  ? down_read_killable+0x95/0x180
[  100.003228]  ? iterate_dir+0xc3/0x530
[  100.007006]  ? down_write+0x120/0x120
[  100.010795]  iterate_dir+0x1ca/0x530
[  100.014490]  get_name+0x52a/0x730
[  100.017921]  ? bl_cleanup_pipefs+0x30/0x30
[  100.022135]  ? exportfs_encode_fh+0x100/0x100
[  100.026632]  exportfs_get_name+0x1a0/0x240
[  100.030841]  ? exportfs_get_name+0x1a0/0x240
[  100.035228]  ? get_name+0x730/0x730
[  100.038832]  ? up_read+0x40/0x40
[  100.042182]  reconnect_path+0x1f1/0x670
[  100.046140]  exportfs_decode_fh+0x28a/0x5b0
[  100.050437]  ? drop_caches_sysctl_handler+0x160/0x160
[  100.055604]  ? find_acceptable_alias+0x1e0/0x1e0
[  100.060341]  ? __fget_light+0x2b2/0x3c0
[  100.064292]  ? fget_raw+0x20/0x20
[  100.067724]  ? __check_object_size+0x8b/0x530
[  100.072199]  ? __might_sleep+0x95/0x190
[  100.076160]  do_handle_open+0x374/0x8a0
[  100.080114]  ? vfs_dentry_acceptable+0x10/0x10
[  100.084677]  ? SyS_write+0x184/0x220
[  100.088370]  ? SyS_read+0x220/0x220
[  100.091976]  SyS_open_by_handle_at+0x27/0x30
[  100.096359]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  100.101091]  do_syscall_64+0x281/0x940
[  100.104957]  ? vmalloc_sync_all+0x30/0x30
[  100.109081]  ? _raw_spin_unlock_irq+0x27/0x70
[  100.113554]  ? finish_task_switch+0x1c1/0x7e0
[  100.118029]  ? syscall_return_slowpath+0x550/0x550
[  100.122937]  ? syscall_return_slowpath+0x2ac/0x550
[  100.127841]  ? prepare_exit_to_usermode+0x350/0x350
[  100.132835]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  100.138176]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  100.142999]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  100.148167] RIP: 0033:0x454e79
[  100.151345] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
2018/03/31 16:37:09 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})

2018/03/31 16:37:09 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:09 executing program 3:
recvmmsg(0xffffffffffffff9c, &(0x7f00000034c0)=[{{&(0x7f0000000040)=@pppoe, 0x80, &(0x7f00000003c0)=[{&(0x7f00000000c0)=""/56, 0x38}, {&(0x7f0000000100)=""/158, 0x9e}, {&(0x7f00000001c0)=""/54, 0x36}, {&(0x7f0000000200)=""/149, 0x95}, {&(0x7f00000002c0)=""/228, 0xe4}], 0x5, &(0x7f0000000440)=""/32, 0x20, 0x4}, 0x4}, {{&(0x7f0000000480)=@pptp={0x0, 0x0, {0x0, @rand_addr}}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000500)=""/70, 0x46}, {&(0x7f0000000580)=""/6, 0x6}, {&(0x7f00000005c0)=""/46, 0x2e}, {&(0x7f0000000600)=""/115, 0x73}], 0x4, &(0x7f00000006c0)=""/134, 0x86, 0x4}, 0x9d}, {{&(0x7f0000000780), 0x80, &(0x7f0000002900)=[{&(0x7f0000000800)=""/85, 0x55}, {&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/119, 0x77}], 0x4, &(0x7f0000002940)=""/113, 0x71, 0x3}, 0x80000000}, {{&(0x7f00000029c0)=@pppol2tpin6={0x0, 0x0, {0x0, <r0=>0xffffffffffffffff}}, 0x80, &(0x7f0000002ac0)=[{&(0x7f0000002a40)=""/31, 0x1f}, {&(0x7f0000002a80)=""/9, 0x9}], 0x2, &(0x7f0000002b00)=""/33, 0x21, 0x20}, 0x10000}, {{&(0x7f0000002b40)=@alg, 0x80, &(0x7f0000002d80)=[{&(0x7f0000002bc0)=""/154, 0x9a}, {&(0x7f0000002c80)=""/7, 0x7}, {&(0x7f0000002cc0)=""/132, 0x84}], 0x3, &(0x7f0000002dc0)=""/228, 0xe4, 0x1000}, 0x100000001}, {{&(0x7f0000002ec0)=@in, 0x80, &(0x7f0000003400)=[{&(0x7f0000002f40)=""/105, 0x69}, {&(0x7f0000002fc0)=""/4, 0x4}, {&(0x7f0000003000)=""/121, 0x79}, {&(0x7f0000003080)=""/72, 0x48}, {&(0x7f0000003100)=""/145, 0x91}, {&(0x7f00000031c0)=""/248, 0xf8}, {&(0x7f00000032c0)=""/33, 0x21}, {&(0x7f0000003300)=""/209, 0xd1}], 0x8, &(0x7f0000003480)=""/21, 0x15, 0x9}, 0xfff}], 0x6, 0x40000000, &(0x7f0000003640)={0x0, 0x989680})
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f0000003680)=@assoc_value={<r1=>0x0}, &(0x7f00000036c0)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000003700)={r1, @in6={{0xa, 0x4e23, 0x3, @remote={0xfe, 0x80, [], 0xbb}, 0x8}}, 0x6, 0x80000001}, 0x90)
perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl(0xffffffffffffffff, 0x40044104, &(0x7f0000000000))

2018/03/31 16:37:09 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000d36000)={0x26, 'skcipher\x00', 0x0, 0x0, 'kw(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7be", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000000)="79765006f86bd0ed2949ccb2a62f089cc8", 0x11}], 0x1)
r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x200000)
r3 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x400000)
linkat(r2, &(0x7f0000000080)='./file0\x00', r3, &(0x7f0000000100)='./file0\x00', 0x400)
recvmsg(r1, &(0x7f0000001700)={&(0x7f0000001440)=@in={0x0, 0x0, @remote}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001f80)=""/4096, 0x1000}], 0x1, &(0x7f0000001600)=""/193, 0xc1}, 0x0)

2018/03/31 16:37:09 executing program 6 (fault-call:2 fault-nth:15):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[  100.159034] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  100.166280] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  100.173527] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  100.180771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  100.188025] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000000e
2018/03/31 16:37:09 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:09 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  100.353463] FAULT_INJECTION: forcing a failure.
[  100.353463] name failslab, interval 1, probability 0, space 0, times 0
[  100.364945] CPU: 1 PID: 7974 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  100.372036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  100.381386] Call Trace:
[  100.383972]  dump_stack+0x194/0x24d
[  100.387602]  ? arch_local_irq_restore+0x53/0x53
[  100.392266]  ? __save_stack_trace+0x7e/0xd0
[  100.396592]  should_fail+0x8c0/0xa40
[  100.400310]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  100.405406]  ? kasan_kmalloc+0xad/0xe0
[  100.409274]  ? __kmalloc+0x162/0x760
[  100.412971]  ? ext4_htree_store_dirent+0x8b/0x580
[  100.417790]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  100.422605]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  100.427249]  ? exportfs_get_name+0x1a0/0x240
[  100.431636]  ? reconnect_path+0x1f1/0x670
[  100.435759]  ? exportfs_decode_fh+0x28a/0x5b0
[  100.440227]  ? do_handle_open+0x374/0x8a0
[  100.444346]  ? SyS_open_by_handle_at+0x27/0x30
[  100.448900]  ? do_syscall_64+0x281/0x940
[  100.452934]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  100.458273]  ? find_held_lock+0x35/0x1d0
[  100.462323]  ? __lock_is_held+0xb6/0x140
[  100.466371]  ? check_same_owner+0x320/0x320
[  100.470670]  ? rcu_note_context_switch+0x710/0x710
[  100.475590]  should_failslab+0xec/0x120
[  100.479550]  __kmalloc+0x63/0x760
[  100.482980]  ? str2hashbuf_unsigned+0x250/0x250
[  100.487627]  ? ext4_htree_store_dirent+0x8b/0x580
[  100.492453]  ext4_htree_store_dirent+0x8b/0x580
[  100.497103]  htree_dirblock_to_tree+0x4e8/0xa00
[  100.501752]  ? dx_probe+0x1070/0x1070
[  100.505538]  ? save_stack+0xa3/0xd0
[  100.509154]  ? kmem_cache_alloc_trace+0x136/0x740
[  100.513972]  ? ext4_readdir+0x2285/0x3600
[  100.518105]  ? iterate_dir+0x1ca/0x530
[  100.521983]  ? get_name+0x52a/0x730
[  100.525606]  ? exportfs_get_name+0x1a0/0x240
[  100.530002]  ? reconnect_path+0x1f1/0x670
[  100.534140]  ? exportfs_decode_fh+0x28a/0x5b0
[  100.538625]  ? do_handle_open+0x374/0x8a0
[  100.542754]  ? SyS_open_by_handle_at+0x27/0x30
[  100.547311]  ? do_syscall_64+0x281/0x940
[  100.551348]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  100.556685]  ? __lock_acquire+0x664/0x3e00
[  100.560894]  ext4_htree_fill_tree+0x2bb/0xcb0
[  100.565362]  ? print_irqtrace_events+0x270/0x270
[  100.570095]  ? do_split+0x1d30/0x1d30
[  100.573874]  ? __lock_is_held+0xb6/0x140
[  100.577922]  ? ext4_readdir+0x2285/0x3600
[  100.582048]  ? rcu_read_lock_sched_held+0x108/0x120
[  100.587055]  ? kmem_cache_alloc_trace+0x459/0x740
[  100.591872]  ? do_syscall_64+0x281/0x940
[  100.595907]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  100.601251]  ? percpu_ref_put_many+0x11a/0x220
[  100.605823]  ? free_rb_tree_fname+0x9c/0xe0
[  100.610131]  ext4_readdir+0x206a/0x3600
[  100.614090]  ? debug_mutex_init+0x1c/0x60
[  100.618213]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  100.623221]  ? __ext4_check_dir_entry+0x320/0x320
[  100.628056]  ? lockref_get+0x42/0x50
[  100.631752]  ? lock_acquire+0x1d5/0x580
[  100.635705]  ? lock_acquire+0x1d5/0x580
[  100.639667]  ? iterate_dir+0xc3/0x530
[  100.643463]  ? lock_release+0xa40/0xa40
[  100.647434]  ? check_same_owner+0x320/0x320
[  100.651742]  ? _copy_to_user+0xc0/0xc0
[  100.655608]  ? rcu_note_context_switch+0x710/0x710
[  100.660514]  ? __might_sleep+0x95/0x190
[  100.664473]  ? down_read_killable+0x95/0x180
[  100.668868]  ? iterate_dir+0xc3/0x530
[  100.672650]  ? down_write+0x120/0x120
[  100.676426]  iterate_dir+0x1ca/0x530
[  100.680114]  get_name+0x52a/0x730
[  100.683543]  ? bl_cleanup_pipefs+0x30/0x30
[  100.687752]  ? exportfs_encode_fh+0x100/0x100
[  100.692229]  exportfs_get_name+0x1a0/0x240
[  100.696433]  ? exportfs_get_name+0x1a0/0x240
[  100.700815]  ? get_name+0x730/0x730
[  100.704415]  ? up_read+0x40/0x40
[  100.707759]  reconnect_path+0x1f1/0x670
[  100.711715]  exportfs_decode_fh+0x28a/0x5b0
[  100.716025]  ? drop_caches_sysctl_handler+0x160/0x160
[  100.721197]  ? find_acceptable_alias+0x1e0/0x1e0
[  100.725927]  ? __fget_light+0x2b2/0x3c0
[  100.729873]  ? fget_raw+0x20/0x20
[  100.733302]  ? __check_object_size+0x8b/0x530
[  100.737772]  ? __might_sleep+0x95/0x190
[  100.741722]  do_handle_open+0x374/0x8a0
[  100.745672]  ? vfs_dentry_acceptable+0x10/0x10
[  100.750235]  ? SyS_write+0x184/0x220
[  100.753931]  ? SyS_read+0x220/0x220
[  100.757531]  SyS_open_by_handle_at+0x27/0x30
[  100.761912]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  100.766640]  do_syscall_64+0x281/0x940
[  100.770501]  ? vmalloc_sync_all+0x30/0x30
[  100.774623]  ? _raw_spin_unlock_irq+0x27/0x70
[  100.779089]  ? finish_task_switch+0x1c1/0x7e0
[  100.783557]  ? syscall_return_slowpath+0x550/0x550
[  100.788460]  ? syscall_return_slowpath+0x2ac/0x550
[  100.793366]  ? prepare_exit_to_usermode+0x350/0x350
[  100.798355]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  100.803691]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  100.808519]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  100.813688] RIP: 0033:0x454e79
[  100.816852] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  100.824534] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  100.831775] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  100.839021] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  100.846276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
2018/03/31 16:37:10 executing program 3:
kexec_load(0x0, 0x7, &(0x7f00000005c0), 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x800, 0x0)
mkdir(&(0x7f0000001380)='./file0\x00', 0xb0)
ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000300)=""/4096)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{}]})
ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000000c0)=<r1=>0x0)
ioprio_set$pid(0x1, r1, 0x7ff)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000001500)={<r2=>0x0, @in6={{0xa, 0x4e22, 0x800, @mcast1={0xff, 0x1, [], 0x1}, 0x3}}, 0x3, 0x4}, &(0x7f00000015c0)=0x90)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000001600)={r2, @in6={{0xa, 0x4e22, 0x2, @remote={0xfe, 0x80, [], 0xbb}, 0x9}}, 0x3, 0x64f}, &(0x7f00000016c0)=0x90)
sendmsg$can_bcm(r0, &(0x7f00000014c0)={&(0x7f00000013c0)={0x1d}, 0x10, &(0x7f0000001480)={&(0x7f0000001400)={0x0, 0x0, 0x7dc1, {}, {0x0, 0x2710}, {0x1, 0x7, 0x400, 0x8}, 0x1, @can={{0x4, 0xf225, 0x4}, 0x4, 0x3, 0x0, 0x0, "6a5c93a483467b56"}}, 0x48}, 0x1}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000100)={{{@in, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000200)=0xe8)
fstat(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000002c0)={r1, r3, r4}, 0xc)
fcntl$getownex(r0, 0x10, &(0x7f0000001300))
fcntl$lock(r0, 0x5, &(0x7f0000001340)={0x1, 0x4, 0x93b, 0x5, r1})

2018/03/31 16:37:10 executing program 4:
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, &(0x7f0000c97ff8))
r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000380)={r0, 0x1})
fcntl$notify(0xffffffffffffffff, 0x402, 0x28)
close(r0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000040)=""/254, &(0x7f0000000140)=""/119, &(0x7f00000001c0)=""/150})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000780)={'yam0\x00', 0x10})
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f0000f1dff8)={0x1})
ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x29, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x0, 0x1}, 0x0)
mknod(&(0x7f0000b75ff8)='./file0\x00', 0x2001001, 0x0)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$TCSETSW(r1, 0x5402, &(0x7f00009dc000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000340)={0x5000, 0x11000})
getsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000700)={@remote, <r4=>0x0}, &(0x7f0000000740)=0x14)
lstat(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000880)={{{@in6=@loopback={0x0, 0x1}, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0x4e22, 0x5b1, 0x4e23, 0x7fffffff, 0xa, 0x20, 0xa0, 0x0, r4, r5}, {0x3, 0x6, 0xad, 0x40, 0x6, 0x3, 0x2, 0xffff}, {0x9, 0x29e5, 0x8, 0x3}, 0xfffffffffffffff9, 0x0, 0x3}, {{@in6=@loopback={0x0, 0x1}, 0x4d5, 0x33}, 0xa, @in6=@remote={0xfe, 0x80, [], 0xbb}, 0x3507, 0x2, 0x0, 0xffffffffffffffe1, 0x9, 0x9, 0x7}}, 0xe8)
r6 = syz_open_pts(r1, 0x0)
readv(r6, &(0x7f00001aa000)=[{&(0x7f00006aaf01)=""/255, 0xff}], 0x1)
r7 = add_key$user(&(0x7f0000000100)='user\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000540)="4d84333445eca8a951986a846c5c47b685ce9ea05c41720355959e784903d6fce785e33be7c12ba8fda1307fecc9f8c7791333cef05561e77184f6920469125dd6534188635f0fd4ff36c33c473ebdfc2e8724e4149292718a5206d3457ed46367fc6bc14aa01c63e0ae71", 0x6b, 0x0)
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000140))
r8 = request_key(&(0x7f0000000200)='logon\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000280)='cpuset\x00', 0xfffffffffffffffc)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000400)={0x80, 0x8200, 0x7, 0x8}, &(0x7f0000000440)=0x10)
getsockopt$inet_udp_int(r3, 0x11, 0x65, &(0x7f0000000000), &(0x7f0000000300)=0x4)
keyctl$unlink(0x9, r7, r8)
ioctl$PIO_CMAP(0xffffffffffffffff, 0x4b71, &(0x7f00000000c0)={0xffffffffffffffe1, 0x0, 0x6, 0x0, 0xcbbe})
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil})
ioctl$TCXONC(r1, 0x540a, 0x2)

2018/03/31 16:37:10 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:10 executing program 7:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000006000), 0x8, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4))
r2 = gettid()
rt_sigprocmask(0x0, &(0x7f0000057ff8)={0xfffffffffffffffe}, 0x0, 0x8)
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = dup2(r0, r0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000002840)={0xffffffff, 0xc, 0x80000000, 0xfffffffffffffffd, <r4=>0x0}, &(0x7f0000002880)=0x10)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f00000028c0)={r4, 0x7f}, 0x8)
tkill(r2, 0x34)

2018/03/31 16:37:10 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='loginuid\x00')
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000240)=0x1eb1)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f00000001c0), 0x0, &(0x7f00000003c0)=""/167, 0xa7}, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000080)={0x1, <r2=>r0, 0x1})
ioctl$TIOCGETD(r2, 0x5424, &(0x7f0000000140))
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1402ae8be600758a5919c077000027003103fb000000000000e507000000"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:10 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:10 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:10 executing program 6 (fault-call:2 fault-nth:16):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[  100.853528] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000000f
2018/03/31 16:37:10 executing program 7:
socketpair$inet(0x1e, 0x4, 0x0, &(0x7f0000f23ff8)={<r0=>0x0, <r1=>0xffffffffffffffff})
sendmsg$key(r0, &(0x7f0000f22000)={0x0, 0x0, &(0x7f0000f22000)={&(0x7f00001d7000)=ANY=[@ANYBLOB="1e0001fd020004000000000000000000"], 0x10}, 0x1}, 0x40)
bind$vsock_stream(r1, &(0x7f00000000c0)={0x28, 0x0, 0xfffffffb, @host=0x2}, 0x1e0)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000040)={0xbf, @empty, 0x4e21, 0x3, 'nq\x00', 0x10, 0x7, 0x6d}, 0x2c)
r2 = socket(0xa, 0x4, 0x7)
bind$ax25(r2, &(0x7f0000000000)={0x3, {"4591666d01f956"}, 0x6}, 0x10)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)

2018/03/31 16:37:10 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  100.939651] FAULT_INJECTION: forcing a failure.
[  100.939651] name failslab, interval 1, probability 0, space 0, times 0
[  100.950960] CPU: 1 PID: 8009 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  100.958059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  100.967400] Call Trace:
[  100.969986]  dump_stack+0x194/0x24d
[  100.973618]  ? arch_local_irq_restore+0x53/0x53
[  100.978283]  ? __save_stack_trace+0x7e/0xd0
[  100.982615]  should_fail+0x8c0/0xa40
2018/03/31 16:37:10 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00'}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:10 executing program 7:
r0 = socket$inet6(0xa, 0x2000000802, 0x0)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000100))
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@remote={0xfe, 0x80, [], 0xbb}, 0x800, 0x0, 0xff, 0x1}, 0x20)
getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000000)={@remote}, &(0x7f0000000040)=0x14)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000000080)={@dev}, &(0x7f00000000c0)=0x14)

[  100.986330]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  100.991430]  ? kasan_kmalloc+0xad/0xe0
[  100.995309]  ? __kmalloc+0x162/0x760
[  100.999016]  ? ext4_htree_store_dirent+0x8b/0x580
[  101.003869]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  101.008701]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  101.013366]  ? exportfs_get_name+0x1a0/0x240
[  101.017767]  ? reconnect_path+0x1f1/0x670
[  101.021904]  ? exportfs_decode_fh+0x28a/0x5b0
[  101.026395]  ? do_handle_open+0x374/0x8a0
[  101.030534]  ? SyS_open_by_handle_at+0x27/0x30
[  101.035107]  ? do_syscall_64+0x281/0x940
2018/03/31 16:37:10 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00'}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae02, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0200009873ab80203d8bfb63"])
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f00000005c0)={0x0, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, [0x8, 0x0, 0x6, 0x100000001, 0x0, 0xffff, 0x620, 0x0, 0x8, 0x1, 0x0, 0x0, 0x0, 0x80000001, 0x2]}, &(0x7f00000006c0)=0x100)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f0000000700)={<r3=>0x0, 0x8001, 0x1, 0xfffffffffffffff8}, &(0x7f0000000740)=0x10)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000880)={<r4=>0x0, 0x219f}, &(0x7f00000008c0)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000a80)={&(0x7f00000002c0)=@in={0x2, 0x4e21, @broadcast=0xffffffff}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000300)="ef20184a64db65e742d7b918700d4242642c8e3a89f14fdd9b280a8d1a8518227aea77a044e9d64d7a94020473914e56ca8ac83d7e5898f3f5ce3ae684def7b7c0b2bb9c6c34c3c2c950fdfdf85ee45e7af0b966a329e23cda1f8d0c721d65fd3fcb03d91aa2904d25736141c36dbead21f6730c037a", 0x76}], 0x1, &(0x7f0000000900)=[@sndinfo={0x20, 0x84, 0x2, {0x63b, 0x208, 0x800, 0x80000000}}, @init={0x18, 0x84, 0x0, {0x401, 0x1, 0x1, 0x6}}, @sndinfo={0x20, 0x84, 0x2, {0x7, 0x9, 0x6, 0x1, r3}}, @sndrcv={0x30, 0x84, 0x1, {0x0, 0x20, 0x204, 0x8, 0x76, 0x6, 0xff8000000, 0x9, r4}}], 0xc0}, 0x10)
fcntl$getown(r2, 0x9)
getcwd(&(0x7f00000009c0)=""/111, 0x6f)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000ade000)={0x4, <r5=>0xffffffffffffffff})
setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000400)=0x6, 0x4)
ioctl$KVM_GET_DEVICE_ATTR(r1, 0x4018aee2, &(0x7f0000000200)={0x0, 0x9, 0x9, &(0x7f00000001c0)})
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYBLOB="00050000e300000000000000"], &(0x7f0000000040)=0x2)
fgetxattr(r2, &(0x7f0000000440)=@random={'os2.', 'IPVS\x00'}, &(0x7f0000000d80)=""/4096, 0x1000)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000380)=@assoc_value, &(0x7f00000003c0)=0x8)
sendmsg$nl_route(r5, &(0x7f0000000840)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400b7f41ffb4ef0146c70f7fedbdf250057606d55d96b44ab010000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000100)={0x2, 0x0, [0xffffffffffff0001, 0x72cf, 0x200, 0x4, 0x6f, 0x8, 0x80000000, 0x81]})
writev(r5, &(0x7f0000001ec0)=[{&(0x7f0000001d80)="8d2142cb8d0dcaec29713e0001136b903e8f5263a29d4bea4da384f098748faeeaee9a981bb60937df2f88c4fba8561ec824dbcf8fde199afb8d4cb0f325ed88e3cc1444e74a79e79c4e9b414228938fa15aa8f535b929ed523c3bb038f8d6adf985e2a3b9d11a682799876c7cd62a1003a474092156c223070713c42d52691fe60f168fa62d29dc0f28d4b535776d89dbcb06cfc111759124acb9659b863304eacdf44d44be6cbba2ae0456c3e3e8d7c28e", 0xb2}], 0x1)
ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f00000000c0)={0x0, 0x4000000000001, 0x2, &(0x7f0000000080)})
ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x7fffffff)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000480), &(0x7f0000001f00)=0x4)

[  101.039165]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  101.044530]  ? find_held_lock+0x35/0x1d0
[  101.048593]  ? __lock_is_held+0xb6/0x140
[  101.052661]  ? check_same_owner+0x320/0x320
[  101.056985]  ? rcu_note_context_switch+0x710/0x710
[  101.061920]  should_failslab+0xec/0x120
[  101.065893]  __kmalloc+0x63/0x760
[  101.069342]  ? str2hashbuf_unsigned+0x250/0x250
[  101.074015]  ? ext4_htree_store_dirent+0x8b/0x580
[  101.078866]  ext4_htree_store_dirent+0x8b/0x580
[  101.083534]  htree_dirblock_to_tree+0x4e8/0xa00
[  101.088206]  ? dx_probe+0x1070/0x1070
[  101.092008]  ? save_stack+0xa3/0xd0
[  101.095634]  ? kmem_cache_alloc_trace+0x136/0x740
[  101.100477]  ? ext4_readdir+0x2285/0x3600
[  101.104616]  ? iterate_dir+0x1ca/0x530
[  101.108502]  ? get_name+0x52a/0x730
[  101.112121]  ? exportfs_get_name+0x1a0/0x240
[  101.116526]  ? reconnect_path+0x1f1/0x670
[  101.120665]  ? exportfs_decode_fh+0x28a/0x5b0
[  101.125155]  ? do_handle_open+0x374/0x8a0
[  101.129292]  ? SyS_open_by_handle_at+0x27/0x30
[  101.133855]  ? do_syscall_64+0x281/0x940
[  101.137892]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  101.143234]  ? __lock_acquire+0x664/0x3e00
[  101.147445]  ext4_htree_fill_tree+0x2bb/0xcb0
[  101.151917]  ? print_irqtrace_events+0x270/0x270
[  101.156645]  ? do_split+0x1d30/0x1d30
[  101.160428]  ? __lock_is_held+0xb6/0x140
[  101.164466]  ? ext4_readdir+0x2285/0x3600
[  101.168586]  ? rcu_read_lock_sched_held+0x108/0x120
[  101.173578]  ? kmem_cache_alloc_trace+0x459/0x740
[  101.178394]  ? do_syscall_64+0x281/0x940
[  101.182433]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  101.187771]  ? percpu_ref_put_many+0x11a/0x220
[  101.192327]  ? free_rb_tree_fname+0x9c/0xe0
[  101.196625]  ext4_readdir+0x206a/0x3600
[  101.200572]  ? debug_mutex_init+0x1c/0x60
[  101.204697]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  101.209691]  ? __ext4_check_dir_entry+0x320/0x320
[  101.214509]  ? lockref_get+0x42/0x50
[  101.218200]  ? lock_acquire+0x1d5/0x580
[  101.222148]  ? lock_acquire+0x1d5/0x580
[  101.226095]  ? iterate_dir+0xc3/0x530
[  101.229874]  ? lock_release+0xa40/0xa40
[  101.233820]  ? check_same_owner+0x320/0x320
[  101.238116]  ? _copy_to_user+0xc0/0xc0
[  101.241978]  ? rcu_note_context_switch+0x710/0x710
[  101.246881]  ? __might_sleep+0x95/0x190
[  101.250832]  ? down_read_killable+0x95/0x180
[  101.255210]  ? iterate_dir+0xc3/0x530
[  101.258984]  ? down_write+0x120/0x120
[  101.262762]  iterate_dir+0x1ca/0x530
[  101.266453]  get_name+0x52a/0x730
[  101.269883]  ? bl_cleanup_pipefs+0x30/0x30
[  101.274097]  ? exportfs_encode_fh+0x100/0x100
[  101.279021]  exportfs_get_name+0x1a0/0x240
[  101.283230]  ? exportfs_get_name+0x1a0/0x240
[  101.287614]  ? get_name+0x730/0x730
[  101.291216]  ? up_read+0x40/0x40
[  101.294559]  reconnect_path+0x1f1/0x670
[  101.298511]  exportfs_decode_fh+0x28a/0x5b0
[  101.302807]  ? drop_caches_sysctl_handler+0x160/0x160
[  101.307972]  ? find_acceptable_alias+0x1e0/0x1e0
[  101.312701]  ? __fget_light+0x2b2/0x3c0
[  101.316651]  ? fget_raw+0x20/0x20
[  101.320078]  ? __check_object_size+0x8b/0x530
[  101.324551]  ? __might_sleep+0x95/0x190
[  101.328505]  do_handle_open+0x374/0x8a0
[  101.332457]  ? vfs_dentry_acceptable+0x10/0x10
[  101.337024]  ? SyS_write+0x184/0x220
[  101.340712]  ? SyS_read+0x220/0x220
[  101.344315]  SyS_open_by_handle_at+0x27/0x30
[  101.348697]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  101.353428]  do_syscall_64+0x281/0x940
[  101.357289]  ? vmalloc_sync_all+0x30/0x30
[  101.361434]  ? _raw_spin_unlock_irq+0x27/0x70
[  101.365901]  ? finish_task_switch+0x1c1/0x7e0
[  101.370370]  ? syscall_return_slowpath+0x550/0x550
[  101.375274]  ? syscall_return_slowpath+0x2ac/0x550
[  101.380179]  ? prepare_exit_to_usermode+0x350/0x350
[  101.385172]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  101.390511]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  101.395331]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  101.400494] RIP: 0033:0x454e79
[  101.403658] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  101.411341] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  101.418583] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  101.425826] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  101.433071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  101.440315] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000010
2018/03/31 16:37:11 executing program 7:
r0 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0xffff, 0x800)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x6, 0x8, 0xfffffffffffeffff, 0x6, 0x5, 0x1, 0x401, 0x6, 0x8, 0x1, 0x5}, 0xb)
r1 = socket$inet(0x15, 0x5, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0x4)
bind$inet(r1, &(0x7f000001bff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
connect$inet(r1, &(0x7f0000024ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$fuse(r0, &(0x7f00000001c0)={0x4f, 0x1, 0x2, @random="7d77026aae86f1410617a69752be2d1d27b8a44a1c14e9fbc0bd325bc62cd8fd1cda2475733cc5f686a1c649562acc525437eb5c30d5104ebd479fe4f431d7"}, 0x4f)
sendmsg(r1, &(0x7f0000001480)={0x0, 0x11, &(0x7f0000000040)=[{&(0x7f0000000000), 0xffbf}], 0x1, &(0x7f0000000180)}, 0x0)

2018/03/31 16:37:11 executing program 6 (fault-call:2 fault-nth:17):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:11 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:11 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00'}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:11 executing program 3:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
mount(&(0x7f0000000180)='./file0/bus\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, &(0x7f00000001c0))
r0 = socket(0x5, 0xa, 0x9)
fgetxattr(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="6f09322e6d643573756d2f0012eeaf697397aa51dd2419c15f21492a4b4e949e14ff76b016d1a345a6e7972716b9716626"], &(0x7f0000000080)=""/11, 0xb)
umount2(&(0x7f0000000200)='./file0/file0\x00', 0x0)
setsockopt$packet_int(r0, 0x107, 0x18, &(0x7f00000000c0)=0x83, 0x4)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000300)='/dev/snd/pcmC#D#c\x00', 0xff, 0x400)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f0000000340))
mount(&(0x7f0000000380)='./file0/bus\x00', &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='aufs\x00', 0x80080, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000280)={'mangle\x00'}, &(0x7f0000000000)=0x54)
syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x1, 0x20a00)

2018/03/31 16:37:11 executing program 4:
r0 = socket(0x10, 0x2, 0xc)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00')
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r1, 0x0, 0x70bd28, 0x25dfdbff, {0x2}, [@FOU_ATTR_AF={0x8, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40)
write(r0, &(0x7f0000000080)="1f0000000b06ffde0000f49f000000a9200600000900018001000000000600", 0x1f)

2018/03/31 16:37:11 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:11 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000080)=<r1=>0x0)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000140)=r1)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x24)
getsockopt$netrom_NETROM_T4(r2, 0x103, 0x6, &(0x7f0000000200)=0x5, &(0x7f0000000240)=0x4)

2018/03/31 16:37:11 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:11 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:11 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f00000000c0)={'HL\x00'}, &(0x7f0000000040)=0x1e)
bind$inet6(r0, &(0x7f0000807fe4)={0xa, 0x4e22}, 0x1c)
r1 = socket(0xa, 0x0, 0x0)
socket(0x0, 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000140)=ANY=[@ANYBLOB="9f229302d9f2e51073d79dcdd7ebfd9357703c8651e0ffd9e1d559e0849693899693c1068b1cf52246077608b9b9cac5ccfd236f8a8088aa203e02b37675530f0d1ab6c5e8e1a0ec55d36fdbe59dd07e0bc6c0ce365387af4dfc85fb4e10a6f7553f8a5c7e7ed79e4723d3be7de0271937999ed1810000000000000000000000000000eca71adeac16d839db7b6bca87d243562a4a8349d9b2468d"], &(0x7f0000000480)=0x1)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000005c0)={0x0, @in6={{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}}, 0x0, 0x8}, 0x98)
r2 = socket(0x0, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000004c0)={'bond0\x00'})
r3 = userfaultfd(0x0)
getsockname$ax25(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x10)
r4 = dup(r3)
accept4$nfc_llcp(r1, &(0x7f00000002c0), &(0x7f0000000000)=0x60, 0x80800)
mremap(&(0x7f0000d7e000/0x1000)=nil, 0x1000, 0x3000, 0x0, &(0x7f00001cd000/0x3000)=nil)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000100)={0x0, 0x0, 0x3}, 0x10)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000280)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000200))
ioctl$UFFDIO_REGISTER(r3, 0xc028aa03, &(0x7f0000000240)={{&(0x7f00005e3000/0x800000)=nil, 0x800000}, 0x200000})
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000340)={<r5=>0x0, 0x231}, &(0x7f0000000380)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f00000003c0)={r5, 0x80000001, 0x8d, "cad56d8b39458c4476ac6bf0623bc3f5b3530b64272165f9c986d2f37d33164fb6c425e6325063a669333f040a597b5c57434c757f551a37595cc64e733dc51c56219c28ae8ea14b33b8af902822a484249d26f64f8f056ed51e3c4584f40f9bdd5157273b384dddcf142deb1a819f07074e3483ec71aef5bb9e3159a513b410b287f4cc70497c8c8811d54b4e"}, 0x95)

[  101.954461] netlink: 'syz-executor4': attribute type 1 has an invalid length.
[  101.983370] netlink: 'syz-executor4': attribute type 1 has an invalid length.
[  102.037197] FAULT_INJECTION: forcing a failure.
[  102.037197] name failslab, interval 1, probability 0, space 0, times 0
[  102.048479] CPU: 1 PID: 8064 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  102.055577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  102.065017] Call Trace:
[  102.067607]  dump_stack+0x194/0x24d
[  102.071239]  ? arch_local_irq_restore+0x53/0x53
[  102.075901]  ? __save_stack_trace+0x7e/0xd0
[  102.080232]  should_fail+0x8c0/0xa40
[  102.083953]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  102.089051]  ? kasan_kmalloc+0xad/0xe0
[  102.092916]  ? __kmalloc+0x162/0x760
[  102.096607]  ? ext4_htree_store_dirent+0x8b/0x580
[  102.101426]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  102.106245]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  102.110895]  ? exportfs_get_name+0x1a0/0x240
[  102.115281]  ? reconnect_path+0x1f1/0x670
[  102.119406]  ? exportfs_decode_fh+0x28a/0x5b0
[  102.123877]  ? do_handle_open+0x374/0x8a0
[  102.128003]  ? SyS_open_by_handle_at+0x27/0x30
[  102.132569]  ? do_syscall_64+0x281/0x940
[  102.136607]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  102.141954]  ? find_held_lock+0x35/0x1d0
[  102.145998]  ? __lock_is_held+0xb6/0x140
[  102.150052]  ? check_same_owner+0x320/0x320
[  102.154354]  ? rcu_note_context_switch+0x710/0x710
[  102.159269]  should_failslab+0xec/0x120
[  102.163223]  __kmalloc+0x63/0x760
[  102.166657]  ? str2hashbuf_unsigned+0x250/0x250
[  102.171305]  ? ext4_htree_store_dirent+0x8b/0x580
[  102.176133]  ext4_htree_store_dirent+0x8b/0x580
[  102.180785]  htree_dirblock_to_tree+0x4e8/0xa00
[  102.185442]  ? dx_probe+0x1070/0x1070
[  102.189224]  ? save_stack+0xa3/0xd0
[  102.192831]  ? kmem_cache_alloc_trace+0x136/0x740
[  102.197649]  ? ext4_readdir+0x2285/0x3600
[  102.201776]  ? iterate_dir+0x1ca/0x530
[  102.205641]  ? get_name+0x52a/0x730
[  102.209242]  ? exportfs_get_name+0x1a0/0x240
[  102.213627]  ? reconnect_path+0x1f1/0x670
[  102.217749]  ? exportfs_decode_fh+0x28a/0x5b0
[  102.222220]  ? do_handle_open+0x374/0x8a0
[  102.226345]  ? SyS_open_by_handle_at+0x27/0x30
[  102.230903]  ? do_syscall_64+0x281/0x940
[  102.234942]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  102.240283]  ? __lock_acquire+0x664/0x3e00
[  102.244497]  ext4_htree_fill_tree+0x2bb/0xcb0
[  102.248972]  ? print_irqtrace_events+0x270/0x270
[  102.253707]  ? do_split+0x1d30/0x1d30
[  102.257493]  ? __lock_is_held+0xb6/0x140
[  102.261536]  ? ext4_readdir+0x2285/0x3600
[  102.265663]  ? rcu_read_lock_sched_held+0x108/0x120
[  102.270658]  ? kmem_cache_alloc_trace+0x459/0x740
[  102.275475]  ? do_syscall_64+0x281/0x940
[  102.279512]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  102.284855]  ? percpu_ref_put_many+0x11a/0x220
[  102.289415]  ? free_rb_tree_fname+0x9c/0xe0
[  102.293718]  ext4_readdir+0x206a/0x3600
[  102.297666]  ? debug_mutex_init+0x1c/0x60
[  102.301794]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  102.306802]  ? __ext4_check_dir_entry+0x320/0x320
[  102.311625]  ? lockref_get+0x42/0x50
[  102.315322]  ? lock_acquire+0x1d5/0x580
[  102.319271]  ? lock_acquire+0x1d5/0x580
[  102.323224]  ? iterate_dir+0xc3/0x530
[  102.327012]  ? lock_release+0xa40/0xa40
[  102.330966]  ? check_same_owner+0x320/0x320
[  102.335265]  ? _copy_to_user+0xc0/0xc0
[  102.339133]  ? rcu_note_context_switch+0x710/0x710
[  102.344043]  ? __might_sleep+0x95/0x190
[  102.347999]  ? down_read_killable+0x95/0x180
[  102.352392]  ? iterate_dir+0xc3/0x530
[  102.356168]  ? down_write+0x120/0x120
[  102.359952]  iterate_dir+0x1ca/0x530
[  102.363649]  get_name+0x52a/0x730
[  102.367081]  ? bl_cleanup_pipefs+0x30/0x30
[  102.371297]  ? exportfs_encode_fh+0x100/0x100
[  102.375792]  exportfs_get_name+0x1a0/0x240
[  102.380001]  ? exportfs_get_name+0x1a0/0x240
[  102.384393]  ? get_name+0x730/0x730
[  102.387993]  ? up_read+0x40/0x40
[  102.391349]  reconnect_path+0x1f1/0x670
[  102.395304]  exportfs_decode_fh+0x28a/0x5b0
[  102.399602]  ? drop_caches_sysctl_handler+0x160/0x160
[  102.404772]  ? find_acceptable_alias+0x1e0/0x1e0
[  102.409507]  ? __fget_light+0x2b2/0x3c0
[  102.413459]  ? fget_raw+0x20/0x20
[  102.416892]  ? __check_object_size+0x8b/0x530
[  102.421371]  ? __might_sleep+0x95/0x190
[  102.425331]  do_handle_open+0x374/0x8a0
[  102.429285]  ? vfs_dentry_acceptable+0x10/0x10
[  102.433846]  ? SyS_write+0x184/0x220
[  102.437540]  ? SyS_read+0x220/0x220
[  102.441147]  SyS_open_by_handle_at+0x27/0x30
[  102.445529]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  102.450266]  do_syscall_64+0x281/0x940
[  102.454134]  ? vmalloc_sync_all+0x30/0x30
[  102.458259]  ? trace_event_raw_event_sys_exit+0x260/0x260
[  102.463771]  ? syscall_return_slowpath+0x550/0x550
[  102.468678]  ? syscall_return_slowpath+0x2ac/0x550
[  102.473587]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  102.478934]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  102.483760]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
2018/03/31 16:37:11 executing program 3:
r0 = memfd_create(&(0x7f000088f000)='b\n\x00\x00\x00', 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x5011, r0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x1, 0x8001, 0x7, 0x80000001, <r1=>0x0}, &(0x7f0000000040)=0x10)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000100)={<r2=>0x0, 0x92, "e664444b37273e49c79d316e266d61a43918d1fc5dbf2e2ff01f659b84bc13a94894f5894cb9028f3a115dc576910aa44c7a65752ad45e686054106cb2a35aaf5d779ddb4e1023ab4f4bef9d0c74a70f32aa1de379a8a50eb29a95d526815e0138a3be21be49f9315f6d326a2a98f775200a0fce219fccf975e4cd99aa1592e4d653d57540e74c75b3aeb9d07c904866fb76"}, &(0x7f00000001c0)=0x9a)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000200)={r1, 0x5, 0x1, 0x4, 0x98d7, 0xc979, 0xffff, 0x1, {r2, @in6={{0xa, 0x4e23, 0x5, @dev={0xfe, 0x80, [], 0x17}, 0xfffffffffffffff9}}, 0x1, 0x800, 0x9, 0x3, 0x4930}}, &(0x7f00000002c0)=0xb0)
clone(0x0, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100))
ftruncate(r0, 0x0)

2018/03/31 16:37:11 executing program 4:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
dup2(r0, r0)

2018/03/31 16:37:11 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[  102.488927] RIP: 0033:0x454e79
[  102.492091] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  102.499778] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  102.507030] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  102.514279] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  102.521526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  102.528770] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000011
2018/03/31 16:37:11 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:11 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000000)={{{@in=@rand_addr, @in6=@mcast2}}, {{@in=@rand_addr}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000100)=0xe8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000002c0)={<r1=>0x0, 0x33, "b27d8508066a2eee2dc2e355ea7f25294a302b7748b339f91b16e0c929333e48eb978f2bbd220743c634b17d910719e5c70e83"}, &(0x7f0000000300)=0x3b)
accept4$llc(0xffffffffffffff9c, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000480)=0x10, 0x80000)
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0xf, &(0x7f00000004c0)=0xfff, 0x4)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000340)={0x0, 0xffffffff, 0x9, 0x43, 0xec43, 0x9, 0xa730, 0x0, {r1, @in={{0x2, 0x4e24, @loopback=0x7f000001}}, 0x0, 0x7, 0x100000001, 0x4, 0x4}}, &(0x7f0000000400)=0xb0)
r2 = accept4(0xffffffffffffffff, &(0x7f00000001c0)=@pptp={0x0, 0x0, {0x0, @broadcast}}, &(0x7f00000005c0)=0x80, 0x80000)
r3 = request_key(&(0x7f0000000540)='dns_resolver\x00', &(0x7f0000000580)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000640)='\x00', 0xfffffffffffffff9)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000700)='/dev/snd/pcmC#D#p\x00', 0x4, 0x202000)
ioctl$DRM_IOCTL_GET_STATS(r4, 0x80f86406, &(0x7f0000000740)=""/44)
r5 = add_key(&(0x7f0000000680)='user\x00', &(0x7f00000006c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000001600)="fd82c511caf25973d722c4cf9d04485843f1c2c91d52e1992e36cac60b844c499ec0793f4f949bdea8f3450bb2aca963a44a3ceca0d2db57cc9908e0ff425a6ad938e85a5f4fc82e53ab567c0e3f4c5314e61cc494bafe8d59593426207cda88206dc43e0abf6a7d66e8a653d796040a510055f0b9774d9263986686c7984a4148266a6dca609a4fdae243fca3e99abed131d00c980c9c3d94d496540130be102da3ead55d96720064a52e0169cd85822b61c7826bd0fcf7f31d72b624840e33b69f80e8d490c636e608a47680ba4b888dfc93af18ab6f7e1796250384d02ab7e274fad238b8a8bbd13f8920aa31e50400d29485dfd35baccffcdd2f727003cce7ef8eaa02e554dbf9589129d4e13bda580158c551149121bba8bdfb39627ffcdb77444f97ee173a5b033ef8f027a30a0f1ff3fce1db534050f4327aae275233ea0c90c2ca3461b2ba8256ab85d77046deb819fc0f8a54454064efb29160712252bcd5b5c18fc31abe4da685f7d4654fd4a34862cf662f5677f25fe40ecce8e1f25e123038e748c8c2437d6edaf722646cff0657a29e16ed658631cec4dcb8b694dd59c716a0f8f4b8a02fcbfe1776d53a709039cb9230a83f096cd252dddae93d5ebeedc15b09b0c5cdcaec798e40411d687d01e00130280afa2017ace694a01727cef5b35e222354ca16d368894d4e958f638671071ddeb450e7ad6e5162dc8c7e2df298710c501f1d03c122f9d784e5e2c8dfd0547c5dc9d9e62bf042c9be0f668b8ddc6da14c5b0f7281f3ce13aa7815cd04a8a5e8b743af211f2f30b6b2f2040a1edfb2a27af6c8c489fc0bf035bba2d1dbcfc70979e52c01235e31e36dc9a3cae4ef69fd2b6704338cb7dab9b5131485f207a228f2508813b10a441d04104de297f66b45d84abdfd1191b82f8c2b2e4bb302133e1561cb237db13562fc9c555a65a76bcc6a99bb03400d1130cc9cb0a2ed82152d524decc65047d9a09742feaf9bf8350f9690e65c436957e72ce9924f78650eee6c482c539285c3cf886788d648617b510b0b4ef7c30147a466d1e8346702509cb6f7eb1f1803269a7af27f65c11de3078183e252507af3d38d3e530098c39469ff6d92d42846312c8e2466cb9c70978b63656e5066e53ccb57baa316a4384bebb9e38112f7521d86f51f72e705bc5061b9f7cdcfcb511535b684868ae9f23a5f7277d4f737faffd8d824494cd4c124a302d17655d504990c3b6f22691bf8808ab9d424006def36d6952c57641ce11fdd84f68f8104d9ad4f2d24034ac3734aab96cc7d37ab39e3eb1a99bcf115e764c6f998b876a855217c40b5b65269f0fbb00cce896e94a17f3382887266637c4630eb9ff471be24ad29753a8a607f01288c8688f0cb6b0f5139da8afcc3875fadd7b0b0c59a2e8aa8273c886ee079e67868b6913d1dbca0b9fd39432aaf4a07fb45545727b61d307afbd4eb82b930534d8b468af0b5a52d55dc11ecfd40c2f3cc442ecc377f4db686734af6a167ab9ea0c0965d8685fd4d7adde27f8998c9035a6e3f83f9547b80a06c1b8582f9590cd92f150ade7a3e1cb3f1c135b179225bfe8a7e8f7b951a30d284bdbaec281d283e826ddcb7a24618ce571ba1faaf468899cde6c946a6f33c02e14faafa5c0cc2c9d7213317aeb1358f5f41312e22297615c4a15e910633b72a18a6bd6a98c1ddf0deab259adbd4da388e45e47f9a41d3ee2618110216256e5b3446970e646d06a5398174b3a57b0242b239c21d2257ea4700d74486025c233fdd6508d5afc59b9ec3387cd3434b63eca5c392e2d387e5b3e30172947e2acdd0859aeae5183260354d93411e78fef6d0113ed29b1db26563e41c2de7331ffc1581c6a43b75a6d0e1398d5a20c90411860edad2cde9c927efabcbe454498644f2e0aecab3f19b1a9f11662ba21258a11a1b5e9bea44163c135bb3f85c2ff531f0413015354a3db7c4fef71163a3db4b5d60a824868998b4b4a1e7db2c1e8783e32612beb89fe7917353b067dc3ef910c2f700c192ff195d2383ceee03e3ffc66a46e3c8bb171464d5873c7556c8013390023def093f59e580f2af227b70e06de673fd684d9a93c25ea7fa3d116f055b45f0619efb2a468ce3292f10f5b77e28516fd63d0de095a195ddcd547b323b400e597621f9eb972a61975cf0f27b986cdf2c5a7ae54cc48296c0b18be0281faa00530e0c504994799020ec87b3dd9dac20454cc8331a1fdbf1ea6d0cf952427036ef0bc267c3d454a892e952f54f53ad38c39648b247d04290a63c080210ea40412b23d97afef9975ff3688ee2c042d29def06e1541a9764c75ae6a3ae015d4a0e022d2d56f73d09fbf3ca2f90b15a61bea757498b312739744aff6d61296b0160c6a59c5782a24200b2d6a9bc57be997ddd7c83bbeb0cf38d398dad6941ffb3b82c7b9542de7313ee5417b70b70f8d3b84ebc291826689867edce67c4c288aec50215f81893222d8f447141e304ab083c949b5bfa08ed1063045d46bfa7ec0e8893a004603757ab66363b5e5aafe96659b416e1b9bac887080dbdf6ccc756d0fb2511d914271fb2a9aed1b3a106977bdf47ea1c71be4f3ab21195a02c2fdfdf5e590869eb8a0466dcc82ef30e5576814e9bf8e1722d5e7217e00ebd9641b34052fc56791c392c84259219d1872ddebac5dc1509f1ad5e2ee4f2358706e0b712e4dbc2a1ff067ffb49e488ced7cdfe72ccd4a669a3fcc81f43894eebf994c3e07099792533555917e43f2f53b7e86d5de10f91588ef39c415367de79bc14f9d9b4db7867c7d128204e4131eadc5e72f0f4e842b1df7f953811e5667b5be6bc5533607243b2b1db1c3a4fc9fb864c456bd4d8c0cd98ff2595803fac4d7fdd156d003c562d5b1366119332f36029bf6e57546c5c5c1c759b2d33a3ac91265ce3796896a4202113a0487ab8303866ac343c44f98e5e73a7e97d5aa4ebe323a661dc6b40e5e547b74b3264e1228b58aa58314f3597164a802c9944a91daa254a9684dbc4bcf2cc0958c00a73d101382eae926cac763bc5e0bcc244d71dfafaa7d7df0dd4e866528626ef4fd179e864a38dd75830a4f5bb1ee171e5b6f081201a3d3462d7970e2c785070b22ddb443a4c42fba407e22c6c0497e9be21483164a128af8905e80c56878afb35bcf5c039fee796c8bbbccc815f36f07a35e5dfec39a981f2211698a81d89912bdc14f62db5487bfc8baafe75daea4f6739bd2a24f24da6327974184f3a42254857e969a43e77934a7dbf11196706f34a21df5ca129722684d0019e3a8f8889824b5ab7021e2f9bc825c0bd4789ac08364920f4faef5bf93e59f2a6f295d478c2cbe6cfe8ceae9e71079ce0ee34c7ae37c128e13245b9e0c5f03af74da12c93d07f07785a0eb0f039f2a676ac959060cec7699ec88ffea9b87d858b63e4936671168abe009122b626f8f05924a2c1d800e471a5174483ec31609a8f80c085bd3a14a9ffd7969b8bd05ab9093b8aea6851c1ea7285ed8d94f8fa80ff669988bc7bd7f3d05e425cee8b9f0edab9b4b66eee6a44fca0f111cb728a5dbbd3015a7fd40303bcadeaac7555998aba94713ccc1a7ac70d8bf096b81476b0dd53cef2cf8f968d751392502fb5c3d2030bec7b968c26d0a57d9d172b6ec3e486e3418755357c0bbbbb1419670fc681e11dcfc79a6fe8c6b69ebe7463fc3a68736e22a5e658ff44a740405b30d2ff278aa6172b54b86f1865acfe3caedac735f7f454465be12a2152a0a09c0d4c224c566ce9ce5f367d112dd43e881986dd13c88a4dde0b19feffd04bfdcb43a346dcf8334c62ed0a5cfaae64616e8ef70cdd38116fd525ba236fca506f76d221c876e40fac59c96757bece4a6d1b77508c4c8612934bf4db23c223a03480f9406f3645e0225ccc9398d1ed7736226ac274056160e0a405406753a9a02ec869fb168019dab5734035c58424d6ea1f0e4deca7b732e5e2eef9f6be025acdec3ac0f7a21ce2eab7b0f1d8c8f2173c42d9349ecf288a96e8b15382e60aa46434e0e72a8f65e51932028a1a5cf7f565950c88255e2affa661f37684def36be73971eea638dd4e59720c20152a69998ee68daa471777c4e83d73aba2d8bda32391872b9ad94e5efa48907cc087c37b13c620de4ec087e6f57351aa9134134c03d9513e479b5a51375614543af3fabfa6f70a9c95edcf8e07c525b8f02ce27d13ffdf9594edcc6dd81e0ce6e204a10f09503cc25bbfc4863c402a496ed019ddfb5d546af703f91ba3f419bc45c18bb29fdd3977c6fb992a7389cde31e56d17e99ed4863b3ce290421b9a4e9b10d6bee241af9c995a500d95f73ae54dfc55bba7276ef6807f6e2421c4d33afe36844f0e761e43540f608b66aa73387e4a82735742acd79437889dd4104d61c977e87fbb530a66b44e66367409906058dd709e2a1dbeba513dff39b3b737b6d3e9169e302a04ee89e848bab402901a3ae8b3efce9bd9c517c4a2363407fca9a7c48565bbb4fff4a1021bc90e6507d0d887c42d8957ad5e75f30de56ad8fe2397148d3d2c167d58ba6ba097df61dae1499e1333b1ad7c90ac41f93e6b95c7e94d156d8e1b9c2daa7ca8be120b334ff370835a542ab179c5e0fb22cad559c77a75b9ca4576614e4327dbf8e47f9af0e18bb160c887ee2818054be2ee58d60942addccbb33ed28e45540ebdf99d94773c8587b5dda64f63cc1407ab5ac3229da0613ad0fc9d6eac67cb58d08768d1128567206087871e1a2546b86d62b12373acb59d21f5d57deed417ea5d96a8146443d6f401fb6c41e2bbceb5dc019da80cfcb89b1aef402af28d74cca12d87d2a6d712c41ec37d03d60458abb667663f11bda6ba1a27a3ec3f23a20a4d5b94bf1d24c8187ecbb8f9b362ada7507d6c2e8da98697f72a86da103fb45892f84b7a106661765b4ba0b32557cc4840963ef033ec33e027ac222a88110223be47c242d08206d8efafc7241ee758019eadc6844b0c0beccb1b908ccf5eb1f96982221a64708dc6fe9a831b7532ccdd810c59d0e03480bb6d5b37f887f166d234d35abb2198556bf49cf33ccbe78420d59b8b7e62e56ccfa8b672ba1b998810400f1ed5d7249d62c8b0b272a54be80afa9ac6aa7cd6e18fdb9a856aa59684f05b14ab5df1a59222a51b94aa041a110a8a9fb232630f64adb2e43d1bde8c162eb36208c88d4ae90e56c216af21830cd2e0c2f25b1da50d97132d499b572a03b9371d01d9678008292d616a40b3c35b2aa8216be220e69cb0982a1eb35067b113edc486fc9ed687072621383594716db39256bf8330f45f88148b65b591bf400502f498df1a6ed4f7cfe647fbef9fd5a459f25fbeec88568c3e9b54c728bfe973caad12ce651383d01a44633deb4551bfded46b203dfb851af41aa0f0743fae7d75607e34b229c293ff1f08a48934336000a07922947ebdc2fa103910d738804242d0cecb71e368b723c377fc7ffc84aaeb2558d6404cde57a83f1200c5dd27d0ef6a35b78bf89842485378ad72bae277deb3eaa490af726dd5e3ee12ff6828def41834296ee8972a8b6933a0d7f293c17986949678ee75ba0af420b316fcebdd6a59a404e084d57e2eaa3b63b09de2712bf84075861d2d2a2f02ef5924dbbda8b14035d035f7eaaeabf47c017f2f1d8d157b7c83e9477191e6765c3ac3093e1ed11a39665a43c87e5b819f3bb9fa6b066c6933aa8cb118ef1f63d2871f81aa22fffeb17cd3a4a0c557f7951839d66749e136db9077ebbb8afa911e836dafadf4b", 0x1000, 0xfffffffffffffff9)
keyctl$negate(0xd, r3, 0x7, r5)
setsockopt$ipx_IPX_TYPE(r2, 0x100, 0x1, &(0x7f0000000600)=0x66d9, 0x4)
sendmsg$nl_generic(r0, &(0x7f0000b3dfc8)={&(0x7f0000001580)={0x10}, 0xc, &(0x7f00000015c0)={&(0x7f0000000140)={0x20, 0x22, 0x105, 0x0, 0x0, {0x4}, [@typed={0x8, 0x0, @u32}, @generic="a3"]}, 0x20}, 0x1}, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000180)='gretap0\x00')
rt_sigtimedwait(&(0x7f0000000240)={0xc4a}, &(0x7f0000000280), &(0x7f0000000500), 0x8)

2018/03/31 16:37:11 executing program 6 (fault-call:2 fault-nth:18):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[  102.667572] netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'.
[  102.696640] FAULT_INJECTION: forcing a failure.
[  102.696640] name failslab, interval 1, probability 0, space 0, times 0
[  102.707924] CPU: 0 PID: 8098 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  102.707935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  102.707939] Call Trace:
[  102.707955]  dump_stack+0x194/0x24d
[  102.707967]  ? arch_local_irq_restore+0x53/0x53
[  102.707976]  ? __save_stack_trace+0x7e/0xd0
[  102.707993]  should_fail+0x8c0/0xa40
[  102.743445]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  102.745319] netlink: 4 bytes leftover after parsing attributes in process `syz-executor4'.
[  102.748542]  ? kasan_kmalloc+0xad/0xe0
[  102.748552]  ? __kmalloc+0x162/0x760
[  102.748566]  ? ext4_htree_store_dirent+0x8b/0x580
[  102.748575]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  102.748585]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  102.748595]  ? exportfs_get_name+0x1a0/0x240
[  102.748605]  ? reconnect_path+0x1f1/0x670
[  102.769369]  ? exportfs_decode_fh+0x28a/0x5b0
[  102.769378]  ? do_handle_open+0x374/0x8a0
[  102.769392]  ? SyS_open_by_handle_at+0x27/0x30
[  102.769401]  ? do_syscall_64+0x281/0x940
[  102.769413]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  102.769426]  ? find_held_lock+0x35/0x1d0
[  102.769439]  ? __lock_is_held+0xb6/0x140
[  102.818124]  ? check_same_owner+0x320/0x320
[  102.822445]  ? rcu_note_context_switch+0x710/0x710
[  102.827376]  should_failslab+0xec/0x120
[  102.831347]  __kmalloc+0x63/0x760
[  102.834793]  ? str2hashbuf_unsigned+0x250/0x250
[  102.839466]  ? ext4_htree_store_dirent+0x8b/0x580
[  102.844314]  ext4_htree_store_dirent+0x8b/0x580
[  102.848979]  htree_dirblock_to_tree+0x4e8/0xa00
[  102.853647]  ? dx_probe+0x1070/0x1070
[  102.857442]  ? save_stack+0xa3/0xd0
[  102.861058]  ? kmem_cache_alloc_trace+0x136/0x740
[  102.865894]  ? ext4_readdir+0x2285/0x3600
[  102.870035]  ? iterate_dir+0x1ca/0x530
[  102.873917]  ? get_name+0x52a/0x730
[  102.877536]  ? exportfs_get_name+0x1a0/0x240
[  102.881935]  ? reconnect_path+0x1f1/0x670
[  102.886077]  ? exportfs_decode_fh+0x28a/0x5b0
[  102.890565]  ? do_handle_open+0x374/0x8a0
[  102.894706]  ? SyS_open_by_handle_at+0x27/0x30
[  102.899271]  ? do_syscall_64+0x281/0x940
[  102.903307]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  102.908647]  ? __lock_acquire+0x664/0x3e00
[  102.912865]  ext4_htree_fill_tree+0x2bb/0xcb0
[  102.917359]  ? print_irqtrace_events+0x270/0x270
[  102.922092]  ? do_split+0x1d30/0x1d30
[  102.925869]  ? __lock_is_held+0xb6/0x140
[  102.929906]  ? ext4_readdir+0x2285/0x3600
[  102.934455]  ? rcu_read_lock_sched_held+0x108/0x120
[  102.939444]  ? kmem_cache_alloc_trace+0x459/0x740
[  102.944259]  ? do_syscall_64+0x281/0x940
[  102.948293]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  102.953628]  ? percpu_ref_put_many+0x11a/0x220
[  102.958184]  ? free_rb_tree_fname+0x9c/0xe0
[  102.962479]  ext4_readdir+0x206a/0x3600
[  102.966428]  ? debug_mutex_init+0x1c/0x60
[  102.970548]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  102.975543]  ? __ext4_check_dir_entry+0x320/0x320
[  102.980359]  ? lockref_get+0x42/0x50
[  102.984062]  ? lock_acquire+0x1d5/0x580
[  102.988023]  ? lock_acquire+0x1d5/0x580
[  102.991986]  ? iterate_dir+0xc3/0x530
[  102.995782]  ? lock_release+0xa40/0xa40
[  102.999745]  ? check_same_owner+0x320/0x320
[  103.004052]  ? _copy_to_user+0xc0/0xc0
[  103.007914]  ? rcu_note_context_switch+0x710/0x710
[  103.012815]  ? __might_sleep+0x95/0x190
[  103.016762]  ? down_read_killable+0x95/0x180
[  103.021142]  ? iterate_dir+0xc3/0x530
[  103.024915]  ? down_write+0x120/0x120
[  103.028693]  iterate_dir+0x1ca/0x530
[  103.032382]  get_name+0x52a/0x730
[  103.035807]  ? bl_cleanup_pipefs+0x30/0x30
[  103.040019]  ? exportfs_encode_fh+0x100/0x100
[  103.044502]  exportfs_get_name+0x1a0/0x240
[  103.048707]  ? exportfs_get_name+0x1a0/0x240
[  103.053087]  ? get_name+0x730/0x730
[  103.056684]  ? up_read+0x40/0x40
[  103.060033]  reconnect_path+0x1f1/0x670
[  103.063989]  exportfs_decode_fh+0x28a/0x5b0
[  103.068284]  ? drop_caches_sysctl_handler+0x160/0x160
[  103.073446]  ? find_acceptable_alias+0x1e0/0x1e0
[  103.078174]  ? __fget_light+0x2b2/0x3c0
[  103.082119]  ? fget_raw+0x20/0x20
[  103.085546]  ? __check_object_size+0x8b/0x530
[  103.090020]  ? __might_sleep+0x95/0x190
[  103.093976]  do_handle_open+0x374/0x8a0
[  103.097922]  ? vfs_dentry_acceptable+0x10/0x10
[  103.102478]  ? trace_hardirqs_off+0xd/0x10
[  103.106686]  ? exit_to_usermode_loop+0x198/0x2f0
[  103.111415]  ? trace_event_raw_event_sys_exit+0x260/0x260
[  103.116924]  SyS_open_by_handle_at+0x27/0x30
[  103.121302]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  103.126035]  do_syscall_64+0x281/0x940
[  103.129894]  ? vmalloc_sync_all+0x30/0x30
[  103.134019]  ? _raw_spin_unlock_irq+0x27/0x70
[  103.138491]  ? finish_task_switch+0x1c1/0x7e0
[  103.142957]  ? syscall_return_slowpath+0x550/0x550
[  103.147857]  ? syscall_return_slowpath+0x2ac/0x550
[  103.152757]  ? prepare_exit_to_usermode+0x350/0x350
[  103.157744]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  103.163080]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  103.167895]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  103.173056] RIP: 0033:0x454e79
[  103.176220] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  103.183899] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  103.191145] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  103.198390] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  103.205634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  103.212874] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000012
2018/03/31 16:37:12 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:12 executing program 7:
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001fc8)={0x0, 0x0, &(0x7f0000003000), 0x0, &(0x7f0000002000)=[{0x10, 0x10e}], 0x10}, 0x0)
ioctl(r0, 0xc0184900, &(0x7f0000002000))
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f00000abfc0)={0x3ffff9, 0xfffffffffffffffe, 0x3}, &(0x7f0000768000)={0x0, 0xfd5, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000086000)={0x0, 0x0, 0x80}, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f0000000080), 0x8})

2018/03/31 16:37:12 executing program 3:
ioctl$DRM_IOCTL_RM_CTX(0xffffffffffffffff, 0xc0086421, &(0x7f0000000180))
mq_open(&(0x7f0000000240)='!(+\x00', 0xfffffffffffffffc, 0x0, &(0x7f0000000280)={0x0, 0xfffffffffffffffd, 0x6})
r0 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000080)={0x2, 0x8000, 0xfffffffffffffff9, 0x9, 0x3, 0x5})
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4)
eventfd(0x400)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000000)=0x3, 0x4)
sendto$inet6(r1, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000008000)={0xa, 0x0, 0xb, @mcast1={0xff, 0x1, [], 0x1}}, 0x1c)

2018/03/31 16:37:12 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:12 executing program 4:
personality(0x800008)
uname(&(0x7f0000ffaff1)=""/15)
r0 = dup(0xffffffffffffff9c)
ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x9})

2018/03/31 16:37:12 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x6, 0x400)
ioctl$TIOCNXCL(r1, 0x540d)

2018/03/31 16:37:12 executing program 6 (fault-call:2 fault-nth:19):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:12 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
getsockname$ax25(0xffffffffffffffff, &(0x7f00000002c0), &(0x7f0000000300)=0x10)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:12 executing program 4:
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000d81ff8)=0x101)
mkdir(&(0x7f000082f000)='./control\x00', 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000e4c000)={0xaa})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = syz_fuseblk_mount(&(0x7f0000000000)='./control\x00', &(0x7f0000000080)='./control/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
rename(&(0x7f0000000240)='./control/file0\x00', &(0x7f00000001c0)='./file0\x00')
ftruncate(r2, 0x0)
close(r1)
dup3(r3, r3, 0x0)

2018/03/31 16:37:12 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
gettid()
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  103.310796] FAULT_INJECTION: forcing a failure.
[  103.310796] name failslab, interval 1, probability 0, space 0, times 0
[  103.322087] CPU: 1 PID: 8139 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  103.329183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  103.338529] Call Trace:
[  103.341116]  dump_stack+0x194/0x24d
[  103.344748]  ? arch_local_irq_restore+0x53/0x53
[  103.349417]  ? __save_stack_trace+0x7e/0xd0
[  103.353752]  should_fail+0x8c0/0xa40
[  103.357470]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  103.362578]  ? kasan_kmalloc+0xad/0xe0
[  103.366461]  ? __kmalloc+0x162/0x760
[  103.370171]  ? ext4_htree_store_dirent+0x8b/0x580
[  103.375010]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  103.379848]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  103.384503]  ? exportfs_get_name+0x1a0/0x240
[  103.388888]  ? reconnect_path+0x1f1/0x670
[  103.393016]  ? exportfs_decode_fh+0x28a/0x5b0
[  103.397494]  ? SyS_open_by_handle_at+0x27/0x30
[  103.402055]  ? do_syscall_64+0x281/0x940
[  103.406095]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  103.411440]  ? find_held_lock+0x35/0x1d0
[  103.415486]  ? __lock_is_held+0xb6/0x140
[  103.419537]  ? check_same_owner+0x320/0x320
[  103.423842]  ? rcu_note_context_switch+0x710/0x710
[  103.428757]  should_failslab+0xec/0x120
[  103.432712]  __kmalloc+0x63/0x760
[  103.436144]  ? str2hashbuf_unsigned+0x250/0x250
[  103.440794]  ? ext4_htree_store_dirent+0x8b/0x580
[  103.445620]  ext4_htree_store_dirent+0x8b/0x580
[  103.450273]  htree_dirblock_to_tree+0x4e8/0xa00
[  103.454931]  ? dx_probe+0x1070/0x1070
[  103.458710]  ? save_stack+0xa3/0xd0
[  103.462317]  ? kmem_cache_alloc_trace+0x136/0x740
[  103.467139]  ? ext4_readdir+0x2285/0x3600
[  103.471267]  ? iterate_dir+0x1ca/0x530
[  103.475134]  ? get_name+0x52a/0x730
[  103.478737]  ? exportfs_get_name+0x1a0/0x240
[  103.483124]  ? reconnect_path+0x1f1/0x670
[  103.487248]  ? exportfs_decode_fh+0x28a/0x5b0
[  103.491719]  ? do_handle_open+0x374/0x8a0
[  103.495842]  ? SyS_open_by_handle_at+0x27/0x30
[  103.500400]  ? do_syscall_64+0x281/0x940
[  103.504438]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  103.509791]  ? __lock_acquire+0x664/0x3e00
[  103.514010]  ext4_htree_fill_tree+0x2bb/0xcb0
[  103.518491]  ? print_irqtrace_events+0x270/0x270
[  103.523227]  ? do_split+0x1d30/0x1d30
[  103.527028]  ? __lock_is_held+0xb6/0x140
[  103.531080]  ? ext4_readdir+0x2285/0x3600
[  103.535207]  ? rcu_read_lock_sched_held+0x108/0x120
[  103.540203]  ? kmem_cache_alloc_trace+0x459/0x740
[  103.545029]  ? do_syscall_64+0x281/0x940
[  103.549075]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  103.554419]  ? free_rb_tree_fname+0x9c/0xe0
[  103.558723]  ext4_readdir+0x206a/0x3600
[  103.562673]  ? debug_mutex_init+0x1c/0x60
[  103.566817]  ? __ext4_check_dir_entry+0x320/0x320
[  103.571647]  ? lock_acquire+0x1d5/0x580
[  103.575599]  ? lock_acquire+0x1d5/0x580
[  103.579561]  ? iterate_dir+0xc3/0x530
[  103.583346]  ? lock_release+0xa40/0xa40
[  103.587301]  ? _copy_to_user+0xc0/0xc0
[  103.591173]  ? rcu_note_context_switch+0x710/0x710
[  103.596086]  ? __might_sleep+0x95/0x190
[  103.600046]  ? down_read_killable+0x95/0x180
[  103.604431]  ? iterate_dir+0xc3/0x530
[  103.608210]  ? down_write+0x120/0x120
[  103.611995]  iterate_dir+0x1ca/0x530
[  103.615694]  get_name+0x52a/0x730
[  103.619130]  ? bl_cleanup_pipefs+0x30/0x30
[  103.623347]  ? exportfs_encode_fh+0x100/0x100
[  103.627849]  exportfs_get_name+0x1a0/0x240
[  103.632065]  ? exportfs_get_name+0x1a0/0x240
[  103.636453]  ? get_name+0x730/0x730
[  103.640057]  ? up_read+0x40/0x40
[  103.643410]  reconnect_path+0x1f1/0x670
[  103.647368]  exportfs_decode_fh+0x28a/0x5b0
[  103.651667]  ? drop_caches_sysctl_handler+0x160/0x160
[  103.656837]  ? find_acceptable_alias+0x1e0/0x1e0
[  103.661575]  ? __fget_light+0x2b2/0x3c0
[  103.665529]  ? fget_raw+0x20/0x20
[  103.668959]  ? __check_object_size+0x8b/0x530
[  103.673437]  ? __might_sleep+0x95/0x190
[  103.677400]  do_handle_open+0x374/0x8a0
[  103.681357]  ? vfs_dentry_acceptable+0x10/0x10
[  103.685919]  ? SyS_write+0x184/0x220
[  103.689612]  ? SyS_read+0x220/0x220
[  103.693223]  SyS_open_by_handle_at+0x27/0x30
[  103.697608]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  103.702340]  do_syscall_64+0x281/0x940
[  103.706205]  ? vmalloc_sync_all+0x30/0x30
[  103.710332]  ? _raw_spin_unlock_irq+0x27/0x70
[  103.714807]  ? finish_task_switch+0x1c1/0x7e0
[  103.719279]  ? syscall_return_slowpath+0x550/0x550
[  103.724185]  ? syscall_return_slowpath+0x2ac/0x550
[  103.729093]  ? prepare_exit_to_usermode+0x350/0x350
[  103.734089]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  103.739433]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  103.744261]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  103.749427] RIP: 0033:0x454e79
[  103.752595] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
2018/03/31 16:37:13 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:13 executing program 7:
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0x200002, 0x0)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_SET_LOG_BASE(r0, 0xaf01, &(0x7f0000307000)=&(0x7f0000989fff))
r1 = eventfd2(0x225a4fdc, 0x10000000000)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000640)=r1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000df5fd8)={0x0, 0x1, &(0x7f0000000200)=""/105, &(0x7f0000bf6000)=""/228, &(0x7f0000000080)=""/199})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000cef000)={0x1, 0x0, &(0x7f000062a000)=""/167, &(0x7f0000aac000)=""/21, &(0x7f00002fdf52)=""/174})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000540)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000001c0)=0x4081)
prctl$void(0x20)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000580))
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000180)={0x3, &(0x7f0000000040)=[{0x0, 0x1}, {0x100, 0x2, 0x0, 0x400}, {0x0, 0x7ff, 0x3}]})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0x6, &(0x7f0000000080), 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000240)={0x0, 0x0, 0x41, "7feacf47cbb719dc11d66456fcba9232ce4c965b28d477eaff40356f476d67fb97f978139e9082481a5ba90260d9421541c7e4e72907fb9da49b5064df935d2bcd"}, 0x49)
mmap(&(0x7f0000000000/0xf9a000)=nil, 0xf9a000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000000000))

[  103.760284] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  103.767916] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  103.775162] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  103.782409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  103.789680] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000013
2018/03/31 16:37:13 executing program 6 (fault-call:2 fault-nth:20):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:13 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
gettid()
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:13 executing program 3:
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x80)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000200)='tls\x00', 0x4)
pread64(r0, &(0x7f0000000100)=""/243, 0xf3, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xf, 0x4, 0x4, 0x8, 0x12}, 0x2c)

2018/03/31 16:37:13 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[  103.890966] FAULT_INJECTION: forcing a failure.
[  103.890966] name failslab, interval 1, probability 0, space 0, times 0
[  103.902299] CPU: 0 PID: 8152 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  103.909394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  103.918739] Call Trace:
[  103.921327]  dump_stack+0x194/0x24d
[  103.925213]  ? arch_local_irq_restore+0x53/0x53
[  103.929879]  ? __save_stack_trace+0x7e/0xd0
[  103.934203]  should_fail+0x8c0/0xa40
[  103.937914]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  103.943017]  ? kasan_kmalloc+0xad/0xe0
[  103.946898]  ? __kmalloc+0x162/0x760
[  103.950611]  ? ext4_htree_store_dirent+0x8b/0x580
[  103.955446]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  103.960290]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  103.964957]  ? exportfs_get_name+0x1a0/0x240
[  103.969366]  ? reconnect_path+0x1f1/0x670
[  103.973505]  ? exportfs_decode_fh+0x28a/0x5b0
[  103.977991]  ? do_handle_open+0x374/0x8a0
[  103.982133]  ? SyS_open_by_handle_at+0x27/0x30
[  103.986707]  ? do_syscall_64+0x281/0x940
2018/03/31 16:37:13 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
gettid()
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:13 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='hybla\x00', 0xc6)
socketpair(0xa, 0x0, 0x6, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=<r3=>0x0, @ANYBLOB="94bff7ffff003f000800"], &(0x7f0000000080)=0xe)
ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000180)={0x1, 0x0, [{0x8000000f, 0xfff, 0x7fff, 0x1, 0x4}]})
keyctl$join(0x1, &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0})
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000000c0)={0x2, 0x6, 0x4, 0x3f, 0x8001, 0x9, 0x8000, 0x3, r3}, &(0x7f0000000140)=0x20)
bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000000100)="11", 0x1, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10)
shutdown(r0, 0x1)

2018/03/31 16:37:13 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, 0x0, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  103.990767]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  103.996128]  ? find_held_lock+0x35/0x1d0
[  104.000188]  ? __lock_is_held+0xb6/0x140
[  104.004264]  ? check_same_owner+0x320/0x320
[  104.008604]  ? rcu_note_context_switch+0x710/0x710
[  104.013541]  should_failslab+0xec/0x120
[  104.017511]  __kmalloc+0x63/0x760
[  104.020964]  ? str2hashbuf_unsigned+0x250/0x250
[  104.025632]  ? ext4_htree_store_dirent+0x8b/0x580
[  104.030472]  ext4_htree_store_dirent+0x8b/0x580
[  104.035143]  htree_dirblock_to_tree+0x4e8/0xa00
2018/03/31 16:37:13 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, 0x0, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:13 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000080)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000000180)=0xe8)
quotactl(0x4, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000001c0)="2d0bf0ec5258238d2c72ea70aab4a763efe49cea41e6319f12f8eac3cc87ce43706d7c236c8be6af91")
umount2(&(0x7f00007f7000)='./file0\x00', 0x0)
sendmsg$nl_generic(r0, &(0x7f0000018000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f00000016c0)={0x18, 0x1d, 0xffffffffffffffff, 0x0, 0x0, {0x1}, [@nested={0x4, 0x1}]}, 0x18}, 0x1}, 0x0)

[  104.039813]  ? dx_probe+0x1070/0x1070
[  104.043613]  ? save_stack+0xa3/0xd0
[  104.047237]  ? kmem_cache_alloc_trace+0x136/0x740
[  104.052075]  ? ext4_readdir+0x2285/0x3600
[  104.056216]  ? iterate_dir+0x1ca/0x530
[  104.060098]  ? get_name+0x52a/0x730
[  104.063725]  ? exportfs_get_name+0x1a0/0x240
[  104.068135]  ? reconnect_path+0x1f1/0x670
[  104.072286]  ? exportfs_decode_fh+0x28a/0x5b0
[  104.076779]  ? do_handle_open+0x374/0x8a0
[  104.080918]  ? SyS_open_by_handle_at+0x27/0x30
[  104.085492]  ? do_syscall_64+0x281/0x940
[  104.089547]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  104.094904]  ? __lock_acquire+0x664/0x3e00
[  104.099137]  ext4_htree_fill_tree+0x2bb/0xcb0
[  104.103628]  ? print_irqtrace_events+0x270/0x270
[  104.108376]  ? do_split+0x1d30/0x1d30
[  104.112186]  ? __lock_is_held+0xb6/0x140
[  104.114021] netlink: 'syz-executor7': attribute type 1 has an invalid length.
[  104.116247]  ? ext4_readdir+0x2285/0x3600
[  104.116259]  ? rcu_read_lock_sched_held+0x108/0x120
[  104.116275]  ? kmem_cache_alloc_trace+0x459/0x740
[  104.116285]  ? do_syscall_64+0x281/0x940
[  104.116296]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  104.116307]  ? percpu_ref_put_many+0x11a/0x220
[  104.116315]  ? free_rb_tree_fname+0x9c/0xe0
[  104.116324]  ext4_readdir+0x206a/0x3600
[  104.116331]  ? debug_mutex_init+0x1c/0x60
[  104.116343]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  104.116359]  ? __ext4_check_dir_entry+0x320/0x320
[  104.143986] netlink: 'syz-executor7': attribute type 1 has an invalid length.
[  104.147104]  ? lockref_get+0x42/0x50
[  104.147119]  ? lock_acquire+0x1d5/0x580
2018/03/31 16:37:13 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x100000000, 0x4000)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="e0b1efe302000000000000000027003103000000"], 0x14}, 0x1}, 0x0)
lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000680)='IPVS\x00')
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f00000007c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000780)={&(0x7f00000006c0)={0x94, r3, 0x708, 0x70bd25, 0x25dfdbfc, {0x4}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xee3f}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x101}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x7e6}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1ff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1000}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}]}, 0x94}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
stat(&(0x7f0000000640)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
socket$inet_icmp(0x2, 0x2, 0x1)
clock_gettime(0x6, &(0x7f0000000140))
fchownat(r1, &(0x7f0000000240)='./file0\x00', r2, r4, 0x100)
name_to_handle_at(r1, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="f7000000ffffffffc62f9fc65a8517817995122d6521adbcad71dc4708dd0a8d94166946fa9fda729e4092dcf68393477fb458655a79f4082ae290431fd63d32ab1775dd010c8f6df0d501e4ac3c522887316ff3d83e2f2df98b45b94d599cbf207af825a01c412d12c90c8d25a917742d9db7242df4863edf12691553d7f4ba824d135cb09470b4d13293f5ee9b2243515345aa4a0278dba9e5f98ef418546d08aff89698417fcbe3d06714beb26399ddd7008118c22fb2a935486243631ac88741f4e2d3b8c6c5bf120b1586687c6bd99dfe25b3f150e0634ef7e118baff1219e15f66f8af69ecf8c87a186fa9246d28"], &(0x7f0000000200), 0x1400)

2018/03/31 16:37:13 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, 0x0, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:13 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

[  104.147127]  ? lock_acquire+0x1d5/0x580
[  104.147137]  ? iterate_dir+0xc3/0x530
[  104.147150]  ? lock_release+0xa40/0xa40
[  104.147160]  ? check_same_owner+0x320/0x320
[  104.147170]  ? _copy_to_user+0xc0/0xc0
[  104.147182]  ? rcu_note_context_switch+0x710/0x710
[  104.147194]  ? __might_sleep+0x95/0x190
[  104.147207]  ? down_read_killable+0x95/0x180
[  104.147218]  ? iterate_dir+0xc3/0x530
[  104.225737]  ? down_write+0x120/0x120
[  104.229539]  iterate_dir+0x1ca/0x530
[  104.233860]  get_name+0x52a/0x730
[  104.237313]  ? bl_cleanup_pipefs+0x30/0x30
[  104.241547]  ? exportfs_encode_fh+0x100/0x100
[  104.246059]  exportfs_get_name+0x1a0/0x240
[  104.250288]  ? exportfs_get_name+0x1a0/0x240
[  104.254688]  ? get_name+0x730/0x730
[  104.258311]  ? up_read+0x40/0x40
[  104.261676]  reconnect_path+0x1f1/0x670
[  104.265656]  exportfs_decode_fh+0x28a/0x5b0
[  104.265667]  ? drop_caches_sysctl_handler+0x160/0x160
[  104.265678]  ? find_acceptable_alias+0x1e0/0x1e0
[  104.265691]  ? __fget_light+0x2b2/0x3c0
[  104.265701]  ? fget_raw+0x20/0x20
[  104.265711]  ? __check_object_size+0x8b/0x530
[  104.265727]  ? __might_sleep+0x95/0x190
[  104.265744]  do_handle_open+0x374/0x8a0
[  104.265755]  ? vfs_dentry_acceptable+0x10/0x10
[  104.265766]  ? SyS_write+0x184/0x220
[  104.265778]  ? SyS_read+0x220/0x220
[  104.265791]  SyS_open_by_handle_at+0x27/0x30
[  104.265799]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  104.265810]  do_syscall_64+0x281/0x940
[  104.265820]  ? vmalloc_sync_all+0x30/0x30
[  104.265830]  ? _raw_spin_unlock_irq+0x27/0x70
[  104.265839]  ? finish_task_switch+0x1c1/0x7e0
[  104.265849]  ? syscall_return_slowpath+0x550/0x550
[  104.265859]  ? syscall_return_slowpath+0x2ac/0x550
[  104.265869]  ? prepare_exit_to_usermode+0x350/0x350
[  104.265880]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  104.265893]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  104.265907]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  104.265914] RIP: 0033:0x454e79
[  104.265919] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  104.265929] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  104.265934] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  104.265939] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  104.265945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  104.265950] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000014
2018/03/31 16:37:14 executing program 6 (fault-call:2 fault-nth:21):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:14 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0xff)
getsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000040), &(0x7f00000000c0)=0x4)

2018/03/31 16:37:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[])
rmdir(&(0x7f00000000c0)='./file0/file0\x00')
r0 = dup(0xffffffffffffffff)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f0000ff1000/0xd000)=nil, 0xd000}, 0x1})
r1 = open(&(0x7f0000000080)='./file0/file0\x00', 0x3fffa, 0x0)
tee(r1, 0xffffffffffffffff, 0x0, 0x0)
sendfile(r1, r1, &(0x7f0000000240), 0x10001)
open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
write(r1, &(0x7f00000003c0)="2df1429e179384745ff5d179340d581491a8e6689cb77b9bdb917c11cdbf9dd2f84e0a882fb5aa874f6bae4a671179254a92b5215642c71e19bb4852b0d0f23cdab53ae1bbccd8bb5a2b8d0499520c0e2f5a", 0x52)
readlinkat(r1, &(0x7f0000000140)='./file0\x00', &(0x7f0000001440)=""/4096, 0x1000)
write(r1, &(0x7f0000001200)="f858f0c637db5ccc708bd6cef167f826ab4a8a58266ae5093312240abe99b574541887d5e688c24bf3d745ace3a07e863db43e88d5d89df7727f717850b22b4e4ab511c59974b81f3f00e2506f772ea0b965d3540d01c1d7c141f88144c41ea48d6d7bc717399759cc4fcd8461ea8a9a4a7ea5cdcd2a53ec9aa6760ecd4ad5a7ee8e3ec3a1427a25a56b2b04a5669722425331f201c74651f7380ce30c746f1a7005dc0074ed1bc83e9499ab87e6199cf24ede2090990d5e891f9f28616f8f384eedc17ae375e71cbe3ee17263d4fbabd94e3f08b1717ca287cd499d6a8008977b2bccc81cdb4041086497263ea1e0720aecc08be5b45cc99c8b87d5b9457591d03518f5363e7c324c2efe446a943d8e7133330ebdd42cb985c3d6548b525fc3aa7af60b4b6465544213394d4614e3675173613f3286f0a2f217ba824b65e5f954a0de2f6ebd314c6b89a0ba9fd18072b36c30306df3cb820aafd2adc1c9fb5ff8ceffa5e016596093c493e31dc7b9b93ea7091aa1a348de58ec196ce48ce4503e7746f6c43fa685467b40c40c0fa9675ae51640c9e89feea77192accf399e828e1e56ef1fc967f72d6908f56d625700a4ca13d7f9f83858ed4096702deea9c24953863cbb366bc615b7e899f29ed8036add473b3ac84240c3ecf0f9e498115fee6c2c6ce2f481379008c468703ca88aefdb28519e5a2061a59dd44b5af6c10506fa5dca", 0x204)
r2 = open(&(0x7f0000000280)='./file0/file0\x00', 0x4001, 0x80000000002)
ftruncate(r2, 0x256)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)

2018/03/31 16:37:14 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f0000000200)={<r2=>0x0, 0x3, 0x311, 0x4}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000280)={r2, 0x40}, &(0x7f00000002c0)=0x8)
read(r0, &(0x7f0000000080)=""/3, 0x3)
socket$netlink(0x10, 0x3, 0xfffffffffffffefe)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000002700310304001000000000000800000019e05e7d6a7207c850d16c4f3a7a946a765e25500881423b60cb843bfc75b6aca9e882ed50c376702328fb4e14c52e436a15468c17e9aa98773d34586cc6c8a0f8f175254dd82699b2efbb02e32aa76b2b64d1473c00080b1c3bd5d3af1e7b1e7590235f0fc50083631ef4b1d740c964d02959a488f71990417643321d9abb54ce5b35f0684abe84182d95e6ccd4bce79c7374ab9dd830404445a85a1448c6e1fdb44f71321c14b936144c50ad61a980a6b569878ec2b72d90cf501a06391c1dbd4e10deaee35f128aa3f53ae417de828fb991dca98a000000"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:14 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000040)=0xeb6)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:14 executing program 7:
r0 = socket(0x1e, 0x1, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x9, 0xffffffff, 0x40, 0x7f, 0x400, 0xfffffffffffffffc, 0x4}, 0x1c)
r1 = syz_open_dev$sg(&(0x7f00000001c0)='/dev/sg#\x00', 0x7, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000200)={0x0, <r2=>0x0, 0x3, 0x7})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000240)={0x1, r2, 0x0, 0xfffffffffffffffe})
sendmsg(r0, &(0x7f0000834fc9)={&(0x7f00000000c0)=@generic={0x10000000001e, "030000091f00000300000001e526cc573c5bf86c483724c71e14dd6a739effea1b480000481ffe0000e103000900f8000004003f390001d8f986ff01000300000004af50d50700000000000000e3d2316a1983000000001d00e0dfe424281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1c26d7436"}, 0x80, &(0x7f0000447ff0), 0x0, &(0x7f0000000140), 0xfffffffffffffde8, 0x8000}, 0x803)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x1, <r3=>r0, 0x1})
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r3, 0x40505331, &(0x7f0000000040)={{0x7, 0x2}, {0x8, 0xc20}, 0x3, 0x348f587162e7926, 0x7})
ioctl$EVIOCGUNIQ(r3, 0x80404508, &(0x7f0000000180)=""/27)

2018/03/31 16:37:14 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x10)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:14 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:14 executing program 4:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000))
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rfkill\x00', 0x109000, 0x0)
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000340)={r1, r2})
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000))
mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1003, 0x0)
mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100))
mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000))
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x1e1, 0x0, 0x8000000001, 0x5}, 0xfffffffffffffe20)
bpf$MAP_CREATE(0x2, &(0x7f0000000040)={0x0, 0x0, 0x7ffff9, 0x0, 0x20000003, 0x0}, 0x2c)
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000))
mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1003, 0x0)
mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000))
mount(&(0x7f0000000000)='.', &(0x7f0000000040)='.', &(0x7f0000000080)='cgroup\x00', 0x5010, &(0x7f00000000c0))
mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000))
perf_event_open(&(0x7f0000940000)={0x0, 0x78, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000014f88)={0x5, 0xfffffffffffffdc4, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', 0x0, 0x18}, 0x10)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000100))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x2e, &(0x7f0000000440), &(0x7f0000000140)=""/46}, 0x28)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000500)="ae30f1bca1b4d3f69f1aac81517d42ad5980bc63b5008616a1f4724b9f8c1e4ecd8de336f57dd727cdaab04f0b40f28612615ad08de414711d841a88db33fd33884b627074213a0c5de3be2bbaec9207d9865c47f240467849979b5ab5632376608fc4be41a274abb2dc07cabe344a18db51048e5b0cbda843905a4258cdee3e649eddf104ba", &(0x7f0000000480), 0x2}, 0x20)
socketpair(0x0, 0x0, 0xffff, &(0x7f0000000380)={<r3=>0xffffffffffffffff})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={r3, 0x50, &(0x7f00000003c0)}, 0x10)
mkdir(&(0x7f0000000100)='.', 0x2)
mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000300))

2018/03/31 16:37:14 executing program 7:
syz_emit_ethernet(0x4e, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "ac6be5", 0x18, 0x67, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, @local={0xfe, 0x80, [], 0xaa}, {[], @icmpv6=@mld={0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}}}}, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={<r0=>0xffffffffffffff9c})
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f0000000080)={0x3, 0x3, 0x80000000, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'bcsf0\x00'})

[  105.310340] FAULT_INJECTION: forcing a failure.
[  105.310340] name failslab, interval 1, probability 0, space 0, times 0
[  105.321706] CPU: 0 PID: 8224 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  105.328799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  105.338147] Call Trace:
[  105.340740]  dump_stack+0x194/0x24d
[  105.344368]  ? arch_local_irq_restore+0x53/0x53
[  105.349033]  ? __save_stack_trace+0x7e/0xd0
[  105.353357]  should_fail+0x8c0/0xa40
[  105.357073]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  105.362186]  ? kasan_kmalloc+0xad/0xe0
[  105.366072]  ? __kmalloc+0x162/0x760
[  105.369787]  ? ext4_htree_store_dirent+0x8b/0x580
[  105.374631]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  105.379465]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  105.384128]  ? exportfs_get_name+0x1a0/0x240
[  105.388539]  ? reconnect_path+0x1f1/0x670
[  105.392680]  ? exportfs_decode_fh+0x28a/0x5b0
[  105.397177]  ? do_handle_open+0x374/0x8a0
[  105.401318]  ? SyS_open_by_handle_at+0x27/0x30
[  105.405895]  ? do_syscall_64+0x281/0x940
2018/03/31 16:37:14 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
flistxattr(r0, &(0x7f0000fee000), 0x0)
r1 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x8, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000100)={0x1, 0x1, [@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}]})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={<r2=>r0})
sendmmsg$alg(r2, &(0x7f00000019c0)=[{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000140)="f94d6ec6a3392d98918e3259f38c1b9b741aa6ac4266ebbf3e09c35b49637f63b0c13a9667cf188c13489d152dbd6e1900ab4bfd375eb43df579aeb3c8231a5da8d3a3899cd2348e495d2f25f285431356de5617f393238def0f8e525e771ca5316cb0df41ba3deb896c83fdeffc74a77177088e240679fcd5e32e929e31c83f7eb4571e43ae0025ab48e5697aa870c10c09085e74576128594ed565078229f60a09f582f9d1aceeb13bc9821a14b4b5d8efa7925e2e6a97cdde98cc161a9809dbecf77c008298b5e0046331359aca404fdfc47ed0d84f4eb89625e6db2a2f8f769fcfe5c778ec", 0xe7}, {&(0x7f0000000240)="3dbc6b1572ef4ad9b6f01ff083", 0xd}, {&(0x7f0000000280)="cfe7c0b7117b748ef025a8c242d8795722a3a0c391", 0x15}, {&(0x7f00000002c0)="7edcf67f14b1b6a90719a06429d8408510383fa66bf9080893598f89b5c0df9037ea66386a8cc00ee11a23949b59a2521fd16317fcc7835e845c915ca52c0228ac2d3c1e37a380531139ae854af8106dd5a82dd46e69269c6225cea564069145d68bb71811ad4b84fa589077336a9f95393ef2720c6a98a09a108ff025b73269250d6b4dd0915e2bd60b80909489b5cf3e791404c44b0a2f435f0da3dfb36e48c8f232181eddf2bfd84913bd835b76897a933de6a21b6eb1f6a2d15057aae5ed98b99740", 0xc4}, {&(0x7f00000003c0)="3aecfa6aab6d13b732da4c7a6be3ae63d5c5133d6e0ca76350e3fc86aa6666d84f99e13d04600fc8d5d4966a9da34718226191f7fa18c0c20be7550a5217d5c14dd583ba9b8adf97a6c0de6c2cbaff2fda8e3637bc4b63d0e62fc9388db9c15968732e609007fff6b47a2cc58f57f31f7729e988fa8b07d5d563c59f9ef46ec7146f675ccb63c28917ea21fa9b02c271d118e49f6b0878d714ace1f04eda16d554e5db6ce92aefc786f5f698c64e80e1c5d89843f5a5a4f1d9b995e589efa96a1fd59513be43b949d18f11f9b1f5e9a2c5ec75343ba68219cdc8261cd02cf757", 0xe0}], 0x5, 0x0, 0x0, 0x4}, {0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000540)='V', 0x1}, {&(0x7f0000000580)="7a35a31159d81ade4844cd10ad7fd01efaf19b", 0x13}], 0x2, 0x0, 0x0, 0x800}, {0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000600)="d163ef8973256b4c11b6836ee16098435015e8bc27f3e65582ca5806c4fd1f6113d4132a8d47ed067c2c5f38853d4a1c07867b247c8aac86112f017583ba2e6f8fc72fdb5a15c24101ce17585a03b6881ecdbf7961e70fbd31ab8bd87e2946cc5ca3268eff75a5680773803a46e5816c1dfc1d72e5ff53e2b6af48761a8cf8d048b19d82496454eb48603646416b920afc8ef4c84e95c61879b0b4781bd832840495e1b95c24e42196bad31fdee83e6bf59eeace57bedf5cd031db41efa7f3bcd790fe4644f98af9fc86b72cc9a332276f6470bb717ebd4e18", 0xd9}, {&(0x7f0000000700)="69f5d72624b9869e9386a37054f13f951df4d1bdeef85266939ca59f314eb5bfa55d1536d8bc007b4c150a5cec63a737a4482e7a17caf61b21f29833d79ae147e19ab86b19d3e49f9d8b666dfb5a46156336085d2c04f2878173563a1f1f9b0952f75d875eda8ae2f1adf71eea6cb34a6f27795d00bfe77114c9f3ce5a81c2af5245546d62f63284f153ae617ba1e00f609d9166b4d9040777", 0x99}, {&(0x7f00000007c0)="fc4fcf6e4cd0d4272385cc2dc4f2467c6af085fdc76bd8ac84f3e90974a9699e6ea6031e22841cc5262d94db269b882c02f3d379df8f06520feecf6865c8e9255c72da58133c920c49cf72f4949f4983836fb4c451526ad92fed48df66d4aa099828ed6a4dcb9c3000fd8a31ee87a593785950da596b82da77912c325db23f6893bf2e0814ea03cf3da618e71aed88923e6680cf96847ef5582c7d60f25405abefe6dc0c115779de41395a8440edb10492e4cd83840dce0feca7c055fe6c66b2833d27529e84fa555a4a8c06495795ed8bde31787324303fa1546f870ab310a7e8b9b7785cdfdaaf532e63ae70e53a353fe010053191b2dd97bd77deeeace53a04e345f9e7d45ebcf37a89ec2e95be5f02787c2fa6d10e1f432a0c4751417df2027b2087734a25061b13ba19e5cfbe2ce070751b767c87d24e44fa5355888298e9339e5e515eb84d1e6c92f6f7643e8f8e63e55b935921137866cb8f67799e9c66391efc3b6cdf63aa789fe561af39fff5e18824b18f372e3afc8c7efa3c1d6bacf20904537543b45f7b260eebb9d623892a790227f2d2413a334403b671ab68ef0e985c10862b71b130bd7ca7364d90a4ec6c9339dafbab05b09ecb3fb16c6f52aacd66ed7ae4f433a52d5ee8840fd606747cbd6f9255b843529df39ae6fc351fda93f01ed03967185d55ead420bd6c944c61ef1da50e54c61e257fd0637e6d0dd9c258e6cc491ef76ba2167b791352365e2a5a5c1ddcbbe9f86c106ea1ebf87f221385819d2f957d1eb5ef39fe389bdd6f2f6bf79bc48206dbfa2c2dafc28d876132256dbcd1f53444767f45a937e4138a14aebfeff01f02f8719a6d69613adf5ed1322c6880449945939082adf6088dec37e568131863579482148fcb4da7a5f8ffaaa8cd545d5ccfd8b31a82681f5f7f6be9945ac753a32fe48bd6d5df329564838d3eb9ff1b11ad28d9a2fff52fd7a3d2e9af7b5f5b5ff90f23515240e6b99257ba5ed60bfba990e28c52e445e4c8a38527d170555b8660d78b1128eda396357d91a77361935e5c3ab7e022793b9b9fa92a759cc6929396be473fd9cbad53715873469683508e21a2656d82681051da5d4665b5db35c5b7c0a083e12c968f5db0c8de5773360675feb667038f77d7b19b87a9b2ddd0e9eca6c0a249a6215594e88c4bd14a17b16a896b1168e4026d986664b6209a69b3ac22642c2ae43bc85884fb821dace3998be49f2f2cc964b35b8d78033a87c46ea68de5d200a0f884ae73aa308d1a347711ad68e44ef82e171a13762730a0a2a257222d3b9c1b5253fdddbc484ca7e5c03625dcf014646d967bc016e65fcd7882dc3d8f53409c5c69f5a00d568edf0ad3ffdf71d28a5135c841b60849950545f7350fdcc86f50f1d6d2a8d89c1524b4d7ac6fc344e84b77cd1037a48379b49cc6a35ff1298c8a684934fbb9b1a10e78c25012667e8d6a6f99bf04924e414289012cece117d9f1babb1e414bc14aa90fdbf316a92593b8320b0c1a205b340fb789a368989c6438ae516aa1b958e219f62e3ed77ae05fb63b6db683053159261035d7ea5acf8fd5f1dc30f04d30003f91d455c39ede3f7c1a9af2b3e0195ed995db069c53411b254986c7e10e1532cf05e32495c6e40b9b7d67b4196a45f410200f723ddb17a6dc80904a3f8132f826d5e719d768d773802edc67ab9cab386caade31d09346524f44cc68adec7e67a466bd166dbf3c49492948a0db08216ff2369e56146f3d2031f72ec7ec5fd69ef36114d0e8295f308eaf7142bb3c336369c8e3bc384598241be1db519d755e8395c549ee7d01f01fbb620c1c1eaa3511fc6e72d27363b9bf742301f1796368593ceb1ae3b83ec65dbdb95d404513bb16a52f70b37e27d112364f67889dc294bcc76e13c45a48bb159fd44efb9517561f75ac8ced861754ab0d09acc629c99bb5aab431d73c57dc379f27cc397656020c36054895f547800bd60c784bbb92378c95df0adabd0457d193fcfa214f8ac1f303b9f289e437108a2cf1114f40643b900bc28b99dd4e43fba94a18f6aef6a1cc61d9820a7e0493bbae488761622eba581b0635c2d1ffbf0fb6039f59e0b127062c130c4afb3fbfdc42cdd7bc4b0b963ba36a474bbef8bd364e4912413d1490774195b937fe24c57a83e1ad4ffe0489db4829fe0998295afd92b15d9c6784d52cfb18a2867dd0428c7b2457ac2a7439141bd06d514345ed0bf43c65b8f9c3f96e9f342029c081ae164f948c0519e129e0cb7cdcdf76c3101d89045f9f2c213c48598e1173b584d4467de90849b446b8659737fc9e5404a4be1aa6c9b159770bdd3eabe01eb85430cdf25a450d8538a0ac1b11f85f3f1ada393de118936b16c647441f8373735968907fe5679cdba76ddae932f7c904c497c6c69aa8955472be62a0419975f3adde18ed857a0844dff6e15d362e45a85c440fd6483b3a417b8c93edf70cd216131be4593dca8068f6e4f60b0f37a210df4a5b5aa982f1279100a75cb3dc8526d59e9ab6de9452c26f0cb64c29ae90a0d59746a95f4959ecaa3cf585275ace9cde7baa415e1a0a88e6ec7a93b92e0f46ba1a8bb6c4c532b54be32c4ab92682c181661f0322035217d062eccfb304095220b13cc6c0d648424c4492a8af3814240ee72bfe6555fd158ba4d20ea27c8f74a6a390a88a0526f4e957b4d3090a6f020dc319e21c974314c2d148c8598f995d7fb1ed87509b8b20414e45dc8bc47787102d1088a569b555ffd28eb558e3debc2e6f0864cde0fcb331c6e28675207ee05870a4d07261d25ff0286816d218d6cccfe57d3fb9bff15e47eb2ce6a6cb248c29671a1c4e93f6cc79082173f8d1c9d66de4aee0535e190b29eae8affd991cd9206a774d6bf9c35563210c69e74cbad469d147e4ced54348643b6e90ce332c953391468f30c0ab87a60258fbbbe92cce5bee31ade0b7fabcafed188d9f03294f06975c598e81103e4c8687969204e57a7fb7b46915644166a747a38189eb032e189b341e730fd54ccb278dbba7b8d13d7f0b79dd5b01bd81eab7a0eab129fa5fb6331fb4ff37309b2efe7385415b4eb5f019b85547d491070d30707ce982501a0b9501821355b46d49211ac2b86a3a3a972eb715e74496d791482c1cc7cb98629174edf26d1795436c975e1a8214748385178b4b9923bb496ace6713f7f1d12afd9dd7d885c74429fef3073ede050a3f6762a5fc34e1ff0c93c04c40f66b44233efd639348f03ac17803d31ba7c79de171e73012f5014e3513c5c24d025d3f67b281becd5fd71a223f4599a4be14dc89d943678eca6b0227133af04f088d003fe940476e78611ff1a1a6f828c54214099962f106db7fa8a23ef3e23a72172bba19196d93fd6727b1735e94cc301a8bd9c65f449468cdfb8088c0adb4167555afb82a4dd7f7668aa46d654a5918c16fb47a42e9e37932ec7b7f5a482cacc31ccf1b101cdb5999ec6269f9002481f2d570cc485cc1595c9701b2dccac9fbcc8f4922c22d1c6ae459217b6357ce98563f3f05211d77f8940b7e9b216a6724f21782469ff9a7e3dd387d1bb296c0a2904e50dcea25277411e7857844cf9303568c1b6d77ea4b65ea36ffdf2175a524d42773924762317444a36c885b89493b25a7f65116b8a273c7603e5d7cdb9565d82a0e4c30c1788c5036610e6c2c406fe3a105f1f35fb522c1377b2f35ade821d2636d2398219bcd916c48db8956f6c1e21c357311af5dff9ed40bc44a5cca862ceb948b61fe3c6940b08cede1ee62005dafbe6a0cef75551354a283e0bc689e4344b19eead72d8ff2233a9186f3ea5c4210764cd69b77648a70380206f0db31913d9b87d07932409b0093a90d7b890f8421ed0b0167d0d12fa8632940977182cc0a0f559ca0881e286644d91c4d09f893b5f67224d51dae282f397d0ea6acc272a7079cfff4417c75e445ae8b2f8042f2ab59e6dd6d397d297e31a7920687fe3d902349248dd28ffcc2c8480b3d3d70bc36b8e87f39cf4809871003e6760c5eb0a82d0ddc6151c62e11ca0dc48fd386370327ac2409463fd17a345415aa0b467a23086897ef949722cdcb3c7c76a45365f5a16b872c698b0853e54cafa4fdbd5ec38d1da323a45e4ed4e8d186985e28c5949d164a2e5d138362efd18686ad77dce68802d19bb9e0583a68dd7330c5f59f822df1e6594f8eaee3c4e189aeb82c714baad83edc77f70d2caf2be54162f35c4b56b5f5637699674c73f23ed9aca39b5de74d5096cf9dcdaf3123d6f5aee6d77cc339a27497efa9ccd3a9237566ca674830395c084f4f9aa4ae94c53b526fde42c317b9db4edb68d74d3faeafb073176377a1429fc795152b310d715c02548e87b3e67641f7b7e81e3d2ba0dad693b0fc3cda05f73263548823316d4e9aff7532efcc0784442ffeac2c7da3853263d487e012d14b7d572756f27923a9ad61d295908053e2557fcd21acecb2219a797bd988e9cdb9a0ae2f74dc40d6f8e023655415a3d546976cbf8c3264ad1cfe3753d4e1cdd7c2baae49e4715cfec7f69118e2d87b6187bd7a18d36a9d8b5b5197580ca6c6138127e1fbf7bf4d377f6f9a48a6bfbb889bdc16cb19f0fa88b0c78fdef1d7b7b331ccb64af33a55e0a1d909525ac8f33cc5ece2f26f3211e03e94f12a881bad11d0038a12e35d599c0ed2a9dade9406d5d46ddac0d3a6b584a16de3ad7ac99391eb1ce9dbfc815abb38bf3594056f79091370f63d785472a5e2dece5f9ddd4f86ff5f1f1d2df75979a9d26a49a76e61b022a55a938e0531d819100da67dcfefc14900ba13445ab8ac24c7250f2e6ebd800ac8a6d659fd8580aba7ebf2f6deb40d26715241966ab82aef9157b034c108239d02aa363f77c3b6e25790cc9262f105270cc67d8999f7f480a2353a7a8105d61e028b287e388707090d70b4214a6f6bf61edf48e310e6142fafb78dfa782df37d0d2f35e0436ef2353dce5ed6c362df2cfa2aeab4ea7792e6d88d247c0722e611454f193ac5c1db8e18b6f0db5c9a8ff6a6441d5b4ca642a5343374587a0107615fb26ed6c4e708553a43f584b6d3e34ccb7a0670ff8bf6e794c92f032fbef7078484364feebf3467db5b937c52bf0fd8b13da56e9c2b6754c8b64b22d780c31eef08ecf1d71bcfe0733ab279e0ca69ff7240fe4222cb6c2a89ef506a9588cb10246991618308675c97df8887d0b15d479fddd208666fe182003573a5dd55f605dd5a707fc20a9200824253ec0ec7ff550157325971e51151e2cdc3bb5f6a764a560b72aa063d7c27e477bd1a8d5250547629e21af85c30b56ae00544a29d52c175ec01f5d0c208aea82a9016e346e7942b3da311201967d358a223737a99a97699b9b71c199793901e2b62054adfe4a0bf8f348a96c488d11f3198c956be214c70be1888f9d801933d8c401a1f8e832e435aaa2d24fc6777f083eab4403e6fbf629693f76a873bbe7773bb07bbe3f0c4bdce7770a5cf600e712eb55b6f8f85fbbba3add8807c6afc46f33e66d0e950c6a901ec494b742aa1894e18477fb59ed6d93313a5f7a76cd90e366a19fd2673e7fa006512bb3e4127922ce4f800d9c4cd3ddd55267a0c51c0515fd350f464545525fb8868d93bb3646acce9c14dbeeaa4b094e5378a49ff225f894b93ab20b37704694fcd62b262434cf3a52bd80d5d19fb4d82e0a07807d7a15dd6e3f9afc4c413b7826badfab29a05585e521e07e3e93e617c1ad4d7fcbe63243585647fc0b63d174351140d1735c558a6e30a21fee72ce8", 0x1000}], 0x3, 0x0, 0x0, 0x4040000}, {0x0, 0x0, &(0x7f0000001980)=[{&(0x7f0000001800)="c2b4402cb9a2286f0d07b14aca86b848120b915d783bed9b1731a4454e59ae171f6b69ea4d4b7d6efc6e144b9bf0c329a2f43514d7093d3181", 0x39}, {&(0x7f0000001840)="c4620912f5ff852b3fd9fefa7ec2229e2fba4cb968d84ab07917d8b13053c965e47fd2cf1a63026950e0a31230ee8e00a33d3a9ad8f42ef86b305054d1f0a61d8225a837b710b1750be24bf152e26119779c82abd0b883435e11ec5f84a81c269e1d45ca8cb7be5ce4aed60802f7738812aff3e01b7630d8", 0x78}, {&(0x7f00000018c0)="cad3d6ca0ff923d57a75dd3554fcf6cd55e94f82fb070d1402b439f0b5a11f833645753ffa34dc58456d191d5ce44070baee00e628de8c27e094efdbc916c1b0c14a8f9034fbad837333365a7674100f0206c8415338754718f5818b832a2d2eae72eb77bbb0dbdbe16afe2fa636ce008a5b0703ea8a4668c1d447c0960523a16a6515018d8c3faea03ba20e43b4c548629f01ba53", 0x95}], 0x3, 0x0, 0x0, 0x4000080}], 0x4, 0x4000000)
connect$netrom(r2, &(0x7f0000000040)=@full={{0x3, {"ffb0bb53c9643a"}}, [{"3f82391b04eae4"}, {"efb576817d75b8"}, {"c797f28820f4c1"}, {"5cbf61a720c4ec"}, {"de95e12a31000b"}, {"7b62f22dff0bfd"}, {"e73ed415b919ed"}, {"1a29d78c2fa3ab"}]}, 0x48)

2018/03/31 16:37:14 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:14 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000480)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0)
openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x20000, 0x111)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003d40)={&(0x7f0000000400)=@pppoe={0x18, 0x0, {0x4, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 'tunl0\x00'}}, 0x80, &(0x7f0000002740)=[{&(0x7f00000004c0)="7ba0af0ddf1e300a40bc9c03720f94d885b386b607589d37cf3444f3c74c0ece5a38a9b52c83330bb8d9f0f7d62eb11351e7299717a5a01849b4cc3ad162c460f6", 0x41}], 0x1, &(0x7f00000027c0), 0x0, 0x40000}, 0x800)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/autofs\x00', 0x8500, 0x0)
ioctl$TIOCLINUX7(r0, 0x541c, &(0x7f0000000300)={0x7, 0x3})
mount(&(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='fusectl\x00', 0x0, &(0x7f0000000040))
umount2(&(0x7f00000005c0)='./file0/file0\x00', 0x2)
umount2(&(0x7f00000003c0)='./file0\x00', 0x0)
r1 = open(&(0x7f000084aff8)='./file0\x00', 0x400000000060842, 0x0)
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000180)=0x1)
dup3(r1, r1, 0x80000)
fsetxattr(r1, &(0x7f00000000c0)=@known='user.syz\x00', &(0x7f00009cc000)='\x00', 0x1, 0x0)
fremovexattr(r1, &(0x7f0000000080)=@known='user.syz\x00')
syz_mount_image$hfs(&(0x7f0000000100)='hfs\x00', &(0x7f0000000140)='./file0\x00', 0xfffffffffffffff8, 0x1, &(0x7f0000000200)=[{&(0x7f00000001c0)="d2bcbac7734520e6ab696bef64f4fef893f473c45a60cff305c210754dfe2836bc48a09295edb135c2b1e0b99e292cd6f5", 0x31, 0x8}], 0x0, &(0x7f0000000380)=ANY=[])

[  105.409955]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  105.415317]  ? find_held_lock+0x35/0x1d0
[  105.419375]  ? __lock_is_held+0xb6/0x140
[  105.423441]  ? check_same_owner+0x320/0x320
[  105.427764]  ? rcu_note_context_switch+0x710/0x710
[  105.432697]  should_failslab+0xec/0x120
[  105.436666]  __kmalloc+0x63/0x760
[  105.440116]  ? str2hashbuf_unsigned+0x250/0x250
[  105.444788]  ? ext4_htree_store_dirent+0x8b/0x580
[  105.449629]  ext4_htree_store_dirent+0x8b/0x580
[  105.454297]  htree_dirblock_to_tree+0x4e8/0xa00
2018/03/31 16:37:14 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  105.458971]  ? dx_probe+0x1070/0x1070
[  105.462769]  ? save_stack+0xa3/0xd0
[  105.466394]  ? kmem_cache_alloc_trace+0x136/0x740
[  105.471236]  ? ext4_readdir+0x2285/0x3600
[  105.475376]  ? iterate_dir+0x1ca/0x530
[  105.479256]  ? get_name+0x52a/0x730
[  105.482877]  ? exportfs_get_name+0x1a0/0x240
[  105.487277]  ? reconnect_path+0x1f1/0x670
[  105.491419]  ? exportfs_decode_fh+0x28a/0x5b0
[  105.495906]  ? do_handle_open+0x374/0x8a0
[  105.500047]  ? SyS_open_by_handle_at+0x27/0x30
[  105.504620]  ? do_syscall_64+0x281/0x940
2018/03/31 16:37:14 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  105.508678]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  105.514036]  ? __lock_acquire+0x664/0x3e00
[  105.518270]  ext4_htree_fill_tree+0x2bb/0xcb0
[  105.522757]  ? print_irqtrace_events+0x270/0x270
[  105.527505]  ? do_split+0x1d30/0x1d30
[  105.531306]  ? __lock_is_held+0xb6/0x140
[  105.535367]  ? ext4_readdir+0x2285/0x3600
[  105.539507]  ? rcu_read_lock_sched_held+0x108/0x120
[  105.544518]  ? kmem_cache_alloc_trace+0x459/0x740
[  105.549355]  ? do_syscall_64+0x281/0x940
[  105.553409]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
2018/03/31 16:37:14 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  105.558769]  ? percpu_ref_put_many+0x11a/0x220
[  105.563344]  ? free_rb_tree_fname+0x9c/0xe0
[  105.567667]  ext4_readdir+0x206a/0x3600
[  105.571632]  ? debug_mutex_init+0x1c/0x60
[  105.575772]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  105.580787]  ? __ext4_check_dir_entry+0x320/0x320
[  105.585621]  ? lockref_get+0x42/0x50
[  105.589335]  ? lock_acquire+0x1d5/0x580
[  105.593299]  ? lock_acquire+0x1d5/0x580
[  105.597266]  ? iterate_dir+0xc3/0x530
[  105.601066]  ? lock_release+0xa40/0xa40
[  105.605036]  ? check_same_owner+0x320/0x320
[  105.609350]  ? _copy_to_user+0xc0/0xc0
[  105.613230]  ? rcu_note_context_switch+0x710/0x710
[  105.618162]  ? __might_sleep+0x95/0x190
[  105.622137]  ? down_read_killable+0x95/0x180
[  105.626536]  ? iterate_dir+0xc3/0x530
[  105.630331]  ? down_write+0x120/0x120
[  105.634136]  iterate_dir+0x1ca/0x530
[  105.637843]  get_name+0x52a/0x730
[  105.641290]  ? bl_cleanup_pipefs+0x30/0x30
[  105.645517]  ? exportfs_encode_fh+0x100/0x100
[  105.650028]  exportfs_get_name+0x1a0/0x240
[  105.654251]  ? exportfs_get_name+0x1a0/0x240
[  105.658650]  ? get_name+0x730/0x730
[  105.662264]  ? up_read+0x40/0x40
[  105.665624]  reconnect_path+0x1f1/0x670
[  105.669595]  exportfs_decode_fh+0x28a/0x5b0
[  105.673907]  ? drop_caches_sysctl_handler+0x160/0x160
[  105.679085]  ? find_acceptable_alias+0x1e0/0x1e0
[  105.683840]  ? __fget_light+0x2b2/0x3c0
[  105.687812]  ? fget_raw+0x20/0x20
[  105.691255]  ? __check_object_size+0x8b/0x530
[  105.695745]  ? __might_sleep+0x95/0x190
[  105.699716]  do_handle_open+0x374/0x8a0
[  105.703683]  ? vfs_dentry_acceptable+0x10/0x10
[  105.708258]  ? SyS_write+0x184/0x220
[  105.711964]  ? SyS_read+0x220/0x220
[  105.715588]  SyS_open_by_handle_at+0x27/0x30
[  105.719985]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  105.724734]  do_syscall_64+0x281/0x940
[  105.728614]  ? vmalloc_sync_all+0x30/0x30
[  105.732751]  ? _raw_spin_unlock_irq+0x27/0x70
[  105.737237]  ? finish_task_switch+0x1c1/0x7e0
[  105.741720]  ? syscall_return_slowpath+0x550/0x550
[  105.746642]  ? syscall_return_slowpath+0x2ac/0x550
[  105.751565]  ? prepare_exit_to_usermode+0x350/0x350
[  105.756573]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  105.761928]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  105.766770]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  105.771944] RIP: 0033:0x454e79
[  105.775126] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  105.782826] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  105.790086] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  105.797346] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  105.804602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
2018/03/31 16:37:15 executing program 6 (fault-call:2 fault-nth:22):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:15 executing program 7:
getpgrp(0x0)
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="068e0a2344fdad97cbb9e8ce34130d89236500e4d70e996cac06745e44f67dc9b8ecc7e3a1f52332fe184b378018c73d0b6d19b9bbcc6ebddea70db6035394217e2c454b5a38d3ae49a674b764c5802b8d9790f853cdaf6ed182bf7cc9f0078e5e2ad845a8861117f1a12608cd7b4fa10391da4cf4cff6a0434c67e165f7188d46da9ca7eb0f8028a46500c51a922b03c20c7826a74537ff088767d7ba8bb5a352ce7f117d23fdf1d481ef53af4c40937371c193efa37fd019f4954c2b12a5455096e2af995b6c9d11c0093a2dff71e219e4984b1b5f3204c14eaf7bee26530777d31c67f27e722d3753e5", 0xeb)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)="2e2f6367726f757000361a6f74a1b774b8642f3dfdd313d92946ff0167415d8dc22791dcd496520c1c99f4b07d3b2a11090000000229210b73abdcd2986fc290ac9b6ace278586d39949a54fb276eb1fd3964b0cad27e417b33abb8d3b00e64e75e4dff47de27536dccdde5fc746b04faafcec347560a31b3a35a5f20bc949d75cbb763987", 0x200002, 0x0)
statfs(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=""/105)
renameat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000100)='./file0\x00')
r2 = openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r2, r2, &(0x7f0000000200)=0x1, 0x8000)
exit(0x0)

2018/03/31 16:37:15 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x10)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[  105.811862] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000015
[  105.947846] FAULT_INJECTION: forcing a failure.
[  105.947846] name failslab, interval 1, probability 0, space 0, times 0
[  105.959143] CPU: 0 PID: 8265 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  105.966236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  105.975580] Call Trace:
[  105.978163]  dump_stack+0x194/0x24d
[  105.981788]  ? arch_local_irq_restore+0x53/0x53
[  105.986449]  ? __save_stack_trace+0x7e/0xd0
[  105.990772]  should_fail+0x8c0/0xa40
[  105.994485]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  105.999586]  ? kasan_kmalloc+0xad/0xe0
[  106.003468]  ? __kmalloc+0x162/0x760
[  106.007179]  ? ext4_htree_store_dirent+0x8b/0x580
[  106.012017]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  106.016855]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  106.021521]  ? exportfs_get_name+0x1a0/0x240
[  106.025925]  ? reconnect_path+0x1f1/0x670
[  106.030064]  ? exportfs_decode_fh+0x28a/0x5b0
[  106.034568]  ? SyS_open_by_handle_at+0x27/0x30
[  106.039146]  ? do_syscall_64+0x281/0x940
[  106.043203]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  106.048567]  ? find_held_lock+0x35/0x1d0
[  106.052626]  ? __lock_is_held+0xb6/0x140
[  106.056694]  ? check_same_owner+0x320/0x320
[  106.061013]  ? rcu_note_context_switch+0x710/0x710
[  106.065945]  should_failslab+0xec/0x120
[  106.069915]  __kmalloc+0x63/0x760
[  106.073363]  ? str2hashbuf_unsigned+0x250/0x250
[  106.078029]  ? ext4_htree_store_dirent+0x8b/0x580
[  106.082875]  ext4_htree_store_dirent+0x8b/0x580
[  106.087547]  htree_dirblock_to_tree+0x4e8/0xa00
[  106.092219]  ? dx_probe+0x1070/0x1070
[  106.096016]  ? save_stack+0xa3/0xd0
[  106.099645]  ? kmem_cache_alloc_trace+0x136/0x740
[  106.104488]  ? ext4_readdir+0x2285/0x3600
[  106.108628]  ? iterate_dir+0x1ca/0x530
[  106.112510]  ? get_name+0x52a/0x730
[  106.116135]  ? exportfs_get_name+0x1a0/0x240
[  106.120539]  ? reconnect_path+0x1f1/0x670
[  106.124679]  ? exportfs_decode_fh+0x28a/0x5b0
[  106.129165]  ? do_handle_open+0x374/0x8a0
[  106.133302]  ? SyS_open_by_handle_at+0x27/0x30
[  106.137878]  ? do_syscall_64+0x281/0x940
[  106.141933]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  106.147293]  ? __lock_acquire+0x664/0x3e00
[  106.151526]  ext4_htree_fill_tree+0x2bb/0xcb0
[  106.156014]  ? print_irqtrace_events+0x270/0x270
[  106.160767]  ? do_split+0x1d30/0x1d30
[  106.164572]  ? __lock_is_held+0xb6/0x140
[  106.168631]  ? ext4_readdir+0x2285/0x3600
[  106.172770]  ? rcu_read_lock_sched_held+0x108/0x120
[  106.177777]  ? kmem_cache_alloc_trace+0x459/0x740
[  106.182609]  ? do_syscall_64+0x281/0x940
[  106.186666]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  106.192025]  ? free_rb_tree_fname+0x9c/0xe0
2018/03/31 16:37:15 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000027003103000000000000000008002100"], 0x14}, 0x1}, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x1, 0x80100)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000140)={@dev={0xfe, 0x80, [], 0x14}, 0x400, 0x2, 0xff, 0x5, 0x101, 0x1, 0x6}, &(0x7f00000001c0)=0x20)

[  106.196342]  ext4_readdir+0x206a/0x3600
[  106.200306]  ? debug_mutex_init+0x1c/0x60
[  106.204461]  ? __ext4_check_dir_entry+0x320/0x320
[  106.209303]  ? lock_acquire+0x1d5/0x580
[  106.213268]  ? lock_acquire+0x1d5/0x580
[  106.217235]  ? iterate_dir+0xc3/0x530
[  106.221039]  ? lock_release+0xa40/0xa40
[  106.225013]  ? _copy_to_user+0xc0/0xc0
[  106.228908]  ? rcu_note_context_switch+0x710/0x710
[  106.233830]  ? __might_sleep+0x95/0x190
[  106.237804]  ? down_read_killable+0x95/0x180
[  106.242204]  ? iterate_dir+0xc3/0x530
[  106.246001]  ? down_write+0x120/0x120
[  106.249804]  iterate_dir+0x1ca/0x530
[  106.253516]  get_name+0x52a/0x730
[  106.256965]  ? bl_cleanup_pipefs+0x30/0x30
[  106.261202]  ? exportfs_encode_fh+0x100/0x100
[  106.265720]  exportfs_get_name+0x1a0/0x240
[  106.269951]  ? exportfs_get_name+0x1a0/0x240
[  106.274359]  ? get_name+0x730/0x730
[  106.277982]  ? up_read+0x40/0x40
[  106.281351]  reconnect_path+0x1f1/0x670
[  106.285326]  exportfs_decode_fh+0x28a/0x5b0
[  106.289639]  ? drop_caches_sysctl_handler+0x160/0x160
[  106.294823]  ? find_acceptable_alias+0x1e0/0x1e0
[  106.299573]  ? __fget_light+0x2b2/0x3c0
[  106.303540]  ? fget_raw+0x20/0x20
[  106.306987]  ? __check_object_size+0x8b/0x530
[  106.311481]  ? __might_sleep+0x95/0x190
[  106.315460]  do_handle_open+0x374/0x8a0
[  106.319427]  ? vfs_dentry_acceptable+0x10/0x10
[  106.324004]  ? SyS_write+0x184/0x220
[  106.327715]  ? SyS_read+0x220/0x220
[  106.331337]  SyS_open_by_handle_at+0x27/0x30
[  106.335738]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  106.340484]  do_syscall_64+0x281/0x940
[  106.344364]  ? vmalloc_sync_all+0x30/0x30
[  106.348503]  ? _raw_spin_unlock_irq+0x27/0x70
[  106.352991]  ? finish_task_switch+0x1c1/0x7e0
[  106.357477]  ? syscall_return_slowpath+0x550/0x550
[  106.362396]  ? syscall_return_slowpath+0x2ac/0x550
[  106.367315]  ? prepare_exit_to_usermode+0x350/0x350
[  106.372323]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  106.377679]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  106.382526]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  106.387703] RIP: 0033:0x454e79
[  106.390879] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  106.398577] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  106.405840] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  106.413099] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  106.420358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  106.427620] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000016
[  106.911703] FAT-fs (loop3): error, invalid access to FAT (entry 0x000006c0)
[  106.918893] FAT-fs (loop3): Filesystem has been set read-only
2018/03/31 16:37:24 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:24 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x10)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:24 executing program 6 (fault-call:2 fault-nth:23):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:24 executing program 7:
r0 = add_key(&(0x7f0000000040)='big_key\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f00000000c0)="87a0407e3aa39ed2b0eee145dc24eb2159d50c6bb853567bb31b99cefc600768542f3d589ed5168941287aabb5ad2ce23c0893667051ba9767f6bfdf87dee04d61099e2d44d752476181411ec18635db82da848258a98a896ebfffe66122833bce42dc7d00f72ed9b4500d367af116a4cbeb60458c6666c4bd7ffdd80e67c1d37c873af04f1e144a202f6202f7e3da3c9abf4f945ed7572b32fe4054b4196366078bdedac3420b11aa140790989279c7fe900b1c36e4a429616a808244452a4812039ec8b670273931ab4f5a30faa9f4647f21b19e7fd28a2110f7e6c203c5757bac7fbb570b0f9dd068d2054c4ff4696d37196000e9722a5d10eda0be941cf2956c32d19eac251c18998afe45127693b0ff5334cb32e1ac1adf71c5e608525064dd63098b32d1978b708ed4babec7dd0fb43d0026ad07427e6a4a535af7e9e8e49fd3fdafe28ab3415db422f71914fc39d4343a2f1ed68a961612c52da0d432d877cc6739ddda9fba77063f43049549362bad34e49fa90688dacd864d6df86330032b1ea708840dc70e8ba9a6dd8b2e9040ab132b2cbe808fffbef1735c093a259edb81680f815f12092449e829591485740f6bb0c21a4d76a1851320afc7895a80318da6e49d5aa9b22f7959bbaebeda621ce1843b8a400b6c6b4bb14cce5e4c8da914d8e67fb13569745fca60cd20e74d4c9ce97ee57349eb72c53a737ef75dc4e608fce54679e8a36be088422239ff2c80a32d28c39ecff90452eaf803794cfb16093e74a4f257e32b5fe78a237d8e936c3b592a9c5208357e54e8ce59b186e863676481ef5941e6cb422e289a86eba9f5de4594295a34da0b1fa59eb99b9d79526edecdf18678785befea18c12e07e4e284bb90588eba534502a04b6cea7874844b09fa29eb2e038682347a50356cc4699c7062a0eb0486ee1288862bec372e6df0ea7e741f01d01d7f77a9388c15a920342bf399ef1f12f0866b6b65275761f10f62df9bcf9d84d8000436539375bbc6bef40ca95adaa68a3ee01b8f2b4615526bff9885aa6f6d6f632f8c89681e9c2107eb3012b2b075bd29792dc7d5acc52810def5909087507c0b57b43a7d8868e11deca10ea8e36825b026b38b343c9ef436135461f4491e53344c94ed68f86dadb58910fec6034fcaed63ad009e290d4ec34669c76cbada3bcba3dc38c6e9a0496350d7ac4d692f8789d64b1a2ff31e7b948a6ab141f4bfd850311c316a9af0ad1da1c07a0b65e93d42f83d69260c6aee6eb78c28e4ff4827ffc167287b9fb674aaf8113ca8557857e17a1d621ad440c2197efa16e249b8a9e62b9c8364c06c699d0ec1080b3514964b204cdb1003e2115a11069254662552338a01b59c530496d5af0ce524aa6b0a266efc9a8497a0da6dc7781a70696550301c6b4a1f6bf2287e98be1815aa2d5ee2c038c6ae06fa1e8a176c9025bcd4bfa553d2424c49bb30d8d2f94207310c649cba1f3e95fdb9f6870189fbb75a13e17f6bd4716697587f78729d956c61b56a05811bf33af5a181869b09c2332f77ae944e31cde7eb76aa38422cdc11582d9f763e22d4958acfa84649975094f0d50f0fccf984195c73c1a8bc4d09803bf911c34935957d65b1f9ec9146b2d1ef914925cd1bbaf7b978a6489953de301a7e9c10ce1a19af64021dd82ce76a7e8e21bb860915a44edec91f07ada8554abd54d74f84e53820dd12db486b0048818391048064e17be3f5", 0x4d1, 0xfffffffffffffffc)
perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc)
keyctl$read(0xb, r0, &(0x7f00000013c0)=""/212, 0xffffffffffffff22)
add_key(&(0x7f00000005c0)='id_resolver\x00', &(0x7f0000000600)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000640)="7d64064510e014df3b1108427c4b3379f30db24c62460b0780f8a164226e9872ffccc3d021d37781aac37a554976174c684b4618b3398e905c0e62596f6b2bdfd1f7431efc8b8c9d132e2547867e288295de", 0x52, r0)

2018/03/31 16:37:24 executing program 5:
membarrier(0x32, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="0900f6157bdfa63df8004759dfd56d230000000000000000000000a8b47c"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:24 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4, 0x26012, r2, 0x0)
ioctl$KVM_ENABLE_CAP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0x79})
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x8000, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vga_arbiter\x00', 0x402000, 0x0)
prctl$getname(0x10, &(0x7f00000000c0)=""/188)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r5 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @broadcast=0xffffffff}, 0x1}}, 0x2e)
readlinkat(r4, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)=""/116, 0x74)
r6 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r6, &(0x7f0000003000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x1, 0x15}}, 0x2e)
fsync(r1)
seccomp(0x1, 0x0, &(0x7f0000000480)={0x3, &(0x7f0000000440)=[{0x3f, 0xffff, 0x2, 0x100000000}, {0x0, 0x7, 0x5, 0x80000000}, {0x8, 0x9, 0x7, 0xfff}]})
r7 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r7, &(0x7f00000002bb)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @broadcast=0xffffffff}, 0x1}}, 0x26)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)

2018/03/31 16:37:24 executing program 3:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000))
getsockopt(r0, 0x400000000000003a, 0x20000000000001, &(0x7f0000000f44)=""/188, &(0x7f0000000040)=0xffffffffffffffd8)

2018/03/31 16:37:24 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:24 executing program 7:
r0 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0x1, &(0x7f0000000040)=<r1=>0x0)
r2 = dup3(0xffffffffffffffff, r0, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYBLOB="fa00000045d42ccb9f6ae687cb030f3a4276ba475b6c5717fedac5a6a5f47d1a78391d79a6df74af77012e56123a793fcff6640809ea2bc769897fdfec1cc75690514bb07fd9d0b3edbeafa94c27b18d0743b2a76d582b6f59ad63582cc64a4f8d03fa301446179a9a4587e83bf771011640dc56c67892ad8309e298a481f4656884ce74c2d14723de54869371c49bd092d9f748830000c0af17f93e8278cdaea6f3628eee97a5e2c48f63aff84029769d989090f080ac9a74fba102f2603ddc53ffff047c393a7763a15701696e64e14eb9e53b1a0422315da63b852559c4b1217f66121faac0cc1887732672bd79936f09740000000000000000000000"], &(0x7f0000000200)=0x102)
io_submit(r1, 0x255, &(0x7f00000000c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x9, r2, &(0x7f0000000080)="70b89d4f42824690a749e960a7bb4f2eaa3cab881a37", 0x16}])

2018/03/31 16:37:24 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  115.154381] FAULT_INJECTION: forcing a failure.
[  115.154381] name failslab, interval 1, probability 0, space 0, times 0
[  115.165694] CPU: 1 PID: 8318 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  115.172797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  115.182141] Call Trace:
[  115.184722]  dump_stack+0x194/0x24d
[  115.188343]  ? arch_local_irq_restore+0x53/0x53
[  115.193002]  ? __save_stack_trace+0x7e/0xd0
[  115.197320]  should_fail+0x8c0/0xa40
[  115.201027]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  115.206117]  ? kasan_kmalloc+0xad/0xe0
[  115.209991]  ? __kmalloc+0x162/0x760
[  115.213689]  ? ext4_htree_store_dirent+0x8b/0x580
[  115.218517]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  115.223351]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  115.228009]  ? exportfs_get_name+0x1a0/0x240
[  115.232403]  ? reconnect_path+0x1f1/0x670
[  115.236535]  ? exportfs_decode_fh+0x28a/0x5b0
[  115.241014]  ? do_handle_open+0x374/0x8a0
[  115.245148]  ? SyS_open_by_handle_at+0x27/0x30
[  115.249715]  ? do_syscall_64+0x281/0x940
[  115.253769]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  115.259126]  ? find_held_lock+0x35/0x1d0
[  115.263175]  ? __lock_is_held+0xb6/0x140
[  115.267230]  ? check_same_owner+0x320/0x320
[  115.271538]  ? rcu_note_context_switch+0x710/0x710
[  115.276461]  should_failslab+0xec/0x120
[  115.280419]  __kmalloc+0x63/0x760
[  115.283859]  ? str2hashbuf_unsigned+0x250/0x250
[  115.288514]  ? ext4_htree_store_dirent+0x8b/0x580
[  115.293344]  ext4_htree_store_dirent+0x8b/0x580
[  115.298003]  htree_dirblock_to_tree+0x4e8/0xa00
[  115.302667]  ? dx_probe+0x1070/0x1070
[  115.306453]  ? save_stack+0xa3/0xd0
[  115.310065]  ? kmem_cache_alloc_trace+0x136/0x740
[  115.314889]  ? ext4_readdir+0x2285/0x3600
[  115.319025]  ? iterate_dir+0x1ca/0x530
[  115.322906]  ? get_name+0x52a/0x730
[  115.326533]  ? exportfs_get_name+0x1a0/0x240
[  115.330939]  ? reconnect_path+0x1f1/0x670
[  115.335077]  ? exportfs_decode_fh+0x28a/0x5b0
[  115.339559]  ? do_handle_open+0x374/0x8a0
[  115.343693]  ? SyS_open_by_handle_at+0x27/0x30
[  115.348259]  ? do_syscall_64+0x281/0x940
[  115.352306]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  115.357655]  ? __lock_acquire+0x664/0x3e00
[  115.361880]  ext4_htree_fill_tree+0x2bb/0xcb0
[  115.366364]  ? print_irqtrace_events+0x270/0x270
[  115.371108]  ? do_split+0x1d30/0x1d30
[  115.374910]  ? __lock_is_held+0xb6/0x140
[  115.378963]  ? ext4_readdir+0x2285/0x3600
[  115.383096]  ? rcu_read_lock_sched_held+0x108/0x120
[  115.388098]  ? kmem_cache_alloc_trace+0x459/0x740
[  115.392924]  ? do_syscall_64+0x281/0x940
[  115.396970]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  115.402324]  ? percpu_ref_put_many+0x11a/0x220
[  115.406891]  ? free_rb_tree_fname+0x9c/0xe0
[  115.411201]  ext4_readdir+0x206a/0x3600
[  115.415165]  ? debug_mutex_init+0x1c/0x60
[  115.419299]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  115.424306]  ? __ext4_check_dir_entry+0x320/0x320
[  115.429132]  ? lockref_get+0x42/0x50
[  115.432838]  ? lock_acquire+0x1d5/0x580
[  115.436802]  ? lock_acquire+0x1d5/0x580
[  115.440773]  ? iterate_dir+0xc3/0x530
[  115.444567]  ? lock_release+0xa40/0xa40
[  115.448532]  ? check_same_owner+0x320/0x320
2018/03/31 16:37:24 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:24 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:24 executing program 3:
r0 = socket(0x4000000000015, 0x400000000007ffff, 0xfff7fffffffffffe)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000006c0)={'ip6gre0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14)
sendmmsg$inet_sctp(r0, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000000)=0x7f, 0x4)

[  115.452848]  ? _copy_to_user+0xc0/0xc0
[  115.456732]  ? rcu_note_context_switch+0x710/0x710
[  115.461663]  ? __might_sleep+0x95/0x190
[  115.465634]  ? down_read_killable+0x95/0x180
[  115.470032]  ? iterate_dir+0xc3/0x530
[  115.473827]  ? down_write+0x120/0x120
[  115.477628]  iterate_dir+0x1ca/0x530
[  115.481340]  get_name+0x52a/0x730
[  115.484785]  ? bl_cleanup_pipefs+0x30/0x30
[  115.489017]  ? exportfs_encode_fh+0x100/0x100
[  115.493519]  exportfs_get_name+0x1a0/0x240
[  115.497739]  ? exportfs_get_name+0x1a0/0x240
[  115.502147]  ? get_name+0x730/0x730
2018/03/31 16:37:24 executing program 3:
clone(0x68000, &(0x7f0000000040), &(0x7f0000000040), &(0x7f0000f8b000), &(0x7f0000001400))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000280)={0x7, <r1=>r0, 0x1})
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000100)={{0x0, 0x0, 0x40, 0x3}, 0x8, 0x2})
mknod(&(0x7f00000001c0)='./file0\x00', 0x1040, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f00000000c0)={0xfffffffffffffff9, 0x8, 0xca3a, 0x7, 0xa7, 0x1, 0x37, 0x1000, 0x5, 0x1})
accept4$bt_l2cap(r1, 0x0, &(0x7f00000003c0), 0x800)
r2 = syz_open_procfs(0x0, &(0x7f00000e0000)='stack\x00')
readv(r2, &(0x7f00000012c0), 0x1000000000000219)
getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000080), 0x4)
open$dir(&(0x7f0000000000)='./file0\x00', 0x26102, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r2, 0x40485404, &(0x7f0000000340)={{0x2, 0x3, 0x6, 0x2, 0x2}, 0x2, 0x87})

2018/03/31 16:37:24 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0))
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  115.505768]  ? up_read+0x40/0x40
[  115.509135]  reconnect_path+0x1f1/0x670
[  115.513109]  exportfs_decode_fh+0x28a/0x5b0
[  115.517424]  ? drop_caches_sysctl_handler+0x160/0x160
[  115.522603]  ? find_acceptable_alias+0x1e0/0x1e0
[  115.527350]  ? __fget_light+0x2b2/0x3c0
[  115.531317]  ? fget_raw+0x20/0x20
[  115.534765]  ? __check_object_size+0x8b/0x530
[  115.539254]  ? __might_sleep+0x95/0x190
[  115.543235]  do_handle_open+0x374/0x8a0
[  115.547206]  ? vfs_dentry_acceptable+0x10/0x10
[  115.551786]  ? SyS_write+0x184/0x220
[  115.555498]  ? SyS_read+0x220/0x220
[  115.559123]  SyS_open_by_handle_at+0x27/0x30
[  115.563521]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  115.568271]  do_syscall_64+0x281/0x940
[  115.572151]  ? vmalloc_sync_all+0x30/0x30
[  115.576294]  ? _raw_spin_unlock_irq+0x27/0x70
[  115.580784]  ? finish_task_switch+0x1c1/0x7e0
[  115.585274]  ? syscall_return_slowpath+0x550/0x550
[  115.590193]  ? syscall_return_slowpath+0x2ac/0x550
[  115.595117]  ? prepare_exit_to_usermode+0x350/0x350
[  115.600126]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
2018/03/31 16:37:24 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0))
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  115.605486]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  115.610330]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  115.615510] RIP: 0033:0x454e79
[  115.618685] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  115.626381] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  115.633642] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  115.640905] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  115.648165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  115.655424] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000017
2018/03/31 16:37:26 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:26 executing program 3:
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0xc0082, 0x0)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x9)
socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000580)=""/124, &(0x7f00000003c0)=0x7c)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = open(&(0x7f0000042ff8)='./file0\x00', 0x80040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
rt_sigprocmask(0x0, &(0x7f0000da1000)={0xfffffffffffffffe}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000061000)={0xfffffffffffffffb}, &(0x7f0000039ff0), &(0x7f0000039ff0)={0x77359400, 0xffff}, 0x8)
perf_event_open(&(0x7f000025c000)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
fremovexattr(r1, &(0x7f0000000440)=@known='security.evm\x00')
truncate(&(0x7f0000e5e000)='./file0\x00', 0x0)
socket$alg(0x26, 0x5, 0x0)
dup2(r0, r1)
setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f00000000c0), 0x4)
restart_syscall()
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)}, 0x800)
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/8, 0xfffffffffffffec2, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000080)={'bond0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x12}}})
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(0xffffffffffffffff, 0x28, 0x0, &(0x7f00000004c0)=0x100000001, 0x8)

2018/03/31 16:37:26 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:26 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0))
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:26 executing program 7:
r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
close(r1)
fstat(0xffffffffffffffff, &(0x7f0000000280))
fcntl$getownex(r0, 0x10, &(0x7f0000000380))
getgid()
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="cdbf0e000084ffffffffffff86dd6002290f00383a00fe800000000000000000000000000000ff02000000000000000000fff4ed5d677787707800000000609433df00003a0000000000000000000000000000000001fe800000000000000000000000000000800000e77f0004004fa7471dcec6595552391c455be34e758f0fde011d1d3883ddb1820fa728e5d65919c805d315067f9fda7db5"], 0x0)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x15f)
r2 = socket$pptp(0x18, 0x1, 0x2)
getsockopt$bt_hci(r2, 0x0, 0x0, &(0x7f0000000100)=""/101, &(0x7f0000000180)=0x65)

2018/03/31 16:37:26 executing program 6 (fault-call:2 fault-nth:24):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:26 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000080)={'irlan0\x00', 0x5})

2018/03/31 16:37:26 executing program 4:
r0 = perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}, 0x8280, 0x1}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={<r1=>0x0, 0x20, &(0x7f00000000c0)=[@in={0x2, 0x4e21, @rand_addr=0x4}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1a}}]}, &(0x7f00000002c0)=0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000003c0)={r1, @in6={{0xa, 0x4e22, 0x4, @dev={0xfe, 0x80, [], 0xe}}}, 0x20, 0x8, 0x8000, 0x2, 0x10}, 0x98)
perf_event_open$cgroup(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x20, 0x2, 0x4, 0x0, 0x0, 0x0, 0x5ab056831d2ceb9, 0x3, 0x0, 0x0, 0x0, 0xffffffff, 0x80, 0xfffffffffffff801, 0x0, 0x0, 0x0, 0x7, 0x4, 0x6, 0x8, 0x800, 0x20, 0x1f, 0x0, 0x7, 0x0, 0x81, 0x5d9, 0x8, 0x4, 0x0, 0x80000001, 0x1, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0xbd, 0x9}, 0x8000, 0x2, 0x80000000000000, 0x0, 0xeb3, 0x8, 0x9}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0xa)
connect$inet6(0xffffffffffffffff, &(0x7f0000000580)={0xa, 0x4e22, 0x748, @dev={0xfe, 0x80, [], 0xb}, 0x1}, 0x1c)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/group.stat\x00', 0x2761, 0x0)
write$cgroup_pid(r2, &(0x7f00000012c0)=ANY=[], 0xffffff4b)
read(0xffffffffffffffff, &(0x7f0000000200)=""/170, 0xaa)
r3 = userfaultfd(0x800)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0xe})
sched_setscheduler(0x0, 0x1, &(0x7f00000005c0)=0x40)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000911000)={{&(0x7f0000004000/0x1000)=nil, 0x1000}, 0x1})
clone(0x0, &(0x7f0000001f37), &(0x7f0000001ffc), &(0x7f0000001000), &(0x7f0000001000))
getsockopt$netrom_NETROM_IDLE(r2, 0x103, 0x7, &(0x7f0000000140)=0x1, &(0x7f0000000380)=0x4)
read(r3, &(0x7f0000000300)=""/100, 0x64)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc020660b, &(0x7f00000001c0))
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x3f)
ioctl$DRM_IOCTL_DROP_MASTER(0xffffffffffffffff, 0x641f)
r4 = semget$private(0x0, 0x1, 0x130)
semctl$IPC_RMID(r4, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000080)={0x1, 0x4, 0x2, 0x3ff, r1}, &(0x7f0000000480)=0x10)

2018/03/31 16:37:26 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  117.773972] FAULT_INJECTION: forcing a failure.
[  117.773972] name failslab, interval 1, probability 0, space 0, times 0
[  117.785257] CPU: 0 PID: 8370 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  117.792355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  117.801701] Call Trace:
[  117.804286]  dump_stack+0x194/0x24d
[  117.807917]  ? arch_local_irq_restore+0x53/0x53
[  117.812584]  ? __save_stack_trace+0x7e/0xd0
[  117.816916]  should_fail+0x8c0/0xa40
[  117.820631]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  117.825733]  ? kasan_kmalloc+0xad/0xe0
[  117.829619]  ? __kmalloc+0x162/0x760
[  117.833331]  ? ext4_htree_store_dirent+0x8b/0x580
[  117.838167]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  117.843009]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  117.847680]  ? exportfs_get_name+0x1a0/0x240
[  117.852082]  ? reconnect_path+0x1f1/0x670
[  117.856227]  ? exportfs_decode_fh+0x28a/0x5b0
[  117.860720]  ? do_handle_open+0x374/0x8a0
[  117.864866]  ? SyS_open_by_handle_at+0x27/0x30
[  117.869442]  ? do_syscall_64+0x281/0x940
2018/03/31 16:37:27 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  117.873500]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  117.878864]  ? find_held_lock+0x35/0x1d0
[  117.882929]  ? __lock_is_held+0xb6/0x140
[  117.886999]  ? check_same_owner+0x320/0x320
[  117.891328]  ? rcu_note_context_switch+0x710/0x710
[  117.896269]  should_failslab+0xec/0x120
[  117.900242]  __kmalloc+0x63/0x760
[  117.903695]  ? str2hashbuf_unsigned+0x250/0x250
[  117.908366]  ? ext4_htree_store_dirent+0x8b/0x580
[  117.913209]  ext4_htree_store_dirent+0x8b/0x580
[  117.917883]  htree_dirblock_to_tree+0x4e8/0xa00
[  117.922554]  ? dx_probe+0x1070/0x1070
[  117.926354]  ? save_stack+0xa3/0xd0
[  117.929982]  ? kmem_cache_alloc_trace+0x136/0x740
[  117.934821]  ? ext4_readdir+0x2285/0x3600
[  117.938973]  ? iterate_dir+0x1ca/0x530
[  117.942856]  ? get_name+0x52a/0x730
[  117.946476]  ? exportfs_get_name+0x1a0/0x240
[  117.950876]  ? reconnect_path+0x1f1/0x670
[  117.955016]  ? exportfs_decode_fh+0x28a/0x5b0
[  117.959507]  ? do_handle_open+0x374/0x8a0
[  117.963649]  ? SyS_open_by_handle_at+0x27/0x30
[  117.968226]  ? do_syscall_64+0x281/0x940
[  117.972281]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  117.977642]  ? __lock_acquire+0x664/0x3e00
[  117.981870]  ext4_htree_fill_tree+0x2bb/0xcb0
[  117.986363]  ? print_irqtrace_events+0x270/0x270
[  117.991116]  ? do_split+0x1d30/0x1d30
[  117.994921]  ? __lock_is_held+0xb6/0x140
[  117.998986]  ? ext4_readdir+0x2285/0x3600
[  118.003127]  ? rcu_read_lock_sched_held+0x108/0x120
[  118.008137]  ? kmem_cache_alloc_trace+0x459/0x740
[  118.012972]  ? do_syscall_64+0x281/0x940
[  118.017032]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.022392]  ? percpu_ref_put_many+0x11a/0x220
[  118.026970]  ? free_rb_tree_fname+0x9c/0xe0
[  118.031287]  ext4_readdir+0x206a/0x3600
[  118.035255]  ? debug_mutex_init+0x1c/0x60
[  118.039397]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  118.044420]  ? __ext4_check_dir_entry+0x320/0x320
[  118.049267]  ? lockref_get+0x42/0x50
[  118.052977]  ? lock_acquire+0x1d5/0x580
[  118.056945]  ? lock_acquire+0x1d5/0x580
[  118.060913]  ? iterate_dir+0xc3/0x530
[  118.064711]  ? lock_release+0xa40/0xa40
[  118.068678]  ? check_same_owner+0x320/0x320
[  118.072992]  ? _copy_to_user+0xc0/0xc0
[  118.076880]  ? rcu_note_context_switch+0x710/0x710
[  118.081806]  ? __might_sleep+0x95/0x190
[  118.085781]  ? down_read_killable+0x95/0x180
[  118.090184]  ? iterate_dir+0xc3/0x530
[  118.093979]  ? down_write+0x120/0x120
[  118.097785]  iterate_dir+0x1ca/0x530
[  118.101499]  get_name+0x52a/0x730
[  118.104950]  ? bl_cleanup_pipefs+0x30/0x30
[  118.109182]  ? exportfs_encode_fh+0x100/0x100
[  118.113696]  exportfs_get_name+0x1a0/0x240
[  118.117927]  ? exportfs_get_name+0x1a0/0x240
[  118.122331]  ? get_name+0x730/0x730
[  118.125950]  ? up_read+0x40/0x40
[  118.129317]  reconnect_path+0x1f1/0x670
[  118.133291]  exportfs_decode_fh+0x28a/0x5b0
[  118.137605]  ? drop_caches_sysctl_handler+0x160/0x160
[  118.142788]  ? find_acceptable_alias+0x1e0/0x1e0
[  118.147538]  ? __fget_light+0x2b2/0x3c0
[  118.151505]  ? fget_raw+0x20/0x20
[  118.154950]  ? __check_object_size+0x8b/0x530
[  118.159448]  ? __might_sleep+0x95/0x190
[  118.163423]  do_handle_open+0x374/0x8a0
[  118.167393]  ? vfs_dentry_acceptable+0x10/0x10
[  118.171970]  ? SyS_write+0x184/0x220
[  118.175678]  ? SyS_read+0x220/0x220
[  118.179302]  SyS_open_by_handle_at+0x27/0x30
[  118.183704]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  118.188453]  do_syscall_64+0x281/0x940
[  118.192333]  ? vmalloc_sync_all+0x30/0x30
[  118.196478]  ? _raw_spin_unlock_irq+0x27/0x70
[  118.200968]  ? finish_task_switch+0x1c1/0x7e0
[  118.205456]  ? syscall_return_slowpath+0x550/0x550
[  118.210377]  ? syscall_return_slowpath+0x2ac/0x550
[  118.215301]  ? prepare_exit_to_usermode+0x350/0x350
[  118.220313]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  118.225676]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  118.230516]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.235696] RIP: 0033:0x454e79
[  118.238875] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  118.246575] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  118.253838] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  118.261101] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  118.268379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
2018/03/31 16:37:27 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:27 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:27 executing program 7:
r0 = memfd_create(&(0x7f0000029000)='\\\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000032ff3)='/dev/snd/seq\x00', 0x0, 0x6)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000051f50)={{0x80}, 'port1\x00'})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, @time, {}, {}, @addr}], 0x90)
ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000000000)={0x6, r0, 0x1})

2018/03/31 16:37:27 executing program 6 (fault-call:2 fault-nth:25):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

[  118.275645] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000018
2018/03/31 16:37:27 executing program 7:
r0 = socket(0x1, 0x806, 0x6)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x2dcb, 0xff, 0xc, 0x5b, 0x4, 0x4, 0xb22, 0x1f, <r1=>0x0}, &(0x7f0000000080)=0x20)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000000c0)={0x100000000, 0xc2, 0x200, 0x0, 0xffffffff, 0xfffffffffffff801, 0x10000, 0xaf52, r1}, 0x20)
write(r0, &(0x7f0000000100)="220000002100070700be0000090038010a0000fcffff00000004f205001180004100", 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0xffff, 0x80000)
utimensat(r2, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x100)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x420c00, 0x0)

[  118.363402] FAULT_INJECTION: forcing a failure.
[  118.363402] name failslab, interval 1, probability 0, space 0, times 0
[  118.374739] CPU: 1 PID: 8391 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  118.381830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  118.391169] Call Trace:
[  118.393754]  dump_stack+0x194/0x24d
[  118.397381]  ? arch_local_irq_restore+0x53/0x53
[  118.402045]  ? __save_stack_trace+0x7e/0xd0
[  118.406370]  should_fail+0x8c0/0xa40
2018/03/31 16:37:27 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, &(0x7f00000006c0)={r1})
r2 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r2, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r3}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  118.410088]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  118.415189]  ? kasan_kmalloc+0xad/0xe0
[  118.419069]  ? __kmalloc+0x162/0x760
[  118.422779]  ? ext4_htree_store_dirent+0x8b/0x580
[  118.427613]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  118.432446]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  118.437116]  ? exportfs_get_name+0x1a0/0x240
[  118.441514]  ? reconnect_path+0x1f1/0x670
[  118.445657]  ? exportfs_decode_fh+0x28a/0x5b0
[  118.450134]  ? do_handle_open+0x374/0x8a0
[  118.454261]  ? SyS_open_by_handle_at+0x27/0x30
[  118.458827]  ? do_syscall_64+0x281/0x940
[  118.462880]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.468242]  ? find_held_lock+0x35/0x1d0
[  118.472280]  ? __lock_is_held+0xb6/0x140
[  118.476330]  ? check_same_owner+0x320/0x320
[  118.480645]  ? rcu_note_context_switch+0x710/0x710
[  118.485565]  should_failslab+0xec/0x120
[  118.489520]  __kmalloc+0x63/0x760
[  118.492952]  ? str2hashbuf_unsigned+0x250/0x250
[  118.497600]  ? ext4_htree_store_dirent+0x8b/0x580
[  118.502420]  ext4_htree_store_dirent+0x8b/0x580
[  118.507074]  htree_dirblock_to_tree+0x4e8/0xa00
[  118.511723]  ? dx_probe+0x1070/0x1070
[  118.515507]  ? save_stack+0xa3/0xd0
[  118.519120]  ? kmem_cache_alloc_trace+0x136/0x740
[  118.523951]  ? ext4_readdir+0x2285/0x3600
[  118.528081]  ? iterate_dir+0x1ca/0x530
[  118.531958]  ? get_name+0x52a/0x730
[  118.535577]  ? exportfs_get_name+0x1a0/0x240
[  118.539972]  ? reconnect_path+0x1f1/0x670
[  118.544092]  ? exportfs_decode_fh+0x28a/0x5b0
[  118.548571]  ? do_handle_open+0x374/0x8a0
[  118.552712]  ? SyS_open_by_handle_at+0x27/0x30
[  118.557287]  ? do_syscall_64+0x281/0x940
[  118.561341]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.566702]  ? __lock_acquire+0x664/0x3e00
[  118.570924]  ext4_htree_fill_tree+0x2bb/0xcb0
[  118.575401]  ? print_irqtrace_events+0x270/0x270
[  118.580153]  ? do_split+0x1d30/0x1d30
[  118.583943]  ? __lock_is_held+0xb6/0x140
[  118.587993]  ? ext4_readdir+0x2285/0x3600
[  118.592132]  ? rcu_read_lock_sched_held+0x108/0x120
[  118.597144]  ? kmem_cache_alloc_trace+0x459/0x740
[  118.601978]  ? do_syscall_64+0x281/0x940
[  118.606039]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.611388]  ? percpu_ref_put_many+0x11a/0x220
[  118.615955]  ? free_rb_tree_fname+0x9c/0xe0
[  118.620265]  ext4_readdir+0x206a/0x3600
[  118.624235]  ? debug_mutex_init+0x1c/0x60
[  118.628372]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  118.633385]  ? __ext4_check_dir_entry+0x320/0x320
[  118.638222]  ? lockref_get+0x42/0x50
[  118.641936]  ? lock_acquire+0x1d5/0x580
[  118.645903]  ? lock_acquire+0x1d5/0x580
[  118.649869]  ? iterate_dir+0xc3/0x530
[  118.653663]  ? lock_release+0xa40/0xa40
[  118.657630]  ? check_same_owner+0x320/0x320
[  118.661945]  ? _copy_to_user+0xc0/0xc0
[  118.665824]  ? rcu_note_context_switch+0x710/0x710
[  118.670747]  ? __might_sleep+0x95/0x190
[  118.674721]  ? down_read_killable+0x95/0x180
[  118.679125]  ? iterate_dir+0xc3/0x530
[  118.682919]  ? down_write+0x120/0x120
[  118.686712]  iterate_dir+0x1ca/0x530
[  118.690407]  get_name+0x52a/0x730
[  118.693839]  ? bl_cleanup_pipefs+0x30/0x30
[  118.698056]  ? exportfs_encode_fh+0x100/0x100
[  118.702535]  exportfs_get_name+0x1a0/0x240
[  118.706746]  ? exportfs_get_name+0x1a0/0x240
[  118.711138]  ? get_name+0x730/0x730
[  118.714757]  ? up_read+0x40/0x40
[  118.718120]  reconnect_path+0x1f1/0x670
[  118.722093]  exportfs_decode_fh+0x28a/0x5b0
[  118.726406]  ? drop_caches_sysctl_handler+0x160/0x160
[  118.731591]  ? find_acceptable_alias+0x1e0/0x1e0
[  118.736342]  ? __fget_light+0x2b2/0x3c0
[  118.740310]  ? fget_raw+0x20/0x20
[  118.743755]  ? __check_object_size+0x8b/0x530
[  118.748244]  ? __might_sleep+0x95/0x190
[  118.752221]  do_handle_open+0x374/0x8a0
[  118.756187]  ? vfs_dentry_acceptable+0x10/0x10
[  118.760762]  ? SyS_write+0x184/0x220
[  118.764471]  ? SyS_read+0x220/0x220
[  118.768092]  SyS_open_by_handle_at+0x27/0x30
[  118.772490]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  118.777238]  do_syscall_64+0x281/0x940
[  118.781119]  ? vmalloc_sync_all+0x30/0x30
[  118.785256]  ? _raw_spin_unlock_irq+0x27/0x70
[  118.789745]  ? finish_task_switch+0x1c1/0x7e0
[  118.794233]  ? syscall_return_slowpath+0x550/0x550
[  118.799153]  ? syscall_return_slowpath+0x2ac/0x550
[  118.804077]  ? prepare_exit_to_usermode+0x350/0x350
[  118.809088]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  118.814448]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  118.819289]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  118.824468] RIP: 0033:0x454e79
[  118.827647] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  118.835343] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  118.842600] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  118.849860] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  118.857120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  118.864380] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000019
2018/03/31 16:37:28 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
r5 = dup3(r0, r2, 0x80000)
ioctl$KVM_GET_DIRTY_LOG(r5, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:28 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="233919e2ad7ab24523b1f98a7c66d9cb6a881a973bd27800", 0x13c)

2018/03/31 16:37:28 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:28 executing program 4:
perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x15, 0x80005, 0x0)
r1 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={r2, 0x1, 0x6, @random="f49657a503ca"}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000000c0)={r2, 0x1, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x4)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000e80)={{{@in6=@mcast1, @in6=@mcast2}}, {{}, 0x0, @in=@multicast2}}, &(0x7f0000000240)=0x24)
getuid()
getpid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000010c0)={{{@in6=@mcast2, @in=@dev}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f00000011c0)=0xe8)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000001200))
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000027c0)={{{@in=@multicast2, @in6}}, {{@in=@local}, 0x0, @in6=@local}}, &(0x7f00000028c0)=0xe8)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000002900), &(0x7f0000002940)=0xc)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000002980))
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f00000029c0))
r4 = socket$kcm(0x29, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r4, 0x89e1, &(0x7f0000000180))
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000005f00))
r5 = accept4(r3, &(0x7f0000000740)=@can, &(0x7f00000007c0)=0x80, 0x0)
setsockopt$ipx_IPX_TYPE(r5, 0x100, 0x1, &(0x7f0000000800)=0x5, 0x4)
r6 = accept4(0xffffffffffffffff, &(0x7f0000000100)=@rc, &(0x7f0000000080)=0x80, 0x80000)
ioctl$sock_bt_hidp_HIDPCONNADD(r6, 0x400448c8, &(0x7f0000000840)={r5, r4, 0xffffffffffffff52, 0x1, &(0x7f00000006c0)="e411b82d239f02360b33ab01086a0910f47bfaaa10d5cb1dd0d5e6120a061bee3a5045c09ff7eb5a798d477b3db7121ae6a2193d00a22c1d20a716d6fb8def52aaf549d2", 0x0, 0x1, 0x1, 0xd47, 0x0, 0x1, 0x6, "8cf24b7fd8b0ddc12ac89815965997f04ab65965e7b1826827edb42a04961923bddf320398fbca63e24c12e49fa9cbc6fa3c9668eb3c5a0ed91d825000f39113f019864869fa54192c2855935cffd02b9c5271ffe1fad8464cae490f314b0287337f02124fa263977d3a3572334bdfb27039b0ff737adeccbd7bb84f3a84859a91e824ec045ae0eb18399009e09dce827054c9cefb35eeba34bbdebb872646105b7323cca313a0c74fa0708172258c3ef77340f0423fd10c2843617385f722a223fee8d10e53bc"})
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000940)=ANY=[@ANYRES32, @ANYBLOB="e3b40600ffffffff0400f0ff0000fafffb0e41da189c304034954b00a7172d5e6dc38f66721366162882a4b0446dab26cec9fe84f07c159cf49afd24cace5f89fb796dcf6b63f8c34f74923a544e4b9117efca7fcf0d58ef9782471fc22b1cd4d176eb466033081f5586965779409edd2110c47c593b483c5ced0bc800e7845f453818e2132c03ad73f4deb06e463de7bfeeaa6d5b35bb64800f5b11638eabab477af9deec6901ecddc340c4159fd55e378eec26aa4ad929b91e15017c9e7349a2d6a972cc7d757062c059dbbe5ca8ade65bb423aa45b1ba0f5c01a9997f104ae8b1530200b507d4c8db246a7375c203cd2961957b180236e6ee9ba5d55fae5a254bf7bbcd948f625d4bfd8a2231bf9b7c5f0000000000"], 0x2)
write(r3, &(0x7f00000005c0)="2700000014000707030e0000120f0a00110011002d45222027bbb57a3e0e49d6a90600d6ec000013d310d3d451ba370b250a1fd95762917c28f712291db33d7dd5a3b08c34da1acae06b57c4efd509a682c89ec1da9c8e131674a4e9d01ca06e1a18991ca08f3667361e85b4167bcbf6ee91b9dc0a", 0x75)
getsockopt(r0, 0x200000000114, 0x8, &(0x7f0000ee3000)=""/4096, &(0x7f0000000000)=0x1000)

2018/03/31 16:37:28 executing program 6 (fault-call:2 fault-nth:26):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:28 executing program 7:
ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000000)="86dd39c23da40284d7f29f16c0473396880da938286ee9cf71018aceda89db14994531e3a6fcb0a4d34b5905fe")
r0 = pkey_alloc(0x0, 0x1)
pkey_mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, r0)
ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil})
r1 = syz_open_dev$sg(&(0x7f0000797ff7)='/dev/sg#\x00', 0x0, 0x0)
ioctl(r1, 0x20000000002285, &(0x7f0000000000)="53000000012e2a6824")
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040)=<r2=>0x0)
setpriority(0x0, r2, 0x949a)

2018/03/31 16:37:28 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, &(0x7f00000006c0)={r1})
r2 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r2, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r3}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:28 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x7ff, 0x2)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000140))
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
lookup_dcookie(0x0, &(0x7f00000002c0)=""/163, 0xa3)
ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, &(0x7f00000001c0)={0x1, 0x20, 0x1, <r2=>r1})
fchmod(r2, 0x8)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000270000006b00000008000000"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:28 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, &(0x7f00000006c0)={r1})
r2 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r2, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r3}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:28 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x10)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:28 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffff9c, 0x0)
setsockopt$inet_sctp_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f00000002c0), 0x4)
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000002dc0)=[{{&(0x7f0000002680)=@can={0x1d}, 0x80, &(0x7f0000002800)=[{&(0x7f00000026c0)="b0", 0x1}], 0x1, &(0x7f0000002840)}}], 0x1, 0x0)
close(r0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000100)={'bpq0\x00\x00\x00\x00\x00\x00\x00 \x00', 0x2})
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=<r1=>0x0)
ptrace$getregs(0xc, r1, 0xffffffffffffffff, &(0x7f0000000140)=""/190)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000040))

[  119.029619] sd 0:0:1:0: [sg0] tag#4083 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[  119.038416] sd 0:0:1:0: [sg0] tag#4083 CDB: Test Unit Ready
[  119.044177] sd 0:0:1:0: [sg0] tag#4083 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  119.053073] sd 0:0:1:0: [sg0] tag#4083 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  119.061952] sd 0:0:1:0: [sg0] tag#4083 CDB[20]: 00 00 00 00
2018/03/31 16:37:28 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:28 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x10)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:28 executing program 4:
r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000002, 0x52, r0, 0x0)
mmap(&(0x7f00002e4000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
name_to_handle_at(r0, &(0x7f00002e4000)='./file0\x00', &(0x7f0000000ff4)={0xc, 0x0, "1ca00205"}, &(0x7f0000000000), 0x1400)
setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000040)={0x0, {{0xa, 0x4e21, 0x4, @empty, 0xffa}}}, 0x88)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x0)

[  119.151705] FAULT_INJECTION: forcing a failure.
[  119.151705] name failslab, interval 1, probability 0, space 0, times 0
[  119.163051] CPU: 0 PID: 8430 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  119.170154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  119.179499] Call Trace:
[  119.182088]  dump_stack+0x194/0x24d
[  119.185724]  ? arch_local_irq_restore+0x53/0x53
[  119.185997] sd 0:0:1:0: [sg0] tag#4016 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[  119.190386]  ? __save_stack_trace+0x7e/0xd0
[  119.190408]  should_fail+0x8c0/0xa40
[  119.190423]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  119.190437]  ? kasan_kmalloc+0xad/0xe0
[  119.190445]  ? __kmalloc+0x162/0x760
[  119.190455]  ? ext4_htree_store_dirent+0x8b/0x580
[  119.190463]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  119.190470]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  119.190481]  ? exportfs_get_name+0x1a0/0x240
[  119.199197] sd 0:0:1:0: [sg0] tag#4016 CDB: Test Unit Ready
[  119.203431]  ? reconnect_path+0x1f1/0x670
[  119.203443]  ? exportfs_decode_fh+0x28a/0x5b0
[  119.203453]  ? do_handle_open+0x374/0x8a0
[  119.203461]  ? SyS_open_by_handle_at+0x27/0x30
[  119.203470]  ? do_syscall_64+0x281/0x940
[  119.203481]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  119.203496]  ? find_held_lock+0x35/0x1d0
[  119.203511]  ? __lock_is_held+0xb6/0x140
[  119.207236] sd 0:0:1:0: [sg0] tag#4016 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  119.212288]  ? check_same_owner+0x320/0x320
[  119.212303]  ? rcu_note_context_switch+0x710/0x710
[  119.212322]  should_failslab+0xec/0x120
[  119.216215] sd 0:0:1:0: [sg0] tag#4016 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  119.219876]  __kmalloc+0x63/0x760
[  119.219886]  ? str2hashbuf_unsigned+0x250/0x250
[  119.219900]  ? ext4_htree_store_dirent+0x8b/0x580
[  119.224738] sd 0:0:1:0: [sg0] tag#4016 CDB[20]: 00 00 00 00
[  119.229531]  ext4_htree_store_dirent+0x8b/0x580
[  119.229547]  htree_dirblock_to_tree+0x4e8/0xa00
[  119.229564]  ? dx_probe+0x1070/0x1070
[  119.341281]  ? save_stack+0xa3/0xd0
[  119.344888]  ? kmem_cache_alloc_trace+0x136/0x740
[  119.349713]  ? ext4_readdir+0x2285/0x3600
[  119.353835]  ? iterate_dir+0x1ca/0x530
[  119.357698]  ? get_name+0x52a/0x730
[  119.361297]  ? exportfs_get_name+0x1a0/0x240
[  119.365678]  ? reconnect_path+0x1f1/0x670
[  119.369798]  ? exportfs_decode_fh+0x28a/0x5b0
[  119.374266]  ? do_handle_open+0x374/0x8a0
[  119.378389]  ? SyS_open_by_handle_at+0x27/0x30
[  119.382945]  ? do_syscall_64+0x281/0x940
[  119.386984]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  119.392323]  ? __lock_acquire+0x664/0x3e00
[  119.396533]  ext4_htree_fill_tree+0x2bb/0xcb0
[  119.401005]  ? print_irqtrace_events+0x270/0x270
[  119.405745]  ? do_split+0x1d30/0x1d30
[  119.409527]  ? __lock_is_held+0xb6/0x140
[  119.413566]  ? ext4_readdir+0x2285/0x3600
[  119.417691]  ? rcu_read_lock_sched_held+0x108/0x120
[  119.422683]  ? kmem_cache_alloc_trace+0x459/0x740
[  119.427499]  ? do_syscall_64+0x281/0x940
[  119.431537]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  119.436879]  ? percpu_ref_put_many+0x11a/0x220
[  119.441436]  ? free_rb_tree_fname+0x9c/0xe0
[  119.445733]  ext4_readdir+0x206a/0x3600
[  119.449681]  ? debug_mutex_init+0x1c/0x60
[  119.453804]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  119.458799]  ? __ext4_check_dir_entry+0x320/0x320
[  119.463616]  ? lockref_get+0x42/0x50
[  119.467307]  ? lock_acquire+0x1d5/0x580
[  119.471256]  ? lock_acquire+0x1d5/0x580
[  119.475205]  ? iterate_dir+0xc3/0x530
[  119.478982]  ? lock_release+0xa40/0xa40
[  119.482931]  ? check_same_owner+0x320/0x320
[  119.487226]  ? _copy_to_user+0xc0/0xc0
[  119.491089]  ? rcu_note_context_switch+0x710/0x710
[  119.495994]  ? __might_sleep+0x95/0x190
[  119.499950]  ? down_read_killable+0x95/0x180
[  119.504334]  ? iterate_dir+0xc3/0x530
[  119.508107]  ? down_write+0x120/0x120
[  119.511889]  iterate_dir+0x1ca/0x530
[  119.515579]  get_name+0x52a/0x730
[  119.519009]  ? bl_cleanup_pipefs+0x30/0x30
[  119.523226]  ? exportfs_encode_fh+0x100/0x100
[  119.527713]  exportfs_get_name+0x1a0/0x240
[  119.531923]  ? exportfs_get_name+0x1a0/0x240
[  119.536306]  ? get_name+0x730/0x730
[  119.539906]  ? up_read+0x40/0x40
[  119.543254]  reconnect_path+0x1f1/0x670
[  119.547209]  exportfs_decode_fh+0x28a/0x5b0
[  119.551504]  ? drop_caches_sysctl_handler+0x160/0x160
[  119.556669]  ? find_acceptable_alias+0x1e0/0x1e0
[  119.561403]  ? __fget_light+0x2b2/0x3c0
[  119.565354]  ? fget_raw+0x20/0x20
[  119.568783]  ? __check_object_size+0x8b/0x530
[  119.573256]  ? __might_sleep+0x95/0x190
[  119.577213]  do_handle_open+0x374/0x8a0
[  119.581163]  ? vfs_dentry_acceptable+0x10/0x10
[  119.585719]  ? SyS_write+0x184/0x220
[  119.589410]  ? SyS_read+0x220/0x220
[  119.593017]  SyS_open_by_handle_at+0x27/0x30
[  119.597403]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  119.602133]  do_syscall_64+0x281/0x940
[  119.605999]  ? vmalloc_sync_all+0x30/0x30
[  119.610128]  ? _raw_spin_unlock_irq+0x27/0x70
[  119.614596]  ? finish_task_switch+0x1c1/0x7e0
[  119.619068]  ? syscall_return_slowpath+0x550/0x550
[  119.623971]  ? syscall_return_slowpath+0x2ac/0x550
[  119.628880]  ? prepare_exit_to_usermode+0x350/0x350
[  119.633875]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  119.639217]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  119.644041]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  119.649204] RIP: 0033:0x454e79
2018/03/31 16:37:28 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x10)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:28 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  119.652366] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  119.660048] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  119.667291] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  119.674533] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  119.681776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  119.689023] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000001a
2018/03/31 16:37:29 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
dup3(r0, r2, 0x80000)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
utime(&(0x7f0000c4c000)='./file0\x00', &(0x7f0000a98000)={0x3})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000a98000/0x2000)=nil})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000c9bec8)={{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x6}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000}, {}, {}, 0xfffffffffffffffc})
ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000000))

2018/03/31 16:37:29 executing program 6 (fault-call:2 fault-nth:27):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:29 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:29 executing program 4:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x440, 0x0)
ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000100))
r1 = add_key(&(0x7f0000000080)='id_legacy\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f0000000140)="fb", 0x1, 0xfffffffffffffffb)
keyctl$invalidate(0x15, r1)
keyctl$chown(0x4, r1, 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x101000)

2018/03/31 16:37:29 executing program 7:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket(0x2, 0x3, 0x1)
getsockopt(r0, 0xff, 0x1, &(0x7f000091b000), &(0x7f00003b7000))
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x440, 0x0)
ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f0000000040)=""/63)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$TIOCNXCL(r1, 0x540d)

2018/03/31 16:37:29 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x0, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:29 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x200, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@dev, @in6=@dev}}, {{@in=@rand_addr}, 0x0, @in6=@loopback}}, &(0x7f0000000200)=0xe8)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)
r2 = dup3(r0, r0, 0x80000)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, &(0x7f0000000080), &(0x7f0000000140)=0x4)

2018/03/31 16:37:29 executing program 4:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer\x00', 0x100, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000280)='/dev/snd/pcmC#D#c\x00', 0x2, 0x480)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x0, 0x2)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000080)={0x2, 0x0, 0x1e861341, 0x3ff, [], [], [], 0x7f, 0x9, 0x2, 0x4, "231df99ab58ad207c6a9bdae671c3404"})
r2 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
fallocate(r2, 0x0, 0xffff, 0x4)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f00000001c0)={{0xc9c3, 0x9}, 'port0\x00', 0x0, 0x0, 0x9, 0x7fff, 0x5, 0x6, 0x4, 0x0, 0x1, 0x40})
sendfile(r3, r2, &(0x7f0000000040), 0x10001)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000002c0)={<r4=>0x0, 0x8000}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000380)={r4, 0x2, 0x3f, 0x400}, &(0x7f00000003c0)=0x10)
fallocate(r3, 0x11, 0x0, 0x8001)
r5 = socket$netlink(0x10, 0x3, 0xffffffffffffeffc)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_cpus\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r5, &(0x7f0000000100)={0x2000})
sendmsg$nl_generic(r5, &(0x7f0000000300)={&(0x7f0000024000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000140)=ANY=[@ANYBLOB="080000002100ff8a000000000000000000000000cd880000560a4fde2d6891e84a9e128229416b5e460579fd3cb68cfcccea6f26720a5ee086d02ed9d8d312e554d7a94cbff8aa77e0d0b55f8f8e2416ebe23c927ab382b54322854fd4b4191a"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
socketpair$inet(0x2, 0xa, 0x4, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
fstat(r2, &(0x7f0000000440))
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000040)=0x1a, 0x4)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r1)

2018/03/31 16:37:29 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  120.028803] FAULT_INJECTION: forcing a failure.
[  120.028803] name failslab, interval 1, probability 0, space 0, times 0
[  120.040156] CPU: 1 PID: 8473 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  120.047255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  120.056601] Call Trace:
[  120.059183]  dump_stack+0x194/0x24d
[  120.062812]  ? arch_local_irq_restore+0x53/0x53
[  120.067475]  ? __save_stack_trace+0x7e/0xd0
[  120.071801]  should_fail+0x8c0/0xa40
2018/03/31 16:37:29 executing program 7:
r0 = accept4(0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000080)=0x80, 0x800)
open_by_handle_at(r0, &(0x7f00000000c0)={0x7e, 0x100000001, "e01387824f1943da2bbcab86968eafa7d41ca4691aa6de061daafd874fe82e55efbb5fdb8081011127eeede383ee17ad68d325f68d34126c80f1eeb057aa294f55d3db479ae4eff1285dd1c05e74d09c362ffff3c2a80d47f187e8bc21783023abcccd64c2d2c002f1cf7b78ca6372474f3df9a13cbb"}, 0x101000)
r1 = socket$alg(0x26, 0x5, 0x0)
close(r1)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000d36000)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000010c0)="ada951ef3a4ce6a9018680f658fc037cb0ead649093443e5999e060eea8a1721f97e01d7fc0728a3121f2b079b170a17cf", 0x31)

[  120.075513]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  120.080612]  ? kasan_kmalloc+0xad/0xe0
[  120.084500]  ? __kmalloc+0x162/0x760
[  120.088212]  ? ext4_htree_store_dirent+0x8b/0x580
[  120.093048]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  120.097887]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  120.102554]  ? exportfs_get_name+0x1a0/0x240
[  120.106966]  ? reconnect_path+0x1f1/0x670
[  120.111113]  ? exportfs_decode_fh+0x28a/0x5b0
[  120.115597]  ? do_handle_open+0x374/0x8a0
[  120.119719]  ? SyS_open_by_handle_at+0x27/0x30
[  120.124276]  ? do_syscall_64+0x281/0x940
[  120.128314]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  120.133660]  ? find_held_lock+0x35/0x1d0
[  120.137696]  ? __lock_is_held+0xb6/0x140
[  120.141739]  ? check_same_owner+0x320/0x320
[  120.146039]  ? rcu_note_context_switch+0x710/0x710
[  120.150946]  should_failslab+0xec/0x120
[  120.154893]  __kmalloc+0x63/0x760
[  120.158327]  ? str2hashbuf_unsigned+0x250/0x250
[  120.162973]  ? ext4_htree_store_dirent+0x8b/0x580
[  120.167792]  ext4_htree_store_dirent+0x8b/0x580
[  120.172435]  htree_dirblock_to_tree+0x4e8/0xa00
[  120.177085]  ? dx_probe+0x1070/0x1070
[  120.180862]  ? save_stack+0xa3/0xd0
[  120.184467]  ? kmem_cache_alloc_trace+0x136/0x740
[  120.189282]  ? ext4_readdir+0x2285/0x3600
[  120.193406]  ? iterate_dir+0x1ca/0x530
[  120.197266]  ? get_name+0x52a/0x730
[  120.200866]  ? exportfs_get_name+0x1a0/0x240
[  120.205245]  ? reconnect_path+0x1f1/0x670
[  120.209366]  ? exportfs_decode_fh+0x28a/0x5b0
[  120.213834]  ? do_handle_open+0x374/0x8a0
[  120.217955]  ? SyS_open_by_handle_at+0x27/0x30
[  120.222511]  ? do_syscall_64+0x281/0x940
[  120.226546]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  120.231883]  ? __lock_acquire+0x664/0x3e00
[  120.236095]  ext4_htree_fill_tree+0x2bb/0xcb0
[  120.240563]  ? print_irqtrace_events+0x270/0x270
[  120.245292]  ? do_split+0x1d30/0x1d30
[  120.249070]  ? __lock_is_held+0xb6/0x140
[  120.253106]  ? ext4_readdir+0x2285/0x3600
[  120.257228]  ? rcu_read_lock_sched_held+0x108/0x120
[  120.262220]  ? kmem_cache_alloc_trace+0x459/0x740
[  120.267034]  ? do_syscall_64+0x281/0x940
[  120.271066]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  120.276402]  ? percpu_ref_put_many+0x11a/0x220
[  120.280960]  ? free_rb_tree_fname+0x9c/0xe0
[  120.285259]  ext4_readdir+0x206a/0x3600
[  120.289207]  ? debug_mutex_init+0x1c/0x60
[  120.293332]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  120.298328]  ? __ext4_check_dir_entry+0x320/0x320
[  120.303146]  ? lockref_get+0x42/0x50
[  120.306837]  ? lock_acquire+0x1d5/0x580
[  120.310783]  ? lock_acquire+0x1d5/0x580
[  120.314733]  ? iterate_dir+0xc3/0x530
[  120.318512]  ? lock_release+0xa40/0xa40
[  120.322459]  ? check_same_owner+0x320/0x320
[  120.326753]  ? _copy_to_user+0xc0/0xc0
[  120.330616]  ? rcu_note_context_switch+0x710/0x710
[  120.335519]  ? __might_sleep+0x95/0x190
[  120.339467]  ? down_read_killable+0x95/0x180
[  120.343847]  ? iterate_dir+0xc3/0x530
[  120.347618]  ? down_write+0x120/0x120
[  120.351398]  iterate_dir+0x1ca/0x530
[  120.355089]  get_name+0x52a/0x730
[  120.358516]  ? bl_cleanup_pipefs+0x30/0x30
[  120.362729]  ? exportfs_encode_fh+0x100/0x100
[  120.367210]  exportfs_get_name+0x1a0/0x240
[  120.371420]  ? exportfs_get_name+0x1a0/0x240
[  120.375808]  ? get_name+0x730/0x730
[  120.379405]  ? up_read+0x40/0x40
[  120.382748]  reconnect_path+0x1f1/0x670
[  120.386701]  exportfs_decode_fh+0x28a/0x5b0
[  120.390995]  ? drop_caches_sysctl_handler+0x160/0x160
[  120.396162]  ? find_acceptable_alias+0x1e0/0x1e0
[  120.400891]  ? __fget_light+0x2b2/0x3c0
[  120.404840]  ? fget_raw+0x20/0x20
[  120.408266]  ? __check_object_size+0x8b/0x530
[  120.412736]  ? __might_sleep+0x95/0x190
[  120.416689]  do_handle_open+0x374/0x8a0
[  120.420639]  ? vfs_dentry_acceptable+0x10/0x10
[  120.425197]  ? SyS_write+0x184/0x220
[  120.428883]  ? SyS_read+0x220/0x220
[  120.432489]  SyS_open_by_handle_at+0x27/0x30
[  120.436868]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  120.441596]  do_syscall_64+0x281/0x940
[  120.445456]  ? vmalloc_sync_all+0x30/0x30
[  120.449580]  ? trace_event_raw_event_sys_exit+0x260/0x260
[  120.455093]  ? syscall_return_slowpath+0x550/0x550
[  120.459997]  ? syscall_return_slowpath+0x2ac/0x550
[  120.464903]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  120.470240]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  120.475059]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
2018/03/31 16:37:29 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x0, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:29 executing program 3:
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1c)
r0 = socket$inet(0x10, 0x3, 0x4)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000140)=0x2, 0x4)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080))
sendmsg(r0, &(0x7f0000014000)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa2830007a6008000000000000000683540150024001d0004c41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0)
fstat(r1, &(0x7f00000000c0))

[  120.480224] RIP: 0033:0x454e79
[  120.483387] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  120.491068] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  120.498310] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  120.505552] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  120.512797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  120.520040] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000001b
2018/03/31 16:37:29 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:29 executing program 6 (fault-call:2 fault-nth:28):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:29 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000000)={{{@in=@rand_addr, @in6=@mcast2}}, {{@in=@rand_addr}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000100)=0xe8)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000300)={<r2=>0x0, @in={{0x2, 0x4e22, @multicast1=0xe0000001}}}, &(0x7f00000003c0)=0x84)
sendmsg$nl_generic(r0, &(0x7f0000b3dfc8)={&(0x7f0000001580)={0x10}, 0xc, &(0x7f00000015c0)={&(0x7f0000000140)={0x20, 0x22, 0x105, 0x0, 0x0, {0x4}, [@typed={0x8, 0x0, @u32}, @generic="a3"]}, 0x20}, 0x1}, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f00000002c0)={r2, 0x50ea, 0x0, 0x1}, 0x10)
r3 = getpid()
r4 = accept4$inet(r1, 0x0, &(0x7f0000000400), 0x80000)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000280)={0x1000, 0xd0f, 0x204, 0x5, 0x6, 0x0, 0x200, 0x15, r2}, 0x20)
sendmsg$nl_generic(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x88020}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000001900000426bd7000fbdbdf251100000008002600", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x40051}, 0x40)

[  120.691544] netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'.
[  120.704432] FAULT_INJECTION: forcing a failure.
[  120.704432] name failslab, interval 1, probability 0, space 0, times 0
[  120.715687] CPU: 1 PID: 8518 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  120.722775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  120.726493] netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'.
[  120.732112] Call Trace:
[  120.732130]  dump_stack+0x194/0x24d
[  120.732146]  ? arch_local_irq_restore+0x53/0x53
[  120.732157]  ? __save_stack_trace+0x7e/0xd0
[  120.732174]  should_fail+0x8c0/0xa40
[  120.732186]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  120.732197]  ? kasan_kmalloc+0xad/0xe0
[  120.751396]  ? __kmalloc+0x162/0x760
[  120.751410]  ? ext4_htree_store_dirent+0x8b/0x580
[  120.751420]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  120.751429]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  120.751441]  ? exportfs_get_name+0x1a0/0x240
[  120.751450]  ? reconnect_path+0x1f1/0x670
[  120.751458]  ? exportfs_decode_fh+0x28a/0x5b0
[  120.751464]  ? do_handle_open+0x374/0x8a0
[  120.751474]  ? SyS_open_by_handle_at+0x27/0x30
[  120.808048]  ? do_syscall_64+0x281/0x940
[  120.812106]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  120.817470]  ? find_held_lock+0x35/0x1d0
[  120.821524]  ? __lock_is_held+0xb6/0x140
[  120.825565]  ? check_same_owner+0x320/0x320
[  120.829863]  ? rcu_note_context_switch+0x710/0x710
[  120.834787]  should_failslab+0xec/0x120
[  120.838753]  __kmalloc+0x63/0x760
[  120.842186]  ? str2hashbuf_unsigned+0x250/0x250
[  120.846829]  ? ext4_htree_store_dirent+0x8b/0x580
[  120.851649]  ext4_htree_store_dirent+0x8b/0x580
[  120.856294]  htree_dirblock_to_tree+0x4e8/0xa00
[  120.860940]  ? dx_probe+0x1070/0x1070
[  120.864716]  ? save_stack+0xa3/0xd0
[  120.868314]  ? kmem_cache_alloc_trace+0x136/0x740
[  120.873128]  ? ext4_readdir+0x2285/0x3600
[  120.877266]  ? iterate_dir+0x1ca/0x530
[  120.881138]  ? get_name+0x52a/0x730
[  120.884740]  ? exportfs_get_name+0x1a0/0x240
[  120.889119]  ? reconnect_path+0x1f1/0x670
[  120.893246]  ? exportfs_decode_fh+0x28a/0x5b0
[  120.897722]  ? do_handle_open+0x374/0x8a0
[  120.901843]  ? SyS_open_by_handle_at+0x27/0x30
[  120.906396]  ? do_syscall_64+0x281/0x940
[  120.910431]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  120.915775]  ? __lock_acquire+0x664/0x3e00
[  120.919984]  ext4_htree_fill_tree+0x2bb/0xcb0
[  120.924451]  ? print_irqtrace_events+0x270/0x270
[  120.929178]  ? do_split+0x1d30/0x1d30
[  120.932961]  ? __lock_is_held+0xb6/0x140
[  120.937004]  ? ext4_readdir+0x2285/0x3600
[  120.941132]  ? rcu_read_lock_sched_held+0x108/0x120
[  120.946118]  ? kmem_cache_alloc_trace+0x459/0x740
[  120.950931]  ? do_syscall_64+0x281/0x940
[  120.954975]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  120.960329]  ? percpu_ref_put_many+0x11a/0x220
[  120.964906]  ? free_rb_tree_fname+0x9c/0xe0
[  120.969216]  ext4_readdir+0x206a/0x3600
[  120.973163]  ? debug_mutex_init+0x1c/0x60
[  120.977292]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  120.982281]  ? __ext4_check_dir_entry+0x320/0x320
[  120.987095]  ? lockref_get+0x42/0x50
[  120.990785]  ? lock_acquire+0x1d5/0x580
[  120.994730]  ? lock_acquire+0x1d5/0x580
[  120.998675]  ? iterate_dir+0xc3/0x530
[  121.002460]  ? lock_release+0xa40/0xa40
[  121.006414]  ? check_same_owner+0x320/0x320
[  121.010710]  ? _copy_to_user+0xc0/0xc0
[  121.014573]  ? rcu_note_context_switch+0x710/0x710
[  121.019476]  ? __might_sleep+0x95/0x190
[  121.023426]  ? down_read_killable+0x95/0x180
[  121.027807]  ? iterate_dir+0xc3/0x530
[  121.031578]  ? down_write+0x120/0x120
[  121.035361]  iterate_dir+0x1ca/0x530
[  121.039048]  get_name+0x52a/0x730
[  121.042472]  ? bl_cleanup_pipefs+0x30/0x30
[  121.046680]  ? exportfs_encode_fh+0x100/0x100
[  121.051158]  exportfs_get_name+0x1a0/0x240
[  121.055363]  ? exportfs_get_name+0x1a0/0x240
[  121.059751]  ? get_name+0x730/0x730
[  121.063348]  ? up_read+0x40/0x40
[  121.066691]  reconnect_path+0x1f1/0x670
[  121.070642]  exportfs_decode_fh+0x28a/0x5b0
[  121.074936]  ? drop_caches_sysctl_handler+0x160/0x160
[  121.080098]  ? find_acceptable_alias+0x1e0/0x1e0
[  121.084828]  ? __fget_light+0x2b2/0x3c0
[  121.088776]  ? fget_raw+0x20/0x20
[  121.092203]  ? __check_object_size+0x8b/0x530
[  121.096670]  ? __might_sleep+0x95/0x190
[  121.100624]  do_handle_open+0x374/0x8a0
[  121.104569]  ? vfs_dentry_acceptable+0x10/0x10
[  121.109124]  ? SyS_write+0x184/0x220
[  121.112809]  ? SyS_read+0x220/0x220
[  121.116410]  SyS_open_by_handle_at+0x27/0x30
[  121.120791]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  121.125521]  do_syscall_64+0x281/0x940
[  121.129379]  ? vmalloc_sync_all+0x30/0x30
[  121.133500]  ? _raw_spin_unlock_irq+0x27/0x70
[  121.137970]  ? finish_task_switch+0x1c1/0x7e0
[  121.142437]  ? syscall_return_slowpath+0x550/0x550
[  121.147337]  ? syscall_return_slowpath+0x2ac/0x550
[  121.152241]  ? prepare_exit_to_usermode+0x350/0x350
[  121.157228]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  121.162566]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  121.167381]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  121.172549] RIP: 0033:0x454e79
[  121.175715] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  121.183398] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
2018/03/31 16:37:30 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
dup3(r0, r2, 0x80000)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:30 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:30 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x0, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:30 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
syz_open_dev$sndmidi(&(0x7f0000000280)='/dev/snd/midiC#D#\x00', 0x3, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000004c0)=ANY=[], &(0x7f00000001c0))
inotify_init1(0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000002e40))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x0, 0x0)
splice(0xffffffffffffffff, &(0x7f0000000080), 0xffffffffffffffff, &(0x7f0000002dc0), 0x0, 0x0)
sched_getaffinity(0x0, 0x6e84f782, &(0x7f0000002e00))
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00001bb000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000001c0)=""/246)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000002c0)={'syzkaller1\x00', <r2=>0x0})
connect(r0, &(0x7f0000000300)=@ll={0x11, 0xd, r2, 0x1, 0xaf, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x80)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000380))
ioctl$EVIOCGREP(r1, 0x4004743c, &(0x7f00001bbf52)=""/174)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000040))
close(r1)
process_vm_writev(0x0, &(0x7f0000001a80)=[{&(0x7f0000000700)=""/67, 0x43}, {&(0x7f0000000780)=""/172, 0xac}, {&(0x7f0000000a80)=""/4096, 0x1000}], 0x3, &(0x7f0000002d80)=[{&(0x7f0000002b40)=""/154, 0x9a}, {&(0x7f0000002c00)=""/211, 0xd3}, {&(0x7f0000002d00)=""/90, 0x5a}], 0x3, 0x0)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000440), &(0x7f0000000480)=0x8)
mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000100))
symlink(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000200)='./file0/file0\x00')
unlink(&(0x7f0000000000)='./file0/file0\x00')

2018/03/31 16:37:30 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
dup(r0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x331, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:37:30 executing program 7:
sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0x3e85)
clock_gettime(0x0, &(0x7f0000000040))
futex(&(0x7f0000000000), 0x1, 0x0, &(0x7f0000000300), &(0x7f0000000340), 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)="2f6578650000000000ff070000ddd9f191be10eebf000ee9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f349572d226d7a075fb35331ce39c5a3568641006d7c0206a74e333265316a175350e730ab2bce682b69d603fc05ead7fb5180de13a74155d8560fe23dfbba10724631067f955b8810f3402053f95a8798b0e3749d9c79cdd5f62547e59ab4352ab0a3827384665fd2c16ea53e5e2a1dc065b53520b9cd4eb30edc0f70cb82149f8ff5b628eabf1a9ab91915a78b5cb259f4a0fbfab4dacbd68f077")
r1 = dup(0xffffffffffffffff)
setsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x0)
writev(0xffffffffffffffff, &(0x7f0000001980), 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000005180)={&(0x7f0000004ac0)=@can, 0x80, &(0x7f0000000440), 0x0, &(0x7f0000001880)=""/93, 0x5d}, 0x10000)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f00000000c0)=<r2=>0x0)
r3 = geteuid()
lstat(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={r2, r3, r4}, 0xc)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(0xffffffffffffffff, 0xc0a85322, &(0x7f0000001a40))
sendmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000780)}, 0x0)
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYRES32=0x0], &(0x7f0000001480)=0x1)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000014c0)={0x0, 0x0, 0x401}, &(0x7f0000001600)=0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000001740)={0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001640)=""/208, 0xd0}, 0x10000)
getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000140), &(0x7f0000000480)=0x6)
mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000001a00)='9p\x00', 0x0, &(0x7f00000019c0))

2018/03/31 16:37:30 executing program 6 (fault-call:2 fault-nth:29):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:30 executing program 3:
r0 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"64596df17c0e4200", 0x4000000000000401})
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x5)
r1 = inotify_init1(0x200080000)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f000045fff8)={0x0, <r2=>0x0})
ptrace$setopts(0x4206, r2, 0x0, 0x0)
ptrace(0x4207, r2)
ptrace$getregset(0x4204, r2, 0x202, &(0x7f0000000140)={&(0x7f0000000100)})

[  121.190642] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  121.197884] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  121.205124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  121.212364] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000001c
[  121.267451] 9pnet_virtio: no channels available for device ./file0/file0
[  121.287769] FAULT_INJECTION: forcing a failure.
[  121.287769] name failslab, interval 1, probability 0, space 0, times 0
[  121.299155] CPU: 0 PID: 8546 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  121.306241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
2018/03/31 16:37:30 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  121.315576] Call Trace:
[  121.318168]  dump_stack+0x194/0x24d
[  121.321800]  ? arch_local_irq_restore+0x53/0x53
[  121.326462]  ? __save_stack_trace+0x7e/0xd0
[  121.330785]  should_fail+0x8c0/0xa40
[  121.334499]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  121.339597]  ? kasan_kmalloc+0xad/0xe0
[  121.343369] 9pnet_virtio: no channels available for device ./file0/file0
[  121.343472]  ? __kmalloc+0x162/0x760
[  121.343488]  ? ext4_htree_store_dirent+0x8b/0x580
[  121.358813]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  121.363640]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  121.368304]  ? exportfs_get_name+0x1a0/0x240
[  121.372703]  ? reconnect_path+0x1f1/0x670
[  121.376865]  ? exportfs_decode_fh+0x28a/0x5b0
[  121.381351]  ? do_handle_open+0x374/0x8a0
[  121.385496]  ? SyS_open_by_handle_at+0x27/0x30
[  121.390062]  ? do_syscall_64+0x281/0x940
[  121.394116]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  121.399467]  ? find_held_lock+0x35/0x1d0
[  121.403519]  ? __lock_is_held+0xb6/0x140
[  121.407572]  ? check_same_owner+0x320/0x320
[  121.411878]  ? rcu_note_context_switch+0x710/0x710
[  121.416790]  should_failslab+0xec/0x120
[  121.420740]  __kmalloc+0x63/0x760
[  121.424171]  ? str2hashbuf_unsigned+0x250/0x250
[  121.428829]  ? ext4_htree_store_dirent+0x8b/0x580
[  121.433665]  ext4_htree_store_dirent+0x8b/0x580
[  121.438320]  htree_dirblock_to_tree+0x4e8/0xa00
[  121.442965]  ? dx_probe+0x1070/0x1070
[  121.446747]  ? save_stack+0xa3/0xd0
[  121.450355]  ? kmem_cache_alloc_trace+0x136/0x740
[  121.455171]  ? ext4_readdir+0x2285/0x3600
[  121.459295]  ? iterate_dir+0x1ca/0x530
[  121.463155]  ? get_name+0x52a/0x730
[  121.466763]  ? exportfs_get_name+0x1a0/0x240
[  121.471157]  ? reconnect_path+0x1f1/0x670
[  121.475288]  ? exportfs_decode_fh+0x28a/0x5b0
[  121.479765]  ? do_handle_open+0x374/0x8a0
[  121.483894]  ? SyS_open_by_handle_at+0x27/0x30
[  121.488451]  ? do_syscall_64+0x281/0x940
[  121.492484]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  121.497823]  ? __lock_acquire+0x664/0x3e00
[  121.502040]  ext4_htree_fill_tree+0x2bb/0xcb0
[  121.506518]  ? print_irqtrace_events+0x270/0x270
[  121.511247]  ? do_split+0x1d30/0x1d30
[  121.515037]  ? __lock_is_held+0xb6/0x140
[  121.519092]  ? ext4_readdir+0x2285/0x3600
[  121.523215]  ? rcu_read_lock_sched_held+0x108/0x120
[  121.528207]  ? kmem_cache_alloc_trace+0x459/0x740
[  121.533028]  ? do_syscall_64+0x281/0x940
[  121.537078]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  121.542433]  ? percpu_ref_put_many+0x11a/0x220
[  121.547000]  ? free_rb_tree_fname+0x9c/0xe0
[  121.551313]  ext4_readdir+0x206a/0x3600
[  121.555263]  ? debug_mutex_init+0x1c/0x60
[  121.559387]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  121.564381]  ? __ext4_check_dir_entry+0x320/0x320
[  121.569206]  ? lockref_get+0x42/0x50
[  121.572908]  ? lock_acquire+0x1d5/0x580
[  121.576854]  ? lock_acquire+0x1d5/0x580
[  121.580807]  ? iterate_dir+0xc3/0x530
[  121.584584]  ? lock_release+0xa40/0xa40
[  121.588531]  ? check_same_owner+0x320/0x320
[  121.592837]  ? _copy_to_user+0xc0/0xc0
[  121.596714]  ? rcu_note_context_switch+0x710/0x710
[  121.601633]  ? __might_sleep+0x95/0x190
[  121.605600]  ? down_read_killable+0x95/0x180
[  121.609997]  ? iterate_dir+0xc3/0x530
[  121.613782]  ? down_write+0x120/0x120
[  121.617561]  iterate_dir+0x1ca/0x530
[  121.621256]  get_name+0x52a/0x730
[  121.624688]  ? bl_cleanup_pipefs+0x30/0x30
[  121.628906]  ? exportfs_encode_fh+0x100/0x100
[  121.633390]  exportfs_get_name+0x1a0/0x240
[  121.637597]  ? exportfs_get_name+0x1a0/0x240
[  121.641982]  ? get_name+0x730/0x730
[  121.645582]  ? up_read+0x40/0x40
[  121.648929]  reconnect_path+0x1f1/0x670
[  121.652890]  exportfs_decode_fh+0x28a/0x5b0
[  121.657194]  ? drop_caches_sysctl_handler+0x160/0x160
[  121.662371]  ? find_acceptable_alias+0x1e0/0x1e0
[  121.667109]  ? __fget_light+0x2b2/0x3c0
[  121.671066]  ? fget_raw+0x20/0x20
[  121.674501]  ? __check_object_size+0x8b/0x530
[  121.678990]  ? __might_sleep+0x95/0x190
[  121.682953]  do_handle_open+0x374/0x8a0
[  121.686902]  ? vfs_dentry_acceptable+0x10/0x10
[  121.691467]  ? SyS_write+0x184/0x220
[  121.695159]  ? SyS_read+0x220/0x220
[  121.698771]  SyS_open_by_handle_at+0x27/0x30
[  121.703167]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  121.707910]  do_syscall_64+0x281/0x940
[  121.711779]  ? vmalloc_sync_all+0x30/0x30
[  121.715901]  ? _raw_spin_unlock_irq+0x27/0x70
[  121.720370]  ? finish_task_switch+0x1c1/0x7e0
[  121.724838]  ? syscall_return_slowpath+0x550/0x550
[  121.729744]  ? syscall_return_slowpath+0x2ac/0x550
[  121.734648]  ? prepare_exit_to_usermode+0x350/0x350
[  121.739649]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  121.744996]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  121.749823]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  121.754983] RIP: 0033:0x454e79
[  121.758153] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
2018/03/31 16:37:31 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:31 executing program 7:
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000001ff0)={0x1d}, 0x10)
io_setup(0x1000, &(0x7f0000000040)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x0, r0, &(0x7f0000000080)="070000008cf46cfde19a4e3bcfbdbedee32e68b3a251fd2cfd09684d9c7afae320bbf22a2ce3cb58fa63c42a238cb85f1023fa813c9a0e46", 0xff0e}])

2018/03/31 16:37:31 executing program 3:
getpgid(0xffffffffffffffff)
fcntl$getown(0xffffffffffffff9c, 0x9)
r0 = syz_open_procfs(0x0, &(0x7f00000007c0)='net/hci\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f0000000680)={0x6, &(0x7f0000000200)=""/91, &(0x7f00000005c0)=[{0x6, 0xe1, 0x1, &(0x7f0000000280)=""/225}, {0x100, 0x73, 0x1f, &(0x7f0000000380)=""/115}, {0x2, 0x2c, 0x0, &(0x7f0000000100)=""/44}, {0x3, 0x78, 0x8, &(0x7f0000000400)=""/120}, {0x8001, 0x9d, 0x7, &(0x7f0000000480)=""/157}, {0x5, 0x4f, 0x1000, &(0x7f0000000540)=""/79}]})
sysfs$1(0x1, &(0x7f0000000180)='%\x00')
ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0x5, 0x65, 0xffffffff, 0x81, 0xfff, 0x3, 0x9, 0x10001, 0x81, 0x8, 0xffff, 0xde})
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000040)={0x81, 0x8, 0x0, 0x2, 0x0, 0x0, 0x5, 0x100000000})
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000740)=r1)
ioctl$DRM_IOCTL_RES_CTX(r1, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})
stat(&(0x7f0000001580)='./file0\x00', &(0x7f00000015c0))
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000700)=0x5, 0x4)
getsockopt$netlink(r0, 0x10e, 0xb, &(0x7f00000001c0)=""/1, &(0x7f0000000780)=0x1)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000008c0)={'vlan0\x00', 0x600})
connect$unix(r1, &(0x7f0000000940)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000800)=@assoc_id=<r2=>0x0, &(0x7f0000000840)=0x4)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000900)={r2, 0x1f}, 0xc)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000)=0xc83c, 0x4)
setsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0), 0x0)

[  121.765845] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  121.773093] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  121.780342] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  121.787589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  121.794841] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000001d
[  121.814604] PPPIOCDETACH file->f_count=2
2018/03/31 16:37:31 executing program 6 (fault-call:2 fault-nth:30):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:31 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:31 executing program 4:
r0 = syz_open_dev$sg(&(0x7f000028fff7)='/dev/sg#\x00', 0xffffffffffffffff, 0x10300)
r1 = msgget(0x2, 0x0)
getsockopt$nfc_llcp(r0, 0x118, 0x4, &(0x7f0000000740)=""/223, 0xdf)
getsockopt$ipx_IPX_TYPE(r0, 0x100, 0x1, &(0x7f0000000100), &(0x7f0000001140)=0x4)
r2 = accept4$nfc_llcp(r0, &(0x7f0000000fc0), &(0x7f0000000080)=0x60, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, "386aea20273dc03c3d18dd0dbd4a0ca15f9f580393cc4ec3b8ee256b9aa630224ba64c6ff43ee01d2996c914"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "eda422cd37591b3a5a7a683380f7e0b9e790c6b72cd0a4f3342f7431c1699a305ca3091bb2320e8df4e298a2cca26637866a68c1426ffbd8a6c7da1d8ea77d9d", &(0x7f00000000c0)='/dev/snd/controlC#\x00', 0x13})
ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000400))
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/net/pfkey\x00', 0x800, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000009000)='/dev/dsp\x00', 0x0, 0x0)
ioctl$int_in(r4, 0x800000c0044dff, &(0x7f0000000000)=0x1ffff)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
add_key$user(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000500)="d3238eea76b0470531092a0a77b0b49789a0fc97b8f8b9e23a2a5a5a0c169ed6e83480b4801dbf79db3527904ee3128c05ce2806e210237c36b88ceabe99d8784860e5d0e91fe33d38d0133e056cdd1e2910d57fc5eb1b23db3b60a7077ff33bb6c7445cd258ee25f9187269c22d1ed05acb2b9b599bd285b692257a631754", 0x7f, 0xfffffffffffffffe)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000780)=[{&(0x7f0000000840)="ed", 0x1}], 0x1, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_open_dev$sg(&(0x7f0000d08ff7)='/dev/sg#\x00', 0xfffffffffffffffd, 0x40a85)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000240)={0xfffffffffffffff7})
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000280)='tls\x00', 0x4)
write$fuse(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="ef18235caf3f0377f216abb280a9de72e9e19379c86c0986b0f03efa80feba55ba925a962dec098b6df2739b5db92710340ae6bf9061ba0e12151f6b80b1d7e6b3fe59ca8cd5f18c89d8eaafcd4611e6b45909132d28fb4b0abfa3b7f39ec76ac466bf2d75dd32dc3d68526a6732f2e066a5c3f09ad7006ff6211def0030dacc2d7472482634be5c1011bf4b15605fb51b6124c912e8", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYPTR64, @ANYRES64=r1, @ANYRES16, @ANYRES32, @ANYPTR=&(0x7f0000002280)=ANY=[@ANYPTR64, @ANYBLOB="5334c8fc50f752a987c5c06a82bbc291a1eaa6257f3eafda8441f7738f1f9020fdcd45460afc61cc68d2566c6108f991c633ac93bf7ba0cc7f7ae8ecfa586a5474bb9ff469306bfc17b52c8d4e8c8eaf5005612d6b31cc5d30b8c4a6fa1d63129393ae3bca2ce93f4fd12ed946283014d19dcf5dc3705f126d5fe1fd2621f98d254fb83711c70aa62fcf62049cad9b4c3e8fd38180dbd1200bdc3dffbe2188b0dfc568992075bbe7de41d2d963b9b98f91325196f4d9722b1c909a7fc794711e8561d3f1f90bef23163936180fd9c1703b564c18270eca8e6bac9dbacd730a3dd0c0ddeb60e93804835bfa5ed45b6ba42eb4d556b8fae1373aed5e6da0f448a189f6795c59eaba7dcb70ff1586b048722fa0bbf8910639b3b2666193cd97e420cc2fe5f1cbfda0befcad805b55f1a955d22f4363b77e570cc88741be7e87f6b955d3fb452e4c7bc35352b01a867e60219214ede2fbd42cf672c1318d8a3b13cbf275492e6a03b9094ffb85b90cf2555242840964f3f157e02f9a4136978110e9dbd8a9619b71fb9b326904f4bf18fef55868010f1ac33dad57bba0947bc68ca0c0731a7a985202668b6e26b0496da8ae5de96282f282d1cf7a9c66d661b0791436d48dc14b39c7e981e82f69cf30d928bc44e51c54109c108918ddc81d024d7ec1a3a95a5a0fbec08903bbf851ca3da0858a724593062276de41c8ed321d767887087df23e1d39d9b58d3837c3d7a2482718f9d4bdf5a00b801db1b75b19f5dcdb5037dbc87117a4ddb0272b15af628af9339eba4f6edaa3c14464c0f2a6b13495420ebe789bcf9c274e6f75221f13bbba12badb71036f9cd8278b9f867de8b3555b113ed94d7db4bc322bb3484dccb5b5989bc86c19dd3e4a466f15d99d13531f88cb136154bdc0b28606a33e9012d71d876b68dc3c3d7b151b56fe4d2a6d73b1f75c6b3f86c055638449ef200975dca521a186ac65b0331f4f1421cdad7f3c420b242caedcc120a1a976acfe91c44bb206315131ab4c354862e5558bc8beff77747bf6e35fb7cbe0ec1c7a76b84f8c0e952429362c2fc99cc602791ada7a1c66ed2492bb4fee01b8b11a2ca7ecac08abd99f71ccb048566a500d00cb34f627aafb09f3dfad19b744b736c1901c8a303327695fe9920083507a6bf49f1fec334bd61ffea488735dfebc5ad30a8985bc0f6a6bc09cb1346f13c52b813b0cd83d114fcff018541053a2451300301b1dc5f84a2d6d99e59a8a67c50cd8daeccba2c50682f3e58263ec8292b9608648f344852b354a67aa19cc9ab558ff91cdc635dc7dad4bff879fd957406c7d32169411d32a34d56752ef4f0b89666eff2ea509211323ffc2c14b70181d06bcf1bbe2e00d2d0f7b9f235b67cdc22c467e9f4c57a56e89be1667798496ba210c0f8681809740025810ff2910bd7c3892bb38c3764ce7c288d705c97016148d1e689e1e887cdc2000e2dc389aeaab939aca3e99b9dc31a55cb26c8f175e037bbea3d0227f53c3de9b4cd4dc82c36ea75289860c72bdbfdcc072bebd1cb205c6fe519ec7a9d55693d6d3e8665dd6e4f2348997c2bd7fe60cb3e8b4ab082c0966370259be8f992b44abcb688bec1c135db7dde04249dba8adb866cc8355d9d6a0b09a1f508b956bb8b788289021651d625588d4b76967a43ef1057a65f43e9e25f4d8b95865bb5a6661a05a98ddb3a4be20396542475a21f7ea8bffeeb8bc2567a4b9469ebae3be26761e4b8c5fd16cdbc76f77c1861f9e40e799278ec4430900a75c99f54ba4cfdbfd6f0dc4e5c41d7b767093cf70a0a1b5dffe31a1afbd222c6bb20b4de444f967fecbe32af51ff3d5aec01214cb860ea16cb3e80e89cb96f7c9e22c23ee45a4efa5d427e786fbbdbb469e8fec9cf50c136aa9e2f806b8ef9e71ef4f88868c9739f8265fe250d802f3c8b703b9f350c1029c81ac88d829872d489ed9a4c288b4dc345ee3be9ee8d9231e7bb98f7f1fb5b575def2d1ebd5ae13e008574c37e8fb94e1033deb82f96249fdaf56c289a8f3b698a1f3c057dabff16ddf0e91c7d4d265daa33ae979ba6a1f6001b0f669b58a4a7eb5b1ad3a22c6a5ee3c572b3b92878e90cf2589557ec8fd419084e963c166b10cf981370ef28acd611063bc47b154e9a892b2f429799b09927422ced1c8511bdb840ee71b25319aae8c04a5a39bd5771c32ee81ac3923912c9a57146ef867f829bf1654421325afc769a3f221f99689418f0f4fdb4cf8dc76682f84c95dcf63050d4dac7e401ccacacd1f1084dcf865236ad3f2b682f08259aab2c6d56d4f2011feefd0f86565215c66d68b35d071c2e578b9467283bd21f786379381f32d118ea0edfb1da26497c6ee9d38e343fe510149bb7495597d019d6614ca09f6c5bb079fc15a9e88c0609a9c760097e03cca8a810850973bccf37a05a2cb11ade0864e8f4e43168320a122b9bf408f94fa3515e6419ec94e7f7d83cf7ea006e3403ff55d537b632b1e799760e1107ecf791e393489a39c2c54e05636c8cc23ebef45ee22f8a733c79f90e14bcc888a2b2eb3bb351cec9ac0e352d413cf4cffc492bf021c20a63dd1a0c74a723811f82d1ede17744c7625afefed1e3e2b2911c0397e23691ed393e44d9f39105d7a289838ccd213d132709bbc933a5d9c90b02692d764550b82b0d9af5c3564f7970aced44eebf529e5efeb3a13e16f7aa1124371dd75ce864312097b860424aa26d826e3d2e5b68873f6da5daa3656da3a2eef5768fbe442c12d85f8eff1ecef9a57a130bee266811132a17b88179e55695159e3d84b3609e07a1f69159153aa6453c58a15e4324ded2cf0a73e1ddb493f6045496f1408b82c7378625f85da1bb689027821423349d574c5751c28ed226bb8718612bf2df4e17d5b1dc1bf64c78fa0f651cae8290c71619ee7ff929242363d1476ad686de3570f6165d28e2b3f0ade8653238e28a6762406cfe258ce5b9cd25ede2bd798ac5b68b07d50fe81fa72db65a9e210d65e474d2feddf145bdf2f437ab31350e1fbec58a2366a203e033f2b869daf0952d7b7bcd36adbf68c79668f72c7fe0d02496cf9159b017c84619c9aa8cdb26d851e628f0ae6f1ee33a87384a889e8e0336207b412a4287856665f1726557ad2ced6f9441d075299a4b2c407a6c242bdd237797697c2d8eeed298a39c21bc950057d7c643741619bc9e62b5881d619b6d12d6a9090886e2dbb142c825e974bb8cf7c4d86f17a00c69aa525ad4fbd7fc0048de85d34260fb89eedba4bf43b1094c87d8c1d4a4f98c6612fd83d817c9f59366d22f5824009b952d2d2ca374a8b93a90bada68fdfe8a10ccc45ed1fc54880e2a30aa2427f664239ded96b4c7d185f613b4888bd90d387c64e1e5ecbab9805087d910fecc0cf2be1e4695a722e6f496dcd96ac3cf40a7eef8b0203bd45a0cc2af815895c9bb54d2f9e7293ae50de735a786e1be803ba40a7ae735dd427f01c8b58b246dcaa1f024cadd10cbc745cfcb165d2a270a5df8514e61785a9feb9d0dd5187d2f37a3db6903bbd93dbf4ad37e6b82665b1aaa447698f3bceaba09197d7488f85dfbe458546f0bf513b54bccf3f452345ee3bbec407f5421cd9c6922ffb91a9d37ee16becb534fcc7dd0da0e64116c089d9bc3eae0d083e132fcc87469da8f8ab865fe0eb71c6839ec89760d1a72499129cc05de50391331814a75f934cd57f2609ef65c3bdc356486640087ccab717d0175ea85465a5974bf15e3c455442b9a4a67f50384f56ef14af9593c2117adf30f7ec52626e17227ed01f96dd2cc5ddf7120e8236bdf9698857e0d4c872a11c1c593ff383a9cb71d172d928761fb5e11e9939013c3b1a8ad907b737c77ad3a6e234bcbf7ae17bf14cc0d0c53ef79ebe75d8dbc61e8954119d2358080ba8950d5a3dce70c930f7cb2f5ada02af8052b13c01b32729a9062ae49c5e0d16b63ad89a6bd1ad782eba7467da2434ef3146f936ea16b3152a660d697254996106f4d5c7dbd07a109f793ba38920ca731dbb8d574cb2ab2bd79842012ff81d8dc31a0d30ece7fbaad29c1f0575e14d32fe12b4299a0aed19f92f1491af60602f10995c71a009b5ff69e270a505e6000c0ab2154cf7271747421ff08b8701f205c3e05f04f43e46b268289371904eefca2f3470617001a5a43540e25ac95cb340e8da6b6cd6fbaf8f0203e7894e9f61b66c7d445f9bbf812d628337bd4e8a3889b2683d9eaf6cc0c78a597855849fbc40440ce293a204e7a05f4bd6647a301a330c8d4bfa69e259b5a98b58cfe2c3253300be1f6af5f21ca068a38a7980384d5c28ef6e993fbbf4cfd71d63ff0c8c7a996f6881b4458ad3f926ffc731dc3721e65504e86adcc99cc7fb42ecb6672b2577b28dc7c84118870b4b5d0c17973757b12b44213e02b10000001366eea2c08ff5d553a0edee316d429b91ed5a5a31b18c782258a26459cff50f3c4ced58428f034126e2be2437a198d6bc074604ed5bc0ba6dda520cf66a3365aa4db3a6cc4223ca3cef0935d5244f813320580f4890aebb8be663d529b778ebc65b08f11f97efc8470c22cde6a8366859f60129f0ff156700755b3cbf6c52594b4ec9571c2b6e834e5cbe4314e7d2f9cf291c8bd08dcc6c0de31dffa40f1d7a6e27eb1862cdbb233cda7ff56655b881caa783110d47f8e9855d08eb1917ae1314afb0b78b98d520da78a9e976c56cd974fc53a8af6d11090e07d240f72fe962f66ab64453f46c154ab5700405b574174c8802a27518841379c145a2e7251b0de00f0f7037ce0cc0e80497b2e1b802178c67f19ae6d804dc8022f2291aa41be5f8024cb0d7462faeee0bbe9ba99bfc0ff9c87f8f20e3d3725942b8176efa5c1ca5be42f1a3964f968248abcc1c96e46f09336d7e19eafdb02288a1b461adbc92826218769c0caabbeb78ce5f7ffc5397f13b3d56241ea9a3f1e21710e7e0d84afa09576158009971d9a17f103b284fc2ff5134ca6426dd83d04583d58a5606c385562a0f90946d2b70012163b10c37b1ebfe76dae391022b84acdb25999b969bdb94033751f62164555b59b77a1b1b969c624f116df715198075382b16d948a397c2878c3262d64fa8bd749307828961b77b0a728498014fa9ecba58a564014a7bc6b81cd681a6cf0de3a49f5791b073ddc2d234a33b8c2c2bdef7b3524a5b8d900d9f3ff60fc87276bfdee6f8f2c17fe5048fc64946aeb06333969294cf9bc441d6ffa07575e7bbdc350c54de6a3c49d30dea68685624175ec36032d868f3f186a06ac52f452e1fef24799cca1cc022802523a86b725f4aa8daa93ba11a8d41f24b6deee39c410146553be605f61c2538524be7bd19ba064c2bad757b6f8ef910b2f7000d87f11972d97a59fadad73ae3dd6673a03e4ff812d3d64b1b29f8fe0cf4f09671d25a4938a67ac2ced004ef92ddbdf336665e22dab0971824cc7566e466ba6b3cdb7b63753eb94c12e9d218ccb44d5719fecee332c6bc19a325fcf789a2936c3f40bc3e2928e220ae5ee6cbf1ffd7c663cf6a2b2d15cebdb706a4c4228d7a5ecc785c66a4d5c76e78bf23cf89e4b64fac0819d67a49ffd616e254b8ea9b48e3bbb55cf866d3389c4809e7e74c437974b9fa89617d22d8f479fa781c58e27d213675160d1bf57642ebdb7f8058783a519e3322ae42e24e9340e602b925ccd5faee9b204e56677553d79e2a870972da8dd1b60e9a44fe6daae06212c2e47a44ef7d0caf3c4ef7f7ca0c5fde972c7e3011eb0b3713a2148edb06b66d5a9cfb53027f4bf900000000000000000000002f61c72924555e44db82a8f33359ce18fc30a25caf38a46fb52533ad832693e98d3b433862bcbbd9eeff78e52493e230782c1512f8e4017ec222469cc56c1e390fe57fb96e8c8fd60bee73799071413b9cae36b8dc9f09cb61ddd22e195c7a75e368e62e0aea79c126b16d2fbb73a041a092123777242e4fb464980adfb79c528e09704ced96c8f2f616aef280f786f28a61130135387e86ae14209a5c96efbe07befc4a5c63be675b4dc94596d5b07f872131a007fe2b3fa2aea90dfdcb1178de947186b21b11fa10ad86d9ba"]]], 0x9e)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000005fd8)={'vcan0\x00'})
setsockopt$inet_sctp6_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f0000000380)=0x346000000, 0x4)
socket$can_raw(0x1d, 0x3, 0x1)
open_by_handle_at(r6, &(0x7f00000002c0)={0x1f, 0x3, "a8c67324dbabf13fec6476cea2ead26724fa663431b7c2"}, 0x2802)
syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x0, 0x0)
ioctl$KVM_GET_PIT2(r6, 0x8070ae9f, &(0x7f0000000300))
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

2018/03/31 16:37:31 executing program 3:
r0 = syz_open_dev$random(&(0x7f00000016c0)='/dev/random\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f000060c000)='oom_score_adj\x00')
poll(&(0x7f00000014c0)=[{r0, 0x8000}, {r1}, {r0, 0x2320}], 0x3, 0x232)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f00000000c0)=<r2=>0x0)
read(r0, &(0x7f0000001640)=""/107, 0x6b)
getsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f0000000300)=0x8, &(0x7f0000000340)=0x4)
r3 = socket$inet6(0xa, 0x2000000802, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000f68000)={@loopback={0x0, 0x1}, 0x0, 0x0, 0xff, 0x1}, 0x20)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000400)=ANY=[@ANYBLOB="04a476eb51bde7090002000000000006", @ANYRES32=0x0], &(0x7f00000015c0)=0x2)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f000089b000)=0x3, 0x4)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000001500)={0x1, 0x2, 0x9, 0x8, 0x46a7}, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f000000cfe4)={0xa, 0x0, 0x807}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x2, [], 0x1}}, &(0x7f0000000040)=0x20)
accept4$inet6(r1, 0x0, &(0x7f0000000080), 0x800)
fcntl$getown(0xffffffffffffffff, 0x9)
r4 = syz_open_procfs(r2, &(0x7f0000000100)="6e65742f69665f696e6574360093fdd81f12659f45e9cb89f8ffffffd451bea0bcf166e408aa93f2de9c7a1786a0b83e1c0da5210d01b9336480d24bf721df26e12a6152f604622b86f9e8a6d4e0e52b4d4518804bc3d131a1c20cee863e600711d0f8cdebab9c16f184f3835747b5fcfb4a8c439d37279d64119874b715ecd26d08c0b9f7b98e72b9401bf0496339354aaf1e011da685dbc8ee74625b3974533f2e05355dadea49035c03b2809c55c2ece8b4e17928fb1361c58fe2024cfa4798878692a6cfcad49eb3c51b78c9453e001eb16c27a6a39ca29de3e43b781daa7dd4348012f3b554bb56240130d542005d2e50fe46373cfc76a6a49c1b8050c99c08ab6aa3ec304a505456d90803f21ef70a51f56c6f4998e6fbb1d9d09e754b10d4b8f03d7621be8ab07b006d8081d8c353648c513e4d06bc9a3ecd201848931a11f7db75d319c2d37f4298ff0a48ad3e2a1f1a4c3813c47084b80fd1bacef8681897d56a3b0952d1d0d60a1d3db780d2aad06d6f0ac83cb479cc667cb00e0d4133539b1ea8a2c5ffdcd9e6f82000824ed364cdb3d9aef2b4f74545e77ecc557beb1d694fc99c505392916ed300ecd94fe0a7b30886d5c4ef01db53002a4185d19fa71fd8728f0b09de4d8ff1444fa7e59f884f27c0b3fe86fd51a3f63c6adbb36ca81d182d25b311a045ba13")
lookup_dcookie(0x4242de7a, &(0x7f00000004c0)=""/4096, 0x1000)
ioctl$TIOCLINUX6(r4, 0x541c, &(0x7f0000000380)={0x6, 0x6})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x65, &(0x7f0000000000), 0x4)
setsockopt$sock_int(r4, 0x1, 0x2d, &(0x7f0000001580)=0x1, 0x4)
sendfile(r1, r4, &(0x7f0000000040), 0xff)
ioctl$sock_ifreq(r1, 0x893f, &(0x7f0000000480)={'gretap0\x00', @ifru_data=&(0x7f0000000440)="06ebc1dce36bf6d768bf66ce9239598a60511818e91226c66cdc70109f95216b"})
ioctl$VT_RELDISP(r4, 0x5605)
ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000001700)={0x7, 0x0, [{}, {}, {}, {}, {}, {}, {}]})
setsockopt$inet_mreqsrc(r1, 0x0, 0x25, &(0x7f0000001600)={@rand_addr=0x8, @multicast2=0xe0000002, @remote={0xac, 0x14, 0x14, 0xbb}}, 0xc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000001540)=[@in6={0xa, 0x4e21, 0x7ff, @local={0xfe, 0x80, [], 0xaa}, 0x8000}, @in6={0xa, 0x0, 0x3, @empty, 0xfffffffffffffffd}], 0x38)

[  121.938836] FAULT_INJECTION: forcing a failure.
[  121.938836] name failslab, interval 1, probability 0, space 0, times 0
[  121.950221] CPU: 1 PID: 8569 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  121.957311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  121.966645] Call Trace:
[  121.969217]  dump_stack+0x194/0x24d
[  121.972826]  ? arch_local_irq_restore+0x53/0x53
[  121.977473]  ? __save_stack_trace+0x7e/0xd0
[  121.981773]  should_fail+0x8c0/0xa40
[  121.985465]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  121.990544]  ? kasan_kmalloc+0xad/0xe0
[  121.994407]  ? __kmalloc+0x162/0x760
[  121.998096]  ? ext4_htree_store_dirent+0x8b/0x580
[  122.002916]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  122.007733]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  122.012379]  ? exportfs_get_name+0x1a0/0x240
[  122.016760]  ? reconnect_path+0x1f1/0x670
[  122.020884]  ? exportfs_decode_fh+0x28a/0x5b0
[  122.025353]  ? do_handle_open+0x374/0x8a0
[  122.029475]  ? SyS_open_by_handle_at+0x27/0x30
[  122.034031]  ? do_syscall_64+0x281/0x940
[  122.038850]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.044189]  ? find_held_lock+0x35/0x1d0
[  122.048225]  ? __lock_is_held+0xb6/0x140
[  122.052268]  ? check_same_owner+0x320/0x320
[  122.056569]  ? rcu_note_context_switch+0x710/0x710
[  122.061478]  should_failslab+0xec/0x120
[  122.065425]  __kmalloc+0x63/0x760
[  122.068855]  ? str2hashbuf_unsigned+0x250/0x250
[  122.073502]  ? ext4_htree_store_dirent+0x8b/0x580
[  122.078321]  ext4_htree_store_dirent+0x8b/0x580
[  122.082966]  htree_dirblock_to_tree+0x4e8/0xa00
[  122.087615]  ? dx_probe+0x1070/0x1070
[  122.091391]  ? save_stack+0xa3/0xd0
[  122.094992]  ? kmem_cache_alloc_trace+0x136/0x740
[  122.099808]  ? ext4_readdir+0x2285/0x3600
[  122.103930]  ? iterate_dir+0x1ca/0x530
[  122.107795]  ? get_name+0x52a/0x730
[  122.111396]  ? exportfs_get_name+0x1a0/0x240
[  122.115775]  ? reconnect_path+0x1f1/0x670
[  122.119894]  ? exportfs_decode_fh+0x28a/0x5b0
[  122.124365]  ? do_handle_open+0x374/0x8a0
[  122.128487]  ? SyS_open_by_handle_at+0x27/0x30
[  122.133040]  ? do_syscall_64+0x281/0x940
[  122.137076]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.142418]  ? __lock_acquire+0x664/0x3e00
[  122.146629]  ext4_htree_fill_tree+0x2bb/0xcb0
[  122.151098]  ? print_irqtrace_events+0x270/0x270
[  122.155828]  ? do_split+0x1d30/0x1d30
[  122.159611]  ? __lock_is_held+0xb6/0x140
[  122.163650]  ? ext4_readdir+0x2285/0x3600
[  122.167773]  ? rcu_read_lock_sched_held+0x108/0x120
[  122.172764]  ? kmem_cache_alloc_trace+0x459/0x740
[  122.177581]  ? do_syscall_64+0x281/0x940
[  122.181616]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.186953]  ? percpu_ref_put_many+0x11a/0x220
[  122.191508]  ? free_rb_tree_fname+0x9c/0xe0
[  122.195805]  ext4_readdir+0x206a/0x3600
[  122.199755]  ? debug_mutex_init+0x1c/0x60
[  122.203877]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  122.208870]  ? __ext4_check_dir_entry+0x320/0x320
[  122.213687]  ? lockref_get+0x42/0x50
[  122.217375]  ? lock_acquire+0x1d5/0x580
[  122.221321]  ? lock_acquire+0x1d5/0x580
[  122.225271]  ? iterate_dir+0xc3/0x530
[  122.229046]  ? lock_release+0xa40/0xa40
[  122.232996]  ? check_same_owner+0x320/0x320
[  122.237295]  ? _copy_to_user+0xc0/0xc0
[  122.241161]  ? rcu_note_context_switch+0x710/0x710
[  122.246066]  ? __might_sleep+0x95/0x190
[  122.250020]  ? down_read_killable+0x95/0x180
[  122.254403]  ? iterate_dir+0xc3/0x530
[  122.258176]  ? down_write+0x120/0x120
[  122.261953]  iterate_dir+0x1ca/0x530
[  122.265647]  get_name+0x52a/0x730
[  122.269079]  ? bl_cleanup_pipefs+0x30/0x30
[  122.273292]  ? exportfs_encode_fh+0x100/0x100
[  122.277773]  exportfs_get_name+0x1a0/0x240
[  122.281981]  ? exportfs_get_name+0x1a0/0x240
[  122.286363]  ? get_name+0x730/0x730
[  122.289963]  ? up_read+0x40/0x40
[  122.293306]  reconnect_path+0x1f1/0x670
[  122.297255]  exportfs_decode_fh+0x28a/0x5b0
[  122.301552]  ? drop_caches_sysctl_handler+0x160/0x160
[  122.306714]  ? find_acceptable_alias+0x1e0/0x1e0
[  122.311444]  ? __fget_light+0x2b2/0x3c0
[  122.315394]  ? fget_raw+0x20/0x20
[  122.318820]  ? __check_object_size+0x8b/0x530
[  122.323290]  ? __might_sleep+0x95/0x190
[  122.327245]  do_handle_open+0x374/0x8a0
[  122.331192]  ? vfs_dentry_acceptable+0x10/0x10
[  122.335752]  ? SyS_write+0x184/0x220
[  122.339439]  ? SyS_read+0x220/0x220
[  122.343042]  SyS_open_by_handle_at+0x27/0x30
[  122.347424]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  122.352155]  do_syscall_64+0x281/0x940
[  122.356019]  ? vmalloc_sync_all+0x30/0x30
[  122.360143]  ? trace_event_raw_event_sys_exit+0x260/0x260
[  122.365654]  ? syscall_return_slowpath+0x550/0x550
[  122.370559]  ? syscall_return_slowpath+0x2ac/0x550
[  122.375467]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  122.380807]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  122.385626]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.390789] RIP: 0033:0x454e79
[  122.393955] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  122.401647] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  122.408894] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  122.416137] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  122.423380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  122.430627] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000001e
2018/03/31 16:37:31 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r4=>0x0)
io_submit(r4, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
dup3(r0, r2, 0x80000)
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:31 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:31 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$btrfs(&(0x7f0000000140)='btrfs\x00', &(0x7f00000001c0)='./file0\x00', 0xff, 0x0, &(0x7f0000000200), 0x40, &(0x7f0000000240)={[{@user_subvol_rm='user_subvol_rm_allowed', 0x2c}]})
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/audio\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f0000000180))
sendmsg$nl_generic(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="1f000000e6da13adaee84dc9b1cea4891800000000000000000000000000000000"], 0x1}, 0x1}, 0x0)

2018/03/31 16:37:31 executing program 6 (fault-call:2 fault-nth:31):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:31 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:31 executing program 4:
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f00000000c0)='./file0/file0\x00', 0x3fffa, 0x0)
fallocate(r0, 0x0, 0x9, 0x8000)
write(r0, &(0x7f00000001c0)='-', 0x1)
write(r0, &(0x7f0000001200)="f8", 0x1)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000008, 0xc0050, r0, 0x0)

2018/03/31 16:37:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe2(&(0x7f0000000700)={<r2=>0x0, <r3=>0x0}, 0x0)
ioctl$sock_ifreq(r2, 0x891e, &(0x7f00000000c0)={'syz_tun\x00', @ifru_flags=0x2000})
perf_event_open(&(0x7f0000000040)={0x200000002, 0x70, 0xc564, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5a1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = pkey_alloc(0x0, 0x0)
pkey_free(r4)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$netlink(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000880)={0x10, 0x0, 0x600}, 0x10}], 0x1}, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000100))

2018/03/31 16:37:31 executing program 7:
r0 = creat(&(0x7f0000000200)='./file0\x00', 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r0, 0x50, &(0x7f0000000080)={0x0, <r1=>0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)=r1, 0x4)
lsetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)=@known='security.selinux\x00', &(0x7f0000000300)="0000000201000000000000010400", 0xe, 0x0)
lsetxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000faffe7)=@known='security.capability\x00', &(0x7f00002b2fec)="0000000201000000000000010400000000000000", 0x14, 0x0)
creat(&(0x7f0000000180)='./file0\x00', 0x0)

[  122.610926] FAULT_INJECTION: forcing a failure.
[  122.610926] name failslab, interval 1, probability 0, space 0, times 0
[  122.622263] CPU: 1 PID: 8606 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  122.629360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  122.638708] Call Trace:
[  122.641297]  dump_stack+0x194/0x24d
[  122.644919]  ? arch_local_irq_restore+0x53/0x53
[  122.649585]  ? __save_stack_trace+0x7e/0xd0
[  122.653907]  should_fail+0x8c0/0xa40
[  122.657626]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  122.662730]  ? kasan_kmalloc+0xad/0xe0
[  122.666611]  ? __kmalloc+0x162/0x760
[  122.670325]  ? ext4_htree_store_dirent+0x8b/0x580
[  122.675162]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  122.680000]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  122.684664]  ? exportfs_get_name+0x1a0/0x240
[  122.689077]  ? reconnect_path+0x1f1/0x670
[  122.693231]  ? exportfs_decode_fh+0x28a/0x5b0
[  122.694991] binder_alloc: 8611: binder_alloc_buf size 318767160 failed, no address space
[  122.697715]  ? do_handle_open+0x374/0x8a0
2018/03/31 16:37:31 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x3ff, 0x200300)
setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x1b, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000040)={'syzkaller1\x00', 0x6})
timer_create(0x2, &(0x7f0000000080)={0x0, 0x27, 0x6}, &(0x7f00000000c0))
timer_gettime(0x0, &(0x7f0000000bc0))
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @remote, @rand_addr}, &(0x7f0000000440)=0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'bond0\x00', r1})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200), &(0x7f0000000240)=0x8)
clock_adjtime(0x7, &(0x7f0000000340)={0x1, 0x20, 0x0, 0x3f71, 0x8181, 0x3f, 0x6, 0x2, 0x80, 0x5f, 0x0, 0x7, 0x7, 0x0, 0x5f71, 0x0, 0x5, 0x7, 0xff, 0xff, 0xc78, 0x40, 0x0, 0x7ff})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(0xffffffffffffffff, 0x80045301, &(0x7f0000000140))
syz_open_dev$sndmidi(&(0x7f0000000280)='/dev/snd/midiC#D#\x00', 0x80000001, 0x105000)
r2 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x20011, r2, 0x0)
r3 = syz_open_dev$mice(&(0x7f0000000480)='/dev/input/mice\x00', 0x0, 0xfffffffffffffffe)
ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f0000000180)={&(0x7f0000ffa000/0x5000)=nil, 0x5000})
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000080))
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=ANY=[@ANYBLOB="00634040000000000000000000000000000000000100000000000000000000000000000028000013000000001000000000000000", @ANYPTR=&(0x7f0000000800)=ANY=[@ANYBLOB="852a627300000000", @ANYPTR=&(0x7f00004edf8a)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="0100000000000000000000000000001000000000000000005fca82a17e29cb62939c65b6fb6d7edbdd68d0f894e2564b7c362554ad033d9c25a6ab8ec0e34aec001af29e6a7dbb52ff5bb924c1ce6a70dba566193fae14589ab6d58bfdd09a64fefbc32b5ec92772c65dd39f8795a0aefacdc6c23b073810405b0c41b885124a19f2c3d2c946738506227ade978ff5e59d48781a5e6a13531239a5cc941ec296b24438db2c3dbee29ec30b4c9919568140ad32e5db0770b5b67bf69860f07c0cde4c19bf0835f5"], @ANYPTR=&(0x7f000000afd0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})
ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000100)={0x5, 0x5, 0x7, 0xffffffffffffffff})
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f00000004c0), &(0x7f0000000500)=0x4)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000540)={{0xffffffffffffffff, 0x1, 0x0, 0x0, 0x20}, 0x8, 0x5, 0x78})
sysinfo(&(0x7f00000005c0)=""/23)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000600), &(0x7f0000000640)=0x4)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000680)={0x0, 0xfff}, 0x8)
setsockopt$inet_udp_int(r0, 0x11, 0x65, &(0x7f00000006c0), 0x4)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000900)='/dev/ppp\x00', 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000ec0)=@filter={'filter\x00', 0xe, 0x4, 0x0, [0x0, 0x20000800, 0x20000be0, 0x20000d70], 0x0, &(0x7f00000007c0), &(0x7f0000001340)=ANY=[]}, 0x78)
gettid()

2018/03/31 16:37:31 executing program 4:
r0 = syz_open_dev$sndctrl(&(0x7f0000001000)='/dev/snd/controlC#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
recvmsg(0xffffffffffffff9c, &(0x7f0000000640)={&(0x7f0000000000)=@pppol2tpv3={0x0, 0x0, {0x0, <r1=>0xffffffffffffffff, {0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000540)=[{&(0x7f00000000c0)=""/212, 0xd4}, {&(0x7f00000001c0)=""/49, 0x31}, {&(0x7f0000000200)=""/202, 0xca}, {&(0x7f0000000300)=""/171, 0xab}, {&(0x7f00000003c0)=""/250, 0xfa}, {&(0x7f00000004c0)=""/87, 0x57}], 0x6, &(0x7f00000005c0)=""/71, 0x47, 0x1000000000}, 0x62)
getsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000680), 0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, "31be2e0f42d7de3cd920f6ac7734168331c2c0babdeefe716d1d85a0a6067a0ec6f422fed4c678e1f9f2d1b4"})

[  122.697726]  ? SyS_open_by_handle_at+0x27/0x30
[  122.697736]  ? do_syscall_64+0x281/0x940
[  122.697750]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.697764]  ? find_held_lock+0x35/0x1d0
[  122.697777]  ? __lock_is_held+0xb6/0x140
[  122.697796]  ? check_same_owner+0x320/0x320
[  122.697809]  ? rcu_note_context_switch+0x710/0x710
[  122.697825]  should_failslab+0xec/0x120
[  122.697832]  __kmalloc+0x63/0x760
[  122.697840]  ? str2hashbuf_unsigned+0x250/0x250
[  122.697852]  ? ext4_htree_store_dirent+0x8b/0x580
[  122.706325] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  122.710405]  ext4_htree_store_dirent+0x8b/0x580
[  122.710418]  htree_dirblock_to_tree+0x4e8/0xa00
[  122.710433]  ? dx_probe+0x1070/0x1070
[  122.710446]  ? save_stack+0xa3/0xd0
[  122.715060] binder: 8611:8612 transaction failed 29201/-28, size 318767144-16 line 2963
[  122.719034]  ? kmem_cache_alloc_trace+0x136/0x740
[  122.719043]  ? ext4_readdir+0x2285/0x3600
[  122.719051]  ? iterate_dir+0x1ca/0x530
[  122.719060]  ? get_name+0x52a/0x730
[  122.808480]  ? exportfs_get_name+0x1a0/0x240
[  122.812863]  ? reconnect_path+0x1f1/0x670
[  122.816986]  ? exportfs_decode_fh+0x28a/0x5b0
[  122.821456]  ? do_handle_open+0x374/0x8a0
[  122.825576]  ? SyS_open_by_handle_at+0x27/0x30
[  122.830135]  ? do_syscall_64+0x281/0x940
[  122.834171]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.839509]  ? __lock_acquire+0x664/0x3e00
[  122.843719]  ext4_htree_fill_tree+0x2bb/0xcb0
[  122.848193]  ? print_irqtrace_events+0x270/0x270
[  122.852923]  ? do_split+0x1d30/0x1d30
[  122.856704]  ? __lock_is_held+0xb6/0x140
[  122.860745]  ? ext4_readdir+0x2285/0x3600
[  122.864868]  ? rcu_read_lock_sched_held+0x108/0x120
[  122.869857]  ? kmem_cache_alloc_trace+0x459/0x740
[  122.874669]  ? do_syscall_64+0x281/0x940
[  122.878704]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  122.884043]  ? percpu_ref_put_many+0x11a/0x220
[  122.888600]  ? free_rb_tree_fname+0x9c/0xe0
[  122.892897]  ext4_readdir+0x206a/0x3600
[  122.896845]  ? debug_mutex_init+0x1c/0x60
[  122.900969]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  122.905965]  ? __ext4_check_dir_entry+0x320/0x320
[  122.910785]  ? lockref_get+0x42/0x50
[  122.914473]  ? lock_acquire+0x1d5/0x580
[  122.918421]  ? lock_acquire+0x1d5/0x580
[  122.922370]  ? iterate_dir+0xc3/0x530
[  122.926146]  ? lock_release+0xa40/0xa40
[  122.930105]  ? check_same_owner+0x320/0x320
[  122.934403]  ? _copy_to_user+0xc0/0xc0
[  122.938267]  ? rcu_note_context_switch+0x710/0x710
[  122.943169]  ? __might_sleep+0x95/0x190
[  122.947118]  ? down_read_killable+0x95/0x180
[  122.951500]  ? iterate_dir+0xc3/0x530
[  122.955273]  ? down_write+0x120/0x120
[  122.959050]  iterate_dir+0x1ca/0x530
[  122.962744]  get_name+0x52a/0x730
[  122.966171]  ? bl_cleanup_pipefs+0x30/0x30
[  122.970380]  ? exportfs_encode_fh+0x100/0x100
[  122.974861]  exportfs_get_name+0x1a0/0x240
[  122.979068]  ? exportfs_get_name+0x1a0/0x240
[  122.983456]  ? get_name+0x730/0x730
[  122.987055]  ? up_read+0x40/0x40
[  122.990403]  reconnect_path+0x1f1/0x670
[  122.994354]  exportfs_decode_fh+0x28a/0x5b0
[  122.998650]  ? drop_caches_sysctl_handler+0x160/0x160
[  123.003812]  ? find_acceptable_alias+0x1e0/0x1e0
[  123.008542]  ? __fget_light+0x2b2/0x3c0
[  123.012488]  ? fget_raw+0x20/0x20
[  123.015915]  ? __check_object_size+0x8b/0x530
[  123.020388]  ? __might_sleep+0x95/0x190
[  123.024345]  do_handle_open+0x374/0x8a0
[  123.028292]  ? vfs_dentry_acceptable+0x10/0x10
[  123.032852]  ? SyS_write+0x184/0x220
[  123.036539]  ? SyS_read+0x220/0x220
[  123.040141]  SyS_open_by_handle_at+0x27/0x30
[  123.044520]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  123.049251]  do_syscall_64+0x281/0x940
[  123.053114]  ? vmalloc_sync_all+0x30/0x30
[  123.057236]  ? _raw_spin_unlock_irq+0x27/0x70
[  123.061704]  ? finish_task_switch+0x1c1/0x7e0
[  123.066172]  ? syscall_return_slowpath+0x550/0x550
[  123.071080]  ? syscall_return_slowpath+0x2ac/0x550
[  123.075985]  ? prepare_exit_to_usermode+0x350/0x350
[  123.080977]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  123.086317]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  123.091136]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  123.096297] RIP: 0033:0x454e79
[  123.099460] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
2018/03/31 16:37:32 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[  123.107141] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  123.114383] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  123.121626] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  123.128868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  123.136109] R13: 0000000000000416 R14: 00000000006f82b0 R15: 000000000000001f
2018/03/31 16:37:32 executing program 6 (fault-call:2 fault-nth:32):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:32 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[  123.183317] binder_alloc: binder_alloc_mmap_handler: 8611 20000000-20002000 already mapped failed -16
[  123.205411] binder: BINDER_SET_CONTEXT_MGR already set
[  123.211395] binder: 8611:8613 ioctl 40046207 0 returned -16
[  123.228574] binder_alloc: 8611: binder_alloc_buf, no vma
[  123.234194] binder: 8611:8612 transaction failed 29189/-3, size 318767144-16 line 2963
[  123.234376] FAULT_INJECTION: forcing a failure.
[  123.234376] name failslab, interval 1, probability 0, space 0, times 0
[  123.253602] CPU: 1 PID: 8622 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  123.260694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  123.270036] Call Trace:
[  123.272623]  dump_stack+0x194/0x24d
[  123.276246]  ? arch_local_irq_restore+0x53/0x53
2018/03/31 16:37:32 executing program 7:
r0 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000107ff8)={0x0, 0x10040000}, 0x8)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e20, @loopback=0x7f000001}, @in={0x2, 0x4e20, @multicast2=0xe0000002}], 0x20)
connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmmsg(r0, &(0x7f000060d000)=[{{0x0, 0x0, &(0x7f0000c38ff0)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, &(0x7f0000000500)}}], 0x1, 0x8000)

2018/03/31 16:37:32 executing program 4:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x400000, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x200, 0x400)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000140)={r1, r2})
perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x78, 0x1e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r3, &(0x7f0000002fc8)={&(0x7f0000000080)=@nl=@kern={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f0000906000)="5500000018007fafb72d1cb2a4a280930a06fa0000a8430891052367390009002f000000000000001900150002000000000000dc1338d54400009b84136c005af983de448daa7227c43ab8220000060c0300ab91d4", 0x55}], 0x1, &(0x7f0000006000)}, 0x0)
ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40206417, &(0x7f0000000180)={0xfffffffffffffff8, 0x9, 0x1, 0x80, 0x2, 0x20})

[  123.276866] binder: undelivered TRANSACTION_ERROR: 29189
[  123.280901]  ? __save_stack_trace+0x7e/0xd0
[  123.280920]  should_fail+0x8c0/0xa40
[  123.280935]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  123.280948]  ? kasan_kmalloc+0xad/0xe0
[  123.280957]  ? __kmalloc+0x162/0x760
[  123.280967]  ? ext4_htree_store_dirent+0x8b/0x580
[  123.280975]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  123.280983]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  123.280994]  ? exportfs_get_name+0x1a0/0x240
[  123.281000]  ? reconnect_path+0x1f1/0x670
[  123.281008]  ? exportfs_decode_fh+0x28a/0x5b0
[  123.281018]  ? do_handle_open+0x374/0x8a0
[  123.286832] binder: undelivered TRANSACTION_ERROR: 29201
[  123.290738]  ? SyS_open_by_handle_at+0x27/0x30
[  123.290748]  ? do_syscall_64+0x281/0x940
[  123.290760]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  123.290773]  ? find_held_lock+0x35/0x1d0
[  123.290787]  ? __lock_is_held+0xb6/0x140
[  123.290805]  ? check_same_owner+0x320/0x320
[  123.290819]  ? rcu_note_context_switch+0x710/0x710
[  123.290835]  should_failslab+0xec/0x120
[  123.290844]  __kmalloc+0x63/0x760
[  123.290852]  ? str2hashbuf_unsigned+0x250/0x250
[  123.290863]  ? ext4_htree_store_dirent+0x8b/0x580
[  123.391978]  ext4_htree_store_dirent+0x8b/0x580
[  123.396631]  htree_dirblock_to_tree+0x4e8/0xa00
[  123.401293]  ? dx_probe+0x1070/0x1070
[  123.405075]  ? save_stack+0xa3/0xd0
[  123.408683]  ? kmem_cache_alloc_trace+0x136/0x740
[  123.413502]  ? ext4_readdir+0x2285/0x3600
[  123.417629]  ? iterate_dir+0x1ca/0x530
[  123.421494]  ? get_name+0x52a/0x730
[  123.425095]  ? exportfs_get_name+0x1a0/0x240
[  123.429477]  ? reconnect_path+0x1f1/0x670
[  123.433599]  ? exportfs_decode_fh+0x28a/0x5b0
[  123.438069]  ? do_handle_open+0x374/0x8a0
[  123.442189]  ? SyS_open_by_handle_at+0x27/0x30
[  123.446751]  ? do_syscall_64+0x281/0x940
[  123.450789]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  123.456131]  ? __lock_acquire+0x664/0x3e00
[  123.460344]  ext4_htree_fill_tree+0x2bb/0xcb0
[  123.464817]  ? find_held_lock+0x35/0x1d0
[  123.468857]  ? print_irqtrace_events+0x270/0x270
[  123.473592]  ? do_split+0x1d30/0x1d30
[  123.477372]  ? lock_downgrade+0x980/0x980
[  123.481498]  ? lock_release+0xa40/0xa40
[  123.485451]  ? __lock_is_held+0xb6/0x140
[  123.489498]  ? ext4_readdir+0x2285/0x3600
[  123.493623]  ? rcu_read_lock_sched_held+0x108/0x120
[  123.498614]  ? kmem_cache_alloc_trace+0x459/0x740
[  123.503438]  ? free_rb_tree_fname+0x9c/0xe0
[  123.507738]  ext4_readdir+0x206a/0x3600
[  123.511688]  ? debug_mutex_init+0x1c/0x60
[  123.515813]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  123.520812]  ? __ext4_check_dir_entry+0x320/0x320
[  123.525634]  ? lockref_get+0x42/0x50
[  123.529328]  ? lock_acquire+0x1d5/0x580
[  123.533279]  ? lock_acquire+0x1d5/0x580
[  123.537228]  ? iterate_dir+0xc3/0x530
[  123.541011]  ? lock_release+0xa40/0xa40
[  123.544966]  ? check_same_owner+0x320/0x320
[  123.549262]  ? _copy_to_user+0xc0/0xc0
[  123.553130]  ? rcu_note_context_switch+0x710/0x710
[  123.558040]  ? __might_sleep+0x95/0x190
[  123.561995]  ? down_read_killable+0x95/0x180
[  123.566383]  ? iterate_dir+0xc3/0x530
[  123.570162]  ? down_write+0x120/0x120
[  123.573945]  iterate_dir+0x1ca/0x530
[  123.577639]  get_name+0x52a/0x730
[  123.581072]  ? bl_cleanup_pipefs+0x30/0x30
[  123.585288]  ? exportfs_encode_fh+0x100/0x100
[  123.589785]  exportfs_get_name+0x1a0/0x240
[  123.593997]  ? exportfs_get_name+0x1a0/0x240
[  123.598395]  ? get_name+0x730/0x730
[  123.601996]  ? up_read+0x40/0x40
[  123.605354]  reconnect_path+0x1f1/0x670
[  123.609310]  exportfs_decode_fh+0x28a/0x5b0
[  123.613610]  ? drop_caches_sysctl_handler+0x160/0x160
[  123.618775]  ? find_acceptable_alias+0x1e0/0x1e0
[  123.623513]  ? __fget_light+0x2b2/0x3c0
[  123.627465]  ? fget_raw+0x20/0x20
[  123.630894]  ? __check_object_size+0x8b/0x530
[  123.635372]  ? __might_sleep+0x95/0x190
[  123.639334]  do_handle_open+0x374/0x8a0
[  123.643290]  ? vfs_dentry_acceptable+0x10/0x10
[  123.647852]  ? SyS_write+0x184/0x220
[  123.651547]  ? SyS_read+0x220/0x220
[  123.655154]  SyS_open_by_handle_at+0x27/0x30
[  123.659537]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  123.664270]  do_syscall_64+0x281/0x940
[  123.668135]  ? vmalloc_sync_all+0x30/0x30
[  123.672261]  ? trace_event_raw_event_sys_exit+0x260/0x260
[  123.677777]  ? syscall_return_slowpath+0x550/0x550
[  123.682682]  ? syscall_return_slowpath+0x2ac/0x550
[  123.687590]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  123.692931]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  123.697757]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  123.702923] RIP: 0033:0x454e79
[  123.706088] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  123.713776] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  123.721027] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  123.728272] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
2018/03/31 16:37:32 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  123.735519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  123.742766] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000020
2018/03/31 16:37:33 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r3=>0x0)
io_submit(r3, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r2, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:33 executing program 3:
eventfd2(0x2, 0x80001)
r0 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x100, 0x0)
r1 = accept$alg(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000180)={0x4, r1})
perf_event_open(&(0x7f0000223000)={0x2, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0xc9d, 0x100)
ioctl(r2, 0xffffffffffffffff, &(0x7f0000000000))
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000040)=@sack_info={<r3=>0x0, 0x7, 0x7f}, &(0x7f0000000080)=0xc)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f00000000c0)={r3, 0x7fff}, &(0x7f0000000100)=0x8)

2018/03/31 16:37:33 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:33 executing program 6 (fault-call:2 fault-nth:33):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:33 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x1)
socketpair$inet(0x2, 0x4, 0x7, &(0x7f0000000280))
r1 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000100)=@full, &(0x7f0000000180)=0x48, 0x0)
accept4$netrom(r1, &(0x7f00000001c0)=@full, &(0x7f0000000240)=0x48, 0x80000)
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080), &(0x7f00000000c0)=0x8)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004500001c62ad00000001907800000000e00000010800907800000000"], &(0x7f0000000040))

2018/03/31 16:37:33 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendto(r0, &(0x7f00000001c0)="31bbea35e3fd3ec9200a29eb9a484c50d29ce1f5ef3dcf15c72d92e18e0cea404cbd3ae95e6e0c9bea5ac6e45c7e12ae4e75bf9b50484f2934d200a63dce8f118ef7ef", 0x43, 0x20000000, &(0x7f00000002c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x1, 0x0, 0x1, {0xa, 0x4e21, 0x1, @empty, 0x3f}}}, 0x80)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000027003103000000000000000008000000f892abd7e22a556289b5ac1db1b5f32174a3faa99cc623360fe51708f40ba95f984b"], 0x14}, 0x1}, 0x0)

2018/03/31 16:37:33 executing program 1:
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000540))
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$alg(r0, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f00000006c0)={r2})
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r1, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:33 executing program 7:
socket$inet6_sctp(0xa, 0x5, 0x84)
semget$private(0x0, 0x0, 0x42)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x1, 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x4040, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000180)={<r1=>0x0, 0x92, "34a42ae8eab047b31333f357c2e41a4eaf7ee0d0753cbc9b3e28aa719a09552076a6bd08e59797934d344fba8503c926321772971ade586a0ec6e6c56c0aa467252ad41d656030c53ff43f83bf120ada631332802820bfc50eb4bf2a62f0cbf5ac8f7f916ce113be51831f9e1763bcdfb9fca3796b31af98228b87e6f3499b6f5ffe94b150dc6897095a9525ee9256f6bd83"}, &(0x7f0000000240)=0x9a)
mlock2(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1)
sendmmsg$inet_sctp(r0, &(0x7f0000001bc0)=[{&(0x7f0000000080)=@in6={0xa, 0x4e22, 0x80000000, @mcast2={0xff, 0x2, [], 0x1}, 0x9}, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)="9fba154fcac5b0b9cd1bed168c"}, {&(0x7f0000000100)="611f7460f066309e5a42acc8cf2987182dc8"}], 0x0, &(0x7f0000000280)=[@sndrcv={0x0, 0x84, 0x1, {0xfffffffffffffff9, 0x4e, 0x4, 0x9, 0x81, 0x4, 0x1, 0x101, r1}}], 0x0, 0x4}, {&(0x7f00000002c0)=@in6={0xa, 0x4e23, 0x9, @mcast1={0xff, 0x1, [], 0x1}, 0x7}, 0x0, &(0x7f0000001400)=[{&(0x7f0000000300)="cdb89a4e1da4e84d16b574de391f134a8ef00f82f48db47360679af6c0235bbe2cf3da627bbd082a36c8d1b2dbaafd3277bd5d51ba77f73a1aa1648f7af55fdd05b3a170c6f0ecb3fa0526113b748e41841e0c35a7e13a83e78bd4ae9bd2489da35e729702e95aa6df8311383020113f7082ed4f44d6118a242d7f1a6ef901eb867e2bb7d0676d08ac217cd153dd320bb6edb2fa63bc761d6b8942675758e8adb396ab28970951401ae88183d56e60e5ebb53575b37af4d15edd1db56858680d901e384332a9e725ca9ff09cb51a7b131bdcfe54caf5bd7fae6f108e614f0ffadbc001bf02e9105eec6f4d2ea9c9b292c247796baff44484afcf290c2ce0799d04082ab90660e9de00282b9c5ae5b8636ba5ea2092cc8d777f850c9dd284aca7e990d231393d0e98471519a80eafec99671f72c1f04a5cf82d18272ea0089bf42b583b251e7ee52cb2843b5bfbf05cfe38a5bcedbe5d31169a08a5e0268a3f54f13deb2723bd6e029648ab490f8c39783cfea01f5fd113e2bf0c4b711c6fd4fdd37bc9de405b76d35725b28fdc03869a2e8c31c8914bbca799a09a5aad502875ebaed5b2962498b55800ce936f47c961444228e0ccc2f23cf1629c95b7c8c623ca0504e4f4934a690e1b795cde12c90317e63fafeaefb1cdbc62323dd104d40016e403306c3c8cd75d06da1f5548147b057f2726ead60775bf1d348d23e94c72a5cc21dc7fe2746ca56f9438c0eb0bdc8dd0fdd74985f256c014e77d207a83d0c62784a41c3646f9a92e1d2e285a6a9ff184003130ceee5e75b0ac2303a3d5da2cbe152f44a3bfa776f0ddcf788f4f7f8b8fb7743eeb9c0c85edbd40c2420c2ab6d2f3d992a7ab48cb0fe6dfff3ad5ce4401c0e0b5d731cf69303e6b6d6a4b656b17601bdd67fc4aab90be261c19a14bbb31cc845538959175bcb52d843ce08c4ed0fdf7b97efeb6adc0b2d6cf3c91ac93f8e47d93d1a87f412dae6a66b7e56cbfb7d92bca2768d1bf039accb5c90837a5b75448bb051e6f978d35e755dffd5081429e101657f85eee3933861a04108bedc8df67ede259f861a06d31773ef5c812b1a8be303b17215e40a00afb84cf3828da42d45773b4d34ac324fd9129f89cfac513308030abbdf5b0b19c989b8d9eadc47c4e9adab5f568b9bd7e7d38544660f244021b402ddbcec2df56ecb6369722a529c52389286f76a0fc0aaff22c5487b649bdd528ca9d34b18918257ba577d0a1f286a61f1f2aced8acb963ace2bf5e1733fa1dc37079e483d94d1b5a04b285ded850663a602963d2bf5f2eb80ecda4f656eb023a644815b117b01ee13a18310abebb55eb9599be53a1d9610f9083ea7f1f073a02d33ec7ec77bef69f2f216a60d638fddd0928de0a75b63c89c7dcb36f9595a331d97594491c12eadc7a2cdcb20b305bd2ff92fe8994e1d64379fc39c37b768b8698b2f83034dc78409f3a0a3b91748022770983fbd558d3c2a7993e2cbf3768a1ddc2eec31f020f5b2c10823a74fd2032fd681f28ee82a16c9ca383b0f5e88b26b213fb42d913c692b35ac587192ed922b6ecf8034f023f3928db644482a9a797f5cdde0bd8bdf5baceb925858d9243c77e8ab11c2ea992a94b6b9f54450fbced18c859ec06d513ce4cd4445f4963c80c22e52990a6ddf1f13430709a0d1df425e1d61a41a137ee7e37995c5b6a95d79f46ea35d3f2daf32a0cf1eb25e35063003360a8a533a11436ddd584aa60d5df6cd13d6f0658e42841059b38cb7bb4a0f928b4b89c3191cfddd5820d80f3ebcd39c24f324a76a14fcb68c8fcd9aac4ae5988ad52b15f631e67f00df41e400f473306dadfa79a9a945dad5ff1e4665b9be9f3370c1ec88a22dcf94c5093757a3c8610745024aa75e20dabae52214a8b551891eca153af0987b2f88a6c6317e3cbe51f13b369745051bc5ac60c6d46496af144152d990d4b860e7251b6a719d91d5c6b409103086ae6ee56c97f38b50ec3ee84743b63b8c6451f48f8301ca3dfe971e28182166b830d6814acc6886164a4f6e8f0a809e69393278957d69a5f31a61d955876164b512a1bd3bf4fa5183fbda13c7b9bbfeb175598a2dc92ddab8a6f822b0238555e964df6f53cedb7a57e984fe5b5c14954743e2df48a79111be2ee00238b8777fc604addaa7978646bf6253281d80049fa948389e499d2bb95ffaf43f34600f38ac173aeebda8d14267b111a72cdc65765903ac47f18bfc81d6439a511d24281d40414e9b8acbbe62819ac16fca5bd6c3695515d3a87615e51a55e55aa90753534854c01ae324de7d9a26964971844e845ec90f1f665019ee2c66ce2fac81003f2e10d2ea8b07e76de827bfa1f5903b00618c513fed903f436d541c056a39d29e55a33e1c3cba925052f069b84dec45b293215c1c3da34e0b73b875be3e1f3f80b26cdbc03ed9b594307c99cea73644fd4400cf9d5f844dc385c063c2cee97ca697dc1a1044231d8ed6777884a84ee3f2b72659acb399b361a6e8bbb340f4668264565735e6425872f1007d0d73dcc29afebde817707d4e2f943966c1db6abf224eebf8f7bcfbeb60bf8ffe3a49bec33949ef750846f84ede905e7e358e2d41f3b8ed23f5fb7e33b7cbe5e625aca6f7313a4e2e96bc62cafd2f6526f652eef340e8560b92637610b22ffffe702fc41d59953ed3c0ea2508ef620d66f3e77c0de83d94a3d50e74967fa7db0601907e6d88e14bd077af943f3f01b088b6e6f7dae26e82670c151fa4d808beed2adf8f74c326d0c2b6b2f2ec008d01426af384738ab7bee7087cf487a2a222ccc70107a004492343f0dba95b432606334dd7c776db9bb2e62c25431faeafb4b8bb067525091ae9c0999345fd4b8d6d95a09cc9b59c238da7a4692c2fd9bbe6473abdd182cfbb96ceeca34ff84b8d62d9d284d54177ada06b240c6aced22b6e4d3e8b975960a7a86626c0dad6a417b7a2be5ddf14acae294ed8d7126296b8254cc99192b28947abcc6cad9c9ff1d6bbe81ede1416bd45d828d62e32a98a6f829d3476678eac8910f4453f8f2f60ad243f22e03f0cb960c02d8169cb7760a083b483d05ce266fbd9dc9550fb067cc3323c1325b88bbdda2fd75b336df6c0c9d3205312cdcb444774660f822af4cf3dee09863222d2cd17e6eba5eb91707637234ac3ef3218d243c6ce5d5886d2b419604269481136ce151c1dcf08b307336ad5b828de12d7d857ece2d3cc64967cf2cbca22f4d9037aac48f60d4435a6404be725e38cd27c58bd8f99e557a727a38221947559ed52452c97670dc658d438b827218118c9d285886d3dbab85a3e54928f211c18083de13cb1b8aa49ee59ad1b803c4afd41c1cbc2f7c602728a84198f63d89dcdf81516df9ee1a2aef60f80f253b96bfb90af156b3dff99437c623db3c64468af3589dd888218a1412affeef0ab5e78e1a3685698e5d86479b89a07bf1eb932a12240ab541fdfd81394b2d252a957d8ba1cf9c60bf8c683ce0e6b1635f0c97332060ea39a4316c97592ed24cf2c5e395a4f8c67fbfbb7c5dae470d283ae27324fed2a4666f79bccd1ff067a9f1f61d2e7b5aa2819f583cd5347f218f3f39c9f10b8f5366acef907e3713c9f2bdfe699a269ac3a5b6f0fb8f0303633518e421967f05d2407a49816d9ef59d9c65ef8a58d09f19b78709842b711ac0a4efb6509488fa56e487e99530dc7f8ee095b4a37913d1158db0d4b5bf03729d71ab130c914a2edf5597aac2f2ea264300fc6ae966f40c7d0bdae8b84f2a7419ce3cc263e313d184cb5d6520c04124e8dac00f4dff008962175fea8e98c17cf07969359bc580640167fe7ceaf86ec5f523d0be85ad563ab8857107c8d64a386898e4ab835ecd0ca3fae24cef4c67788da98c3354fdac0b297c49e98565895038a48fe4f3e685708fd28198d2181425521664832078f32441620439cfcc7d86bc9bccb32879b73637447e150c72b5a18cbec1456af6cebfd3cbac0ce8b32d8307a8d356628cc7526b4213714eb4a60a67d56ac52314b70d2a0fac5f1e0adbc93633a18c830b6b3d816b7864f9105be5516eff714431c1057fd5b2b4265b79434fba9c37e3f0094b7bda1d10a8f81967775ce3094bd9b80fbab84f35ff3d64645f651a43c0873c195f46814bc51edc6d009b4155d3f0803c2a0b9f3910a563266e11ccd1d1cd83df9d2e33ea8e2c7d5c4ea97d2ee570e19c2131e35ea313a0af5dec60599b642ea7a8b2738b32b73742478dd37a6a3d69bf6356dadce126128a54c90ed3bd475649e3b19dd3fe9715873f435a77720d1d0ada1d2f08df6ea2b5a14402f8ae329cfdd9836002ba0817aaabe631493fc9485397f7d0e751ec596704ebca58798b56b8f978fc18a441e100d0f96db6eb06858dd22bfd90cefdfcb433a1b8dde921e75c739988692c3efb4272282abebaff660dbe20c4b43a2e8f7c7491a8c9634fc0156b2cc542335d6f43350db906d1098acdf032ca18a0acfc7c9d8f41059fcbdf8b503401d0a39d330101c455a49b902756d0e64f057637399d11ef5291e95bead720b1f53569ec25f10603c5704ae59e986c4e02e9a9929f1bcdf9bc89c0309ec1f2b9dba6518d39e3af5a5749c08f70abb3839b2cdb5d2c51108450375e7e0eee8bc0bcfa9c224bfb6514d95bd2bed1b961429b2b6bbf130501a979f63cf2721e72d99a1a014e3397d8710387a5046d55834b8b28d9054080428f92b4a80dd6ec4e7943bf33b865e611911e1f56259680354262817e2d911aa560de619d7077146053c3d0a8e3224fcb9725d855dc4628bf78d35836aac4b7de3edc523771369d523c36d027f0cf1b3a35d612bf320f94e01838adf560e176eb09631b92995cf60f04a419cd47b664520754641957d8099afd941fda7e666935a250d8b007cda9c1484b4915d21c8a0b116196c2ab616aadd3661b91e32f74aba33ba86054311a728a5fabe2c2fa1678b10208637840597941efdae4b5f29849c99d17d1fca8cff234cf604ab8ca2cec51d92327dfba39f92af9cca00048b90c31e6aa29569e6fe7942c2a57e91c61af7ed75e671e8f945055383d2da1fe918439ca9eebd4ab1608f6d7bee01048880e150afdf211cc3942285625e64643b9b02064dc67ac6e7a31d216601993b5d15dffd7516fba7b5132905ca33e4b99c393cd90d30bf2d920ac1f7a8e604e54709e10881b1c80c4cd95232387bd8057d406058e4f9e15eb080ddc31dceed761b17059c04e2117262e220d947217cafcea060ae43d8600b44ca32366c15dd6c1d9925f610bd816158bca86fc8577a54e901bb3dac5e683c0cd96721599780127658164aa0cb1eb21224d3da30057de3f97a5b9b6a2d44204908e7a12937817b7f45d9e6e39a7f95379b6423a45978455dc1b3fe3c37f12b6dbeaee6063b9c6f14fbdd2a1318fc8ee0bbeea7ed6bdf605ea5b6c08978e05e0824e2bfc89cb6785aeebdb828a2d5c805f9aa423b21b0c61580d5e4c687b01ff57faff22f2473141a8ce897c379a3965d0bdcdfe82202c99b77ad6f61443e1d9ed2bccaa5df172e37235965535d778485d6b37485393a1ce970031c53028f36c1247d9e35740226769652525e4743595204b6f5eaf0a80f106114eba5dbf992c8782e5dd3d563a19c7822be33a1acc2973c5767b9d6b228da0176eb2997c0eb468c80056247547c089c6f1c699f7f518a0e5cf1f0bfa5a78136fe47f3da50ee23126f15770470e43919ffa1ed0f9ad4b9f8d229aed11df81ec97ad771f4175a215c1018b5017b40e"}, {&(0x7f0000001300)="7dd5a56ee17d64ae5009f147e93a9df3f87a0285c1e261951d956098b70d7e9c5d746b10ce5e59c43d06e03fbd00cf7889f25487d62b729369046e6ae6384eaae6827447363af882f4cbc3f390eb4edab433a58d38a84d64e9f8566c3c8e483552355d33d3762943630ad8ffef0367abff344109838f505342f52864db2adcac0a2eb742f52daf3b9dfec99d83dc1789c9018c91e3b0c7f261d07743c0524f06e99f29183beb5f17de881b88f0fdac9512feee2cf4ecd5924004dcebc0922cb0a08ace1941dc498bec8814a5cd1bc78f554165afe2fe257d17ac0ee35b0ce86c2f33a155cc3c053eba646e3b43"}], 0x0, &(0x7f0000001440)=[@sndrcv={0x0, 0x84, 0x1, {0xfffffffffffffffb, 0x4f, 0x200, 0xffff, 0xffff, 0x6, 0x3, 0x5, r1}}, @sndinfo={0x0, 0x84, 0x2, {0x200, 0x1, 0x8, 0xfffffffffffffffd, r1}}, @sndrcv={0x0, 0x84, 0x1, {0x9, 0x63644961, 0x4, 0x5, 0x3fc4, 0x85, 0x7, 0xffffffff, r1}}, @init={0x0, 0x84, 0x0, {0x8, 0x5800000000000000, 0x1f, 0x3}}, @init={0x0, 0x84, 0x0, {0x9, 0x401, 0x1, 0x100}}, @init={0x0, 0x84, 0x0, {0xffffffff, 0x2, 0x1, 0x8}}], 0x0, 0x8000}, {&(0x7f0000001580)=@in6={0xa, 0x4e24, 0x4, @dev={0xfe, 0x80, [], 0x18}, 0x8}, 0x0, &(0x7f00000017c0)=[{&(0x7f00000015c0)="48d5677451580ddb94987eba57935e75d0b3c2865423226f44c8360c3680ecb439b69a45024a95dbc7b68fd4611e37278df33b8153beea1bf7baa8540b7b747ebe5271fb21c0653f914f1b5173d082fe92355eeabfc96df2e3fc4bb6ef0b1bdb6139b241cf94e3f6d0e3dd6a81bea182daaa3ad1d90920f5a965fc8269eead5623f9f6f9b5ec0f6fc3e25d79e3490be605050eefef11e3401ec6500021afd1643318e30562c075f1d49e6ec483d3a19a7f6b8450ddd985cd43586c5aefc34729a9fa92c26d1a015b212b923f55167934821139c9fc7693f9e55ff76d15df1ebd6eb9e0f23acf1c7a2183"}, {&(0x7f00000016c0)="2d065fd4ab8ed46e4418568d47502d3224ad1e5b5a31b7811b6c7935993c6a91d20d32772c5259f6c4a59a0303f973a897049d8c2c13a9ef358fc02039e14c1324c04aed41cb994b0df5ab66520a76e1236707d650a52e26e06b9c733680aba601a08d726dea475ed1b4006a1c7d0fae7e23700dcdab763b344bb6f50688c9667e7f615d41101cb1674cac8f05b33fe953eeeed4242f7776d617c48464e4a9f5cb0572e6faf5a7f1e878e0f36887b5168d2f41c3363b5c0f5c8ad06944142d962a367713205c47921938845e74c60dbe808570a6c76e1368807c11a3bb8230bb0d2716467257"}], 0x0, &(0x7f0000001800)=[@init={0x0, 0x84, 0x0, {0xdb68, 0x7, 0x0, 0x1}}, @init={0x0, 0x84, 0x0, {0x0, 0x4, 0x100000001, 0x5}}, @init={0x0, 0x84, 0x0, {0x5, 0x399, 0x2, 0x7fff}}, @sndinfo={0x0, 0x84, 0x2, {0x7, 0x8008, 0x7, 0x100, r1}}, @sndinfo={0x0, 0x84, 0x2, {0x5, 0x2, 0x10001, 0x7fffffff, r1}}, @sndinfo={0x0, 0x84, 0x2, {0x5, 0x4, 0x1, 0xfff, r1}}, @sndinfo={0x0, 0x84, 0x2, {0x1ff, 0x200, 0x2, 0xfffffffffffff800, r1}}, @init={0x0, 0x84, 0x0, {0x80000000, 0x1, 0x3f, 0x80}}, @init={0x0, 0x84, 0x0, {0x8001, 0x8, 0x7, 0x7fcb}}], 0x0, 0x1}, {&(0x7f00000019c0)=@in6={0xa, 0x4e23, 0xfffffffffffff001, @local={0xfe, 0x80, [], 0xaa}, 0x1}, 0x0, &(0x7f0000001b80)=[{&(0x7f0000001a00)="4611d84dd29e1627fc2f554251318f7d21084b50013fec72a071ba08b70499aabb7d39406951c5ddbeb2b4b43893058da7a90242ddbfdc9a8ef16308e6d73f699307a0e0a4fb19b38c1386126e6feb8830e802b11c69e8f15b483e6fafefb11764029503b17fb12747cbcd929d18161efa4abecf1393d8b1b3b201ee0ca6d587fe906dc917d78ec6325d0fd33c1aee7f1d9971da5e7606660f2f2de084290b9bcc"}, {&(0x7f0000001ac0)="3671ddb2c4b642c6155855be1b0cbcb728a1cb233d50e2928e7642ce6bde69c5546a7e675a1e77f4dc0b50b9c132587566ac276313a7637a7ebc76ab080f616621f6859235d234693ceab33a54ffb1f11a80c9c27cb2b8d4ee5232564c561efa8070d0596790bf833b2ff6499c03a352e969830662d48c3408813b847d6bf62c7bc77816033625d69eb1adcf9e1ca1782ee75a3a3ebdb21a3b6a4e2034cf6be03d9eed1b666bf83578367d0275e0a727fd2737145238eb874d202cf071f9"}], 0x0, 0x0, 0x0, 0x800}], 0xa8dfcb0386d02467, 0x800000040000)

[  124.815116] FAULT_INJECTION: forcing a failure.
[  124.815116] name failslab, interval 1, probability 0, space 0, times 0
[  124.826420] CPU: 0 PID: 8665 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  124.833517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  124.842865] Call Trace:
[  124.845449]  dump_stack+0x194/0x24d
[  124.849060]  ? arch_local_irq_restore+0x53/0x53
[  124.853709]  ? __save_stack_trace+0x7e/0xd0
[  124.858022]  should_fail+0x8c0/0xa40
[  124.861719]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  124.866800]  ? kasan_kmalloc+0xad/0xe0
[  124.870665]  ? __kmalloc+0x162/0x760
[  124.874358]  ? ext4_htree_store_dirent+0x8b/0x580
[  124.879175]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  124.883992]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  124.888645]  ? exportfs_get_name+0x1a0/0x240
[  124.893036]  ? reconnect_path+0x1f1/0x670
[  124.897162]  ? exportfs_decode_fh+0x28a/0x5b0
[  124.901637]  ? SyS_open_by_handle_at+0x27/0x30
[  124.906197]  ? do_syscall_64+0x281/0x940
[  124.910237]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  124.915582]  ? find_held_lock+0x35/0x1d0
[  124.919626]  ? __lock_is_held+0xb6/0x140
[  124.923677]  ? check_same_owner+0x320/0x320
[  124.927980]  ? rcu_note_context_switch+0x710/0x710
[  124.933328]  should_failslab+0xec/0x120
[  124.937285]  __kmalloc+0x63/0x760
[  124.940717]  ? str2hashbuf_unsigned+0x250/0x250
[  124.945368]  ? ext4_htree_store_dirent+0x8b/0x580
[  124.950369]  ext4_htree_store_dirent+0x8b/0x580
[  124.955028]  htree_dirblock_to_tree+0x4e8/0xa00
[  124.959685]  ? dx_probe+0x1070/0x1070
[  124.963467]  ? save_stack+0xa3/0xd0
[  124.967073]  ? kmem_cache_alloc_trace+0x136/0x740
[  124.971892]  ? ext4_readdir+0x2285/0x3600
[  124.976024]  ? iterate_dir+0x1ca/0x530
[  124.979889]  ? get_name+0x52a/0x730
[  124.983496]  ? exportfs_get_name+0x1a0/0x240
[  124.987882]  ? reconnect_path+0x1f1/0x670
[  124.992007]  ? exportfs_decode_fh+0x28a/0x5b0
[  124.996486]  ? do_handle_open+0x374/0x8a0
[  125.000611]  ? SyS_open_by_handle_at+0x27/0x30
[  125.005170]  ? do_syscall_64+0x281/0x940
[  125.009208]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.014550]  ? __lock_acquire+0x664/0x3e00
[  125.018766]  ext4_htree_fill_tree+0x2bb/0xcb0
[  125.023240]  ? print_irqtrace_events+0x270/0x270
[  125.027973]  ? do_split+0x1d30/0x1d30
[  125.031761]  ? __lock_is_held+0xb6/0x140
[  125.035807]  ? ext4_readdir+0x2285/0x3600
[  125.039934]  ? rcu_read_lock_sched_held+0x108/0x120
[  125.044926]  ? kmem_cache_alloc_trace+0x459/0x740
[  125.049742]  ? do_syscall_64+0x281/0x940
[  125.053782]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.059127]  ? free_rb_tree_fname+0x9c/0xe0
[  125.063427]  ext4_readdir+0x206a/0x3600
[  125.067381]  ? debug_mutex_init+0x1c/0x60
[  125.071521]  ? __ext4_check_dir_entry+0x320/0x320
[  125.076347]  ? lock_acquire+0x1d5/0x580
[  125.080295]  ? lock_acquire+0x1d5/0x580
[  125.084245]  ? iterate_dir+0xc3/0x530
[  125.088033]  ? lock_release+0xa40/0xa40
[  125.091990]  ? _copy_to_user+0xc0/0xc0
[  125.095861]  ? rcu_note_context_switch+0x710/0x710
[  125.100774]  ? __might_sleep+0x95/0x190
[  125.104730]  ? down_read_killable+0x95/0x180
[  125.109112]  ? iterate_dir+0xc3/0x530
[  125.112891]  ? down_write+0x120/0x120
[  125.116674]  iterate_dir+0x1ca/0x530
[  125.120370]  get_name+0x52a/0x730
[  125.123804]  ? bl_cleanup_pipefs+0x30/0x30
[  125.128025]  ? exportfs_encode_fh+0x100/0x100
[  125.132526]  exportfs_get_name+0x1a0/0x240
[  125.136737]  ? exportfs_get_name+0x1a0/0x240
[  125.141123]  ? get_name+0x730/0x730
[  125.144724]  ? up_read+0x40/0x40
[  125.148074]  reconnect_path+0x1f1/0x670
[  125.152036]  exportfs_decode_fh+0x28a/0x5b0
[  125.156338]  ? drop_caches_sysctl_handler+0x160/0x160
[  125.161504]  ? find_acceptable_alias+0x1e0/0x1e0
[  125.166240]  ? __fget_light+0x2b2/0x3c0
[  125.170192]  ? fget_raw+0x20/0x20
[  125.173621]  ? __check_object_size+0x8b/0x530
[  125.178101]  ? __might_sleep+0x95/0x190
[  125.182064]  do_handle_open+0x374/0x8a0
[  125.186022]  ? vfs_dentry_acceptable+0x10/0x10
[  125.190586]  ? SyS_write+0x184/0x220
[  125.194281]  ? SyS_read+0x220/0x220
[  125.197891]  SyS_open_by_handle_at+0x27/0x30
[  125.202275]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  125.207012]  do_syscall_64+0x281/0x940
[  125.210882]  ? vmalloc_sync_all+0x30/0x30
[  125.215008]  ? _raw_spin_unlock_irq+0x27/0x70
[  125.219486]  ? finish_task_switch+0x1c1/0x7e0
[  125.223958]  ? syscall_return_slowpath+0x550/0x550
[  125.228865]  ? syscall_return_slowpath+0x2ac/0x550
[  125.233771]  ? prepare_exit_to_usermode+0x350/0x350
[  125.238764]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  125.244107]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  125.248933]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.254097] RIP: 0033:0x454e79
[  125.257262] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
2018/03/31 16:37:34 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0x7, 0x5)
getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000080)={'raw\x00'}, &(0x7f0000000000)=0x54)
sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000024000)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)={0x1c, 0x400080000028, 0xaff, 0x0, 0x0, {0x1}, [@typed={0x8, 0x0, @u32}]}, 0x1c}, 0x1}, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000100)={<r2=>0x0, 0xcd}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000180)={r2, @in6={{0xa, 0x4e23, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0x6}}}, 0x84)

2018/03/31 16:37:34 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:34 executing program 1:
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000540))
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$alg(r0, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f00000006c0)={r2})
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r1, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  125.264950] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  125.272196] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  125.279442] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  125.286687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  125.293933] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000021
2018/03/31 16:37:34 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
close(r0)
r1 = socket$inet(0x10, 0x3, 0xc)
accept$alg(r0, 0x0, 0x0)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x80c00)
connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @hyper}, 0x10)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r2, 0xc008551c, &(0x7f0000000100)=ANY=[@ANYBLOB="ff0100001c000000060000000800000000000000000000008bd20000090c000000000080f1b2fcf361275d7475bd74a0ff2625307f98f1739d7c6abf3fc719a260cf1630700c102e919d62792d672234ddb3305fbbbf5be8c64868d60f1b7cea12167920b17c6dca9668c23f964cafce9b9332db18276c69e97464b4a0bf8ce4462b38ee7e86d006737c64a184553928dbb9240740cac281e4306de19427eb732b2e3b0c1dc952c453e0a000643f3e6370abdcd1"])
sendmsg(r1, &(0x7f00000001c0)={0x0, 0xfffffffffffffe34, &(0x7f0000000080)=[{&(0x7f0000000200)="24000000100007031dfffd946fa2830020200a0009000300001d85687f0000000400ff7e28000000100043ba16a0aa1ca10bb356da5d8060000000060000000029ec2400020cd37ed01cc073", 0x4c}], 0x1bf, 0x0, 0x8b}, 0x0)

2018/03/31 16:37:34 executing program 7:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0x80000001, 0x40000)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={<r1=>0x0, @in6={{0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, [], 0x16}, 0x193}}, 0xf91c, 0x2b006874}, &(0x7f0000000340)=0x90)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000380)={r1, @in6={{0xa, 0x4e21, 0x10001, @ipv4={[], [0xff, 0xff], @rand_addr=0x92cd}, 0x4}}}, 0x84)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20\x00'}, 0x58)
r3 = accept$alg(r2, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r5=>r4})
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000100)={0x7, 0x7fff, 0x8000, 0xb46, 0x6, 0x7, 0x3f, 0x10001, <r6=>0x0}, &(0x7f0000000140)=0x20)
setsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000200)={r6, 0x9, 0x0, 0x1000}, 0x10)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000bfef9b9d2a4b20079fffffffffffffe00", 0x20)
sendmsg$inet_sctp(r3, &(0x7f0000001680)={&(0x7f00000000c0)=@in={0x2}, 0x10, &(0x7f0000001540)=[{&(0x7f0000000540)="5155de77dc492cdc5bcf9e77fcdca16aa4dd1530359eacae68be3f3dafca548791c00137cd4dcc904a225e8e0da13684f006ad4bed205d12ec43dc78a8df1eecabc4358bf2df2c27c749fd1c1b50ee214c056c618a4a94015903140e78739fad3b848dbd333ac06fd50b6c6335c4b703646a398a1ef06b2ea8cf47351cfc08956988329145a2386b874dc7a2246df2dab76900cfd5687a72faf918838edfb5c85c237b425b66b4a2078648d5658ec7d11bbe1ae7bb5b567acc5c3e8804f98fe6b3df72ff1929420042e5796e82ef665b71facdf00e3add9f5ac2572ac40e0e824f329033a45112bd1e498de8c62ae0037a3b46e055cf2ac47bd900198869dd29574de107452f62e83c4a723126b16fc6d3335596bcccaa6037e57f1dff10dea39f4babf5ffb8fe706cc3eecd3d69f7e6e7467effcf56c7cc211be98b83356c488748c5f0ce0735cc210a20a68d555666aefb1350ff9815bc6769f7232a4dce4574b1a8dc42a33b82b6315585ab2ef0e539e9e31b9d4a986e295f796d236e25ebee0f6830095e7e1c7d027ffe12eee896dcf88a3cbe8588521077478829d0b8e0b7ae53e7c311e05dca18b4fe222cc44bd5f5fa94b6dc9a29e7ed1cb3750ea425abd15a0f7dd88790541cb66826db779296310bea8524e23ad2b3ba6f3d122dca0a5e78cc42958f31f6b51eb6086d04b8e88a57992121abd71f4b9699b4b8f0a53be894ad0aacefe5d89bfb567a1dddb28def1e26d01c2d66306a283e26175a1e0e81ef366cc50c36d991653d28d1784b6a92365a3dbf813e85a436dd917bdabe649e2e3ad8f7253209214e8ad08bd33450a71aa065b7d6d3fa47a76ff3441fa8bb8c73ef992b74708c05e0f3ffccb772228ae2dd7aee52a341f56f054f00b682a63a21b06869dbe29188ed870e59f215f19b5a555166716a5f597a27de30da945b12847c1ceaac509b0e9463d917f205e6230fde3258133a60df272c72c2da00d063b32ece774c7035545152782d12098fe55b79ffe8072f609c51d2652f70e01bc9c2508cbd8f69889955dfdd2fede4340a2d4e35bc088a2b0f38ad95be3661db64ccb3ffd5c4b25e6821fc287c8a0c6455cf4f096127bc411624004f0a03909100ef374f121d704caad9aa2e8d72cb19db72fd70496566f830bb294b3754c87dfac5dbac4f7ca087138dfd08717e54f9aa7f840902bba10b093bd7f4adb52a8131af60cfc8a0131d6c79cd20620af2db11222fbb438cac550b23e003de6f56bece7fe196795ebe672fc2ac6e46e79ec9243af1072f36fdfd7b1370bc7ba1795eb68c295d863392758000077c3596888f6e62831431a714b99331bfb1a85d67b68f0052816ddbc96bb664d25b62a813eab37f507967e576d0aec174c09e180018f81565d87d048432df9b63c04ec64dd9a505", 0x3f3}], 0x1, &(0x7f0000001640)=[@sndrcv={0x30, 0x84, 0x1, {0x4, 0x3, 0x2, 0xb51e, 0x1f, 0x9, 0xfffffffffffffe00, 0x2}}], 0x30, 0x10}, 0x20000000)
recvmsg(r3, &(0x7f0000000480)={&(0x7f0000000040)=@nfc_llcp, 0x1e, &(0x7f0000b9c000)=[{&(0x7f000080f000)=""/4096, 0x1000}], 0x1, &(0x7f0000da2000)}, 0x0)

2018/03/31 16:37:34 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:34 executing program 6 (fault-call:2 fault-nth:34):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:34 executing program 1:
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000540))
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$alg(r0, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f00000006c0)={r2})
r3 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r3, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r1, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r4}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  125.487462] FAULT_INJECTION: forcing a failure.
[  125.487462] name failslab, interval 1, probability 0, space 0, times 0
[  125.498767] CPU: 1 PID: 8705 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  125.505866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  125.515209] Call Trace:
[  125.517796]  dump_stack+0x194/0x24d
[  125.521428]  ? arch_local_irq_restore+0x53/0x53
[  125.526095]  ? __save_stack_trace+0x7e/0xd0
[  125.530420]  should_fail+0x8c0/0xa40
[  125.534132]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  125.539238]  ? kasan_kmalloc+0xad/0xe0
[  125.543118]  ? __kmalloc+0x162/0x760
[  125.546825]  ? ext4_htree_store_dirent+0x8b/0x580
[  125.551667]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  125.556504]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  125.561172]  ? exportfs_get_name+0x1a0/0x240
[  125.565570]  ? reconnect_path+0x1f1/0x670
[  125.569694]  ? exportfs_decode_fh+0x28a/0x5b0
[  125.574160]  ? do_handle_open+0x374/0x8a0
[  125.578287]  ? SyS_open_by_handle_at+0x27/0x30
[  125.582856]  ? do_syscall_64+0x281/0x940
[  125.586903]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.592262]  ? find_held_lock+0x35/0x1d0
[  125.596315]  ? __lock_is_held+0xb6/0x140
[  125.600383]  ? check_same_owner+0x320/0x320
[  125.604705]  ? rcu_note_context_switch+0x710/0x710
[  125.609639]  should_failslab+0xec/0x120
[  125.613610]  __kmalloc+0x63/0x760
[  125.617063]  ? str2hashbuf_unsigned+0x250/0x250
[  125.621732]  ? ext4_htree_store_dirent+0x8b/0x580
[  125.626559]  ext4_htree_store_dirent+0x8b/0x580
[  125.631213]  htree_dirblock_to_tree+0x4e8/0xa00
[  125.635877]  ? dx_probe+0x1070/0x1070
[  125.639658]  ? save_stack+0xa3/0xd0
[  125.643261]  ? kmem_cache_alloc_trace+0x136/0x740
[  125.648077]  ? ext4_readdir+0x2285/0x3600
[  125.652203]  ? iterate_dir+0x1ca/0x530
[  125.656072]  ? get_name+0x52a/0x730
[  125.659669]  ? exportfs_get_name+0x1a0/0x240
[  125.664056]  ? reconnect_path+0x1f1/0x670
[  125.668180]  ? exportfs_decode_fh+0x28a/0x5b0
[  125.672645]  ? do_handle_open+0x374/0x8a0
[  125.676762]  ? SyS_open_by_handle_at+0x27/0x30
[  125.681319]  ? do_syscall_64+0x281/0x940
[  125.685363]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.690709]  ? __lock_acquire+0x664/0x3e00
[  125.695006]  ext4_htree_fill_tree+0x2bb/0xcb0
[  125.699487]  ? print_irqtrace_events+0x270/0x270
[  125.704217]  ? do_split+0x1d30/0x1d30
[  125.707998]  ? __lock_is_held+0xb6/0x140
[  125.712041]  ? ext4_readdir+0x2285/0x3600
[  125.716161]  ? rcu_read_lock_sched_held+0x108/0x120
[  125.721157]  ? kmem_cache_alloc_trace+0x459/0x740
[  125.725979]  ? copy_overflow+0x20/0x20
[  125.729860]  ? free_rb_tree_fname+0x9c/0xe0
[  125.734167]  ext4_readdir+0x206a/0x3600
[  125.738153]  ? __ext4_check_dir_entry+0x320/0x320
[  125.742985]  ? lockref_get+0x42/0x50
[  125.746685]  ? lock_acquire+0x1d5/0x580
[  125.750645]  ? lock_acquire+0x1d5/0x580
[  125.754608]  ? iterate_dir+0xc3/0x530
[  125.758386]  ? lock_release+0xa40/0xa40
[  125.762696]  ? check_same_owner+0x320/0x320
[  125.766991]  ? _copy_to_user+0xc0/0xc0
[  125.770862]  ? down_read_killable+0x95/0x180
[  125.775248]  ? iterate_dir+0xc3/0x530
[  125.779028]  ? down_write+0x120/0x120
[  125.782805]  iterate_dir+0x1ca/0x530
[  125.786497]  get_name+0x52a/0x730
[  125.789921]  ? bl_cleanup_pipefs+0x30/0x30
[  125.794129]  ? exportfs_encode_fh+0x100/0x100
[  125.798607]  exportfs_get_name+0x1a0/0x240
[  125.802812]  ? exportfs_get_name+0x1a0/0x240
[  125.807196]  ? get_name+0x730/0x730
[  125.810794]  ? up_read+0x40/0x40
[  125.814137]  reconnect_path+0x1f1/0x670
[  125.818087]  exportfs_decode_fh+0x28a/0x5b0
[  125.822380]  ? drop_caches_sysctl_handler+0x160/0x160
[  125.827543]  ? find_acceptable_alias+0x1e0/0x1e0
[  125.832274]  ? __fget_light+0x2b2/0x3c0
[  125.836221]  ? fget_raw+0x20/0x20
[  125.839644]  ? __check_object_size+0x8b/0x530
[  125.844119]  ? __might_sleep+0x95/0x190
[  125.848072]  do_handle_open+0x374/0x8a0
[  125.852028]  ? vfs_dentry_acceptable+0x10/0x10
[  125.856590]  ? SyS_write+0x184/0x220
[  125.860282]  ? SyS_read+0x220/0x220
[  125.863884]  SyS_open_by_handle_at+0x27/0x30
[  125.868263]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  125.872992]  do_syscall_64+0x281/0x940
[  125.876854]  ? vmalloc_sync_all+0x30/0x30
[  125.880978]  ? _raw_spin_unlock_irq+0x27/0x70
[  125.885450]  ? finish_task_switch+0x1c1/0x7e0
[  125.889927]  ? syscall_return_slowpath+0x550/0x550
[  125.894829]  ? syscall_return_slowpath+0x2ac/0x550
[  125.899729]  ? prepare_exit_to_usermode+0x350/0x350
[  125.904718]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  125.910056]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  125.914873]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  125.920040] RIP: 0033:0x454e79
[  125.923209] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  125.930894] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
2018/03/31 16:37:35 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r3=>0x0)
io_submit(r3, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r2, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:35 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x1, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:35 executing program 6 (fault-call:2 fault-nth:35):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:35 executing program 4:
perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x0, &(0x7f0000001080)=""/4096, &(0x7f0000000080)=0x1000)

2018/03/31 16:37:35 executing program 7:
sched_setaffinity(0x0, 0x8, &(0x7f0000d81ff8)=0x101)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000600)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r0, 0xaf01, &(0x7f0000000280))
eventfd2(0xae73, 0x800)
r1 = eventfd(0x80000002)
write$eventfd(r1, &(0x7f0000000080)=0xffffffffffffff90, 0x8)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000857ff8)={0x0, r1})
write$eventfd(r1, &(0x7f0000000040), 0x8)
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{}, {0x77359400}})

2018/03/31 16:37:35 executing program 1:
r0 = socket$inet(0x10, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:35 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="6e65742f72745f636163686500496fae580400000000000000d202d187ff6eb325e8d6877e7bcde7ab4185eed4ee62547f29d62ecd894f6e702b47804761b24d7dc2b9eb1d0f6d030a76873781201452a09a6e862fcf44406984805fc6f413b9c2c0df0bc31317c7d09b43cece6ac60f2ee522eaea31ff60a4c1b8cc944f52f3df0465230c4cc8d9dacf6ac753de87638ca7273f4f84b09f91443b8d5a4044fc415c0a8b3f6348773ad7f1c94681796149b39dbd8229dde012fe547dfd9cf4f0ac4ef19f8e7871732f66ca7f38e6cc70f1045b816be28ec444b82cc85eeed4c73c728a")
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x800000000004, 0x20011, r0, 0x0)
readv(r0, &(0x7f0000000340)=[{&(0x7f0000000240)=""/239, 0xef}], 0x1)
getsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=""/198, &(0x7f0000000100)=0xbe)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000380)={<r1=>0x0, 0xffffffffffffffff, 0x9}, &(0x7f00000003c0)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000400)={r1, 0x739, 0x30}, &(0x7f0000000440)=0xc)

2018/03/31 16:37:35 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0500040037003103000000000000000008000000ecf88a3b582004fc7cea693074d1ff918ac6a642804698287962cf81eaf0120bdaa52347fc7c90d380142f041f5d0365d9a01641080b2dd867485bb45356053c33fe04e1d081b2a6ade58e3e3e44b8fe744a034aeb8bf0a29a8f3b694b5d3b7233fc3937fd21e7c95e3d975052bbf17bd91e5a773ec8ce9b9aaf995675d61e5d30833bcaac351adf4417a749a093f77efc7a26a366de6fcea5b1a9239059f29cd1a15c69abfc49f9ae6c26fa6b9d3f4ee4b132d50b6f489edac636efa5b16942f9437ef35804afb0f4832e42492cb84f82d29c07eb009649"], 0x14}, 0x1}, 0x0)

[  125.938140] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  125.945388] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  125.952634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  125.959880] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000022
[  126.036976] FAULT_INJECTION: forcing a failure.
[  126.036976] name failslab, interval 1, probability 0, space 0, times 0
[  126.048274] CPU: 0 PID: 8735 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  126.055369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  126.064711] Call Trace:
[  126.067305]  dump_stack+0x194/0x24d
[  126.070932]  ? arch_local_irq_restore+0x53/0x53
[  126.075583]  ? __save_stack_trace+0x7e/0xd0
[  126.079896]  should_fail+0x8c0/0xa40
[  126.083597]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  126.088684]  ? kasan_kmalloc+0xad/0xe0
[  126.092550]  ? __kmalloc+0x162/0x760
[  126.096245]  ? ext4_htree_store_dirent+0x8b/0x580
[  126.101064]  ? htree_dirblock_to_tree+0x4e8/0xa00
[  126.105880]  ? ext4_htree_fill_tree+0x2bb/0xcb0
[  126.110532]  ? exportfs_get_name+0x1a0/0x240
[  126.114916]  ? reconnect_path+0x1f1/0x670
[  126.119043]  ? exportfs_decode_fh+0x28a/0x5b0
[  126.123514]  ? do_handle_open+0x374/0x8a0
[  126.127638]  ? SyS_open_by_handle_at+0x27/0x30
[  126.132195]  ? do_syscall_64+0x281/0x940
[  126.136234]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.141581]  ? find_held_lock+0x35/0x1d0
[  126.145627]  ? __lock_is_held+0xb6/0x140
[  126.149676]  ? check_same_owner+0x320/0x320
[  126.153977]  ? rcu_note_context_switch+0x710/0x710
[  126.158891]  should_failslab+0xec/0x120
[  126.162842]  __kmalloc+0x63/0x760
[  126.166275]  ? str2hashbuf_unsigned+0x250/0x250
[  126.170926]  ? ext4_htree_store_dirent+0x8b/0x580
[  126.175752]  ext4_htree_store_dirent+0x8b/0x580
[  126.180403]  htree_dirblock_to_tree+0x4e8/0xa00
[  126.185059]  ? dx_probe+0x1070/0x1070
[  126.188840]  ? save_stack+0xa3/0xd0
[  126.192447]  ? kmem_cache_alloc_trace+0x136/0x740
[  126.197267]  ? ext4_readdir+0x2285/0x3600
[  126.201397]  ? iterate_dir+0x1ca/0x530
[  126.205260]  ? get_name+0x52a/0x730
[  126.208867]  ? exportfs_get_name+0x1a0/0x240
[  126.213252]  ? reconnect_path+0x1f1/0x670
[  126.217376]  ? exportfs_decode_fh+0x28a/0x5b0
[  126.221851]  ? do_handle_open+0x374/0x8a0
[  126.225976]  ? SyS_open_by_handle_at+0x27/0x30
[  126.230533]  ? do_syscall_64+0x281/0x940
[  126.234570]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.239911]  ? __lock_acquire+0x664/0x3e00
[  126.244123]  ext4_htree_fill_tree+0x2bb/0xcb0
[  126.248597]  ? print_irqtrace_events+0x270/0x270
[  126.253330]  ? do_split+0x1d30/0x1d30
[  126.257119]  ? __lock_is_held+0xb6/0x140
[  126.261163]  ? ext4_readdir+0x2285/0x3600
[  126.265294]  ? rcu_read_lock_sched_held+0x108/0x120
[  126.270289]  ? kmem_cache_alloc_trace+0x459/0x740
[  126.275110]  ? do_syscall_64+0x281/0x940
[  126.279149]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.284493]  ? percpu_ref_put_many+0x11a/0x220
[  126.289050]  ? free_rb_tree_fname+0x9c/0xe0
[  126.293351]  ext4_readdir+0x206a/0x3600
[  126.297301]  ? debug_mutex_init+0x1c/0x60
[  126.301425]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  126.306426]  ? __ext4_check_dir_entry+0x320/0x320
[  126.311246]  ? lockref_get+0x42/0x50
[  126.314940]  ? lock_acquire+0x1d5/0x580
[  126.318888]  ? lock_acquire+0x1d5/0x580
[  126.322838]  ? iterate_dir+0xc3/0x530
[  126.326618]  ? lock_release+0xa40/0xa40
[  126.330568]  ? check_same_owner+0x320/0x320
[  126.334865]  ? _copy_to_user+0xc0/0xc0
[  126.338729]  ? rcu_note_context_switch+0x710/0x710
[  126.343639]  ? __might_sleep+0x95/0x190
[  126.347591]  ? down_read_killable+0x95/0x180
[  126.351974]  ? iterate_dir+0xc3/0x530
[  126.355752]  ? down_write+0x120/0x120
[  126.359536]  iterate_dir+0x1ca/0x530
[  126.363232]  get_name+0x52a/0x730
[  126.366663]  ? bl_cleanup_pipefs+0x30/0x30
[  126.370880]  ? exportfs_encode_fh+0x100/0x100
[  126.375377]  exportfs_get_name+0x1a0/0x240
[  126.379587]  ? exportfs_get_name+0x1a0/0x240
[  126.383972]  ? get_name+0x730/0x730
[  126.387575]  ? up_read+0x40/0x40
[  126.390925]  reconnect_path+0x1f1/0x670
[  126.394882]  exportfs_decode_fh+0x28a/0x5b0
[  126.399179]  ? drop_caches_sysctl_handler+0x160/0x160
[  126.404348]  ? find_acceptable_alias+0x1e0/0x1e0
[  126.409083]  ? __fget_light+0x2b2/0x3c0
[  126.413037]  ? fget_raw+0x20/0x20
[  126.416468]  ? __check_object_size+0x8b/0x530
[  126.420947]  ? __might_sleep+0x95/0x190
[  126.424910]  do_handle_open+0x374/0x8a0
[  126.428862]  ? vfs_dentry_acceptable+0x10/0x10
[  126.433421]  ? SyS_write+0x184/0x220
[  126.437112]  ? SyS_read+0x220/0x220
[  126.440719]  SyS_open_by_handle_at+0x27/0x30
[  126.445102]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  126.449837]  do_syscall_64+0x281/0x940
[  126.453702]  ? trace_event_raw_event_sys_exit+0x260/0x260
[  126.459216]  ? syscall_return_slowpath+0x550/0x550
[  126.464124]  ? syscall_return_slowpath+0x2ac/0x550
[  126.469040]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  126.474469]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  126.479293]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.484459] RIP: 0033:0x454e79
2018/03/31 16:37:35 executing program 4:
getpid()
socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000040))
perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000387000), 0x4)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0)
connect$unix(r1, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa)
close(r0)

2018/03/31 16:37:35 executing program 3:
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000280)='tls\x00', 0x4)
r0 = semget$private(0x0, 0x408, 0x0)
semop(r0, &(0x7f000027b000)=[{0x0, 0x400000ffff}], 0x1)
socketpair(0xb, 0x2, 0x9, &(0x7f0000000340)={<r1=>0xffffffffffffffff})
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000380)={0x1, 0x9, 0x6, 0x106})
semop(r0, &(0x7f0000de0000)=[{0x0, 0x4}], 0x1)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000440)=0x1)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x14}, 0x14}, 0x1}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000182000)={&(0x7f0000184000)={0x2, 0x4000000000000d, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x0, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}]}, 0x40}, 0x1}, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f00000003c0)={{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x4e24, 0x8, @loopback={0x0, 0x1}}, 0x0, [0x1, 0x5, 0x9a9c, 0xb5d, 0x0, 0x0, 0x1, 0x3f]}, 0x5c)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000240)='/dev/snd/pcmC#D#c\x00', 0x3, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
sendmsg$IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x300000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000f29bd7000fcdbdf2504000000080005000180000008000400000000002000010008000900740000000c0007002000000010000000080009006e000000"], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
ioctl$fiemap(0xffffffffffffffff, 0x40286608, &(0x7f0000000000)=ANY=[])
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x280100, 0x0)

2018/03/31 16:37:35 executing program 1:
r0 = socket$inet(0x10, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:35 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[  126.487623] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  126.495312] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  126.502558] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  126.509804] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  126.517049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  126.524296] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000023
2018/03/31 16:37:35 executing program 6 (fault-call:2 fault-nth:36):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:35 executing program 1:
r0 = socket$inet(0x10, 0x0, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:35 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

[  126.615154] FAULT_INJECTION: forcing a failure.
[  126.615154] name failslab, interval 1, probability 0, space 0, times 0
[  126.626540] CPU: 1 PID: 8749 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  126.633634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  126.642977] Call Trace:
[  126.645562]  dump_stack+0x194/0x24d
[  126.649190]  ? arch_local_irq_restore+0x53/0x53
[  126.653857]  ? perf_trace_lock+0xd6/0x900
[  126.658011]  should_fail+0x8c0/0xa40
[  126.661731]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  126.666838]  ? perf_trace_lock+0xd6/0x900
[  126.670973]  ? find_held_lock+0x35/0x1d0
[  126.675027]  ? trace_event_raw_event_lock+0x340/0x340
[  126.680206]  ? find_held_lock+0x35/0x1d0
[  126.684261]  ? check_same_owner+0x320/0x320
[  126.688559]  ? find_held_lock+0x35/0x1d0
[  126.692599]  ? rcu_note_context_switch+0x710/0x710
[  126.697511]  should_failslab+0xec/0x120
[  126.701461]  kmem_cache_alloc+0x47/0x760
[  126.705496]  ? lock_release+0xa40/0xa40
[  126.709450]  getname_kernel+0x54/0x340
[  126.713326]  do_file_open_root+0x19c/0x4d0
[  126.717545]  ? do_filp_open+0x3b0/0x3b0
[  126.721498]  ? __alloc_fd+0x29b/0x750
[  126.725278]  ? exit_files+0xb0/0xb0
[  126.728891]  ? free_obj_work+0x690/0x690
[  126.732928]  ? __fget_light+0x2b2/0x3c0
[  126.736885]  ? fget_raw+0x20/0x20
[  126.740331]  file_open_root+0x2fc/0x540
[  126.744296]  ? file_open_root+0x2fc/0x540
[  126.748436]  ? finish_open+0x180/0x180
[  126.752313]  ? do_handle_open+0x3bb/0x8a0
[  126.756460]  ? trace_hardirqs_on+0xd/0x10
[  126.760601]  do_handle_open+0x44c/0x8a0
[  126.764565]  ? vfs_dentry_acceptable+0x10/0x10
[  126.769137]  ? SyS_write+0x184/0x220
[  126.772847]  ? SyS_read+0x220/0x220
[  126.776462]  SyS_open_by_handle_at+0x27/0x30
[  126.780846]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  126.785578]  do_syscall_64+0x281/0x940
[  126.789441]  ? vmalloc_sync_all+0x30/0x30
[  126.793569]  ? _raw_spin_unlock_irq+0x27/0x70
[  126.798052]  ? finish_task_switch+0x1c1/0x7e0
[  126.802534]  ? syscall_return_slowpath+0x550/0x550
[  126.807454]  ? syscall_return_slowpath+0x2ac/0x550
[  126.812380]  ? prepare_exit_to_usermode+0x350/0x350
[  126.817395]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  126.822761]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  126.827598]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  126.832768] RIP: 0033:0x454e79
[  126.835940] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  126.843638] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  126.850884] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  126.858137] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
2018/03/31 16:37:36 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

[  126.865390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  126.872638] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000024
2018/03/31 16:37:36 executing program 2:
r0 = signalfd(0xffffffffffffffff, &(0x7f0000e7d000), 0x8)
read(r0, &(0x7f000062f000)=""/179, 0xb3)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00006cdfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="16003ee2b38b51000000dac45bc9d3611bb5c2450c6afdede1a1715118cecf86af1365b6caec68adcb94882c0a23e22a7818d56ea3fb74aa7c3fe2ec4451e2c87aab4bb1503742ca7556c7cc26c3927557e2414f4fe8ab84121f8327b1cbefd1111100befc3ea1b49641484cad4c72451f3d948d23711e65c508ebf23b5725f07286fcb307d06b903a2f6b8c93fcbcfb1a0191180a67726dc05e1c2a34ed9982e9a2b21797d1293e1589d067"], &(0x7f0000000140)=0x1e)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f000014b000)=<r3=>0x0)
io_submit(r3, 0x2000000000000193, &(0x7f000049bfe8)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, r2, &(0x7f0000391000), 0x31c, 0x40000000000}])
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0xffffffffffffffff, 0x1, 0x401, 0x3, 0x8}})
syncfs(r1)
ioctl$KVM_GET_DIRTY_LOG(0xffffffffffffffff, 0x4010ae42, &(0x7f00000000c0)={0x101ff, 0x0, &(0x7f0000ffc000/0x4000)=nil})
unshare(0x40600)
signalfd4(r0, &(0x7f0000000000), 0x8, 0x0)

2018/03/31 16:37:36 executing program 1:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f000000f000)="240000001a00030207fffd946fa283bc04eee6d87986c49727008568b51ba3a2d188737e", 0x24}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000540))
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f0000000200)=""/128, 0x80}, 0x0)
pipe(&(0x7f0000001800)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$alg(r1, &(0x7f0000002080)=[{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001840)="7c3c2c17750f939e9017490e1bb658b202cd765305d52f24f68785bd3ef1fd25542e216ccc394a68c2dbbc20cbe2b8c5aab1", 0x32}, {&(0x7f0000001a40)="92cbcb187cb289487c99a10bfb1f53a3d7ac0ed9759d5e1146765646e8df657a6ec469ad7021aef4f41533329792372227c483291406794f2053fcca897f14c106c3b5bfa9372aa4674010b5ef471e757fabb64ba82f1200", 0x58}], 0x2, &(0x7f0000001b40)=ANY=[], 0x0, 0x4000}], 0x1, 0x4)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000680)='/dev/dsp\x00', 0x101000, 0x0)
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000180)=@can, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000600)=""/77, 0x4d}, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000006c0)={r3})
r4 = gettid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000740)={{0x200, 0x5, 0x0, 0x7, "b439c3d5f13f4afada1fcb17ea3b5893ad6f9b93e3b5cd9548284500c653d9dc2109789766e79d3b1558952b", 0x100000001}, 0x0, 0x0, 0x9, r4, 0x8000, 0x3, "88c8e5ee13fd8fcbc3748a553defac6f8bb9744d6b0519e049e25b4845d2c0e0bbd2fcb1c6f28ce61287e8cfa5f2b2ed18c3e4fd59f157e8d7bff0fbfe7a495a", &(0x7f0000000700)='\x00', 0x1, [], [0xdf98, 0xeaa6, 0x400, 0x6]})
getsockopt$inet_opts(r2, 0x0, 0x0, &(0x7f0000000580)=""/31, &(0x7f00000005c0)=0x1f)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0xffffffff, 0x2, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', r5}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'sit0\x00'})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000280)=@l2, 0x80, &(0x7f0000000480)=[{&(0x7f0000000140)=""/46, 0x2e}, {&(0x7f0000000300)=""/195, 0xc3}, {&(0x7f0000000400)=""/26, 0x1a}], 0x3, &(0x7f00000004c0)=""/22, 0x16, 0x240000000}, 0x100)

2018/03/31 16:37:36 executing program 3:
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x9)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x1)
ioctl$TCXONC(r1, 0x540a, 0x0)
write(r1, &(0x7f0000000000)="9b", 0x1)
r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x5, 0x424001)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}}, 0xffffffff, 0xffffffffffff7fff, 0x9, "5c95790e2825dd281a3ccbfe47984771113095cc94bc2987307ea6574cffa7f67f9821f6c6ff22d858947b94111b0cf13e548ed92ab640e3b82f83cba754f10726960d97408f6097c75464f59f6597a9"}, 0xd8)
close(r1)
close(r0)

2018/03/31 16:37:36 executing program 5:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0), 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080), 0x10)
recvmsg(r1, &(0x7f0000000480)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000140), 0x0, &(0x7f00000003c0)=""/167, 0xfffffffffffffd12}, 0x0)
syz_open_dev$audion(&(0x7f0000000240)='/dev/audio#\x00', 0x2, 0x2)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x14, 0x27, 0x335, 0x0, 0x0, {0x9}}, 0x14}, 0x1}, 0x0)

2018/03/31 16:37:36 executing program 0:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x2)
mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x101000)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x10000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000400)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20)
r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x183, 0x20000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x9, 0xffffffff7fffffff, 0x3, 0x6, 0x100000001, 0x0, 0x7f, 0x1, 0x62, 0x9, 0xb36, 0x4}, {0xd805, 0x4, 0x1, 0x2, 0x5, 0x40, 0x6, 0x1fe, 0xffffffff, 0xffff, 0x0, 0x6}, {0x5, 0x5, 0x0, 0x9, 0x0, 0x7, 0xfffffffffffffff7, 0x10000, 0x400, 0x100000001, 0x0, 0x101, 0xffffffffffffff80}], 0x1})
write$evdev(r1, &(0x7f0000f15fd0)=[{{}, 0x1, 0x0, 0x2}, {}], 0x30)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x81, 0x0, 0x1ff, 0x3f}, &(0x7f0000000100)=0x14)
readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1)
prctl$setendian(0x14, 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e23}, @in6={0xa, 0x4e22, 0xffffffff, @loopback={0x0, 0x1}, 0xc7}, @in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xfffffffffffffe01}], 0x48)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
preadv(r3, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/103, 0x67}, {&(0x7f0000000240)=""/222, 0xde}, {&(0x7f0000000340)=""/51, 0x33}], 0x3, 0x0)
pread64(r0, &(0x7f00000000c0)=""/143, 0x8f, 0x32)
readv(r0, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0)
syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x100)
dup3(r5, r2, 0x80000)
ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040))

2018/03/31 16:37:36 executing program 6 (fault-call:2 fault-nth:37):
pipe(&(0x7f0000000000))
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)={0x9, 0x2, '\v'}, 0x200000)
tee(r0, r0, 0x2, 0x4)

2018/03/31 16:37:36 executing program 7:
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x90)
r2 = openat(r1, &(0x7f00000001c0)='./file0\x00', 0x20000, 0x7)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000080)={<r3=>0x0, 0x1f, 0x81, 0x40, 0x3, 0x7f}, &(0x7f0000000140)=0x14)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000180)={r3, 0x7ff, 0xffffffffffffffff}, 0x8)
r4 = socket$alg(0x26, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000280)=0x8)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00005f5ffd)='io\x00')
bind$alg(r4, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32\x00'}, 0x58)
r6 = accept4$alg(r5, 0x0, 0x0, 0x800)
sendfile(r6, r5, &(0x7f0000000000), 0x7)
r7 = geteuid()
setfsuid(r7)

2018/03/31 16:37:36 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000000)={'HL\x00'}, &(0x7f0000000040)=0x1e)
socket(0xa, 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000680)=ANY=[@ANYRES32=0x0, @ANYBLOB="79000000aaa65294e2632db610427578032655da62b2907b38699e5aaebd1e38fbe3668d38db9e37a1fe4abecffc7f8d97bcd95be0b438be3b3bf732b793970d7f93dd48bc5d49533f422268cf3a9c552d46065cc8b11ba0c204000000a8422aecd44e0e095d01bd46d46fd3cec71b5796b3ca64ead8c2a53adf5dcb42a634f1fff73e0221c35f61974b4804e428643e2cd67e987aeac6a96da6725e842c8700fa73e60fb8523bca536b1bfdd57dc1d39400360d6c616d00ce5d596c7b47b0f9b05418fa53572e365b7378da27ba9e00658f4ff1f55d073596d754efd1ed342386323af649a1b524243430b05eb876f523c99b9e3415e57d76c85ee6f9fb492ce4a6b77900f5203edce8843b982a0903b21367a8bb785e2cf64b0bb2682fb71226cb6f58c3d3cd968fa0d43c1f974da5249838df"], &(0x7f0000000480)=0x2)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000005c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x1}}, 0x0, 0x8, 0x0, 0x0, 0x8}, 0x98)
socket(0x0, 0x0, 0x0)
r1 = socket(0x11, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000004c0)={'bond0\x00', 0x17fd})
get_thread_area(&(0x7f00000000c0)={0x7, 0x20000800, 0x0, 0x3, 0x9, 0x8, 0x1, 0x3})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000840)={{{@in6=@dev, @in6=@dev}}, {{@in=@local}, 0x0, @in=@broadcast}}, &(0x7f0000000380)=0xe8)
r2 = userfaultfd(0x0)
getsockname$ax25(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x10)
flock(0xffffffffffffffff, 0x0)
r3 = dup(r2)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f00000001c0), 0x4)
ioctl$EVIOCGKEYCODE(0xffffffffffffffff, 0x80084504, &(0x7f0000000940)=""/213)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000f6bfe8)={0xaa})
mremap(&(0x7f0000d7e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00001cd000/0x3000)=nil)
poll(&(0x7f0000000140)=[{r2}], 0x1, 0x0)
perf_event_open$cgroup(&(0x7f00000002c0)={0x0, 0x70, 0x3, 0xb25, 0x5, 0x2, 0x0, 0x0, 0x2, 0x2, 0x4, 0x4, 0x1000, 0x1, 0x101, 0x8001, 0x7, 0xfff, 0xfff, 0x100000001, 0x348fce9a, 0x2, 0x3f, 0x3ff, 0x4, 0x5, 0xb13e, 0x7, 0x5, 0x3, 0x2, 0x1f0, 0x9650, 0x3ff, 0x8, 0x3, 0xfffffffffffffffa, 0x40, 0x0, 0x5, 0x3, @perf_config_ext={0x9, 0x1}, 0x20301, 0xa9f4e86, 0x9, 0x4, 0x6bae55d7, 0x5, 0x8}, r3, 0x5, r3, 0x2)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000280)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
execve(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a80)=[&(0x7f0000000340)='bond0\x00', &(0x7f00000003c0)='HL\x00', &(0x7f0000000400)='\x00', &(0x7f0000000440)=':!+vmnet0uservboxnet0ppp1.ppp0@]\x00', &(0x7f0000000500)='bond0\x00', &(0x7f0000000540)='\'\x00', &(0x7f0000000580)='bond0\x00', &(0x7f00000007c0)='vboxnet1\x00', &(0x7f0000000800)='mime_type\\vboxnet1\x00', &(0x7f0000000a40)='!selinux\x00'], &(0x7f0000000d40)=[&(0x7f0000000b00)='bond0\x00', &(0x7f0000000b40)='bond0\x00', &(0x7f0000000b80)='!\x00', &(0x7f0000000bc0)='bond0\x00', &(0x7f0000000c00)='HL\x00', &(0x7f0000000c40)='em1ppp1\x00', &(0x7f0000000c80)='HL\x00', &(0x7f0000000cc0)='wlan0bdev\x00', &(0x7f0000000d00)='HL\x00'])
fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000200)=0x4)
ioctl$UFFDIO_REGISTER(r2, 0xc028aa03, &(0x7f0000000240)={{&(0x7f00005e3000/0x800000)=nil, 0x800000}, 0x200000})
accept$inet(r3, 0x0, &(0x7f0000000100))
userfaultfd(0x0)

[  127.675216] FAULT_INJECTION: forcing a failure.
[  127.675216] name failslab, interval 1, probability 0, space 0, times 0
[  127.686519] CPU: 1 PID: 8789 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  127.693610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  127.702954] Call Trace:
[  127.705537]  dump_stack+0x194/0x24d
[  127.709170]  ? arch_local_irq_restore+0x53/0x53
[  127.713847]  should_fail+0x8c0/0xa40
[  127.717557]  ? fault_create_debugfs_attr+0x1f0/0x1f0
2018/03/31 16:37:36 executing program 7:
setrlimit(0x7, &(0x7f00008ec000))
mq_open(&(0x7f000004b000)='/$cgrouplo\x00', 0x0, 0x0, &(0x7f000004b000)={0xffffffffffffffff})
r0 = socket$l2tp(0x18, 0x1, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='teql0\x00', 0x10)

[  127.722659]  ? __lock_is_held+0xb6/0x140
[  127.726719]  ? find_held_lock+0x35/0x1d0
[  127.730776]  ? __lock_is_held+0xb6/0x140
[  127.734843]  ? check_same_owner+0x320/0x320
[  127.739160]  ? dx_probe+0x1070/0x1070
[  127.742963]  ? rcu_note_context_switch+0x710/0x710
[  127.747885]  ? print_irqtrace_events+0x270/0x270
[  127.752649]  should_failslab+0xec/0x120
[  127.756621]  kmem_cache_alloc+0x47/0x760
[  127.761154]  ? __lock_acquire+0x664/0x3e00
[  127.765380]  __d_alloc+0xc1/0xbd0
[  127.768819]  ? __lock_acquire+0x664/0x3e00
2018/03/31 16:37:36 executing program 4:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00003de000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x52, r1, 0x0)
write$vnet(r0, &(0x7f0000000040)={0x1, {&(0x7f0000c91000)=""/24, 0x18, &(0x7f0000a5df9b)=""/101}}, 0x68)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x101000, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f00000000c0)={0xfffffffffffffffd, 0x1, 0x5, 0x0, 0x0, [], [], [], 0xff, 0x76106dcb})

[  127.773048]  ? shrink_dcache_for_umount+0x290/0x290
[  127.778063]  ? __lock_acquire+0x664/0x3e00
[  127.782298]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[  127.787490]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[  127.792668]  ? print_irqtrace_events+0x270/0x270
[  127.797425]  d_alloc+0x8e/0x340
[  127.800708]  ? __d_alloc+0xbd0/0xbd0
[  127.804423]  d_alloc_parallel+0x152/0x1b40
[  127.808650]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  127.813661]  ? trace_hardirqs_on+0xd/0x10
[  127.817802]  ? trace_hardirqs_off+0x10/0x10
2018/03/31 16:37:37 executing program 7:
r0 = dup(0xffffffffffffffff)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1bb, 0x1ff, 0x0, 0x5, 0xc, 0x9, "3d9ec108392d9bee3fc8645a19e469fea3c7b0d234adb2c210a3a892ce2c74edf6674b4dd9f81a9873b0d376d9d4df326da5ce62348dae2d1d555b09ec182921", "2664cc6ec89a0837a2544854658495d932dccada9c9ae7823b38c271e8a06f06117e0becc7078f4b853db83eb0c314a8eab917e155cec75fa7c70cc38e82952d", "59ba6a62d11901777e7aafb17b692451d49690403c5495aa9d65ddbb073f050d", [0x5, 0x800]})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000005fd8)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000001ff0)={0x1d, r2}, 0x10)
perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$can_raw(r1, &(0x7f0000001fc8)={&(0x7f000000a000)={0x1d}, 0x10, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x0, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5f700000000000000004e2f9663a918fa1efd9b0b"}, 0x48}, 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000040))

[  127.822115]  ? trace_hardirqs_off+0x10/0x10
[  127.826435]  ? lockref_get+0x42/0x50
[  127.830147]  ? __d_lookup_rcu+0xa00/0xa00
[  127.834291]  ? find_held_lock+0x35/0x1d0
[  127.838350]  ? __d_lookup+0x4f4/0x830
[  127.842147]  ? lock_acquire+0x1d5/0x580
[  127.846113]  ? lock_acquire+0x1d5/0x580
[  127.850076]  ? lookup_slow+0x18e/0x4d0
[  127.853958]  ? lock_release+0xa40/0xa40
[  127.857927]  ? check_same_owner+0x320/0x320
[  127.862241]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  127.867251]  ? rcu_note_context_switch+0x710/0x710
[  127.872176]  ? __might_sleep+0x95/0x190
[  127.876138]  ? down_read+0x96/0x150
[  127.879744]  ? lookup_slow+0x18e/0x4d0
[  127.883614]  ? __down_interruptible+0x6b0/0x6b0
[  127.888269]  ? lock_release+0xa40/0xa40
[  127.892225]  lookup_slow+0x1e5/0x4d0
[  127.895917]  ? exportfs_encode_fh+0x100/0x100
[  127.900388]  ? vfs_unlink+0x480/0x480
[  127.904172]  ? d_lookup+0x1d5/0x2e0
[  127.907790]  lookup_one_len_unlocked+0x302/0x3e0
[  127.912525]  ? lookup_slow+0x4d0/0x4d0
[  127.916392]  ? up_read+0x40/0x40
[  127.919743]  reconnect_path+0x226/0x670
[  127.923700]  exportfs_decode_fh+0x28a/0x5b0
[  127.928000]  ? drop_caches_sysctl_handler+0x160/0x160
[  127.933176]  ? find_acceptable_alias+0x1e0/0x1e0
[  127.937911]  ? __fget_light+0x2b2/0x3c0
[  127.941864]  ? fget_raw+0x20/0x20
[  127.945297]  ? __check_object_size+0x8b/0x530
[  127.949774]  ? __might_sleep+0x95/0x190
[  127.953734]  do_handle_open+0x374/0x8a0
[  127.957690]  ? vfs_dentry_acceptable+0x10/0x10
[  127.962250]  ? SyS_write+0x184/0x220
[  127.965942]  ? SyS_read+0x220/0x220
[  127.969549]  SyS_open_by_handle_at+0x27/0x30
[  127.973935]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  127.978670]  do_syscall_64+0x281/0x940
[  127.982537]  ? vmalloc_sync_all+0x30/0x30
[  127.986662]  ? _raw_spin_unlock_irq+0x27/0x70
[  127.991132]  ? finish_task_switch+0x1c1/0x7e0
[  127.995605]  ? syscall_return_slowpath+0x550/0x550
[  128.000517]  ? syscall_return_slowpath+0x2ac/0x550
[  128.005425]  ? prepare_exit_to_usermode+0x350/0x350
[  128.010421]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  128.015766]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  128.020594]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  128.025760] RIP: 0033:0x454e79
[  128.028929] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  128.036615] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  128.043870] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  128.051125] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  128.058373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  128.065622] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000025
2018/03/31 16:37:37 executing program 4:
r0 = socket(0x1000000000010, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x501, 0x0, 0x0, {}, [@IFLA_IF_NETNSID={0x8, 0x2e}, @IFLA_IFNAME={0x14, 0x3, 'gretap0\x00'}]}, 0x3c}, 0x1}, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000040)=0x80000000, 0x4)

2018/03/31 16:37:37 executing program 4:
r0 = syz_open_procfs(0x0, &(0x7f00000bbff4)='net/rt_acct\x00')
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x284000, 0x0)
unshare(0x8000400)
r2 = mq_open(&(0x7f000004b000)='/$cgrouplo\x00', 0x8c2, 0x0, &(0x7f000004b000)={0xffffffffffffffff, 0x1, 0x3})
r3 = epoll_create1(0x0)
timer_create(0x3, &(0x7f0000000240)={0x0, 0x0, 0x4}, &(0x7f00000002c0)=<r4=>0x0)
clock_gettime(0x0, &(0x7f0000000300)={<r5=>0x0, <r6=>0x0})
timer_settime(r4, 0x0, &(0x7f0000000340)={{}, {r5, r6+30000000}}, &(0x7f0000000380))
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000400)={{{@in=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6}, 0x0, @in=@broadcast}}, &(0x7f0000000500)=0xe8)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000540)={@mcast1={0xff, 0x1, [], 0x1}, 0x78, r7})
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000140)={<r8=>0x0, 0x2000000000000000, 0x0, 0xd206}, &(0x7f0000000180)=0x10)
socket(0x10, 0x1, 0x10000)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000001c0)={0x0, 0xe4, 0x0, 0xfffffffffffffffb, 0x20, 0x0, 0x3, 0x0, r8}, &(0x7f0000000200)=0x20)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000280)=0x2, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000289000))
mq_timedsend(r2, &(0x7f0000012000), 0x0, 0x0, &(0x7f0000036000))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000600)='/dev/ptmx\x00', 0x10f07f, 0x0)
epoll_pwait(r3, &(0x7f0000000000)=[{}], 0x1555555555555758, 0x0, &(0x7f0000000680)={0x6}, 0x2d4)
getsockopt$inet_buf(r1, 0x0, 0x3f, &(0x7f0000000580)=""/96, &(0x7f0000000640)=0x60)
getsockopt(0xffffffffffffffff, 0x2, 0x2, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
preadv(r0, &(0x7f0000388ff0)=[{&(0x7f0000014000)=""/1, 0x1}], 0x1, 0x4)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000003c0)={0x6, 0x5, 0x401}, 0x8)
fcntl$addseals(r3, 0x409, 0x1)

[  128.079116] WARNING: CPU: 1 PID: 8789 at fs/exportfs/expfs.c:96 reconnect_path+0x48e/0x670
[  128.087524] Kernel panic - not syncing: panic_on_warn set ...
[  128.087524] 
[  128.094880] CPU: 1 PID: 8789 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #8
[  128.101970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  128.111313] Call Trace:
[  128.113893]  dump_stack+0x194/0x24d
[  128.117512]  ? arch_local_irq_restore+0x53/0x53
[  128.122180]  ? vsnprintf+0x1ed/0x1900
[  128.125975]  panic+0x1e4/0x41c
[  128.129166]  ? refcount_error_report+0x214/0x214
[  128.133919]  ? show_regs_print_info+0x18/0x18
[  128.138414]  ? __warn+0x1c1/0x200
[  128.141865]  ? reconnect_path+0x48e/0x670
[  128.146009]  __warn+0x1dc/0x200
[  128.149289]  ? reconnect_path+0x48e/0x670
[  128.153434]  report_bug+0x1f4/0x2b0
[  128.157060]  fixup_bug.part.10+0x37/0x80
[  128.161112]  do_error_trap+0x2d7/0x3e0
[  128.164980]  ? math_error+0x400/0x400
[  128.168771]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  128.173592]  do_invalid_op+0x1b/0x20
[  128.177283]  invalid_op+0x1b/0x40
[  128.180713] RIP: 0010:reconnect_path+0x48e/0x670
[  128.185441] RSP: 0018:ffff8801d7a87ad0 EFLAGS: 00010246
[  128.190780] RAX: 0000000000040000 RBX: ffff8801ac9ad5c0 RCX: ffffffff822aaa3e
[  128.198033] RDX: 0000000000040000 RSI: ffffc900066cc000 RDI: ffff8801ac9ad600
[  128.205278] RBP: ffff8801d7a87b28 R08: ffffffff8858c3c0 R09: 1ffff1003af50f1d
[  128.212522] R10: ffff8801d7a87870 R11: 0000000000000000 R12: ffff8801ac9ad5c0
[  128.219768] R13: dffffc0000000000 R14: ffff8801ac9ad5c0 R15: ffff880178769a20
[  128.227029]  ? reconnect_path+0x48e/0x670
[  128.231166]  exportfs_decode_fh+0x28a/0x5b0
[  128.235463]  ? drop_caches_sysctl_handler+0x160/0x160
[  128.240630]  ? find_acceptable_alias+0x1e0/0x1e0
[  128.245367]  ? __fget_light+0x2b2/0x3c0
[  128.249318]  ? fget_raw+0x20/0x20
[  128.252748]  ? __check_object_size+0x8b/0x530
[  128.257227]  ? __might_sleep+0x95/0x190
[  128.261187]  do_handle_open+0x374/0x8a0
[  128.265140]  ? vfs_dentry_acceptable+0x10/0x10
[  128.269703]  ? SyS_write+0x184/0x220
[  128.273395]  ? SyS_read+0x220/0x220
[  128.277009]  SyS_open_by_handle_at+0x27/0x30
[  128.281400]  ? SyS_name_to_handle_at+0x6d0/0x6d0
[  128.286137]  do_syscall_64+0x281/0x940
[  128.290004]  ? vmalloc_sync_all+0x30/0x30
[  128.294135]  ? _raw_spin_unlock_irq+0x27/0x70
[  128.298608]  ? finish_task_switch+0x1c1/0x7e0
[  128.303081]  ? syscall_return_slowpath+0x550/0x550
[  128.307987]  ? syscall_return_slowpath+0x2ac/0x550
[  128.312894]  ? prepare_exit_to_usermode+0x350/0x350
[  128.317889]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  128.323234]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  128.328057]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  128.333224] RIP: 0033:0x454e79
[  128.336392] RSP: 002b:00007f73f54f1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  128.344075] RAX: ffffffffffffffda RBX: 00007f73f54f26d4 RCX: 0000000000454e79
[  128.351321] RDX: 0000000000200000 RSI: 0000000020000040 RDI: 0000000000000015
[  128.358568] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  128.365819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  128.373066] R13: 0000000000000416 R14: 00000000006f82b0 R15: 0000000000000025
[  128.380729] Dumping ftrace buffer:
[  128.384417]    (ftrace buffer empty)
[  128.388102] Kernel Offset: disabled
[  128.391709] Rebooting in 86400 seconds..