1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup2(0xffffffffffffffff, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:11 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000080)={0x3, 0x0, @raw_data=[0x4, 0x5, 0x6, 0x8, 0x401, 0xa91, 0x2, 0x1, 0x8, 0x9, 0x7f, 0x9, 0x9a6, 0x4, 0x9, 0x80000000]}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000)) [ 226.808375] x86/PAT: syz-executor.2:10964 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:11 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$EBT_SO_GET_INFO(r3, 0x0, 0x80, &(0x7f0000000040)={'nat\x00'}, &(0x7f00000000c0)=0x78) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000001c0)=""/4096) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:11 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_TREAD(r3, 0x40045402, &(0x7f0000000000)) 22:26:11 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0x8800000}]) 22:26:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000000180)={'broute\x00', 0x0, 0x3, 0xe3, [], 0x1, &(0x7f0000000040)=[{}], &(0x7f0000000080)=""/227}, &(0x7f0000000240)=0x78) [ 226.932874] x86/PAT: syz-executor.2:10964 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:11 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sysinfo(&(0x7f00000001c0)=""/28) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0xffb9) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r6, 0xffff, 0x6}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000080)={r6, @in6={{0xa, 0x4e21, 0x1, @local, 0x40}}, 0x4, 0x4}, &(0x7f0000000000)=0x90) [ 227.011309] x86/PAT: syz-executor.2:10964 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:11 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000380), 0x80000) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r1, 0x800442d3, &(0x7f00000003c0)={0x2, 0xfff9, 0x8000, @random="50c374c80736", 'veth0\x00'}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x100, 0x0) ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, &(0x7f0000000440)={0x5371286fd042aab4, 0x0, {0x0, 0xffff, 0x0, 0x5}}) syz_genetlink_get_family_id$fou(&(0x7f0000000340)='fou\x00') r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000280)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$KDGKBTYPE(r4, 0x4b33, &(0x7f00000002c0)) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000000c0)={0x0, 0x1fe, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0xc479f44cc94fb4ef}}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000100)={0x6, 0x118, 0xfa00, {{0x103, 0x8, "067dc761a8b09a0aef9a4ba24fb2716822a31a41adafeaf307ab0cc6b06f8632dc3bd62cdea98511d32ed2c302f74545659007bcee49f00194dc3555736e7ca4040b4bb6b9893ac66d844f5db53236f980feb0009162001754ebdf66fad5c7dd42e6d2c8bff40a260e9c74031274c303e0eb0f528a84d65a33934973ed6b56f051b5c5121841081e75bc17558f754d83d6fd1a30dce9b7ad36197acf4f0e9ef0e58fb894e1c02b56c01c41c976899e833da2c787eef4b507710fc85cc9c2ee7c497b6b744a21e319efd321da1fa3359c9e34d3def5f599115457b1f9b844fd32dd3d645730976138ed0952de9740fea58c5c993984347e0249de037a360af411", 0x57, 0x7f, 0x3, 0x0, 0x7, 0x1, 0xc8}, r7}}, 0x120) mknodat(r3, &(0x7f0000000300)='./file0\x00', 0x8000, 0xf449) fsetxattr(r3, &(0x7f0000000000)=@known='system.advise\x00', 0x0, 0xfc95, 0x0) 22:26:11 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup2(0xffffffffffffffff, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 227.138018] audit: type=1804 audit(1569968771.422:61): pid=10975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir571897256/syzkaller.e11t06/188/file0/bus" dev="ramfs" ino=39830 res=1 22:26:11 executing program 0: 22:26:11 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xffffffff000}]) 22:26:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='\x00\x00\r\x00\x00\x02\x00', 0x0, 0x2) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") dup3(r1, 0xffffffffffffffff, 0x80000) 22:26:11 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = socket(0x10, 0x2, 0x0) write(r1, &(0x7f0000000440)="fc0000001c000725ab0925000900070007ab08000800000081001e93210001c000000001000000000000000000039815fa2c1ec28656aaa79bb94b467e0000000a000200035a0201856c256f1a272fdf0d11512f3cadd44000000000008934d05cd3f3187a617cd5000000000000002c05defd5a32e2ab8207000000ec18444ef92e475bba4a463ae4f5566f91cf190201ded815b2ccd243fa95ed94e0ad91bd0734ba3fcd8a57d47689cd3dd16b17e583df150c3b880f411f46a60467b4d57155870271773a580a75e63ecaa10000c880ac801f0300000000fb00000548deac270e33000000000000856a8826237463e9dfc4fbfed8b3e8ab2de084", 0xfc) r2 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r2, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) [ 227.233768] x86/PAT: syz-executor.2:11001 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 227.252027] audit: type=1804 audit(1569968771.512:62): pid=10998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir571897256/syzkaller.e11t06/188/file0/file0/bus" dev="ramfs" ino=39881 res=1 22:26:11 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0xb, 0x0, @raw_data=[0x7d4f, 0xc543, 0x2, 0x80, 0x8, 0x5, 0x1c87, 0x81, 0x3, 0x3, 0x3, 0x1, 0x0, 0x1, 0x9, 0x40]}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r2, 0xc0105303, &(0x7f0000000000)={0x1, 0x4, 0x32}) [ 227.334268] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. 22:26:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x802) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:11 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000080}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0xbc, r3, 0x300, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x10, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2021a33a}]}, @TIPC_NLA_MON={0x44, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfac9f295}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x81}]}, @TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_BEARER={0x30, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e21, @remote}}}}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x4000888}, 0x40000) r4 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r4, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) [ 227.385100] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.4'. [ 227.414113] x86/PAT: syz-executor.2:11001 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:11 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x4}]) 22:26:11 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f00000001c0)={0x2, 0x0, @stop_pts=0x800}) 22:26:11 executing program 0: [ 227.495763] x86/PAT: syz-executor.2:11001 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:11 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x800) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:11 executing program 0: 22:26:11 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) readv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/145, 0x91}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000000000)=""/53, 0x35}], 0x3) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001280)=@filter={'filter\x00', 0xe, 0x4, 0x448, 0x118, 0x238, 0x0, 0x238, 0x238, 0x378, 0x378, 0x378, 0x378, 0x378, 0x4, &(0x7f00000001c0), {[{{@ipv6={@dev={0xfe, 0x80, [], 0x18}, @mcast1, [0xffffffff, 0x7fffff80, 0xffffffff, 0xff000000], [0x0, 0xffffff00, 0xffffffff, 0xff000000], 'bcsh0\x00', 'yam0\x00', {0xff}, {}, 0x2f, 0x1, 0x5, 0x22}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@ipv6header={0x28, 'ipv6header\x00', 0x0, {0xd, 0xee}}]}, @REJECT={0x28, 'REJECT\x00'}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@srh={0x30, 'srh\x00', 0x0, {0x77, 0x80, 0x7f, 0x2, 0x4, 0xa6c, 0x2000}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@common=@inet=@set4={0x50, 'set\x00', 0x4, {{0x7cd9, 0x7f, 0x4}, {0x4, 0x7f}, {0x1, 0x6}, 0x33}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4a8) 22:26:11 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x77, 0x400) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_NETID(r3, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8800840}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x1, 0x70bd29, 0x25dfdbff, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x105) ioctl$VIDIOC_TRY_DECODER_CMD(r2, 0xc0485661, &(0x7f0000000080)={0x1, 0x1, @start={0x3}}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:11 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x88}]) 22:26:12 executing program 3: ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:12 executing program 0: 22:26:12 executing program 4: r0 = inotify_init() r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) inotify_rm_watch(r2, 0x0) inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r3, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) ioctl$BLKPBSZGET(r3, 0x127b, &(0x7f0000000000)) 22:26:12 executing program 1: openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000140)={0x0, 0x1}) 22:26:12 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:12 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="1977095dc5ef40138e7b385fb1a5dd45521cec63c1b861f439497a287f04c5f750d42f78864566ae5db08b26046d7190e1f3365c22b47bea43b77e08457b64fe150dcb4c4c2f31333b4f43f4eab454246ea5e65b63ef1ee97a30c9ce65cad5ab0610f566817f980a9bce66161af19193f6a432bbeb879f314435e1196a3ab40852059f095605f4207eeca0a96ea27b494fa9daf75886e3351561f2792b31f1fe806b2e61aa54eb33e4ca2d5014f88dbd88111e64e2e7e40f5b3c610fbf76262fae99eec58fa89907", 0xc8) r2 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:12 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x4000}]) 22:26:12 executing program 0: [ 227.965829] x86/PAT: syz-executor.2:11170 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:12 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x2, 0x107400) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:12 executing program 0: 22:26:12 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fsetxattr(r5, &(0x7f0000000000)=@known='trusted.overlay.metacopy\x00', 0x0, 0xfffffee1, 0x1) 22:26:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000100)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fsetxattr$trusted_overlay_redirect(r1, &(0x7f00000001c0)='trusted.overlay.redirect\x00', &(0x7f0000000200)='./file0\x00', 0x8, 0x2) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x20100, 0x0) ioctl$MON_IOCG_STATS(r2, 0x80089203, &(0x7f0000000080)) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r4 = accept4(r3, &(0x7f0000000240)=@l2, &(0x7f00000002c0)=0x80, 0x40000) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r4, 0x111, 0x1, 0x6, 0x4) r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) sync_file_range(r7, 0x7f, 0x45b1, 0x2) r8 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$SIOCRSSL2CALL(r8, 0x89e2, &(0x7f00000000c0)=@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}) ioctl$VIDIOC_TRY_DECODER_CMD(r5, 0xc0485661, &(0x7f0000000140)) 22:26:12 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x7600}]) 22:26:12 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) gettid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) setsockopt$CAIFSO_LINK_SELECT(0xffffffffffffffff, 0x116, 0x7f, &(0x7f0000000100), 0x4) geteuid() sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) [ 228.137866] Unknown ioctl -2146921981 22:26:12 executing program 4: r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/avc/cache_stats\x00', 0x0, 0x0) getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000240), &(0x7f0000000280)=0x4) r1 = inotify_init() inotify_add_watch(r1, &(0x7f00000002c0)='./file1\x00', 0xfe) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000340)='/proc/capi/capi20\x00', 0x100, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$TIOCOUTQ(r3, 0x5411, &(0x7f0000000000)) creat(&(0x7f00000000c0)='./file1\x00', 0x558ac1c51a65b37f) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x5, &(0x7f0000000100)="0800b5055e0bcfe87b0071e28d39fa6686af4887013924548f8a10c4e7cabd17cb4d6043f39a1debdf9c98e276beed0f6701878129f6f4cac1136aaea6a18851581a18169e1523eee762cd15b095bcf8441bd4ceb505f3c988da19b008a291ef74e8c361f4150c861cd4868faf4d7f57698a8d9530becaee4d6d1faf76c0e1828ffb0029b1591dc50cca1f93d762fe770ffd57e986e9bb3481848aedc0b663380177a2b3e3930a4ffe7929ddfdca39b9bf41347475c0c0caded79ea7f3292c85eae0d464b06bb63783b2e741811637f0820e4fd9fa5eb6bd7e8f7ca8993ade5b05123be282a1ebabc2bc") r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) connect$pppoe(r7, &(0x7f0000000300)={0x18, 0x0, {0x1, @random="314f6e0c15f2", 'vcan0\x00'}}, 0x1e) ioctl$VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000080)={0x1, 0x4}) fsetxattr(r5, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) [ 228.178906] x86/PAT: syz-executor.2:11163 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 228.200836] Unknown ioctl -2146921981 22:26:12 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x800) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_G_EDID(r2, 0xc0285628, &(0x7f0000000040)={0x0, 0x4, 0x4, [], &(0x7f0000000000)=0x8}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) [ 228.226356] x86/PAT: syz-executor.2:11163 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:12 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) io_submit(0x0, 0x2, &(0x7f0000000280)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x7, r1, &(0x7f0000000000)="989422", 0x3, 0x20, 0x0, 0x2, r3}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0x7, 0xffffffffffffffff, &(0x7f00000001c0)="9f2a3e0e9255ea585e198083ba9bec01e2ca0322a4bcd1e4974e2200da3234e25c516adfaec3ce62a2f6e2a69204c8672fdefa4113ae30ec909e1c22e679b6af8ddc9991e664a83ec316d57e64463bb4047e5a9f1c0c5213041829c15d1f85e48f011f5fa7fe30ce058d20cd4e0cd2cf758213e29c7275fe46ae57f770586926bbf6f76fa8697275993a0500da89d3e5a7efb0ebb5ba", 0x96, 0x81, 0x0, 0x0, r4}]) 22:26:12 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:12 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x8800}]) 22:26:12 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f0000000000)) ioctl$TIOCCONS(r1, 0x541d) [ 228.394049] x86/PAT: syz-executor.2:11306 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:12 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000080)='\x99\xfe\xff6\x8f\x86\x06\x00 \x00', 0x0, 0x2) memfd_create(&(0x7f0000000280)='p&{\xb22x/dev/cinder#\x00\xdc\xd3\x8c\xedi\xf3K\x88e\x98\xd9R\xdb\xb2\xf0\xf7lJE*q\v\x97b\x8a\xb1~\xc3\xf5q\xab\x03\xe3\xdc!(\xf4\x89\x8d\xf0\x95\x107\x92\xf0*s:Dk\xf6\xc8\xf9+\xc5\xfc\x8a\xaf\xad\xe5\xca\x8dw^\xb7\x16\xbdA\x16\xee\xb0\x1e\xa6\x8e\xd7\vD\a\x94\xbd\xfb\x10\x98L\x90o\xd6a\xd2\xdb\xbd\xbc*\xba2\x9e5\x06\xd6\xe2\x99\x8a8r\x98\xc1\xc8=?\xc8\x15$\xd6\x0f\x18l\\/\xac\xf9VT\xbf\x00\x02\x00\x00\x00\x00\x00\x00?xT\b=\xba>\xf6\xc6\xd0C\x1c\r', 0x3) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) io_setup(0x3af, &(0x7f0000000000)) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x240280, 0x0) ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000100)={[0x4, 0x3000, 0x5000, 0xf000], 0x80000001, 0xd2, 0x8001}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:12 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PPPIOCATTCHAN(r2, 0x40047438, &(0x7f0000000000)=0x3) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:12 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) prctl$PR_SET_FP_MODE(0x2d, 0x0) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000000)=""/59) fsetxattr(r1, &(0x7f00000000c0)=@known='user\x02\x00\x00\x00\x00\x00\x00\x00\xfc##Y\xd3\x1b\x80N\xde\rB\xfc8\xe3\\\xfb$\xfb\xef8\x92\xc2\x8c\xe7%\xc5\xbbmZv\xe7\x10', 0x0, 0x0, 0x2) 22:26:12 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x9600}]) 22:26:12 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000000)) 22:26:12 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000080)={0x2, 0x0, @raw_data=[0x3, 0x800, 0x4, 0x5, 0xfffffb86, 0x1, 0x3d9, 0x8, 0xacfc, 0x87b9, 0x4, 0x8, 0xff, 0x4, 0x2, 0xfffffffc]}) getsockopt$TIPC_NODE_RECVQ_DEPTH(0xffffffffffffffff, 0x10f, 0x83, &(0x7f0000000000), &(0x7f0000000100)=0x4) [ 228.606588] x86/PAT: syz-executor.2:11306 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:12 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = socket$nl_crypto(0x10, 0x3, 0x15) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x80001, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fcntl$getownex(r4, 0x10, &(0x7f0000000340)={0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0, 0x0}, &(0x7f00000003c0)=0xc) r7 = socket$inet(0x2, 0x4, 0x8) r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff}) r10 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r10, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$unix(r3, &(0x7f00000004c0)={&(0x7f00000000c0)=@abs={0xf8166ffb7592390d, 0x0, 0x4e23}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000140)="97e749629e1c4f63d4613e961de39f63e8839e6700578226fa3b5e5e53e80f0f81f70e74ff0c6fc30b415ab9fddb0fe0ce1915b768fa74c92b2b787fdee5b4b1499c7508da468ff327f43bc9ef89a27762b843315577924690f695f42896cff4e82b54ab380fab5dc09fcb2209dc24b5e369a5f851c738b7b78d65ef785d9467aa06743a1021a0db0dbf", 0x8a}, {&(0x7f0000000240)="e7f5c979fca12b01d1584226e3f7a07177bdf7204967fb18732ec7ecaede6edd53ff0c08dd01549c4c7b3a5a15860d2bf62b2b774ce58858c5f0c70a6cf5a0f1e3f8692a9c48a806dec030928128ab2ed14acc498ab2484ca9a5fb6017", 0x5d}, {&(0x7f00000002c0)="49931db108168cca330826d345b30c2a0b", 0x11}], 0x3, &(0x7f0000000440)=[@cred={{0x1c, 0x1, 0x2, {r5, 0xee01, r6}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r7, r0, r8, r0, r9]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r10, r0]}}], 0x68, 0x4000004}, 0x40) write$binfmt_aout(r2, &(0x7f0000000740)={{0x10b, 0x8, 0x0, 0x52, 0x1ba, 0x400, 0x144, 0x40}, "65d5f95b6e9a4c17b3120e544147f037e594a411bf4f9572e3c868ba2cdaf5e7b92cb46a90ccd37ac0712d999f12459a18d75a71d9f1cdd25fe0d0740e64bfc2a9bf37417214efed6ed69c1ae16ff2af319413aadd30535beb5dfaaa20049ed44286c53e26f456c0fb98ff7bf51cb1c162e421e1e4a149974a7396722c54d42758a5fa25c70e42f987cfef6119", [[], [], [], [], [], [], [], []]}, 0x8ad) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8) [ 228.683532] x86/PAT: syz-executor.2:11306 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:13 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:13 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x800, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0x4020565b, &(0x7f0000000080)={0x5, 0x1, 0x1}) [ 228.734908] audit: type=1400 audit(1569968773.022:63): avc: denied { create } for pid=11339 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 22:26:13 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") recvmmsg(r2, &(0x7f0000003240)=[{{&(0x7f00000000c0)=@isdn, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000140)=""/91, 0x5b}, {&(0x7f0000000280)=""/172, 0xac}, {&(0x7f00000001c0)=""/100, 0x64}, {&(0x7f0000000340)=""/88, 0x58}, {&(0x7f00000003c0)=""/244, 0xf4}], 0x5, &(0x7f0000000540)=""/209, 0xd1}, 0x5}, {{&(0x7f0000000640)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000800)=[{&(0x7f00000006c0)=""/111, 0x6f}, {&(0x7f0000000740)=""/189, 0xbd}], 0x2}, 0x1f}, {{&(0x7f0000000840)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000001a80)=[{&(0x7f00000008c0)=""/255, 0xff}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/14, 0xe}, {&(0x7f0000001a00)=""/127, 0x7f}], 0x4, &(0x7f0000001ac0)=""/252, 0xfc}, 0xfffffff7}, {{&(0x7f0000001bc0)=@alg, 0x80, &(0x7f0000002e00)=[{&(0x7f0000001c40)}, {&(0x7f0000001c80)=""/191, 0xbf}, {&(0x7f0000001d40)=""/4096, 0x1000}, {&(0x7f0000002d40)=""/11, 0xb}, {&(0x7f0000002d80)=""/44, 0x2c}, {&(0x7f0000002dc0)=""/9, 0x9}], 0x6, &(0x7f0000002e80)=""/132, 0x84}, 0x72}, {{&(0x7f0000002f40)=@l2, 0x80, &(0x7f0000003040)=[{&(0x7f0000002fc0)=""/128, 0x80}], 0x1}, 0x8000}, {{&(0x7f0000003080)=@x25, 0x80, &(0x7f00000031c0)=[{&(0x7f0000003100)=""/131, 0x83}], 0x1, &(0x7f0000003200)=""/19, 0x13}, 0xa63}], 0x6, 0x20, &(0x7f00000033c0)={0x0, 0x1c9c380}) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) mq_unlink(&(0x7f0000000000)='GPL/\x00') r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000003400)='/dev/userio\x00', 0x80000, 0x0) write$binfmt_aout(r3, &(0x7f0000003440)={{0xc3, 0x8, 0xd6, 0x13, 0x21c, 0xfffffffe, 0x257, 0x6}, "e208b457e58aa7be2f74318d7d21b968f4a78a98fed7c4c10917eb49946122cc4a2db45d23799ddc592d835050191020bc2b88aa4ab1fadfa2f2495601961ff20ee753e61ba4d37ab76b18bcf47bfcba40bb38ff90090a", [[], []]}, 0x277) setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, &(0x7f0000001c40)='user.syz\x00', 0x9) [ 228.769857] audit: type=1400 audit(1569968773.052:64): avc: denied { getopt } for pid=11339 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 22:26:13 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x400000}]) 22:26:13 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 228.876309] x86/PAT: syz-executor.2:11353 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:13 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000000)=0xe, 0x4) 22:26:13 executing program 3: syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x406, 0x0, 0x0, 0xfde8, 0x7, &(0x7f0000000040)="f8296abaeadd22b6fc4cd0ed4ca7c5192f4fcbc2b45fadd4d0000592b35e3cafb4e384fbca2ab6a0af464a1c6c3730218ab2dec17782756a2f2e1ede184e568a10452106eaea95e4b16d1be3782915000ef91f53090b3e19bc8a704e357b002250ac05b3f6a6aacf54723354c6280784a8dc8450ee359aa4241cb12b790f0b443ca5f091146ae76b884d21d2aecf14c47ff612acb1bbc6db9c1f5fcf317a87a8edb60a968c10f5b037ffe2a25542f4a746c9fab2b52228e7a2566532090294aab4a94254227f136a29b508552498c758f6683f7fd0d7f0fb425d5d99ce75202b9c267cdac17acc22796001358542a984fffdf025b9e1234dd89836fcdb3e4dce5dbedf15d0a0e64314cd88816b2388d1915716d2a40ad6f919d640a8685701e52dc487c7d4533289bb67373d7114f1d07de64c45816addccf07d489704b3c39e262e47eae5fa9e7d19818c27408a1f11b3ba13177f801cc50476b3058ba569bc513a"}) ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f00000001c0)) 22:26:13 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x50f000}]) [ 229.031336] x86/PAT: syz-executor.2:11349 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 229.043531] x86/PAT: syz-executor.2:11349 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:13 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000000)) r1 = accept(0xffffffffffffffff, &(0x7f0000000080)=@hci, &(0x7f0000000100)=0x80) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180)='nbd\x00') sendmsg$NBD_CMD_RECONFIGURE(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x5c, r2, 0x10, 0x70bd27, 0x25dfdbff, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x25}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7ff}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x100}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x8}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000040)=0x1b, 0x4) 22:26:13 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:13 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:13 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x1}) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x40000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = gettid() tkill(r6, 0x1000000000016) r7 = gettid() r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$VIDIOC_QUERY_DV_TIMINGS(r9, 0x80845663, &(0x7f0000000600)={0x0, @reserved}) tkill(r7, 0x1000000000016) r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000500)='TIPC\x00') sendmsg$TIPC_CMD_GET_MAX_PORTS(r4, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x12000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r10, 0x1, 0x70bd2b, 0x25dfdbff, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x10) ptrace$getsig(0x4202, r7, 0x4, &(0x7f0000000480)) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r5, 0xc1105518, &(0x7f0000000340)={{0x1, 0x2, 0xfffffbff, 0x400, '\x00', 0x5}, 0x3, 0x8, 0x1000, r6, 0x8, 0x2bdf, 'syz0\x00', &(0x7f00000002c0)=['vmnet0lo\'wlan0.\x00', '\x00', '\'\x00', '/dev/video37\x00', 'vboxnet1em0eth1eth1\x00', 'md5sum\x00', '&\x00', 'caif0\x00'], 0x43, [], [0x4, 0x9, 0x5, 0x1f]}) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="2b0400000000000000000100000000000000015f00000018001700000000000000006574683a3305f071f127b9dd"], 0x34}}, 0x0) sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r3, 0x1, 0x70bd25, 0x25dfdbfb, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x42d}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x2000050}, 0x4c10) 22:26:13 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x70f000}]) [ 229.220465] binder: 11485:11487 ioctl 80086601 20000000 returned -22 [ 229.227629] x86/PAT: syz-executor.2:11486 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 229.267299] binder: 11485:11487 ioctl 80086601 20000000 returned -22 22:26:13 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) [ 229.349442] x86/PAT: syz-executor.2:11486 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 229.372784] x86/PAT: syz-executor.2:11486 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:14 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x718000}]) 22:26:14 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:14 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:14 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[0x3ff, 0x7]}) socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f000000a900)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(r2, &(0x7f000000a9c0)={0x0, 0x0, &(0x7f000000a980)={&(0x7f000000a940)={0x14, r3, 0xb93}, 0x14}}, 0x0) sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4440}, 0x20008000) 22:26:14 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r0, &(0x7f0000000000)=@random={'security.', '*mime_type\x00'}, 0x0, 0x0, 0x1) 22:26:14 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x0, 0x8, 0x7, 0x8, 0x0}, &(0x7f0000000040)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000080)={r3, 0x7}, 0x8) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000680)='\x00'}) [ 229.821161] x86/PAT: syz-executor.2:11513 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:14 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x760000}]) 22:26:14 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:14 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xa4) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe(&(0x7f00000000c0)) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000000)=0xbb) [ 229.953330] x86/PAT: syz-executor.2:11513 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 229.982545] x86/PAT: syz-executor.2:11513 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:16 executing program 1: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x5f1101, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x2002, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x81) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x3, 0x100000001) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000380)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x0, 0x33}, 0x0, @in6=@local, 0x0, 0x0, 0x0, 0x6}}, 0xe8) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmmsg(r2, &(0x7f0000007e00), 0x400000000000058, 0x0) fcntl$getflags(r1, 0xb) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000080)={0xc021, 0x2}) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) socket$can_raw(0x1d, 0x3, 0x1) 22:26:16 executing program 3: syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000700)={0x2de, 0x0, 0x0, 0x84, 0x7, &(0x7f00000000c0)="a2ef0874c8a74df0083d36c03eda2c8d3cd1eeabd6f380c8b982799475af5c6e47e333f9e42d012377cad72a0adc9ec228e3517e4c0a3d3e224b0a0203ce17e6cabab0021c6fdc3557731420ea068c3932b76b6e732f7614d8ac1515fc3cbfaaac97027b1e0545bfd6d74fee1acd749c8ab1affd54a564b683820ce284582e6808ccd2ad"}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$UHID_INPUT2(r1, &(0x7f0000000000)={0xc, 0x3b, "949743dbff0746bef6139d40726901831b918a1053f03c711ce299e1830761b580e9239316abbd64ac5331574d39606bd0a93482ce113bb9b3ea7f"}, 0x41) 22:26:16 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:16 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x9, 0x8, 0x7f, 0x8, 0x0, 0x52a5, 0x1, 0x7, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8001, 0x0, @perf_config_ext={0x1, 0x4}, 0x7, 0xfff, 0x8, 0x3, 0x100000001, 0x8, 0x9}, 0xffffffffffffffff, 0x2, r3, 0xc6b497786c70a4cb) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:16 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x807100}]) 22:26:16 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:16 executing program 3: r0 = syz_open_dev$binderN(&(0x7f00000000c0)='/dev/binder#\x00', 0x0, 0x0) keyctl$session_to_parent(0x12) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x3, 0x88040) connect$nfc_llcp(r1, &(0x7f0000000040)={0x27, 0x0, 0x1, 0x3, 0x1f, 0x39, "c80518e89e30286dbfaeb4fe093e6a40eca4262de628a63044635bdae6b944ef4723c6b355d9ab9349969e05e87f75ede3695d5ce0a6f6123b9394a435ce4b", 0x12}, 0x60) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x80980, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_CALL(r2, 0x4008af21, &(0x7f0000000140)={0x3, r4}) [ 232.309537] x86/PAT: syz-executor.2:11543 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:16 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f00000000c0)=@known='system.posix_acl_default\x00', 0x0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r3, 0xc0305616, &(0x7f0000000000)={0x0, {0x28, 0x4}}) 22:26:16 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x880000}]) 22:26:16 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 232.422441] x86/PAT: syz-executor.2:11543 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 232.446421] x86/PAT: syz-executor.2:11543 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 232.462148] QAT: Invalid ioctl 22:26:16 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:16 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000240), &(0x7f0000000280)=0x8) r2 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x9010, 0x800) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000040)={0xfffffffa, 0x71, 0x1, 0x0, 0x0, [], [], [], 0x4, 0x3}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000000180)=ANY=[@ANYBLOB="ca0000"]) [ 232.646885] x86/PAT: syz-executor.2:11574 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:17 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x960000}]) 22:26:17 executing program 4: r0 = inotify_init() openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:17 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) getresuid(&(0x7f0000000280)=0x0, &(0x7f00000002c0), &(0x7f0000000300)) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000080)="401904cb0025668d7695bf591104649835f018797afb45a9d4af18edeec6a1d463031281a1b2cf15903559a76f78bd9845eade82807675b56096b0140303d0c9a2b20ff60f45ffc3212c7b9384837b511f520c0fb40c94f6a8622870", 0x5c, 0x6}, {&(0x7f0000000100)="01f30f7d78b8e9d69e8175332605d57277be882632621fefd099a959ec42db77fbaade420bb35005605539f03cfaa77cdc3d0e75b6df52b834fa04c93365977520e4a088325f48fbcc60c505714afa22daa3eccd12dcdd52c5cd8c49627b64423f78b273ccaed9ac636367362263a15ec07dc0c39cf7be2f43f8c9eef853073780cc32035ed99d51df3f0db9245abe048c75a75e7a52978c1aa7e7ef8f843997d37630478a40e95899641e2638eeb4179776e9c19f1d1947885539f7054761d6f7296d4ec9665fccd17982c5ecaab679c106f581cd71b42f6650b23a76c99e85c109b4409c6216a466eca7674833e150aae8da4bd89896", 0xf7, 0xff}], 0x200000, &(0x7f0000000340)={[{@tails_small='tails=small'}], [{@fowner_lt={'fowner<', r1}}, {@seclabel='seclabel'}, {@appraise='appraise'}]}) 22:26:17 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:17 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$TCXONC(r4, 0x540a, 0x1) ioctl$VIDIOC_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f0000000080)={0x0, @reserved}) [ 232.783217] x86/PAT: syz-executor.2:11573 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 232.810397] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option "fowner<00000000000000000000" [ 232.813920] x86/PAT: syz-executor.2:11573 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:17 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f00000000c0)=""/124) r2 = semget$private(0x0, 0x0, 0x1) semctl$GETVAL(r2, 0x4, 0xc, &(0x7f0000000000)=""/56) 22:26:17 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0xf05000}]) 22:26:17 executing program 1: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffff, 0x411040) ioctl$KDMKTONE(r0, 0x4b30, 0xfffffffffffffffd) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000140)={0x1}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KDSKBMETA(r3, 0x4b63, &(0x7f0000000080)=0x8) r4 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x9, 0x501001) ioctl$KDDISABIO(r4, 0x4b37) 22:26:17 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:17 executing program 3: ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:17 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:17 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x400000, 0x0) fsetxattr(r1, &(0x7f0000000000)=@random={'user.', '\x00\x00\x00\x00.syz\x00\xdcH\xf1ez$A\xd0\xdfL\xaa\xb2\xfaoa\'\x1f}.rjSGi`\tH\x00\x8dyU\x83~\x18z\xff\x8a}3\x00\xed0\xdb\xfa\xf0\xad\xc8\x11\xb0CI\x88\xda\x9d\x16\x14\xcak\xc0\xcb1\x01kbm\xd7x`\xf3~\x1fJ\x99\x9cW\x85'}, 0x0, 0x0, 0x2) 22:26:17 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0xf07000}]) 22:26:17 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x2) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) [ 233.102400] x86/PAT: syz-executor.2:11718 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:17 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f00000000c0)={@rand_addr, 0x0}, &(0x7f0000000100)=0x14) connect$can_bcm(0xffffffffffffffff, &(0x7f00000001c0)={0x1d, r2}, 0x10) fsetxattr$security_smack_transmute(r1, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x4) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000200)={0x5, 0x0, @raw_data=[0x6, 0x4, 0x4, 0x65b, 0x6, 0x2, 0x5, 0xc71, 0x7, 0x2, 0x3, 0x1, 0x1b2, 0x3, 0x1, 0x824c]}) 22:26:17 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") accept4$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @initdev}, &(0x7f0000000100)=0x10, 0x800) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000000)=0x9, 0x4) r4 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r4, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) [ 233.242333] x86/PAT: syz-executor.2:11718 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:17 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:17 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000000)=@req3={0x0, 0x5, 0x81, 0xc0000000, 0xd445f6e, 0x10000, 0x800}, 0x1c) [ 233.283707] x86/PAT: syz-executor.2:11718 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:17 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000040)='x'}) 22:26:17 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:17 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x1000000}]) 22:26:17 executing program 4: r0 = inotify_init() r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$vnet(r2, &(0x7f0000000140)={0x1, {&(0x7f0000000280)=""/4096, 0x1000, &(0x7f00000000c0)=""/88, 0x1, 0x1}}, 0x68) inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r3, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:17 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) fcntl$setstatus(r0, 0x4, 0x3800) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:17 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:17 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x4000000}]) 22:26:17 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x10) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000140)={0x0, 0x4, 0x1, 0x62}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000001c0)={r6, 0x0, 0x1ff}, &(0x7f0000000200)=0x8) syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x2, 0x14400) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_INITMSG(r8, 0x84, 0x2, &(0x7f00000000c0), &(0x7f0000000280)=0xfffffffffffffe7b) 22:26:17 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = syz_open_dev$amidi(&(0x7f0000000000)='.dev\xe1@midi#\x00', 0x2, 0x40) ioctl$VIDIOC_DBG_G_REGISTER(r1, 0xc0385650, &(0x7f0000000080)={{0x4, @name="726403c5f70cdfe957676c8e937305396cbdb84e275c9a14aeddda3079760210"}, 0x8, 0x3ff, 0x20}) r2 = geteuid() r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$USBDEVFS_RELEASEINTERFACE(r4, 0x80045510, &(0x7f00000000c0)=0xfff) ioprio_set$uid(0x3, r2, 0x0) 22:26:17 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:17 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x80100, 0x0) read$alg(r1, &(0x7f0000000080)=""/25, 0x19) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xffffffff, 0x2000) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) r5 = socket(0x10, 0x2, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r6, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r7, 0xffff, 0x6}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f00000004c0)={r7, @in6={{0xa, 0x4e24, 0x7, @mcast1, 0x1}}}, &(0x7f0000000180)=0x84) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000580)={r8, 0x7, 0x20}, &(0x7f00000005c0)=0xc) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r9 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r9, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000240)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000140)=0xe8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r12) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x1240c0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@access_user='access=user'}, {@access_any='access=any'}, {@noextend='noextend'}, {@access_user='access=user'}, {@cache_none='cache=none'}], [{@hash='hash'}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@context={'context', 0x3d, 'user_u'}}, {@euid_eq={'euid', 0x3d, r10}}, {@uid_lt={'uid<', r12}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@obj_type={'obj_type', 0x3d, '/dev/vcsa#\x00'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/vcsa#\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x5}}, {@subj_type={'subj_type', 0x3d, 'bdeveth1-{*em1posix_acl_access'}}]}}) 22:26:18 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$UI_GET_VERSION(r1, 0x8004552d, &(0x7f0000000000)) r2 = inotify_init() inotify_add_watch(r2, &(0x7f0000000080)='.\x00', 0xfe) r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r3, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:18 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:18 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x40000000}]) 22:26:18 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$EVIOCGMASK(r2, 0x80104592, &(0x7f0000000080)={0x15, 0x59, &(0x7f0000000000)="764f7392d7ef32226ca5892efc068ff315f905f3e787b1744e12c58f620c9390df19af652a810af75f0f07c260aa2afc252ec26848431ffc79230624b6711c41a7639550ab633344dec5f11ad37f0ad16492e1393794fb1b8f"}) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r2, 0x800442d3, &(0x7f00000000c0)={0x3, 0x80, 0x76, @local, 'veth0_to_team\x00'}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:18 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, &(0x7f0000000000), &(0x7f0000000080)=0x30) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:18 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000000)=@random={'trusted.', 'vboxnet0\x00'}, 0x0, 0x0, 0x0) 22:26:18 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 233.929649] binder: 11796:11797 ioctl 8912 400200 returned -22 [ 233.957788] binder: 11796:11797 ioctl 80104592 20000080 returned -22 22:26:18 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f00000001c0)={0x8, @pix={0x100, 0xff, 0x47425247, 0x6, 0xfffffff9, 0x4, 0x4, 0x4, 0x0, 0x1, 0x1}}) setsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f00000000c0)=0xffffffff, 0x4) r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x288000, 0x132) ioctl$VIDIOC_TRY_DECODER_CMD(r2, 0xc0485661, &(0x7f0000000140)={0x3, 0x1}) r3 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$VIDIOC_DBG_S_REGISTER(0xffffffffffffffff, 0x4038564f, &(0x7f0000000080)={{0x4, @addr=0x101}, 0x8, 0x4b0000000}) 22:26:18 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r4, 0x6, 0x15, &(0x7f00000003c0)=0x40, 0x4) r5 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x4c, 0x24, 0x507, 0x0, 0x0, {0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8, 0x1, 'red\x00'}, {0x20, 0x2, [@TCA_RED_PARMS={0x14}, @TCA_RED_MAX_P={0x8, 0x3, 0x8}]}}]}, 0x4c}}, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000480)={0x110, 0x0, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x48, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x89, @mcast1, 0x400}}, {0x14, 0x2, @in={0x2, 0x4e20, @remote}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}]}]}, @TIPC_NLA_LINK={0xb4, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3945}]}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x53b45b46}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xdcae}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xdaed}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x188d19600750cddf}, 0x40064854) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xe2048204}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000002800110026bd7000fcdbdf2500000000", @ANYRES32=r7, @ANYBLOB="e5d002000800f1ff0000e5ff08000500200700000800050015a300000800050001090000"], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0xc1844d38de0fcf34) r8 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r8, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) [ 233.988722] binder: 11796:11797 ioctl 800442d3 200000c0 returned -22 22:26:18 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x400000000000}]) 22:26:18 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 234.100585] binder: 11796:11797 ioctl 8912 400200 returned -22 [ 234.139857] binder: 11796:11814 ioctl 80104592 20000080 returned -22 22:26:18 executing program 4: r0 = inotify_init() r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket$pppoe(0x18, 0x1, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e22, 0x9, @local, 0x80}, @in6={0xa, 0x4e20, 0x1f, @mcast1, 0x797}, @in6={0xa, 0x4e21, 0xff, @mcast1, 0x8}, @in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e22, 0x0, @empty, 0x6}], 0x90) inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r4, 0xc0305615, &(0x7f0000000180)={0x0, {0x80, 0x8}}) fsetxattr(r3, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:18 executing program 1: r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e20, @empty}}, 0x0, 0x5}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000540)=@assoc_value={r2, 0x9821}, &(0x7f0000000580)=0x8) r3 = fcntl$dupfd(r1, 0x0, r1) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0xffffffff) r6 = syz_open_dev$sndpcmp(&(0x7f00000001c0)='/dev/snd/pcmC#D#p\x00', 0x0, 0x300440) accept4$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x81800) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, r7, 0x2}, 0xc) r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = fcntl$dupfd(r9, 0x0, r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e21, @empty}}, 0x0, 0x7ff, 0x2a85fac, 0x7, 0x88001}, &(0x7f00000002c0)=0x98) ioctl$KVM_GET_XCRS(r6, 0x8188aea6, &(0x7f0000000400)={0x2, 0x4, [{0x1}, {0x0, 0x0, 0x4}]}) getsockopt$inet_sctp_SCTP_RTOINFO(r10, 0x84, 0x0, &(0x7f0000000300)={r11, 0xffff8001, 0x4, 0x7}, &(0x7f0000000340)=0x10) r12 = socket$inet6_tcp(0xa, 0x1, 0x0) r13 = fcntl$dupfd(r12, 0x0, r12) ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x8912, 0x400200) accept4$packet(r13, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14, 0x800) ioctl$VIDIOC_TRY_DECODER_CMD(r8, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:18 executing program 3: bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000000)="043d898d1f81faeb00cedb6bd4d0016ffbb55d6a8ab6525a61e35d5c0ae6059fc1d3a23c218c0e0f2d8b2c890dfb4e7daf0838450556106b36d0dc78f4d08e8d0550d4387700cf1ee5a5fcbcaccac54fee9b0b86fd1a618b7794057d2ccd4c2211bcebe9835300dde20b56efaadcafa259f432b4bde197a2fa4474050637ebdc1247b5e2e9991fd36667a163ef854f953d337471323554cc5195854bd92627a10f51143fbf4eb68ee30b61e269ef1f9a6f39697ba46a32afac97c27365746615147cf8", &(0x7f0000000100)="2d2e078eeb9213231db62f1c8f9d87", 0x7}, 0x20) r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) setxattr$security_ima(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='security.ima\x00', &(0x7f0000000240)=@sha1={0x1, "326c7c06c467f2bce7ad85ddc712a050b8309a04"}, 0x15, 0x0) 22:26:18 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:18 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x555555a1c000}]) 22:26:18 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000080)={0xe, &(0x7f0000000000)=""/14}) 22:26:18 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:18 executing program 3: r0 = gettid() tkill(r0, 0x1000000000016) sched_setscheduler(r0, 0x6, &(0x7f0000000040)=0x8000) r1 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x10000, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r2}, 0x10) 22:26:18 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x878) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:18 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x555555a3e000}]) 22:26:18 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x3, @start={0x2, 0x1}}) 22:26:18 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:18 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:18 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x2, 0x1, &(0x7f00000000c0)=""/134, &(0x7f0000000180)=""/190, &(0x7f0000000000)=""/57, 0x4000}) 22:26:18 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x1}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000001c0)={0x8, @pix={0xd0, 0x80, 0x32315659, 0x0, 0x81, 0x5, 0xa, 0x5, 0x1, 0x2, 0x0, 0x7}}) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000000)={0xc, @dev={0xac, 0x14, 0x14, 0x10}, 0x4e21, 0x2, 'ovf\x00', 0x1, 0x0, 0x53}, 0x2c) 22:26:18 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x760000000000}]) 22:26:19 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:19 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x5, 0x88402) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f00000000c0)={0x0, 0x66, "8323fb1625dc6beb309ac4c6aa61f91a22cfb74823c25bfa9e9bb978df354314e01b79940c93a13635df53c4c17f73e557dca2ee3f2f823a148a391a762541d6a20a1c1b92bfe42e64ca627a2a0e9956ddc895ae879c95dbb172069163b2516193c24f94fcfc"}, &(0x7f0000000140)=0x6e) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000180)={0xff78, 0x8000, 0x9, 0x1, 0x7fff, 0x8001, 0xb5, 0x4, r5}, &(0x7f00000001c0)=0x20) 22:26:19 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 234.730069] IPVS: set_ctl: invalid protocol: 12 172.20.20.16:20001 [ 234.792618] IPVS: set_ctl: invalid protocol: 12 172.20.20.16:20001 22:26:21 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x4000000400200) ioctl$VIDIOC_G_SELECTION(r2, 0xc040565e, &(0x7f0000000000)={0xb, 0x3, 0x1, {0x6, 0x1, 0x81, 0x4}}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:21 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x5f, 0x0) 22:26:21 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) socket$inet_tcp(0x2, 0x1, 0x0) socket(0x9, 0xa, 0x0) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1, 0x0) ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:21 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x7f4e5da44000}]) 22:26:21 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:21 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:21 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:21 executing program 4: r0 = inotify_init() syz_open_dev$media(&(0x7f0000000140)='/dev/media#\x00', 0x32b, 0x40882) inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) syz_init_net_socket$ax25(0x3, 0x5, 0xc2) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000000)=@random={'osx.', ':\x00'}, 0x0, 0x0, 0x0) accept4$nfc_llcp(r1, &(0x7f00000000c0), &(0x7f0000000040)=0x60, 0x800) 22:26:21 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f00000000c0), &(0x7f0000000100)=0x4) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x6, 0x80000) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f00000001c0)={0x0, 0x6e, 0x1, 0x7, 0x8, [{0x20, 0xd375, 0x6, 0x0, 0x0, 0x3c01}, {0xa28, 0x10000, 0x3}, {0x4000000000000000, 0x1, 0x793a, 0x0, 0x0, 0x40180b57a135bb16}, {0xfffffffffffffffe, 0x1000, 0x20, 0x0, 0x0, 0xef117f401086e70}, {0x4, 0x8001, 0x0, 0x0, 0x0, 0x800}, {0x380, 0x1, 0x7, 0x0, 0x0, 0x906}, {0x8001, 0x0, 0x7f, 0x0, 0x0, 0x200}, {0x6, 0x7, 0x5, 0x0, 0x0, 0x8}]}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:21 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x7fffffffefff}]) 22:26:21 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:21 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000080)=0x40) r1 = syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x2) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f0000000180), 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f00000000c0)=[@in6={0xa, 0x4e22, 0x59, @mcast2, 0x9}, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e23, 0x4, @dev={0xfe, 0x80, [], 0x1b}, 0x8}], 0x48) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000140)=r5, 0x4) 22:26:22 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000000)={0x9, 0x49433553, 0x3, @discrete={0xfcf7, 0x400}}) 22:26:22 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:22 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x29ac0538, 0x0, 0x0, 0x1}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000100)={0x0, 0x8001}, 0x8) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000040)={0x8, r1, 0x10001, 0x611c}) creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(0xffffffffffffffff, &(0x7f00000000c0)=@random={'system.', 'user.syz\x00'}, 0x0, 0x212, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x100, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r4, 0x40045402, &(0x7f0000000180)) 22:26:22 executing program 3: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x4000, 0x0) ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000080)={0x9, {0x3, 0x7, 0x8001}}) r1 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000700)={0xfffffffffffffe56, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000000)='x'}) 22:26:22 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x960000000000}]) 22:26:22 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") sendmsg$inet(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000006c0)="bc681faa4dbbfec6507dea92cb7e479e95504a3922a33dc4a0281700fd27c3fe31ecf84bc8a60000000000000000000047c889cd685d686d6acd029aa32e74aa2037206596c9aabf3afec41ec6c579febeb1950f55425e603ad99f41b4def5d6fde314991f6ba22bbec05802a8cbb91786d201195536edddfb0ea0de9880ffde03a881089af13dbe95ef014db7527c946bea4e92617e5979ffa6a5bfe60fb51d59c5b4b7caf40a8a3b273435bf020baab784574bbdb8d0121f01babde9b2b18d1ce8ac4d1c1b40c6df335d63c0775ae8209098bbaefc2d2e7c790a122a8b", 0xde}, {&(0x7f0000000080)="9558d5fc831609049757f3cdddccf950877e65094e71ae761231b6079ebcd1b41a578e538e9840f0aeb40127690b75f994ed58b8b34e30535c3121bf52f773badbaa7b9353746e2f8aac402e39ddce83db2e68a189215a9ccd75158685659de01f70d08b8dc5f657bb8d1228f3617b2ce67cb4e92d48acd2f750563141b82988177da1462fd41264469a2854b46bc5d1", 0x90}, {&(0x7f00000001c0)='+', 0x1}, {&(0x7f00000005c0)="fef21ff81fbad330e352bb2bca496913d0b45fb08278ff95645a6abf157feddb698221f80be40c7f9b10c8693cae3d74636929b7a3b474e09fddfb5400f4e1412195884a6b12899f99a8c5363a1e41ea59de3379c74b4026b9c9fc57625ef9e582ae27f7e380715c5bff99acf57b727c03855e8d001f125f8c6319233a67907a7678cb06e08d7d14163bce139a93cfefc40128756140f3afc3f8be0cf1ad9e2b82e992d82937e0f63636", 0xaa}, {&(0x7f00000007c0)="c4573c987a7f2c795c016025e10fc88ba30789b8d459d62fc4bae268bfd51e422779ca631d7d16d4c3790f2e2a5b42aaef0359ac17263491680a9cc43c8d38fce28a308ca240adde4b2ba48f9d205eff3279bd9596cbdab0b1c575a79fbc986ac4bd40c144bb89630f9e130ded552f1f0283f0696762f6ab567d03eb28744a024ddec203d417a242b88dad3e4a4c7f3387b972bd7ded55270b842bb3102bd791748a6b469560bf29403365924d74a561de4a27bde67d736f5929dce35812a0a1da400f496f8e4f2a56748d65bf6be3b43a30e27ebe3c6edbb80a40d111abd6141af780dd2624853b5bcf6d467ac42edbbc5877a444ec389c23022918a0f61aa72c1fe48049dc281e7c418571b529be9c06e5f76b0097ac0ad4b50c9c625f4e7076fac48f3abe234b75a8db6627", 0x12d}, {&(0x7f00000003c0)="1c1614b41020c7cc3141232f220ba68d9d3e1cb014a99e99c3df1ec3a55921fcdd863ceb63dbc61badb0468cce6ec9a6dfd3b18e2b8ce7f53017cde72cf7c44691ac3baf66253f1d0bc42d47033291cfe3e940f171013a7d4c64e1949418dbddf450e80a3a0a3b5d05a3e07c8a1b45f225e14a6516263185b39a9352f3103f72547cf72d584e66e48f2bdf89f077e8c993ac301cc3743909e3df800376084a055a72e3e43d3cd80fb3c0fb00269151a03a9df09c9607abd8215fed39c331c6608ca89490d1b732d3d99760b5377988bae4b970dc492c10aa68650de860f322680a15ef4dbed2f879e1f92801465f48df083b25c3c0e0d1f625241dca70", 0xfd}], 0x6, &(0x7f0000000900)=[@ip_retopts={{0x64, 0x0, 0x7, {[@ssrr={0x89, 0xb, 0x5, [@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1]}, @timestamp={0x44, 0x30, 0x9, 0x3, 0x7, [{[], 0x5}, {[], 0x6}, {[], 0x809}, {[], 0xd}, {[], 0x6}, {[], 0x3ff}, {[@loopback], 0x80000001}, {[], 0x80000001}, {[@rand_addr]}]}, @end, @noop, @ssrr={0x89, 0x17, 0xc9, [@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @empty, @loopback, @broadcast]}]}}}], 0x68}, 0x4000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$DRM_IOCTL_CONTROL(r2, 0x40086414, &(0x7f0000000200)={0x2, 0x400}) r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r3, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @stop_pts=0xff}) 22:26:22 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 237.916000] binder: 11945:11946 ioctl c0306201 20000700 returned -14 22:26:22 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) fsetxattr(0xffffffffffffffff, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:22 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:22 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x40a45d4e7f0000}]) 22:26:22 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) socket$isdn_base(0x22, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") preadv(r1, &(0x7f0000001540)=[{&(0x7f0000000080)=""/62, 0x3e}, {&(0x7f00000001c0)=""/248, 0xf8}, {&(0x7f00000002c0)=""/216, 0xd8}, {&(0x7f00000003c0)=""/227, 0xe3}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/100, 0x64}, {&(0x7f00000014c0)=""/75, 0x4b}], 0x7, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000001600)=ANY=[@ANYBLOB="08195c5bddf4b39d9400c2ff070009000100000085005738b5117246c5544ade7e49d35555b77eb14bdba6949647a2cefe24c620462bcd3e105019724d3fa3ae0a0dd3497c98152750abee473c1c8e8f4a6b2c68c139f7f99708b9f68fb50a6a6af8e2d5529bfaa77e7840c5701a703fef6937f80d5a263b067bc4270effa779d908a7dcabeefc76accb82de88a811dd0937b76370"], 0x14) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) accept4$unix(r5, 0x0, &(0x7f00000016c0), 0x80400) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$TUNGETSNDBUF(r7, 0x800454d3, &(0x7f00000015c0)) 22:26:22 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:22 executing program 4: r0 = inotify_init() r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7, 0x40100) inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x4200018a) inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r2 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r2, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:22 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x106, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f00000000c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000000), r2}}, 0x18) r3 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:22 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x80710000000000}]) 22:26:22 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:22 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x1, @stop_pts=0x10000000000000}) 22:26:22 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet6_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "f92ce98ceeeef96a", "de364dedfa2df6b425261df777e0998f", "1747806d", "735fdfe7758b4bd0"}, 0x28) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:22 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:22 executing program 3: syz_open_dev$binderN(&(0x7f0000000040)='\t\x00e\xf8\x00|\xcander#\xf9', 0x0, 0x2) ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, &(0x7f0000000000)='veth1_to_hsr\x00') 22:26:22 executing program 1: socket(0x1, 0x81d, 0x20) r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x3}) 22:26:22 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x88000000000000}]) 22:26:22 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) inotify_add_watch(r2, &(0x7f00000000c0)='./file0\x00', 0x10) r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r3, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xd, &(0x7f0000000000)="2512f03c71768a4a8e7ab85f38c73e66fa78a64c5d93", 0x16) 22:26:22 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:22 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000000)={{{@in, @in6=@local}}, {{@in=@local}, 0x0, @in=@multicast1}}, &(0x7f0000000100)=0xe8) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:22 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/|ev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0xe7ff23e45c37736a, @stop_pts=0x80}) 22:26:22 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x22, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x1) 22:26:22 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0xc0a15555550000}]) 22:26:23 executing program 4: r0 = inotify_init() r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r3 = fcntl$dupfd(r1, 0xd279d5b3115a3b01, r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_S_EDID(r3, 0xc0285629, &(0x7f00000000c0)={0x0, 0x994a, 0x4}) r4 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r4, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:23 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:23 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x802) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r3 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x10400) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f00000000c0)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:23 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ubi_ctrl\x00', 0x80, 0x0) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000200)={'bpq0\x00', 0x80}) r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x3, 0x500) ioctl$VIDIOC_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f0000000080)={0x0, @reserved}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:23 executing program 4: inotify_init() r0 = creat(&(0x7f0000000240)='./file0\x00', 0x85) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) fsetxattr(r0, &(0x7f0000000080)=@random={'btrfs.', 'wlan0vboxnet0\x00'}, 0x0, 0x2da, 0x0) getsockopt$inet6_dccp_buf(r0, 0x21, 0xc, &(0x7f00000000c0)=""/180, 0xffffffffffffffff) 22:26:23 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0xe0a35555550000}]) 22:26:23 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1000000000005, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r2, r0) 22:26:23 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:23 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:23 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000000)={0x1}, 0x1) r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r2, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:23 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) fsetxattr(r1, &(0x7f0000000000)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:23 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2) r2 = socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r4, 0xffff, 0x6}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000040)={r4, 0x1, 0x10, 0xffffffffffff7fff, 0x1}, &(0x7f0000000080)=0x18) 22:26:23 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0xf0500000000000}]) 22:26:23 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x7a400e788ccee2f1, 0x0) ioctl$VIDIOC_DBG_G_CHIP_INFO(r1, 0xc0c85666, &(0x7f00000001c0)={{0x2, @addr=0x3ff}, "1d16e73afaca66cae5389fd2f5b766822e10f05438120cbd939e2d788b46999d", 0x2}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:23 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000100)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000bf0ff91b9ff77050506c9f348fb267ef530a3073a01da31d82f60e8abcea6b758b26"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e5, 0x69, 0x0, &(0x7f0000000280)="b90003b700000000009e40f088641fffffe100000057638477fbac141414e9a33fa1c699da153f08a0e6e380f6010af683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000}, 0x28) 22:26:23 executing program 3: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x200, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f00000000c0)) ioctl$TCSBRK(r0, 0x5409, 0x1000) epoll_create1(0x80000) r3 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r4 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x40, 0x404300) r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$SIOCRSGCAUSE(r5, 0x89e0, &(0x7f0000000340)) syz_open_dev$rtc(&(0x7f0000000180)='/dev/rtc#\x00', 0x0, 0x2) sendmsg$nl_route(r5, &(0x7f0000000300)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@getneigh={0x14, 0x1e, 0x9, 0x70bd2c, 0x25dfdbfe, {}, ["", "", "", "", "", ""]}, 0x14}}, 0x20004000) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000100)={'syz1', "4b152f71e6bfdffca63423124bf58bb27b65da5ab5bd66481b2946f105887d17e6a96a8039aff66e6687f3d722e504c8d4c07a8105a398d155a501754aeaa54d9719e8fc2cf3f2c9"}, 0x4c) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) ioctl$EVIOCSABS0(r4, 0x401845c0, &(0x7f0000000040)={0x1, 0x6, 0x7c, 0x7, 0x82, 0x9173}) 22:26:23 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:23 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0xf0700000000000}]) 22:26:23 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x20, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x20, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_GET_NESTED_STATE(r5, 0xc080aebe, &(0x7f00000001c0)={0x0, 0x0, 0x2080}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KDSKBSENT(0xffffffffffffffff, 0x4b49, &(0x7f0000000000)="0eff5a91fcb9c8b864c4f0c91f32c070a59c25462c881d90a3f6729fb1c005c1acaa25be91c5b89808bae06dc8fa1b55403dc44cd5d41f5d838920eb42") r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r8, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:23 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./file1\x00', 0x0) write$cgroup_pid(r1, &(0x7f00000000c0), 0x12) fsync(r1) write$cgroup_type(r1, &(0x7f0000000040)='threaded\x00', 0xfea4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fallocate(r1, 0x11, 0x7ffd, 0x8000) fallocate(r1, 0x3, 0x0, 0xfff9) 22:26:23 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x100000000000000}]) 22:26:23 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fsetxattr$security_selinux(r2, &(0x7f0000000000)='security.selinux\x00', &(0x7f00000000c0)='system_u:object_r:memory_device_t:s0\x00', 0x25, 0x2) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:23 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:24 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./file1\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000040)='threaded\x00', 0xfea4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fallocate(r1, 0x0, 0x7ffd, 0x8000) fallocate(r1, 0x3, 0x0, 0xfff9) [ 239.643683] audit: type=1400 audit(1569968783.922:65): avc: denied { relabelto } for pid=12432 comm="syz-executor.4" name="UDP-Lite" dev="sockfs" ino=42241 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:memory_device_t:s0 tclass=rawip_socket permissive=1 22:26:24 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x0, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:24 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x400000000000000}]) 22:26:24 executing program 4: inotify_init() r0 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r0, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:24 executing program 1: ioctl$VIDIOC_TRY_DECODER_CMD(0xffffffffffffffff, 0xc0485661, &(0x7f0000000140)={0x1}) pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @reserved}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$SIOCRSSL2CALL(r1, 0x89e2, &(0x7f00000002c0)=@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}) sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x240000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="220c2abd7000fedbdf25040000000c00090008000200070000001c00090008000100ffffff7f08000200090000000800020004000000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xd0c4c30b28469915) 22:26:24 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000000)=0x20, 0x1) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r2 = semget$private(0x0, 0x3, 0x240) semctl$SEM_STAT(r2, 0x0, 0x12, &(0x7f00000000c0)=""/116) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getpeername(r3, &(0x7f0000000180)=@nfc, &(0x7f0000000140)=0x80) 22:26:24 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x0, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:24 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) inotify_init1(0x0) ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000000000)={0x6, 0x8}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x20000, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = accept4$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000100)=0x1c, 0x80000) ioctl$sock_inet_SIOCGIFDSTADDR(r3, 0x8917, &(0x7f0000000380)={'veth0_to_bond\x00', {0x2, 0x4e21, @empty}}) fdatasync(r1) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f00000002c0)=0xe8) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$VIDIOC_STREAMOFF(r7, 0x40045613, &(0x7f0000000340)=0x5) ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f0000000300)={@mcast1, 0x4a, r5}) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:24 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x4000000000000000}]) 22:26:24 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'vd\x7f\x00\x16\x00\xf9=\xdbZ\xdd\x91\x80\xd2{\x00', 0x43732e5298417f1e}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000240)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00', 0x43732e5398416f1a}) 22:26:24 executing program 4: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x20000, 0x0) r1 = gettid() tkill(r1, 0x1000000000016) ptrace$setregset(0x4205, r1, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)="17d3d98cf2977ef880418d67dbdfdbdd8f7efde17d9b6aa2fc6f367b26f163f05735d7f3548e8fc90f226e8c78800aa2b2a3e0b580", 0x35}) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f00000001c0), &(0x7f0000000200)=0x4) r2 = inotify_init() mount$overlay(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='overlay\x00', 0x10, &(0x7f0000000300)=ANY=[@ANYBLOB='upperdir=./file1,nfs_export=off,default_permissions,nfs_export=on,lowerdir=./file1,nfs_export=off,dont_hash,defcontext=staff_u,obj_type=/dev/oachefiles\x00,\x00']) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)={0x0, 0x0}) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, &(0x7f0000000100), &(0x7f0000000140)=0x10) r4 = getpgrp(0xffffffffffffffff) tgkill(r3, r4, 0x21) inotify_add_watch(r2, &(0x7f0000000080)='.\x00', 0xfe) r5 = creat(&(0x7f0000000240)='./file1\x00', 0x20) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0x1, 0xf49}, 0xfffffffffffffda0) fsetxattr(r5, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r6 = syz_open_dev$sndpcmc(&(0x7f0000000440)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffffff, 0x2100) getsockopt$netlink(r6, 0x10e, 0x8, &(0x7f0000000480)=""/135, &(0x7f0000000540)=0x87) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/dsp\x00', 0x200000, 0x0) ioctl$sock_TIOCOUTQ(r7, 0x5411, &(0x7f0000000400)) 22:26:24 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket(0x10, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r2, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r3, 0xffff, 0x6}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x5, 0x7fff, 0x101, 0x4, 0x4, 0x1, 0x0, 0x8000, r3}, &(0x7f0000000080)=0x20) 22:26:24 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x8000000000000000}]) 22:26:24 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x0, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:24 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x7f, 0x0, 0x10000, 0x625}) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000080)={0x7, r3}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:24 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0xffefffffff7f0000}]) 22:26:24 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000100)='./file1\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000040)='threaded\x00', 0xfea4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fallocate(r1, 0x11, 0x7ffd, 0x8000) 22:26:24 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:24 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BLKBSZSET(r2, 0x40081271, &(0x7f0000000000)) 22:26:24 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x4}]) 22:26:24 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000001c0)={'br\x01\x00te\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000000240)=0x78) 22:26:24 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x2, 0x0, @raw_data=[0x2, 0x3ff, 0x7, 0x9, 0x3, 0xfff, 0x2, 0x9, 0x7fff, 0x6, 0x100045, 0x4, 0xcb1c, 0x1, 0x2, 0x9]}) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000000)=0x88) 22:26:27 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r1, 0x80845663, &(0x7f00000000c0)) r2 = inotify_init() inotify_add_watch(r2, &(0x7f0000000080)='.\x00', 0xfe) r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r3, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:27 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000040)="480000001400190d09004beafd0d8c560284ed7a80ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed4e00009052946f02", 0x48}], 0x1) 22:26:27 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x88}]) 22:26:27 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet6_buf(r2, 0x29, 0x2c, &(0x7f0000000080)="60589b21d3d1dc01654195a3a902894d21db94d9459dbf31ea41abe40b6d8a8b0671d5ae6399e5a3c3588301c255113f64860cb4570b59cff42ba2bdd40016bf25749a2e6f6c7478f679c5d7a3400500cb0717bdcee6514d4a1a08d9c435aad8c169333c1caea7f097cf05d354d91651e7130b2b512234d30807b162ee371ddecbcbb1c0c3d2f44a1ccaa1a2ba42dd2fb845f0315718dc26ee7dc298b0ebdfb0edf2d871e1a988a357c07ea1ff91099aacd244fb66453f181e2257", 0xbb) r3 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000040)=0x4, 0x4) r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r4, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @stop_pts=0x1}) 22:26:27 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0) r4 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x4097b17cd0d4d3fa, 0x1d1) ioctl$DRM_IOCTL_IRQ_BUSID(r4, 0xc0106403, &(0x7f0000000240)={0x8, 0x3, 0x3ff, 0x1}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x60, 0x0, &(0x7f00000000c0)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000000)={@fda={0x66646185, 0xc, 0x1, 0x6}, @fda={0x66646185, 0xa, 0x1, 0x34}, @flat=@handle={0x73682a85, 0xb, 0x2}}, &(0x7f0000000080)={0x0, 0x20, 0x40}}, 0x14c0}, @release={0x40046306, 0x1}, @free_buffer={0x40086303, r3}], 0x24, 0x0, &(0x7f0000000140)="3deed0e781ec91ea526493612f87f3b243079bff438577c2bfa08eae8373179b69e2fde4"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$RDS_CANCEL_SENT_TO(r6, 0x114, 0x1, &(0x7f0000000280)={0x2, 0x4e22, @broadcast}, 0x10) 22:26:27 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x20986100, 0x0, 0x0, 0x0, &(0x7f0000000100)="d353ff072d68b2e4dc14aa5fa8b3d94c22") [ 243.233163] audit: type=1400 audit(1569968787.512:66): avc: denied { map } for pid=12926 comm="syz-executor.3" path="socket:[43613]" dev="sockfs" ino=43613 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=tcp_socket permissive=1 22:26:27 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:27 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) openat$userio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/userio\x00', 0x80000, 0x0) 22:26:27 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$USBDEVFS_CLAIMINTERFACE(r2, 0x8004550f, &(0x7f0000000000)=0x100) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:27 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x4000}]) 22:26:27 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x4b) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:27 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)={0x74d, 0x0, 0x0, 0x60, 0x7, &(0x7f0000000040)='x'}) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x100, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8) sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)={0x7c, r2, 0x300, 0x70bd29, 0x25dfdbfd, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @remote}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback}, @FOU_ATTR_IFINDEX={0x8, 0xb, r3}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast1}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e24}, @FOU_ATTR_PEER_V4={0x8, 0x8, @local}, @FOU_ATTR_AF={0x8, 0x2, 0x2}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20000081}, 0x800) 22:26:27 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2001001, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0, 0x100032, 0x0) 22:26:27 executing program 4: socket$kcm(0x29, 0x3, 0x0) r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0x800012fc) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000800)='/selinux/mls\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r4) stat(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ATTR(r2, &(0x7f0000000900)={0x78, 0xfffffffffffffffe, 0x6, {0x6a, 0x0, 0x0, {0x3, 0x1, 0x2, 0x4, 0x81, 0x8, 0x53, 0x4, 0x9, 0x0, 0xf488, r4, r5, 0xef8, 0x7f}}}, 0x78) r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x40, 0x0) write$P9_RLCREATE(r6, &(0x7f00000000c0)={0x18, 0xf, 0x1, {{0xc, 0x3}, 0x8}}, 0x18) write$vhci(r6, &(0x7f0000000980)=@HCI_ACLDATA_PKT={0x2, "ac4183eb67e866cb6a12689256c4f619726daf11e70c7626c933eca5be30d9d2ec3c6f192f7e1ab0d926ac5b4b5134bcedd2d42fdacdc2862ac6ada015bfb1742ac358f661fe6584c44e9d"}, 0x4c) getresuid(&(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600)=0x0) getresuid(&(0x7f0000000640)=0x0, &(0x7f0000000680), &(0x7f00000006c0)) syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000140)='./file0\x00', 0x3, 0x6, &(0x7f00000004c0)=[{&(0x7f0000000180)="922c4aa6c13d3647e0db48e3f93417bcc4493a048c598a16ca20c1493f1e1d2969fea29b6eb647ad5eed65d849da901c449111044ed340ae9b5aba0d338ea5f3fc10bdbaa871d8099f26eaaa143d8ebe3855f7000922351a851def957c22030ea36369a677a1a6a7e179e5b5b877eccb3fe4ddc52a", 0x75, 0x7fffffff}, {&(0x7f0000000280)="d4d7bfbfc691de984db6b7449ffd4329eba90a2e77a0c9e5d5dcd501cf16a06b45611b6df4e93d05d5f657aa9fd45da9734d2c6f6cc4913279c6ccc6df88209b5e0eca17033f320f104fc50b6dcc2b70dada8d9fb288834fa27e757cc088", 0x5e, 0x1f}, {&(0x7f0000000300)="8c52a9ffb32969f24e2c83993f42a06af8c021214b255cf124f5db60a89fce7003c151e2fbec027fcad5d8193a47df7613398550deb04974db7eb94d812b9c75d40a256296f6266ee93e51bd5d3cc77b236ff7ff91588653b8de675b6111e43e91c0a7e68fcbbd7e9f10df4ef86f3e160f1f36431384d85a5cb3a2a81fe502b13f63426314a557e5291dd146d65a22e554d599ee5ef2252d7ba850a89afbba967d30e6ebcc9125a3821954703273d02aab9d8622d3e6ce5b2f2d9590fcb3a161ce619a7bc771c686927bfc949f3dd9db1fd8b14115a794598bdf501d7f4a9242", 0xe0, 0x2}, {&(0x7f0000000400)="c50765875670de13b6e3976a9eff7ac8563d88be1b88d22ff7b71f9d8e95aeff81b2d15b421a10d84c6963784976fe2f6f0f337b43a3976e31db5b7c391c08e25bb7e6cca03b60433acdeaaa10076f00844379136361d1b7a57f9f130a9f38fe34f964b9e49ffffc057bad4871711903", 0x70, 0x9}, {&(0x7f0000000200)="cfee1ce3315cd63979e02496a977cdcc1237c8", 0x13, 0x7}, {&(0x7f0000000480)="9814a20b999e307c4d5600118bf77e0c711977ece224715c3c562d63255de575", 0x20, 0x1}], 0x1441806, &(0x7f0000000700)=ANY=[@ANYBLOB="6e6f646f74732c6e66732c006f74732c757365667265652c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c6462623536002d000004312d39aa63302d317035612d30623634343765382c7365636c6162656c2c7569643c", @ANYRESDEC=r7, @ANYBLOB=',fowner<', @ANYRESDEC=r8, @ANYBLOB=',subj_role=system]lo+*,\x00']) 22:26:27 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x7600}]) [ 243.566736] binder: 13064:13066 ioctl c0306201 20000000 returned -14 22:26:27 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:27 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@remote, @in6=@ipv4={[], [], @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f00000000c0)=0xe8) sendmsg$nl_route(r5, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x444082}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@ipv4_newaddr={0x28, 0x14, 0x200, 0x70bd28, 0x25dfdbfb, {0x2, 0x80, 0x15, 0xca, r6}, [@IFA_LOCAL={0x8, 0x2, @loopback}, @IFA_BROADCAST={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x1f}}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x768f65a6a1cc4bc1) connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r7, 0xffff, 0x6}, &(0x7f0000000140)=0xc) setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000000)={r7, 0x7ff4603c, 0x30a4, 0x10000}, 0x10) r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r8, 0xc0485661, &(0x7f0000000140)={0x1}) [ 243.694792] binder: 13064:13066 ioctl c0306201 20000000 returned -14 [ 243.708715] EXT4-fs (sda1): re-mounted. Opts: 22:26:28 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x8800}]) 22:26:28 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) fsetxattr(r1, &(0x7f0000000000)=@known='user.Y\xab\xa9\xcc\x97\xb6f\x97\x06\x11b\xe3syz\x00', 0x0, 0x0, 0x0) 22:26:28 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x800) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r2 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video2\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r2, 0xc0305615, &(0x7f0000000100)={0x0, {0x20000, 0x100}}) fstat(r1, &(0x7f0000000040)) 22:26:28 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:28 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r3) fstat(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r12) stat(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r15 = socket$alg(0x26, 0x5, 0x0) getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, 0x0}, &(0x7f0000000340)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000540)={{}, {}, [], {}, [{0x8, 0x0, r16}]}, 0x2c, 0x0) r17 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x920, 0x0) ioctl$EVIOCGPROP(r17, 0x80404509, &(0x7f00000003c0)=""/253) bind$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0xa, 0x4e20, 0x4, @rand_addr="2920533364108f70746760db8bc83b24", 0x5}, 0x1c) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000300)={{}, {0x1, 0x4}, [{0x2, 0x0, r3}, {0x2, 0x1, r4}, {0x2, 0x1, r6}, {0x2, 0x4}, {0x2, 0x2, r8}, {0x2, 0x1, r10}, {0x2, 0x2, r12}], {0x4, 0x3}, [{0x8, 0x7, r13}, {0x8, 0x1, r14}, {0x8, 0x4, r16}, {0x8, 0x4, 0xee00}], {0x10, 0x4}, {0x20, 0x4}}, 0x7c, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:28 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x9600}]) 22:26:28 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) timer_create(0x2, &(0x7f0000000000)={0x0, 0x6, 0xd87a96bdfc8ca755, @tid=0xffffffffffffffff}, &(0x7f00000000c0)=0x0) timer_getoverrun(r2) open(&(0x7f0000000100)='./file1\x00', 0x800, 0x0) fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:28 executing program 2: r0 = gettid() epoll_create(0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0xfffffffffffffe85) ptrace$peekuser(0x3, 0x0, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) getpgrp(0x0) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) geteuid() mount$9p_virtio(&(0x7f0000000000)='bdev@-vboxnet1vboxnet0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, 0x0) tkill(r0, 0x1000000000015) 22:26:28 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:28 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0xcd) r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fsetxattr$security_smack_transmute(r1, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x3) 22:26:28 executing program 4: r0 = gettid() ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$TCSETAW(0xffffffffffffffff, 0x5407, 0x0) clock_gettime(0x0, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) connect$netlink(0xffffffffffffffff, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x3, 0x0) write$cgroup_type(0xffffffffffffffff, 0x0, 0x0) write$P9_RRENAME(r1, 0x0, 0xffffffffffffff7e) tkill(r0, 0x800000000000014) 22:26:28 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x400000}]) 22:26:28 executing program 2: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) accept4$packet(0xffffffffffffffff, 0x0, 0x0, 0x80000) ustat(0x1, 0x0) socket$packet(0x11, 0x0, 0x300) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vga_arbiter\x00', 0x5f690a9e90641ec9, 0x0) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x18, &(0x7f00000002c0)=""/158, &(0x7f0000000240)=0x9e) ioctl$PIO_UNISCRNMAP(r3, 0x4b6a, &(0x7f0000001400)) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0xb8) bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e23, @broadcast}, 0x10) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) splice(0xffffffffffffffff, 0x0, r4, 0x0, 0x0, 0x0) getsockopt$SO_COOKIE(r4, 0x1, 0x39, 0x0, 0x0) ioctl$VT_ACTIVATE(r1, 0x5606, 0x85) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0xff5a) fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1) shutdown(r2, 0x1) recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000400)=""/4096, 0xf7e9}], 0x1, 0x0, 0xff96ce4aaaa4756f}, 0x100) write$eventfd(r1, &(0x7f0000000340)=0x2, 0x8) read(r0, &(0x7f0000000200)=""/250, 0xfffffffffffffee3) 22:26:28 executing program 1: openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00') sendmsg$TIPC_NL_NODE_GET(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0x88, &(0x7f0000000340)={&(0x7f0000000500)={0x114, r3, 0x402, 0x70bd2c, 0x25dfdbfe}, 0x114}, 0x1, 0x0, 0x0, 0x4000}, 0x40004) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f00000001c0)={'bcsh0\x00', 0x200}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r6 = openat$mixer(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/mixer\x00', 0x8000, 0x0) r7 = fcntl$dupfd(r0, 0x406, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$VIDIOC_G_INPUT(r9, 0x80045626, &(0x7f0000000480)) r10 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x1, 0x0) r11 = openat$null(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/null\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r11, 0x40605346, &(0x7f0000000400)={0xecd, 0x2, {0x1, 0x0, 0x5, 0x3, 0x6}}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r10, 0xc08c5334, &(0x7f00000000c0)={0x3, 0x0, 0xa9, 'queue0\x00', 0x238}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x80, 0x0) 22:26:28 executing program 4: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_BULK(r0, 0x41045508, &(0x7f0000000100)={{}, 0x0, 0x0, 0x5000000, 0x0, 0x0}) 22:26:28 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0b") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:28 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x50f000}]) 22:26:28 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000300)={0xa, 0x8000002}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000140)={'lo\x00\x00\xe7\xff\x03\x00\x00\x00\x00\x06\x00', 0xfd}) sendto$packet(r1, &(0x7f0000000340), 0xfffffffffffffd72, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) 22:26:28 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") socket$inet(0x2, 0x3, 0x6) r1 = socket$netlink(0x10, 0x3, 0x4) sendmsg$nl_generic(r1, &(0x7f0000005000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x48, 0x15, 0x7, 0x0, 0x0, {0x2, 0xf0ffff, 0x600}, [@generic="667e279639a91d7b7f0000017daf4204a00b32eadc2828417f000001e3d8960f65b27ee8125f42360c00000015739d53d5"]}, 0x48}}, 0x0) 22:26:28 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0b") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:28 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x70f000}]) 22:26:28 executing program 1: chdir(&(0x7f0000000000)='./file0\x00') r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x642f, 0x200) prctl$PR_MCE_KILL_GET(0x22) ioctl$sock_bt_cmtp_CMTPCONNDEL(r1, 0x400443c9, &(0x7f0000000080)={{0x8, 0x6, 0x41, 0x4, 0x40, 0x20}}) 22:26:29 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='\x00\x97\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000100)={0x1, 0x0, &(0x7f00000001c0)=""/196, &(0x7f0000000000)=""/24, &(0x7f0000000080)=""/82, 0xf008}) 22:26:29 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x718000}]) 22:26:29 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2, 0x2) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000740)={"9ca57633e4ae63cc91ff99f6a855a9ffa50e0a4a88b4b79a19190a00f7a64984f9fc790322ca2c4e3bb04f56c65195d17c9686e741668bf37bd0ea63fc9ec387531dad335d3259095ab8b509b804a66d3778c873372dfc26aaede6a646131974a9d7c79c62e7eaf1c59a03fe355c975d56e4e251c800da63c30444a38195ee2c0281f704ba491163eb2f32c7d48bdb3ca92492054eaba541efd5cb6f72b41ae24fae9acc9d91086b68884531d035dc494c44fe198098429afa0c93ecc30e7529f8694b68ec2950f62501b7a8ad8e1be083bfa020e408ea268868471b34a10b9243cc37aa7433ff9e5fc98c5624b48548e473d1511f4b3d4f71a5eba722c3aae0ef91451066889fe8f1d595584dfc7b43c1ea4e2c3a7d201c4c09e5df3cbe2974395947f44bda5723e1d51d0d4efcf076d9d31bc00f02b303cda307ae62ce2fd47c2d84987aa4ae43393a149d1d5aaf9223bc17b1de1633846384dd7c55fcec0602dad63665e4ff492d47aedc4c3fdcecddd1bcf8dc0314231a82f4feced2ac85793d3ccf936d3abf0d29c1c719966c8edc3862e102860c2c05e299d68b7f47f9b8a874f6199489cb0527ea9a9793262c8c939792c3ffbb40d1e6ed43d00dcab6d5b484c6a2414e87ccd27ee909c151fd4aedb59285aa0c1cd9c44f7c8c27ea770d007f4e59e8c4d34a7646196e7f788fc5506259e4f0e75c8a58525c27cd8c16b95b80b2267e1fb17f5ec83c67636e0b9b0e72bb0c026a5a5c909df180989a95c4b1799d8494124d58efe5a92b611e01f61a0f4aed2781cbf0edc3a846913cb981c0fd5a5714d696fdd4093b1daa26d2c2add0480389faf91f2492bf4db8b44b3799f0fb6042e2c583fc7a85d2fefc91150d255feb1c7f19633747a58295c3d6e956d4dfc2085150d469d8ba5064a4281bff247e351f61b590f88cbd66dc1ec0ab896cbf145c9067e5baeb51da32ed7e71811bac2416ba34b9ebcd31aeb007d0045330fa7aaef180dbd5e4239f676a219bb8064cc67ca5118b1076ff7ff7ee537e42f270dc970ef74c0c8c23086764949c9f06cefaff29b4a815e5b9cd8862c83e5f1cffeaed5b4fe5d08a23920417d85ab774014b68181abd134b8b4bdc8c6675e7765fe45cf88f5c14384b7f9b791e5465d25da56fbb9bb69f0b194b36f361ce2dc4847dedc6e1957d43e85dccd9202c53121ca59563483ce97c2bfec88a156307bd36d0a271ebcfb57cdfbbc8fc753585c52a79805f2fce69dcb744fb7335eb5c02703a424060ee814496a2730c9daa0417e4e1760c1ff4db183b887f382056a0989e22e4629af0a496aa18156f417cc33b4ad647e0f3ebc236404ec739f05948b881912460e87b68c81a718a9de4a1c04c0dfd8ed10b03cfd4b2f64bede35fd7889aba003cb33a4cd78f96ec85ca8ce123f5f6e8c313dae5e218a34f601d"}) r4 = dup2(r1, r0) fcntl$setsig(r4, 0xa, 0x2f) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x0, 0x0) r6 = creat(0x0, 0x0) fcntl$setstatus(r6, 0x4, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r6, 0xc0086420, &(0x7f0000000040)={0x0}) write(r5, &(0x7f0000000200)="7d5a9fc48f25c8f58e186492b823b6e1d305e5d1d371f9d08fccecbee0fccf6a25e5d8f84bfbdc250120f3fdfed124a7b1b539c5db17f5da9f0a0b64d4fa6df277409bb05680a4876b1f64dc6e4f32bc7b5b66b00ff77e705f41eb2d8ae1dfb8947866f433c0cfda2d7615035050878458ce9f5a4ac4c11e69c58e79f1e07e02794da8c015facd6427861aa08984fc1a2504b68894457e39e8780ad3c293bbeb880e388635b3616193f80325ed8a76842769dd46c7f132cac4ff1c09969f4baf98", 0xc1) ioctl$DRM_IOCTL_GET_CTX(r5, 0xc0086423, &(0x7f0000000000)={r7, 0x2}) ioctl$DRM_IOCTL_DMA(r4, 0xc0406429, &(0x7f0000000140)={r7, 0x8, &(0x7f0000000040)=[0x3, 0x495, 0x81, 0x9, 0x3, 0x3, 0x2, 0x40], &(0x7f0000000080)=[0x5e], 0x6, 0x5, 0x3, &(0x7f00000000c0)=[0x2, 0x7, 0x7, 0x80000000, 0x205], &(0x7f0000000100)=[0x3, 0xfffffffa, 0x6e5, 0x2, 0xff, 0x0, 0xf9, 0x7fff, 0x101, 0x3]}) 22:26:29 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x760000}]) 22:26:29 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000080)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='gid_map\x00') r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setstatus(r1, 0x4, 0x42000) preadv(r0, &(0x7f00000017c0), 0x333, 0x0) 22:26:29 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0b") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:29 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x807100}]) 22:26:29 executing program 3: ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000700)={0xffffff68, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r1, &(0x7f0000000200)={0x5, 0x10}, 0x18) 22:26:29 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) epoll_wait(r4, &(0x7f0000000000)=[{}], 0x1555555555555664, 0x10001) 22:26:29 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:29 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0xffffffffffffff95) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @ipv4={[], [], @broadcast}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 22:26:29 executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x800000000000012, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r0, r1, 0x0) 22:26:29 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000000)={0x34}, 0x1) 22:26:29 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x880000}]) [ 245.458046] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 22:26:29 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x400000, 0x0) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000040)={0x4, 0xfffffff7, 0x8, 0xffffff7f, 0x4, 0x8f, 0x9, 0xff, 0x9, 0xfea, 0x3ff, 0x5}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) dup3(r1, r0, 0x80000) 22:26:29 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:29 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SIOCX25SFACILITIES(r2, 0x89e3, &(0x7f00000002c0)={0x5f, 0xadc, 0xa, 0x5, 0xe6, 0xc1}) r3 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f0000000000)='./file0\x00', 0x383, 0x144) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/autofs\x00', 0x40000, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(r4, 0x5201) sendmsg$nl_crypto(r3, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20441}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=@getstat={0x49d, 0x15, 0x100, 0x70bd2c, 0x25dfdbfb, {{'rfc4106(gcm(aes))\x00'}, [], [], 0x0, 0x2000}, ["", "", "", "", "", "", "", "", ""]}, 0xe0}, 0x1, 0x0, 0x0, 0x8008810}, 0x8000) r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r5, 0xc0485661, &(0x7f0000000140)={0x1}) setsockopt$sock_int(r4, 0x1, 0x1, &(0x7f0000000380)=0xff, 0x4) syz_open_dev$video4linux(&(0x7f0000000300)='/dev/v4l-subdev#\x00', 0xae7d, 0x100) 22:26:29 executing program 4: mkdir(&(0x7f0000639000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000880)='./file0\x00', &(0x7f0000000380)='ramfs\x00', 0x10040, 0x0) r0 = creat(&(0x7f0000139000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup3(r1, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1}) write$P9_RCREATE(r0, &(0x7f0000000000)={0x2e7}, 0xff30) creat(&(0x7f00000000c0)='./file0/bus\x00', 0x0) 22:26:29 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") poll(&(0x7f0000000000)=[{r1, 0x1101}, {r2, 0x28c}, {r3, 0x4010}, {0xffffffffffffffff, 0x4}], 0x4, 0x0) 22:26:30 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:30 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x960000}]) 22:26:30 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:30 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045301, &(0x7f0000000000)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:30 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f00000000c0)=0x1, 0x4) bind$inet6(r1, &(0x7f0000000380)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) 22:26:30 executing program 4: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) listen(r0, 0x400000001ffffffd) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r4 = accept4(r0, 0x0, 0x0, 0x0) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x8d) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r6 = socket$inet(0x2, 0x3, 0x19) r7 = socket$inet(0x2, 0x3, 0x19) setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x23, &(0x7f0000000000)={{{@in=@multicast2, @in=@multicast1}}, {{@in6}, 0x0, @in6=@loopback}}, 0xe8) setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000180)={@multicast2, @local, 0x0, 0x2, [@local, @multicast2]}, 0x18) setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @local, 0x1, 0x1, [@local]}, 0x14) getpeername(r7, &(0x7f00000024c0), &(0x7f0000001a80)=0x80) setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x23, &(0x7f0000000000)={{{@in=@multicast2, @in=@multicast1}}, {{@in6}, 0x0, @in6=@loopback}}, 0xe8) r8 = socket$inet(0x2, 0x3, 0x19) setsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x23, &(0x7f0000000000)={{{@in=@multicast2, @in=@multicast1}}, {{@in6}, 0x0, @in6=@loopback}}, 0xe8) setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000180)={@multicast2, @local, 0x0, 0x2, [@local, @multicast2]}, 0x18) setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @local, 0x1, 0x2, [@local, @multicast2]}, 0x18) setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000180)={@multicast2, @rand_addr=0x7fffffff, 0x0, 0x2, [@local, @multicast2]}, 0x18) setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @local, 0x1, 0x2, [@local, @multicast2]}, 0x18) openat$mixer(0xffffffffffffff9c, &(0x7f0000001940)='/dev/mixer\x00', 0x40000, 0x0) sendmmsg(r4, &(0x7f0000002400)=[{{&(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x3, 0x0, 0x4, {0xa, 0x4e24, 0x8, @dev={0xfe, 0x80, [], 0xa}, 0x5}}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000180)="869a421b723e0dc26b67686a1fb08bb59b9ca7c351f7effd55f39aefd6aebb8d9bb103e658b3f12b0ffa6e092b39b5c9c912694814ff8365beb6ab76361dadb0f914f2f0c9393c0121334feb4ed1d231830fcb81faac216b225d5b0b920bae8bb3c4c48aece683dee36836fa73c6cc03e8c593e4aca1d7b252aa5b04f93aeadf293c715d0ad891a2b446e90239080c9be29dcbb822e22c3806484cfe141c3e70b4a4ab097f2ff0d662d7a6137e", 0xad}, {&(0x7f0000000280)="bb6f88530be2aa5fa2ed8de55ac0b34719e0b958bf7ea5058b370fdb1370a673d8cf4f6ed23d35fae4218b2fdc24ed471ae2359a2c65334b3343c22cabf7dae49dcd600b", 0x44}], 0x2, &(0x7f00000003c0)=[{0xf0, 0xbb, 0x408b90d4, "299a5b5980a29440f5e8e7d732a3ad1c24f1af91c353526adf6ddb11bf990b89142110bf6ea26fcb30bc4270878eacaa46a358ecb3183687307e124cacb3630b1c52ecb4e8d569409bd85f39e3a2e88b034084929583cdf6cd8dd8e8b39041f1ef2d5320507204abef8c7e1624cdeda5c8fda14a5cc8e2c3b35998906d3f3b00f671325e45b1ef79aa596340e2a801ea85730a1072d594b9704d3183a51cc61c86e82ae54f73a4e4e1b77d3e7e45ef40d5546bb4a45dc025d3c9b3cc6062591f879486b8905446887fa2e3004215bd7efd4aa146755999835e4d67bbee"}, {0xb8, 0x102, 0x0, "15ea95defcee8c16257331618a7545f53c3cd6ea30b3d6e108adcd46b91577dd34cb6300b50b217103ac9c15b4c86d42ce5ecde6c88e63fe72fc2bbcbd898ff891ad5b41cfda0c110d15613c5ea2df78cf0c38929303f99484fbad8640b36934dc16be1dac201bd651729e80e076b9861032f795d8543c7c86b4c8d3b9449f600a6bc35cc2ec9b4fbe42aece103efb3b0acae9927891af80802dc4ffdc3779259c"}, {0x1010, 0x119, 0x80000001, "72e54342691f195ff45d05adc4b9bf96f3785acc6543e87e3e681463eb97bfa3f9fdf6edf322f1f8bf054442177b04d4a41d0266ece90ff5a25f3378f5dfce938f90b70338a0b0d84d347963a2293bf4af5a72bf6a98304e2d9a32e69af1ac19ff5bb8e571d59f34185fd2256a2fa0e9dd81279f9bdfc378160d96944fc7aeff12d4f6833a569b10911e911876846b64229aab77c842ee71f86a88ebb9170df158b5f52cdce09f03fc8603ecf1b32f9d6903bf462c0c97ef2411a8cd48b3fd7b8101444a9bfb9c46477b7556f407de75c85e90b8b3df14b9c903cd40d90733b22720b11fa3774c71e4fc5bbe61b179fecc806bc3987793d81cea9c3398644c2f5b49c6d150dc3eef72994c31ba1a2fa8cbd11e27e551aa1d9f78f09a3092af8d24cc600d5da734d7ac928965d6f043af3078141abae0c7baf5614fa00afa3eb82d3dad6fa627ea0667d4be7829e45879ecf2d09aac3a8a364b5745eb3936e3ab41e1dd17dc30b5b637587f81593fd68dd17d9a362b61157588841477832a5474b3914e8702f5ff4b0c9dc626e8954f2da1f6d53898f7d5985a326506720f07cab28a55992ac5be9d13a9d7e71f81bd2e71facbdfc2bbdd8e9012ab771d523da5e25e3ffc1c173c4ac50519559b8f6d13f35e3510ae9bb1a767b97f21f30abba6e20a2def859aa7a21dc876ca6b95c4bc4220b15e7be547277df50971209e0f1bde445078fb2b0a97d2b16f98e11ea5ff998f26dc906d895e0a48ebbfcf3afba66151e1501f7a2afe591bfea563034cf42c84d6ccd0ba692073fc50cb14a40081aa6c82df034c59596976e17d650ad7753252d925a27846979eb1b96f6836d8cb5e30353ab9c6997e94500409a4f8cdd6249bad435ac4aff41f4bbb6b1919e2cf8ac76a8d591c5ad57bcdc62cf288fef891b6f73a7111eba1ab4015bb05b729debe59f90dd949cf22ccd4960730ae04b724244abf325a14eb37459071d8cb9bbd8a2adf3cb462eff6ed633815a6be3c1b260afedbdbe08f53585b99681c498f7fe8e9e26f6749ab42c6f9d2f6a65e6fde408e82f631730b9f0da5b42fe179871c72374c8e3e1be843ad81e1fb244f3c791e9d8a7c84931a2ea97a7eb84bdf9a2600dedac1d82cb3d0da809fdfc6aeafc305f20a952f3334f302275cd7ac97b67314dda37a441c2b4e1ccfbab27d8da3cc02162f1a569725764406aa79e2b13a32bff8242902e067b830ebe2738a97dea49c7c571a8b64e339f784eb359c5485f1a384a80bea8e9c5b86a8b1915b5cc813489fe2256e21d64f36cb6ed02731402b363e259d615b18537669b93f9f5e3115d08ef4a648647f1b7a12c0d03d13594598023c26f0e7114b43b6c7e9b0af596c3a24600a9ecad7787a02dabb40fb32efac749200d1db2b9bf01e8281fe6c773176bd227a673ce206752b004405ae2921689627acbbef101e48e58cd3b19fa7f9173d160f491ca9795659f8ff4e62f41fd85e99a693c1dedf33c2d01a47b9f28d8435ee885d89d41b8a59a192ea825492ce32e18f2fd6d651bc78f2c76d7153f893c63c1f5f8b43a9442640db508da98110528e2b46612ff727b39e8c9887b0d3c1e5d5b5978b3f72011baab2ae853e40f57ecc7795b5633d55f62a4f39e849b275795179c554af0f57d774c5365bde737fca7ee672c77a40c61848d3dbfea7737e0f64c816a7f3b6042fd9217678298f4506c8ae6ce1e3136c7f1b65c80aea7ee1464696eb9fdc3197ff21e103937fe434a5b1b927f8a05346402fcc433ef4c3a5a4ae0312bc7dd6db05d98839274a358a70cbfcc4375fafdb0c3230f20a654e46b2555a07cfdb4764d856659f4c5c3123f67acb71391297dc8e6f9ebd8a7d1b29d73a75872314363bcd2bed63d639da7767a555d209cc9a155c4f48f159609521502813023b76e4f770a8d440f48ec62fe0547b3a48cff12a2622652b8c06c81f9bcf12bf608fd872a66bea6b32adb0b29ba7ade24b5c19f3a1fb71605e4943330014fcabc9a96665b1ced6e6ef5c5e9019f39695f1a3cbdf1289f153d928e089aee5d57d973ebf4670922a841530666ba33966a97e6023a2e7a263b9541cc60c9d2054124f1ada9858b4b7b94efc8d038a51302587fa62da49917d3dcba6c78316ca20dafd48d71eb41156fe846a2a01cb41105f2a10f33f954579e66a3d1bc47e1613604352d9c19bdc70444c4ffe5082d94642191b1ffe2cc20714f9b997568301189649b28c99b64aaf99f07a2a8fbbd70b51b2bf0455bd4f2a59da07af9899e10d92b40f41c515a055f61a7ac92b49fde4031359bfc984445973e8eda50346ef9e97e3c1254a222570c720abdf27b94263d39d40c39b43c0b2a35ebf32e6a0240436b666e6729533e5f3b4f01776148f44d2811b65de57783b473ae7ef24cc395321d99ae7f21feed97ffd5b393318da2b36ad8f6572e5fd2ab234e9f24c4058d1f2e8f0613f4d9950e9f7951244d915b609768d6fd1c2a7eda00301720654031785d49752394f0ec7d91b3f269102fd3ce8553e0eef6687ec54a5f7e939669458b852e1152219b6bbf10ffa83218c2d82f44357bf58dc01a57b2eca31449619c4e51e4bb21e200dc59a94ddee3c073d2810369cf8ccc9838eee8db320ce3ebfe9c8ce899b0a2e458851a410921f6395a644f164eb4df846935f5b68c17c80a304b4de5bbe9820eae4a6d019119c7e1261d8a97a9db3b9c1e3fb453bd5b6612fc986e7d47b91c6302389dc3937998cf6f70d03507b42c2dd253e544912679f28927f496613d6872bb830d60017d07947739bf0cbc50e1485196686c67ad4032a998bc685020bddcf685d60e59b8df3ee3b1c4e01e4023bbef9ae323ac81258d5c07fb3dcf2209f998edcfc61918bfaea990828a07665c34062a101fcc8d576d77bd32614847f81910c01850b638c73cd3ed6187683fcc57c6f100dd5062042e13fd20f1ef0170c94bbf477bbcdbb95c73f4ce08025fbb09d4a91415b600506281826580dbbaddd1f811258b7b5eb0f4e1e14d9c1c9304fa82cf38ec0d4113676f6ea96cb25862a698ae0af59b94455c7e51ecffd59ea5a28ffdd5f6770949d97a8aa8a361454fe695bd3756fca908e6c807c45ec2939e0f08afe918cd1d07b9988ac1d441691e317d340b91e745b65832ba5d80830971ae09fa11d7b045ec018de575c1615e834844c391265ed331766fe36cb8a2045cb9072c61c92cc3bb2f724f1823574793621b2ae9f49b0dda19ca8429b19bb4999dbe0c9c4ec865ec44e0c73a30f9296539cc060fc3b2fe0afa10d28638b87697cac4441ea7757a3e544bf26c77ab5d096156666a51f1ae035f8ebb65f7ff0b2bffa35bef5eac222bfad4c14e433ba740a787766d067ec630243106d6467fd2235c974260a42f11b80670670f5eee4e2e60b993bed11e1613eb86b3a4155230288cfe5b8aae09e4f5d19ac0369821c7af820c293ba4da378d2c6a8de478303ddd88c57e987953d084f78354e05e1f6587f69422e0e24ac346622dd7a1008920fd777772fa97b9af5fe69370a0196a05182fe866fbb2f17837021f088d2facacfa9177f9174e71c4f62e0ede60b471be775ef1a4f00542c5832a9042742fe7736565c6007f7b2b14f06341cf1a8aeef4275520bb7cadcbcffa538e9fd3e691da61b6d034626770f320b482dd3ad65976439e409a42685054b9120610e28ab7df08f8fc498a16e3273b6f5789e92529f8f4b4ed6311f8675bd0d58b674b45b987db56d1a7962993c633a7d173682e9e67eb341cbf9326dce65e8be3e1fe679eba95f561ba711f43224427e8b7a59326d309643c35d74789c34179c668c848e7ecd1742b204ee1b52aaa0eaec00eb0230e1fd599eb0a03c814d576e8c0e0fce114600ab5cd1eee335e2ab5d0c7445358fbc786157268962bfefbce48807085a81fb7981dce6d62bc4b51a18cc7bbfe64fc83805ebf5003f78aabce35c33d23581fcd800eeabdbd124a8f2ba55216c588f5b4e299c19256c0d16d332daf4f9d9450a2314f32932ce3a7d18848f46135451512b68a616ab13ab2799097ff85eceab62f5acab2637f3c1b742b612e3439d24b412423e64e2524cd4105e3813b74d9c396a2c179a1da5e43a0c19cc598447f1ec1a75cd16b4927aec0448a57ac20953632af882b5708a11b4aaa8e5059a9c4a81bfc5bdc1c72bd5681c2d34ebf949e42c2acc01b847379b5be163b14ac03e0389458fa9836cdb7e54edb0585168e92465ab7180a9f2925801b55ddf81fdf3b1f8519ae74ae3d044749b16974eca6937178c5d1a020727b21d0969e7f18925d4791c3c1496347aa3967bc2f614fec2c4275490ee728a3e47c822f1316214c98d00661a2ffdcf88068bcbd0356529ff6866d2c5594595bf620c800b3cdb8b9a2ac809aa84ae584a52aa9f080d6241dd23fb69abf91bfdc8630e0786f08b4079b521520ffbab7a644cf36147de54e1bbd47a107249351694a252082c50e0c1a790118b75e3e177daa58a73f6170ac3a1ee0d5a1dbbf48ec4c58535311b52e0596e8d48349ca93b75d5a3d50bb60eb0178dd911835e5e30f99e8b5e95ccc73d99d9307a01fd213fbcf4a9b397d765a658bbb9f65f080b1da93eb8d204e6da3b4f67d8a7766bb317c1f841c0f37dc5fbe89d104e6d42f83e16f586f32690f180379ace5a4fba8f7aa35bc9b96ff66b8007f2ecbccf4003b28725438068c3e2162fa3c181f3408faf0c8b9e36aeff413125108eacc2ec1ee0056ab1e8d7447b9bb9bbe0c829ece2a754ae1ef0081245350d95a349e5905bd91cff6cc26b84cc4891a55c0054a0fa5a76721ff164bac2c0c1768d2140bad77d9f0d3eaeb6694bad711622a4ac8c6ea223aa7584e2214aba07b1b3267e9f16b0b158bd0f033c2a5e15f319750134670839eb5e8fb42a79218bbb6339f35ad39dfd2d185ae8eff9abd4cc9f1b4fe840b17cceaeea96a88415d9d2445d929c1bc624f701c280f15bad9845d52fc476bc9e97954300777fa9e38fb292d0292cdb3e2875a2e9a5f81762456a5cd50b2e0a24137e12b42811893b6564c59a5c0801c616fe3d2c6bbab6aa8491387c6552adde30dc13f4d8b92bcb3b954e33029c3221070e40fc1530fd35e21e6129940ccfee247a05c780250fe5d2d0473ee32cf3095a71b887d8fa9c6a0a86b2e05d7cc5d57db27a2eb97f838f0db9f9eceec72b38a23e951023c7cf8c4ec2dca8503e8a5f832ad80fe31c934a16d8e9e8fdf2212e04302b81c1bdace4e4cfba5daa2df760025bf7c61c657e0882105dc46f1c312f6b48f3e57f3f6af3d6ac0e72359fd437e9f08e5f393dd0b47f4edc116485fed453cfd6db3a77692ba5eb5dba417313f66caf6af7da8ab5fd9ba59ff3ebb80580631dca751cca5f02521cfac66cd3675114cc4bae9fb3a82fef1e7ce0336a5e04c39fdca780ef4f221495dfc6987d47bebbbfb2d404d0610f653d8798847170561de9ae18dbb3f57a33133cc49eb6b3f31a49ce3479db2be5d2f26cce6b8d4be5e3ab6e2c5772a6467fa12b97f872a69765232b277e437aa45df7428121612e4cfbc033e3f29c96b232cf3bed2c7d7637c44174441064f8f59cdd6e9e946e1f90ca3413af545eb84c06f6a013d5df9976dd2220349406f3ba7a88189fed0507135f6e1e634ae9ae10adde11b1646a76a7a28a3957a042002c6964ce4f2d0c1c7344289f45c884eb42cba2f3899dd327227fc953b9fc853170dc5811dc595723c44e29be6d3404e9caf1b51ba02752c13f6cc2"}], 0x11b8}}, {{&(0x7f0000001580)=@x25={0x9, @null=' \x00'}, 0x80, &(0x7f0000000340)=[{&(0x7f0000001600)="214070647e2c26339d995f7dfb8f3accc8741bdad27189734f050428f559f37163b3446cb6bc8232c6607ef9543b6c4c0f400f07ec60ea25978497842cc6e465f17af4dc69bd32742c913e70502fc878fd75b15f64f55f963de1ad0bab453b879ffa39bd96a25096e234edff359673a8d3ce3f5e280fb40c9c1d67d14781033d895e9f7e46053d8a740d9ada13fe0602ab645d430bcffb94d563448a1c4d35843fc9e9f3e795aaf82e3070fe402c68761cb3db84c6da9dd8e3ce78bbc9a7cb007990a319e6379a5c1e6fcf4fee450c1e8db76ca09e1d3783615bcf011ab58bf07bbf012c52ab4b1477a9691540", 0xed}, {&(0x7f0000001700)="0950b7252046f0dbd3b20c6bda4e7a8bbd59822c875fa72dbf0a8ac298cc278a8df57859550c8b60706e4edeccd7a19f52c7496faaa84cc4eab830a914521334e476aab11b20b35cbd7b5d1a9ef42f580514c17325b7d506eff786e9a1278d513958cc08a8b46bd228d5c02d8fcd0ffbe25b7974fe419de0858c04c1a18a0cd305e6b9f47c487754674343533cbd2ef71a44255c48d6278fbf92989be58445a2f33d52bac71539b766a0f36ccd7fcd728ff74941ef79fc53067caa", 0xbb}, {&(0x7f00000017c0)="2df6e6604f1713bd283ca9d4cef583ae89d74affd745fabd8f747981aa8a0494f77eefc7675a5a7babc117646c2c5ce4a08dac4836d4b2cd8be219a7d5f7bbc860d01535de4e73dfdf1b6a63e49e5937a3c1106417943fa93bc481c3ba4aec00dff5340125b6c1b7476fc036f426661b5597aa69bd82f55154e55bb01a81bf613f7279e9c939fd6249491b290d01262e6c8b083bf9dbd98ee761a6464fcfba9557aac6532e35d336759ddbe3449ef714ae92a9bd4a34cfe8086c8752bbbdc999d770fe364ce688b4ece58ab5f91a95fb6f874a536fb0ff7b3eb5e63c988fa9093e382a4b", 0xe4}], 0x3, &(0x7f00000018c0)=[{0x48, 0x117, 0x8, "1ce719bb77f9896548a410439c95f8cae84157ae374f0f3935b388550867d0832830a3f6f267a9a05d2aa80964682c815817a928e6f9"}], 0x48}}], 0x2, 0x0) 22:26:30 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000080)={0xd, 0x0, @stop_pts=0x4}) 22:26:30 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$NBD_SET_TIMEOUT(r2, 0xab09, 0x4e) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) 22:26:30 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0xf05000}]) 22:26:30 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b00") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:30 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_netfilter(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc585d396931d2848}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0xb4, 0x8, 0xff0bcb7856beb233, 0x300, 0x70bd2b, 0x25dfdbfe, {0x3, 0x0, 0x9}, [@generic="fd835f50497f8916493e485dcd12685e73a6554a26ce49faab740d5b66d80aa149cd84e78bdfe0d9fb42bcd8be9c08183211f96505f0736e3956ac19484ae6e6ca6d36c3da0ee8045221455f79da2faf5a9c7b59fc1a6931922b2e67e38e6836b3732bf85c46f92d7c74c46d3a047f2cf92a55d4fc933024502fdd4aee190ae7c4dfefb3efec4404c9d62952ee5c56414cd5b0eacdba5be6f892181957"]}, 0xb4}, 0x1, 0x0, 0x0, 0x24854}, 0x8) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000000000)=0x2eeec948) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:30 executing program 3: syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) prctl$PR_GET_SECUREBITS(0x1b) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000700)={0x2b2, 0x0, 0x0, 0xffffff4a, 0x7, &(0x7f0000000000)="087a0f45aa759f5da714c68ff3e23dfe87ca33545a4c3b13385bd98e939423eb991b5a0136633127e7ea142150de40df504b9818a2f8597dc69d04d31f0b2013c0b2902508400f7ff7424809031a19694dc062358804bfbfadd0be2fb5628270e961ddb8be8d1377f8709b64612eca0c4c122e37cc"}) [ 246.121638] dccp_close: ABORT with 893 bytes unread 22:26:30 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0xf07000}]) 22:26:30 executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, 0x0) [ 246.184208] raw_sendmsg: syz-executor.4 forgot to set AF_INET. Fix it! 22:26:30 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$TIPC_NL_MON_GET(r2, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="10010000", @ANYRES16=0x0, @ANYBLOB="00042dbd7000fddbdf251200f07f04dd360000fc000100380004001400010002004e20000000050000000000000000200002000a004e2000000031fe8000000000000000000000800000bb000100002c0004001400010002004e20e000000200000000000000001400020002004e22ac1414220000010002004e20ac14142200000000c32aa7568c4a7fe4b2ef9a7e41755ddb000000001400020002004e20ac1e0001000000000000000008000300ff0300000800030080000000080003000800000008000300d8090000100001007564703a0900000000000000380004001400010002004e20ac1e01010000000000000000200002000a004e2300000009000000000000000000000000000000000000000000000000000000bcdb906c1cbe1ea832d4fcd47c9f95"], 0x110}, 0x1, 0x0, 0x0, 0x8000}, 0x829) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x0, 0x0) ioctl$TIOCMBIS(r3, 0x5416, &(0x7f0000000100)=0x255) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dlm_plock\x00', 0x200, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000240)=0x2) ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000080)={0x4, 0x9d7aa1b4f0215b8e, 0xf}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f0000000000)={0x5, "c6b858e883c8a30942e5fa8489b8956c092f5d70e5672d5616c7a613c6514a05", 0x1, 0x1}) 22:26:30 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b00") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:30 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x7, &(0x7f0000000680)='x'}) semget$private(0x0, 0x3, 0x100) 22:26:30 executing program 4: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {0x7}, 0x0, 0x0, &(0x7f0000000000), 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 22:26:30 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x8000, 0x0) ioctl$VIDIOC_S_EDID(r1, 0xc0285629, &(0x7f00000002c0)={0x0, 0xadd7, 0x5, [], &(0x7f0000000280)=0x80}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") recvfrom(r6, &(0x7f0000000440)=""/101, 0x65, 0x10000, &(0x7f00000004c0)=@nfc_llcp={0x27, 0x0, 0x2, 0x3, 0x8, 0x20, "7e1e9071550ffe5e0adde22e88fd08cd2ef59e51562e861794b87069288e4b082b9b51b5dc4329e2211fdd0e1d0d34fcdcb4249ccb48e55cd837f9732ea6a5", 0x30}, 0x80) sendmsg$TIPC_NL_BEARER_ENABLE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="b2381e23c09b31e77ecc86f5f7758b736775e08eda34c47827ad2e0792a5b9fffa1c25f8b90c97844bd6330add0ea37e585db7803e270dc8d77b14691093b60a72589bcbc12add8adebf5a04e592f01147080511836f51ad7809955d1bd6ef02651e0cefe47881991477d2125882e4f1cacac19099e6ba189efacd2c5ba1d96131da84b62efd0183a75e6b52f2a346fb88060a2d5d0fe5440fbe1e601f4ef7e7f4992578155a241bd007419955137a41729a2b9121abc0085bb80264fc380b808458e0e9c31a0008fc91c2b1b5c9344a5bdb2417adacc89eea8c33bfbd79d2023b", @ANYRES16=r5, @ANYBLOB="0100000000000000000003000000200001001c0001006574683a6c6f155f854b8f51bdae8695238119786e990000"], 0x34}}, 0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4004420}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0xbc, r5, 0x901, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x49b0}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_LINK={0x10, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_MEDIA={0x64, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1a7e}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x51}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x40}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x40001}, 0x4001410) 22:26:30 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r0, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x06\x02\xff', @ifru_names='bond_slave_1\x00t\x00'}) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x01', @ifru_names='bond_slave_1\x00\x00\nd'}) 22:26:30 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x1000000}]) 22:26:30 executing program 3: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087185082cf0400b0eba06ec400002339e00586f9835b3f00009148790000f85acc7c45", 0x2e}], 0x1}, 0x0) 22:26:30 executing program 4: 22:26:30 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b00") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f00000001c0)={0x0, {{0x2, 0x0, @multicast1}}, 0x1}, 0x90) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:30 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @raw_data=[0x8, 0x7, 0x80005, 0x3ff, 0x1e9, 0xffffffff, 0x7, 0xffff, 0x1000, 0x6, 0x3, 0x3415e579, 0x67, 0xda, 0x10000, 0x1]}) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000000)={0x0, 0x0, {0x2, 0x8, 0x1a5, 0x6}}) [ 246.542134] bond0: Releasing backup interface bond_slave_1 22:26:30 executing program 4: 22:26:30 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x4000000}]) 22:26:31 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='v\x98\xeb\xff\xff\xff\x00\x00\x04\x006\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:31 executing program 4: 22:26:31 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r4, 0x42b, 0x0, 0x0, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x13, 0x0, @udp='udp:syz1\x00'}}}}, 0x34}}, 0x0) sendmsg$TIPC_CMD_GET_LINKS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000040}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r4, 0x2, 0x70bd28, 0x25dfdbfb, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x4010) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$GIO_CMAP(r6, 0x4b70, &(0x7f00000001c0)) 22:26:31 executing program 4: 22:26:31 executing program 2: 22:26:31 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x40000000}]) 22:26:31 executing program 4: 22:26:31 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) mmap(&(0x7f0000ffb000/0x1000)=nil, 0x200000, 0xc00001bfff, 0x12, r0, 0x0) [ 247.005512] Enabling of bearer rejected, failed to enable media [ 247.038445] Enabling of bearer rejected, failed to enable media 22:26:31 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80000, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000000080)=""/48) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:31 executing program 4: 22:26:31 executing program 3: 22:26:31 executing program 2: 22:26:31 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x400000000000}]) 22:26:31 executing program 4: 22:26:31 executing program 0: socket$inet6(0xa, 0x100000003, 0x3a) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 247.250754] QAT: Invalid ioctl 22:26:31 executing program 2: [ 247.325950] QAT: Invalid ioctl 22:26:31 executing program 4: 22:26:31 executing program 3: 22:26:31 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x555555a1c000}]) 22:26:31 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x2, 0x480000) ioctl$VIDIOC_DBG_G_CHIP_INFO(r1, 0xc0c85666, &(0x7f00000001c0)={{0x2, @name="10330b7ce3a13336a57373888ebf7711d3fb5fbb928b8ac3c56c9473e91f7c59"}, "f307a8940662bcf29d6431ac423bcc31ad8b1d56b4cb105629fc7b015a207038"}) ioctl$VIDIOC_DBG_G_REGISTER(r0, 0xc0385650, &(0x7f0000000080)={{0x3, @name="fc994024d21f6e07dde644c04b6b497d6d9fc1b4d01503c40ba12ead7f5bb3d4"}, 0x8, 0x1000, 0x8000}) 22:26:31 executing program 0: socket$inet6(0xa, 0x100000003, 0x3a) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:31 executing program 2: 22:26:31 executing program 4: 22:26:31 executing program 3: 22:26:31 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x480880, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5387, &(0x7f0000000100)) ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431) r4 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6, 0x341003) ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f00000000c0)={0x4, 0xc, 0x1, "701a395ad7f920e1dbfef27cc15855c2b2bfa602b32555de79d483fc7c1c132b"}) ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f00000001c0)=ANY=[@ANYBLOB="23000000713b41221cc93f6d35f67e000000000000000000000000000000079f00fff50759ba231529b8167cf65cba525558eec859f3b7e34a581c63d5f237ef744f857dabece820847aaff3b2827f6bbad18dfbe734e5a0334fbd6d0674cd3260e1ddd20912eb6f4ff7c840ea97f834961851b1b6b739bf3ac285efdc580738b967ce47d772f043422a02da00bea8305549f2225baf82a948943de5711fd1ea0c6e2d1d8c6b3e4eb51bdcff3ef42f4eebeeaba2800f402ec9143e52e9810497df"]) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:31 executing program 2: 22:26:31 executing program 4: 22:26:31 executing program 0: socket$inet6(0xa, 0x100000003, 0x3a) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:32 executing program 3: 22:26:32 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x555555a3e000}]) 22:26:32 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0) r2 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x2, 0x200101) ioctl$VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f00000001c0)={0x2, 0xb, 0x4, 0x200800, {0x0, 0x2710}, {0x4, 0xc, 0xcb, 0x8, 0x6, 0x8, "ee56fa02"}, 0x0, 0x2, @fd=r1, 0x4}) ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000100)={'vxcan1\x00', {0x2, 0x4e21, @multicast1}}) ioctl$VIDIOC_G_INPUT(r1, 0x80045626, &(0x7f0000000080)) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:32 executing program 2: 22:26:32 executing program 4: 22:26:32 executing program 3: 22:26:32 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:32 executing program 2: 22:26:32 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x760000000000}]) 22:26:32 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0) connect$llc(r1, &(0x7f0000000080)={0x1a, 0xfc54, 0x2, 0x33, 0x1, 0x6}, 0x10) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:32 executing program 4: 22:26:32 executing program 3: 22:26:32 executing program 2: 22:26:32 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:32 executing program 4: 22:26:32 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f0000000800)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000840)={'syz', 0x0}, 0x0, 0x0, r1) keyctl$revoke(0x3, r1) r2 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f0000000800)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000840)={'syz', 0x0}, 0x0, 0x0, r2) keyctl$revoke(0x3, r2) keyctl$instantiate(0xc, r1, &(0x7f0000000000)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'trusted:', '', 0x20, 0x5, 0x20, [0x64]}, 0x2e, r2) 22:26:32 executing program 3: 22:26:32 executing program 2: 22:26:32 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x7f4e5da44000}]) 22:26:32 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:32 executing program 4: 22:26:32 executing program 2: 22:26:32 executing program 3: 22:26:32 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = msgget(0x3, 0x330) msgctl$IPC_INFO(r1, 0x3, &(0x7f00000001c0)=""/248) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$CAPI_GET_FLAGS(r2, 0x80044323, &(0x7f0000000080)) ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000000)=0x1) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r3, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @raw_data=[0x1f, 0x4, 0x0, 0x0, 0x10000, 0x3, 0x80000000, 0x9, 0x5, 0x10000, 0x3f, 0x6, 0x200, 0x3105, 0x5, 0x7]}) 22:26:32 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) 22:26:32 executing program 2: 22:26:32 executing program 3: 22:26:32 executing program 4: 22:26:32 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x7fffffffefff}]) 22:26:32 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) 22:26:32 executing program 4: 22:26:32 executing program 2: 22:26:32 executing program 1: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0xc0000, 0x0) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000080)={0x2a, 0x26, 0x4, 0x15, 0xa, 0x100, 0x5, 0xce}) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x40, 0x0) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r2, 0x800442d2, &(0x7f0000000100)={0x5, &(0x7f00000001c0)=[{0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @local}]}) prctl$PR_SVE_SET_VL(0x32, 0x12c6) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @start={0x8, 0x1}}) 22:26:32 executing program 3: 22:26:33 executing program 4: 22:26:33 executing program 2: 22:26:33 executing program 0: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) 22:26:33 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x960000000000}]) 22:26:33 executing program 3: 22:26:33 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000001c0)={0x9, @sliced={0x8001, [0x6, 0x8, 0x4, 0x8, 0x8, 0x3434, 0x0, 0x1000, 0xcc, 0x7b85, 0x9, 0xfff, 0x48c, 0xa844, 0x8001, 0x1, 0x3, 0x75ca, 0x4, 0x1f, 0x200, 0x200, 0x499e, 0x2, 0xffc1, 0x0, 0x12b4, 0x23a, 0x40, 0x7, 0x3, 0x3, 0x1, 0xf1ec, 0xf833, 0x1, 0x4, 0xffff, 0x25c9, 0x1ff, 0x3, 0x5, 0x400, 0x4, 0x4, 0x0, 0x3, 0xfffd], 0x6}}) 22:26:33 executing program 4: 22:26:33 executing program 2: 22:26:33 executing program 3: 22:26:33 executing program 2: 22:26:33 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @raw_data=[0x9, 0x995e, 0x20, 0x2, 0xfffffffe, 0x6, 0x0, 0x0, 0x0, 0xb8, 0x3, 0x0, 0x3, 0x4, 0x3f, 0x7f]}) 22:26:33 executing program 4: 22:26:33 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x40a45d4e7f0000}]) 22:26:33 executing program 0: 22:26:33 executing program 0: 22:26:33 executing program 2: 22:26:33 executing program 3: 22:26:33 executing program 4: 22:26:33 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @start={0x5}}) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x2, 0x40) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd00010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x148, 0x24, 0x507, 0x0, 0x0, {0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8, 0x1, 'red\x00'}, {0xffffff75, 0x2, [@TCA_RED_PARMS, @TCA_RED_PARMS={0x14}]}}]}, 0x148}}, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_deladdr={0x30, 0x15, 0x2, 0x70bd2c, 0x25dfdbfe, {0x2, 0x40, 0x8, 0xff, r5}, [@IFA_ADDRESS={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x1f}}, @IFA_BROADCAST={0x8, 0x4, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x20a}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4005) 22:26:33 executing program 0: 22:26:33 executing program 2: 22:26:33 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x80710000000000}]) 22:26:33 executing program 4: 22:26:33 executing program 3: 22:26:33 executing program 2: 22:26:33 executing program 0: [ 249.402050] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 22:26:33 executing program 4: 22:26:33 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x88000000000000}]) 22:26:33 executing program 3: [ 249.535844] netlink: 284 bytes leftover after parsing attributes in process `syz-executor.1'. 22:26:33 executing program 0: [ 249.618980] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. 22:26:34 executing program 2: 22:26:34 executing program 4: 22:26:34 executing program 3: 22:26:34 executing program 0: 22:26:34 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0xc0a15555550000}]) 22:26:34 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r2 = socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fsetxattr$security_ima(r4, &(0x7f00000000c0)='security.ima\x00', &(0x7f00000001c0)=@sha1={0x1, "baba86044c647592f054ca340574e04e19086c68"}, 0x15, 0x1) write$P9_RFSYNC(0xffffffffffffffff, &(0x7f0000000200)={0x7, 0x33, 0x2}, 0x7) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r5, 0xffff, 0x6}, &(0x7f0000000140)=0xc) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000080)={0xfc35, 0x200, 0x800a, 0x8000, 0x6, 0xfffff000, 0xff, 0x81, r5}, 0x20) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:34 executing program 2: 22:26:34 executing program 4: 22:26:34 executing program 3: 22:26:34 executing program 0: 22:26:34 executing program 2: 22:26:34 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6, @in6=@loopback}}, {{@in=@multicast1}, 0x0, @in=@empty}}, &(0x7f0000000080)=0xe8) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendto$rxrpc(r2, &(0x7f00000001c0)="87dbed83c1beff3eed1af9eb92597dde7c1749c047a377802c144b103dd96d56828d6cb333f0303b8d8fc663ece92683548e610df696ccbead7321861819dd25ff7065958925709f75a065a2a3d1b0583599c54009b3fc272bd73ddcd74f18f4cb301dfd8e7fad4f041f5954fc75e6fc5d1974dbbbca7d168244e76e54ca56130406533711d0002a9d889f7bda2e1f58a4109f338d1f6b2bfbe596805f3fa7c23ce66ad77b8a52856b4c3ecb0ec198f91037ab6113808546a37f0525584a87824a885190416652a478476e00142b4ebd", 0xd0, 0xd7b65166605f6313, &(0x7f0000000000)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e20, @remote}}, 0x24) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:34 executing program 4: 22:26:34 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0xe0a35555550000}]) 22:26:34 executing program 2: 22:26:34 executing program 3: 22:26:34 executing program 0: 22:26:34 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000080)={0x8, 0x0, "c690f9f7a6c311a1551af0286551ca7afabe6f9b2da03acd6e25467217770a0c", 0x20, 0x2, 0x0, 0x5605ae32, 0x1d2}) r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r2, 0xc0485661, &(0x7f0000000140)={0x3}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SIOCX25SDTEFACILITIES(r4, 0x89eb, &(0x7f0000000100)={0x8f, 0x401, 0x1, 0xfe, 0x81, 0x24, 0xe, "29f4e027532a042b915080bb7d5b20c3bf49a1c9", "ccaa89aa321a94091e9fe234f478120f72f2f361"}) ioctl$sock_bt_cmtp_CMTPCONNDEL(r1, 0x400443c9, &(0x7f0000000000)={{0x3, 0x9, 0x4, 0x4, 0x20, 0x1}, 0x8}) ioctl$NBD_SET_TIMEOUT(r1, 0xab09, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") dup2(r5, r1) mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) 22:26:34 executing program 4: 22:26:34 executing program 3: 22:26:34 executing program 2: 22:26:34 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0xf0500000000000}]) 22:26:34 executing program 0: 22:26:34 executing program 4: 22:26:34 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @raw_data=[0x18431fa9, 0x6, 0x9374, 0x3, 0x0, 0x5, 0x8, 0x3, 0x7, 0x10000, 0x3, 0x2, 0x6, 0x1ff, 0x4db2]}) 22:26:34 executing program 3: 22:26:34 executing program 0: 22:26:34 executing program 2: 22:26:34 executing program 4: 22:26:34 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0xf0700000000000}]) 22:26:34 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VIDIOC_S_FBUF(r1, 0x4030560b, &(0x7f0000000000)={0x84, 0x40, &(0x7f0000000080)="356ae75c0b7982ad74a6f059c21e39eece1b6d7445bb5ae2fe3657806a217b0031ccf18b5076df621310a1e90030c9bb8caffc0011ea654f6c334f9757b6a5e57003e93e40a7757588195aa8da0eea3740b240eb9fc6d1ff90eb20cd857029329c19e9dc5c4ee142a69921c2", {0x690, 0x1, 0x34324142, 0x0, 0x5, 0x0, 0xc, 0x2}}) r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r2, 0xc0485661, &(0x7f00000001c0)={0x2, 0x0, @stop_pts=0xfffffffffffffffd}) 22:26:34 executing program 3: 22:26:34 executing program 0: 22:26:34 executing program 2: 22:26:34 executing program 4: 22:26:35 executing program 2: 22:26:35 executing program 0: 22:26:35 executing program 3: 22:26:35 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r2 = dup3(r1, r0, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r2, 0x4010641a, &(0x7f0000000080)={0x9, &(0x7f0000000000)=[0x4, 0x3f, 0x4, 0x0, 0x0, 0x400, 0x9, 0x8, 0x4]}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:35 executing program 4: 22:26:35 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x100000000000000}]) 22:26:35 executing program 3: 22:26:35 executing program 2: 22:26:35 executing program 0: 22:26:35 executing program 4: 22:26:35 executing program 3: 22:26:35 executing program 2: 22:26:35 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4) 22:26:35 executing program 0: 22:26:35 executing program 4: 22:26:35 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x400000000000000}]) 22:26:35 executing program 2: 22:26:35 executing program 3: perf_event_open(&(0x7f0000000680)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x11, 0x2, 0x0) r1 = syz_open_dev$ndb(&(0x7f00000001c0)='/dev/nbd#\x00', 0x0, 0x0) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r0) ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x7) ioctl$NBD_CLEAR_SOCK(r2, 0xab03) syz_open_dev$ndb(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 22:26:35 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0xe0240000, 0x65}, [@ldst={0x7, 0xc0ffffff, 0x0, 0xa0c91}]}, &(0x7f0000003ff6)='OPL\x00', 0x1, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48) [ 251.240933] block nbd3: Receive control failed (result -22) 22:26:35 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffb000/0x1000)=nil, 0x7fffdf004000, 0x0, 0x12, r0, 0x0) [ 251.283135] block nbd3: shutting down sockets 22:26:35 executing program 4: io_setup(0x8000, &(0x7f0000000000)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) io_submit(r0, 0x1, &(0x7f00000004c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) io_getevents(r0, 0x0, 0x0, 0x0, 0x0) 22:26:35 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f00000001c0)=ANY=[@ANYBLOB="d7cf5d02000000003080b79316d00700e451799f9de2f965faff2a6540ed601b140a57360767942d00000000", @ANYRES32=0x0], &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r4, 0xffff, 0x6}, &(0x7f0000000140)=0xc) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000080)={r4, @in={{0x2, 0x4e20, @rand_addr=0x614eeaf5}}}, 0x84) r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r5, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:35 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x4000000000000000}]) [ 251.358152] block nbd3: Receive control failed (result -22) [ 251.368159] block nbd3: shutting down sockets 22:26:35 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xffffffffffffffd0, 0x5, 0x0, 0xffffffffffffff5f) bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lstat(0x0, 0x0) r3 = accept$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000002c0)={&(0x7f0000feb000/0x13000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000fee000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fea000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000fe8000/0x1000)=nil, &(0x7f0000fed000/0x2000)=nil, &(0x7f0000000180)="ffe6be2ffe326c32cbce4e008f366c192862c864155558c10956024ed220105b612b9e1eebdb7c8fcc98", 0x2a, r3}, 0x68) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000040)="360f01df67f30fa6c00f01dff30f01ac65760f785621f30fc772fe66b9cf08000066b87577d66466ba000000000f302e0f01c30f35", 0x35}], 0x1, 0x1d, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) sched_getaffinity(0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) 22:26:35 executing program 1: socket$inet_sctp(0x2, 0x4, 0x84) r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @raw_data=[0xf4a, 0x9, 0xffffffc1, 0x5, 0xfffc, 0x80, 0x100, 0xfffff970, 0x4, 0x403, 0x0, 0x2, 0x7, 0x8001, 0x8, 0x8]}) 22:26:35 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) fsetxattr(r1, &(0x7f0000000000)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:35 executing program 4: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:35 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0x8000000000000000}]) 22:26:36 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:36 executing program 4: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:36 executing program 2 (fault-call:4 fault-nth:0): r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:36 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00, 0x0, 0xffefffffff7f0000}]) [ 252.128823] FAULT_INJECTION: forcing a failure. [ 252.128823] name failslab, interval 1, probability 0, space 0, times 0 [ 252.140375] CPU: 1 PID: 14662 Comm: syz-executor.2 Not tainted 4.19.76 #0 [ 252.147336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.156686] Call Trace: [ 252.159270] dump_stack+0x172/0x1f0 [ 252.162891] should_fail.cold+0xa/0x1b [ 252.166783] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 252.172059] __should_failslab+0x121/0x190 [ 252.176285] should_failslab+0x9/0x14 [ 252.180072] kmem_cache_alloc+0x47/0x700 [ 252.184131] dst_alloc+0x10e/0x1d0 [ 252.187669] ip6_dst_alloc+0x34/0xa0 [ 252.191384] ip6_pol_route+0x735/0xfa0 [ 252.195275] ? ip6_pol_route_lookup+0xb90/0xb90 [ 252.199931] ? __lock_acquire+0x6ee/0x49c0 [ 252.204156] ? find_held_lock+0x35/0x130 [ 252.208207] ? ima_match_policy+0x9ec/0x13c0 [ 252.212610] ip6_pol_route_output+0x54/0x70 [ 252.216927] fib6_rule_lookup+0x263/0x550 [ 252.221065] ? ip6_pol_route_input+0x80/0x80 [ 252.225462] ? fib6_lookup+0x360/0x360 [ 252.229342] ? __lock_acquire+0x6ee/0x49c0 [ 252.233565] ? process_measurement+0xd5d/0x1560 [ 252.238229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.243764] ip6_route_output_flags+0x2c4/0x350 [ 252.248443] ip6_dst_lookup_tail+0x1042/0x1a70 [ 252.253030] ? ip6_copy_metadata+0xd00/0xd00 [ 252.257454] ? __might_fault+0x12b/0x1e0 [ 252.261528] ? lock_downgrade+0x880/0x880 [ 252.265693] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 252.270725] ? iov_iter_advance+0x261/0xe30 [ 252.275065] ip6_dst_lookup_flow+0xa8/0x220 [ 252.279405] ? ip6_dst_lookup+0x70/0x70 [ 252.283402] ? selinux_sk_getsecid+0x77/0xc0 [ 252.287823] rawv6_sendmsg+0xb33/0x32e0 [ 252.291800] ? rawv6_getsockopt+0x150/0x150 [ 252.296120] ? avc_has_perm_noaudit+0x570/0x570 [ 252.300785] ? mark_held_locks+0x100/0x100 [ 252.305009] ? __fget+0x340/0x540 [ 252.308461] ? sock_has_perm+0x209/0x2a0 [ 252.312517] ? selinux_secmark_relabel_packet+0xe0/0xe0 [ 252.317891] inet_sendmsg+0x141/0x5d0 [ 252.321685] ? inet_sendmsg+0x141/0x5d0 [ 252.325647] ? ipip_gro_receive+0x100/0x100 [ 252.329956] sock_sendmsg+0xd7/0x130 [ 252.333673] __sys_sendto+0x262/0x380 [ 252.337467] ? __ia32_sys_getpeername+0xb0/0xb0 [ 252.342128] ? kasan_check_write+0x14/0x20 [ 252.346363] ? __sb_end_write+0xd9/0x110 [ 252.350431] ? fput+0x128/0x1a0 [ 252.353700] ? ksys_write+0x1f1/0x2d0 [ 252.357496] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 252.362243] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 252.366988] ? do_syscall_64+0x26/0x620 [ 252.370971] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.376355] __x64_sys_sendto+0xe1/0x1a0 [ 252.380424] do_syscall_64+0xfd/0x620 [ 252.384218] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.389400] RIP: 0033:0x459a29 [ 252.392584] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.411480] RSP: 002b:00007ff46c35ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 252.419181] RAX: ffffffffffffffda RBX: 00007ff46c35ec90 RCX: 0000000000459a29 22:26:36 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) fsetxattr(r1, &(0x7f0000000000)=@known='user.syz\x00', 0x0, 0x0, 0x0) [ 252.426545] RDX: 000000000000ffa7 RSI: 0000000020000000 RDI: 0000000000000003 [ 252.433801] RBP: 000000000075bf20 R08: 0000000020000180 R09: 000000000000001c [ 252.441057] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46c35f6d4 [ 252.448314] R13: 00000000004c7bfe R14: 00000000004dd9f0 R15: 0000000000000005 22:26:36 executing program 4 (fault-call:9 fault-nth:0): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:36 executing program 2 (fault-call:4 fault-nth:1): r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 252.726386] x86/PAT: syz-executor.4:14677 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 252.744991] FAULT_INJECTION: forcing a failure. [ 252.744991] name failslab, interval 1, probability 0, space 0, times 0 [ 252.756952] CPU: 0 PID: 14677 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 252.763903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.773284] Call Trace: [ 252.775889] dump_stack+0x172/0x1f0 [ 252.779532] should_fail.cold+0xa/0x1b [ 252.783435] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 252.788550] ? lock_downgrade+0x880/0x880 [ 252.792722] __should_failslab+0x121/0x190 [ 252.797003] should_failslab+0x9/0x14 [ 252.800836] kmem_cache_alloc_node+0x26c/0x710 [ 252.805435] ? lockdep_hardirqs_on+0x415/0x5d0 [ 252.810034] ? trace_hardirqs_on+0x67/0x220 [ 252.814367] ? kasan_check_read+0x11/0x20 [ 252.818531] copy_process.part.0+0x1ce0/0x7a30 [ 252.823141] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 252.828693] ? proc_fail_nth_write+0x9d/0x1e0 [ 252.833198] ? proc_cwd_link+0x1d0/0x1d0 [ 252.837270] ? __f_unlock_pos+0x19/0x20 [ 252.841263] ? find_held_lock+0x35/0x130 [ 252.845344] ? __cleanup_sighand+0x70/0x70 [ 252.849598] ? lock_downgrade+0x880/0x880 [ 252.853772] ? kasan_check_write+0x14/0x20 [ 252.858013] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 252.862865] _do_fork+0x257/0xfd0 [ 252.866329] ? fork_idle+0x1d0/0x1d0 [ 252.870056] ? fput+0x128/0x1a0 [ 252.873347] ? ksys_write+0x1f1/0x2d0 [ 252.877159] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 252.881925] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 252.886688] ? do_syscall_64+0x26/0x620 [ 252.890673] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.896041] ? do_syscall_64+0x26/0x620 [ 252.900027] __x64_sys_clone+0xbf/0x150 [ 252.904014] do_syscall_64+0xfd/0x620 [ 252.907834] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.913030] RIP: 0033:0x459a29 [ 252.916233] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.935148] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 252.942880] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 252.950159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 252.957435] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 252.964711] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 252.971990] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:37 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SIOCAX25NOUID(r3, 0x89e3, &(0x7f0000000000)=0x1) 22:26:37 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) fsetxattr(r1, &(0x7f0000000000)=@known='user.syz\x00', 0x0, 0x0, 0x0) 22:26:37 executing program 3 (fault-call:3 fault-nth:0): r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 253.026619] x86/PAT: syz-executor.4:14677 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 253.080784] FAULT_INJECTION: forcing a failure. [ 253.080784] name failslab, interval 1, probability 0, space 0, times 0 [ 253.083081] x86/PAT: syz-executor.4:14677 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:37 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:37 executing program 4 (fault-call:9 fault-nth:1): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 253.178178] CPU: 1 PID: 14744 Comm: syz-executor.3 Not tainted 4.19.76 #0 [ 253.185146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.194502] Call Trace: [ 253.197103] dump_stack+0x172/0x1f0 [ 253.200751] should_fail.cold+0xa/0x1b [ 253.204654] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 253.209770] ? lock_downgrade+0x880/0x880 [ 253.213946] __should_failslab+0x121/0x190 [ 253.218216] should_failslab+0x9/0x14 [ 253.222032] kmem_cache_alloc_trace+0x2cc/0x760 [ 253.226713] ? kasan_check_read+0x11/0x20 [ 253.230883] ? do_raw_spin_unlock+0x57/0x270 [ 253.235308] ? _raw_spin_unlock+0x2d/0x50 [ 253.239475] binder_get_thread+0x1db/0x7c0 [ 253.243721] ? __might_sleep+0x95/0x190 [ 253.247706] binder_ioctl+0x1de/0x10d6 [ 253.251601] ? mark_held_locks+0x100/0x100 [ 253.255852] ? binder_ioctl_write_read.isra.0+0x8d0/0x8d0 [ 253.261398] ? __fget+0x340/0x540 [ 253.264869] ? __might_sleep+0x95/0x190 [ 253.268854] ? binder_ioctl_write_read.isra.0+0x8d0/0x8d0 [ 253.274403] do_vfs_ioctl+0xd5f/0x1380 [ 253.278297] ? selinux_file_ioctl+0x46f/0x5e0 [ 253.282801] ? selinux_file_ioctl+0x125/0x5e0 [ 253.287305] ? ioctl_preallocate+0x210/0x210 [ 253.291722] ? selinux_file_mprotect+0x620/0x620 [ 253.296491] ? iterate_fd+0x360/0x360 [ 253.300304] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 253.305852] ? fput+0x128/0x1a0 [ 253.309148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 253.314693] ? security_file_ioctl+0x8d/0xc0 [ 253.319116] ksys_ioctl+0xab/0xd0 [ 253.322582] __x64_sys_ioctl+0x73/0xb0 [ 253.326479] do_syscall_64+0xfd/0x620 [ 253.330292] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.335492] RIP: 0033:0x459a29 [ 253.338692] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.361766] RSP: 002b:00007f3c39488c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.369480] RAX: ffffffffffffffda RBX: 00007f3c39488c90 RCX: 0000000000459a29 22:26:37 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x5) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 253.376757] RDX: 00000000200001c0 RSI: 00000000c0306201 RDI: 0000000000000003 [ 253.384029] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 253.391303] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c394896d4 [ 253.398579] R13: 00000000004c0f6e R14: 00000000004d4510 R15: 0000000000000005 [ 253.418724] binder: 14738:14744 ioctl c0306201 200001c0 returned -12 22:26:37 executing program 3 (fault-call:3 fault-nth:1): r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 253.520330] x86/PAT: syz-executor.4:14802 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 253.575467] FAULT_INJECTION: forcing a failure. [ 253.575467] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 253.614560] CPU: 1 PID: 14804 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 253.621528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.630889] Call Trace: [ 253.633491] dump_stack+0x172/0x1f0 [ 253.637139] should_fail.cold+0xa/0x1b [ 253.641048] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 253.646171] ? __might_sleep+0x95/0x190 [ 253.650156] __alloc_pages_nodemask+0x1ee/0x750 [ 253.654839] ? __alloc_pages_slowpath+0x2870/0x2870 [ 253.659867] ? lockdep_hardirqs_on+0x415/0x5d0 [ 253.664459] ? trace_hardirqs_on+0x67/0x220 [ 253.668788] ? kasan_check_read+0x11/0x20 [ 253.672954] copy_process.part.0+0x3e0/0x7a30 [ 253.677468] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 253.683019] ? proc_fail_nth_write+0x9d/0x1e0 [ 253.687520] ? proc_cwd_link+0x1d0/0x1d0 [ 253.691588] ? __f_unlock_pos+0x19/0x20 [ 253.695576] ? find_held_lock+0x35/0x130 [ 253.699668] ? __cleanup_sighand+0x70/0x70 [ 253.703911] ? lock_downgrade+0x880/0x880 [ 253.708067] ? kasan_check_write+0x14/0x20 [ 253.712303] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 253.717160] _do_fork+0x257/0xfd0 [ 253.720631] ? fork_idle+0x1d0/0x1d0 [ 253.724354] ? fput+0x128/0x1a0 [ 253.727644] ? ksys_write+0x1f1/0x2d0 [ 253.731476] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 253.736245] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 253.741012] ? do_syscall_64+0x26/0x620 [ 253.744994] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.750362] ? do_syscall_64+0x26/0x620 [ 253.754363] __x64_sys_clone+0xbf/0x150 [ 253.758350] do_syscall_64+0xfd/0x620 [ 253.762167] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.767364] RIP: 0033:0x459a29 [ 253.770559] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.789464] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 253.797190] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 253.804464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 253.811739] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 253.819015] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 22:26:37 executing program 5: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x2000000000000193, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x3, r0, &(0x7f0000000000)="2f2fbbe8ca7022bde357ff5aa8279d919faa", 0x12, 0xc00}]) ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381) 22:26:37 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) 22:26:38 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x2, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 253.826295] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:38 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 253.947359] x86/PAT: syz-executor.4:14804 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 254.001755] x86/PAT: syz-executor.4:14804 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:38 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x2, 0x0) fcntl$setstatus(r0, 0x4, 0x4c000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r2, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:38 executing program 4 (fault-call:9 fault-nth:2): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:38 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x2, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:38 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x598, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:38 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x297ef) [ 254.177719] x86/PAT: syz-executor.4:14932 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:38 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_GET_NR_MMU_PAGES(r2, 0xae45, 0x3) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 254.251512] FAULT_INJECTION: forcing a failure. [ 254.251512] name failslab, interval 1, probability 0, space 0, times 0 22:26:38 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x4b47, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 254.313820] CPU: 0 PID: 14972 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 254.320789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.330148] Call Trace: [ 254.332755] dump_stack+0x172/0x1f0 [ 254.336402] should_fail.cold+0xa/0x1b [ 254.340308] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 254.345424] ? lock_downgrade+0x880/0x880 [ 254.349587] __should_failslab+0x121/0x190 [ 254.353829] should_failslab+0x9/0x14 [ 254.357637] kmem_cache_alloc+0x2ae/0x700 [ 254.361794] ? creds_are_invalid+0x59/0x150 [ 254.366131] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 254.371676] ? __validate_process_creds+0x1d9/0x300 [ 254.376703] prepare_creds+0x3e/0x400 [ 254.380515] copy_creds+0x7b/0x610 [ 254.384064] ? lockdep_init_map+0x9/0x10 [ 254.388136] copy_process.part.0+0xb54/0x7a30 [ 254.392643] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 254.398172] ? proc_fail_nth_write+0x9d/0x1e0 [ 254.402654] ? proc_cwd_link+0x1d0/0x1d0 [ 254.406704] ? __f_unlock_pos+0x19/0x20 [ 254.410670] ? find_held_lock+0x35/0x130 [ 254.414726] ? __cleanup_sighand+0x70/0x70 [ 254.418960] ? lock_downgrade+0x880/0x880 [ 254.423104] ? kasan_check_write+0x14/0x20 [ 254.427329] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 254.432163] _do_fork+0x257/0xfd0 [ 254.435607] ? fork_idle+0x1d0/0x1d0 [ 254.439414] ? fput+0x128/0x1a0 [ 254.442682] ? ksys_write+0x1f1/0x2d0 [ 254.446476] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.451230] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.455986] ? do_syscall_64+0x26/0x620 [ 254.459961] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.465315] ? do_syscall_64+0x26/0x620 [ 254.469281] __x64_sys_clone+0xbf/0x150 [ 254.473262] do_syscall_64+0xfd/0x620 [ 254.477056] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.482243] RIP: 0033:0x459a29 [ 254.485425] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 254.504316] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:26:38 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x5a0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 254.512016] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 254.519274] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 254.526532] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 254.533788] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 254.541043] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 254.614040] binder: 15048:15053 ioctl 4b47 200001c0 returned -22 22:26:38 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x4b49, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:39 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r4) syz_mount_image$minix(&(0x7f0000000040)='minix\x00', &(0x7f0000000100)='./bus\x00', 0x2, 0x4, &(0x7f00000003c0)=[{&(0x7f0000000140)="f70e1c490a8ac4453b8eb831fefedac6acb3169645e5b390d4f0893e17dac8ec7e08f55cea", 0x25, 0x72c}, {&(0x7f0000000200)="e67be08d32fcb895c56b22263f4b80655498ec29c643f90f85055a82cebeecbff5da3e3dfbf85e3c68375e18305d6086493c7c32caf4c29ef564236c0cbc588afe5f6f776bcf5cab3e12ce461012f930c043541852430399af8f7a0c67caf8d7ca35052f6a1b831c67cb4eb14ca1bcadedb4f2647b23f8b0fe82c1a644f6436e8e2b445c4143ea3c5c4811ba0eb41cb88f3e88a0fe50b4cc74126f2862123c3c6b4a06779d449d01", 0xa8, 0x81}, {&(0x7f0000000180)="9047936d84bf64986406d6bf27c27ada51a773f8bcf720bf4cf0086956c532f6b3082ba028d04d92ede6093bd5023b4da62f35", 0x33, 0x34}, {&(0x7f00000002c0)="8be2e82064527b7d50033c665356be1a3f7225d39cdaa43775a5866a2d3a7d5bcf90e403e124ceeae62a39e0c1c3c5de1a8bf0b380eba4f31aa9062004235cea95e83c7b5f3b386c3b1abe78967b92e99fd6ef2befc7079d2f4ee991dedd51bad36c46f92b7fa26e2b182ba15601dbadaf98ba579eb2f768dcd1b29cd771588e6b6a8f6c9bbd5b61811c6e4543a6b15009ce6b27c7a7833120858c1574e6ca898ec31495a3e27f27c2dc4fe0cacf82af768ad867c51ad84d554d1474e910bf12b8e5dd45485a3ecf2be852703943d885b36219d808c01c98096ea605a0fe6e30c0780a49a5b9e4bb07c4dbe438ce5b78e58416e495775ed8b99e772b", 0xfc, 0x2}], 0x1, 0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 254.688913] x86/PAT: syz-executor.4:14972 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:39 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x5c8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 254.763527] binder: 15157:15160 ioctl 4b49 200001c0 returned -22 [ 254.781241] x86/PAT: syz-executor.4:14972 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:39 executing program 4 (fault-call:9 fault-nth:3): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 254.812585] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop5. 22:26:39 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x541b, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:39 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x297ef) [ 254.885267] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop5. 22:26:39 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xb30, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 254.987600] x86/PAT: syz-executor.4:15276 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:39 executing program 5: pwritev(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)) [ 255.029606] binder: 15278:15279 ioctl 541b 200001c0 returned -22 [ 255.032002] FAULT_INJECTION: forcing a failure. [ 255.032002] name failslab, interval 1, probability 0, space 0, times 0 [ 255.077692] CPU: 1 PID: 15276 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 255.084667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.094028] Call Trace: [ 255.096629] dump_stack+0x172/0x1f0 [ 255.100279] should_fail.cold+0xa/0x1b [ 255.104186] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 255.109297] ? lock_downgrade+0x880/0x880 [ 255.113470] __should_failslab+0x121/0x190 [ 255.117723] should_failslab+0x9/0x14 [ 255.121539] __kmalloc_track_caller+0x2de/0x750 [ 255.126229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.131778] ? selinux_cred_prepare+0x49/0xb0 [ 255.136282] kmemdup+0x27/0x60 [ 255.139472] selinux_cred_prepare+0x49/0xb0 [ 255.143789] security_prepare_creds+0x77/0xc0 [ 255.148282] prepare_creds+0x32a/0x400 [ 255.152161] copy_creds+0x7b/0x610 [ 255.155692] ? lockdep_init_map+0x9/0x10 [ 255.159746] copy_process.part.0+0xb54/0x7a30 [ 255.164235] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 255.169788] ? proc_fail_nth_write+0x9d/0x1e0 [ 255.174276] ? proc_cwd_link+0x1d0/0x1d0 [ 255.178329] ? __f_unlock_pos+0x19/0x20 [ 255.182295] ? find_held_lock+0x35/0x130 [ 255.186353] ? __cleanup_sighand+0x70/0x70 [ 255.190574] ? lock_downgrade+0x880/0x880 [ 255.194723] ? kasan_check_write+0x14/0x20 [ 255.198949] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 255.203783] _do_fork+0x257/0xfd0 [ 255.207229] ? fork_idle+0x1d0/0x1d0 [ 255.210933] ? fput+0x128/0x1a0 [ 255.214202] ? ksys_write+0x1f1/0x2d0 [ 255.217999] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 255.222742] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 255.227497] ? do_syscall_64+0x26/0x620 [ 255.231472] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.236826] ? do_syscall_64+0x26/0x620 [ 255.240794] __x64_sys_clone+0xbf/0x150 [ 255.244758] do_syscall_64+0xfd/0x620 [ 255.248550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.253743] RIP: 0033:0x459a29 [ 255.256935] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:26:39 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x5421, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 255.275913] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 255.283615] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 255.290875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 255.298132] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 255.305405] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 255.312662] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:39 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000200)="9510592fbe59cfa01155ac41b0e8c19d35af7ddfee41aebc545be970afe82e75d27d51efab93691fbaaac468c26d33e423f27a39b822c2ce84d5ed7b53c2d9b8b19e27c1de97c37c41262e15ed5243c8793a61ec57b8f65a40167a2b6069abd9b954bfbd85a6a35cd60fb08f17a8a3fa7277f4be7bf038e0f287e118c274051b4e4f836e1a61ae11e095a9a64b1bbbde6d1b50eefca3eef678890b8faf134a77c55952474f1ebeeb9079416150cecb6d3c3f91b96c28c6464365732f06358e01fb27a6432123f6f3dc0f959e14556c3675af8c85138a9a53ec92989994ac303f53a44507d5bcaea65a195d1b0413ec4ef344edc2ceccdc0c9f418bf5a51a2318") [ 255.356221] x86/PAT: syz-executor.4:15276 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 255.403163] x86/PAT: syz-executor.4:15276 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:39 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x5450, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:39 executing program 4 (fault-call:9 fault-nth:4): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:39 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x10c8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:39 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) fchdir(r0) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000000)=0x8, 0x4) 22:26:39 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x5451, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 255.632009] FAULT_INJECTION: forcing a failure. [ 255.632009] name failslab, interval 1, probability 0, space 0, times 0 22:26:39 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x1660, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 255.727638] CPU: 1 PID: 15405 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 255.734618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.744073] Call Trace: [ 255.746687] dump_stack+0x172/0x1f0 [ 255.750343] should_fail.cold+0xa/0x1b [ 255.754250] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 255.759629] ? lock_downgrade+0x880/0x880 [ 255.763801] __should_failslab+0x121/0x190 [ 255.768062] should_failslab+0x9/0x14 [ 255.771875] kmem_cache_alloc+0x2ae/0x700 [ 255.776044] ? creds_are_invalid+0x59/0x150 [ 255.780376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.785924] ? selinux_is_enabled+0x43/0x60 [ 255.790258] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 255.795814] ? creds_are_invalid+0x59/0x150 [ 255.800158] __delayacct_tsk_init+0x20/0x80 [ 255.804494] copy_process.part.0+0x350b/0x7a30 [ 255.809096] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 255.814644] ? proc_fail_nth_write+0x9d/0x1e0 [ 255.819145] ? proc_cwd_link+0x1d0/0x1d0 [ 255.823227] ? __f_unlock_pos+0x19/0x20 [ 255.827308] ? find_held_lock+0x35/0x130 [ 255.831392] ? __cleanup_sighand+0x70/0x70 [ 255.835635] ? lock_downgrade+0x880/0x880 [ 255.839980] ? kasan_check_write+0x14/0x20 [ 255.844228] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 255.849086] _do_fork+0x257/0xfd0 [ 255.852561] ? fork_idle+0x1d0/0x1d0 [ 255.856293] ? fput+0x128/0x1a0 [ 255.859593] ? ksys_write+0x1f1/0x2d0 [ 255.863419] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 255.868191] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 255.872958] ? do_syscall_64+0x26/0x620 [ 255.876956] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.882331] ? do_syscall_64+0x26/0x620 [ 255.886320] __x64_sys_clone+0xbf/0x150 [ 255.890316] do_syscall_64+0xfd/0x620 [ 255.894138] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 255.899446] RIP: 0033:0x459a29 [ 255.902650] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 255.921564] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 255.929268] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 255.936531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 255.943792] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 255.951048] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 255.958304] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:40 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_crypto(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2010080}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="f0000000110008002bbd7000fbdbdf256c72772863616d656c6c696129000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000e014a4fab95f79f0f510483b745445000000000000000008000100ff"], 0xf0}, 0x1, 0x0, 0x0, 0xaba8349e7a26c43b}, 0xc4864) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f0000000000)=0x0) r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000280)='/selinux/commit_pending_bools\x00', 0x1, 0x0) sendmsg$key(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x2, 0x1, 0x7, 0x9, 0x16, 0x0, 0x70bd27, 0x25dfdbfc, [@sadb_x_policy={0x8, 0x12, 0x1, 0x1, 0x0, 0x6e6bb8, 0x2, {0x6, 0x78, 0x20, 0x0, 0x0, 0x7, 0x0, @in6=@empty, @in=@rand_addr=0x9}}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e22, 0x10000, @empty, 0x10000}}, @sadb_sa={0x2, 0x1, 0x4d5, 0x9, 0x87, 0x95, 0x4, 0x80000000}, @sadb_x_nat_t_port={0x1, 0x15, 0x4e23}, @sadb_sa={0x2, 0x1, 0x4d2, 0x0, 0x2, 0x3b, 0x2, 0x40000000}]}, 0xb0}}, 0x4000000) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:40 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x297ef) 22:26:40 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x5452, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:40 executing program 4 (fault-call:9 fault-nth:5): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:40 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x1bf8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:40 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000040)) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000003, 0x10010, r2, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x0, 0xc00}]) 22:26:40 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x5460, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 256.277199] x86/PAT: syz-executor.4:15643 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 256.295635] FAULT_INJECTION: forcing a failure. [ 256.295635] name failslab, interval 1, probability 0, space 0, times 0 [ 256.323159] CPU: 1 PID: 15643 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 256.330126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.330132] Call Trace: [ 256.330154] dump_stack+0x172/0x1f0 [ 256.330175] should_fail.cold+0xa/0x1b [ 256.349616] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 256.354735] ? lock_downgrade+0x880/0x880 [ 256.358905] __should_failslab+0x121/0x190 [ 256.363157] should_failslab+0x9/0x14 [ 256.366968] kmem_cache_alloc+0x2ae/0x700 [ 256.371130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 256.376682] ? perf_event_init_task+0x19f/0x7a0 [ 256.381367] ? trace_hardirqs_on+0x67/0x220 [ 256.385710] dup_fd+0x85/0xb30 [ 256.388925] ? selinux_task_alloc+0xaf/0xd0 [ 256.393263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 256.398812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 256.404362] copy_process.part.0+0x1e6a/0x7a30 [ 256.408961] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 256.414508] ? proc_fail_nth_write+0x9d/0x1e0 [ 256.419016] ? proc_cwd_link+0x1d0/0x1d0 [ 256.423178] ? __f_unlock_pos+0x19/0x20 [ 256.427174] ? __cleanup_sighand+0x70/0x70 [ 256.431419] ? lock_downgrade+0x880/0x880 [ 256.435587] ? kasan_check_write+0x14/0x20 [ 256.439829] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 256.444691] _do_fork+0x257/0xfd0 [ 256.448161] ? fork_idle+0x1d0/0x1d0 [ 256.451888] ? fput+0x128/0x1a0 [ 256.455179] ? ksys_write+0x1f1/0x2d0 [ 256.458996] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 256.463786] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 256.468549] ? do_syscall_64+0x26/0x620 [ 256.472533] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.477903] ? do_syscall_64+0x26/0x620 [ 256.481890] __x64_sys_clone+0xbf/0x150 [ 256.485877] do_syscall_64+0xfd/0x620 [ 256.489692] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 256.494885] RIP: 0033:0x459a29 [ 256.498082] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 256.516991] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:26:40 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x2190, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 256.524716] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 256.531995] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 256.539276] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 256.546555] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 256.553830] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:40 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x40046205, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:40 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000040)) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) [ 256.636037] audit: type=1400 audit(1569968800.922:67): avc: denied { map } for pid=15685 comm="syz-executor.5" path="socket:[46054]" dev="sockfs" ino=46054 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=rawip_socket permissive=1 [ 256.651860] x86/PAT: syz-executor.4:15643 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 256.672040] x86/PAT: syz-executor.4:15643 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:41 executing program 4 (fault-call:9 fault-nth:6): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:41 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0xffffffffffffff3c, 0x0, 0x0, 0xffffffffffffff31) ioctl$KVM_GET_NR_MMU_PAGES(r2, 0xae45, 0x80000001) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:41 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x2728, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:41 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x40046207, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 256.863620] x86/PAT: syz-executor.4:15870 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 256.904777] FAULT_INJECTION: forcing a failure. [ 256.904777] name failslab, interval 1, probability 0, space 0, times 0 [ 256.955036] CPU: 1 PID: 15870 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 256.962008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.971370] Call Trace: [ 256.973968] dump_stack+0x172/0x1f0 [ 256.973990] should_fail.cold+0xa/0x1b [ 256.974008] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 256.981513] ? lock_downgrade+0x880/0x880 [ 256.981541] __should_failslab+0x121/0x190 [ 256.981561] should_failslab+0x9/0x14 [ 256.981576] kmem_cache_alloc_trace+0x2cc/0x760 [ 256.981591] ? lock_downgrade+0x880/0x880 [ 256.981608] ? __lock_is_held+0xb6/0x140 [ 256.981628] alloc_fdtable+0x86/0x290 [ 256.981649] dup_fd+0x743/0xb30 [ 257.018822] copy_process.part.0+0x1e6a/0x7a30 [ 257.023426] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 257.028973] ? proc_fail_nth_write+0x9d/0x1e0 [ 257.033475] ? proc_cwd_link+0x1d0/0x1d0 [ 257.037549] ? __f_unlock_pos+0x19/0x20 [ 257.041544] ? __cleanup_sighand+0x70/0x70 [ 257.045791] ? lock_downgrade+0x880/0x880 [ 257.049957] ? kasan_check_write+0x14/0x20 [ 257.049973] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 257.049996] _do_fork+0x257/0xfd0 [ 257.062502] ? fork_idle+0x1d0/0x1d0 [ 257.062519] ? fput+0x128/0x1a0 [ 257.062537] ? ksys_write+0x1f1/0x2d0 [ 257.073306] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 257.078083] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 257.082858] ? do_syscall_64+0x26/0x620 [ 257.086846] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.092213] ? do_syscall_64+0x26/0x620 [ 257.096195] __x64_sys_clone+0xbf/0x150 [ 257.100164] do_syscall_64+0xfd/0x620 [ 257.103963] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 257.109143] RIP: 0033:0x459a29 [ 257.112326] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 257.131215] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 257.138915] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 257.146179] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 22:26:41 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) 22:26:41 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x40046208, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 257.153440] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 257.160709] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 257.167992] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:41 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x40049409, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:41 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x2cc0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:41 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x40086602, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 257.449263] x86/PAT: syz-executor.4:15870 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 257.488759] binder: 15997:16005 ioctl 40086602 200001c0 returned -22 22:26:41 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x6, 0x0) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000040), &(0x7f0000000100)=0x4) [ 257.497093] x86/PAT: syz-executor.4:15870 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:41 executing program 4 (fault-call:9 fault-nth:7): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:41 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x40087602, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:41 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) 22:26:41 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x3258, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:42 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fchmod(r1, 0xa0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r2, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:42 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x4020940d, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 257.734599] binder: 16111:16114 ioctl 40087602 200001c0 returned -22 22:26:42 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x37f0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 257.890811] x86/PAT: syz-executor.4:16224 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 257.931649] FAULT_INJECTION: forcing a failure. [ 257.931649] name failslab, interval 1, probability 0, space 0, times 0 [ 257.988408] CPU: 1 PID: 16224 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 257.998061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.008016] Call Trace: [ 258.010659] dump_stack+0x172/0x1f0 [ 258.014347] should_fail.cold+0xa/0x1b [ 258.019954] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 258.027552] ? lock_downgrade+0x880/0x880 [ 258.037984] __should_failslab+0x121/0x190 [ 258.043412] should_failslab+0x9/0x14 [ 258.047955] kmem_cache_alloc_node_trace+0x274/0x720 [ 258.061830] ? alloc_fdtable+0x86/0x290 [ 258.066341] __kmalloc_node+0x3d/0x80 [ 258.071513] kvmalloc_node+0x68/0x100 [ 258.076439] alloc_fdtable+0xd6/0x290 [ 258.083760] dup_fd+0x743/0xb30 [ 258.088675] copy_process.part.0+0x1e6a/0x7a30 [ 258.096326] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 258.104247] ? proc_fail_nth_write+0x9d/0x1e0 [ 258.110744] ? proc_cwd_link+0x1d0/0x1d0 [ 258.116343] ? __f_unlock_pos+0x19/0x20 [ 258.123009] ? __cleanup_sighand+0x70/0x70 [ 258.127363] ? lock_downgrade+0x880/0x880 [ 258.132486] ? kasan_check_write+0x14/0x20 [ 258.140322] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 258.147081] _do_fork+0x257/0xfd0 [ 258.151258] ? fork_idle+0x1d0/0x1d0 [ 258.155213] ? fput+0x128/0x1a0 [ 258.160785] ? ksys_write+0x1f1/0x2d0 [ 258.166251] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 258.173323] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 258.179196] ? do_syscall_64+0x26/0x620 [ 258.184239] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.191118] ? do_syscall_64+0x26/0x620 [ 258.195132] __x64_sys_clone+0xbf/0x150 [ 258.200743] do_syscall_64+0xfd/0x620 [ 258.205396] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 258.210987] RIP: 0033:0x459a29 [ 258.217128] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 258.239855] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 258.248391] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 258.258654] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 258.270816] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 258.281970] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 22:26:42 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) 22:26:42 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x111, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r3, &(0x7f0000000200)={0x8, 0x120, 0xfa00, {0x3, {0x7f, 0x3, "bc0c7aa4c1ad95cd3105c6ee17708bf3fba0be2e95ce9237184f4907bc83db6f5e134fdd1e92a9b14b22dc7d3698d1664f58ce59931417c89782abfec579b119f9dd5458171cc3e3314455142d4aa11ff6f1eb8a999abf5fc2807e13f01ac5027f5f2f0073530b5ee6679a289ea350ca09d7beeef457f3e0d8f7276dbb6527567ab6f56eb7627a1049991face95c8acb588ad2b5d41633c9e2854f2e9dcf4534e6e4b265d65ef34355989733121b28018a050bc2302a0524652964b1a3376727802185b8bdd9cfc3d19d97605e0b46656503c301dc5b8dad156c349657c478fd684469f23021b583be5ccbf866ed7c922f2713e5109e9d9babdc2ac5357b9549", 0x89, 0x6, 0x1, 0x9, 0x1e, 0x8, 0x20, 0x1}, r4}}, 0x128) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000)="ab9a0ef58135ca0a85b8fd0632e2cd0ed666e5100ecf3b90675d245b13e1564b61e55afb3c42f0487620776d16cf3df38a0a415e40de02f00de005fc171b6368e50688acfee52f032b310595b85ec7ed56810447a0e4d24cc42cbd5498ab5f387e53b0654cb3ba5016aea7fb", 0x6c, 0xc00}]) clock_nanosleep(0x5, 0x0, &(0x7f0000000180), &(0x7f0000000340)) r5 = creat(&(0x7f0000000380)='./file0\x00', 0x9) epoll_pwait(r3, &(0x7f0000000400)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x8001, &(0x7f00000004c0)={0x1}, 0x8) ioctl$VIDIOC_ENUM_FRAMESIZES(r5, 0xc02c564a, &(0x7f00000003c0)={0x8, 0x41415270, 0x3, @stepwise={0x34d7, 0xffff, 0x9, 0x9, 0x8, 0x3f}}) 22:26:42 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x80086601, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 258.290797] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 258.340236] x86/PAT: syz-executor.4:16224 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:42 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x3d88, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 258.399875] binder: 16336:16337 ioctl 80086601 200001c0 returned -22 [ 258.433157] x86/PAT: syz-executor.4:16224 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:42 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0x80087601, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:42 executing program 4 (fault-call:9 fault-nth:8): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:42 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000), 0x0) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) 22:26:42 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") setsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f0000000000), 0x4) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 258.561626] binder: 16343:16345 ioctl 80087601 200001c0 returned -22 22:26:42 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0045878, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:43 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x4320, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:43 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) [ 258.751042] x86/PAT: syz-executor.4:16458 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:43 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fstat(0xffffffffffffffff, &(0x7f00000009c0)) fcntl$setstatus(r0, 0x4, 0x44000) creat(&(0x7f0000000a40)='./bus\x00', 0x21) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt(0xffffffffffffffff, 0x3, 0x1, &(0x7f0000000140)=""/122, &(0x7f0000000200)=0x7a) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000280)='/dev/full\x00', 0x111000, 0x0) io_submit(0x0, 0x7, &(0x7f0000000980)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x7, r3, &(0x7f0000000240)="0f529443e47a5e263c8c1ff5414213ac8c2d4ab739c87cb0926a683467def7e35a4a22dba7eb3778d5e8b9f6a7c7197f0e6e7d2ebc6ea908d62ed943", 0x3c, 0x7, 0x0, 0x0, r4}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x7, 0x800, r0, &(0x7f0000000300)="4bfdf7b61b0d480624a40f35b9c5fc7be841be2abee499a4cf63b2ef5314bdfb3ddfeef78cc6720d052491f9399802f48fd2169d56640a0f45fdeadc4f1214ef9c8c5f623fac51fc5876ff6a811f6774e5db87bbc805a324ab30cfda66a055e66fb595a1db2dff1d0664a64f8872149ad88a1a7d7bc937065500e5aec144e45c34dce74d4e85e60c024cb9d0", 0x8c, 0x6, 0x0, 0x1, r3}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x7, 0x8, r2, &(0x7f0000000580)="523ac3a91f1b150d1b26afea16756e85ea18960e82f31e4b3d39387622bd83a4184f27a706f507dec28f281a3360abb0fcf23f00805bed9041c33f381dcd492fff87cc3a5f052df777b280541676a6f7e3f5591ddcf006a2e0eea2c437faa8c696bc30d47e03707a0e6c4b5fc73e66498fb26f9ffa04fd5aafe41c2fe903c83499ef5e34d167324ced964400530e2b97cc487719b7abb04990908d0afa82ab43fce39fa32d25e1980dffbf70cdc7822e533eb3c4d21487a58b27", 0xba, 0x3ff, 0x0, 0x1}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x8, 0x1, r0, &(0x7f0000000640)="a10f9530657321bfe37d2cf701566e808efc7ffb61d26b63eb7fabbd81d4184a45093e4a5f7fa59be22d824ae6b3849be63b653c089c24968281c2387fe39ec6a962898839bc080901ef63555bf7b6a2a431a99fea9bde97a89a61f7df55ad971c2e4e52159ed20b9fea7cc53dc38b7112335968a9bd66bff36213be7eab0ed5dad9b368feccae8d176778adf1f0508db03c3f43fc322ce9b875228ea181dc1c361d7daea5cb00bf952db3946d6d228e80dbdef754e4210e9ca2d3432060b6780a4e717b45b46bc593c0fd22f67f549f5e70eaa025dbfda65606e314ddfd3cf350ba9b06913f468924cccaadcab5f10964e09b94be595159469f7e20", 0xfc, 0x6, 0x0, 0x3, r2}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0x0, r0, &(0x7f00000004c0)="f6af8014ef568617edcd89d6c21e2da5e2ab05976570860a8eef0ef2b00e2bf3a2ee307a4eaf19b71009b9abbb77deb8dd541a7a7b0b14f8083882", 0x3b, 0x1cc, 0x0, 0x2}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x7, 0x800, r0, &(0x7f0000000840)="bc12d3a88239527ece5b369ed89c360cc4ffcd4a80dd9c6ca95aba3ae4244b5bd48ff1b949ea1743abd1282a6282e795596858f7f7cbbd1511cf32efee10a0ea69f1b5ce227a268cee62efb4a003ecee2aa654b5cd75fe4ee06898b102c60b47e79d47f38d4b54cd8eaaf8ffff9eca44934853823f0564275a38b4bfd10327d5b38c81ae9d2524c01641acd5f6e228a7c26c5127f07a81031e1654fcdbb873d5ec4c962c3bf38a138fbacbeb2a9bacc48f652abf26e9a42a46f24036fdd99145ed0b1c05f3067cac819f6e2cdb201a7ca28fb5762c8f9029fde79265dafab1afda36bacce8397e93fc009af75b11a14c5b0e3117", 0xf4, 0x80, 0x0, 0x3}, &(0x7f0000000940)={0x0, 0x0, 0x0, 0xf390f7cb4db9da78, 0x2, r0, &(0x7f0000000780)="acae7b928844680e7edcb422e4a18a0b4f37a2b037f4f8ed1d848590292e3075adc1e005e9e81b4ac64e0f76eb203d89a3df13436fa45742c30bdf9e5a6b04ab83", 0x41, 0x8, 0x0, 0x1, r0}]) accept$unix(r3, &(0x7f0000000000), &(0x7f0000000100)=0x6e) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 258.831018] FAULT_INJECTION: forcing a failure. [ 258.831018] name failslab, interval 1, probability 0, space 0, times 0 [ 258.883359] CPU: 1 PID: 16464 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 258.895640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.907900] Call Trace: [ 258.911092] dump_stack+0x172/0x1f0 [ 258.915192] should_fail.cold+0xa/0x1b [ 258.919283] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 258.924769] ? lock_downgrade+0x880/0x880 [ 258.929419] __should_failslab+0x121/0x190 [ 258.933787] should_failslab+0x9/0x14 [ 258.938425] kmem_cache_alloc_node_trace+0x274/0x720 [ 258.947639] ? alloc_fdtable+0x86/0x290 [ 258.954193] ? kasan_unpoison_shadow+0x35/0x50 [ 258.960554] __kmalloc_node+0x3d/0x80 [ 258.964911] kvmalloc_node+0x68/0x100 [ 258.969883] alloc_fdtable+0x142/0x290 [ 258.975060] dup_fd+0x743/0xb30 [ 258.979076] copy_process.part.0+0x1e6a/0x7a30 [ 258.983781] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 258.990819] ? proc_fail_nth_write+0x9d/0x1e0 [ 258.997142] ? proc_cwd_link+0x1d0/0x1d0 [ 259.006243] ? __f_unlock_pos+0x19/0x20 [ 259.011222] ? __cleanup_sighand+0x70/0x70 [ 259.020590] ? lock_downgrade+0x880/0x880 [ 259.026381] ? kasan_check_write+0x14/0x20 [ 259.032755] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 259.039375] _do_fork+0x257/0xfd0 [ 259.043470] ? fork_idle+0x1d0/0x1d0 [ 259.047644] ? fput+0x128/0x1a0 [ 259.051969] ? ksys_write+0x1f1/0x2d0 [ 259.055977] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 259.061214] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 259.066088] ? do_syscall_64+0x26/0x620 [ 259.070132] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.075654] ? do_syscall_64+0x26/0x620 [ 259.080817] __x64_sys_clone+0xbf/0x150 [ 259.085188] do_syscall_64+0xfd/0x620 [ 259.089722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.095027] RIP: 0033:0x459a29 [ 259.098543] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 259.125158] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:26:43 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0045878, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:43 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0046209, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:43 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc018620b, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 259.133909] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 259.142067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 259.151379] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 259.159589] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 259.167427] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:43 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0189436, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:43 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x48b8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 259.254867] x86/PAT: syz-executor.4:16455 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:43 executing program 4 (fault-call:9 fault-nth:9): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:43 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r4, 0x4008642b, &(0x7f0000000200)={r7, 0x30}) r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r8, &(0x7f0000000080), 0x297ef) 22:26:43 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) write$binfmt_elf64(r0, &(0x7f0000000b80)=ANY=[@ANYBLOB="7f454c461f004000000080010000000003003e0005000000d5010000000000004000000000000000650100000000000000020000030038000200070003000800060000007f0000000200000000000000010000000000000008000000000000000700000000000000ff0f00000000000034f0000000000000805a2e433930299f9b7a177a2eb02add3c8a1f5907e02c177338173c3b4b16367ff1bbff1e9143c0c615fa9b7688967dc122269ef9a9b83a9078c8aa50a2dac5bfa741e78af62bb45143bca9d543ba762b30ad9e00087df72c4863f8314b3d4136d46cd3b8b9116484976abfe2879210b1274f7a00847db65324545920440474f0f44bf300b0b5afc57cf06a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e58362332af5f9a628a447900"/776], 0x304) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:43 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc020660b, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 259.339449] x86/PAT: syz-executor.4:16455 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:43 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x4e50, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:43 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {}, {}, {}]}) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r7, &(0x7f0000000080), 0x297ef) 22:26:43 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x12, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:43 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x12d) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x2002, 0x0) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) socket$inet6(0xa, 0x2, 0x8) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 259.560519] x86/PAT: syz-executor.4:16701 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 259.627842] binder: 16706:16708 unknown command 0 [ 259.666946] binder: 16706:16708 ioctl c0306201 200001c0 returned -22 [ 259.689897] FAULT_INJECTION: forcing a failure. [ 259.689897] name failslab, interval 1, probability 0, space 0, times 0 22:26:44 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x1200, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 259.785622] CPU: 1 PID: 16701 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 259.794798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.807810] Call Trace: [ 259.812433] dump_stack+0x172/0x1f0 [ 259.816292] should_fail.cold+0xa/0x1b [ 259.820841] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 259.829834] ? lock_downgrade+0x880/0x880 [ 259.837984] __should_failslab+0x121/0x190 [ 259.842436] should_failslab+0x9/0x14 [ 259.848859] kmem_cache_alloc+0x2ae/0x700 [ 259.854340] ? dup_fd+0x5c1/0xb30 [ 259.858006] copy_fs_struct+0x43/0x2d0 [ 259.862765] copy_process.part.0+0x377d/0x7a30 [ 259.867557] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 259.873805] ? proc_fail_nth_write+0x9d/0x1e0 [ 259.880409] ? proc_cwd_link+0x1d0/0x1d0 [ 259.884497] ? __f_unlock_pos+0x19/0x20 [ 259.888503] ? __cleanup_sighand+0x70/0x70 [ 259.892846] ? lock_downgrade+0x880/0x880 [ 259.897116] ? kasan_check_write+0x14/0x20 [ 259.901561] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 259.906439] _do_fork+0x257/0xfd0 [ 259.909926] ? fork_idle+0x1d0/0x1d0 [ 259.913656] ? fput+0x128/0x1a0 [ 259.917390] ? ksys_write+0x1f1/0x2d0 [ 259.921225] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 259.926093] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 259.930958] ? do_syscall_64+0x26/0x620 22:26:44 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x53e8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:44 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x1000000, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:44 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x5980, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 259.934974] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.941072] ? do_syscall_64+0x26/0x620 [ 259.945581] __x64_sys_clone+0xbf/0x150 [ 259.945600] do_syscall_64+0xfd/0x620 [ 259.945622] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 259.959121] RIP: 0033:0x459a29 [ 259.959138] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 259.959146] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 259.959163] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 259.959171] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 259.959178] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 259.959185] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 259.959192] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 260.219748] x86/PAT: syz-executor.4:16701 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 260.273023] x86/PAT: syz-executor.4:16701 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:44 executing program 4 (fault-call:9 fault-nth:10): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:44 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {}, {}, {}]}) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r7, &(0x7f0000000080), 0x297ef) 22:26:44 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") pwritev(r1, &(0x7f0000000800), 0x10000199, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='westwood\x00', 0x9) io_submit(r2, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:44 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x12000000, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:44 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x5f18, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:44 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0xfdfdffff, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:44 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) shutdown(r0, 0x1) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) ioctl$VIDIOC_DECODER_CMD(0xffffffffffffffff, 0xc0485660, &(0x7f0000000000)={0x3, 0x1, @raw_data=[0x7, 0x3, 0x3, 0x33, 0x3, 0x76f3, 0x5c, 0x6, 0x800, 0x5, 0x9, 0x2498, 0x7, 0x9, 0x9, 0x7fffffff]}) [ 260.501691] FAULT_INJECTION: forcing a failure. [ 260.501691] name failslab, interval 1, probability 0, space 0, times 0 22:26:44 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x64b0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:44 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f0000000100)=[{}, {}, {}, {}, {}]}) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r7, &(0x7f0000000080), 0x297ef) [ 260.635832] CPU: 1 PID: 17133 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 260.646610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.664749] Call Trace: [ 260.668335] dump_stack+0x172/0x1f0 [ 260.672179] should_fail.cold+0xa/0x1b [ 260.676376] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 260.682290] ? lock_downgrade+0x880/0x880 [ 260.687792] __should_failslab+0x121/0x190 [ 260.695377] should_failslab+0x9/0x14 [ 260.700865] kmem_cache_alloc+0x2ae/0x700 [ 260.706134] ? do_raw_spin_unlock+0x57/0x270 [ 260.711617] ? _raw_spin_unlock+0x2d/0x50 [ 260.715796] copy_process.part.0+0x1fd7/0x7a30 [ 260.720499] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 260.737209] ? proc_fail_nth_write+0x9d/0x1e0 [ 260.742315] ? proc_cwd_link+0x1d0/0x1d0 [ 260.746609] ? __f_unlock_pos+0x19/0x20 [ 260.750902] ? __cleanup_sighand+0x70/0x70 [ 260.755382] ? lock_downgrade+0x880/0x880 [ 260.759562] ? kasan_check_write+0x14/0x20 [ 260.763818] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 260.768693] _do_fork+0x257/0xfd0 [ 260.772170] ? fork_idle+0x1d0/0x1d0 [ 260.775898] ? fput+0x128/0x1a0 [ 260.779198] ? ksys_write+0x1f1/0x2d0 [ 260.783020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 260.787802] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 260.792584] ? do_syscall_64+0x26/0x620 [ 260.797474] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.803166] ? do_syscall_64+0x26/0x620 [ 260.807262] __x64_sys_clone+0xbf/0x150 [ 260.811273] do_syscall_64+0xfd/0x620 [ 260.815100] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 260.820395] RIP: 0033:0x459a29 [ 260.823602] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 260.842706] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 260.850434] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 260.857728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 260.865098] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 260.873997] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 22:26:44 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0xfffffdfd, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:45 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x100000000000000, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:45 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x1200000000000000, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 260.883906] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:45 executing program 4 (fault-call:9 fault-nth:11): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:45 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) ioctl$SG_SET_FORCE_PACK_ID(0xffffffffffffffff, 0x227b, &(0x7f0000000000)=0x1) 22:26:45 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r7, &(0x7f0000000080), 0x297ef) 22:26:45 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0xfdfdffff00000000, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:45 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x6a48, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:45 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0xc, @vbi={0x3, 0x200, 0x9, 0x181ca82b, [0x3cd, 0xffffff4b], [0x3f, 0x400], 0x108}}) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 261.233293] x86/PAT: syz-executor.4:17288 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 261.269178] FAULT_INJECTION: forcing a failure. [ 261.269178] name failslab, interval 1, probability 0, space 0, times 0 22:26:45 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x630b}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:45 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) fcntl$dupfd(r5, 0x0, r5) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r6, &(0x7f0000000080), 0x297ef) [ 261.384281] binder: 17396:17397 unknown command 0 [ 261.403343] binder: 17396:17397 ioctl c0306201 200001c0 returned -22 [ 261.425904] CPU: 1 PID: 17288 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 261.435615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.446038] Call Trace: [ 261.446062] dump_stack+0x172/0x1f0 [ 261.446084] should_fail.cold+0xa/0x1b [ 261.446102] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 261.446115] ? lock_downgrade+0x880/0x880 [ 261.446138] __should_failslab+0x121/0x190 [ 261.472258] should_failslab+0x9/0x14 [ 261.476081] kmem_cache_alloc+0x2ae/0x700 [ 261.480254] ? trace_hardirqs_on+0x67/0x220 [ 261.484591] ? kasan_check_read+0x11/0x20 [ 261.488757] copy_process.part.0+0x2139/0x7a30 [ 261.493362] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 261.498926] ? proc_fail_nth_write+0x9d/0x1e0 [ 261.503440] ? proc_cwd_link+0x1d0/0x1d0 [ 261.507537] ? __f_unlock_pos+0x19/0x20 [ 261.511538] ? __cleanup_sighand+0x70/0x70 [ 261.515870] ? lock_downgrade+0x880/0x880 [ 261.520046] ? kasan_check_write+0x14/0x20 [ 261.524301] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 261.529166] _do_fork+0x257/0xfd0 [ 261.532640] ? fork_idle+0x1d0/0x1d0 [ 261.536370] ? fput+0x128/0x1a0 [ 261.539663] ? ksys_write+0x1f1/0x2d0 [ 261.543488] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 261.548257] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 261.553029] ? do_syscall_64+0x26/0x620 [ 261.557033] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 261.562407] ? do_syscall_64+0x26/0x620 [ 261.566405] __x64_sys_clone+0xbf/0x150 [ 261.570401] do_syscall_64+0xfd/0x620 [ 261.574219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 261.579412] RIP: 0033:0x459a29 [ 261.582612] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 261.601525] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 261.609253] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 261.616531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 261.623814] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:26:45 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x6fe0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:45 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) seccomp(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x7fff, 0x1f, 0x9, 0x7}, {0x579a, 0x42, 0x14}, {0x93, 0x3f, 0x80, 0x6}]}) [ 261.631096] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 261.638383] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:45 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x630c}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 261.716508] x86/PAT: syz-executor.4:17288 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 261.756535] x86/PAT: syz-executor.4:17288 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:46 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r5, &(0x7f0000000080), 0x297ef) [ 261.778582] binder: 17510:17511 unknown command 0 [ 261.792796] binder: 17510:17511 ioctl c0306201 200001c0 returned -22 22:26:46 executing program 4 (fault-call:9 fault-nth:12): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:46 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$ax25_int(r3, 0x101, 0x8, &(0x7f0000000000)=0xfffffffc, 0x4) 22:26:46 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x7578, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:46 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x630d}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:46 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r4, &(0x7f0000000080), 0x297ef) [ 261.975800] binder: 17523:17524 unknown command 0 [ 262.010192] binder: 17523:17524 ioctl c0306201 200001c0 returned -22 [ 262.024589] x86/PAT: syz-executor.4:17532 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 262.061500] FAULT_INJECTION: forcing a failure. [ 262.061500] name failslab, interval 1, probability 0, space 0, times 0 [ 262.079718] CPU: 1 PID: 17532 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 262.089445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.098992] Call Trace: [ 262.103097] dump_stack+0x172/0x1f0 [ 262.108986] should_fail.cold+0xa/0x1b [ 262.114067] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 262.120636] ? lock_downgrade+0x880/0x880 [ 262.126822] __should_failslab+0x121/0x190 [ 262.133033] should_failslab+0x9/0x14 [ 262.137112] kmem_cache_alloc+0x2ae/0x700 [ 262.142340] ? lockdep_init_map+0x9/0x10 [ 262.146427] ? debug_mutex_init+0x2d/0x60 [ 262.150583] copy_process.part.0+0x2ad6/0x7a30 [ 262.155289] ? proc_fail_nth_write+0x9d/0x1e0 [ 262.160649] ? __cleanup_sighand+0x70/0x70 [ 262.168110] ? lock_downgrade+0x880/0x880 [ 262.172371] ? kasan_check_write+0x14/0x20 [ 262.177831] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 262.182777] _do_fork+0x257/0xfd0 [ 262.186238] ? fork_idle+0x1d0/0x1d0 [ 262.189966] ? fput+0x128/0x1a0 [ 262.194738] ? ksys_write+0x1f1/0x2d0 [ 262.198561] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 262.204103] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 262.213197] ? do_syscall_64+0x26/0x620 [ 262.217359] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.231048] ? do_syscall_64+0x26/0x620 [ 262.236563] __x64_sys_clone+0xbf/0x150 [ 262.242730] do_syscall_64+0xfd/0x620 [ 262.248720] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.254682] RIP: 0033:0x459a29 [ 262.261023] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 262.283137] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 262.291204] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 262.299270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 262.307818] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 262.316495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 22:26:46 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40046302}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 262.324303] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:46 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) io_setup(0x20, &(0x7f0000000040)=0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(r0, 0x6430) io_submit(r2, 0x2b7, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0xfffffffffffffffd, 0xc00}]) [ 262.367562] x86/PAT: syz-executor.4:17532 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:46 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x7b10, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 262.413548] x86/PAT: syz-executor.4:17532 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 262.432198] binder: BC_ACQUIRE_RESULT not supported 22:26:46 executing program 4 (fault-call:9 fault-nth:13): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:46 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r4, &(0x7f0000000080), 0x297ef) [ 262.502838] binder: 17635:17637 ioctl c0306201 200001c0 returned -22 22:26:46 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000000)={0x7, 0x5, 0x80, 0x8, 'syz0\x00', 0x8}) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0xbfc9, r0, &(0x7f0000000000), 0x0, 0xbfd}]) r2 = accept4$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local}, &(0x7f0000000100)=0x1c, 0x40800) setsockopt$inet6_MRT6_DEL_MFC(r2, 0x29, 0xcd, &(0x7f0000000140)={{0xa, 0x4e22, 0x80, @remote}, {0xa, 0x4e21, 0xb2b1, @mcast2, 0x1}, 0x9, [0xfff, 0x40, 0x1a, 0x8, 0xffffff80, 0x6, 0x4a35de4d, 0x1]}, 0x5c) 22:26:46 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40046304}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 262.612062] x86/PAT: syz-executor.4:17649 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 262.670141] FAULT_INJECTION: forcing a failure. [ 262.670141] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 262.694739] CPU: 0 PID: 17684 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 262.702729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.713408] Call Trace: [ 262.716908] dump_stack+0x172/0x1f0 [ 262.721544] should_fail.cold+0xa/0x1b [ 262.728075] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 262.735860] ? __might_sleep+0x95/0x190 [ 262.739899] __alloc_pages_nodemask+0x1ee/0x750 [ 262.745294] ? __alloc_pages_slowpath+0x2870/0x2870 [ 262.755537] ? find_held_lock+0x35/0x130 [ 262.761289] ? percpu_ref_put_many+0x94/0x190 [ 262.768174] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 262.776416] alloc_pages_current+0x107/0x210 [ 262.781829] __get_free_pages+0xc/0x40 [ 262.787812] pgd_alloc+0x8b/0x3f0 [ 262.791378] ? pgd_page_get_mm+0x40/0x40 [ 262.795535] ? __lockdep_init_map+0x10c/0x5b0 [ 262.800525] ? __lockdep_init_map+0x10c/0x5b0 [ 262.806058] mm_init+0x59e/0x9d0 [ 262.809548] copy_process.part.0+0x2b3d/0x7a30 [ 262.815533] ? proc_fail_nth_write+0x9d/0x1e0 [ 262.820679] ? __cleanup_sighand+0x70/0x70 [ 262.826353] ? lock_downgrade+0x880/0x880 [ 262.831769] ? kasan_check_write+0x14/0x20 [ 262.837111] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 262.845088] _do_fork+0x257/0xfd0 [ 262.850669] ? fork_idle+0x1d0/0x1d0 [ 262.854854] ? fput+0x128/0x1a0 [ 262.859455] ? ksys_write+0x1f1/0x2d0 [ 262.865686] ? trace_hardirqs_on_thunk+0x1a/0x1c 22:26:47 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r4, &(0x7f0000000080), 0x297ef) [ 262.870563] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 262.875371] ? do_syscall_64+0x26/0x620 [ 262.879646] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.885054] ? do_syscall_64+0x26/0x620 [ 262.889158] __x64_sys_clone+0xbf/0x150 [ 262.894734] do_syscall_64+0xfd/0x620 [ 262.900500] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.908280] RIP: 0033:0x459a29 [ 262.912756] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 262.937245] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 262.947131] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 262.956138] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 262.963814] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 22:26:47 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x80a8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 262.971814] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 262.984890] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 263.003009] x86/PAT: syz-executor.4:17647 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 263.028835] binder: 17732:17757 unknown command 0 22:26:47 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$apparmor_current(r1, &(0x7f0000000000)=@profile={'stack ', ']md5sum{eth1\x00'}, 0x13) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r2, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r2, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r2, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 263.069882] binder: 17732:17757 ioctl c0306201 200001c0 returned -22 [ 263.081363] x86/PAT: syz-executor.4:17647 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:47 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40046307}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:47 executing program 4 (fault-call:9 fault-nth:14): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:47 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, 0xffffffffffffffff) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:47 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r4, &(0x7f0000000080), 0x297ef) [ 263.247942] binder: 17768:17770 unknown command 0 [ 263.276542] binder: 17768:17770 ioctl c0306201 200001c0 returned -22 22:26:47 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x8640, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:47 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 263.323986] x86/PAT: syz-executor.4:17774 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 263.354033] FAULT_INJECTION: forcing a failure. [ 263.354033] name failslab, interval 1, probability 0, space 0, times 0 [ 263.423705] CPU: 1 PID: 17774 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 263.432421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.444590] Call Trace: [ 263.447400] dump_stack+0x172/0x1f0 [ 263.451542] should_fail.cold+0xa/0x1b [ 263.454981] binder: BC_ATTEMPT_ACQUIRE not supported [ 263.455917] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 263.470561] ? lock_downgrade+0x880/0x880 [ 263.474842] __should_failslab+0x121/0x190 [ 263.479603] should_failslab+0x9/0x14 [ 263.483448] binder: 17784:17785 ioctl c0306201 200001c0 returned -22 [ 263.483730] kmem_cache_alloc+0x2ae/0x700 [ 263.495274] ? get_mm_exe_file+0x289/0x3e0 [ 263.499643] ? trace_event_raw_event_task_newtask+0x440/0x440 [ 263.505842] __khugepaged_enter+0x3b/0x390 [ 263.510562] copy_process.part.0+0x7299/0x7a30 [ 263.516292] ? proc_fail_nth_write+0x9d/0x1e0 [ 263.521878] ? __cleanup_sighand+0x70/0x70 [ 263.526346] ? lock_downgrade+0x880/0x880 [ 263.530871] ? kasan_check_write+0x14/0x20 [ 263.535598] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 263.541144] _do_fork+0x257/0xfd0 [ 263.545008] ? fork_idle+0x1d0/0x1d0 [ 263.549103] ? fput+0x128/0x1a0 [ 263.553718] ? ksys_write+0x1f1/0x2d0 [ 263.558203] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 263.564852] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 263.573196] ? do_syscall_64+0x26/0x620 [ 263.577551] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 263.583743] ? do_syscall_64+0x26/0x620 [ 263.587926] __x64_sys_clone+0xbf/0x150 [ 263.592012] do_syscall_64+0xfd/0x620 [ 263.596281] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 263.603489] RIP: 0033:0x459a29 22:26:47 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BLKFLSBUF(r1, 0x1261, &(0x7f0000000100)) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r3 = userfaultfd(0x180800) pwritev(r3, &(0x7f0000000180)=[{&(0x7f0000000140)="d2ab9529c086a7ab378e4ca4a9d6"}, {&(0x7f0000000200)="22044d7417c9257eaadd2b4079c17e1abe812f21fa7a4ad6d72a92499ae0bc3396ba32a8a7ac5bf75ca7a227dc6cea1efd750016a2e2b552c6a35a4ea92d54484c9d200f7b1455c2d8abedc28026a5183ffeff0d07802972869225f6edf3f1a5bf7db065ac92a21a41877ee89932ae0e2f1c72616fae60a26f26865515e76b9e11201e1af8bf3c5e2dbc799a6a2082f0620ee5958a57610003d78c48b8d09411fa44c24246f4656768b54ca9440076"}], 0x92, 0x4) fcntl$setstatus(r2, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)) io_setup(0x9, &(0x7f0000000380)=0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) io_submit(r4, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0}]) io_submit(r4, 0x1, &(0x7f0000000180)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0}]) io_cancel(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r2, &(0x7f0000000000), 0x0, 0xc00}]) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$BLKRAGET(r9, 0x1263, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KDGKBMODE(r7, 0x4b44, &(0x7f0000000000)) 22:26:47 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40086310}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:47 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40086312}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 263.609009] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 263.630783] binder: 17794:17795 unknown command 1074291474 [ 263.636414] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 263.636429] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 263.636438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 263.636446] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 263.636454] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 263.636464] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 263.666910] x86/PAT: syz-executor.4:17774 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:48 executing program 4 (fault-call:9 fault-nth:15): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 263.734634] x86/PAT: syz-executor.4:17774 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:48 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)) 22:26:48 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x8bd8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 263.795678] binder: 17794:17795 ioctl c0306201 200001c0 returned -22 22:26:48 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r2, 0x0, r2) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:48 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x400c630e}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 263.920345] FAULT_INJECTION: forcing a failure. [ 263.920345] name failslab, interval 1, probability 0, space 0, times 0 [ 264.012500] CPU: 1 PID: 17900 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 264.018771] binder: 17912:17913 unknown command 0 [ 264.021277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.021284] Call Trace: [ 264.021306] dump_stack+0x172/0x1f0 [ 264.021326] should_fail.cold+0xa/0x1b [ 264.053500] binder: 17912:17913 ioctl c0306201 200001c0 returned -22 [ 264.055926] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 264.055940] ? lock_downgrade+0x880/0x880 [ 264.055963] __should_failslab+0x121/0x190 [ 264.076495] should_failslab+0x9/0x14 [ 264.080579] kmem_cache_alloc+0x2ae/0x700 [ 264.084855] ? kasan_check_read+0x11/0x20 [ 264.089224] ? do_raw_spin_unlock+0x57/0x270 [ 264.093677] vm_area_dup+0x21/0x170 [ 264.097543] copy_process.part.0+0x3407/0x7a30 [ 264.102402] ? __cleanup_sighand+0x70/0x70 [ 264.107091] ? lock_downgrade+0x880/0x880 [ 264.111447] ? kasan_check_write+0x14/0x20 [ 264.115810] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 264.120763] _do_fork+0x257/0xfd0 [ 264.124261] ? fork_idle+0x1d0/0x1d0 [ 264.128007] ? fput+0x128/0x1a0 [ 264.131412] ? ksys_write+0x1f1/0x2d0 [ 264.135508] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 264.141495] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 264.147163] ? do_syscall_64+0x26/0x620 [ 264.151408] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.156830] ? do_syscall_64+0x26/0x620 22:26:48 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x400c630f}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 264.160838] __x64_sys_clone+0xbf/0x150 [ 264.164853] do_syscall_64+0xfd/0x620 [ 264.168698] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.174000] RIP: 0033:0x459a29 [ 264.177224] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 264.188460] binder: 17915:17916 unknown command 0 [ 264.197348] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 264.197364] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 264.197370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 264.197377] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 264.197384] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 264.197391] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 264.323533] binder: 17915:17916 ioctl c0306201 200001c0 returned -22 22:26:48 executing program 4 (fault-call:9 fault-nth:16): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:48 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) lseek(r0, 0x0, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PPPIOCSCOMPRESS(r2, 0x4010744d) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000000)={@dev={0xfe, 0x80, [], 0x10}, 0x9, 0x0, 0x3, 0xa, 0x401, 0x2}, &(0x7f0000000040)=0x20) 22:26:48 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x9170, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:48 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r2, 0x0, r2) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:48 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40106308}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 264.506372] x86/PAT: syz-executor.4:18029 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 264.535302] binder: 18032:18033 unknown command 0 [ 264.545110] binder: 18032:18033 ioctl c0306201 200001c0 returned -22 [ 264.557948] FAULT_INJECTION: forcing a failure. [ 264.557948] name failslab, interval 1, probability 0, space 0, times 0 [ 264.621762] CPU: 1 PID: 18068 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 264.629894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.639813] Call Trace: [ 264.642518] dump_stack+0x172/0x1f0 [ 264.646404] should_fail.cold+0xa/0x1b [ 264.650651] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 264.655787] ? lock_downgrade+0x880/0x880 [ 264.661175] __should_failslab+0x121/0x190 [ 264.665838] should_failslab+0x9/0x14 [ 264.669674] kmem_cache_alloc+0x2ae/0x700 [ 264.674184] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 264.679350] ? __vm_enough_memory+0x324/0x5a0 [ 264.683878] vm_area_dup+0x21/0x170 [ 264.687529] copy_process.part.0+0x3407/0x7a30 [ 264.692288] ? __cleanup_sighand+0x70/0x70 [ 264.696566] ? lock_downgrade+0x880/0x880 [ 264.700855] ? kasan_check_write+0x14/0x20 [ 264.705291] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 264.710958] _do_fork+0x257/0xfd0 [ 264.714897] ? fork_idle+0x1d0/0x1d0 [ 264.718862] ? fput+0x128/0x1a0 [ 264.722250] ? ksys_write+0x1f1/0x2d0 [ 264.726178] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 264.731215] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 264.736178] ? do_syscall_64+0x26/0x620 [ 264.740275] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.745836] ? do_syscall_64+0x26/0x620 [ 264.749974] __x64_sys_clone+0xbf/0x150 [ 264.754514] do_syscall_64+0xfd/0x620 [ 264.759432] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.766215] RIP: 0033:0x459a29 [ 264.769518] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 264.794423] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 264.806632] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 22:26:48 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r2, 0x0, r2) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:49 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x9708, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:49 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x9ca0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 264.817605] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 264.828564] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 264.837650] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 264.849351] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:49 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40106309}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:49 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r2, 0x0, r2) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x1f, 0x6, 0x7d0, 0x480, 0x0, 0x0, 0x0, 0x5c8, 0x700, 0x700, 0x700, 0x700, 0x700, 0x6, &(0x7f0000000100), {[{{@ipv6={@initdev={0xfe, 0x88, [], 0x1, 0x0}, @mcast1, [0x0, 0xff, 0xffffffff, 0xffffff00], [0xffffff00, 0x0, 0xffffffff, 0xff], 'veth1_to_hsr\x00', 'lo\x00', {0x7f}, {0xff}, 0xc, 0xe8, 0x6, 0x1}, 0x0, 0xc8, 0x110}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@mcast2, @ipv4=@empty, 0x38, 0x16, 0x8}}}, {{@uncond, 0x0, 0x1e8, 0x210, 0x0, {}, [@common=@inet=@recent0={0xf8, 'recent\x00', 0x0, {0x9, 0x5, 0x10, 0x0, 'syz0\x00', 0x1}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x4}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0x118, 0x160, 0x0, {}, [@common=@ipv6header={0x28, 'ipv6header\x00', 0x0, {0xa1, 0x8, 0x1}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0xde6f28c43dd32a66}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@remote, @ipv6=@loopback, 0x0, 0x1e, 0x9}}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@ah={0x30, 'ah\x00', 0x0, {0x4d2, 0x4d6, 0x2, 0x2, 0x2}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x8}}]}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x2, 0x8}}}, {{@uncond, 0x0, 0xf0, 0x138, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x8}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@loopback, @ipv6=@rand_addr="f5a7c89fd6c053b857d0eb0dd8b686b4", 0x25, 0x1c, 0x401}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x830) fdatasync(r1) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) utimes(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)={{}, {0x77359400}}) accept4$rose(r0, &(0x7f0000000180)=@full={0xb, @dev, @remote, 0x0, [@null, @remote, @remote, @remote, @remote, @netrom]}, &(0x7f00000001c0)=0x40, 0x80000) io_submit(0x0, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 264.978465] binder: 18245:18246 unknown command 0 [ 264.988386] binder: 18245:18246 ioctl c0306201 200001c0 returned -22 22:26:49 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:26:49 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xa238, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 265.067821] x86/PAT: syz-executor.4:18068 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:49 executing program 4 (fault-call:9 fault-nth:17): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:49 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40406300}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 265.223159] x86/PAT: syz-executor.4:18068 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:49 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000000)={0x4, 0xfffffffe, 0x9, 0x7}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$FUSE_GETXATTR(r3, &(0x7f0000000040)={0x18, 0x0, 0x7, {0x8}}, 0x18) io_submit(r1, 0x200000000000011e, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000100)="90eef90ea9bbbb9bf8ed7e8d54a44a0008dc755ab92030dfd78f5d240dac47c3c602e3de344041702374dae4ed3c89d7a4a6c504a8003cdeaf5cbd8e177dbbe5aea2ef2372", 0x377140be6b5ef4c7, 0xc00}]) 22:26:49 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xa7d0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:49 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40406301}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:49 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 265.384410] x86/PAT: syz-executor.4:18466 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:49 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x40, 0x0) execveat(r2, &(0x7f0000000040)='./bus\x00', &(0x7f0000000280)=[&(0x7f0000000100)='lo*\x00', &(0x7f0000000140)='-vboxnet0!)\x00', &(0x7f0000000180)='\x00', &(0x7f0000000200)=']em0wlan0:wlan0.cpusetwlan1vboxnet0usereth0\x00', &(0x7f0000000240)='\x00'], &(0x7f0000000380)=[&(0x7f00000002c0)=',%cgroup\'}system:md5sum\\,*\x00', &(0x7f0000000300)='^wlan0\x00', &(0x7f0000000340)='\x00'], 0x400) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x406, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PIO_FONTRESET(r4, 0x4b6d, 0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 265.433976] FAULT_INJECTION: forcing a failure. [ 265.433976] name failslab, interval 1, probability 0, space 0, times 0 [ 265.472664] CPU: 0 PID: 18471 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 265.482897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.494696] Call Trace: [ 265.497328] dump_stack+0x172/0x1f0 [ 265.502998] should_fail.cold+0xa/0x1b [ 265.506927] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 265.512625] ? find_held_lock+0x35/0x130 [ 265.517157] ? percpu_ref_put_many+0x94/0x190 [ 265.522294] __should_failslab+0x121/0x190 [ 265.527804] should_failslab+0x9/0x14 [ 265.533889] kmem_cache_alloc+0x47/0x700 [ 265.538041] ? __lock_is_held+0xb6/0x140 [ 265.542314] anon_vma_clone+0xde/0x480 [ 265.546675] anon_vma_fork+0x8f/0x4a0 [ 265.550938] ? dup_userfaultfd+0x15e/0x6c0 [ 265.556765] ? memcpy+0x46/0x50 [ 265.561116] copy_process.part.0+0x34e5/0x7a30 [ 265.567380] ? __cleanup_sighand+0x70/0x70 [ 265.571718] ? lock_downgrade+0x880/0x880 [ 265.576764] ? kasan_check_write+0x14/0x20 [ 265.581449] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 265.590663] _do_fork+0x257/0xfd0 [ 265.597352] ? fork_idle+0x1d0/0x1d0 [ 265.601557] ? fput+0x128/0x1a0 [ 265.605657] ? ksys_write+0x1f1/0x2d0 [ 265.609986] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 265.615831] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 265.620777] ? do_syscall_64+0x26/0x620 [ 265.625320] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.630887] ? do_syscall_64+0x26/0x620 [ 265.634965] __x64_sys_clone+0xbf/0x150 [ 265.638958] do_syscall_64+0xfd/0x620 [ 265.642790] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.648089] RIP: 0033:0x459a29 [ 265.651309] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.670803] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 265.678801] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 265.686150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 265.693443] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 265.700998] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 265.708352] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:50 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40486311}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:50 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) syz_extract_tcp_res(&(0x7f0000000040)={0x41424344, 0x41424344}, 0x5, 0x6) syz_extract_tcp_res(&(0x7f0000000080)={0x41424344}, 0x800, 0x68e) r3 = open(&(0x7f0000000100)='./file0\x00', 0x40, 0x40) fcntl$setsig(r3, 0xa, 0x3d) syz_emit_ethernet(0x2d1, &(0x7f00000001c0)={@broadcast, @random="611d4520760e", [{[], {0x8100, 0x5, 0x1, 0x4}}], {@mpls_uc={0x8847, {[{0x8, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x80}, {0x8001}, {0x1}], @ipv6={0x2, 0x6, "225386", 0x283, 0x87, 0xff, @empty, @ipv4={[], [], @broadcast}, {[@routing={0x0, 0x8, 0x0, 0x1f, 0x0, [@loopback, @ipv4={[], [], @local}, @ipv4={[], [], @rand_addr=0x6}, @ipv4={[], [], @empty}]}, @hopopts={0x965fa1c151d282c8, 0x8, [], [@ra={0x5, 0x2, 0x7a3}, @enc_lim={0x4, 0x1, 0x52}, @generic={0x5, 0x22, "2f92e77615f7a366cf89164d9e87d16e90f59ea16096f8d4c0b338010507336fe20b"}, @padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}, @routing={0x88, 0x10, 0x0, 0x80, 0x0, [@remote, @loopback, @mcast2, @local, @mcast1, @loopback, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @dev={0xfe, 0x80, [], 0x15}]}, @fragment={0x88, 0x0, 0x40, 0x0, 0x0, 0x0, 0x64}, @routing={0x1fe, 0x2, 0x0, 0x2, 0x0, [@loopback]}, @srh={0x0, 0x6, 0x4, 0x3, 0x9, 0x50, 0x40, [@mcast2, @loopback, @local]}], @tcp={{0x4e21, 0x4e22, r1, r2, 0x1, 0x0, 0x11, 0x10, 0x3, 0x0, 0x9aa1, {[@mss={0x2, 0x4, 0x8001}, @exp_smc={0xfe, 0x6}, @exp_fastopen={0xfe, 0x5, 0xf989, '['}, @timestamp={0x8, 0xa, 0x9, 0x6}, @mss={0x2, 0x4, 0x400}, @md5sig={0x13, 0x12, "933573741e7516af7223869b53245089"}]}}, {"0882a07955c2a349d33c8bfba406b11c4a6537daa2bc7d6d68a6b0f3e2a04a7a75fbb30424db9dc2c0a6458da9d5b86fc17370fbc2ae3b2ed906c834018e5836db97d921004b57b827483bd4d45f167886c808f4bc6b1b7b86cf7c0093f60784e6d90bfddfb40ce8a56409aa550cb6cc09cfac3dd08a35aa4461d13761c1384f69ba8e2f2a8a79cf8664b5cdd279d3c72ddce885c8560207753966b73a4fe7e7a017b97b323cc8377ef85712fcf947859ef3035f83579acb59a5f43401388380f72575f64c57b9"}}}}}}}}, &(0x7f00000000c0)={0x1, 0x4, [0x5cf, 0xa69, 0x51b, 0x17b]}) 22:26:50 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xad68, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:50 executing program 5: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x12) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r5 = fcntl$dupfd(r4, 0x8c84d38f17d93975, r2) r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x40000, 0x0) r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r7, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r8, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x1060000, 0xffffffffffffffff}}}, 0x90) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r6, &(0x7f00000003c0)={0x10, 0x30, 0xfa00, {&(0x7f00000002c0), 0x4, {0xa, 0x4e20, 0x464a, @rand_addr="80955fbdbc6d18a49bbc078db5596183", 0x6}, r8}}, 0x38) write$RDMA_USER_CM_CMD_NOTIFY(r5, &(0x7f00000002c0)={0xf, 0x8, 0xfa00, {r8}}, 0x10) r9 = accept4$x25(r3, &(0x7f0000000080), &(0x7f0000000100)=0x12, 0x80000) sendmsg$key(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="02100509570000002abd7000fddbdf2502000100000004d207819b02000000a0050019000000000002004e24e0000001000000000000000002004e2400000000000000000000000002001000000004d4000004d200000000010016004e2400003bd1ec64f32d5b6a5f04cda973611ba7a1b3ac25a4b6c7c279cac6622bc258410353e42102f82d34beae1cfbf7b2a34d878b0076a9e9ae16d9570aa441aeac8f5dbd13b6f47c1dd5d4d87db9e594a8980392bc728ff42e108b4c7f6b586de587ff539b6b83bef632690358cbc4bdf22cd37a551b8d6234ca1b12be1b3b27961ec5b380c3f9724c54480dfa7ceba5bb90c81162892420726b15b297c43ff4d74ac393df5dc435a6e7ab2b4c809aca6a5100dd93d006f423715799f22b14a8cdcaac8c62038aedd9262c62952d3575a7e29dbf867e36b286ccf2835789d89d627d5c692a61ede1057d110fc0c0d3f4ef8371565b"], 0x60}}, 0x1) splice(0xffffffffffffffff, &(0x7f0000000040), r9, &(0x7f0000000140)=0x46, 0xfffffffffffffffe, 0x2) 22:26:50 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40486312}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 265.878297] x86/PAT: syz-executor.4:18586 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 265.940191] x86/PAT: syz-executor.4:18586 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:50 executing program 4 (fault-call:9 fault-nth:18): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:50 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) pwrite64(r0, &(0x7f0000000280)="5c8a3cec4d3d4daa8c28947d9d22eda999465aed92e6b4d29f967a253cdab583b27973440f50a760ebb270cbd129dd4386cc978b7ad30c1bb432cf09b4a7c7b0b4ab9495ebd16f884c30ffb6c049b1f8bfc1061bbf44592304f64bc7032b73cf350c05e432d5c25943972285864a402d91532266ec6da2ca3033ba2037ee6a771b584f7d5229a2b6e05c75cafaf386a29533d72deedc7a112e1f03c57a1b18a20b6f26df01c66bdf1acc21f15bd9bc560978ed9dd0ab5b61da831ae22747ad4e4c9e90130e82cea5", 0xc8, 0x0) ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, &(0x7f00000001c0)=""/131) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) set_robust_list(&(0x7f0000000440)={&(0x7f0000000000), 0xffffffffffff4ac2, &(0x7f0000000400)={&(0x7f0000000100)}}, 0x18) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) ioctl$VIDIOC_G_SLICED_VBI_CAP(r2, 0xc0745645, &(0x7f0000000080)={0x200, [0x81, 0xf, 0x5, 0x2, 0x40, 0x1, 0x7, 0x9, 0x8001, 0x401, 0x40, 0x8, 0xfe01, 0x2a, 0x3, 0xfffb, 0x400, 0x6, 0x3ff, 0x6, 0x4, 0x9, 0x6, 0x3, 0x7, 0x7, 0x8, 0x1566, 0x101, 0x2, 0x7, 0x6, 0x9, 0x1, 0xe916, 0x6, 0x1, 0x5, 0xa3, 0xfff, 0x1, 0xb44, 0x1000, 0x0, 0x6, 0x38b, 0x8, 0x9], 0xc}) r3 = msgget(0x0, 0x99780b89e67a8abb) msgctl$IPC_INFO(r3, 0x3, &(0x7f0000000380)=""/100) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000480)={0xb5b3, 0x9b48}) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:50 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x630b, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:50 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 266.137448] binder: 18611:18612 unknown command 0 22:26:50 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000000)={'broute\x00'}, &(0x7f0000000100)=0x78) 22:26:50 executing program 1: openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x6d044be5, 0x5000) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x0, @raw_data=[0x8, 0xffffffff, 0x4756c543, 0x7fffffff, 0x6, 0x7, 0x5, 0xff, 0x1, 0x4, 0x0, 0x6, 0x2, 0x7, 0x5b4, 0x3]}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r1, 0xc0096616, &(0x7f0000000000)={0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) [ 266.160278] binder: 18611:18612 ioctl c0306201 200001c0 returned -22 [ 266.205405] x86/PAT: syz-executor.4:18633 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:50 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x630c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:50 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xb300, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 266.255295] FAULT_INJECTION: forcing a failure. [ 266.255295] name failslab, interval 1, probability 0, space 0, times 0 [ 266.316229] CPU: 0 PID: 18701 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 266.323209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.332752] Call Trace: [ 266.337199] dump_stack+0x172/0x1f0 [ 266.341407] should_fail.cold+0xa/0x1b [ 266.346294] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 266.352063] ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220 [ 266.360435] __should_failslab+0x121/0x190 22:26:50 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1, 0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r4) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r6 = gettid() tkill(r6, 0x1000000000016) r7 = socket$alg(0x26, 0x5, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, 0x0}, &(0x7f0000000340)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000540)={{}, {}, [], {}, [{0x8, 0x0, r8}]}, 0x2c, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000003bc0)=0xc) r12 = gettid() r13 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r13, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fstat(r13, &(0x7f0000003c00)={0x0, 0x0, 0x0, 0x0, 0x0}) r15 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r15, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000003c80)={0x0, 0x0, 0x0}, &(0x7f0000003cc0)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003d00)={0x0}, &(0x7f0000003d40)=0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r18, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r20) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003d80)={0x0, 0x0, 0x0}, &(0x7f0000003dc0)=0xc) socket$pptp(0x18, 0x1, 0x2) sendmsg$netlink(r2, &(0x7f0000003e80)={&(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0xca0c1164fd364ca1}, 0xc, &(0x7f0000000080)=[{&(0x7f0000006300)={0x2b0, 0x10, 0x100, 0x70bd25, 0x25dfdbff, "", [@typed={0xc, 0x85, @binary="fd8bc6162ca654"}, @nested={0x1c0, 0x33, [@typed={0x80, 0x8e, @binary="e8c01faf5b844b23f0c6567ebfc8f6260f7278bfd160a5a472789c6699ad3185283444a5e5d8c2ca05584da22d05ad251bc46af6334264e04b8641e01abcbbc13e2848d7734e81bd7a140a09eeb2a7b1dfe8151203a57dc03276db8baa2a579ec49f206b258300ca757b053dd445c806748023803ef87e37bcf994"}, @generic="851cf3eaa3d6d8b009bb49a989271550bc794b9bdf", @generic="96a66855720b554c5c36192f98191c8532235c9216b3cd0359a0925af348e342b79b941ebb88d6a2b3d03924f063a0c1caddc10ee1c56b9efca295924ba0f0e3d0d7ef6c47f97ed97c0b1fe52693f90364a91c9eed19d7c46e155edf89bb8c0ead209de8c0e63da0a15e97eacd2a082b907a6ac5910bda023cebe0d454f3ecb036fcb1bf82318341003d8b653d91cda6bc", @typed={0x8, 0x89, @u32=0x1}, @typed={0xffffffffffffff66, 0x0, @u64=0x8}, @generic="6cd20afbd427cdb0f0e53913c33eda5e93945814e84de36db639a6e31704f2fd454c5535640325d97b714bd4766ccd17c71bf31fe8757a520e47db247cf7cdee0f5a0a3f78d82a5d73ab71c9f4a17e3eb233504a35d02dc4bd4f1116b102816bcb9d60db26b0e52167c404ca5c6107b04053a7e424ebe0a7", @generic="e07af8795ddf4230aa31dd8fa07bfc531b8b0d41a6051c9c86e034a7398d452fb3f8842ec43a283453f8b0d04167687b2c696db4ccec21237b7ec2be603364ef21e30de2bdfe93f36682cd15eb0280e4669b33182e25846495437fff566602a2d40fb36ddfbfa133ad83c5832eb467a64ebded3beec61b06df19adf7b6e5d8dd47a7384d1b7e426e7c9d4afe8d8df5f109f328a9fab442c4df47998128d759e0d03b5cd512369e31953094d0aed5f095690bf625368d60186fa0d52a38b3f515525a4b34c34a55b2199904d8e145d220062b5b21c9f576e5562b51831af1380dfa1c8752e65c3cc9e2612540b7b858dbc919010a944fcc7295e64209c55d14942b29f134f1baa44b23f4ae9cfbee27a01b45758478739fd7addabd44cf7e2fc4d0f05302939d01d08d38754268923ae8a8e3291d7468fdc9129ba8623741a230535c8779e037256588048e1de4edfc72a7cbdb1a6c82836d2851313a1f7f923b157d68cb1bd0539def780a30ce5a6d3ef8cf9a87c59dc8735fdad3958897e15ca8c3714b94f9bdbd8466d10512e81991acc167c89660340b07a8265de32253e457e422907bbf6e27365fb5474ccc791bd08d326b66275ef94a3aa3e10c6c084e24e9643af0da940a828f60691831e0458a44f4af5ec47a8ac0fad5ee9b7593a0fe6c7193aff67e545aa847f17d1295ccca37f2374259db56e953c85c40a85f55ff01b79a19246c47693bf80b8f9ee6274a91c278ea1a7d9c239251937a99273821b45fe6fb6e7ca1948435a839695d371448c825a51f21947b01b0c14ae9d2b51ea5318cf96babc72d441eab9e5236042521f67504252d353adb1c21a72797ddeda04438f9aeb32e9e06e0d1b51bd2adc723be0ed1386cd97d232043be148920377dfd5ec1edd11c6c10ab15fcf0130dc615773d38b51d393c4724323977d83b75baa425c629539b8ed4be125f6407ba808bfd51b5ff23046bb55f0bae4f6f4d2a83fa112b075b0b7d10bdd1957413570b112552010be074233087174ef00e27edc392102da033f7270bf8637b90669c9427166c47f2bb5d9cf42a70c8d6f26607270c056ee08b70867d237631313dc961f527ee28793cdbe83f6530bf85b3388195c685c240cd9635276b33d84cba2d647cd629db7153d2cde6074f99727758539c9baf82e2e804f5a1426879a3c49ccf20afc6dcc6de41ad6f4ee309b2e7622e1755e830a9705029e8771710cec7b3226324bdac988660085c4bb050e5e0a39e1b2652abd308fa12f36688d5f8fd3104609a71c7bfb7e4b71573e2569f21676a4d8f57755d1aa53dca64091f36ea800751d410a84a977cecbf0edd91f19f1c37e8561822099d127c75e62e651b8e681dc50bc0aef37abae650a5456976d1bb1b7c5cb94bbec965daf5369a006882bae8558b297061ac3aa04e68dc85cf75be80b7b7912bb619f2bd523b773d41f1c2f33992732dcddad5aa2a5e30e33a8062b3c53017c8bd83bf6b49a87d619fca3e7c754424493cca8e910b1507a86cedb89ad510862059c6ae7b15d784612f3e428f46d4de085d38d257befd8310d9f8c39d86bac8eb490e477ca67bdd81efda31f4f08f4003ad4593e37b7cf1b13707e9688249202b293a1ae53e048419ad1cf5eb6640cb71cd6784fcc3b4b171a8ae1bd735ed94dd7286e429d6c011348da4478861c3947da292548159ec0b30b713d7204b8acdbf5b793682cd91c4f9649f6740f5f628508ee21a369cb9a442ef3bc5e51a23cdae800fe7cb9166a2367c8497d192ba946e69f706acff276f12d8a3f8748c7b5252c4fc3a0f5e60c7408c8af5497e086d914fbb84a81c5de9c6ac8f1c46ee4abe7a88d858e567fbf3a4f7928c73d8183122a931a7eff361f76e6fc7b7010e8671c47c33f2998a6f91980f0881e0b0415778dcb663a2a5859f5b549546699c4b42bf94cdbf4f7b352fb54da35ab9c474e2422725f787e2d63a6335285cc7ba765280d1447bbb4fae543e6b656c663eac25927ffb0700ec8d9ef7900570918716c2ae5ad25d253e2b2e5436447d3c87fbca5abbb3345477bacac41bf0d25ede49f33dedf3bc3df871fcdaf76a353a4508366645bc8292cd7de1a9d9073d826647a2fb5989f50e9d258f9c40213f26808cea8c6564c7fc3e74bd4257e4eee560ea2ff2890e35d1100846a5fc59aa49489d239cea40e9f91e3bf2b9e0a9c1de9f962b762e6238f98e4ac3045415ace151aef9b1f542bfa98bad646a75b2ad08d09164f0ec0e0b9c258d615ff02ab00c8c38f6d371b7d4400266f4610dce893997426d0e92ce74b5dd1dc3e14c16897ffc0f790f9a6978e9adac186a36af5620eadb3d9fc5e691402f6038da2d74a5d20bdec08e4b5fd686d05757c12b24ff4276c5cd7e592d771dd871efce36d395b665651f1fe72c291b23c23c074dfae203f64fe614690330dacf553cb99f4de4c3ee1e4da18281d737b9ea2334e2e0d2b88466345fa05fa1c09752978ec5cef3a4c232b96f62de85b8c24e97374b5cf87513146a5d134a8d9ebd50a84ae69e6c4fa9f567d284de8f8ebe1c38fdb9d47af6d3155c7f1620c3b68be234565847e9b7d5c7e7ba594998d4b3338db24019fbc7051e5c79c1dc0e500f2ee4e1ef0d8440c36500cde7f2ba0bc4949f3a03e89e3c87de8abad0abc632a0caa781eb0317074205d3bcc916769013c6e37070685d77caba8901e8f24fe0e5a1500ffcc2232e381bfee6d06dd684a227cea8a2e575b4587da33dc23df961f562ef67c9ad04b084cd3ea935bcd01da278cc44647c3c3102a825b3eda77ca551527889aba7b3a678d9920e39608a12b10ab872e2fb149e39409f1ee6fe3c26e60e298e994f461165a9f8b35ba8608d4e364a289435607aba85e01342c003c4e4f0a3cd7cc8987f71de6f2610479e05588715c43ab8fd4a999d3255c5411c8800bbf73068ef0fbfff097ca13b98b391346c8b0e5e95c950ff77c340434e5836fa42d0cdd3803f7b53f0abc1de88d94cc4cc703cc5ddf3e52af3588adc1dc4cb130b3a9c93ad32e7d9ab7b75fbb9a5e46d9283872aade1b79d6d7b021e011005dad6cb37851d4aae26c36c7f44a79bda8e490cc6c2a9caf4c09c0bebf4dc0afb120386bfd252f102ec4e5114f4967dfbc7eac3fd3553e69cf2f1dbd077a972ad3a6559185bedfc39407bb7bf1d6591295169bcae3901c79d82b67858f5cba1ba72e9e5e6e687cd207cf9cfea7ebc850c7d3dd054b29991bcd6322851e1d2c539fe3e0580fb29ecc6e0d9a5c8406bdc278620f8f0c85ecc8ecf58f2d92a40226e5a9441b4121f7cec69e63eb5d69c78d67323efda113aa7932533681d01dc584be4cbfa51dd523a8c82b8e7261ec8071a8492791b2acbf55390be4dbe0c6c26969d6d1756db312d9cda92c5dc696cac82e74c09f3700ea405fd362a9196be7030c7a2e9dcce1465b77f8527d54cb7d6c33868880b5180e44fcc823d2d5c52f8ab09722afbd447ea8e5ac16af3ddafe7cf8fb23e89a8718f79e1770921c0bbc91dc56f6baf004c5a28a1c6aea4e7ee3a85741dd5ca81b865c7f3ca7ca0b16c4676cba279b9705d3000b9819c49c5cb5043e1419287cb5c3b259d20369228771e7a6f6da49902b749168a15dc5e0eb1f068b1cb8269fd385aef6e058d926fbc112d7afeaaa3987b05446861672b39b553d478130623af26bdb52d080525b312c35fe59cb28929574b0d3d1ee7c4c5626aa7822ef48e873dcdf41163cc29e6228ceb0b2860f5e3c24a673100e45e06aa717f1db232510fd97cc7390ce78a1e86f4ac3ddf7c71e280cda30f79d7652a4a50a49c52b148729765642e42c56a24a4edd00508365b8b91fb384077441cb6359fbc7779afefd9c72c1481b24c4611a17afbdaca4ed237da5869245dec04db659f37b049f6965ce203f8961dc9cca6f7f4155b3f555be7cb668b8a5f49c0484d47d4bfd8693c633b51f19dc56c9126d0c66247680164dabd5f2774ef342b29a572e565326adaede9533c0866e65307805e2bce0ae3dd56fa719a6b26c4aaf800e6639737ace3a55f1988fae0b95cf7da6fc5be5df9edaa7c463aaffcf383e2381f419cb5f16523bb14223f656fc8978b9b69e587afefb87303adceb62c0d95c34a130c04182854af511abf23d90e9f2918cc135f6644718bc5e5ad78c2be27965c68d02cba8dac8a13f3d77796d9428395346f97a48e9aac24e81d1668e4332bbf72637f24602781e48cf68e365188ddcc3c2a8ed08a21066306a7468fb5b2bd246247e4bdbfe0dbe0569f4fef82c34b9666d99a25c4abc199837dbdf216837cba2d7de44aa7dbcc1b330ec88da51340f85046e9d33d834dc9abb207b94a400e9f561485f2a9d56936409e7d11f5e6f2c33855d1e16b264712f402b60bcd424206d249a4d56495bbc16465e8c676163e76b20610f01c40d560d309972a7f28471e510750e5c549e6a2e45ae68f1cfa00b38eae414ff41c6cd29f381bc37e7987f34d3467f0ad27126372b35c499bc9a7f1c412b6a8b0a459f4b97b264f13c3f3fd91e01a82166b2e41f2eeb29d75d1ebf5420583b6e3e5f7975011be3c5c3cad2a176363262bcc67a1354cea404f07c017ca9ac375072372e8168cdaed3cfbfa5ce9ee5de0df639dce9c138fd1ad3ca7696142c355a03fae7fefcf77b419cc13f033b98be2975c1126c8c5432817ba714dc036b340d638d7045cab53e443dbb2fd70caf6d9ac04af624a5eff4ecaecbb097a21635729842ed35b9e8a81ec5b862973814b683e4e2a40a812cb82b1c4365762129effbc30fc464cc4aea80fc45e12368a6f4c535792c7fd9875295050efa965b908b4c082a80d16d38f11b8c16de619c1191b3cdd6fa8da051e6fcbffd8b2c258184446a798adce987806419caf0a88fbbf9a4d10bde1ef9a358346ee33b9bbefd9072d92b168f0efe1367faef12c92f7f7e8d99ffa1ad7b68187d3e7d7160f9f1353de9fd01570ec78f7d51251d323cfb3ebc9b7748ca73a66e98d6514c7704955a1516b29827b14d64df944980f3a8efc51012a53a156676651f79d624760cb5e197d4480f943de2d285b427ae4b0405a1367571d63faeae1a46d20a7ee28fe9a80fbb368b60991edb50087101d505edf223805658472aa8d0d4438f1ed030ea60f14ffe7adbe6605e2062e7f63d5465c46db884c2f55145154bc50bdaf59205dadcfa1213e790551c06a5ef046beebabb28a29b9e9ac93e584f8aa85a53beaa3844284ef64ab9011ecb20d05abfb662d7dda0269fd12b65fef1d8013621099ebdcdb237091eb86c4b5ab8e0c85c00bd49e51143496c2d67efd307f6280dbd447eb0546719952f279ff005bdb244b768fc07af00242c9cc3513c17d0415e6da77639023ab2e07cd8a79ad8062a5a78acc6b0c80ac1c702eb24c1fe439db14bd44df36f9c2a4b315a3c28da4c77aabc4f189e6e5e5b6452d1f7d2f1b5a457e74b66136d93f34efd5d71e9f687d91dd85df7ae4988105ca99639af1a8f1716014b47f61e6845454ea5fa7da582825a78ef03e6c2525b073018e1c9c787b40998986337fb28ca8daa8f9952f6e4d2d794ff90ab17f036c9c79531cac25676a672143d537b9fc14883615d1df7ed4f9278653e1d26cc498777713c2b0e86567bd9a66e9add649b5c1c05f6eb37b9349ec80e63f346eea6e2961b015069b37723ec9c09421fa214b6952e837bf9e657b41f4ef84c975ef4c9f716245fed80d9d7c63bbd668139ed1da42d277b071878c10a574c4734e059b"]}, @generic="8f393c2f977077bc81e8ed0cd9304fe9298aa4eab3f926dc064172d587e2232a14163f3a385d9dc6a7076caa7f97b40a74ed9961f1816fc6174bd3d1026630be674420162ebc2b40b3f7a081b28022ebc942ca9cb348b4d50af65647154d8825352ef95bf7a95d472721a8788a830a9c2aed1dba360e4f590f05add53b9a40d89af8029841aecdcfcb6cbfd1a02cd8a659c31fc32581835aae92a816d994c6ac1fa3e86497a1b8c5f29bfeb0575ea4a68f795c448fe1cc7340c1157a27772a0c461aaf3932cf5b", @typed={0xc, 0x20, @u64=0x3}]}, 0x2b0}, {&(0x7f0000003ec0)={0x2428, 0x1c, 0x2, 0xd8da, 0x25dfdbfd, "", [@generic="f830a8ae317d78c1a6a1fa8cb39ed0255f8132f53d286a6512ed3852ba2146a9fd3dc9537beac8db0535805a617c4e1296bf32bdfb53c22e32c46d5cba30dd5ad570041f2a0ffdbdd0db188c168e819f227585d3a054aecae4e1e10b7d3a2179623f7e5416b5366932ae6d8a38211d037530c3206d6e4bc927fcc0a0c6fc3440f96ce79fe2e926e57a2c6857ab3719f5424e7699322ba5c5012d28bb189261d646c20d8c0cadfa4cafd0f9223343dcdf16e91716202be9b0708f209af7470c1df1e570a4b6f45a1ba86d0923d9a57ac16438c69a59137b6eaa28a504d956b573ed4386cb58c597f97bc68393554130a83791390e1c804f2b1bb2ed4b8133783f8daa57ad0b00da910399ac226dd5b6229b4b3ff08a56f96f8f95b15596f216a950bcf4de67061d0ce4509f6ca3045616d6c1fa1964929ccb5c70011ebb3da2fff7b826f6c1c6b02435e205c0039f54c83b7c2d01746b77a63925d2bdc9506aed4cfbbfc39b2f8eebfa7c5159c8ff230e863c6fcd3d3f3fdb54e5a794663f628fd9fc13e74a81848b04605a5d676d03a1eb78049baa57d7bf476caed71dc283edc645b4a757996fc5db30e954fbcc8a0158f8432f78d5efc5e96218aef83d3933262b36a03b565ae20c68387de21f69b4957b697b40e1e177d6df7b587de8ab28969fd30773f30c7e06ecd673d4a5c275458e6f5f71b188b6bca14706ee03d4d8be1026ffba3c23388fb254a51073ce76f0e409fb539a7a36d5937a7996ae97cc9cc3c36afcd071a9a9c1640c37e212a93e36daa6b221a785fce34dccb5fd587a99ab3797518bbb50735b9cff32f7a473da3378535ae5fc32093d5dbb8eb1c04df9e42b5f7eed2d1e4734b2855c9976c96f7ff0fcec0595a0d833cf0b7a0fa9204c4f8febb8061b4511d5400810b551f94e0cb90e3b0db0b64f71bc158d44c8d811ef982eaaa714a79a5ff9c4669f62a6634c1955fc066354a7bd3c678f1d46ec40d64d59e4af3f217356ed51cf1541ae63ea4ca30e871f82dfcc08fe79176063207d1b4c6566c65ca33e36279097ddee760d38053218b80dac2fa7ef06357c0937531a7c0c6cfe3787b6c47b4acbe3eac2d626462ba4ec94c8af4d4ced1c90c05c6188bfefadb622a4deb6531f106ffb05635e1c7d783e1cd14fc63e62ed56ffedc501336b491a234b8077a20de5a58f0cd3ba5417a1b6d60361a61d33ab37311e32e183543476ffcbb65fcb9145d35b9838d4b5b5785dbcb3f88948777343c685635d57030a1279f1779f7210d1267fe24768f47d54d178b513f4fb45b3b449b175027bd5eb31e6995532c0b4e20d03553ff10c9a214e4dcd6d1dc215d08cafa12310b4858af15ed1f8160466b22ccc29b0a48b99248b94071aea539032a41aab76d29625921224e23a2a6f6c7cb94bdb2518c5a33c260ec8511653e91484a4332bb4909ea2de943d9684a3bb9037d4027a839352fb31e79a9f65bcb883ff0a15f876629c8586f9fc002d306b56d0263bc6dcc9a0d1258c012037333cca39059bd86bd1108af64508a7c29be325629b8d5c2473e4f300d7c4938766a6e1be649f32d274903bd946885707b69102212716272d351ece6b4c93452ff6792811701e5ba2d0852622077e1805c12b891d81fc5f0a0f79ab8f0f5d3e43556f684cc02b1adeb98038a544d3511326f2ea278f7d29c95c60d11e3b23f710c071742f06e7809e70fac84095827ff27a5c8b99fb2e9220fdb91a2bc991a00490140fd2791bb89b5d91b4699c694723fb09e12bf32664850ea4d54962959f50b7b43455ca3b7454c26db8e3c16dc1167cf24cbae8f14c80b09702f7855179fd13c1017d77ab4fd46842921da43e88f035d1f93263f5629c84e9bc0766c504ffa648ccb9f1a357124130672ec9cb3847c7ca1ab8b012d4dd9eeac897a274af96c8d0602f9aeea8d830e0e32b878e880ed13289cc803ac679fe187dcfa1f5d6a4f4d321c27e889fe71de3d5f10f2b4a994e07e92416d47d782048c442f356455668ae81890a47fe93765994ceda8fd5e1513b15f75893e66ef65b360ea9a6796f46d1291c45c15ead1d91d7d1e9f183c2a20645d0c83fbb3654e85885f38e0bc869ee9f511e5f8cea2307cc941c41311214613a8fb5c084ad18b1622c1fb05d4369aebd2bdc6829df5bf9d5bbe3b7c85f059ac137aa0a2d81eee4bb06b12e8b842b4c7ffb5c0b0100053b8860c87e687e64c6eecea62850db6e8cce2625be29dc81677514ded9c8f8c217fce0e9a1ef746c2301189516bc1db67d5675f61be18b31dc4fbfecdcc7647c41c95dd538f953525907343114723b2b2c11cac627f344c7553194e179b12815839f76cca223060f4aa448fe45646888ee0862f330637ed61940efc0ef3f4e88aa3f094a9b18e03a8e101d16676b72786a5a6b926d163c8733f97a978b665aff31347d9600ad300049f351336dee94cbecfc24642f21793cca17b5ef23e18cbc7b0b5f040b94cdf4f30b214e7e699b63cf96dbf25b8586827cadfabbcf9e3e2d5057a70070c3843553d64ca9063286402c1811dfdbc789d17ac9c81f2ba99d7bb6255188312006e0b7e57a2aee2bfeba206652f16982f992749967e95fc3ad6c22f66a8f6ce224e56292693a425fd69d98615e7688f1a728a079cc53096a7f8a6e6117e3b8325d7e7d9637b0385c78fc7e384eaf4f350c1554d67fe081e9da7ebd4ab6084e182915c087948943163612d18b063bd0a2ca4edb0495ec5557a699ef1cd22d2b772a49f1d1f10294ccdd385142e17dfa32e1b19abdaa0cbf409c535b95e2fa1b7ce76e11ff7ab55d0564737c00d6726da4a104220b72d9d2540b77a0de0c50aec9708026ef2e896c9c02d580beffb54962fd7b757d16684d11dff5f79d706bc73cd7c19874068ea13e9499645e004d7ae00a565f701b0e08b3501718fd0203629d698f164a9107da61fd85d33b18e094fa8af47f0803dab6d84f0587b58294227b975bcd034e276d0cdb5fcf4f151aedb04bd3a28e6fd26422bad0735345153ee8f641ead823d6818a5964467413466f3c5ea9fd78f343b23962b385df01cd17cd9ad303227ca7305c57674ce36f75312a99908bd5656e513cd84e0eb275a72a450eee50f499aca8720e24ef6513ee0eb7a80798b1bdcdc9f9481e01ae171a774e853ab8cfefbf7efb6bc965255c09ee5f433c9fa5e1f366851be813f2cd799673b4eca86b09b73e3bdcfa8002d13cb32ca089c115af1dc9ba24ad1489089acd2a9c8b8c92937dd3c0894a506330de8103c30abb130b92f5fc3dc6cde1f501faabe1534ab1a388fc9c7f3c133d623124dcda34a7cb3ab5e9671d7891333f247561ee7effa0578144523c1e9c62a7dd19a9fe1309c8bf1ec6ab3a2cb6765086de72e59ea9ef377504ea63e7e8843320ddc7b9700ab2f74e7f1e06108998fd4466751d158e78a3e16eb1f48319d7d16a5010600e6c6b0cdb6bdec97a5db773dc57560ffc23f410a8ce28da70af6c28fe99d26eaf671c48a31727fd7c860749cc206c35269dd062f62a42f5c757505d66508463d91038af70a9587928131b2eaa22177504c4342e250a9d97ec73192e9e1c60c290f13d575f0fe5d4cc175230fdb3de75915ab21843eaa7f375eff60703cdafdb3649379e53be7013e4df325d4c5a6971d40a35c86898596fb9c7a45462a59caf035fbd8a75dd08131f1a208e11fb945c0024d655a651ec3c9e3690e8898772dd63fb1509a493244733bc0dcd6e1af06a97880f56605c5b449e8bb6c4ca66e8c9450fc5fd3f2954027ce5ea8795bd4756cfbb9cbad2b07ca3da4ca179913ff1699d1e925259babeb77b389c6cf4e5e76b2d12ba9379e7473d98ca73d2618ca229b28b93c674cb89f84dc4f48166e6901358888af2c92e708b44f1994eb8097e15329f9013142f8df57aa6581e7534ea5766fc8ce0e0cd00bfc60c839160d4bca701d92aa38062e2eba59fe8c159e32b4e12848beaffd21d09c4322a403eb45ce50e431880e23d33c5f52406107e5152e9940538f71c4e2939780a3b3c4cab9ea5117aec292feeb34282ac941eead65a89576e6974c9b0ba029322ec5c423e9b1e1e16d3f31e61769951273f2ab6b323fd69f68f93dd641c6e9896edeb4f72ddfb25aa93a24b5c9921128081b7bf76483b13f6b24dfadba89015b9481cac71987bfe9bf552a339cef5350d8bc6eef22d6f693d751497abf6dd53dedf79859de4fb74f5d1d859252173f30f1afab0d37241d3a1c208cb5e2e70e1d1f7145e2ea0001d0b7fd972e7358014ddefdeb42e2694a4ab427282c523100e5277c26e8594f8c3d208674bbf967a1d7d7f5fe8b6e4b8cbf5e9d271a83c539a12c7e75a2b51dab52ecc2e0126cf9a90cc7bf660aaea8383dfa50eaa2432fa1d46826d6002b52cf9cdb5a9a075c8524d9439e65e6321a26a46a81233cd86a0b59bda323a4b99eb7a95c5c884af84861ae652ea1020b32d79d12f17dec555ec88482e43f8658f5a46a094e2524d77014dcaf43946b8e4b2065a73fc3aa5cc53e9b7d4e35d5b254b9bd081282b02eec8ab3647591741ce98a0d4f09ca38f766c2bc5f6154d60cf916b7f471aa7bbf32a9a60ab4e9376077b83844c3234b56ac0ffaad3e561999cb750989e02321f60aa56cb598dd2a58570bcbac5528aef8b0fccb656801ea698c3b237fe9b2d417c9f49aabe6ba856f1c20a7d65824f92fc2e459150e0ec8be096435ebc5d9dfaa189178f932ecdea3eaa624021955d72b1148c2a1a34ffdfc01d2214f3b93e3719ada17564f7a24b591c2986ad9676a0358e5fd02599ba1a0b227b94e9297416b82c3f9e5d33156599ab6f067fc59aa1b949b84426919e6d06c27091511154118b4a108f58ad954a4f245f7f97b1307c87f00b890640e5e45ef62cf384a3eaeee74fff7dd5bfbab8e57cba04454bd9e50582ea98928997b35fedaf74c80ffe1a28c8936befacc9715e3987fa13247fc4298bc0884cfbc071722d261727988fced77d408062925ba9d5b0ae03e698dddbb076649ee705ff6a21830bb20c698c58e4c01d587d44734b150101284b9547241ed07d292444098d5166b8dc56bea87106f03d5f8c01b45ecdb337066787bccc6b825b0fa4f25c6eeb5cb5e219947d92f3c6f17b08cf63267364c86487767f624828ff1938d37d37431dee31eef9550c1b520cde300e509ed3d61865675ad2b069533e0685b75e673f4eda3c3481eb6a3c4915343b873b89f08aa115a0fc36870ca89192fdb9b04a7748f115283726f9cfd484446f65a40687c83cd505b870718e9dead9af0f0a53a35f1280ccc9fa5e6b1f683d82a2aa4be1d8bede8ba6d55306b110c2aee81258cba4d91cdc6571f7c57756b5c193b3a52479879913623d5b21c0351564bfee80f570812f2c119bcca35badabf7ff46ce03c257fc4eb0f903c41085136ecaa543dc81804842f3503a4eb9302977b8bb1008d5eb050f8b741332059a1145ed9a51161e4bd60899a71d76c14eb49c7698e1dea8167b34a38308a2c07c48fc2775fbe9259bc700b5b7fc0191d2be85e0296ffa4e9a53b43e8b513b61e45cbf1c9931341735d4c20555733a81e2d23453a29c12a28efcd292f39d7fc9732f693b67fca6129e94cfde344f34ae1ef58a9f040966a0ce9eab9ed85b872ea5a9de2a80af29025c25ff79ce289dcd3c470dc574a4ff13659145676bb3a724648fce2110b10e516a10efe0b8609e1640696f4332617d2b2371cd0de1f8e7d0015cf5a777119b516c0c3cfe50", @generic="3e0ad51e77d3fdaf74c67a05f6a04f8ef43f358fb3a5bbb236200c4cca21cb58", @typed={0x8, 0x4050, @u32=0x2}, @nested={0x1088, 0x32, [@typed={0x246, 0x94, @ipv4=@loopback}, @generic="818c6c59ef615b8a29e0022f61306f61d519459a31b9259276b229dcf1ed10038d9acc82ff1b980f5eb52b26d73f0544e2c4a84882b24ff01865f07e4c61e8c3b29846a436d4cb7dc476e371aa9483babe323422cd0091494c484b5d5b8e7bb5c65d70f362cbb3bca3ed0a96f445e503fc2f51057fe8f9c902b3e4e317ff5cd26d2923d5f1c6e9f893b8ba61abbf9fca411f3cff23e3ff72d985bbe09edc3556f1d14f234be8df5a1322f38eeb4192de763ce98b6dd8209a821a6f554c500f73f6e61af1b73eeabf80625b106b43d2ee610de032d3d6a7828166f89ff5a6496f83acc4560c4ef2f04b08ed5a8e6ebb6d65679db8ade66afa7e03de59f8c9eb33429f4e1b0d5eb345fed016ba13d5cfbf3e30eb169987475bb1b1e3d68a6cada36805663f86e09c9679b3823a5655d7100df46125375f406cb5cfbc4d37af1f1cba157fb3363fdde597fb9b27036a0552a8e46560c43fb7a6066dd34b0c63c2c7e4ee324b8df91df6ad2bd8e708ddbc930aa310560eff74ab6cbe137daeda7a3e884d6ac2843dba7f44bef48a42d516d2c15cbb7663d3d4cdee8d4734cb960f4a283487599c030a2663dc437b3a934ef927ffee9e125a0e6bd7ce411d17ad2d060b617b11948be4225aec4ccd3e78916a34482a18b9cf0d824241a03a04ce1aee0aedd2f0fc2a1ab38df3a83ec2808e0424d131a6b4038a769edacd07cdd0f03a9eddf924b8ab01009cddcf13cc42f2804dac3419896479a4454c79ab646ca9acae5a4abdf181b842b0ad7b6ba111095dee89da12611b33ef5865c0cd4637a734151a200be9cf9e2a288fca78025cfc2edb0518ab7ef3f781a61846ab4ad95c86df143e54c21fc9e087099c347c7cc598e02a886404b38c93a8d608c9d519e04a2dd6261071a60fd36198e5ebbcb31f5c023196ed74d32dd2e4343d40eb2a98c86b0701f14b2e509843d2fff2c84f50cd7d5d5755592e4c566eae3a9f0ab548145698f35069c517b159e2653663fdb12a365d66faf98e54e6d63ed063cc9a4bfe93581d1cdfa2c7a13bfca24bfaa3985c0d46edf6d3fc9df43948d4461af7d67fd573f57c8e935e9d999169b9495fae6777876967fdd945841a0b331b64dcb5e866679eeb577424f906a05ce4ee375a0ab98f8d1d9499043aa8a94c7112eb808d0ab3dfe760530b7ef745bf4e3c02a50d9bb2d3cdf154ca1c2e07e9c241ed8f3fcd2a2025093239f651bdd25a8019999ab7ca2ad8dc097b7a926bdf27a1291f2e9e46690f44a04a05472b115e1fac2aee3e8ffc5d6fb212c4a31de61d9adcd0d97182e4cc2c51b9c4cd805c40aaf17d41add068c53002d55706171d0b568b1635bbafa8e54e7624f9824796437cc74852b867ee0150de7184706c601311dd3b3977a11fea37b40d99a5cac91239e26c0d5b4ece81efb470b52f82306ee109eec19195a089f9de2300d07dc40ed969f1fe7fc31207d79cff356cdbae81667766b9c9f299fef3e1fb9f7067d87194f646ea30908057ba65f6663aa6db61b2092665f88c7f8a48ae4c912d50e70ff1a0efa55f3b5994eaeacaaa59c54d8d1e2c3c43eb95d78b79f35466f9fd1bb504336dddec0243a98a82d67e43cb6837c629c648f501881c59954c2b270ed68138ab860eb77858ca2a7790a26a07f95796c7e140095e9ae52c0ddd3b546d96e879970aabde8a2d62c024d35fdd142ba71a07775d55eb252be5f9e35c60a34c99881b23f75f4313ad99da0acdd08a116b5d5d117628de7760a760b2d21d55581cc7303a3e6a0d8e93be6586f2cee20ab43dd2abd7155c3f1aaf404db4872e74f9be32d66b1ee8ebf9b7463592ae0a1ccfc3217d479672137ccdee4e5818d111127e18a19d162fed938c48c7d1de40cba50cdff5da424eac60fa82063163ddf2d6044b6533abe5835386e5a285da01970206c720c41854b8e7274888633bc27e96edcc94b3cb54fcd464be776f712c197f91ba1cd4448aee9b1dae7bdd1fa0b0576f213480d7821f1cb55dcff5d5747fe86cb93891c1975fb91e36f688e72a5535593bd47cf3dc2c8c3af62a0b433d30d8d609d7d8d5ffaf3794f91a251caf6eacc1b3a12f2780c30134607476c840caedc3a74ac13ec952584de3e052f8e1e93017874c5006243ce713ba2555f00373f2f9970aacc14edabae5772a54722b22b4a5bb1359a87d22701c859753cba53aca84d568911ac7ce3970db40b7d9454d99960c7435af8574645a3e73bfc578e423efb951193e351a25479ae26c9ca753048879ed502811cf9c146b3735b4934cd4dff20cf7c94b6e7c31a9e573029f10706bf7c69f882b5c9084277ef53eea44e50d54865da66452f0b5605ee7d64a9ead76d8a44d64c5e2a8001414b584fb01626095862c0d560d67cb02effd45bc8370885c5f98cd1b2b4aa4e8e14f4d35b87462967fbf12ca67a57f8e5c23085ef3340c44e7c3db19a839b96b775ef085e634d687fb9730b09c1d97808c9c849ec103994ab6013a97947dcfde854b59f1397ff7f9c855afa00a68f5f0f67ac387ecec8a0442e936eeb19adeb8d707689ed23cbb1d186944cda9076a00e2f8f7173fc2e6a8ccc8d42e7467147ba91042eab0aaf6a8839c1327e51bc40d1190151d95ac532af8bc27ccc9d98ace8cb04ea65c91d7335102ad682b7fdc611fbf63298d0a07b55d2ae0b44525c3673b947e1f6ed392e83f5c119ca7297ed37f97c650fcc2fdaff29c8d93f7de387d323c28a2f0aa8d6bb2e79b1125dc2a0646779277d105adc6c9321190aa934c6e88c9ffddbe8a38a82177ec850253932d4c1d12cccba541f7494a130e9fcb64f7fece5021de85ef28182c4ec9b4c6e8344997fea0dc55560a08d31a4fcd527b6776611103872ebcd2db78989a51b2b4c5666d75af2792bbcc76bb31dc2c445f1ffb39b7f35fc3f661dc17e8e6254594f9ddf3b6d74a93f05d4c40e908cfdd68de77aa38c105026a306a0b912786c24af4cda1f12c1bc83243f989c1500ef8d6ea62029488108e435dd6b90a0187ae51b522ffdc715b014ceb8dfa7fcfd9480574b5eb649ef311df6f4778f1aeeeb601031f15d9cbb805e0061defe185000267f292450fab73ec7c4fc830d2a8b83e781aeacee47ca778247abbdbf86bae3948623cfa0bde4cb0f8babe927d800ddb3d32e28a680f4d2982fe48a9a34815877a12228a0756b1d9f9c754f0ae66ff542cc3dfd519eecf545d94757df13072b5dafceace92ff033deadc37162927b799546a64bc1e9474108b1c6aa893c4e5f59b9515b3a22e2389293a8b88859982acd3bc430497ab286b07dd24b8319120dfb10b57ce799d0c201becf57df18526675ef57afb49fac49e4c2032a4a325a456a0d04027932aab13c1fa98a92acbb804e8cd64258980759a9286460ca8bc9c656728bc8b9eaead161f6454d2c829d74349e76cac02a360dabaac371ca766160331aa1361ff8976afae64a23116c7a1c50f7982a863a457c617740beffd9c82420c05cb3974400d7eac767c684424ea8a9b6721a02498e9536655e49e47c3a6d04279c660a9d7e3e011c15b5a454a71945bfaa9e8da0418af88eb64e283a54537d25e00077709995dbf107c118f160d9cbc21737d456305b104b30f49a6d3bb0308dc346499dc1fadb9ac93572e96177823e7b2277f6ed3648073849f972465e7a3d28b93257630179420097381e5570814fba3566e56f3622b24bf0fcdbed8a1ced4568bffd02981712898ca3ff4d8581c063db6d6babd67df37b5ca8557101823e4061c19e8446bfc6f9e2ff3ce02305f441c7362e9429e746ca53dda97063f21c091a56e08a6ca0b24b8c9432d2861f7ff4c048e1a52a9f2a7ed648125bf78af717b173073339b24ed2e16f1854bd3f72f05a7aacf4159693970fc381d6cf0ff5052863e17aac8c3adced64d3679a8d3618ea02b62dcc4e62fb03de0464cd986ee3fb8944ef194fe511c378b3be3be52bd2ce4831e82bdd77aeb747c3d5055fff81c7f5c9114fd6bc2468ccab4aff836ea679c73e706a1ac0155379f431d918a4572ba7d3148cc2cd5633306967991aa83a7a582f5ca8eac099efaa3f39b3204fec935567293dd3f633ae93784582c0b3390752074e0b49ddbd02b8e24ea73ed31bae0e4fa43e6a16bbf3b630703e4d567e89ec741544b492027cfc013adb33cb71295116f0a5e8a6ae996c301ff65349cbbda9f32a7f3ea3dc95beee883c8313726df2e392d13a38a51182f3a2aa84513970498a50ec6216bfad7d28debb2fbb4baa45658e661bebe0b38250f60b5d76cfd55299ef26475fac9753c6339aa53e6c38e2aa2118b288961c704820c5b520996a25deb1508090a401ad30d7ef0c41df6a124919d2e3354e32f9967c8ebbd2198401745e47a5350608e507085f271fd4a117457c71862075b9b8111d8798c342e4dbe96e0d0b890b7e6d84bce4cefaa8a1fae1b52899e281a2d11b1905754787c0e995b2398914eade1bdf28760093f972a513f2299603132fec1a69c0d5ba0583a4eb75fc459260a565fc9eea7b660fa0e14f759e86c5294a9b5181bc1aedf0d81eb04d136824a79b6559ba2cd3a8b28bbabc8b4181b8307084fc740a0cf6fedfc9aeba10d4a5955d66f3f534d8d4c2fb1eddc100a35bf9aeda5d4be4af618281d8d98f75bcd64fbe6d02c4e827569116b5dd069fd892dc40da364c531a99feb51a97c4b033316ede3edc4fabbcdce20c616908639f63720319f1ee0761fc9c4a17066ea0767a4501b4c0557c73c10a7d658c20ea8282226aec5c9195954009d7673511bae4713443be2ceeb5f67cbecc29bb02bdf21d5c84222bc0920091c8e0e3d30d92a04899d976a62068f4f70f8d8a0ad598e5ad8db77956cebbe4a71dc0b1157e1ce9ab669d242df372753cd5ad66b96848b99bd5911edd95b992a5d057c04df8606f10a4d379c504a20c0781563f37fe21199bc33b13aadc8ae01cb00482f8b7d52f3ebae962c393a2ed1894fd1f6ddd242780a94b9de732328b476eaf7f24128592b5d8e5a005388fa0109ae398c97f782c5b6fabfe7cf92821e3144b19e05c3533a5289b3f5272df669cf7f198bd78fef8e842e1d1d176d40cf65d2b86c2556a7a5f00ef3bf8bd1dc2ad96e1afa57c7a9c572dc762badbb2e343965d0754a2684a2f2976312ff746c40188fc81885dc4437a9db49bdee2a3e68fd6e4aaeb0b834e962ef9b50a0accd3d00bdb2a0db5e0d7ee8b936fe324ec3b0e8b00f1d8527addebb672be81b5f5dbb95825162d86f44d6f651eae41a58c35c811a196d4c673d1c51a4325cbb254b43b57cb4985669242e0c375fe82ca79e993c87aebf16177460469ef0a4c20ed2ed98f551885225dd8426ea703cc94796cf2ac49e8955a22c698360f482cd1ada88af84ffef4c2994acbf0743721c1537da0f8b993d5ecd7acc3f6c4f5b899dcc0e46ecef7a521dded7425bd97a36c7fc6657cc19052ce4da48e45a9e5d7165fa8cff16c0947c2f8c673fdeb4c77dd5c7f552f7fbb3f1b2950dc158aca2792f319845a4c3a0de48afb267ff3bc8d7301e0b2b6a384464880f5a258cc90db8a9f70c89c485da35eaaf6c09938fba3016cc9702a12e188ae2c6b1cf04063c55fa8ad457be08d22c2d4fcf05692cf50174b45d580bf6a27e86b7581b3233b9cf79c08f4844b6c9982c8912e494c6ef66db2e67d1c4bae471806dadcba4a2c1efbcf60f9115275b18a4724c3bbe335d8f805843caa306a96920c093edf82c4f74f19a63290130350de13ce9c2944d", @generic="45378d2c88de75521b9ff9f7a393bd3cd5afef727e191f70673700f0a7fd23379e980e8f1c7bf7a511c985d98812b5659886b629c3f7d86f5de4dd9d391181991a7076f60901bdd65beaf59ade075078d7d1a38b8493ab74784b0880407b35fc4e63dcf742c9", @typed={0x14, 0x37, @ipv6=@remote}]}, @typed={0x0, 0x6d, @ipv4=@broadcast}, @generic="1001cac77d0aa353a87911f92a451c96257ed6a6b7b8f3ee2e8f628fcc7010df2021d327", @typed={0xc8, 0xe, @binary="b0ee24da78b902591d68f0272cfc9202cb338579fe5393b68a03a4e39a56b83412dc5ad6dc9f04daf6096ed49cee153d9f84a50e21ae9ddcacc35b1d02a3d6e1470b75d414e3eeca31e5d5f83630e156ed5df760fc715baeaeb556ff0d83ff3edac55d487cb570d1c434dc4c77d7a1d66fcba86d2d97c4d33d4ede985190e77fb91e54df0110a1f64f08ca1fca054e816e2b74f2a05a95a7b846ce693ea91c2576e996a333ae32b4f107cdcc1d1864e50d827117a35f3cefa0d4b2cfd55504a6b6"}, @generic="5136826249cdb3234a8a2018eb143211dd7d5077ed85fbeb2916c9ac36ecb662e7845d86104286c9e1c832d3ff8135dfc88bd355c4466c6ccf9b465d55045ec2ad637af5963d93c1670605e9ee57d1ca4f444f8c63b4050b13f91fadc8c7ca7920486361f4c0f52aea3e9d400c6a6533d1148743dafe7399337cf5ca102610defbb4e2ed509e64ee648321d3b6d575e2c90712b49f079c7f85bce8"]}, 0xfffffffffffffcdd}, {&(0x7f0000008900)={0x10, 0x28, 0x100, 0x70bd26, 0x25dfdbfb, "", [@generic="a0e75cde89b72c005c65b6aab587b0bfba3bf005a8c7ca7d4fc8942f5ca505edf6b24ffc321c9839537a96bc02e358ea7ed8082278613b4df577900000000000", @nested={0x0, 0x49, [@typed={0x0, 0x77, @fd=r19}, @generic="fd8a2e54a4bd43b8c946437bda", @generic, @typed={0x0, 0x78, @ipv6=@remote}, @generic="fe7c591af1304c3aae1ae04172f9069eca13151bbe712aec69492db6e155ac64747b211a73f6e1f55dea7b4abedae3cdde4fd6e0e14444a066e4793208b9da9adcb05d145204840904aae096d8d110b0873a31f0f7c3d39826fc8150e8e4dff0228df2fc5f7466fa296920e30e3354ab748a5095b15d90eda01af7ac64f1ca678cd433", @typed={0x0, 0x57, @str='/dev/video37\x00'}]}, @generic="719495d5588b95f0a3c5da6db4f9cf6ce5e759d777a69e33b092298c2cccec06411865ccea443c9cb06c593bf05f7dc8fb0cb64a4de18e8e5368a36497ae1e5905b95cdba03756d4c7c9d1055c6adbebcf33673afb0b8eb48d401f00a760251ffc952ea3cd7dc6a5625ff092591fbd1eb233f61265f80c028d066b8d848d99f6926c71e6c3344d60f3ffa1e146c3a9448a0c9ea43c6354df35e5c149ddc898cd3fdb614917a0c0b204bbee6c04f320b55eb53d6b27b9c54c9fcd515111f0730efdb86b41a46a938d6c2287d271e6a8e56c8b0dbf190c3cb5bed3530951d2a2f89797e6a5c3ea", @nested={0x0, 0x8c, [@generic="909ec021533d6ad8ee193276df230669087ee6a65efcd307f54f8157f920a67bcd50093ea860a3aa05ca364e1f05ee5809a09df2993035df91fde71653e538d89063bbcdc405b36f8cd6282db6e2d00964b1b7444fbe4622bca3aed9f537700d00b76f7f2db0405b1ccf5f9fff20416d223c73c2a83e39a08ebd03a9b4c12fff3333705aea3aac4d9576025b51bce6170e668eefac6ffa2eae77f80def98f2da6123d8fc0986349e922b5f1ae783cab70c5813f96bf3bfd30c1c3c8a83942a905a1c9b4e412aae82494e2b86ca8d4538bd21a607b95050ce6a0a643e4af3195c85ab", @generic="c051e6860267569777760946c21d0b6b37c78472ec16ef798d448f3e35bd1bc1fe5d0dd33ca35578b73fb65bc2a779fbee1a1b35036c36fae927b04a9e57b8b70f840d39e547452a9247a3fc1e39ee1e9982309d022aabb4192f5778ecafd04645a4bf3027ae44a7408552cf3cc7ac982b9188a229a8aeb7bd307887f772e33d14e01ff4a215426fcb90fca3f15b345a9b65392a88b446f9d697e80c56ed06eb356a058d94fe1c0e80ab743bd0e3dcb3252a0cca5d720e129c09c8a69cbaf7931006a84c087db169cb39293035eba2ce0ee39e797efa9282227fd545c1e553186c9a1ff82b19d1b92761a756007efa3fd384cd3f68005e7cdcf33d45bfaeac7247d5dd67619dd1af31b74ea9e59e05295406158fca8c74f53bb4da5d25f802ccb415901c402cf250c3a4e550f13978092d03512e899b5993e3dff97ca86275cb4dff0a8e440124a23c8d9144d70b793f89816bb61f51d252e9ab53dfb2dc0c4227ea55d3969ac19259dc1956b9cadf4e04430081405cc51d792316f18f5e1bea020380a2d5a088d1be2739f76e9dd1e0101bd56e75fa0f6316465d4cac300495fd466b0461d7d44be72ea189a94887362114fc0374ab520146583cd7f79da8e26794b7e2f38b29f1e2a56d7a5ee109b5d933c34cfae172e9dad839e0a0b418530e6aff6ed81ef9b3c390a112b9838e92510c28ddfcd5cd93e82795dbc75a6835eb21194342c3521a63f401a3d4af5a1c6c7584545f6e8d6aa10c187281e2a88c5df29940efe574f7bff3c132701e63f58b8821ac58cbb0867a53ff02eb3f7aa3b8af4c9f590f65e6d81c9c1a22af1bc61b1b6a15f3824b18bc98123d4b5f7e3a9070076d1d75e94ac9f2f115fdbd474309ac5d41e986134ed6e91b4e13d48cddab12173d2496d47d5c2f7ed999095a09041e39830e0b9a71f96f71d74f2754e0641e54bbb6bb24a1aab9437b859b4e9d182de36d2e0d8bed7a3fa68e387a8fccdbe14424b2b95293879928799fa436d374f037e18ba143e6225b2d64ec411f1d95f82766613d513e79d67b2b3bd50eb3b8479588231e17cf4bac9cf8ffc06fc3fd579abcdb19e34e3f5c6365bfa40e8e5ff7eb77b551d6ee232b9a9e5ecb426b2315c28cd111d858a3cb3d4d5d23b0b66ffc6b183b8167967795398218c437d08fab804dc62a85d7e822a9ff80e67e4e2785efb49fb88b42da15615cc9cf22639cf882cbb3c4327ccf0b41f7db5188d341a600d2fa926b24ffa350170dff8afb599ac99e6edcd6d6f2bb3a0c878bdeb9e1fd40a0d87d29b75c56ab273b0fd4a7090eac7d8433add6ff8bb449e3c966de62cfd4730d890e0e4cfd99f55892dd75886d017a07ef9fe5ca9495605817c8940fdb62858077d6cbb69e8bb8d7ba8e39d7f4920c811373010d5b539c02be212f386b679d6170a06884d723285b3f6b0cf9244cf75ff76afefeec35464186f790d7f95a0e672e1b2aa77b345a036786762217dadf03df43b99491a6f88067801c9fe762bd6e44fab230ddabdd027576be216f6b433635342b2618a7f305a65689dcb8887d2293bd6efe7efe715ae91b6a6f41c93278f1d3ee36dbb9350c24eb8fd9204de23a402fd488e77dc3d983dde6c6dae6efb86e8a2a17c0d5c13671f515837a4622691e63502af1bd254c022e96692d9c9aaf3e6401d4f871ced757d5efc27324a000d04b6a6e11c8ffa86203f74e6a3df2e9f6d4d7013e1396b39fd5e722e5afea001b3d75cfe5e2a834e5f574a62619861b54f533fa357725c132c493571078a1181b856d707e33a2c3569f854e8d261e5885124b21c852a9c3a9dd8339dd917a04ebe4e43da57a6dc0d053d2711b1e0dc7bac1a2c4cff5d3ff393bfb675af8658046c56514c2f6933a9f851515c64dc4fac0827489ac08e7b311292f06b6f78e624d0480d7c311a7b3756953e07775649606e1fdcb61e3be1569787b625bb87f834ee0f61ad07a17004e900fa49bad1ff31298d2a0c534dae78a3a4de331f22171200401bf5043ed856d4185c104c70c4ceff54b73d4f13e0ccb51561c59e23b533b803e1635553a9df9ba71e8443fd765334d1a75b009a4503135449d4f3d3784541ad37a515621953d9b2e81eb831dc6d6f230310af26934139ed671e7c6f204440c5189a65cb33496d9cda1048efdd4c6f284f825c7166b2a350155220133a866945f48bbbdab3ba01f65f03a589969a3d1af78d305d385896463aed3a19e859e8577415087cd8e8d7212eff9667979f447d3c0675ff8515bcfbe817d63ae359b28074badd564271e1d235352ad5786cc4c036c0d09522eab05414d3b85dd92b1318879ffbce6269ce09a923c3bbb5ec7087588c0c9fa7e816b2ff607581c63eec5c9b04ba337505e495bbd4e752956a64b2b1a67434994dcf71e3d4982e9a00a5df4c971454b282735c197e58b5a2d262ab61acf6b615e8888939235277a179408d602f274e3282e17fb1f843ef5a50f7f319450128c928b531fa9c80ded3b29271c21ef303f6c63aa08040e8176316945e04afa74330b09869b41c6a48fce1f306096c02470796e22846b9214eb297c3e969e5c51714a1187414aa02558b4a719a1945b7b3ab87bfe0a89c85abcf37ad17facb97549ff5221ca23689a7f95fe61b851f30a234ff0e11d4ba79bbc3447e64acf9e57980d04a15700e5cdb1436ab18aa8e77ac923817e775d6b484d975454f5586ed2bb1f619747f48aa1bb02242c1c387e53039a049780f543cb53dce6624f75b8335648798e5012b5ddd7765b2623ee2c0ff7befe30d795b2ad18ef82082855ad2f5ab5a0a2981c50650fa90d1d458794e66cb0ee982d2f3f541b8caf67a89c37cc5c6d627bfb2d11a5af15aa113f82d73e98fad410142470d45adc31759bf0122d3c0abdb9c661e649d5b2b1a75b169f35112cc57b6ee0819d0ac21b3aa511a06475a1aeb3bfd3a8ca993f4450b8e7f47de7aee640092dcebdec2fa7d74aab87c5af4d575270f250ba5f00ffcb5b26096caae0d820c2ceb2666f45878359dd190a754d84f137404ddb4323c9a62f058d4993392d699291597e375514192a5dadbb005387e52c4afe09ceeb1ccb9546e03c6149927487415b041ab049f7ed849777a55f6ac218fd59f200ee05edadfd4a1c5a74659ce1a3bf0c63a4c25f9230f77e3da2c43f7d131b8f40ca200a8128129355f6953b35d4570cc3d6b183a506508f65ed1b1e8e34885cb809527817f43f6e1dbab7be3949a33bfc5561d52ba6c621d275f1f34d5ea65a75653a253f0c355e5663407e51acec4077fbdc68c12b8201949ab4590da408fbb59ecaf13c9885838da3b9aad244119e70a9bf76e408fa8110720205e9d13abcf81657c3f939dbc73113f75f567e73c7ebc845e016569a3d77b3667461897341348f75e81a1a028983e470095cca543805c0615f458b56fe93a4c16fb432b7b133de6eb6ae85d8e7747b51926ef5a5bafd48bd9c784fbb2a3bb36a5d97efdbda9919110249e08ebac79541870ec099152747d54fbd4b54e32a5e16bc9dc7707150ce554d077aabc1a2bf203b9de95c6926941f1663effbcdb3b78ddc2fbf76130ee703cdbb245a542a69849c13d2ffdc389e6ca2eecf2796b6964807d1ee277bb1587b85c357b5bddfd0a5c989000cbf4af76d637bec3c9013f706d89ba211fbea841821ef5612efb18332e2894cf823886505738e7364e1f1ef1fb4d8e4eac0b31abafef8bc47937ce582162a5aa69599298cf2b40c6718d1eecdbec03cc848799d70a1f7b68cac693d2ed555e3277e0350c91bf9ba7f772b329730dc0594ee784910194739083ead7ae5ca9c82efa4e1dbb6b862364a8835cccdc184bfb005bafc1419c282bc650a14d32d2c4a554b20209d6adf63eb04084b8678c85b9bdd38f0ee04544a95e71d57c7a94ef645a7c664e87faab535ab142aa44d859bf32a554360b55c432c5c17462b141d8bc390c358dff052529cffb3942b9d9a6cc5ffcb3d8c1a9f39ec810b1c332aaa90fa8a1f74b70eb6bbd6f35fa31023dca48f4c896b02ee8b8d809286a8323badf3aed5d19b08be2740e677dccca1c11611a8b12cdbde1c67cde1829ca8ae58fe7b1fe61615f0e6a5bedd19086dd8d075d0b51bfad34fcbffea6abe7c126c1e6bad7d3f44560532cc7ab720461e973c795ddfdc1cce4206b37f3e0c1be4dd6974eda3049737bff42241bb19b0af80cf9bd73fe8ba399faff23dfd7b9b2d2b2340f8879ccd00dd2a705dbf3419718935b6a08b8ada9509b784e2ed6ee87854e3421c93a09d9950338fab49288cdfc67bdb06a87986341b9704829caa2766bc13422b56f07213dfd904186d670f82a3c304f9665daad55a28d1e00d6394f51c395d3382ec47a08d4966f31d17e021d8d1f11a024a5874c1bf88617d78b380deae0d390eb6e1a88265de865b334a148562fb2306bdbdd469c3e2819510e16169b49315eee150997dccec8e649818e5af7f4725f7d03f919ab43e5b7cbdeaae3761d0818fff126737cab83c7a7eb582eb07c17ca867c45c77f588de6968a379002188728067412242d07a18612ffc3b98b54d5eae571f5135b8b169d537fe33c6aa29416cd812462c53bb5a55cf6968ecec60084100393da1d5e0fc0929714846de19de1e8fdaa4b10271045a18a07fa831e9d60b0ceaadb3976d98e9f6a372aa63fecbaa8a543ced7dcd4f0bd276f42841d3f23011ed862ca15bc07e787ce3afcf0d5a44867d473f3a8bbce515ae1b6de495f810badd36a4e294fbdb3b6fa7ca27c837c2c8af41f46b74bd0d91a257ce644a006363f9425ddea90ae272797629a3edbeb4ca159cc5bb167e8149a40dfe03215815b91fdcb31c06d9106fb44c0f591042af1645f79f5170144edc60fbd2140660ce196a1555c25738cf0127e8be98fa6f527a03cc1b9f366f564635443a17333123ad421f3fa99d5c9afed8aa9497316c45c46d0f38da778e83dea5d6033b7bde5d66ac61122c3e2618d1e2d6875799dd4785563f706e4f971c50470984bf3bf8ba3b5e1caa6582b01076fd7de91c1e8cdba243aaa2d5d828b19aa62341463a3eb464c3f3ebe0bbcbcba7ffa118683a5a8efe11cbb19cfe1bf497e90519666f99e51f1c87fec41c792acd8e03feb0002899ad542d69348ddd24671a3623a62d71b148fdcbd8f9ee116734f85f6b1090a0f1d676d81b61f71771f2f41d392e9d531b5e9f70c5969c24e1153ec0475b37a3455c59ac26190f23f1f1918d1e0174128d088b07b628b2ed8d015c3fa9df4d1517afc2ed7b3349b26c1a16ac4ab9bc012d0f4f6c90fe21cb7f38a79ef9ce2c21137346bfec2c3801f4b3e3882adcbc293d845608c47636f34c6e8cdc38d3bd0bde70cde32bcb69b9a4ce54cddd48d441450be2ce35f84db900c0ca482a0d31bc5ffc5da0ec257de4df0cb29533367bcde4faf47963533fae60afcd6ccd6b88a617c6abf047a73a109a3410eb8e78707b5bc83cb3a09198084466df2fe432448e28bfc3cd8a70c97691cb4d3634e8870c35835b07c4d7cc77d3c7dac5992272d7fb0684ea48a548fae3dd2920a13e03c0b2de5da37a7722758feed6a4ec4788e2da99a6dfaa515281399030aca4dc53485e2292fe8eba15eb5f60995bb5e63936db3c4a7f722ae5c07f30592aa4f3dfb17810f21fcb243d2b25e6903f50387870cb42ac1428a67ca2142445a6a21b2642da3350fadbf2064971a900f3e23a1e6c3f837bf659348b84d0ac695ef03f348b24498522a6830438baccb61366d7b8", @typed={0x0, 0x46, @u64=0x6}, @typed={0x0, 0x5c}, @typed={0x0, 0x41, @u64=0x8000}, @generic]}]}, 0x10}, {&(0x7f0000002940)={0x1024, 0x1b, 0x400, 0x70bd2b, 0x25dfdbfd, "", [@generic="6b6129f809cbe78cb4bd6454bdfdd7fc2739472e653f71adb11cff3b62576ef57a83d15172ee91e9655d088ebb049108bec893110d0728a537ebee21192fa0b6f10edf61bbc3258a69f245a06ead9d6cd4ffaaff8970be13a34e2b885f783235d7ad8ef7b51deee5ae3eacab1dde5324ac55026fdfae71567b0ba948ff024b34557cb710b6db4e69d6d223347488996ad77230c84d9002f28dc60a83ceabf52c59f25eaf2c36c3da356fdf25d6f27ac6cf0e672ba247c8a7fa9cbc12adda82cb4e30c9672609fa9e5b7df7394af12d5bf81d7cb97174d40850c2d674f8cc81ab3d40610b98700c5c38b2e52140cffd223ab382d241d4f531cece1fae95a094d03d795c74412d4bcf48882fb55af0c5dfccba9d1d0c781e1b5eac191c646bd2141039c87329b7fee5903d225d5d862032daafc0db57db6c48d61043bb6869b344736f20086a0dd33f35dfaeea6e11584ee6c0c918782db9bd86c827e2f46877854bdb9a93e771b2ad482f8bcfde075587328ee582f7b72d16a0f86bd7be9b15b47d158bec870f1723c46db879fecdac62ab6360d7827937b5f1d23195ba71a5bcbb8ce072189c6b93b1e008401a300a3e134de99621b95c75a0947005ac778d79714abf32fda869fe3187dff91a8c8041fb49f5be7922ad693a49bde1591308b6f99eb10d14028aba432dd8ec30f59a3b4dc19b834c3bd3e32dbd6296605a59e17419e357c3390f001580d9bbac3779a7bc33d7db7f546c9866855a0040bfa8299cd1423c440089e34f2af74b53f1ad9aa0ca8a4da7601438a8ccdf3380b05414b81c85931a7a39e97ca26dfe42b2bef7db7740222878574c349eee835ac29bc3af0fb8d3e360b96d7aeb1ce4e0cc659ebe920900d2591e64c9486bee274dfdd00a04e0587088a19373a98627db50a3d47d102799f4afb44f0eb38fd1a89e849e708ac41b9aa804a0a83773a04357dd7abc658b69e3d6af0fe1dd6867b84c65e1eca1449eb3109f0ab44d408de4ff9b39cf74b99fe06efee509dbcfdefb65c1d6beb359ac9ac78c843c5d7d326af37ee0282a67ff9d17f418814db0a7982622f42eac70c8b90f1509530ce33988db2028f0db45869f8be10a9dd19287962f03c7d8869afde57af3c7165ebea5f26d1ba147188ab3b11909daa5269eef17d49ceada02d522beb4bc4ceb8ded1f037ed28fc83beec76810ac08b79b50029ed683fc7038ec81507448a0d56453497320a2677e4d2cc44b017b18199408814fb3e075d7870632b7d13fafa1eba6c975477fd780cbdf3733ddd077a4b764ef908f9417439d1892a7c7efe92fbd9dfde301ed6a5e3aa23d4953658b69cf1a6709badd295556f973da9683f83f6dac476f0ed49870d1243b56e12740032025ff28fab3194e5a6040aef891c353c154cdaca8c86c391e8adc26d17d7e576ef338a30faf396c099d7f9c09aba5f8898ecbd8a2643541184292821685b69dc3128fb015559273af0e422e098912927ccaad131671ff11cd44132093e42d11d33f18b8fa24153ff9269fb53cd44c087d13cfe4b210e9ac7686215e9198e90a4e234e795c6046a9ac93b2017710c1889156fd3a177e3f2f48146bd6bc0caf25306494081c493e39c08a71c5d4e4cb4310e05b72fc4d813f61d4ae93cb09e77b811f2779c95c38f3065ffab16dc64c1a11b5a7a24f86708f83c0400bff1424881d40f7c07fc59d79160d859d03c0e07686b3fa346e589cbc5e57cccdf9fa4c41aa5cd3946cdfdf9c502a94c3f7749be98947014fccce312976f454f06347a076e393fd6c314639f6fe3a25842a7125b5ca0e369081896b9ff77380554b188d8261f147183e8450d785b6f6a322203904dd51f68e4c4f24062c4eeeb12dee93ed615bc613d4ec2fb26b7adedbad18208b8f05aa0b37da4d3fa6f8c4b6a9555599b824abf507a63f951c3e3f31749bebf6ee87ac299a855022ee32323ee282ae921b18ec2d3edf57c5c946fae5c984230de3d5570223be9056c4733b8aceae89f1e2fff7300ee72783148492625018f57569a122a54c592473e2cdc70b5e767ee86b14537e254bf7a97b0511b5539fe988dc66b41762e643eaa6db5887191cda757e0702ae14e33023c2910e9d0da89c38e774d11b13445faa7c885e71946f18524e79d790e4e411ce42089b1ce04d775d14e076fe599ba473993b8479eab5dbf4cf3217f16daadfc2986b4d17d84457fb2fa86055ecd6f522fbc10dd7ca62245929dd7af042659e7f676dfde742f04255422f086edb41264e3d47a0b0592b6f8e7ec7a9b9bb704757dc2694cd614f4edf2884fc4e5a3ce757d8afc155b62b38af097e38c27e2df8ff3030603cc8f4142b5dc92c039e3df0250add668dcaf795f64dfb8e522638fd897d6329785e1bb60704b1e4a940f8939e0936e324fb3a234398b71b7e059202d00695ce3f1c1fff0f3e694f6afd657a3fbde6dbcdc202c41aed706fd161a020037418a02c6be45fea55da7afffb952392f87125daa7f4241d570eed9b774c38660a763acb38e18a2a08f61c26175573958f83139a3004d6949d0ba0f5c3f615ba801fd8873acb2c61a8ca66854a09663d196538471225850257033ccd35cb72454c8f85044c664cada02a2c46be738f1474bc5e612fe36725e83f9b39b51537248963ccca227ee03a9db5572a4327103fca5d7be0e6efd2afd06f9c3ad2aa146d0dce52e376ef2f1601000c8411a334244e1fe18d2b5be2768623dc01efcdf05b9fe8b914a6ea8224fcf707c52d7478a482411ad3cdb4b56f2bb0a7eb50808eafdd496757c0e73112ca45e0b50355b5f00339d3b1c2cab11a282b968e4a542a4485b8cca552e510a8f04472938ff1f7e577b0a36fdbf5d641ea4d0a89e6221937178bd475f39c698dbe79b439f49cbf1a33d1819841b6c9f63f5b7541720ffeee9aa038673a1a8cb2fb522303dc06e0bc95d9a6f2a41441ab69ab787a697b2d29cf280245efae5e6c76291f50119576eeceaa01197465b99b2777bb102bd042d11d0fd83eaea6407b055e3df5d55988d15f0dddb780fd73b06cb4a7c5d522eaa9aa187553243eea025831c58811c7cd0f2e1aa61c469a4859f37bf04feab0239b924b06247e6db024a68f92b842161c2ea23f98123f167901eca5b1c23674cb55cb170f7c221b93ddf428fe012838d7675f9e9f1d82f8973a9003075fe3fb55e52063769ba5d7f50fe4552e35cc3a793421ec45969ce7db5da47f9699cb8d7b7449a028018b92fcdbf3cef74b8179c1226dfab0cfb017df0245d9f8b9ccf76dc6b002119db740c6085f8fc672a6ec4ebcd5756efa6afe3479236b2384a3fd0a55d4360511d603ff9686e3aa73108c0e269af402a93a14ccb67b64c4969c49fb806508763afafe8fc191439ed2659e65d15430aa0842853bde87a65401ebeb1409f038951783ad5e1c7ad33af1cf3b60040ee35f8779a941410595fefa54830d1a9fb31ff2839348e88320c2afc27ac49757f0ad3507e592996441c947cd7a3aa5926f0aba91205016b743d0f4e946b395b346f8f66bf4ca644c9063d1ac3da5e535b182150db10f983a9c8818031720a30402f1a2f7874d7c32c0561e02bc95191ddb00ec811f0cd855ab44c30d4431feb66374f5b64002288b9aba47cc10299e6cd55270b6e129aa47258ffb0f81e7700083b3d368695bee33f61d10c7d131d474a21bc0df7aa624bd96feb2769ae2820577a6e106ac45e9e4916c91962ac425b16e6af646a4a18b2f309db9335c642f52e7a0b8f1c3f4cf1c068510e1648d00728d98e423cf373630aaa93108cca7aae2972a392cc458c7c7f34ea46cfd652f2c10294f36d716b76a24e50f8fca72dbc4a1cd93573c2e70603e31ed80044be1a7302f5cdc486198f7a2369ea1554c9ab26f268ab805d0bdcb5e09a516d3ef5dad289a1c3455f62295111974997a4cd400dbcec9b0560b03132bec72c927b2b3ef0b266f0fa7acf40bc57899341feb3858b6ed4002fa20f87d066d7b37d899fc15c5e09610491ef6518a9ce37fa377883c0bf3d4694d1cb9ad4e8573f7656708d4771f59ab5d784043622be94a410652c1ba39b7a8bbd74ba4542fca3ff20f2b232e793173038839b7dbdcee0a574d3220623d1b0d25a6e66528e96ab0a1231431648458f9b7cb545fe3792cfd30206375e18702e357495ba1542f4d2e12217ce0e8a8013d2b5bdfab72675e317a23ff242fba6363028d921b2fbb82588b4bd7e43bdbc792e7fdc0b4ff11978ce6d6a012523872e11726e83f4ca3228ab65f3cd34886a93817214b900650d8e077d7fe410caf13c67697fcb7940c6df8a794ec8720cd515cf93f8e23d6dbaeec8dbe0aa39c412d55a2401035d50d45146ec47da763717e605311d83b4dfa57c1eb6e4d430dbc4b8bdbae6b86b45c49202589ad3abe21008678e556563567898a18086b0ac51916e1f8d9ab009a802ea6df5a242ec2a6bad7b4932cf6e8183d0e71f0c58e97232f72762b13d47223a8fe34f6b90772d2f4fc36cfee0cf524f9eb98122397e537ecc154a5ff4a7cf340fe2e04950591a1667c8a7c07f1a006a5e7109526f487c9afae83143f701703fe88f5a0d56e8f250008048ebdc2b9e9efdfbdba9dbe84f3cd8b87b61ac73a10f3fb19e6492dab375b41184e5793e97dabee316041d3fe81b26e90dfe93fdfaabcd545a6040e6a5ce5ebdd2d02219da39c376a83588d54b3248d8b6a9fcd54c35bb3386f663ad2f81d76b63b38b26c74ae9b600977ecceee2a843111dc3645f2112ab1491b75dd2af1a182fe447d9f29f5c36df989880887d256917cf98142a730b03ccbf777313528be8dede5707834b44d9217b3da1b02a9b5f7ac113364644f16a86e058b6f2d3479906c7c9e7056a24c76bd32c4fa463c4118ef7c3c92681c5e52a0e79ab63fe34a3a94e96175663e810481c64f3e484a2254d5205b216a4698f73cb8546eb83db236bccc1b4d060e56d628c037abaa3226aeebf3e6ac249a9002d1ec0143ddec8457db15fd40670d231c7c5b2ab5ad1ab38a73f0acc236abbe0fae41297cffbfdec96f8a5ba63ddc37f945cb33c9cebfe8796f4932dd20fc2782426794691c460b8b4b1e9fdfeb4f418ad982b87344d9349c9e7a85568efe64fa9ddcbf73782641a57da2e3861dd38802af8a2825f1f067397eb6d8890d229d575981a9565ae4cb9520a0d05df094be6f476f94b85e8acbff9e22ba7ebe4823110fbf164c9a63fcc6d0e85f2dbb263b84f5b11347bab91027fbf231faba76c8d523f7f1e6fbcdb5276f45b2a41cf23467beaaadb4cd20db24e59584e2a30d1edc28af88f6f91ffeb681cb09735e79b888bcca4f789d2ab3de4a903e3ef504424c8f2f330aa0a769f69cf8e80aa61032a32669d139309f4129572692f081653c28b182eccc1c29a530926590b3681ebc5336a2c8f32cae42f209e0a25fa5c6d2d8ceb35a59cad6c4763732031bccffb9e12001ec8736a8cdc2a51259afd2e76927d3072defcf86f283f4326402027d2fc53b70db4126e6b7208ebc818e43f3192f06bef5840bddcd953ba0547c25448d20b0e7d55d7be76f3635edf493b8a4cd2ed581428dd6d5400638518f2f2c59a82d89fc8d04761e940da3062d513fe6d784a06b8f3d395c3b0e6b78925bf07de4c15facff79b8525e3121f1875ad5cc2f005f36dbe2dc8baec90a560eb897f19f368f03cb8a9faf17abc7b4306dc37421268e483a7dad17bb1f5ae80195e1427a007f542a7a46e2bf5872d98b51260463d28a", @generic="1c7ad9d613b89bf92f0369bdee01c13516"]}, 0x1024}, {&(0x7f0000003980)={0x1a4, 0x16, 0x100, 0x70bd2c, 0x25dfdbfe, "", [@typed={0x8, 0x8a, @ipv4=@local}, @nested={0x28, 0x5f}, @nested={0x8c, 0x3c, [@typed={0x8, 0x67, @ipv4=@multicast2}, @generic="fce537d7edf2199c146eda6ebc575d8a2c359f2daa48b845af2b36c9ffa6bc6182081ee65262544c2a7755f853174ed96a01dd3325dd6cf44cf429758c4924430185c750297dc0f3b6ddb85500fbc972e4368f22af29ffe666e0de84f80f0cfedf211b5da3f3bedc578b97b17f85abadda90784be03af65243556fda7d"]}, @nested={0xd8, 0x2d, [@generic="6637be22380b522903be325f16fab35df87c66ec7a2461820f577b4300a48eca21ebae7898f8f092f95563cf8052bba4f04265f69feb3c037160b6481d66bb63d59352165ca86be6e033f1d2f17a975d64345e8e4eb074967e105b7daa5fba678d83cd657052fd8da7668ded0fcb18b4adc96a176cc29cfe5a628ddb768eb3c704df9afb7a97c104b2b24805f0415ac7767bedfcb824d5b000db7deb80848bcc90005ffa7edbacc9d4a014aedcfb13732d77f9f6b67a1e69d0cbf6631d84d680bba4cedb8eff05223bc15f377079530c63"]}]}, 0x1a4}], 0x5, &(0x7f0000003e00)=[@cred={{0x1c, 0x1, 0x2, {r6, 0xffffffffffffffff, r8}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r10, r11}}}, @cred={{0x1c, 0x1, 0x2, {r12, r14, r16}}}, @cred={{0x1c, 0x1, 0x2, {r17, r20, r21}}}], 0x80, 0x4000}, 0x44000) [ 266.366499] should_failslab+0x9/0x14 [ 266.370881] kmem_cache_alloc+0x47/0x700 [ 266.376139] ? anon_vma_chain_link+0x154/0x1c0 [ 266.381147] anon_vma_clone+0xde/0x480 [ 266.385341] anon_vma_fork+0x8f/0x4a0 [ 266.389900] ? dup_userfaultfd+0x15e/0x6c0 [ 266.394854] ? memcpy+0x46/0x50 [ 266.400013] copy_process.part.0+0x34e5/0x7a30 [ 266.406217] ? __cleanup_sighand+0x70/0x70 [ 266.411952] ? finish_task_switch+0x146/0x780 [ 266.416902] ? lockdep_hardirqs_on+0x415/0x5d0 [ 266.422373] ? trace_hardirqs_on+0x67/0x220 [ 266.427543] ? kasan_check_read+0x11/0x20 [ 266.432814] _do_fork+0x257/0xfd0 [ 266.436385] ? fork_idle+0x1d0/0x1d0 [ 266.440552] ? pci_mmcfg_check_reserved+0x170/0x170 [ 266.445844] ? prepare_exit_to_usermode+0x293/0x2f0 [ 266.451744] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 266.456534] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 266.461297] ? do_syscall_64+0x26/0x620 [ 266.465274] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.470625] ? do_syscall_64+0x26/0x620 [ 266.474613] __x64_sys_clone+0xbf/0x150 [ 266.478697] do_syscall_64+0xfd/0x620 [ 266.482669] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.488146] RIP: 0033:0x459a29 [ 266.491350] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 266.510412] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 266.518337] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 266.526079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 266.534613] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 266.547663] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 266.555304] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 266.598105] binder: 18729:18732 unknown command 0 [ 266.623480] binder: 18729:18732 ioctl c0306201 200001c0 returned -22 22:26:50 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fcntl$getownex(r1, 0x10, &(0x7f0000000000)) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r2, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) syz_mount_image$vfat(&(0x7f0000000040)='vfat\x00', &(0x7f0000000100)='./bus\x00', 0x1f, 0x0, &(0x7f0000000140), 0x20020, &(0x7f0000000200)={[{@shortname_mixed='shortname=mixed'}], [{@fsmagic={'fsmagic', 0x3d, 0x8}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@hash='hash'}, {@obj_type={'obj_type', 0x3d, 'wlan1@security/)(-+'}}]}) 22:26:50 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:51 executing program 4 (fault-call:9 fault-nth:19): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 266.658061] x86/PAT: syz-executor.4:18734 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:51 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x630d, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 266.718989] x86/PAT: syz-executor.4:18734 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:51 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xb898, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 266.819942] binder: 18808:18835 unknown command 0 [ 266.848524] binder: 18808:18835 ioctl c0306201 200001c0 returned -22 22:26:51 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40046302, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 266.894588] x86/PAT: syz-executor.4:18854 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:51 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:51 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0xffffffffffffff3c, 0x0, 0x0, 0xffffffffffffff31) ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000000)=0xffffffff) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 266.990845] FAULT_INJECTION: forcing a failure. [ 266.990845] name failslab, interval 1, probability 0, space 0, times 0 [ 266.991324] binder: BC_ACQUIRE_RESULT not supported [ 267.033569] binder: 18860:18861 ioctl c0306201 200001c0 returned -22 [ 267.047846] CPU: 1 PID: 18863 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 267.056304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.068771] Call Trace: [ 267.072143] dump_stack+0x172/0x1f0 [ 267.075902] should_fail.cold+0xa/0x1b [ 267.080082] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 267.091033] ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220 [ 267.100513] __should_failslab+0x121/0x190 [ 267.104830] should_failslab+0x9/0x14 [ 267.108805] kmem_cache_alloc+0x47/0x700 [ 267.115497] ? anon_vma_chain_link+0x154/0x1c0 [ 267.120561] anon_vma_clone+0xde/0x480 [ 267.125863] anon_vma_fork+0x8f/0x4a0 [ 267.130972] ? dup_userfaultfd+0x15e/0x6c0 [ 267.137140] ? memcpy+0x46/0x50 [ 267.140619] copy_process.part.0+0x34e5/0x7a30 [ 267.146440] ? __cleanup_sighand+0x70/0x70 [ 267.150843] ? lock_downgrade+0x880/0x880 [ 267.155091] ? kasan_check_write+0x14/0x20 [ 267.160240] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 267.166090] _do_fork+0x257/0xfd0 [ 267.170980] ? fork_idle+0x1d0/0x1d0 [ 267.177334] ? fput+0x128/0x1a0 [ 267.181031] ? ksys_write+0x1f1/0x2d0 [ 267.186494] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 267.191451] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 267.196229] ? do_syscall_64+0x26/0x620 [ 267.200716] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.206444] ? do_syscall_64+0x26/0x620 [ 267.211134] __x64_sys_clone+0xbf/0x150 [ 267.218183] do_syscall_64+0xfd/0x620 [ 267.222893] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.229855] RIP: 0033:0x459a29 [ 267.234153] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 267.257665] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 267.269156] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 267.278275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 267.288174] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 267.296281] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 267.306848] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:51 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40046304, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:51 executing program 4 (fault-call:9 fault-nth:20): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 267.391765] x86/PAT: syz-executor.4:18871 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 267.404175] x86/PAT: syz-executor.4:18871 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:51 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000440)=ANY=[@ANYBLOB="c929594fc9772da95a693454b83d038618094d625dc3fd5e0f175238cb5f81707c58f551a5d3e131498344ad283e7956432ca5b1dca73edc299f7b78d5c80d46a31059d4c05b2946778dfe379501bca1da071543eb3dd2da760ed5090000b680e449882e20ae86deca39d06659498feb54f8551adfa9107b4abe4ecab9a9084dbd22103008e72ec4ce4d342fd836dfdb3d882d9a00b2520dd301010000b303001fcf5282db5cb91f5bc9771d11faeefc45b702bd863c6a71f05aeea9e07404388847f7db06fd320ea3b95e45a14da6087a400a7d353ec48d26a16f77c88be7d538b1d97b1046f38e3ba7363a6e4cc1f7f0081d9a57b31fb6528dac28f491b6068a4a940bae688d6e6a70dadcfc4f86d80bb547e1323e237224be27627f5fed7ba0857938c5e0365b7aa06d2d5315a0e6796caa204b696c74809d2bb540b7fde3ff35761a827b364c50e0fd627a2fc8037b2c9d"], 0x0) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) [ 267.503939] binder: 18959:18976 unknown command 0 [ 267.530877] binder: 18959:18976 ioctl c0306201 200001c0 returned -22 [ 267.578306] x86/PAT: syz-executor.4:18982 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 267.599164] FAULT_INJECTION: forcing a failure. [ 267.599164] name failslab, interval 1, probability 0, space 0, times 0 [ 267.620219] CPU: 0 PID: 18982 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 267.629870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.641472] Call Trace: [ 267.644769] dump_stack+0x172/0x1f0 [ 267.648517] should_fail.cold+0xa/0x1b [ 267.652403] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 267.660829] ? lock_downgrade+0x880/0x880 [ 267.666151] __should_failslab+0x121/0x190 [ 267.672561] should_failslab+0x9/0x14 [ 267.678966] kmem_cache_alloc+0x2ae/0x700 [ 267.684030] ? anon_vma_clone+0x320/0x480 [ 267.691100] anon_vma_fork+0xfc/0x4a0 [ 267.695996] ? dup_userfaultfd+0x15e/0x6c0 [ 267.702065] ? memcpy+0x46/0x50 [ 267.705414] copy_process.part.0+0x34e5/0x7a30 [ 267.710390] ? __cleanup_sighand+0x70/0x70 [ 267.715638] ? lock_downgrade+0x880/0x880 [ 267.723212] ? kasan_check_write+0x14/0x20 [ 267.728504] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 267.736011] _do_fork+0x257/0xfd0 [ 267.739509] ? fork_idle+0x1d0/0x1d0 [ 267.743301] ? fput+0x128/0x1a0 [ 267.746585] ? ksys_write+0x1f1/0x2d0 [ 267.750390] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 267.755596] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 267.760453] ? do_syscall_64+0x26/0x620 [ 267.764542] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.770194] ? do_syscall_64+0x26/0x620 [ 267.774172] __x64_sys_clone+0xbf/0x150 [ 267.778159] do_syscall_64+0xfd/0x620 [ 267.781981] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.788090] RIP: 0033:0x459a29 [ 267.791743] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 267.814435] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 267.822673] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 267.830794] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 267.840565] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 267.848945] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 267.857789] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 267.880311] x86/PAT: syz-executor.4:18982 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 267.916906] x86/PAT: syz-executor.4:18982 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:53 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000000)=0x0) ioctl$VIDIOC_S_STD(r2, 0x40085618, &(0x7f0000000080)=r3) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) 22:26:53 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x40000, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f00000000c0)={0x14, 0xfffffffffffffeab, 0xfa00, {r4, 0x30, 0x0, @ib={0x1b, 0x0, 0xffffffff, {"000054d804d9662a1b1e000800"}, 0x1060000, 0xffffffffffffffff}}}, 0x90) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r2, &(0x7f00000003c0)={0x10, 0x30, 0xfa00, {&(0x7f00000002c0), 0x4, {0xa, 0x4e20, 0x464a, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x6}, r4}}, 0x38) r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x8200, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000100)={0x12, 0x10, 0xfa00, {&(0x7f0000000000), r4, r5}}, 0x18) r6 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r6, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r6, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x10000, 0x0) io_submit(r7, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r6, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:53 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xbe30, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:53 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40046307, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:53 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) r1 = creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x8, 0x10000, 0x6, 0x0, 0x16, 0x9a, 0x1, 0xfb, 0xffffff52, 0x3, 0x3, 0x8}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r4, &(0x7f0000000080), 0x297ef) 22:26:53 executing program 4 (fault-call:9 fault-nth:21): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 269.660032] binder: 18990:18995 unknown command 0 [ 269.676040] x86/PAT: syz-executor.4:18997 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 269.698295] binder: 18990:18995 ioctl c0306201 200001c0 returned -22 22:26:54 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000100)=[{&(0x7f0000000200)="243d13430e426fe0be7cc2b1ade18b682a0bbd70b99a7ce54869f80f95bd63ec9767150a6ab1f93bd1204da9a3d02758d52077941a9df1f764581f552e565284060791ce1a112c5903e5a5f2eddb79926c0d6b3863030b8a5725006d72db9e2496854ab6e35782732f75b63c7158ba30bf0d9313c88a7c43aa9fbb49979652f3cb8ff613dd8d6dde753856939d776176485f0145e0ebc086c3316835c7be10a817e24e6860092e147b41ad5d89c4cec9b9138275b1eb697e5d34ba842efda944997022661ba4d2b19373a39ff4239a00000000", 0xfffffffffffffe3f}], 0x1000000000000392, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:54 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40086303, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 269.725238] FAULT_INJECTION: forcing a failure. [ 269.725238] name failslab, interval 1, probability 0, space 0, times 0 [ 269.745590] CPU: 0 PID: 18997 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 269.756221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.768844] Call Trace: [ 269.772585] dump_stack+0x172/0x1f0 [ 269.776344] should_fail.cold+0xa/0x1b [ 269.783796] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 269.793094] ? lock_downgrade+0x880/0x880 [ 269.799123] __should_failslab+0x121/0x190 [ 269.804422] should_failslab+0x9/0x14 [ 269.808602] kmem_cache_alloc+0x2ae/0x700 [ 269.813290] ? anon_vma_clone+0x320/0x480 [ 269.819848] anon_vma_fork+0x1ea/0x4a0 [ 269.825944] ? dup_userfaultfd+0x15e/0x6c0 [ 269.833099] copy_process.part.0+0x34e5/0x7a30 [ 269.840385] ? __cleanup_sighand+0x70/0x70 [ 269.846994] ? lock_downgrade+0x880/0x880 [ 269.852181] ? kasan_check_write+0x14/0x20 [ 269.858985] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 269.866638] _do_fork+0x257/0xfd0 [ 269.870653] ? fork_idle+0x1d0/0x1d0 [ 269.875015] ? fput+0x128/0x1a0 [ 269.878638] ? ksys_write+0x1f1/0x2d0 [ 269.883202] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 269.887978] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 269.892742] ? do_syscall_64+0x26/0x620 [ 269.897644] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.903101] ? do_syscall_64+0x26/0x620 [ 269.907075] __x64_sys_clone+0xbf/0x150 [ 269.911289] do_syscall_64+0xfd/0x620 [ 269.915110] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.920432] RIP: 0033:0x459a29 [ 269.923723] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 269.943732] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 269.951663] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 269.959303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 269.966693] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:26:54 executing program 1: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000140)={0x1}) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80000, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f00000001c0)={"b88352bfc2869cf6873886f61c89c6572b054cfd68cfa90a06608926113ad6d938862ab51b4bbccf46b89ceb0764536b5e5964a541595e589c12a87e5de8daa65a1c2965e668d1505c8e352a996354a6782d24ab9786949591ddd29889dbf9b80f6c467b14848df794cad52527eeb641583af6bffa02d8cdb84868bcce84d8b0c7be81c9bc070886f9c963b2753e00d875061b333e47a52e91978f4795f20ffda0ad9277861bb650e70f0bf96c98054dd0c33da84d8dbceeb0eef0939adedb422dbeba02e22fe6fd9ee5e09edf37ca33799f018d8a675e5cb42b85651bdc3380fe2b2febea110774ee31d53526b394c3dad1d05fa1e9729cc8028284685d83320a82524f162ef69fc7e8a3dda8a7a0a6e61e0c1826143fe7aa1227f593a4ad5b0b3fcfee203be18c2f1070ca34cefac501889b7db92c1885c8bd71bd3f0df7ce0874fb2693687e07bbb5fc02f0d7f2373b68673e4113aea3a2a13658cfff57d997fde0d53f16005a7881ac8cbafbd3c70d24ef518c4340a7555b5e9cd294f45a0250163f7a3b34b979013987baedd5ac50d55441ed90e35b2049a7bf5b0ffa8c535978a25a62b2528efcd90499b3892dbbc2d04724445d5f9c4f7264734f994c0e56e759219d67f0da12ab9dc24baaa449c2e86ebe618292daad07d79fecd9c0238aa13bed6e65faad0ff4f36ac1baac9d6293259dcdcbc4a168d92b1e7ca507c2d74ad1c87f2a2a6641549492c2f5cf0700c83b278cc59a9a49efcb7fd15099c57096653853111cac29b38c1dec0d56048a94c560f03ee66e4eec5061a4aa81fb93f10942b7532191f3b3689854d0d370fcf9f8bb790d5410e638427744ecaaba36dc289853e1955682dfe4fb49a5e92006ba15a7bec691d50c4e38d90b9d4813865ff147650025ff52b366f65799d993d0cc217f9770959330c87a3a3ba9bfe03fea56734022afb572b978041028eef7442f619463e0936c9899023ee5cbb23bf22a727599522991f2860416e25bea6a203943ce7a229afc7163cb8ca476c7e87c5c3e607c169fc54ec73fbddf82929df7913d578ae57abf5a5930d91a40531db2d3ac6245c424ca76cb0080975e856dda1857d5ee736d04228dc202ab6a0e8a647f7be8cf034a04c939c6fe20cd97afc647318ecf68506d0c8233767fd768642d1744841203f5688452cbf293f3b4541c2313781cc51c87da55c34b1027b218d53db4c4e1ea17ebd2c8c7a64e3f04c5b449031d2bf88ff062c2aed31b85867550172acddb8cc057d694eab69338b5cedc44d1af8673f7f408c7ae8c89bf18e14e86c824706f62cccf9830b97c4f586283e021ae423f79884d709a4e4326284970c6dced4f5eb45b7abc8953ca290b59914e880e472e468393439d43911d8fa3e42173cb8967f8474c47b80c7a34592308c503fdbb8b102c1900"}) [ 269.973977] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 269.981934] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:54 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:54 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xc3c8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 270.066582] binder: 19078:19108 unknown command 0 [ 270.078119] x86/PAT: syz-executor.4:18997 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 270.085034] binder: 19078:19108 ioctl c0306201 200001c0 returned -22 22:26:54 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x4008630a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 270.137658] x86/PAT: syz-executor.4:18997 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:54 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x40086310}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:54 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) sendmsg$sock(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="3d24a56f5201ae94af5384b97f55601e75028d0cdc2a80b2b4d600a04c1832aadebac6d5a7a039e5207155159588040688d010df9889825fe1b6ed388fdc728824d17a67111d7ee70ecc5e13b83989d973c70ad2ba465ad44d76b073c9cbfc3df518e96817103d870cfcd97c1a7dcca72202d884126a8405002273ead9db83fb337ab379ef54e40c044b54fbbe5237fa55f902d7d0d7babed9ceb80db8c7acdbea5d71d7025f06ddfac20ce8309db9aef6e4cbf1eb77113bab3d5e64fb508b4b0a60689f5fd99f2178", 0xc7}, {&(0x7f0000000000)="9b8af46fb9a3cdd464c6036bf5ebfecb503ad643fddd60033634bb889204bc38c44d3b73858afea0aa2b8cbcdf4598856603c4e175212bf5b907fc0ecee64e04843227784340", 0x46}, {&(0x7f0000000100)="ba7cda1bd0d18786cb7bb7b3d8e4e361accf57b2e7572736aff995d31e0fca6ac960439ff79d5b1ed9f6243006f94cde89eecffce87f0f78bfe7d16e90f598ec32927f3f35fe772add769c1c820979b379c21d85fb573cdbf3d6b9aeaeb3654e5f793596a1ba3c69b2e5e1b28cb3d1c0e38bd2aea3f38a95ae26ab54089b2b0e0af1d60468a37350eca98a7e5c0094a6ebe9e717dcb45effa5a3266e566bdd106581126852e80d55a37957d28c6915a8cece93aedab215a16d", 0xb9}], 0x3, &(0x7f0000000340)=[@timestamping={{0x14, 0x1, 0x25, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @mark={{0x14, 0x1, 0x24, 0x10001}}, @txtime={{0xffffffffffffff3b}}, @mark={{0x14, 0x1, 0x24, 0x8000}}, @txtime={{0x18, 0x1, 0x3d, 0x7c}}, @txtime={{0x7, 0x1, 0x3d, 0x5bf1}}], 0xa8}, 0xc000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:54 executing program 4 (fault-call:9 fault-nth:22): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:54 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:54 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) [ 270.334217] binder: BC_ATTEMPT_ACQUIRE not supported [ 270.346663] x86/PAT: syz-executor.4:19130 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 270.371960] binder: 19126:19131 ioctl c0306201 200001c0 returned -22 [ 270.396429] FAULT_INJECTION: forcing a failure. [ 270.396429] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 270.421385] binder: BC_ATTEMPT_ACQUIRE not supported [ 270.447794] CPU: 1 PID: 19179 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 270.455694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.458557] binder: 19188:19223 ioctl c0306201 200001c0 returned -22 [ 270.469622] Call Trace: [ 270.469651] dump_stack+0x172/0x1f0 [ 270.469671] should_fail.cold+0xa/0x1b [ 270.469690] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 270.469707] ? __might_sleep+0x95/0x190 [ 270.469724] __alloc_pages_nodemask+0x1ee/0x750 [ 270.469747] ? __alloc_pages_slowpath+0x2870/0x2870 [ 270.469761] ? kasan_slab_alloc+0xf/0x20 [ 270.469779] ? kmem_cache_alloc+0x12e/0x700 [ 270.526623] ? anon_vma_fork+0x1ea/0x4a0 [ 270.531104] ? __lock_acquire+0x6ee/0x49c0 [ 270.535594] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 270.541426] alloc_pages_current+0x107/0x210 [ 270.545994] get_zeroed_page+0x14/0x50 [ 270.550078] __pud_alloc+0x3b/0x250 [ 270.553736] pud_alloc+0xde/0x150 [ 270.557546] copy_page_range+0x37a/0x1f90 [ 270.561727] ? anon_vma_fork+0x371/0x4a0 [ 270.566014] ? find_held_lock+0x35/0x130 [ 270.570108] ? anon_vma_fork+0x371/0x4a0 [ 270.574446] ? copy_process.part.0+0x30f9/0x7a30 [ 270.579216] ? copy_process.part.0+0x30f9/0x7a30 [ 270.583986] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 270.589009] ? pmd_alloc+0x180/0x180 [ 270.592816] ? __vma_link_rb+0x279/0x370 [ 270.596871] copy_process.part.0+0x543d/0x7a30 [ 270.601470] ? __cleanup_sighand+0x70/0x70 [ 270.605853] ? lock_downgrade+0x880/0x880 [ 270.610201] ? kasan_check_write+0x14/0x20 [ 270.614684] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 270.619748] _do_fork+0x257/0xfd0 [ 270.623763] ? fork_idle+0x1d0/0x1d0 [ 270.627563] ? fput+0x128/0x1a0 [ 270.630948] ? ksys_write+0x1f1/0x2d0 [ 270.634841] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 270.639816] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 270.645229] ? do_syscall_64+0x26/0x620 [ 270.650343] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.656445] ? do_syscall_64+0x26/0x620 [ 270.661035] __x64_sys_clone+0xbf/0x150 [ 270.665242] do_syscall_64+0xfd/0x620 [ 270.669137] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.674621] RIP: 0033:0x459a29 [ 270.677938] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:26:54 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xc960, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:54 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40086310, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 270.697562] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 270.705617] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 270.713252] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 270.720805] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 270.728260] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 270.735546] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:55 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000000)) r3 = socket(0x10, 0x2, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$EBT_SO_GET_INFO(r3, 0x0, 0x80, &(0x7f00000001c0)={'filter\x00'}, &(0x7f00000002c0)=0x78) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r4, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000040c1376eec76359719d815aedbd321a0337bde3515591b6c1874e3d6868c8335b01543cafdc69cd2781533f8a91eaa8181985410cb389b4946b2da9004d4430d52753ff974b6d1b587f1678f27bd777b23e4dd", @ANYRES32=0x0], &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r5, 0xffff, 0x6}, &(0x7f0000000140)=0xc) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x5, 0x383268503a235b62, 0x5, 0xbf, r5}, 0x10) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x1f7e, &(0x7f0000000040)=0x0) ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000100)={0x9, 0x9}) io_submit(r6, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x0, 0xc00, 0x0, 0x3}]) [ 270.767110] x86/PAT: syz-executor.4:19179 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 270.778556] binder: 19244:19250 unknown command 0 [ 270.801804] binder: 19244:19250 ioctl c0306201 200001c0 returned -22 22:26:55 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 270.825156] x86/PAT: syz-executor.4:19179 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:55 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x400c630e, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:55 executing program 4 (fault-call:9 fault-nth:23): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:55 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:55 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xcef8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:55 executing program 5: pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000100)={0x101, 0x8, 0x7, 0x1, 0x1, 0x9}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f0000000040)) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r1, &(0x7f0000000180)=[{&(0x7f0000000200)="745c6e4775b2d2c11d7eaf09e7172e476075b72951cb35faec19f01e3013f64bc728eaea874d8a962939593f36f9d745dbec499b9d0bb3a4c7537035f97c2005fbf3ceab1f5e0ec4509428e78d832e2a1772d29d5decbeac39619cd4b5", 0xda3dc05007adee34}], 0x1, 0x0) fcntl$setstatus(r3, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r4, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r3, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 270.996986] binder: 19349:19363 unknown command 0 [ 271.004499] binder: BC_ATTEMPT_ACQUIRE not supported [ 271.018344] binder: 19349:19363 ioctl c0306201 200001c0 returned -22 [ 271.032172] x86/PAT: syz-executor.4:19364 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 271.046386] binder: 19346:19359 ioctl c0306201 200001c0 returned -22 [ 271.055799] FAULT_INJECTION: forcing a failure. [ 271.055799] name fail_page_alloc, interval 1, probability 0, space 0, times 0 22:26:55 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:55 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x400c630f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 271.127307] CPU: 1 PID: 19364 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 271.134907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.144629] Call Trace: [ 271.147416] dump_stack+0x172/0x1f0 [ 271.151512] should_fail.cold+0xa/0x1b [ 271.155452] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 271.160857] ? __might_sleep+0x95/0x190 [ 271.165003] __alloc_pages_nodemask+0x1ee/0x750 [ 271.169705] ? __pud_alloc+0x1d3/0x250 [ 271.174766] ? __alloc_pages_slowpath+0x2870/0x2870 [ 271.180180] ? __pud_alloc+0x1d3/0x250 [ 271.184105] ? lock_downgrade+0x880/0x880 [ 271.188411] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 271.194040] alloc_pages_current+0x107/0x210 [ 271.198822] ? do_raw_spin_unlock+0x57/0x270 [ 271.203472] __pmd_alloc+0x41/0x460 [ 271.207253] ? pmd_val+0x100/0x100 [ 271.210928] pmd_alloc+0x10c/0x180 [ 271.214910] copy_page_range+0x633/0x1f90 [ 271.214924] ? anon_vma_fork+0x371/0x4a0 [ 271.214941] ? find_held_lock+0x35/0x130 [ 271.214956] ? anon_vma_fork+0x371/0x4a0 [ 271.214979] ? copy_process.part.0+0x30f9/0x7a30 [ 271.214999] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 271.215014] ? pmd_alloc+0x180/0x180 [ 271.215030] ? __vma_link_rb+0x279/0x370 [ 271.215048] copy_process.part.0+0x543d/0x7a30 [ 271.215086] ? __cleanup_sighand+0x70/0x70 [ 271.224125] ? lock_downgrade+0x880/0x880 [ 271.224150] ? kasan_check_write+0x14/0x20 [ 271.224164] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 271.224186] _do_fork+0x257/0xfd0 [ 271.224205] ? fork_idle+0x1d0/0x1d0 [ 271.224220] ? fput+0x128/0x1a0 [ 271.224233] ? ksys_write+0x1f1/0x2d0 [ 271.224253] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 271.237804] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 271.237821] ? do_syscall_64+0x26/0x620 [ 271.237837] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.237851] ? do_syscall_64+0x26/0x620 [ 271.237868] __x64_sys_clone+0xbf/0x150 [ 271.237885] do_syscall_64+0xfd/0x620 22:26:55 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xd490, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 271.237902] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.237913] RIP: 0033:0x459a29 [ 271.237926] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 271.237933] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 271.252046] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 271.252056] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 271.252063] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 271.252071] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 271.252080] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 271.279897] binder: 19377:19477 unknown command 0 [ 271.309817] binder: BC_ATTEMPT_ACQUIRE not supported 22:26:55 executing program 4 (fault-call:9 fault-nth:24): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:55 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 271.314510] x86/PAT: syz-executor.4:19364 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 271.325447] binder: 19383:19423 ioctl c0306201 200001c0 returned -22 [ 271.342352] x86/PAT: syz-executor.4:19364 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 271.361567] binder: 19377:19477 ioctl c0306201 200001c0 returned -22 22:26:55 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) pipe(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:55 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x8, &(0x7f0000000000)=0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000040), &(0x7f00000001c0)=0xc) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$USBDEVFS_RELEASE_PORT(r3, 0x80045519, &(0x7f0000000240)=0xfff) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000200)={0x7fffffff, 0x80000001, 0xff, 0x8}, 0x10) ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000100)={0x0, @reserved}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x0, 0xc00, 0x0, 0x0, r5}]) 22:26:55 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40106308, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 271.613057] binder: BC_ATTEMPT_ACQUIRE not supported [ 271.619414] binder: 19489:19493 ioctl c0306201 200001c0 returned -22 [ 271.631564] x86/PAT: syz-executor.4:19492 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:26:55 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 271.692150] FAULT_INJECTION: forcing a failure. [ 271.692150] name failslab, interval 1, probability 0, space 0, times 0 [ 271.705945] CPU: 1 PID: 19492 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 271.713044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.722952] Call Trace: [ 271.725595] dump_stack+0x172/0x1f0 [ 271.729355] should_fail.cold+0xa/0x1b [ 271.736855] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 271.743708] ? lock_downgrade+0x880/0x880 [ 271.747904] __should_failslab+0x121/0x190 [ 271.752179] should_failslab+0x9/0x14 [ 271.757052] kmem_cache_alloc+0x2ae/0x700 [ 271.761653] ? alloc_pages_current+0x10f/0x210 [ 271.761668] ? do_raw_spin_unlock+0x57/0x270 [ 271.761686] __pmd_alloc+0xc9/0x460 [ 271.761697] ? pmd_val+0x100/0x100 [ 271.761710] pmd_alloc+0x10c/0x180 22:26:56 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) [ 271.761725] copy_page_range+0x633/0x1f90 [ 271.761738] ? anon_vma_fork+0x371/0x4a0 [ 271.761752] ? find_held_lock+0x35/0x130 [ 271.761765] ? anon_vma_fork+0x371/0x4a0 [ 271.761786] ? copy_process.part.0+0x30f9/0x7a30 [ 271.761805] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 271.761821] ? pmd_alloc+0x180/0x180 [ 271.761837] ? __vma_link_rb+0x279/0x370 [ 271.761856] copy_process.part.0+0x543d/0x7a30 [ 271.761893] ? __cleanup_sighand+0x70/0x70 [ 271.772461] binder: BC_ATTEMPT_ACQUIRE not supported [ 271.773462] ? lock_downgrade+0x880/0x880 [ 271.773487] ? kasan_check_write+0x14/0x20 [ 271.773673] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 271.773695] _do_fork+0x257/0xfd0 [ 271.781392] ? fork_idle+0x1d0/0x1d0 [ 271.781408] ? fput+0x128/0x1a0 [ 271.781422] ? ksys_write+0x1f1/0x2d0 [ 271.781442] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 271.787497] binder: 19592:19595 ioctl c0306201 200001c0 returned -22 [ 271.793338] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 271.793354] ? do_syscall_64+0x26/0x620 [ 271.793368] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.793381] ? do_syscall_64+0x26/0x620 [ 271.793398] __x64_sys_clone+0xbf/0x150 [ 271.793416] do_syscall_64+0xfd/0x620 [ 271.793431] entry_SYSCALL_64_after_hwframe+0x49/0xbe 22:26:56 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xda28, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 271.793441] RIP: 0033:0x459a29 [ 271.793454] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 271.793461] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 271.793474] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 22:26:56 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:56 executing program 4 (fault-call:9 fault-nth:25): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 271.793480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 271.793487] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 271.793494] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 271.793501] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 271.817890] binder: 19593:19601 unknown command 0 [ 271.843845] x86/PAT: syz-executor.4:19492 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 271.864932] x86/PAT: syz-executor.4:19492 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 271.943654] binder: 19593:19601 ioctl c0306201 200001c0 returned -22 22:26:56 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x0) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:26:56 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40106309, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 272.121125] binder: BC_ATTEMPT_ACQUIRE not supported [ 272.157905] x86/PAT: syz-executor.4:19615 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 272.208863] binder: 19608:19612 ioctl c0306201 200001c0 returned -22 [ 272.242187] FAULT_INJECTION: forcing a failure. [ 272.242187] name fail_page_alloc, interval 1, probability 0, space 0, times 0 22:26:56 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) [ 272.246625] binder: 19620:19623 unknown command 0 22:26:56 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 272.282889] CPU: 0 PID: 19621 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 272.286706] binder: 19620:19623 ioctl c0306201 200001c0 returned -22 [ 272.291658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.291665] Call Trace: [ 272.291693] dump_stack+0x172/0x1f0 [ 272.291714] should_fail.cold+0xa/0x1b [ 272.291731] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 272.291746] ? __might_sleep+0x95/0x190 [ 272.291765] __alloc_pages_nodemask+0x1ee/0x750 [ 272.345472] ? find_held_lock+0x35/0x130 [ 272.352194] ? __alloc_pages_slowpath+0x2870/0x2870 [ 272.359004] ? lock_downgrade+0x880/0x880 [ 272.364314] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 272.370968] alloc_pages_current+0x107/0x210 [ 272.378789] pte_alloc_one+0x1b/0x1a0 [ 272.382980] __pte_alloc+0x2a/0x360 [ 272.387899] copy_page_range+0x151f/0x1f90 [ 272.393319] ? anon_vma_fork+0x371/0x4a0 [ 272.398283] ? find_held_lock+0x35/0x130 [ 272.403634] ? anon_vma_fork+0x371/0x4a0 [ 272.408702] ? copy_process.part.0+0x30f9/0x7a30 [ 272.414029] ? pmd_alloc+0x180/0x180 [ 272.418189] ? __vma_link_rb+0x279/0x370 [ 272.423526] copy_process.part.0+0x543d/0x7a30 [ 272.429824] ? __cleanup_sighand+0x70/0x70 [ 272.435409] ? lock_downgrade+0x880/0x880 [ 272.440949] ? kasan_check_write+0x14/0x20 [ 272.446572] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 272.452029] _do_fork+0x257/0xfd0 [ 272.456776] ? fork_idle+0x1d0/0x1d0 [ 272.461390] ? fput+0x128/0x1a0 [ 272.466546] ? ksys_write+0x1f1/0x2d0 [ 272.471552] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 272.478123] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 272.485204] ? do_syscall_64+0x26/0x620 [ 272.490968] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.497671] ? do_syscall_64+0x26/0x620 [ 272.506399] __x64_sys_clone+0xbf/0x150 [ 272.511548] do_syscall_64+0xfd/0x620 [ 272.516294] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.523702] RIP: 0033:0x459a29 [ 272.528050] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 272.552722] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 272.564139] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 272.575040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 22:26:56 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 272.584649] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 272.593570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 272.601998] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 272.628602] x86/PAT: syz-executor.4:19621 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:26:56 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2a65c264a04819e5, 0x0) socket$caif_stream(0x25, 0x1, 0x5) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$LOOP_SET_FD(r2, 0x4c00, r3) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 272.668140] x86/PAT: syz-executor.4:19621 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:57 executing program 4 (fault-call:9 fault-nth:26): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:57 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 272.728517] binder: BC_ATTEMPT_ACQUIRE not supported [ 272.752212] binder: 19667:19709 ioctl c0306201 200001c0 returned -22 22:26:57 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xdfc0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:57 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 272.908582] binder: 19745:19749 unknown command 1077961490 [ 272.928094] binder: 19745:19749 ioctl c0306201 200001c0 returned -22 [ 272.933776] FAULT_INJECTION: forcing a failure. [ 272.933776] name failslab, interval 1, probability 0, space 0, times 0 22:26:57 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDGKBMODE(0xffffffffffffffff, 0x4b44, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:57 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 272.952930] CPU: 1 PID: 19746 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 272.960244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.969716] Call Trace: [ 272.972336] dump_stack+0x172/0x1f0 [ 272.976013] should_fail.cold+0xa/0x1b [ 272.979919] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 272.985042] ? lock_downgrade+0x880/0x880 [ 272.989236] __should_failslab+0x121/0x190 [ 272.993814] should_failslab+0x9/0x14 [ 272.997756] kmem_cache_alloc+0x2ae/0x700 [ 273.001929] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 273.007499] ptlock_alloc+0x20/0x70 [ 273.011143] pte_alloc_one+0x6d/0x1a0 [ 273.014962] __pte_alloc+0x2a/0x360 [ 273.018610] copy_page_range+0x151f/0x1f90 [ 273.023036] ? anon_vma_fork+0x371/0x4a0 [ 273.027117] ? find_held_lock+0x35/0x130 [ 273.031289] ? anon_vma_fork+0x371/0x4a0 [ 273.035364] ? copy_process.part.0+0x30f9/0x7a30 [ 273.038251] binder: BC_ATTEMPT_ACQUIRE not supported [ 273.040148] ? pmd_alloc+0x180/0x180 [ 273.040168] ? __vma_link_rb+0x279/0x370 [ 273.045808] binder: 19752:19755 ioctl c0306201 200001c0 returned -22 [ 273.049176] copy_process.part.0+0x543d/0x7a30 [ 273.049218] ? __cleanup_sighand+0x70/0x70 [ 273.049234] ? lock_downgrade+0x880/0x880 [ 273.072919] ? kasan_check_write+0x14/0x20 [ 273.077266] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 273.082137] _do_fork+0x257/0xfd0 [ 273.085616] ? fork_idle+0x1d0/0x1d0 [ 273.089346] ? fput+0x128/0x1a0 [ 273.092642] ? ksys_write+0x1f1/0x2d0 [ 273.096492] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 273.101269] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 273.106053] ? do_syscall_64+0x26/0x620 [ 273.110036] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.115394] ? do_syscall_64+0x26/0x620 [ 273.119366] __x64_sys_clone+0xbf/0x150 [ 273.123338] do_syscall_64+0xfd/0x620 [ 273.127149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.132329] RIP: 0033:0x459a29 [ 273.135513] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:26:57 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:57 executing program 5: r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) write$P9_RCREATE(r0, &(0x7f0000000040)={0x18, 0x73, 0x1, {{0x41, 0x0, 0x4}, 0x4}}, 0x18) r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0) pwritev(r1, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r1, 0x4, 0x44000) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000080)=0x9) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$9p(r4, &(0x7f0000000100)="319fc2ba386dc69db8fb34137b33bc53805d088562250bc975f076c0839bf6", 0x1f) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r6 = gettid() tkill(r6, 0x1000000000016) fcntl$setown(0xffffffffffffffff, 0x8, r6) io_submit(r5, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 273.154581] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 273.162281] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 273.169578] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 273.176844] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 273.184102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 273.191445] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:57 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xe558, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:26:57 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 273.299718] binder: BC_ATTEMPT_ACQUIRE not supported 22:26:57 executing program 4 (fault-call:9 fault-nth:27): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 273.330113] binder: 19865:19867 ioctl c0306201 200001c0 returned -22 22:26:57 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:26:57 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:26:57 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 273.470106] x86/PAT: syz-executor.4:19921 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 273.501697] FAULT_INJECTION: forcing a failure. [ 273.501697] name failslab, interval 1, probability 0, space 0, times 0 22:26:57 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 273.532466] CPU: 0 PID: 19921 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 273.539431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.548793] Call Trace: [ 273.551391] dump_stack+0x172/0x1f0 [ 273.555016] should_fail.cold+0xa/0x1b [ 273.558903] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 273.564005] ? lock_downgrade+0x880/0x880 [ 273.568169] __should_failslab+0x121/0x190 [ 273.572404] should_failslab+0x9/0x14 [ 273.576190] kmem_cache_alloc+0x2ae/0x700 [ 273.580331] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 273.585340] ? __vm_enough_memory+0x324/0x5a0 [ 273.589833] vm_area_dup+0x21/0x170 [ 273.593454] copy_process.part.0+0x3407/0x7a30 [ 273.598047] ? __cleanup_sighand+0x70/0x70 [ 273.602270] ? lock_downgrade+0x880/0x880 [ 273.606410] ? kasan_check_write+0x14/0x20 [ 273.610652] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 273.615507] _do_fork+0x257/0xfd0 [ 273.618951] ? fork_idle+0x1d0/0x1d0 [ 273.622655] ? fput+0x128/0x1a0 [ 273.625935] ? ksys_write+0x1f1/0x2d0 [ 273.629739] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 273.634489] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 273.639231] ? do_syscall_64+0x26/0x620 [ 273.643194] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.648551] ? do_syscall_64+0x26/0x620 [ 273.652523] __x64_sys_clone+0xbf/0x150 [ 273.656491] do_syscall_64+0xfd/0x620 [ 273.660282] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.665460] RIP: 0033:0x459a29 22:26:58 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xeaf0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 273.668641] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.687531] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 273.695257] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 273.702532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 273.709794] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 273.717066] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 273.724323] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:26:58 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 273.787221] x86/PAT: syz-executor.4:19921 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 273.806497] x86/PAT: syz-executor.4:19921 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:26:58 executing program 4 (fault-call:9 fault-nth:28): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:26:58 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) [ 274.001221] x86/PAT: syz-executor.4:20105 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 274.016528] FAULT_INJECTION: forcing a failure. [ 274.016528] name failslab, interval 1, probability 0, space 0, times 0 [ 274.028186] CPU: 0 PID: 20105 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 274.035123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 274.044474] Call Trace: [ 274.047072] dump_stack+0x172/0x1f0 [ 274.050714] should_fail.cold+0xa/0x1b [ 274.054595] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 274.059685] ? find_held_lock+0x35/0x130 [ 274.063744] ? percpu_ref_put_many+0x94/0x190 [ 274.068252] __should_failslab+0x121/0x190 [ 274.072490] should_failslab+0x9/0x14 [ 274.076293] kmem_cache_alloc+0x47/0x700 [ 274.080347] ? __lock_is_held+0xb6/0x140 [ 274.084413] anon_vma_clone+0xde/0x480 [ 274.088314] anon_vma_fork+0x8f/0x4a0 [ 274.092122] ? dup_userfaultfd+0x15e/0x6c0 [ 274.096362] ? memcpy+0x46/0x50 [ 274.099652] copy_process.part.0+0x34e5/0x7a30 [ 274.104275] ? __cleanup_sighand+0x70/0x70 [ 274.108513] ? lock_downgrade+0x880/0x880 [ 274.112659] ? kasan_check_write+0x14/0x20 [ 274.116911] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 274.121740] _do_fork+0x257/0xfd0 [ 274.125191] ? fork_idle+0x1d0/0x1d0 [ 274.128905] ? fput+0x128/0x1a0 [ 274.132170] ? ksys_write+0x1f1/0x2d0 [ 274.135997] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 274.140735] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 274.145489] ? do_syscall_64+0x26/0x620 [ 274.149459] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.154807] ? do_syscall_64+0x26/0x620 [ 274.158779] __x64_sys_clone+0xbf/0x150 [ 274.162752] do_syscall_64+0xfd/0x620 [ 274.166562] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.171749] RIP: 0033:0x459a29 [ 274.174925] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.193824] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 274.201518] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 274.208780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 274.216066] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 274.223323] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 274.230581] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 274.263853] x86/PAT: syz-executor.4:20105 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 274.272879] x86/PAT: syz-executor.4:20105 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:00 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:00 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:00 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xf088, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:00 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:27:00 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x80000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl(r2, 0x7, &(0x7f0000000100)="2496e8e3cb8b976c80fe455154e67818c9be8a6f4f273135b3bdab495afcf076b07245f932d01fe3143ed4a11dbcab2128e42400277b30d6e703d95bd1becfdbf33611355333f10dccfb40db2491beb481548eece62e608d86e208875ab8f8ffdd877843903c95d63753dfc9a0142f87d3eca57ab33640a7c3433cdfac0b9c50cbcef54af32838a001d3c30ae2e7ce8bab9094d81a68971935b2ca102fd45f30c0aad8417915a0d30d") 22:27:00 executing program 4 (fault-call:9 fault-nth:29): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:00 executing program 1: r0 = syz_open_dev$binderN(0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 276.413807] x86/PAT: syz-executor.4:20120 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 276.450042] FAULT_INJECTION: forcing a failure. [ 276.450042] name failslab, interval 1, probability 0, space 0, times 0 [ 276.465650] CPU: 1 PID: 20120 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 276.472616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.481977] Call Trace: [ 276.484583] dump_stack+0x172/0x1f0 22:27:00 executing program 1: r0 = syz_open_dev$binderN(0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 276.486668] audit: type=1400 audit(1569968820.752:68): avc: denied { ioctl } for pid=20118 comm="syz-executor.5" path="socket:[48924]" dev="sockfs" ino=48924 ioctlcmd=0x7 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 276.488246] should_fail.cold+0xa/0x1b [ 276.521038] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 276.526157] ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220 [ 276.532517] __should_failslab+0x121/0x190 [ 276.536762] should_failslab+0x9/0x14 [ 276.540569] kmem_cache_alloc+0x47/0x700 [ 276.544640] ? anon_vma_chain_link+0x154/0x1c0 [ 276.549240] anon_vma_clone+0xde/0x480 [ 276.553141] anon_vma_fork+0x8f/0x4a0 [ 276.556954] ? dup_userfaultfd+0x15e/0x6c0 [ 276.561197] ? memcpy+0x46/0x50 22:27:00 executing program 1: r0 = syz_open_dev$binderN(0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 276.564489] copy_process.part.0+0x34e5/0x7a30 [ 276.569110] ? __cleanup_sighand+0x70/0x70 [ 276.573353] ? lock_downgrade+0x880/0x880 [ 276.577518] ? kasan_check_write+0x14/0x20 [ 276.581759] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 276.586615] _do_fork+0x257/0xfd0 [ 276.590085] ? fork_idle+0x1d0/0x1d0 [ 276.593922] ? fput+0x128/0x1a0 [ 276.597238] ? ksys_write+0x1f1/0x2d0 [ 276.601045] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 276.605800] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 276.610553] ? do_syscall_64+0x26/0x620 [ 276.614542] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.614557] ? do_syscall_64+0x26/0x620 [ 276.614579] __x64_sys_clone+0xbf/0x150 [ 276.623895] do_syscall_64+0xfd/0x620 [ 276.623914] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.623924] RIP: 0033:0x459a29 [ 276.623941] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.658939] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:00 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:01 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) creat(&(0x7f0000000240)='./file0\x00', 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) 22:27:01 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 276.666658] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 276.673932] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 276.681208] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 276.688479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 276.691327] binder: BC_ATTEMPT_ACQUIRE not supported [ 276.695744] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:01 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f0000000240)={0x7, 0x3}) llistxattr(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)=""/43, 0x2b) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x428240, 0x0) accept4$unix(r4, &(0x7f0000000140), &(0x7f0000000200)=0x6e, 0x80000) [ 276.780421] binder: 20138:20139 ioctl c0306201 200001c0 returned -22 [ 276.789428] x86/PAT: syz-executor.4:20209 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:01 executing program 4 (fault-call:9 fault-nth:30): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:01 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xf620, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:01 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:01 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 276.857444] x86/PAT: syz-executor.4:20209 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:01 executing program 0: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r3, &(0x7f0000000080), 0x297ef) [ 276.942177] binder: BC_ATTEMPT_ACQUIRE not supported [ 276.979779] binder: 20249:20253 ioctl c0306201 200001c0 returned -22 22:27:01 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:01 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:01 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x3a9739ba, 0x504000) r2 = socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r4, 0xffff, 0x6}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r4}, &(0x7f0000000180)=0x8) r5 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) fcntl$F_GET_RW_HINT(r5, 0x40b, &(0x7f0000000040)) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$UI_SET_LEDBIT(r8, 0x40045569, 0x6) io_submit(r6, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 277.085337] x86/PAT: syz-executor.4:20267 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 277.146154] FAULT_INJECTION: forcing a failure. [ 277.146154] name failslab, interval 1, probability 0, space 0, times 0 [ 277.157831] binder: BC_ATTEMPT_ACQUIRE not supported [ 277.170583] binder: 20338:20358 ioctl c0306201 200001c0 returned -22 [ 277.173176] CPU: 1 PID: 20357 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 277.184030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.193393] Call Trace: 22:27:01 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:01 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 277.195993] dump_stack+0x172/0x1f0 [ 277.199634] should_fail.cold+0xa/0x1b [ 277.203533] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 277.208646] ? __lock_is_held+0xb6/0x140 [ 277.212716] ? __lock_is_held+0xb6/0x140 [ 277.216799] __should_failslab+0x121/0x190 [ 277.221049] should_failslab+0x9/0x14 [ 277.224861] kmem_cache_alloc+0x47/0x700 [ 277.228934] ? anon_vma_chain_link+0x154/0x1c0 [ 277.233527] anon_vma_clone+0xde/0x480 [ 277.237427] anon_vma_fork+0x8f/0x4a0 [ 277.241238] ? dup_userfaultfd+0x15e/0x6c0 [ 277.241253] ? memcpy+0x46/0x50 [ 277.241272] copy_process.part.0+0x34e5/0x7a30 [ 277.248789] ? __cleanup_sighand+0x70/0x70 [ 277.248806] ? lock_downgrade+0x880/0x880 [ 277.261741] ? kasan_check_write+0x14/0x20 [ 277.265977] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 277.270825] _do_fork+0x257/0xfd0 [ 277.274290] ? fork_idle+0x1d0/0x1d0 [ 277.278024] ? fput+0x128/0x1a0 [ 277.281317] ? ksys_write+0x1f1/0x2d0 [ 277.285136] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 277.289897] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 277.289914] ? do_syscall_64+0x26/0x620 [ 277.289930] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.289946] ? do_syscall_64+0x26/0x620 [ 277.304006] __x64_sys_clone+0xbf/0x150 [ 277.304027] do_syscall_64+0xfd/0x620 [ 277.304047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.304058] RIP: 0033:0x459a29 [ 277.304072] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:27:01 executing program 0: inotify_init() perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:01 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xfa0f, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 277.304080] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 277.304095] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 277.304103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 277.304110] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 277.304119] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 277.304126] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 277.375354] binder: BC_ATTEMPT_ACQUIRE not supported [ 277.427736] x86/PAT: syz-executor.4:20267 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 277.465610] binder: 20372:20374 ioctl c0306201 200001c0 returned -22 [ 277.491252] x86/PAT: syz-executor.4:20267 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:01 executing program 4 (fault-call:9 fault-nth:31): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:01 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x1200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:01 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000000)={0xd3a, "9c4c1208ddbd1f58b5e9af1100d9b1e79ea6a476941002236ed0f29ef9b2fb15", 0x1, 0x1}) pwritev(r0, &(0x7f0000000800), 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) pipe(&(0x7f0000000200)={0xffffffffffffffff}) r7 = socket(0x10, 0x2, 0x0) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r8, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r7, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r9, 0xffff, 0x6}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp6_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000000240)={r9, 0x2}, &(0x7f0000000280)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) prctl$PR_GET_UNALIGN(0x5, &(0x7f00000002c0)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r5, 0xc08c5334, &(0x7f0000000100)={0x7f, 0x33, 0x1, 'queue0\x00', 0x20c}) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:01 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:01 executing program 0: inotify_init() perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:01 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xfbb8, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:01 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 277.680588] binder: BC_ATTEMPT_ACQUIRE not supported [ 277.684852] x86/PAT: syz-executor.4:20499 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 277.713659] binder: 20479:20500 ioctl c0306201 200001c0 returned -22 [ 277.748206] FAULT_INJECTION: forcing a failure. [ 277.748206] name failslab, interval 1, probability 0, space 0, times 0 [ 277.774398] CPU: 1 PID: 20499 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 277.781370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.790750] Call Trace: [ 277.793344] dump_stack+0x172/0x1f0 [ 277.796989] should_fail.cold+0xa/0x1b [ 277.800896] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 277.806009] ? lock_downgrade+0x880/0x880 [ 277.810178] __should_failslab+0x121/0x190 [ 277.814426] should_failslab+0x9/0x14 [ 277.818227] kmem_cache_alloc+0x2ae/0x700 [ 277.822374] ? anon_vma_clone+0x320/0x480 [ 277.826553] anon_vma_fork+0xfc/0x4a0 [ 277.830360] ? dup_userfaultfd+0x15e/0x6c0 [ 277.834609] ? memcpy+0x46/0x50 [ 277.837906] copy_process.part.0+0x34e5/0x7a30 [ 277.842529] ? __cleanup_sighand+0x70/0x70 [ 277.846771] ? lock_downgrade+0x880/0x880 [ 277.850936] ? kasan_check_write+0x14/0x20 [ 277.855178] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 277.860027] _do_fork+0x257/0xfd0 [ 277.863488] ? fork_idle+0x1d0/0x1d0 [ 277.867221] ? fput+0x128/0x1a0 [ 277.870508] ? ksys_write+0x1f1/0x2d0 [ 277.874310] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 277.879072] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 277.883845] ? do_syscall_64+0x26/0x620 [ 277.887827] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.893284] ? do_syscall_64+0x26/0x620 [ 277.897270] __x64_sys_clone+0xbf/0x150 [ 277.901259] do_syscall_64+0xfd/0x620 [ 277.905076] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.910360] RIP: 0033:0x459a29 [ 277.913559] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 277.932573] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 277.940296] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 22:27:02 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0x2000ffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:02 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x2, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:02 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:02 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:02 executing program 0: inotify_init() perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 277.947566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 277.954831] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 277.954841] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 277.954849] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 277.965817] x86/PAT: syz-executor.4:20499 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 278.032684] x86/PAT: syz-executor.4:20499 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:02 executing program 4 (fault-call:9 fault-nth:32): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:02 executing program 5: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x106) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 278.123706] binder: BC_ATTEMPT_ACQUIRE not supported 22:27:02 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 278.144402] binder: 20717:20727 ioctl c0306201 200001c0 returned -22 22:27:02 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:02 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:02 executing program 0: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='.\x00', 0xfe) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:02 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000)="56bac95fa8b0e822cb78b6fef62f367ca59b2b7982d377cb9edeb5b2e74b908a5f3379fd0d79d65d47a4efc5a9112a44dcb83fa7d0913b90e095e406cd3b2231eccc8e0c3956bdd84990", 0x12c, 0xc00, 0x0, 0x0, r3}]) 22:27:02 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 278.297791] x86/PAT: syz-executor.4:20838 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 278.342540] binder: BC_ATTEMPT_ACQUIRE not supported [ 278.345698] FAULT_INJECTION: forcing a failure. [ 278.345698] name failslab, interval 1, probability 0, space 0, times 0 [ 278.379101] CPU: 0 PID: 20845 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 278.386061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.386067] Call Trace: [ 278.386089] dump_stack+0x172/0x1f0 [ 278.386112] should_fail.cold+0xa/0x1b [ 278.386130] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 278.386144] ? lock_downgrade+0x880/0x880 [ 278.386166] __should_failslab+0x121/0x190 [ 278.386183] should_failslab+0x9/0x14 [ 278.386196] kmem_cache_alloc+0x2ae/0x700 [ 278.386212] ? anon_vma_clone+0x320/0x480 [ 278.401345] binder: 20837:20843 ioctl c0306201 200001c0 returned -22 [ 278.401759] anon_vma_fork+0x1ea/0x4a0 [ 278.431119] ? dup_userfaultfd+0x15e/0x6c0 [ 278.431143] copy_process.part.0+0x34e5/0x7a30 [ 278.431183] ? __cleanup_sighand+0x70/0x70 [ 278.450315] ? lock_downgrade+0x880/0x880 [ 278.450343] ? kasan_check_write+0x14/0x20 [ 278.450357] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 278.450377] _do_fork+0x257/0xfd0 [ 278.471229] ? fork_idle+0x1d0/0x1d0 [ 278.474956] ? fput+0x128/0x1a0 [ 278.478250] ? ksys_write+0x1f1/0x2d0 [ 278.482065] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 278.486833] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 278.491597] ? do_syscall_64+0x26/0x620 [ 278.495579] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.500949] ? do_syscall_64+0x26/0x620 [ 278.504936] __x64_sys_clone+0xbf/0x150 [ 278.508909] do_syscall_64+0xfd/0x620 [ 278.512697] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.517925] RIP: 0033:0x459a29 [ 278.521164] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:27:02 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 278.540060] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 278.547763] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 278.555028] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 278.562282] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 278.569548] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 278.576802] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:02 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:02 executing program 0: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='.\x00', 0xfe) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:02 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x4, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 278.634592] x86/PAT: syz-executor.4:20845 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 278.649222] binder: BC_ATTEMPT_ACQUIRE not supported [ 278.664111] x86/PAT: syz-executor.4:20845 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 278.670599] binder: 20941:20949 ioctl c0306201 200001c0 returned -22 22:27:03 executing program 4 (fault-call:9 fault-nth:33): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:03 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x106, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000200)={0x14, 0x88, 0xfa00, {r2, 0x1c, 0x0, @in6={0xa, 0x4e20, 0x101, @remote, 0xfffffff9}}}, 0x90) sendto$inet(r1, &(0x7f0000000840)="bd81434750996f527a5e58a0e246745fb50eede9f0f7880192a6ddeefc9c65df9f48389c4d051a3f7d305699d16fd7d87e4029df8e54c9e0f548fa98cd5b2f09b03be753f0a813e3d36e925171b8f0473722dff0591d90ada6b1395cbcbd3dfaccd453030ae7b52233b3d5ff235385f8d01072002f412c88796174044403ae9384387cc4a9cb2d0cff98fad3d59c0d47e5363c4550608b5fb833edb9f855b53392c0fb323ff1651fdcbe59768eaa9998e2ca65c6bf7ae5d3f20f233cd47b21c012b2ff7df1a0c28734683e6631fc2419b4008ebd868aceea87e53fb3442382d94dc0a39af42660568398ca4dbbe730ed3ad3a5f4b9346c02dcd3619b85c2f2bf3d873fec6d5a4a5b18cfdeff79dfe3e6db3b6781f35a91bacb212f3aac1813b279ccf44a4fa87819b6459cf0c735aafea9721d1ba186b98982ea660d4dacb3bfbfbed1e812cb971df03dcec8970c1fb606fd2a3b429b304df88fef4f911940b2070effecc41f3d88ee8df6b1d3ce4ba98150a60cb8b7ddd3e7de34f9e8d2c07ba47eec2e6e9ee4f2f41606d8a8d88d11e0042c076eef6768d8185c2d2f1553d8e8d9df1dd526f6140ebd1b1f67ccde665ab70bf18c538814f0a0c7a3495df15583d22f54be257f7d5272d37faa38418ea7a9674f713f274e3055f06760056ea6057f67bedc856bc37de2e369a41923f23299bd474ff69b9857aa7b01f0e2deabfe2105bf8a21b7ce1897fe35bed9d8cbac5405f8544e66b5ff3c233d8e7454e71ff8fd1c9a07b144b2795d6d3a6ba2d78565e7e5a62ae650c0cd50f81c5ba19e075bfd3fd4d2a13fd8f0990386c3e48fdf2fba651f4518b81610f44633f655dc374a457bd4b1edaaac5030d2960578f6c0f4f7efe34d21cf2fcc7cf34d38adebf2b9ecf312d3f75b033d770569bfab3ebbce5d7a82377eda3aefafd333d8e13e4cc8581db082d23ad76a69cde51f5c8afbc7ca383a66d39cc6481ad7dca4c6aa3aadbb15d84275bbc8c6a0ebf7cf56c165f6d25e95ebadf8dfc677178358cbc5c6236e101a9f4c27e72b29c5046d4c54dd42c5b81e67e424f76b9bdbbf5a4cb5b22dccfd38b5167756b1210aab897ac17664e7c53970f4a9de3cd4d2b1df9aea7dacd2f79816d59b1e3da25439b38d09e8adb683a769f2382af22da291bc44f09829ffdc0b078169e88b1b0cdf4d49dc71ad50b67341d57e12398c1ec5798222161f1c28c06aa13087f40f6e2516dd31189fcb39d6666cb9ccdb8bddeaa9b8f1c3b53f47975c66d814cbbd4328f737575d0fd58e7acc5c7946694bc5b21c7e6bfd8cb670451a556f1809b747e0538ee83c77039ab8e0cfcacac7bafae726d26499fab38e5878eec229bcf9eea6284e47fbe1ba74cdb6155d9afdc088beb84bfa3f522440fd7adea20fe59e1fef106aaccaf22bdd008108243f445858da5746352dbc5f9ade157cf3e2138a02a79dc0a76dbd1f5951c0ca06181e556b679ddefe93a5b8a6eab9ee471cb1bc7e0af26d4294e5fb4436bf6506f10ea5035aa85a9389506b9209132d701a0d5bd1bbb5ae768a56704ed2a69fd814638c0beebef948fd776ddbd82b10ee15106e4af89d442f761c177076271fa16caa329ee27afefd2a15bb664187aa1f332a49c5488d813d57ab9ae6727eac27a565c3da9fca953fb35a4eaa611b0b3469df6dd18896ac5e9bb8f2d6b65ed26b7f0c4fea3d3630c63282f2d84ca68b7b1bfb995000601d925890ea97db7a471e8fa6af462653134001e8d4cd47c411199b1203294869f706c89dcca7787c541891bfb8d2f7d14eb6742210db5fd2bbdf8fa9123e7837e241fdf7f59a00b2b1433cfcea67a76d48fb5528d3f79bc77c93cdb80a4c3abd5e44f465034e9298b1cd0d93c93fd7d6b8346503f515e383e64d311ad4aa70a7fc38d54e098afaee3724dbb6e91a2b086b61a45653a903e81ef68a366e3895697f6face53ca64bccd4ee2be9e2202a9288c1db4913af864bc23ddf0fff6b527084e7aae09963cf34c0d41160cddb828c7d19665687a6edf3e895b3c071a328e8a607ec0311c2eb379a1e6ef6fe334b0bb9c37eb7e1b340588e5a608f7a75011b684866febbc83eb95f5757a7d883fab852e04798d882f442525ce94de9d83e5eab7150d6774e99a43d5783e6d7b546c7d4f4937e0e12c1ceeb6d214906992586ba8a2e78bdc8bb2e9d86a649a4f9654a9b7c3cb1864e12ef75dbff35ea908ff5b544dc0f9ca1adb12417908e41c80485b89e9619a600c8703ac1b2acb2b94f4183822791e0f696eba826918973ae02b6dc2af435e8e79f77e1193766b890b8ecafd81fc3b0a46acdef3715dfa1d5d573671214658c27603914f0a0e768ed1298d51da7d78d4a6fec51b34c84125a14ad030d381673a376fca4dbe16c3188903003076fd7a4594d8dccfdf93fcc5f622131a47e5adeeaedfb26af2edd41f6d18f3b2fdf962757da5ff9fb05922e5df00018925e2264fd50e9d89282a06d20107bf6a98be27e4a01a06af8c1ad2788a2d49d5ecc9f80d96aa5d8a737f0b8604cf22670ad8654c47094396b7a713444cf554ded0c20500a6f46aab9814099a45a82ddf40c274962c85a0e0481af7c11e4a336b62cb1dde365bfcac02993b78931fb8c803b63c11e7c1d89cc806a7eaa8b9ef8f8a5376c3fc852cb37cfa3c8ebe6e5f8da21eacfe99a51ba1e1622ce60fe00e80400f2ba4b6be761bdef1f2bdc9334b85c7718b41fbf11062184692640c4cbcc3b209dec71cd553983ce202f830110e5d95c41a06d91ae218091cb875d90fb92a85dc281a8426c845633677861c9e190dd8abb0029b6c2ea519911fd6b8959511679f245aea39d9dd80b05fe81ce74e8c372f785343111bdeaf34f7befad8d955dff12886c3ee9361db933514f7148db8a61dd626b1004c3479e3523036b05b5a4278e39951dffef9afbf5e73560379eb3ecc8e98ec4ce9e016059c3945dac63258ce5a93da41bb6f7516b88bb6f8f14878ca4007787a3174da70149fe5106f020fe497683ec688bab168704a431452926706300286d65d97280739c2d368161358ba838e1d90f2cba5400b35d56b344c5149c9468fd90fef14b30e730624bd24e761d187c8ffad3b8ce37227581474ef3cc0093835d757cca0d41cf3139de3ada0e452940e573c759e74a5b3f4a40d3b16b0e67eb7631a39a35d43c4dd531f3a54316e26162cbb38a3801ff10035e77f8ee073db59bf551e95d1d5f122ed18220d9e59afb31d6ec9f5624d80c20b1940435a46cd6fa0ae72f5c8593b371a2ed5ae43fc84f6736b4f225df2cf493a735953b4ee614f416faf52c2953d73678cafcd550c53a779d6121a2ce7ad30f5456ee070b2faade0e1378a579f42a8f0dede0260d7d6b1c604b4e3e606195f077769da6530ee61826d3051c4acbd3fa7f333647c06e6f6f181f5ab21a18f6b014766d5cd40a013be714ae6ad01198018c6a7176f180fa27c750288502ba192ceecb0db2383c959a18c754234ce1ad147a40f32b383f5bd629ac4b6ed52db51632b85cc4dd2fc3919f91dd7bb5aa5a403244d3a4265ad2d2d7ee92b961b0d0818d8e6bbdf736a17268ec37f45e41c3dcd0999795db790a0bd479200a8ca1602313abdf627a532caa53567d6ade826907b259f2c7b64dae427e611a96d5e75c9402807715e5687e1251874d03234ab64ee5beae8780fd8ab192ef05fb2aaa214c1e3b3cf45b85f74b358754711ebd2761a5b1560190776d94142cccabf6c865736b984fbe88798d70dfa8e9846163cd9aa61c9d2ce0e82be607c0cffb04802b0b98321fff314f323e0d197fb475ae76a3133902530612ae1cf2df6519f28c81271614f7157669089d3f15f729ce010b1f1d0fca5728bb29fe25c4dddb27f113f33ea0b0572b60adc1af9b2dbf0a03643777674305fdbf09d3bd59e5de2f13000d85f75970388f5762d1c939c2a192131c54dc0589d674c59c4620ba6e16d4c30b2ac46698285ed680879f8662d9beda3e5eeeb9248bba389f71ac3ec8c61dcda9da63c5012fa2c4e0e51897eed323bc8d88a7c48ef746cb4ac5dbbf4f03334e15c5ddacb6c436987f037c4d235a3dd9f3cf3f15228f57b6cd38d5de79492aded8f6aae6fa6e6671787b4388523eaa3a0860c67c8e86d8e0c424d1cdc8b056f774d03b57ec12f4dd41e1fdedf84edbb6a4d5940870c56bc7cfa02fbc4e2f49becaf901410e82b0f0bd306a85df0d1c1c8e15f73a0492e28569e98d53588a63f18396bbb51e650fd34fd22be128a7fbeb922674e871c59bd0c6e00a4e47d701b378ade5c4170ffefbf0e76cc4b6f0c7158d78f66e4bf132b71fb3f94e3c7dbabe02e7628e3dc56c0fde639a430750c4e93d4b1eef9ed88435002dd20d5b908fd50df6bab397534f4cd8314f28f372205dffedae08ec5b02759bcf77d2f89fa3a44a1bf465bcc499b93336fcd01e91c60f1eae5d73872fcf416df92386d9c4bb60ed9eaea29076bb010924b53fbcfcb2329132e9729d481ca8f0da95da5e399b3f3c88d7dc62f705eb314c72d5f01367a4dc327fc3d8ea9ca66f31e7f817a36f28d5e0128864f5bcb7fc57f5a0db0c56ab637c4f03d185f04504e9fd167ca87390882665b6c37d20526511d311b5bb58fe98a034e7960791f5db10a126e5a9d30684c5467419c0f7d9dee060bfc4f54da5c6b2b038ca29be1beed04d85b64271ef2ba16f0ce5b4f9d0f634ab231d3d88dadb11b2b9b7f9ee6a34a241756bf963b827defc751bff8645e49b5a91185ef4c64d743ac0b0565c220a32172e5707732ee3f7471f407bb2654665083a738ab2c0f827217d3b308a360054f16be7f254d23ae215f59ce6064fc80c7f855f989ffabedb57d22d4baf5b73b6627d06dac95b0df5f7eaa13f0cfd8e087184ad81f629c7e44d66d4a9c250b00d0cc2d824617c6abade35880e821caaec7e0b53547c62f715f53518bbac89efd1356ee905ea2fa10d624a7138f769c148724f5526e27bf04ea3f43d9c5de47736df9bc20cb3ccced3f820f98ae4d3d7d9fd9974c16077dc19ceb7398587c77a0d9caeee0eb4189ec8f3bebb7a1a7c4b59552c92d35f000422dc739fc73962b9838803ae802f0b7196c7d11fc6cd3e3c60836a1d66e4f6df9cc66d3bb6d04c25efeaa16919126d73323852cfaf524d0a76f6cd1e1f1c00a6d96592107232d11840b345b72e49b5a85bb65e43a73f68999a98f9bbabdb921e58d1b4cd201b067d9a19db15ee6dacf1798eee267d97878cc3de56f02638c949bcfde445a3b4a8cc06db6a2451264144bc49092a6d63f686addd2a539f337f2bc72d66645750ef15cd7258d00eb56900a6b785abd3bcb6aea511f26b9c387b628b7f00928ee1e8435723d089f0651e04c82a06eb43878e30e90ccfaf29b08ffe4d96d00b96315404bed2143de3e93557eea232acf63d841e6fad77ba45b91794edcbc444abc01f65486fd1d40563e7276ad8a0f0bf199e748c953ebf067fc7aca57e5dd8b0bba94edd866913f06d69bb2510e02d3390ae2c85aeae97b7bed81f246b027c8dca401e57fbac108f0e47a215e64a460a432905c463d183400925c65a146d573211740bdb1003f21f6302701aceedb3536500a2d72c323a0ab5ba212b393f4583a0a1b9a3f1365d63551bc090db3d60f708fb0dd5404ff4d7111f6866398439b4a4634a7818c41ca8716d6140bcc94c6aa718fb9553d1f06f0974455879e5d05a2e306c102317cc34f845705a75213f9f8b6ff0b4dbd15180192d02512eff", 0x1000, 0x4001014, &(0x7f0000000000)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:03 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:03 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:03 executing program 0: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='.\x00', 0xfe) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 278.887399] x86/PAT: syz-executor.4:20975 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 278.925612] FAULT_INJECTION: forcing a failure. [ 278.925612] name failslab, interval 1, probability 0, space 0, times 0 22:27:03 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) socket$inet_icmp_raw(0x2, 0x3, 0x1) [ 278.944533] binder: BC_ATTEMPT_ACQUIRE not supported [ 278.949683] binder: 20980:20989 ioctl c0306201 200001c0 returned -22 [ 278.963571] CPU: 1 PID: 20975 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 278.970530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.979888] Call Trace: [ 278.982487] dump_stack+0x172/0x1f0 [ 278.986131] should_fail.cold+0xa/0x1b [ 278.990036] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 278.995150] ? lock_downgrade+0x880/0x880 [ 278.999309] __should_failslab+0x121/0x190 [ 278.999328] should_failslab+0x9/0x14 [ 278.999344] kmem_cache_alloc+0x2ae/0x700 [ 279.011493] ? pmd_alloc+0x180/0x180 [ 279.011517] vm_area_dup+0x21/0x170 [ 279.011533] copy_process.part.0+0x3407/0x7a30 [ 279.011576] ? __cleanup_sighand+0x70/0x70 [ 279.027697] ? lock_downgrade+0x880/0x880 [ 279.031846] ? kasan_check_write+0x14/0x20 [ 279.036092] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 279.040930] _do_fork+0x257/0xfd0 [ 279.044375] ? fork_idle+0x1d0/0x1d0 [ 279.048079] ? fput+0x128/0x1a0 [ 279.051346] ? ksys_write+0x1f1/0x2d0 [ 279.055139] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 279.059902] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 279.064644] ? do_syscall_64+0x26/0x620 [ 279.068606] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.073955] ? do_syscall_64+0x26/0x620 [ 279.077918] __x64_sys_clone+0xbf/0x150 [ 279.081881] do_syscall_64+0xfd/0x620 [ 279.085671] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.090849] RIP: 0033:0x459a29 [ 279.094029] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 279.112918] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 279.120623] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 279.127877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 279.135131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:27:03 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 279.142399] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 279.149654] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:03 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:03 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x5, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 279.223254] x86/PAT: syz-executor.4:20975 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 279.252576] binder: BC_ATTEMPT_ACQUIRE not supported 22:27:03 executing program 4 (fault-call:9 fault-nth:34): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:03 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:03 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0xfe) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 279.294212] x86/PAT: syz-executor.4:20975 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 279.305429] binder: 21088:21090 ioctl c0306201 200001c0 returned -22 [ 279.404884] binder: BC_ATTEMPT_ACQUIRE not supported 22:27:03 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd00010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x148, 0x24, 0x507, 0x0, 0x0, {0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8, 0x1, 'red\x00'}, {0xffffff75, 0x2, [@TCA_RED_PARMS, @TCA_RED_PARMS={0x14}]}}]}, 0x148}}, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000009a40)=r7) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r8 = accept4$nfc_llcp(r3, &(0x7f0000000000), &(0x7f0000000100)=0x60, 0x80000) r9 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r9, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$inet_IP_XFRM_POLICY(r9, 0x0, 0x11, &(0x7f0000005400)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@remote}}, &(0x7f0000005500)=0xe8) sendmmsg(r8, &(0x7f00000098c0)=[{{&(0x7f0000000140)=@nfc_llcp={0x27, 0x0, 0x0, 0x4430f359066f55ad, 0x3, 0xf7, "575679655efedc83e59ce5b4e686c3a192c3b8f9df21a51a37f68b960699defd868c25e4dede4f20b11aabf6d8dbc378a8e812dd518acf0e5a6c4fa588d626", 0x12}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000200)="9fd41bad7947836b22330314430f9ae78427f237a62e4091a9dcaf0b94103add25b8e2a67ff2f9ff7468145921f34e9fc584c3ee45a50aaad00277a317681e4fd388cc08ebd71fe60c513ec406fdd76b6c81bfc66ed69a921a57549294fb07fd91d7dbe411ec970396cf97a4afbc7ba657fdc6b9e60e99da8de5be2c99164728f85740dee4de0275bdcab5181c06a052a1028d171901032f48beb033712ca1013e94859352b0237a7f23168b4c68131216fa4d6bd948ede3e631ef3cc1500f97c634ebd705a819fceec8c3f9abfed1214daa54b3689c05f23e81cebd0eb5656e2fc0dceb27da100f9998adaf87e172774e80c50fd70437", 0xf7}], 0x1, &(0x7f0000000340)=[{0x30, 0x10c, 0x20, "702a0d1fc3d77d45ead6c56cd8729db36d713135aaaeababc5bb2687c116"}], 0x30}}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000380)="112194fd46ab73b3cb1f7ae8a388d053efe17633458f3689e09fb040945459ecc6b8309bc3b06823c35d5122a25132d0f71bc2607a17646fbc409a852e574e9d007df373024b8564c3264a5e4e1f1d3daaed621c306c85332b0d10695806424882f842291d065fac43d60077fd69a294cd75dc3f06d68f003bff7babd1b2756360bb3d6d9c9fe406cc8ed6eebc1ac7c02045f3bdf0995c2cc30b5b65d1fec590dbb1616f502b232c1bb802e7035b48deb988a3e06856935776ab966fb064efd57a67fdd128fd262614d7b328d2a6abf300342015c2740a4306fcf2c7f09006fe0193f4500866ea78ec7c04b175ea8f6c1d9f5a", 0xf3}, {&(0x7f0000000580)="8aabf29c132f77266b11564fc8e2a250522d21a0148bfffa87d7d160414517f2a24b8f8e9823d0b66521debeefd09f9534be6007df849141d0ab393d5ec993638484d03da4d58ec58535e43a2a5c47fe3e57a6636eda16d834fea8948d2d502804670b4219435dc2883297cbe0b1bcf6f0492171b31a132808b9ec9a616178f18f2bb42eae1f5e09bbe059d373b4aa73574ec7a9d6163dec09c9f6f5b7456b2d77c0eade7b6df153e95f65d0016e63479723e6aa1af5405fe383bd75c8a8974882640b0096045dc025fdf6d68f4332", 0xcf}, {&(0x7f00000004c0)="6e8fad999ef9229f08ec939fd36692acb96688d6a352cac27e4c9d3328d86e58", 0x20}, {&(0x7f0000000680)="e0aad7c1f63ac3e404e7cf9bd650f1241dae64b25365c99e2c842f7adf5f5a391821b5a739ce65042d51d1112e18487a249b989335875841b4bc6573675b6793cf5e01cc", 0x44}, {&(0x7f0000000700)="4874f28d289365ba2650ae9f619483b782499f58cf5df66df01246c0fa2fe38fe6ef186d85006dacd5437d0fcb451f3c91d4d9c3dccf87852bbccb2e1677130dff2540f280d1e8d2b1476f6d15ce721c352511e11453", 0x56}, {&(0x7f0000000780)="517191dab2fc1b33edcb0fe2148f612e056e8c890947e968b990f1913ae6353dc98d0f91934cc8ec32dae97bc330f71372fb82a7667bff9ee5aff7f5c63b0b78946dff55f273d315951ac20a9420ea3a7e", 0x51}], 0x6, &(0x7f00000008c0)=[{0x10, 0x10d, 0xae2a}, {0x18, 0x119, 0x7, "32640a4616"}, {0x58, 0x182, 0xc0b6, "6bdb09aa07831887f08af6c9e97c118b22a0cc372c2a77f72506cb714cca478b9369a76e0328c7a87a634d2e846064ffce2cd1a751dbdc05140f696b9c3a3d0b7e34"}, {0xb0, 0x116, 0x5, "6838b1d2517fab7288406a9aa6a08138d53d05e69da56082a9c77b0f6c5d1fa9fc73314ff53503de9ebb75b1e0d8c85743893f184f0bd1e5c9889665e5902ddbe016f6c6beed26787bec09668977fe3b45dda28a319ed417b9e295589c7dff789b8c1541285f2d79a829ca329d34e312279b033c9300dd6117d73f23a9f5ea2bd69e28e0aec6e687c0097211d13ef701786a55de5377128ac55db67857"}], 0x130}}, {{&(0x7f0000000a00)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x2, 0x1}}, 0x80, &(0x7f0000002c00)=[{&(0x7f0000000500)="5637e89ff439416b4ddd11dc38f580378f68e29fb0930e346c0a93bd23b18c8fa2149e9509", 0x25}, {&(0x7f0000000a80)="db96dc9720575a", 0x7}, {&(0x7f0000000ac0)="5c225a3a9110d58e2076b2550633871a00ec917148d20a9f939409641c3322bf1de0eaa0b683d9c35a5199b2ef1aa5d36dd13a6ef5e6143f0e3ae26bd3f1ef07fd3fca2c4b7e77d12ce308169bfe1805e2ead39b068e1a852157f45b52814021a01126aa4ed41691e87109d3364d42b955a9e7a96e2fa9f07dbf64e022a8bc44c9a38d55365e53ba9ba99b1a70e52b8194b1d2afb0360273f8eb92acaf463b9c6778dbdccafad452cfeb86a0326cfc6f04f35e253de0cc1bb6eef05f8d7b7f8b572a6d173fa73cba565127d9e2f0f1fa091d286f25b056f4c17278ab142fb9c4363d92670c5601679f1b7159e0bbb5da7d3f220bd96863abc2001c5e41e2d4937fb17f117cea95a91be1c98562a0be0c49c4bf02d6c345049a1c2d41a8e05b011042586c7af2d98db71a84945ae61d9fd0a8038b6deeb0043b5177a07e6167701af964a41663ea3d07b7b446b80275506bfd0ef6fdf3cf52ad31f81880079b5343ee69077921f234af2619ee65f0e979d37262a656c05d56fc8218a9546e2280bf3b468d0af0d9716b8d2bc2ffcba42f761898c35815fc0e2f4c8a74e2c729b4c0ac00de8096ff8a0a5dd022da8a2652932e36c9034275c05c3575fd9f6eb2da128f25fcfa559aaeb00f8b6e5f06170ca19952cc44b950658588ee5cbdf5178dfe46b1284c87c72d34e41c6d953f0657ed17eb594d93160ad9b1edaf50e13320305b939a1d642dc1613a585b153f296d6d49293a1b5c576a0ec4cca604612734ce3cead1731b8dc2b60a24e566fe1743a0047b99d8c8cfeb6af01005cbea4fff3e813c11bfd9f844c15f02042f21760505240344abf1fac6d4270f0feee6dbd172c6379f07d381f0c96087fe4c08219b3fd45fb1da84c185c8b98a352187b0065abd1318293084b7a8953508c4fa419051f9a93c741f30e8ab4ef8ffb3efd2a26f4045e441cfe629f238632672fbcc0b9f9348076c9b1b21e2feb823a31aacc763bad9859d19d35e316608ab4be1280783f938932ca345176e15efad161b4ae0af2fee892a9874eb0f20a35e42e976ac3fd0f5615f4efbbf18c690cbb4d1dc6dd0c8f3b65321e6e6f66051201c4d5138138e80d07ae980e4b0529ae5d695cb8097db6069e25716adbb369daf96f65c3051f6ac0f82c9104e352fb5381520c34e81336c88f0d92f6f06db4af1c081c5cc3f618c157a2384bb44debe44e603b5f5b785367f2e409b16a89eac72b0adf3249632c90e634cd81c0cf6a130dfa70932de9841daa4b41179a04d4de51c3f2781af5d498007da34bf092035b4692b6b5c89b59ebfa05e5c37a06094b101293f3e9f7d3743d71122945bea50e42d0d4e0ff9089bc2285ecfcb47fbec1e148c947f39c5603045fa70d0e04a105d196d61e743ca8742840515b1a49ad7ee79ba4bc1f947f2469f27a6a3379a9485256b9d365940ae75f85ed9051de9e86b56db236f9b0691f6f8c9e1421b6b5ef18ece2763c7388b7a25149831f33bc0f9ebeda16d19eaa7a52332bc9c35aa925aa4ae835b76021ef8974af74432519d4b781b78b0656c8cb91c07e30920f38a9bd3f3a1f527d2fbaa7aa8e4e5f69c39d3841070223fe1c052dc85abaada7544b0d4d7e1c16080043c2af00f8e2631dc082ef6ebaa375a3219a2749f7b69b05219cf6b3f6502ec6f0959ff1ef51e0b2464d5df3171818dfa4ab19a25315eaf6f8398dcfbb205d71d3e165901ebf5e2e99cec4fa98ee359ba7546eae39885d2310ea5c593ee3d4dde8a60c9b119651652d4585bfdb2e1ed06fb62b4eec0009d998bde4c5dbb023e2c3415865099dc9bc00781f2763dcaa1471b101480bb03d60c8c8503a2872a758c2f10cc2713a92417a9d3b7d6ab5d00cbb81e6b2c0746e2e9d61436ce509c0873d23d971eccbcd909d4431b5ac32c6b647e47920a100bc31d511c548948785922e0db03eed96a7214a6e8242cb583a7a37594fa8c9438908210684f9108fea04aa3a9f33367e07725daa7310732b70d9086063b3e45bedc6af128f1456cdda3e223f2d2e3a657b4a1129a94377ec78f02e92cdebb63d3dc500b688ad5e8f7b80d298a4db0cdcf0b221f318b0092e4cee6808bee750ee29712c844f681872624335e29586383e5d2b84d4dcc46434b86cde5649489ba3a9bcbbbffc4b8876880ada659beeb8e21944e9bb51d8bfd3939820345381aab832c7fed15cf02704665647079e0dfc7b6f0f421181a82dc4c8aa5d129809c085eb9813117349f1975e44350be331cd1a11ed1629160f7c8988e4e12fae43b5566515f2e3fe152b303dbe15cdd209727f9f32e742d3fc3254e0a4f1ba9bd460945c864a3751088f4ed0f22c88a2d2b80d0f8896dfe09bcabf2a6466dd5668f691172d2ca882b8c7e35d60528d1fe8071965b27e20da0a2aad96a5dff2ad5dc0499e14f74063c895e50c23a7c9111c3b1000db0d41bd8ad15c9b80ae9af36f78b4313bcf6f7124c6113e80b11709a7d9c3fbe9f41bf2fa1b9e1583dd6d3c8d4cd3438eb87b88c32492fba8f27e58389a8c65f00a09b3035391462ca5f417fef4a3e9118e677b0d090d55678985c4723108e6dc96b3dbe5de5c900dbaa5a5d78659ae7fe99e6ac08c0292b14059bdb99021fb08dda8c15e781067ce0a504acf41c6e3aaaafafef1bf906c4c264994a7e17f12659e021b61f1c554af6f1705ddc9afd067fb478d0c6ed9adb3a5fe8d1d1ef2d5c71375a4bbce6f5b9c74033b7347262b9cf9ea4cc5a59b366788405f3324c421a4716e5e2eeb8e999544dbadb0e8b35b4ad433696e81b03fc4a380218af4677ae88389933f10d06f438ce761ea6fc42821d1824ace0abb6145bb4dce29ed70268ee6327fe45036ea36f124cafdf3b79a9b0c833049c7f5cc47b30a9b66f2b81d54b861cf00bf9d931a4bc05a1e65d84166a682b70192df1218c55acf24dbf5660b149717842b45ebbd60387d25505a7a1350d62be46830afd5f0403bde05e3752354c662cef5447f711799a2496d49dea6c8d9e449c5001b3233a64f03a16b1bdd55fcd3aec543389c7089cb3f6014470146eaf23266582b9bb6fd25025928bf22798cefaac13783fac63e085da2fa8af8d886cfa6431cb380986745088d590341c61ff9b94f2e7017972694049999da14987f83796f194caf5316e5203077f6329da83fabb37255317f4f54822f40edb51fe482128df1d28bcc3fca29e76f5cbf01b22e157d351fc82311b6c4bb04ad532768fb47d7bd974cc4110cc217697a18bbe69d5af75e9bac3a60685bb080dd14a51c3a64f5cbc13ad36cec952e66b35eb8541d885e3e5fc0b3b8ba37d90d21356a85cbdda559d6acc479e046f95c447e3f53d037827dc48d432cdd78b159623daedd899761e0fd71ef7fd24cc5c339e8b08bdd47eb0b3cb1264b9543a78a7caa34d109dcac1aaab222450bfc4856e0ddc512d0c09f0655d6415cc4ab5bf7a898c0d44d6bbd63f8d45473f7a87f9e035891a9d547b6baeabde0e32686df7103be4cb501a959bb7aa6612bde7573bbff7816b3e1754ec3c8abc668e4aed010eff18a1aa4ae8561260b300c5c6374f517f12ab4904081d98e469f07a30140130c46a94e87c3a0a39ca8187254eb88ecb92ec17597d6c66142ec1861c1e58562b44e5c25452f1b37134f2c5bfb5cb33b79609e385b4b35550f4e2245474c59469884d0f3222843bf740b1e71d2a7b80f8c0767ea7a2c148f90c7c19f67e40e83e751017f9da82d4ec57787de93c020deae1aaf6dde3934f50b3932498e38151739d06b678d70170d23f21bf56071390d8581415c55352297d81afa9f6a5c56c27a41b3e10739013eec46267d3ada9ed12b0d5f23a332a02ce5007df6cd54e25e44dc2285e3aa47d1ed1e543fe6d7e1fb4e69bb1063c6fc8257eb302c6b4e99babd465308e657cd6a5f7fa8eb6b4dd78f33697e69c575e6096bfc393859ff6dfffdf087fa5ae36d355a26bdd410306a5354c2669307d6f220cb23ceac76fe7562f151ae44ef06f00310a6030d92026d7ba541f68bc108a17068928e80de1aada0e08945105ad93d07e0cb8dec7f3ebba6059a470f08af5d6387972cc5469dac6552a370532241e9bbdc64d8ce618f5d789ca3379eda94f6c8faffe7e03a54510de34336d9d2c3f4f62fde961edeacaec865f23488ffebae66cdd7aac63d497e6a42f0171d39fa9ef934ac84dae663b8ab40b995942889a6c5bc2f7303e5ec24010ec9eae8cb1523ad9ed470404393281c46f5580fcdceb584931359e9739e526e95833ab4fd1fe1a7447a303c28a3a58a98725923d9755e2340a0dc7d96c7358017f43dcbd572e9deddc07020e0d99d61589f9a6d32119e47e34b09d45aefa16e01a187684c61926cc72c4fad21faaa64db18058fba3dcac8bee71ef7ac62134d6d2f5cab3a4679c77b98aeeaf4531fb5a21b3dd560dca2cb5e7fd320edcf41b7fcbee8dec2a942ea0b901971b0cf7a559424290839f8b32c97f4d6aaa3e6e201c6e8d88ccde5cc1a08274bd34ced8fca6e718b8215082904444223ed6b37f3475d46e556a1439b1271ec598d7de5490a61aaea81394e8a3fc1063bfccee4e79ffc4229333c55d86c4d440e06c416bad22bbe37b921f00a2ed6d11dfe8868aa51fca26cd57fe4dbd976af08ca5aacabe7ffd6df8ffa1fa7b9c23f09aa987f661fcc5c63606ceab43a79771e17482598508d7727e10e85afceef4bc73d75c337d23d8b158e0779e38b66477ae0ac4cdaffc7bcb1fb3f48e3ea580748aafbbba557ab3e10fbd787a82a3857d27a3573e156a6eb892221205fd5c3a4d108da52431da62a0598b8ce020ce20c53e3615812a68a6341f0a5c4da1e1dda4c806026326bb73269181f2a0bd3d2aaf268bd01628753cd7499956f5634bc96a829fdea9e6043a391d66b521009dfd23ea32c16ee08e1a445fdf60ea722b99eb1901b1a5aabade20e0cd3130a66a499c4ad7c1c6d844323e0f3d8332ec36c2524385b2524ae2552880a8d26f63a0d7cfffcab37311054213b5cb12e5ba9b121753603d916eee806e4198a9918ec564709e00e411ab6d961e09bea13a06069ec7b03f37c26a72a685fe2f622233e936f9c0ac09def7ec7958ae35cbd0e769ec030ee8f0eab7082f271bf0b10e038548843714e91364dda0461fa7135aae8cb14c579416b04094ae4a76e950b0f3d9633d5b1d277c3abad409737ba4715f547ebe0aed302b6244811cb9e523831913a5d776e8b1a9b1d73bcb22345d9e2babae192aecac05ecfb6b068bee00f36c1dd5b71ac7d1da0308b818902a30e1d6e89a2f32c626ddeeab7ca7318a748f8a2c2c310626f857feecfc6ea47f5864fa25b7b4478846e1e347d1ba0aed9944d26eab8086125eaff831fa0e4ad12b62b3a8c316a5b24ae7e8e573987ec905c40cd860aaee32b5cd37899c2982d6814d8d9f29243c8d4e5e106f8f2a52cf1c28ffda467f34f2abe4e4255622181d30050fa1fb16e14637affdc21346b0ac828967515a78a9b9b2ae69b4762827bdeb2daa2676e32ebe0b4b1029a4d64ced52570145fe92c1d9ee9cb817072d5b5e434d9fe896d715b750a5a0126b2ceaeb1add27c3cc2dc8cfbbe027dd10a0d0ad7462289a882f8631a3072464b94b889baee042b029d6bc812ac2705bb4fd299ef3fe4fa76ae545c0ec02b565a812a31c0b50aff7add9664748514594e09bb18dd7167067d0f53709891f1371128def971f16a224d5dd3f189f6f561f1f1b5460e3fd909cd92e1f65bb44b4336b1874fff22cff", 0x1000}, {&(0x7f0000001ac0)="4867212a750229d378deb378efa6c37aaba0d75f8815a97cf6b40627b7d73b73fcfe5327a343ae9f67d501085ec22d8a05e744f5c73a4ed6cbea8c93a5e770fae094b948b53fd5c812c2913c247a68add9e64b209dea23b7c1d04e7af20f9714e312d0b7b8a748ae95ed28595da00dafd2f89c580f5f9d055dbd807736d5e156831f954892196a1961b5bb024613c6db15b9b972e857052b9081bc77e7711ebf44704507e4c5abd9f29bf55c6d", 0xad}, {&(0x7f0000001b80)="6ad3316a561fa62ae6794ee6d8b2e4c6036c3c26bc896f1c8d488e6aa52eb5b8c79672aa95c6b19a81d510f12a163f46dee9b23bf74e3d35c24d364ac1503dffc9ec1d8c6bc126aa0954534f1a6653f3f6f03fbe4c6c4bfb43a5e1c9149ae0fd746f440fd6f2a95a5dec6e3ea41cd7caa0a4f8d64c85844efc4f19004d6e8b82", 0x80}, {&(0x7f0000001c00)="366e75feb88d011ad4770942b49d63963d27c14998a8f64c403b69fe16ad2b7ba22d29d7549218879e14852457e08eb383a93913a58d421edb191c33d3a23271e12648d19a7db1162834a41f41a27edd817e6581b5238dc3901832ebc29cbbcf930aa5601bc6e33f2354a18c6f95c86823275f802ce87cae679d5d544c7e50bc5631899bf8c744f3f7a26b86be5a596fea825e4c01882ac6edce6e8afa7e5411dd3827b65907a825b62e715c7e8783779a88a6678147f537398bb345c67881f0d7a0b099c6d0702d79fbeb27f981f3ae8ee71fbf4f49fd52a2f6844c98b4e2f2f424f57fee184ef590c0c2734645bcc089a3b78e5be83503dfa674120fd32ac30b485e1274e51b65bb24224bcb9a9bb236568d90521970feab705038621958a84a7093dabd989a234cf10616467dce55f1a557fc4f3346917744d8ffd0f7b8ee3c9953b60a5a946ad5b2558f30d2f5591425d5e738707eba74ea612f2428e674a4bccd3c4c9faf206878892ccc56560384d2e06d73de5720649ebd4e6655e0e8050d4b1641fd37f6a1763472375f4f0774fd793731e6ef9d5097af1b59b7f6b27f491f63a9bf08a1fdc3b0c40d19149ca3f6a341170fc3aa6ccaf44d723741f660f28dd1f803046c1eaaaa728a37be88d49c4b8a8c61c6cd9a6df96b91ccb35e05ad8d49a5c997e42a55db4b4f04f109af7e93110d37a7b99bbf767a3bddb766565054510f30f8262df5e5bbf0f88665ba5a8594d5c21b66270b612114b8b8281df87c389aa66dbf1811c3442e525817f4b7bb8f1d62796438e6d2048bb5c2dd2ce34eb15a3ca18435941ca29f74f08f3ac11da1b2597394b7443ed78c73b22cc78a238d74398a52317e2c15cc87bf249b660565e543ecf05bd1769fdaf7d2f830adaa34008c65f635e9c3142ff50963913e20f1a4841b1210bdaa081469d1302ebcce13b4e2fc18d1f5b6f1bdd7947830e5cbd486378299ba30ae7261c8e8a7a74857be07fb4ee7fe0d5664e23a9f651dbf72b9ba74b26b097cfff7f1daf314b95e384451d054bd6f06f4b7c6eb3c9de063fa8fd1cf9085b399dfd5c9a416ce41d634ed19b55d5de70d1cf402be5552effcb7d599046832b2e03bac3471e85d056bf44b6445ef956212325ba30866460f3db7cb8198f910b69d5d5bf810454d3cea36aaa76c580a24fa59194947754c80e371aa9a8f3f802baaa62c76c938fbd799d49287cebf2fb9d98f09722726e983551a75a7e43735c282b68e2f252f09942f40c3fe7f6638e162e8bc1da84dc49e87a9f967461ddc3b0de8930ce7e346fce5f52a4b38eef1c4654ddada0ac3e55503a40784329c71023324da19a44b3934fd2217733657eb11435d7bc9b7cc6d7988b6ca9c5f1bb285bb5cbcb9c223a57268d6b4b7f26a53e13eee375640e267113395692a416da5541f224d6ebc9dbbe7ffc7a44eda718e48635dedeedd41b9c5e5184cfcdc5fca27dc5a8e2c44b4b5447cceafd99d7187dc5c53c5e3f2fabdfa51f580ad2a128a025b7ec42756676cf49d865d94197c246591e8ad60e919f4ccd0fb43e24e25f4ca9b7594f601aecb9cd53580db92b66d7611659724fc2ff2555d2ea954a335e63b1bfba4c12b5044e2ff8eb51c14a44f4786c7e4e1883c24c150be5e2677e39e1eb4677372df8579a7ec39043609cb527057b08708fc761e071a86a884bfcca635023dd94e8c378a70799118400e85ceef2e48f162d8c9e79f3963075b6026b3bd87e337729cb0fc1a23bcb6570156509c48d08cb1c326b4e3935a7a39d3047a118c4602a127711024df474a4b27593f9b0a10e0250335cea1b2d44ddbd0742bbef7d5bfb6d784e8021ca320474bc35ed87e403dc9cca9d275b73688248b097b03dc5445a0d606b41b3295475002e88191f71344b064f448d0ee2c572d259e30bd4566b15276b85bcb00bd14f83fac0d01e69078534c539dc754abce8543c5684db1bd99090d5a355d4aa992ee443898f96e769ead28715f819acb0f4e16245aeda4e1c0f527d5790ef7fb66ca7e82089978cdb0bbe72b065d1997d393768af6fc1783265140f74eb7dbac0e7643ee867fc50caf017475bae08aef38fc78444850a6bd771692e25d16e0fd6186c2980816a54401dfc0604e84c41d24fc74de915e84dcdc739509229ad9bea5b228c4c9df5e67210d640dc714c8e7cb7de8985b72bfe52a85703c69cbc3ca488333bb856f1b729f778244fe70b8e7408063fd4919343afaffec711c3a4b6ced7b8edfebb9f113aa85833e17e7b19bc088bea83ca1b34582014d20db4897927a329eb3e7931b33558e932f7d41e44cb9f15809d3ea5b75bcbc0701981a9604846cf6caa1c5a177a18b03cb558653ca57bd01cf3af378329ef4159465fd07f75f29cb3a8aebd55242aa0f1ca1490a3bddb5f0724ca30e0dc3b16ab3c8dc929a726649e4000762aea82381334dabe58501b1ac2929a17b6acedb51b958b96e400b4da0c88bce188a9eff53b6a3aed53e23d96a60b6bc7d19b6e16539083bbec8542dc7c74ee80e0ce4d8eab3113c218142647fcefacc1d37b5ae44ef7d40a5e027da02b6888abbb148034e58dca32fca25a8aae7780d5252e53b287f5f212d6e3f42d6b49991e9c0ecbe25a155af94c5a5c07f09f07700f4b4d2f79363f72efce7e7e2fe4347b2936a85361bc18d1ce46d4ba6ca71de69dae92d137c319ae5059404b5b6e2512a983e8966d97750501f280f7571cd7e19e6187892b8e7871c9a1b59a582603206bce202e95d6554295f2484c7fbf8d05286a4b8626be8a2071f341d61fd74323386601005077b1d87611fb62bb231b1c5fbb8b57eb6919755787346e9442397171917f64db03af2847e8e2271fbb530b0d880c5d5ccc59ba93c09a25b73fa2e892dd59e0c6c9721d3925ccbb7bec4656c355e25d0386bede92ff88553054dbfd8cc392a24fecf082fdedda01e4b072e4733c7dae6ac6ebca09151e740b2fd1e515332a59c7604243f516bb32067121e6dc53481c8483b2e6d3a78cd8549e94fde210119e0bfa82bdef979cf803d70032ddc19dbc1a0e784586468a1072c398c5109516c7111edea822585f702fecf168c25982afa8214c2bc3e9ab7ee612bbf91c46c9bb6aa9f9823dc22da02e224137788be3022c4a5fce6a492c337af8f1303a71537e8e0acccefc0118c2735e8d0a7f04367119d2211220cce1680cd78d3296687bc80d33de462ac36741524389bcab50e2d8bb2ae42e9e4a7595dfce68a83f3828fe27716d0d686f1f914a716083b4ddf3f51d54829bc45f9a6afb8c526141459df581de45172ebe0a4af7ca6c829a7a88ae37cb73d493b2b7e68aa1a1fb9e6331a91895a44fbc36abc48f76e7b38083498dfa4b2c3ec947f337b6e50212a529e1f35d9855cafaf9ff89b7f15068693cf45085e004d0c06d37c8608c82cb476e067339e43164f7d0d138880398bdf364579ecd1321a58c1685bab9c8fb9d778e3becb4f31a98862ff19c1dfd82cb34697632f1aa2cd940bc404d8452ad6a7e20ef54be352c2e154ef388da98df9eeedd428b41a7a91d183c5c64209871269e579aa4089ed72304b1b43884e4c92b941de1974685b597e7d05dcf776563e57adb8f78af007d7a20e696f5555cc391128abe4faca191df00aa353f789da4a8f9b5de447cdf3d08bdbfb2558e16a8a22cccad895eab539cae631cae8d314bee2419df53b1d6e3cbbd75e9d791edbcbf739ac09e7572504800465c52f4225f8a80da6410476c68655495f37f13fd4bc5788776e57a0c66e8ba835f2fde93eeed3c0bef344d7662f2beaa7f2c78e360f5f7b50c614a25ae3a8a0654dc5859f8bdf12dbe1f0f0f5726cc47488c3bebafd7f0cfaab06077e9fe3002f8462aa2eb74db5607723d74581c70edb4542494957b3c0bed0953268aa274af5f765c636de023f594639a104fcb7577ac8c4122014380110732c544baab0ca020aa4b40dde5625dd95c313007f36a15708be1c8acec716dddabb30eced7c34d2a11ee469cfe0266094c4a69709de0197cb89df59813ad3036f8269df15dc59f27cf3d1b493f1a9884bacd2ce17e5005b47ee206edf74f06e28a7e96057206231bb9960a85fbe7ac88e80fd28fb8b72fd7a6d464b6145884cf8174da082cb4fef0eefb666e8d1b067d08b3cf138596c4ce56fa4b268957b4aa170fc15af6b56680f9de2adeff59396e2506fe756a7125cae443400d79313aaba85a3b4e206ecf7f0f713dfe44f1d2b2f848b632e4f83f9cb0378b0b54b1dfb68d5232552879a8a614d0a75fdcd9328f16ed849b728345d7d779e52151547b946186cbb5dbd1fb2266454ccf78d1bc0dcc35efed40cb0e4c3ea7de0c125ee890caf65e1958afaa6304de9f231b1d60b29be0ef3ce416b6d5f4aacdd57bcb54e14ae3f38688ca3c8dad411f2c267b47d43f870db1060f89d7bca3f636dd4cfc3fcb3072c4c94ebdd53bd455fc68c2ce8f919afc002668ad286116599ba876a5ec2589a1a18062fc5f5034791dbfda26d93c60a1e2b5ec77448f0594188b49b88fdba4175bc1f8b3635b8846394aa337085bfde38d187caf4e22e78ada528a29c7d397573675a0dd88cf16a2ca9e43a55af314b29092b6623e82fcbd0366dc78c83d04bfaefd68576f6b54266837509113f403c53503c2f8d51ef841ad5791e593c94c9bcf1578d822203162a3127f028a9370ede282132a876e41f514c0487c7c7e342fde2d53c34476e18342e768565ace4f5e7a8a36540e9799640a5f26fa6a05b26b81a183663d226808bdf9716fc87b5b33befbf076b8dedf4252ac47728aa98441a8cda6303422fd71dba92b165870fb48762eeecf39b6f481427dc6a06a42a069c3d37382bf06b7b347ae0e7fe2369efa3f91a9efa4fd45dc9ccaf0012f0fca51ffb8550436719a4ed32323ce635d089585bbc7ad325562663d785185c186f1f355934b9858d42d7d86b1ff1301d7b6271fed9588745d23ccb723231326cfdd1cdf5581b75139f96b4a1e7d59818bfc284545c236ae69b67abfcffc0aa813b55ecbea7a53f2a339d7410691001a9ab7b1f6403b43bc65703edbe45d1abae4debf0e5141923a08ac404a16930b74b5246704d65ce0737bf1ece7f4b72ed3bcf09476e432ec78ef4ef940e381b601479a5dde04f75b4da717996a026515c14f37110f90f722dd0e1b9ecb2458454eb089718273cbf26edbf0f9942a81bbe14edf149115d941c4185617ac5fee793c4b21dd4dea8a498769c48d3f1302efbac62a2582f9ce278ce60c61f30802c440a60d8b580f422cc0ea77d11c102f6399a3cfcd6ed4699cd916bb6edef036d1275c730229ce3064097f2dc915fd67eb489b7967a782d9f4d8b8c6318c9159fc5f8771bfd2cbccd64656de11f683d70d25259357ea3e09359236afefc552f6f45695f742674899b886da3e1439db2058d3b1f1fe27a71dc402c3184add2f89b81dcfa76f41c4b3801526b5bfb7168f6b388974d3647d2dbc5bc7a26a243885db22d78225a849ed080b7120ec50d2d9258f5de3696356ed198b7f19babbd914ffa9323d299322cb8e912ef3305f03a0c4b372d0679ee6371069406f43d10c70ec8a209d499ed779d7d96d7c5076c34a488eeeb6b38ed150b76bff728286a082cb6b15f9e921837086f65c285f0e4a8a8d7dc4e7b6590e3f764fbe6c537a473677d494ec45fc4da3a353cd97fdec95a0a113c7b636d59d50ff6ab1227567147d4a21d795b8f951627ee22e9562fc7c9278fc29e9717", 0x1000}], 0x6, &(0x7f0000002c80)=[{0xb8, 0x104, 0x8, "dcb1903a1db3b8af4aced6816e8b87b48995ce5a2d0f29cb447b4d638fe322099d901dbcd3f9211369fdf6df032b087eaec76b4d38c04ca1e920fce246000e734a1ba1926a3dc261232522a20333dfed8365e1012addfbb354871f2e1e2e3c0370fd9a9aeaa998efbade5af18f3cfd477e13b7ad4b4f5873d7f3d46f20f2589e7e9e54debc6aa9c5b3d4748982b54a97ac5143dc1b3e2b71856cd4408895b90194c94b"}, {0xd0, 0x1, 0x3, "6441a9227097a18b64d9511fae383668fc94e07467a2a24f0ae5240b7f07dfc0327c6b3a98d5bc59f67bba9e5344dcb1edcfc45a504215fd6d8693f3e61986a0438104bfd28b2c778ef64ee90886b0f40d31f09a53170ba5480fdcfb1b1c1648dfbee2a0b29fd7d4ea45236637bedaef80014fe4ab32b1616da61ba7d5db23e2436cda9f17084b5c2085ae7782c60b7fc9247f9aabf4281b9c26b98208883a53195367a9c8be8125c3602c60207a5211499c3f62aad96a9db34a9e95"}, {0x1010, 0x29, 0x61f, "d6ca7468b1538c1119f7be733003e64da2c4ced2653d65d47af0ebb4e526ba812723ec5618fce734e3c2b906d6e1ad9bf53e804b7a01d3e08a97372afeba5afb80d783e44b599eb6f8647cbba2c45a7477c984249f7343b434c1e7ed550513559feb18498fcfee88d5863fd4864d5ad78c5380a6c0798139dcba2f933d5721742d7dbb1b5121b356f4e1a352eac235e7f4b8d4daed2f58ccea806b00e3fb020944f5a132c0907ec6280ca6ff7779110a271ea3440118e401bd7cb3520407c15719b943fe4722f88461e6362fad1f734b436e04a64a8f320e8bc216b12d7029501a2f14965a2e5ef8bc2f193903dc35de73abfb36a1e9dd99fe25d530050779c67e8e1ae2fbb4b557b506ec400f4a06983e40c76a47b57e948fc7bf29c168c432ee8be4cbb5ac3d7448c40b8d4750637ce34b490ef81c30c62266279b0801bea94f4ac69f79982f0fe4fa95d2c5e963f3eb3bb6ded5db969cfe77783369ee13b2e74ebc5994bf659c52b2603bcb1270bd1b53c08cd21285382081d782b1a18b864912bf54e6480f3b3b70837b1ba020085c660b846a0d86f40017513bf375270e3913670c10552cecac5ee80ea33305e72e4f74a91281c2fb3163a57cbbd0708cc4c671e821b205b4c518cdf567017547eb0c9f5c85e765798921b8c25b24ae699a2c778b563f9d63fe26162ebcd2b9382d154b30ada30d1ddb5ce2b911d8c77a02d9e2b910916adee8e3d107e2667520e22664f506ddf72232551ef58b6c6b8b46b5c28d75c67ea3132972b352dd04eaec70946c0508c591dcf18dca0f6d13c4a9436bc4610a65cd0584110105a6b40847e5e2eb72ae44986a064e0dde3c143abd5fa3673161ecb093bdeba836503bb676b5212296fa94e08c3e664561869497e007a9d889b94668fbda87ad645e3d81c4c95d3a56b9299ad2739a8235769ba0e0e04a56de09c37e597cd3f4ff4de99ed7be380680540a60ae934b3d14b789a4d3469804790009978171372bc916a7fde0456c3262a2ece16ff4ac0a4c8976a2c5a628f07d383d595a2c73a284910ca2216e0664baaf0b87e46a26fa29bfdcfe2ece470bc02c693629815c593222e2ef99a51ee4d1f592285b9b35d50ea4be8ed92624ab17fe6158086884cb14feb7affa4b5c0c1ca7d509652adba0247c2d1f1a0006ef9b640182c0f52a91a6444b866fa4790dad3ea363f2dbb516087f6d329762c7dd9f2705fa9f57475e58e4d4537a84c9eb1db0f57c7753e7ad11fb8229415a81d6ced46edca598cbad95c50277e22916a2f4b98069cf237590af22078dcc8a69d7d286c90d956845606c986987dc96be203274a5c2f6d1b03de31300d1ed9417cdc5e5f15c120ecf17508474a4f793d36b16fe392a1958f4e8cd559cf00f9f9a537a71dd2751f36fc8aa6c92d209d02a93fd032d3e71ac676618ac9f45b6887b17bae79bb8e6cc78ca2d2fa70b4ea3785a8d83279b9acffe1829a2afa7b50b8e3f96d6a9574028909dd784eba99a7982aa927d77ea79c02be0f0c26852db72d6b34bb90bd42f7c599873deb45a346530b492a981dcdfa3ae3c696ebf4e60525d8a9e171d8c47c3e2977d7d9f4f59fb57ceba9649374fbd4cd3cac4701a083c113fb29b5309a6ea07398a16e56e99d6c787df94654acd3262db1ba989acba4ded77ad598686eee0247b36632b4f73ae76db85171f3314e375249c80d327e67ffeef811e24397fe17ae78d1ec976870eb7adc75ac57e9b7954309de41c55aca16b5d255c673404a10658470ad761ba6dd9f00da30bb09bec75a43e460d72b35427089dc18287ba44a067b4024a7703ef8efb6cc447494c310a8c81b6d47a52e6a7f15b961ba80cd1fac82ed19f8fec213df0e283b8184ced33dd274d27b04fc36900e2d0d6d217ec63af71fd6589c0e2d791625741f03e5676825850dce2297c71f1e0fce0ab5e3bfce15f4b5d58f37e362f80303f79277c99f13b3b0c78767ea76fcc1cef52a0d48960d182736a6665492ee788a4b933818a2bb5b735ff6fa0c563ebe0162640f8c309206630f950345a9bb650bd7961a3f72dfaa396c2b13a8c15038b11be8b5b41cd0970d34dabb06b1b9f779b9c8d668e8ce210480bd108e4858136366a166727eaf6a05bfe7fc3446017a5c636587a31b57b4f98a3ec2445ac76d6b0a019e04de13da8cde9087174597d428478586b81847ab5d3370b1bbc54e15d215a581b495a11f55acb0e2552bdef95c1340101bac71dcac2af2f8675b761c0ab090bbbb5de49b92030817a566704100f487e7f537c5c11431c123cf99178fe0f27bcb720a3b2ff5b2a86a1d7fe7507987a7a5c5326840ff3126382becd06298880a2b819707527e4a6f2f8283aec44076813cbb4792339d44fdd3c1995e8f35cd4358c1afe0a6a126a649f54570c6dbdf6c9ef342d78dfb4914caebef9b2d4dd053d433b74ab99f3efbe090947ac4cc3607cd72e0c92798bdc8abdef1eb6f380418694a018a2c77fe2e1998fc41ae681049d79424293804c154c6d3bf1b99e2bb4177cf56719a69f0b526200cac3950ac4838e05e96210cfb4690761f678a27c0459d3520ea2442c5a45c2c884aea6dbbcd3ac4be73e2d4a076d7982771a57cac5d5075902d2f52b7c1c0977825b6d7046f68160f324572cd385a883f3298697ca8c1fe7087ea688470ba1386556c0485b59c743a159867aad112d93329590afa54b752482f7239ee034a172a051be42d56dd69541be9dd8346a5cf90b0bc3171e55767b267689c39531b4cd7ced29e39b2aab0f724ee64d3ce6d6913454ec191c31c5d09479d538a80f83de3e2af24e0481d73577b0b712696d6678d6649b9e64340538008e05e4f141d4ecd7a65bacb4c211c056d0d8c6ee82a6fc7ba4300dc1fc618362a8c4799d49a708f14277178d570eaaef0baf695046df780356d4539520c55c0e5a365e7a64d522016e133e0a6be85f341eeb4ffd622a484abae511f223fa9642879a2bc9cbb1d99a1de08d224006bdd5516b9917a161b5ed580c0d892643639e9bf1403445fa020136aefef0350da462bd51de9362c7f519c3771ba077a2225497b45288d364eb83c756c4b1a6063c424cb9d2ce67aa58d360fcc84e9122b4dffadfce5aafc1c3fd1b1a0b969ea8f3d737b9a5d5d12b45467afc51a0524a4fc272aa11d3ddbdd4063cec67947885eb55a36ce89c2acd51e468b273f0bd9b48ab9e955e046296a0641a6b04b22fe87e5b3a6354c12e5a69d4ca0330e241dc0fcac0e3422b8ed7fe09e96227d6b1318efb425d55c64c08a0bbc61f7c55d092835589fe9f285a502625501934d06c4ed1ee88e612e83854f3d9f4ee54c59e0c0102fb9ecd3096f2ee62313be9af6c663d2ac2d4b0773606a393384894a49f356ed77cf076ec7aa12c788362d191182c2dc6ae6aa5aa3ca6f07aa4b3b258c3871b46a6e9ac24562b4ba4c09f34ee4dc3896181e2bcc00256db05da911c99b800080e387836efd7de2cb441d142becff116d83626b2530233b5ed83b3e497b685b1717ebf00b07709919c07c358aa6796eca948ec57230070f06a97ec91b3099d07e378424c1d3d9c6ea2a2aa87e0c653dc064877c9c8605ba1ab28318a5928ab0ff5e4fdf88675fcd656fead9e5a8d514f5db10e1f2902200c53f6027e589c82c507d07b0665492a46caae1424fe2d060a330c9c680c8ed2268ac1ef7d69d5a44f5ff46dd854bd242b9935a0a317d65f62d1dbc28c4fd7936e93933efde510efc8e6ee3c72f91e3ff8e50b50d5ecb349257986e541bdcbf2a5824dd7f7f157753a87fc0de50a7f5ea75e8ee3bd1e4123bb3a31f5e70f4f9f750589d29158e9e30511fbadac8771dcf0f8e667b45ca076d55a79d190d7518dcc84c04f5b6902338fb2ca775bf74d0434eb9b82a319a45ae76ec35d5363776c2354132264cf4c89eb835d9a752a87ebf3b8c15b9d38b945e0549c4b10b3c79670ce9e6af918037b32d7e516d179892458bcc533c828021c8346af89d3cab1bb4251534f4df1a5dd13c107c2e1fce7d726483f5d97f7dd88d76874b91731339b0eaf7c2105e19975b1a9c86aa1caa22e3740f6c5a1ad5254ff89c3482e06af26f9f59c6582e5f4e52a23b51eee1a27d69c57f6ba15ae179eea0a434302bf02bffabe0488a5a67f369eae78250e9c0df217f59b82a763402864c36e0ef61e5f72379c4de3a85c2a4226b7d8fe267e013e01a7417381febe270dc7e6ab25e38d147028417b0b53920e4d514bf0bd0a797d0650e791e174952ff93e1d7021979e3e7fd89f4edb67a1c0a08e587082aa8ec311e3f44811b192d6eb6d661a5a778062f1cd4adef55638c25418ccd33be892f34ab1a0e029c90a1a5368fd986ad4ac3e12dc6faaca7eaeb38e0205b03a4ad442574914acfab58791865cad5fe6e26dd841bd35d110a095e56b4faac1d655cea13db15a0402cc34767cf9209233022644da5f72801fca586149e487bbcfa402867df8a33bbf10364343db31d448f03a3329925a7413b130dca6bb854aa94cea4989a8d32886d3ac896aab4be0329c6f337dd8e519eb7d08908858304662b3428a0c6c3cf1fa7ebc8c14017a654efe116fd295e63e5991ed860dfc0459a5442285fa7c781767be9cb788d4378dae89fd1e005327de8338e9d0b6f54b027aa1f6469c0dbc5d6c1c8a5cfbd283407fd24904c99bb586a0fa9498e8e61b12a1cc54705bd835fe3a96cd0e1cceea5caa8c755e780a01fb492bfc99cc1de05990b8d9e12aae5e13c46fd8962252605913b2b7f7976b6b787c473f7315e4f623896dce61900219d209cae67539089bbb749dec3f70db1c531d0547674d6210f20cbc267e009f933aa922e6dca7f96e5b86806045d7d048f02c65ee4a054b9e12d12fc7617c69eff16cf13907451a749d7bdce7f8f806cad80a20485d323216ecabd5cba674739e86c63dd108194ba05f4d11d93c80a9d1bfd6ef64e6afc91f687f76d4adc7c850fbec702fd89151400618a7031d44fe041ebee7f53b6600fa4629bb7b14149cd5cf42c3604d9325044220da142de2eaf064ba975fb114d4d1aabe80104bac0a0e36845f21a25fce9240f52ee1c4989d544151cda51b6068bea767230a7cae609ce26fdf5af6d8e98e02f12ff658bacafc397a653079247bc2e203a275c9db8bb47c2a0f1d2ae07bfe519a0ad0c02fdae00f28418c3a8e05dbd6a3079136f110bc451c28209acf4afa7bc6b9fb395a704a5db958d675deada9a8a65ac3b88eec7d42a6b4f674a6b3aa84f53f08091fb13a009201d6a557efdb4bf3497d24aa520bcca53e96c45753c549eed119a506e7f4bd501f9e1beca10770045097573423e591d00d33a7c1e19e6859baa9fd40223c63ad1c4dd694179be95302f18cc517268af16a705fe6b1e12de298eff8edf9b5c04c4a53e9a5c46b66f56364219a1fdbebe3762474b28e3920a9cff0e2e0924867c871e62f9e6327378517b4db4011b4bc00ee842def97f56c3064420acfd63f1f1a58af11ec24ec09a3e77593667627695605c22c4ba8bb41b54ca63f6490125577bfa70610fb8d9f1eef7b2c9865d81ba5f650a9087862866219650a41f20b067118c2ecb8b0a48b339f9a25e7b9840ecd91eef9c73f06bd5a5e525b24fa65f989e5270c589dd634f1c3a0980c398443ca787610adf2ab50e9df88ed00c6a528d2eca5e3266845d20615501a4599219ee037fb46145bfd8df064966f277c1411f6be5838f360f36f97211c26663014a855e72492f009b517c53b"}, {0xa0, 0x200, 0x7f, "03ae3f636c8b7f7cfe1d526d344623b978cfa0e5ca6cdfb2da475dd33dd2f7b9967d7db8aa318e35d8f74a7780de6a40df8834f8da452f72a3f529eb2eeadd1f28ab7956a6a4a581e37ba64336f0660ce3b715577d57dae201b6b6d6001d527ac1c597524972c796b4996107d4a33c83ce00b314c9eca62ae94a11b012c71fcaaa6d95146aded47be5cc0f9a"}, {0x110, 0x114, 0x52f5180, "0a12748922095fd0272de7d8778f08a60f078857ef703fc283d073ed48ac8557b2041589c94f577a1679febc0cc251f287752e21e30c8b014eaa8b8ff7dbf6b6acdaf3be03a3e7b41d255ba5bebac5ed33feeb9de4e9ae9f2a3bd7a130a6aa2b8c7c82cc54a8614360a63c9e5c946f41fe20f558468c5e1d53454a6049d09b9d393f0f3cb6280a1026d408b0feafc00eef1fb5dc3a5074407bbedae7953c5225cede8f1bc7be42d015fa1000cf20dd1355109d0f18c0b717a4664f5c65f2cc36644b07a2575b7047d8b0765942bd59252a69643a3dfb4ab2a878e592da8f089ac8006bfcdbc19a83dbf4257ea8a6186e7801480733502eec7765eba9fdee"}, {0x70, 0x84, 0x80, "cb174e4903352a56ba30cad756060f8bbef92eef4eb0ad200316f60d60baee1c354c09eea3d501bb7d780f2c69bd85586c0ac37eda13df3f25d2ac16ac252635630f9dc46ce5af741afa7c5e013910421fc19e489fedfa8c9cc1d2d6ac4f"}], 0x13b8}}, {{0x0, 0x0, &(0x7f0000005140)=[{&(0x7f0000004040)="1e203b3a6f2d1c3d88ea31616de1c72f81152424883b2a4ca2ae3899df6cff290897e34d9a0cc9a78ca07f4e511cc1f46e1846e27fa94bd2729066e2eeee90ea2377b8bee744338df93ebaa88a00317b5aa6b6e70d3b9c1b6ef77b10f1cfd8640f1fa499922b5ccf2a102da31c550c1d05b6f9683b5cf4d479c86b53aa73c8b387521248dfd53dba49cf7cb53955f14c9c4259a6eb25265cfca7421e0a902be0697ad815eb24cf320d92873bb5a6f94fffba0c2b730dab8c9dee5859fe8690e288b0b781c43f99c50d14ceb709db76f238b48613829d42b999fed2f0364085a84beaaeb586d8686740a47a161a570e11c376f824fd3c04db2f2967", 0xfb}, {&(0x7f0000004140)="51a7eeaff582e38b321198301fab24bd086a52d12551c3387d74b89f632f1d79a31821088b53456b47b54df058c328d647f5e0b572d70c9eafb05caac5dbf310d687e2a21731806492f9729dcc3e831e953a16b0f33a8a3ced94d05ae4f646e795a1bc58c6ac3f54c8fa39c23dc6713b9f7301495eb3d5495366df51e535531b05cc2bf4d6ae4476ad6814f586453b3fb01ad85531a164a7947f8b5fc98cb60975ce5ff252f6b604e6de74a10e927b6f83f717cec6e0b742803f7ae542fd94f864537429237066b109f53f45673eecd915987c50b1227e9f003448e908f436b2828f60b0b5ce1bb6ed71a61163bd99342e593d29e56c77d62de596fd03462e68a01147edcdb255c7135ae13eb425f149869f579cd0f898da9992cb864c54f82dabab40538da2cad264e6313ef7d039e0f87e2b0148b025f281f3db7426bcd3c69bb4db8f298cd188fdb1ea6cece59c91587675dc2eb3f3523a3e48abd4419a6819b45b51ea6268a77a757e01bb51d80e1616b7e17c4ee76aa16aa8715b1c327065a80be496f9bf9ff0e0075f9f3652150f73e572d655578f491ff97bd77434cb29d391901418e597348dbe4608548ce884d07516d96032522055d5efb1ff6153d39317bb68580c1411ab4fa7895f53a01569096d915fcd5a8683bdaa9811b2b48c9dea8f9990f8bb594a03c59f424927fe1fd1ba57a1f44213ea18e82f6e4ec51598d4163ed09146093a771e38b8ec28b7a0cb531841c00054b0493a98b2ac812b0e500f1d9437319fa7a69a3e55306e20e460c76710400d8cfee5032e2e10bf894369dab6cf898e59c198568b4013e1d85e2ad3b426c8d5632cdb5263077ced3947266a5e113f2563d36f6856f8fea2d36c8681a3ae9be51b3315e231d9cb7c26371f4234c2ba2f20ee5b013584f37a66455d7dbba3986f4f4c8bcc3a9247299df216fca456bae989bcbcc5b95b93ca063f8385cb9e54d22b05e8a23c4f3b218a41283bc219b4fa4c591812b5233b01c7d5dc766e3ea25f7bf1fc35dddd7a586d415ddf1cd5d57ac39a7843efd45062cf65f31b30fd388c3be5aacd51564cbff65d1124b00da5da20878b267baaddd1bc2c679af7f61311868320b91bccb0507b2bcaeec47ef2caf693f6b078848cc219a85f02319c333865e890af8e7408b3fe8095159582c72d7e320f49c0c8633f18c76c4e472ea5b673f0bf9b9cb9a9b4f31f4cf88609eedb2f456b8f785450038d90e3f662f7ebd8b82f5abbbc4f26aa4e14c013246e8100cb4c710cb26bbac3fb523867f35ab53b22fb6381be094a8e2e41d587098d2b95213ab977b2d7249f9f12cf44b097a9f528d267900653c3ad7e62916ee73345cf48aa07a3f4155d51374122a58aa9845665f5cb732fe894a0a9d2b9736f2edd924082509c6b2ff28acc52b3343573651f99bc154fb824a0793561f5073416956c1af92bb221dd3ed08f6b73eb85e35fc530f6763d26dcfeb164d4e8cff3030a25bdd62baa196e6dc6b985995c4e91d9794db33d8fc22b39185f0437f9922a578d8269ad30f1d79c06d2cf3aecb789c4da18971b3fb70f8d78d7eddeab1fd874aef1eb0ef75488e26055bf7264394609438c7980034224d57c11dea0018b9a288b7f5fc99811edbd468eafdb2724647b0dfeb0509f3bc22a4307642cef377ce80efdbb51efc2d2eb22ed591489aed1628fc2fc8c1c7e2fc45de7c67c2e56efbd0dc8973abe8905f6971904e3341c821861025d8c387cbf9184895783566844d8a445c0f700f72263fae5074f7516089d2ddfcb4f8b2fb358907ce24f588bf05ceedb5682cfaa4beea7b9b9e6c1a689e8c172029c68025dffc911b8a735053adeac1f48092c6062dec587404a560e95638517b90b098793c7db081765b532240b9c13c5f72d63128d097d532068f7cab693732c36fe863d969263e4f4ebf95d64e561a3be96ea95e04aa53f87d5a132eafb3212a52ac404d95d8c1fae37e32b10ffd68229f988cee6ef2471e0d19dbfd28e73100e580d19a0bbc724c571aaeb92f9400ef911679e01430a74b2731ddc335cffbc56eea96b87de4239519a929cad92d52d8b0571cf3252eecabcdf2542c8753c2253f70dafb045acda1808a29d83e4ad736a3ea436838cd6c2be77b11d80fb9fa842b50942b1913cba8f5902429ebe68994301625353f8a34b2700ef34e584c142e689226ef86d094a27cef4ec58316b7aa6907d5fae370a345d31df899043a2eabc3814f502889840b3ba85eb28a408675577387a1d932dbc4c9a299743a5592915b051038cc36a735b557e8c37d18d9fdf58dcc50e26fed7cf79ce592295dcd8e0e573e846441e8d0f7bd9ac58a7d15ebdbe9832cb92e2267bfcc8bca45eb31412eb24c1e645f35c6a73fbf54c54f72140ff2faa1f728b01107cfb6ec5aa905b4db020f417d930e81fd14c928b24470db4aa768bccdc9db59e8be19ce03a0b5531ce29474b44308ecc48794ecd48d406bb64e4caf63ef487023c6c1eab8195fe13a601ce7a8bf003b1f6f3992c7db6f1980487f5659eeb50443d2b64d160bbf4b5c23027b13abe20797df0ac42ad1cfc00708f18061271ed7f44510d4d5a8ff7b3224f0ee3388e8e8bc675b72dd50499ebb35b77efe890e8b6c9c22218086f57f3842a910b99767d14d88b85861efcdcf8c0fb40aa467c513402de674daad32907e1b5db8e20dea50dd4b3ad0642dde504414752aecd8468e41d113c316f61dd674451600dd3aa47dbad20d459b823ab4175feb1cb649914c4623eb289c0812e1fc73dc63d83567fed0ad95f54264d4ef23845003fbc18b8bec104368dbe37ed3778af4fe858fb4cec81b6f29cb6bd344eb99d0f3670b511606a074bdc4158e35ec97e8486bd63b9f9ac27ff17eb8f8f0f7b45021185ffa277cfd226f62b3a0ddf41700fd3a7d83debd7dad9f6a78e46fa27916279a0057bff9fc0b8227ed06ff30e203f5db2ed8af522e1d4f2fbcef9365759d39bbafa4d053ce3f6b3cc7e464ef5f60c092ca31f41b90b60e180a1b35955d87d8aaee59d7d030d700a4861e2661a2ef4adb490a41f29ee3798b9247ab98541641299543bd7ed5d44f0a82c991e183749da460e372269083ae039d6b754a0bf6ef33a8ff7e20445637ab3e2395b92788b7435d7f46942ee7683165f6186fc8c4bec3b5b26f9bc64fcf530ff2e3365218c445d492733976d5cde5f1df4abd0aa7be2cb7f7748b43e5b5050cacf20727b84552acc20845c5f54a0d36299e38e739ef712be7335f41beca9a846dd3f2f705cdb416e1f74c3615e4b3e38efb856cc3ceb715c76c8cc74ba1302fcbf15236edda6a92ed1c478ed8d00f7858cd3d8d9167e523aefc662408c5687f9e19f3725d35e8bbeac43f9d60f746abe164ad6ea5babf57ce75c6c1eddc19c755775897c8ab849ce5f1a6db04f1d27446253f53334071fa10fe870363c9127b0d79c0994259ca128df014da58a19f541174d7a9027326a2ec501e58b21435091ca3c7f32ca0869b7a4cf6d8acc827690dbf957d323d1f1860cf647a93c20573f67433cd81b6ccae169faad696a3ed21503707bb7cf5ac9c52e4445d49fcb403c8439fc30b74e8d135b246889981474fb0c441f2446e8ee3e9182c20fe914220182602055b0224e92ac7e0f536f13f7f739168530af19f4f92ce179faef1d822b706868a6b595e6bd48f87fbe1071d0364b78b232a54d5cbb8f3bcbc4c9cf59dbe355525d5fd3e10b339bed615878e616085ce43a36585d2e357b1620cc3aaf789d57bbe5bd02833268be364615844fe36f7f07ecf62abdc5cdfeda25d3ceee963770733591e7f4a99732ca4529376021e72ef6dc2fe097ee2e1be5435857973b900d43869a53d589707e0d466da1e503ea1f15fcbd79ee0634a8dcde9514e459f6f6284c80d76295a535e57e42f544d2f9ec85a0eab4c006b95658f15a136b6c341ba7c492166901e8974d80b5d9a2f79025f86b24f2de84f6606acc034cf7ad579fbdab997cc0e2a8d3713893ff7484887fed6c41ec7e748b68e20c499f12262b9f3712750c631b2dc34ed5d94e3a77d64112e38981145e06fd37db0f613ba057bef43687d01a7d3fec9b20659d32f2be72c9f1547292554127b6da0a00bfc35638cc411678c67da2f8dc746b0a739e30f424f7d12f5ffafb3432f05917810ef892eee493a0598e8946eb6826cb537a6a104989b3e321e36ff972579bb03141c11e53c93aba9e433127f2f4b7c215ad8667f79f328fd0bce6dd9dea0809173d79749c9fb406474e21a2582cfcbc5846acec295d53a078717e166c211069a61c6f0280aa3d8bdda00806fbe30b4f5583baaeaccef6fd452e02ce236ec3056a6c340f58c3748daa825363ea364f7adcd2a7af72e17c8a02ccd9ef7dad59eb3fdbc7c45708d80ccee76f39d14d4a1bb51697a657076d3ed291607398eda1198bbfb0d371ca3216946f826f86cff0835d47e576e23b1e750fab0002fb8435879fb553dfc77a13a3043ed3517b25ee02f8f8d9dc687c5a0a72f35e1bf3cc91ee35e306999ada8db7eda8f27bf343612a4ecc87abc59332ef5be9c9540bb5387fa637cfbc6da95d95ef547f5d5bcacf81c73a9ea5588a2298e9d3bf4748be2f663bb305414db4a1b5c2387b1c23b26f57ed87bc806092c971cb154cfcc72cfaea5290b72021ba44484910a3485b9559718b8d4a65dfb08ad57a0bbcee4a533aa28ae590fe354622cc87b6ad10149010a909548c490c153c6394df2a3041804a33d3d2c8cffbf3b8de20a802be6ebfa39ebd38c84c6541bd9913873dc72b2b60b688e9313e6be91dd63fbb28adf34dc643111ce4a93f95bd109a8ad0ed3c8a1be731b4e6a2217bb7df58b77f713b8e83a90c2734404b0966911790a6b55dc4c50128239711efdd88bd269fb7adf1cc1bcb650b24197c235ca215f3a5295603a49dcaa58b7be14c644c6d9ad5657570526a7265a999aec11befea317c363866cb8e451e726be76f03e9168ccc9cbcb3c8a2056ca72a391ee401b0bd6dae0d7cc9f066e61aaa64f3322300555c3865eef84d64bda000a9d59e662cb809169ff7468bb24cac9e2f1a6b2919ab33aee202165050104d879d68d5f2886d934afa1d9928e683c929e8c11c84b1b681835c3e3da37980bff12c4f9331509ebe6ee07f2949ba2c3b48f7a3cd9a3a1b8e39ab367ab5394298de0d62e6630542894b1bb75331b0452c3c6db3236793eeeeba238b05f8b9d86359849e06b9ab31a7fc1f9479c285d3ec8b482416357987c97802a8e07a17bfcaef185c1c5b4f86134f9b92e6a68a16df96e3ae39f11298622cf9468701e5af1c6eb700c273f76d9cd0e9aaf8f11fc5447113c1641f2ebe82f75c2668c3871ffbdbe7427975dc74a8c0684da2fe860b054105c6d6d1a9a23861f16fa717bded91df3e96e38e0ccaaa67ed9d6d9f84347a0daa066b8ebbab1564e16f780ec551f2052951b254fcd8f37b6c1269510456529a3c3e1e982a038ab6fd6a7486afa20329bbb233e799feb249b05628903330a0e0ac7097dc41f4e71a043af0b5d705911bf9827847a6f609d88ce5d8059aca40ce242f2e6e19b2529edc2c605c863c8e3852a917b746be1f303b6ebed9cb81a85f4c3c7d2661aef015bcc33236fb4d2051cd06be29bcb64ef4a4635e686449fe35d835325c167833069c62d5f8c26fbf1e2ca1bfd47ce2869eb7152eb8b6cc523dea6edf1b2a77dfd75f6c5304195306907b7a537cb0d574dfbb212891e71f30eab970009f15", 0x1000}], 0x2, &(0x7f0000005180)=[{0xd8, 0x84, 0xffff0000, "4ecc8f64960c72bd4969732ca2e35128e12f1fd74007e0042ece28cfc5f656bf37e24ecbacfebe2c38bcd9742d3bc9e0c975af2f35b56ebdab808bb8213fce5597b19733c65bdb6cc94d681deed5333cf5361737a8a48d4dd3314ab64bd6c3954b0b86124bc5a30183a4c03564ab92f3daa5ecdaa3362916e851dd36fa21b6dbacfd4dbb755446e04f6577fa6e2ec86dc7417b6e781138598a73d4aedf6ecdc5201dd195e60ced63379517f59ba1f8454aeff92a1f1898abfc270c97bf98389f9fc44fbdef"}, {0x30, 0x77, 0x6, "25d6dcf0278b4dd174fe6cd92fd9d806df4fb491afcc03794e77"}, {0x60, 0x102, 0x400, "2528e3bd2c732aa31ee94108319e527b85277bc5d6eb98f122d9b72073ee16dbbfc5b119c9d03227a6489fe1e934e52514412e3e74337085dd2713a41beda2173e8989ddfcd1333c79c3ed86528ef2"}, {0xe0, 0x29, 0x9, "fea98bff017ce1fee65d24b5a54728c2c7e1db5121d9916fabb0ecf68b598af4f388ce12e8b8a86be65512ff43f53a7f68828e1c54924cba6663fab830fc03e8e37921292d56c7c62011f2d297084569fa6a204545bcafc2ac3b210b859be4f3f4528e996ee347ee4f237cdf0324b362eccb4c3cc62db2ebf13ea07c1d4c19c2cc27fed6e9074f10e29bd818e995d86a397971135917893a3de730c29f102b26f858ac5572bb6c83526ef2dae604008950e7e67e7932e1c7592e7f1f016bec13dd076ea9f073ce5d0b"}, {0x10, 0x10a, 0xfffffeff}], 0x258}}, {{&(0x7f0000005540)=@xdp={0x2c, 0x1, r10, 0x1e}, 0x80, &(0x7f0000005c00)=[{&(0x7f00000055c0)="9041e3db21405ee8f85e165f8cc77c54c93537ee7a5096bcb77738f023fa85b00abbfe64b6b470cc177eb3b7adda1cdafec595175b90b744679f4973af3a1ce034e3bb624055f23c38d1a4a8eb288c7ae8d50b7afb0212cefa4346c0137bb453cf8ab8d13dfe333ffa6f70550cf3add5ba8842f1e7339b7b0b1afe2d69195633c9a45256a7452b0ba14317e01de6b8125d30722d70c291866bf3b5946b2941cc681bd20510841a3981e49f1243352ab218312c7e593d3a8861f0d575062cd7c3618c5f52739336c2c794742bcf6a04691a86454fa8e1e9cb6eababee52031696b54e8af328e8e4bdf7e2192c026abc96887da43fbf5ad7", 0xf7}, {&(0x7f00000056c0)="7c9f539257808c10c148aa3c55acfacef12b518e80b8a2c2ba34f9e133d48f86fbcb9498432e5f63bce0ec61f7a72651e087c8f8e0ed2d329b70764a7e83e2ebfcdaabbc96aee6ace15929347c59a394f15f2097c5641d40ec4c5849dc796bc6ff80ab558a7a01990377225d09dc33d2bce3b72f8932d0aa9809a5fb1a58bf6ae13d609520fd9cbc2ca14615f6ad08a197e7dfe241c548d5c641cb65e2622388c72d5a64628042dc50a3faa973e6949831395fbab0ae9479f9316e9e79e8614ee82056f701abce6a4f9604", 0xcb}, {&(0x7f00000057c0)="2112f480acca5e2c1ae6f7d77f66ac26abb02d15c75214c229d1476b9df13a4c44c435c0784d1a94094491597999130d4cf4cf8c6972a242b9f59d6dd3ad7b7f9e7d024b1615f7a184935ce13a7e8b478bae94da016fb12a55cf70ba3c3701a106c3212dad4bbd64f2ac93a19962cd20ff1f6dd4f3d70983e3e02050d2087032d94cdd7e4a62855749771e158a7fa88a78f6cbb14af08f55a5001b0d8cb632d4", 0xa0}, {&(0x7f0000005880)="8b4827a953af39877ec8b819c0536bc2dfdd3de093edce0f4fbd15c832d773228f177d6f1f", 0x25}, {&(0x7f00000058c0)="8732fd595e4d51144621fcc275a903370796bea11a34c830b355e7df4b554e574ba60c776d2adb5845b4130d80394d4b3630a1de7358d2a3f51404cdbc33115b37ca9f8ebabb1f3f5d9903fd28d16c3d9e1dab724e6ac2904afc806471f29bffb72e2f77a540fa58a0eaba1982b0db49a2dd94d295f2eb0712c29325ba73e574f7aa0e35dd7074f20978eed8592de3e5d074704053dcffd9644505d8ccb09b1f199c25026f4db1b27330c3e172b37da0bc8a7e1fc402194b703faf6e9200881fe0aaa981acfd55ec3010a2e311670abfc851df2b", 0xd4}, {&(0x7f00000059c0)="221c3fcaa931185f3415efc08bc15ad34dba238b5509b66c1973e0bf5f401134f38bd7be2b0dc6883f859a3b98aa1ed34ecd4bae2b56cba58bfebbae56fcf23fb135dee760dfb69550905073380de13348dc08df61e0e559c579a8afe9aa3fe6bf10753d45de2ad156f0", 0x6a}, {&(0x7f0000005a40)="9ddd390f048a340169785fb3a24cc14d965b53071e40dbc845fe97ae0904ff0d95d631efebaf5f00a74e423efa61a1160c3e7134b85b9a68aefca90db840567c33e3db0c5e0ac33ef424c37c780959af56ef65f49fd4d61af34024bb64372197eb030915a1b659c7019ef806bc0ad672473482722bc04b58ebb645d61a559e8c6bb9d2a5b5e2e1f227889df6f38d26291f2900a10245084368a4c4ebfa47dc27b751ee45238cf1f5fe01881a714df06191857b01fa06e1f048b64a0eb3d5addf5f5f7f09e663e1410feee6d9118d0a6e72f7fb529930d10674ceeaba167d6339cff3bef0fb266d3c05e0d2a3dd468247108e06bf9103b2331019", 0xfa}, {&(0x7f0000005b40)="32c2703d1602c59d4e55d133ac3a211405f97dd11100c92781fa54c59b4ce7e59fa51f9ae87099281b03507149369f45c7a51a425d07e445d28eaa55f5a68de507d80e41e796b6e8cc691ba1fc47df3d591ecad50587d02062d77f720580fa461797146a762ec28ea2d1ffeb607dc3d910a96f01ae945411211bcbba9c9db035ec827cb2428d235ce5dace08c600", 0x8e}], 0x8, &(0x7f0000005c80)=[{0xb0, 0x116, 0x9, "660dfc94a102c20399941c0a19f01e61704b8a945f6a883003b72a528a2964bda69920a2b6975060af4337ef32bee853a3c557079831f572e278abf04896d17441970ec683ba0eb66bc7e32b633b14e36d7f8db30bf6a906933915db2fc6cf9f546515e7929dd144a2e4dcc1e31c59bce97d33e0b84d91028271098e9d5b796297bcecbfbb509ea49ba560cd14d6ad501f6a274ba294f6a211d999"}, {0x100, 0x0, 0x2, "b8ffb2fb75a6e3ed25336e90afba203694f0834e28a7a72b26114746735338118853bca80f158c5b556441f8d2b8234707652d70bd7d4d03696b17fd830f86c7d81d3e46339e7f037122c21afddb9811d7028eba2476457ff74d89cab1d3b8280a2b5c1759631ff02b87fcc02989749dfab119f2fe88bbdef00b12a19507efcb810274340dcccc08e4f1665b9ea0ddad8d09979431b563af7d16d309e99c715c37bd602bb51e60d32988f9fcde8e0154a9e32ee06c68e6706c7f7c88316a87fae81e6157817f396721bccea0dd80863483ff63c91ee5d7c7c40da172348be6b6662df161017af0f17f9d88507e95fd"}, {0x38, 0x108, 0x0, "1e09253ec806cdc695cfca95cce54d81c3d9aa760c72ff1041023537e79f584488fd"}, {0x108, 0x10b, 0xf60, "45f48095673e0a0525cea8d83d0e55a929dd45b99dc3ec26ff16e057a66806badc613322544e6df35f9b4d18e451921b78b7c08bc09feae5447551da5f11e812ef851290101147d500629f298381c7abfa024124cf8c340f1c9021c1165eb0eff6721f58e0ff74f10423c962deed23afab03f94fd6c92f09bbda215512488a4b1e9909d0501f856b3bb7ec9a86a9dbc5ee06f8732f0317ac7dc2fc7682d68fcdefc812c5caf28319221882d30962ccde6267c080371d84e3aea7010d1795af17b067ca3b2418abd8106a0df1c287c2f3de205e4519b75b7d2ad87fc25c3512c949a1acbc3034720c61ffabaafa5c9c84a2e7d8c03c14de"}, {0x58, 0x101, 0x4, "c1bbdd3f96e4fb879fa4df8ba06fe38f02e03f50b8ddafa0ca2e76ed13bba6c99404905c32ba8f37d9b087cfb7e4e9c1e3fbf9120c4e1fefd5423106098501ab2772"}, {0x38, 0x103, 0x800, "2f5863d84ba19865047d0f782b85d8e509a3ccba646cd6f1627fd90e6fc580c9c7ed79"}, {0x60, 0x11, 0x0, "10e6c9a8df9160adccbdc3e05166d40a961315cf6cc2f95b4ae283951a0c8ab131d886188f6c102ab5309f7c4bb85472e1a16f85cf01914cf5f74d2fe54edced53323901089d2dc5271c78e05d64bd"}, {0x1010, 0x1b8, 0x26, "8a5e96406533c8b48e517b0c34b71952d364e27ee4121b186a247f685ef5bf144281c0d9f58bdc61e2ce774da294a6c4d55d891994d00b3df7340d97dd8c1776ed4b37c22774d3f0ddc5d2b942596200802407a44653b40465ac9a8d7206850c5e61f10b7918a562c989a9afbb33bb5abe08855a61ee877e6824d9f84089ac9e8ad226e7b539da810fe6e986582858fdf1786031b5d7cb3aa629209bd6f48dac7d4f8551a59af76b889d8a34a0304a93103315bab178bd1c869828607dd340304a4422bf9e8d525c2bdac73d5ff94439d1c1c13e61160461d8148edeaf00063df91b1691c43cff9dff363350de675ccee3f799366fad47dfca1c2a6a535a1ec711c4f1600e17a0b1fec2e830dd64b06f194d5a0cc23cc295a4566341d7273b3275ebe7b58846defa7ad2e5ff9f7c7aa3c3e983cdf08a3bf4124998b271ba407fd43f6b7bdc1b93fe1c189353b095e894a0c5caf91e5d869c3a7e718fea77cb6f617fd0b29ea2ef38a64c845bca86e53cae527fb623cd5802a48b4587ef5117b7e25dac65e5015e6b0d6b041848f8665c3f55019cd4c9f4814ba3ea79e28be2e735ca29e7016cbcb4fc8a241aaee343ad9b5291b657af20f817af0f6bf6f5c1b8c77c500ec1379bed75e9717302163944ae5abd4e4477735b00f8952ca936eaa7b8aacf3003e2dfcc4f529634fe691db97431dc5ff7144ce667a715c4b18b331a92c348000a7a445af59989ed63aea4004aa7dffdebc0487837165255410719e10f96981260351e6305292565d2231c3380a5d13592769a11347cda832d65a3971ba346e88a8436be15ac4dd44bcd904c8399c8d940c82b4feed9c6f3ec733173f33606302ce71115eeb58ba64703ca9fd343feb4c4baba595d26b4e3508a9b27be6e2b7541002f3ad11bd8e81b9515ed156b774136f03e55a01b02e2a5606e54a776182910a8b9d2461d5d2dd2448b620c3d6f6f3ab57021619618962133efa10e8d5d0bcefd11ea82c05ecb9eb1507fc04dd7b1fd49b604114ee1b1fdafb4c317d44173871ff88242e97eee540234db1f19dc8408cf1d86f56fee6c298b159b08f98382faef7fd583f1dcb5f5fb1e444da77efa78c797caf21efa06c1a4dfef456d667d8a3d1c7453ff54b24e8641eaa2d0d5fa286597f6789307d566d860164e973795729214994767cdb8ea8933878eb5d9b695d16400da4017a12e6a94a21175fad6f0e17a2912d70aa4589ce24bc04d42c96cef7cb56b51f662cd82363f8bbaf987fba3b4352b42265460cb2d5e11413c1c007cf5418469ce4aa35c14ea2c80e6535dc9ef5b6e336eb3778ef50f19727037869744f351b8ad48a49eb4ece2ddef0d112aee166ee6f1e21d06709ef48e4381d827ffb675c8474d1cb66933dc6cb3bdb35bb5c46f15672aa9630bf3191971163c7ca044262c62617937ea69a64900ddf1c4831910198a9c506c38b1ed9ab0da311be89784935cd2abb6b4e6c19db6403214b50cb36392fc1cfae98d4902bbaaf4fe991d6ce82cfde8382dfa957100d8dc0832e6480ec8053e8492d5482af72ea9bf787b415c2b7e441ea3c64ad7b5e430d92b5a9a632d7b50d36adf49f072e596385ab240642d4bac717df1e15960a3fe8b5282de91b7c985eab5b7e45cf08cfe95b4e8b106c653b9046248025829c6a1363b0aedd23e1a1834a99784f559271c8819de3435275b27a901e84520a29d1e97ac32a9dc5ef44c6e3d8730e191b4c7cb844c3c23c9426cb82e2e0c200385820862d0d24eb063e332a37e9e54ade9aef1b156df72f70c8b18b7b26a314282bef64fe661845a35a60499f6a615b83b9361e5e5af28b0accf3f0e473f4ba57ed743056b58e35efb84fc357434984fb389e818c65b95158facd1be01628a7542c9ed80db06ebd781ff1c144d1371f609a7f98e2756367bf291541f9bcecbadf21e2994fb6c1d12207a6363f16dc8d12eacc7a41e79946aee1f2fc2b04cb06dfd23b3adadb295167cd1ed5c1fc1b65389099581ca15e6661da2e500034e1bf2631e122ffb4f7ebfb1dced8bf0fddc0ebf980637154b04736c84add6ba0c7ecc4a0897b22cb63fd980f709f4c23588e90f8c9b4d1784a03e2c7782aec8422a688d577c01b08f62772a0d9916406f483c03027749e73aa09954c0f71cd0ff85a70ab39d4d1f894e266f9b8027d125da68c81903eaa09f0fccfed45af17cd39623c965827854cba10acdb23fdd03d683cd7ea6d7f97b33a0317bb1ee2f12e1e755020e3fac88dcc3c0bef2b7c5d71ad3a1b2bf6a31a708694c50b8e986ba96134fe7cd2b129f41e0d3cb5fca060d357fa5df0d06c1198fc9f0bdd62e49248e2308034261d458820b9187e909bd0bb3075a62fbbcd01996de92ffb4fee7f191c28f2f923b7ccad9deeba5a134ba492e454a9b22968d70587afd03cf80b3d6c8b3c03f98c461d179797fc33fef8c20aa7f6362826249f390e38b86f175fbd51b962ce89ade1d2ca93b69c4172c39922533b667230c64b2b655b6312e70e21998980fdd3a3d8137b978bbb188698fa1c559acc393cc7c8254b1aa4d189c686cf2c8778660c636937cfd04186d11e2225d654aea95eaceb57795e47785e16dea23da084f8608a7cbcae40415ae546ccd668fd003f4c0958cfbd4d04bd6aa6a2f085c5560a80e51932b629ff25552e02ccf4e4ee249b311c2c7f18ca20b6d114558dafd7d22127119fdedc574b90ca37ebdded792eb5b2830ed979a3d58a70a1f96294a244f7c98d7056d5f921cc94cfa6388cb37292062d20154d07cfac0cf8914db3768c5b791fa8d6a9b78673371219f99e26d073de2da66e3689ff3019fd9d0177d8616300ffc88a75f5c734d95bd8c6e1f357e1ca9331210580ba9183088ae1796d4795208b3317606931fba61e0f5a758a7e37153cd3c2de53f5e5e239c1f91a3b45b46f932c12e31a2570d5e9ef5dcd70321aedeba33bb2a7b9b1bda244cc6f3a267969a5d17efbff2119c21dd3360de0bc6cfefe16c6338c40ccb256c530d9983a141df1fdb21436bcbfe7c8f0970256f6493aff0a2f761734d47ceb4c2f218b464c107dc63d2bf3fe2e870e8c82659a3541c8ea5b92f697662e81e856512e0e6d198e404f4ad568df51e7e24f337db0a8f8123a14151be187ca283e20eb27098633cbfa4b3d41f2f4700cd0409babb456e86d021c47e2871a6b1570045a79d24cfdc9565e5f76b51a9b00c52e12b797843e749a6da1ba7145b5b3f27801b9eb170fae78211feb5fa3f64615fcef8b3b86a06c2602e2f7ad613d2902993b6e7f16b4443cc47bcf1242eeb7fcd1c82f42616a43989164cb4231753e3793421c472e23eda87f69c7f41a8d5ad0057032d16afcb4951b3ce20ed62f3b5ba76423e19494807a85a2714c02d9c6ceac5ffd12d501dc333d0856f5c07346b6e5881f686359a262ceda710ce852f692c1a0dddae9f32767e714849442150d394c3d175dfacfce85889bd4417cbcfb685143516d5a66724dfd8c4f92d375f4d878149988419e0144e03e044136a5dcf53315d95b94c74fe879640772b9d584526df0638dd58e09fce0f89f2e27e4a2f15de1c3a8980f70d82fd8035c4f9b3d0a37c2b50c9f4dbbf4e133aadc4dda756a2af4b52c8d2d2cde9d7e27bb0ba0fee763b0660786ffc0150cbcaa7e10985f42fc37523ee2e4e1fa9b0af5ce426cec44fe599080a5626a1c23176a92771ac116fe85456438e8b71ec974fa8295ad95d5b17edd8a768b77f7bc7b96140a8c3d3ab61ceea228a9c1543d63f67731f50398b7b68b42c73495085610227c76a66d2604a2f84183413545ae81823abea5f53b6f20db044453a908e6d303a5ae1432d06f4a1dc3baf9bde54bcc18151e3f03c0993adb9b8168586ff011c2fc42bb3ef57f7a6b8fc18c9d0b7466554915b381191454a11f97b53506259558059130e410e4c38aa8cfae68559fd780055ca9ccf9427bf020c2165fb0130530d2ae278d8c3da5836df4a187c00a0d1522a66618a645520e4b504927780bef712c2b08814f730f64bcffe401ec5cef33c4e92618639d7619af2cbc3b405a11c0105953321a57b5f114bf2a0cc7bddd98a0583b0d4918a8705c63e750e83eb4d49e88ebb382c54caa642ae2b17aeaa4190751338ec676149bf5667cd695c00c763955e9e1e550e6f8ecad1acd367d116263f1a4de007820fa167570e9a4bf7675acc819760abba20235f108e8b435c8e1e9c4d96fda34932ba2584b644387bd181afed4fda010864db09d5dab95784707937f8962147d8ee2cee963ef5be5e5733d9c0c4642b9f23f8b02cf2d1c1aaa29aa1aae7a204dfc2185789e23f0e174290cb258121e3ca3e94a9734544d4c62981448a2f00590d73dc4fc05f6780e1e5e5bc8736b4bcc1ead9312902190ec13522af1bf6aef4fe68d4a3af9e0f2d4fc1d5ba98c176655611ea1bead846b185d6e0fbb865d69dd1cc280627b1eee0b68b9d68adda5383dddd4fd8990b5ee66566fd04f77d317332b443163faf7be27851239afa0768b0dd8438eda486761a0c5cab8a6322ee03ee167ae5f1726e05dd7b3e98eb2bbcc85bd85230f3c9fb329a9f91b4a5dff3779992c78c168f0a53fdbecec66021415f71335445c29afa1a77e344a0ff26da566abc914e53265f1b59ac37e39ecbf66c775d076102eb99ddd682031d39147b57394f683eeabd803ff2e5fd7be4d7ed97a6bcfec7f26736fbd0999373bc628ab49183f6ab2ef94545f1f6eeacf87a86f700c66ff4189016aee5357640f599c8fa06d3e355847a657363418f36bd5c04fb2ca9f5ce8934f70ca64f17a05768569e24591e0c80e6da77059201c2739029b1f507ac731fa3b18fb208b504ca383fa8a4c293536a118c1cdd7828ae8c0b7562697d8341575d754ad6b4a0b5fb81403f11777703b1588b18360d6140bd85c8696300626d85beee4cde6880c148c0bd4750619f90a6014ce67fe3881f6fdd0b47423fd575b72e3eb4958e33e1ff4d89a3a93189bb132bf7fae1db78a33f1d7be8c6f98763fb268d303180eb52307ed2797b19c45e6f9d369045304e84b599bf35775cae78cd7600ddcd11824b12e27a37c961e2827d379fb2cc514880c2976493196c8ccc85e850cab56a2de7421ac15ee62db406330e4e7505190e370559c5671dff841047563c0f15fee2391d6061e4bd45007eb0c9430e4e361b3d22784c20dcb9029152c4baa0a086d78bf173ea3624d2576cd28624927497c53d3a7ef401927df3bd56831f4d52ff2743a43bff73ca3d2032df668bc40cac6e397772e69651fb9362dcf70a10ee16091aa6932299368c078a1e749ea5d77cd02e9b9c449a249f39399c04e7b24c7de87f9ca1513dfc855515253310b606b8282ee967fd6627e11f2e428a4603568d65dcc62d216aff41de79d66a2b6bac6f18d77eed472e51cd49b7276acfd030d6e4f363a91158c73fe9c508d7cafe9c9cd7e26c5442ec6a1ea6a41c7751179511f247a79deece50abbbdff3e403aa76ed4eccb3398639bbee8eb7f1cdec24f70937474b80b1feb6853d6fcdc8952ff41379c7110bf707a1bb0cf3e6e7c413a7e2aad79fac2ddea3d365318b970aab968f32cf06786beafd94c770fce93509c8ebd8bad60278fad476d37837bbf6838ee235e5a0a9362c1dc00caa67d7733113234dc5a1cd100bef6f081348b66e0fa3efd87caacf4417a0e2ff262ed00351ad8d809a66db45e85db7f2a34a2821c52a752b748b1103bbba7fc7ad739a7ee76ba66e24af29a70e"}, {0x78, 0xff, 0x691, "8e97846a62ae6337c5b60ad32d3161973b34978ff15eefb974514fb4b8f654d16ef153989db4a0f3468c5f8ccf7ed72ff5f7eb1ef4d9b9d0147233f30eb432652386b4c8d80fb6068015352b613f7f4a85b30152804cfd54285e3155458dede10b"}, {0x78, 0x118, 0x7, "40765e8caa8b42c068843e892a859a9065ef626c6f0340474b309fea19dc61c016c47775eac8d65218b29afb7e4b5e3a23d622dd149b6a96f959871ace73ca0c81711c5345018ef4711e3ebc73aae6c1672e606f3eeeededc4f1015ad802570f967a7b"}], 0x14e0}}, {{0x0, 0x0, &(0x7f00000095c0)=[{&(0x7f0000007180)="f84ed2ad526378e973cabb195adcd766507449276a7574c452b8cfb08b85cef8dbb2a713fe5e8a93d9dfe59795c0f9097102c1c891de90931ad274b68327cd1071edccd8d66a8e86a35bcdfddbd65936c82bfaf4a1269dcc9c3892f523abeed9eeb2d9d404fd9218b5fd673f2d5c1fcc3d231b431717c8c059ea7a5f868d86f5a652e62131ebc1a44338be6c91b405cf9b37746824f98e073a39f197f2647e68442b06e2b0cc42001859cbe0ed78addf0f295a017c9d2fa158370a0a5dd291f3060f92cf1d87d8ad64902aaf70019240a6698cc86a7056445a1e6e5ec59a201c37c854e363a2bf20fa39", 0xea}, {&(0x7f0000007280)="092faf7e1225a438be8ea31106001b6ccc90c129238cf2e3aeed9fc94a82425b8003fdb1684bbbe25c2b63c12da1be9254b04e39c8ac041eed0457fa37", 0x3d}, {&(0x7f00000072c0)="b8a38e05851a7e862f71aee09f81b2a8a0b06812854a7737a181806b977d44fb9bc8b010981b9ddb28181b073ec1a843c33310296b762315665112f811c3a4f9de666ea09b257452eb683986d9ac91e63b3abeb10eaae9e59329808d7c4c09f70bf7e9a40a89acd73cbfefd6a5d0f9a02843f62e8af1e8b973ad47fe8e0a608946fc1b1de51e4d6e0f58117eef89c1d7d897a2b9c8fa6e74af913e568a9c2d91119a6a03bd1613e452b239ede4dab0627253138da3bdb5269cc59bd147ff7a14eff5861a41ae2289c7e3367e86e3b9a1fe72b3ed083dab3ec8237d067e75035cb417c060143c", 0xe6}, {&(0x7f00000073c0)="c5b2163e344a19ae98b698ace7961a1d7f01869f423c28284e09d554971fcf2a6e75734d7d5a07db2ac2cdc2f9c5644897a00f50de6fa09565a26a6c5e4dcf4737fbfc3587124b6486c1ffe2456d0054118be6c3571c841b2984857293e0988a2ba3cbc8c14f2ac7d7412148ae23d2dd7f42186b704151df45abc072d73bc7762644520233d030c41b69d670e2601666c2624aa3a3abd0f95f0c21287e930f57404a80", 0xa3}, {&(0x7f0000007480)="0c771febcdf7ba224b01280e0fe62eb61df6a5d4c5d40c11863c6feb29d0e923ba170741bce9de48ffa6f7f672ab506c646742ef4b010ce2aeb5a4ffd4c3dff2df92573ab121245eefccc7fb8f4a67d0324edd81dc480ab9486d6a7bb51089d2d6eea71ed0f3e359ef2c512a4241eea54babee3e1f257552067061da20f5fe08d7494585d22a37fac28e4a69afa0acba64368aa8d4f2663183f2eca9a60f6b4a3b30568fc5f65e41fcbce600467e77e3924e6237294a9d28ca2bb7d3b98781ea703569634d3177b1cd9de126db2441a807ce56dcc73bc63553448b60e1991e18e2014857310bea0edd48f792dbcf462f6cf9752b01f10ebe892f81caa10c4be66f040a8978984b94f9606a385c43357d0c72e5c086f26b0d0eb33aaee7bb7715f158b556e36fbef1a4b0bdfd6775d9e02eb201ab4c4695b684be95cd9b42a5f195a85e70793ce9c6555cfca28edf236838dcad7420d06f926e48dd45ea180b3ea9c9f1964ad6b77e68daacc105523e1ae47058aadbe606c8aca2653f0e1df151189ebe7ce2ddda9beecc0b3322206f12f7cdd060c7804cc1c1a5c4c9f092594db8d6ea78b0129da4faa770f3281c13c8ff53f1b7a3015fb2e4c16efd3f7ac890912b05fbe410e1b845492d3e73fcc4aa13bf3e3fb7e55146dc3b135473597f48833190239ec1012b7eeae59ab0bf08beae47a3b2c38f58b9561444f3c863e29194f2ba740e475f0e139abb688df928cf01998890fc0b78e41f250435001d936044e3b4060935163eea8ef5521958fdc8f4370375c9baab8568cbf510ff9b460aa54a1bd71c2fa6ac1c4721e0703eee75ebf5b48099f8cff91d95a77c33120d2fdf58c77b6cdaf3ba939656ed2b19ce29344e9eb66b56e83ebad8c5d591ef75f832ebb11494ba2e066fa398d8ea5e8a56b95a8d0a7deebf895192cce0f601124ea54f078282ebdf3b8d89a1541357638c9c9657c7c1bacbe61265232604b1eee9b6a671c2aa875b4fde36ebb13e2e20133c806924205962e728a6234e3371049bf458441069efdf14d427a5c2f52013e37e0eda651604f3841d6a948caa1c0a44ef05d768a922d054763c148a72404775e0f62ae4beac6f293acb6e74ef0fe399046bfcd6c173bc4582004be05941c69a2e9bbf7b41cf6a698276efd7ec3771e0ca3d8e3581b3c988ce5f5ed0e045cab2041b751dc92aee2fdb9e11c2ecbc255d79f67e2c18e58dc95a87ce03c0699019a2c4194d6ed7e8016ecd443da8a32ec081e9a5812629488dee78d52d4a6bd0a4aa3396fe5a2a71b3c40571341b90501ffe18cb074667b514e54e345ac01a694a2b53c42852f17e4d836bce8b6c1f950d558d2ca19e783834c0be26297842ccd2590e514da9b14f07f24475f9ce307f38b2fbfd4c01fbf551b434d9466ea384fc68c4b80b91b6b0a1b999f095554f6dccba69868a77b3a9ed2c8e5ebca8bde50997e1bd7a6a08d4b515e43a53053ad1d9a0e5f20ef59f64b5736809e171b4b9f65843aab4bb13b998819555bf39d9894accbfbe5e3d43fae9546810a097f5f520276eef52c4d96d1f9d13522634c2d75fa5bf8f8365283901ca96069ebb148c26f702867a3791caadef5ebcce2154c9d5fd56cb22828415d39064205e96a66b23f7855f6f3cd2afb058e389d5c8917676eec60bb32d01d68efae5e5e27309053b14b29864001661d2aa8ccb686dce4a49a2f2cf300345ac12e4da58faa53b48c95bf34497f886b6f30c8593b818ee3affbe0b23e608d8b7bfab8a1c5f585886399240057a3bc18546e38015d04780f22a4b70463af770f23e2b5aed04ecb8db0a62123047454399bb534fb4626d96a69cb009a36701c558b2eb01967881254e0d5a0909136858878c5b97b63c527550ae4e9c5414a39b278ebf26574bdf4dbc0858a624d46230c81854e8f4bbbda139e525fed79974952ee35cb19ec4667b38b755cfa34e30d55273cc380bf6ae9fad9191f3d947edf4d64cae3a3f1610e7eef770bdd20df1edee9849803b0c960786366086bae022065b7e0fb7b4691a93437b9164e4d5dd1b31b22c0ba8d19e98677f3193deb14a8ee0bb5979908bd1fde8ec0dbb3f3d07eb471adf2918019dd4fccab301746bc14013a56ce2b2de24e992e53354097d10798b7bc41cbf37f0a87884515e474ce2f0d66a9418dad6eab0ca1d7d0f98982c75be76a9f9e65a2381c530988fb3cec07d775a7a79782da53a6900ab02564d1851cd4af760fb65a8015d010957550b0e5ea93bc135dd24dfd672b97207a8e6ca543de127b0bbac9a4d197771df319c880c1df4a7b2a49c78a2abd1c6e27941a1494a44c89605a4ff3754d89d48de99ee948ac5dbd5197cab689505d43ca7955aa78c58e103f978f09931bbb72e1b0f50ecd742005a20d2028c27aea450d87fba8f26f89262dde92cf2f2e93a21e849fd161cfc4933aa63e62abe5e81b80d1642143bcf191647b1e09ad2e543d8dec2c21dbed77e0087aea709f7f44f1270b13d70f06c89f5b77b6f9a6081ac3e08377fe6078661a9fe3241f5e48d37eac3486343c280f75f8048a435f96d0f4c409bded887a35001f48c966c4b2124dd26ab54777184e00d32911be039270ccee85e25d01078d513c054be2f3af0410fd291cd93a58dbcd60624a4d100be29b9429f57bd92683c15b5a76576577c89a12776df22c770435c1512331e3f5cda694a7b07fafb36455e0f87ca4e45aee2a75b47f17621e65c91126cf2fb16e4a229504b3182354c7e384fd9c5ada28a62db037e4018052b2af415de743b714dad7be94d14e87382a93027436464a948b8de70181f508ae934542a590394bb50525bfffb0a1960e90a582d5799ce9242a216e6cfb0b0b60758ba0d1db62e3f587a0af393b798efff233e5fd20fb315f2e59013e652b0983492097b9dcaa8741620169c0dd643fe1cf987eb52458d2207284f8a488725f367cc680392609336fe239948e7ec681ddd6693ec567baec56c7c154cf8d8b14bd595944bb0fd36b48c4e895bb481a3fe39a697acf1d56fef7ecdc2526e1515333c622370d9292aa6f00b3d70e7f4577c41eabc89ba4c9c1fea5e30b663cdd444f39741c3b888274f4e0638b26aa59bb2e21b39b5f24364b489ec4b0f1ba06e635dfd3ae5e926df24136993778b8a5e0cadddcf918d81200d373027bc8b965e2c3b19afd5277bb93d469097775eaca91565be4ed1d5c1999a908cf9f05aa3967142ed04d11df1cb8a4971be2636bc87f3b662788d0faadedde4a95389ad23de91816100278cc4019c5013ceda11fd6face2673d6d62c78906f6ce2d2cde22111218334139cbed187265e006124c6545fd72685417aa9b57878611934a8658dcd4a7d31e0f5cf1db2f72ab844dcbdee037ad7e93c68ca6e1c3eb7611d1bef84324f69927df5026cfdcfecb0e5e30479db9843e57af0745744ccbcd32e9c55f65db5c4f1c4da59a86c42bb9468fdc33dd4d1906579581e7c318915dd8c97ffd4a286eb8215e5ac44422de422eea67d833d79f73b2e24a607e5cadb5910957ad52ce5009f3e1c4acc07ce7a17aa2c4859294729928369f75c0681fedebde69d4cd8f72f7d0bac4d0d77d3db9dc4521ddd9e3f07b3cdd97ca9355ec25753c664ec2b21eab7757014b1b2b8a5f92a19d9596613ab289448cf06e4a552e84e6fa628758e136919670f683d95851ce2936f883fb1c716199d29a7f5b157bc6d6c2fd1c4d552d7572ced9dbb002900427021f47dcf7e532f01e0f06cd1502bf6a9f7c7714c9b6fa3191341bf8e301121fa701f7601e7e857925dd48d7054d5556e5563a0586ed41e90f9a7c736f64151ad52d7c4342f03c72c85460f24041053e688d7fb2e2ae510892b89c50671ab98c4a23fc84cf05641333c9b3c3f0a0959c007c0c6f3ac2e48b0b74076e68ea2679fdae2a93b90c93ad2e60ccaada1858dd7098ca852bb35de1bfc7c50f6e57a055840487afabacadc3fe2985616a88c9f7e5904036e02a60260476efa7bf7f9d00c6c45b6f90ee3c05d82258525cb21c1e37fcc2d27aea87b0bf462db5daeca6e293a378ed172f08665709911366524229cccd69c5e821437e8b9e24c9cdd4a1fd934af1d2b0ceba851cacb6bf595619b24ae0b0c93ef70dbeb520ac57e1e3ddd1670f29597c06235cf81b3b11c6112ef141b9140f935fb751663d50adb70c5fa2bc2b53ad6dda05ec856722038403ae9c73b101231660ff9863a483d29ec58ed11d48c52c317675deaf747b88c678eb78858d47f21ef6e4b53902a5b18effffc6e39d3691ae9171ebd180c1d23b9ad3ebd8638987e3d55a3948b524f76321a834104ee5e48c8349dfc883df566d46202053cf2df568cd0a0787424c63a3987330d01867e0aa930daa8682d39c5d5089f4ae1993ab7983cf00b2989e40f4d655e0a3ca91346ba321272580ae4da3c6cb0fb76033eae4e7eacc372f87cecd42986306a5b05a4025feda491ef411ef4210084b55fd0f7e2725bcd037d8411eecf7b648e141eb7cc73c99af236a028565cad733ef670a900d9c94537bf49463953a64e9c4b43181f4f98aece69966297ee222a0d879a9dae34dd3c560172593892ab1bbbb8ef90949511da86a7199d55d2f2e4d945c8ee22ba70612ca6c5f8ad99893797cee6570a470099381daaafee455e41c1ea2bc7eef7a81864ef4303651b5a91855a6cc771f48238da9a86538695f10c29001c892de8cdb9764d3467026d36a435053fcfacde03ed13a053c04393573addd88a1a38e1e191f8df03b8783ca87a3d8ac4cb80c31fe617e4379584cb3c5796e4fbde8c984e0eeea8f1da4441c50143e10de9792aae9f6bc90f156973a7df347dc9185a04b025138c6b3908c42d7cca6c58dfeba2dfdde288a34f33b0a2fb20ab3bcd50377fbe0ddd845ef2c485d7babdc7e3a9974f49de48f5be7a5bf0731538a9c52c473842811b0663acb7b766c91ab2978956869807c1f717bac3b75926b84ccf11608063e55c2537db32e973d76eed89506889f214edc3371b8cbd94c8e8c82c528f5d747e42f91b65e86111070cc109684dcffe8a8517933e4ed285b1a79bd2d76b8acc7117c462ac73a7d5887bc323e07bc3b5013ed9abf5b9e58f88a4372f3df83194177eb943c03ff1911e36e36331479f09ae05f2cd65b6ea2ea2d60902213457ab38675a69b0181c4135f52dc4031a84c64ce40fc64c464701f423478aba199322c42203489c9c70b965b278724924bd28524d523041a81f1f05f523e11cdbbdf967d697e0b481caefa433f1f5ff62b9d7c8f2a7c0cba3c00bdae96c1662565ac2324b25c9d7f09c5ade1adcac1519ebda31c229fa84bd3c7cc69a129519d5138a159bd3e5d73638457d35600932db0b82aa85748b9478b6187a4807ee6329adb1b16e23fc9ab1cb49e00c00d76beb2e1bde04b5910998027ea8919a6f3e357a15f00cde4035e96a9e3e91382067e94601739aa51a35af58712b5169f5ee50ecf05bd72777457ef18d5e6f0b41663e8179b1b21ea7891e81b37b3a0ed26ad96ff3e8e10967e8b0487f891f9d7b06b36d3235cebae10fb1143541427e4bacd0c3fb13714b123372ea8c0733f2e458be06b6c327f246dbe3c75e81efdca1543ab6a6076605ca7cea125c99dab0b4b43cc1c5dd9f7c1cbbf0e951c4a0127e8e3d719880baccfc0280a503fce8c2d53110e5c68b41608f3d8fcfc0d8a73326b0d53f0f569d0b32cea229f6e91f79fe47f9b30612c8db17967a3168e0a902c040b29909603ee4674", 0x1000}, {&(0x7f0000008480)="0d6323ba175b", 0x6}, {&(0x7f00000084c0)="ab71cae588b34d07289d12d2ea42dbf36d4685248b0fedb895b3923c5b4dd81e7f7149913fd3281468b504990f85d2b5d98c2805d2f232fd008eaba5e785301de1f0e32f3f313ba76168b5dc0c3b30fbcbacd849ffa3f88c04c4367102ad7fa88f07447a6cb45fa2714f274e6818fde49fa216754a7869cb114765ec76085d539ed2d40dc190263303e5320dc9a521e258c6bb276cd84e59575430df8f34454bc0a236b816718c522a2dce1e91be80a3d38092c24c8321f46e26415890303be7", 0xc0}, {&(0x7f0000008580)="9325982a93734638cfed433a9e89e89f", 0x10}, {&(0x7f00000085c0)="9358341198c4b7e0d914ca8dd5cdaedc13ffc1d0096d9f5e31adcaab99fa95159d5ace2aef222fa8a51fc17ffa01b00262b5a3248ae07d074a5c72070f49ee4e612fb5f35f6371a7e5f7150deed1f853dc575abf052f8d93ef31dbbecfbdf5c32afc6b68493149c7af7b0c21466f903379d77e7f74dd3fc2a1460021ba8f4bf4cf3c676edf738feef8104724bd71ca268d82a6abb71ac9a40d7f76740ba211159848b5f456a6e3c82f368ff146706ad18a1fe1b0a54bfa450e1ac515462bfcda650d23b7fc96f6e0413c04433f4c0f880f01f9457bde758f72d45c5621c2bc9d691e4c01dd395564e2dc8e82908dd490d8351c53e00e65d0e273fc7a2b48c2cd599dd2a28cc4af58b06c1dad565e0f31cdb155ff26db7022404f752734a36fd3a5b0aacc1b4d3abcbc0aa58c7658082b32e75bf512d3fa4930b1cc903f230c01413042d1779beed970ff727bfbe845eb5beba2e75f6cb7619c4fc8c83ad9f397c16d4ffaa384cbbdf51bbe8d3837610b52358c976d545bda5db369539648149741dcfb3996d00477834cb8ca06424399fcf8d97941c9b66ae16657cc494981b7df233638e71268a1c28cf1bf054a76392a00feb98e652bb57d09c3b7f718629dcf8aad8c558dd02a63ef0ba945865d3881c676d89408d127db0ce9dc8c3eef081514c630b67d8bf53702dba0d18d771c3fdb6d735045525249827fa5f8da063e5be97c813f5617c2238145d087edd8e9005c8205b0566ad03a0832d8d5c3365d8b240686dfb610b56d00f2acdf4a15fb25d0de79ebac0cbb5f908a374fc3db2920a00e9d4ea3043531f9b9dc2365bc3695b4777aa164df2877f9e7124db7ccd94390fc3aac174d907667dc9d96e8b50696823d586742e2fc6bc0c75887cd4cfe66205f7cba9dfd00fa1e326455474a764ce401851914d84ed4f554c813f491a4c8b1ec38ddb2709c62f674459d419c5e0e3ae23b6874a657d29e4bc17dfa0da135956947ebd72ddb318a2b0927874cdc744e09226a955071716411c539907a2d74e835554c23f6ca372230a64e56657d8abbbf7d4b80229874ae76e743e2a20f64f5d0c419330e8189d973c51663ac905d3c9922cc3a9c25dce9978cfc84c73df623147e9ca636ab0d3f4c7124e44b465f8469816454458389c956136f9ce87f1a71d1bbb34011ee97ee121ac52353b35f3cf4eeacb474e6a82d74e524e63215d36756043f50bd909595a73e715ce99a8a999023161d398de0eb8f114105bc5bb7414f59a6a2ff9f07104c3db08ff97ee6c215724fb4e72eb1c6af728761488ca78eb6782108ee494d47714fb059e0ed8f6b994ca595130deb2abfae1f91d85ecb5d3485bf33329b73912b83f8de065fd7c22dd69b46b28a8e9bdec1523b1f8db86f87a0f26e0dd3bd2a2e17087c2a76254d62761f028dd7318eef79efd00e45a0c0f3a68fb322e425666d7c31ba1bcd0f63af5e2944e98c8b4d906add79007b1b0ac9eeaf9d65ff15e893dc1259bc49046cfca8876ecd12b7f61bd8b014ed605a25b520ffef497d85656927a0e6b8285b88e5220105935a7017930bf5cc62ae9ddcbe3444c3769768eefefcd2fdcf3272566d065aa921f898c86d7c01a8ba74be911f6fd927d2a68dd2976f5c5601e22b95bb3a05b25d5e3092489c008bb9191ff45f641653ea18286aa3d3d74397dd401e0957dd00306643355abf077d32237d8ca64663f2268a75c8c75596d4986fe009b69cc8a2309d5b3ae9b25145dc6d7f373ee8749947aca9c1ff33089cb26b72baf5a1b5cbbde2c811f2420c9921f32712853f29909fefcda5d48dba8c2e1c7f82fc5b1b350bf4837027ea763e5c516278aa9a3656201a17b657b8f22a5575c9252c3484000fd76326adcc6d8c8630313ac248cb7d380535e89c6a2f1692771c1aa200a12187be2cfc4cad0943f51d1d2b4cfe5510871c33e4dca96ea15cbfeb36fe8a6ee0e95381007afa809a3bc55687d509ad90552e37e53a92614def19f9281283c41faa5c70e4e5060b44d61b54fd516e7b16a1f54c43ad0ec0543f185513e30c188a3a93459c4fc7b90a596b45972348a89a90c6fbea74cb1cf117bdbc0dafbd639c7f067505da095a53304fb130625d3fc74237ada87899424ac4c32f95a98d9d5bc7f87358338795512859f9283216a9a4140b293a61a39cec87b15ec05e2bd53d9d8b1a8d53f31f93eafa7ab408bb8f4dd17e86aef31fc97d9d3313904f46e1e8e1afb5f578a9f411b70ee551c61fa392d3cc01923db5499702ac7d94b1e14b5954699424628c3a3d5b33380fc131b3c306ad2599787d6725100580cc8a75433e9c1269c44fba226e1d78cab425ae28d4e0fe3b14dc8c543de33f32532f5c777ba30c2552bdeaa74eae4a3eae4912720e9d2fc2da0b86edc46c31a3391f52730e71120ce04ea2da2202dcf4134728d08f22a381449922c5883dcbc1b29e7df2c993298e69667574d666d64edc7c89e435430dd80d74365f5b355be46c6b68109c2572caf5447925fb63e3b88ff9bfe18873ef63162b0bca2c2f6978037f1016da0a574184f96920cf0f043d0506c21dfbc71354e2e2eac8b703cb033051d05ebfea2db970614464a6eb1d6b5179c4df29958b70b5298146a67d29c8daf37cea60749cdef4d44a4f6a8a2abf03d4da71eb49220f69b21d18685adbb6346bdc67beb8891d4c84efbcc476737e2a67c0cc6359b3c9c07c42e477e4e79ef7e8aaae37ac4325e9e14a19db6e157af59bfbd9b081d8f5c2bced0039c6ca64e0afeb34faccc92b0f8715c9e2e18a5def377563fa2aa4f7e88abc4436e1ed13f39eb609b9e3a3a3fc3e1abc004e935296bc4c0e47f8ca0ec8fbc8c363ef5ffe615f40a98f92b3f1bd14807b3576895935dae67fb19172b5770305cd6514b9f79c9c114a1c1bb98cb3dee515249875019b4c27aba7a00541b54f155b378dcc12edc26a5f9d013d182eeb3c3df806b4fb668e9098a0f797d5310aa48f28691bb214df161fa72109e4a43cbed36fff7752fbf09c20fe6c9ed640977136d61ce9eb1e2fa9170f7663b0625dd2b00262d48fbef0fa29393d3f38116c4d6d5af78904ce7149a9ae120fa9426970549b86c93864168c3c8204add6639f2ae21b88eca92bd6e7542e1a16fd574ef72b5c6dffda251263ae3aa7f163a48def3adae86257e7657bb3ff0d946946a3ac2b61afaba239a2c68ae9b81fb780889357a03f80e682f333c8b1541e1dccb2a31771ad2d0e4873d24e47bf558dfd440144e8671ac278884ef4f0c49e53031add27d04208cd3fc46ca16cbf9dfd25d6a36d53ef5927a0193ef13ed12e6fa82bc3ebc10ddba98f77a79fa3abda4a8d654b987354eb2167ce9e2cbe12c18d1aab2f9ff30c22abacd4c09e9397851f0fb007eb03d8777ad10b07772a56ad22cfaab74146db59eef2e04da4df23ca46924c2589b4ce6605e08f4eba1466f7af9a56d0f3587762db7d9250723f3983c4d2c3b017d1c54ea42be001ecb01ee3a2abadee956d4647ef7d0548d29e51297faf74675f853723334601792267c4c53ee89349b3b14e668dbfa732df0db3d755e689872410484da28be351fe372ddd0898caa26ec5b5ba76827dcce4498a49e0dab9b3dddd3c110ebe33a7cc1b11eb6415130de42672c40afaedeb491f95bb87ddc05e1409bd55fc6bf5cd26840f62993c3f93a3bbe641f0e3ec2886ea08dff76a71ef27da210c3d08d0213732569d975e0de0810ffcad21fb4d4d4fbe31c739911f7994b3ac03be47be1eddba4c2339fdf4c62b8378da13c6f9b6af1730976372e405efce13ee47b15c40eaa61c3cf932cf8a1e9069cacc937027eeb1ab3c29b93ee5f95d732a77ba93b1f894481d270091971f1648174995c80000594ef423391ce4c5b15631651f261d584802018cdc812569c25ac7e124412bb35fa6fcd6aa3600a4ab3b5234fe0850e0f21c5c19be57dd23aada81b2b9171fd302e50340a7c3acbdf6b15fe54d6ad2fbff5f87a12ed1e4104adc17372021e2e2740d758ff1044ee8cc88caab7076a1eb56b3fe012a8aebbfc4b4608f9e3280b7dea3c7e222d09733e33ccdc4e317b4dada0825acaa0e8861d4083055b1da1f68f687e49adc5f52c8e829bf26a94a423e135c84cb536f4749d7bc794383b45f8a9c574a490fa062191add9f7a2c05eaf480469f408f36d0c7fdaabc7dbe59fce3958066c95e7d67fd737c8a319a329de600733957d4e9ddd806801ed74c7b32448f19672dd7087c9af88ec2e9549c3f2b560771c4cef15d2aa10b4523466ccbfc7b134893d9020bd938285fa87172fb3f195656962c7b2a581c0e16cfc64f7b8f1975e02fdd6e6eaee8f97ead92bb04d0f1e587aeee965819043ea1ddeb953c704c29df371595316a476d105d399a434aa6394b5d223bb8ff3632158952a255af9e2e08e48bb1affb081157eb72f031b7e4bcab60adc43e5de99db25041b0fcfe6424e8ff655deb659de516ee8959a73a7ae1ebf9aeea43783bad34ba14959361d3cfe4628bb28450072db8e53850dae39afff18789a2431d005cce8367558bd5fd5f3d0ab17e5dabe80ae7c54ddf902e3a3218c5d73efe77fa209d867ee8825c17c8accb774d7e91850a3f66956b58ec91b35264229d330012d2a189e30b4b575cee6ae3a8d4e12c3e8f52f78087567118b80c7a6363219c4202f4f3189960adeb567f10d4127588cc4785d16278470fd8379de1c1758e85f60042137593bb5d1fe609c1cad25c097035a4c10309ee85734eb6bcb93afff3c40f4f349e644da2f0a30ff69423df633a88671392a38347cbfb48c73c68d55ad589c4110292c3339ce7fc53235a82350f4982ffba14abfc5eebc617d14a6e3542b51d360f6b3b1b48ef70ddfdfcd210010658a430b580ea15d2d10eed7771480567bc5718b907b88761e1135721d52759cd21b19b1c2f66dd230be81939df31b3185f989f6c4886b61ecdf4242907e7a0b94747d0c02696b89b94003abe97554dff4dc21af4f6f443dcfc620584b74eddb24dce8ece00cb9efb2efa19799bded6fb0c11507c6aecf17f816bf8cb619418cc338f26b67f612024ad54f9b2eb7b08ea1ed14c95bcd6293f6475e93d0f8614b9ea96b0b5bf116490aad7b228fdfd15b559ea2dcf056a99bbe28fbec414381c24b7c0a79aa367f947393c72be7cfc7150582e630d339dbcac2a2536aa17be53543656cc0662b5192395eae97c748673b1266e95f785f8253d22dbad02b5b6a2531256d152b6e154944d9319b6fb0943168fab4785641f191eb65cc09c727a5a5d522e474970eb7433c18fd8967ebfc40c1e6262981a938bc6227145049f7d17c907e9f147a7c268a2177bde68a24395d5735bdc6422f9659dfe1fb2be0f9e8206e48612f4d890f43564860449a2b7abab36b42319a3fd2bdc06e078762483e8bdc05af0e1aba41f0a4459aaf7425bb5b653b177a812962acdef24a2784470864750b33da4814e8a7ca486131d3e2258b642cda2fc0d1b00cf7452ac93543b8c67add97284401e22a53645f2df61573a1118d05908478fbd79570e4fe7464843f721baa6aa1d0bd45a8deb9ac42f0dbe9568acea8763829b23e560bd4586e4bc17722977837cf846dbf9db16acf679c5f287b1ba1ef5a684648ae1b6f8193591aa2a224fcacd301a61e5f3c495f748031e6e55c10a7d0dd37186e5e95bcb8e08470cd8770d94787f51ddf4bcb43ae132340016552c62efb1d8801578b178a349ed79a4115d4f37cb36abeb96240614053e5d", 0x1000}], 0x9, &(0x7f0000009680)=[{0x90, 0x39, 0x5, "802037c41f1a58a8d79c485560c6396862c2edfe6882b1dee314fcfd23729e3ecb32becd2ae339cd916fd30a6aa83399c52b86deaa0aca6b1bd4a684d19ba2c8ab172fc98dcc47722b369978fd56dc70329da3102e10537479246da03e86d96968b36acd51c13a634e3361c96e4f6281464b38cf7729aa4b44c7a92c1962aa99"}, {0x28, 0x29e, 0x81, "b4286bb8a02be4129e7cb22f4b5e85efeebea1fc9f32"}, {0xa0, 0x108, 0x3, "dc44861c9ddb534a9c3a753a5b23bf9630695c70615de13e3f2eb5a1d0fc05bab6a12d8af6716adc35458ad1690b0eb783fe6b99cb73babbb9d999c02a767c685582926c88099e6171586da545af062193b4652151259a3408a32fbf69ebe60b4643a90a24b9d6bfa1a33147a76dfbd004da69ddd125f574b88857da889497a36830de7fe8f2d7509854"}, {0xc0, 0x984e89c397a2d716, 0x5, "8116c70a5aa8eb3e9ff4871e0f4204f0cb5ae8f6f369df0181903de2fdbb2553af2930771f18e6996f9435a38f70ca05abe99684140613d1b10bc3f0bee29467cca4fa0a76cf156fc59a978797a72bdef6cf0247ef74233a9b0fbcea6e5e9801821f23b64d0c3793ed436846cdf1e4e57b3881a8a47e384d8f3be46a3021e1cde912e005e660c2bfa65bb916ca19b6e7429d56b1582d254df54c95b07d4437eceb2fcfbdf645f05eb2931c0ee0"}], 0x218}}], 0x6, 0x4) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:03 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 279.429014] binder: 21100:21104 ioctl c0306201 200001c0 returned -22 22:27:03 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 279.483938] x86/PAT: syz-executor.4:21141 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 279.526266] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 279.538636] FAULT_INJECTION: forcing a failure. [ 279.538636] name failslab, interval 1, probability 0, space 0, times 0 [ 279.566242] CPU: 0 PID: 21141 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 279.573202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.582558] Call Trace: [ 279.585150] dump_stack+0x172/0x1f0 [ 279.585173] should_fail.cold+0xa/0x1b [ 279.585191] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 279.585206] ? lock_downgrade+0x880/0x880 [ 279.585227] __should_failslab+0x121/0x190 [ 279.592721] should_failslab+0x9/0x14 [ 279.592736] kmem_cache_alloc+0x2ae/0x700 [ 279.592755] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 279.606188] ? __vm_enough_memory+0x324/0x5a0 22:27:03 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 279.606209] vm_area_dup+0x21/0x170 [ 279.606225] copy_process.part.0+0x3407/0x7a30 [ 279.606265] ? __cleanup_sighand+0x70/0x70 [ 279.614178] ? lock_downgrade+0x880/0x880 [ 279.614203] ? kasan_check_write+0x14/0x20 [ 279.614217] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 279.614237] _do_fork+0x257/0xfd0 [ 279.614255] ? fork_idle+0x1d0/0x1d0 [ 279.614270] ? fput+0x128/0x1a0 [ 279.614286] ? ksys_write+0x1f1/0x2d0 [ 279.614306] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 279.614323] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 279.627408] ? do_syscall_64+0x26/0x620 [ 279.627428] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.636205] ? do_syscall_64+0x26/0x620 [ 279.636223] __x64_sys_clone+0xbf/0x150 [ 279.636240] do_syscall_64+0xfd/0x620 [ 279.636259] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.636270] RIP: 0033:0x459a29 [ 279.636284] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 279.636292] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 279.636307] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 279.636314] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 279.636325] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 279.649513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 279.649523] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 279.736922] x86/PAT: syz-executor.4:21141 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:04 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x6, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:04 executing program 4 (fault-call:9 fault-nth:35): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 279.752998] x86/PAT: syz-executor.4:21141 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 279.767484] binder: BC_ATTEMPT_ACQUIRE not supported [ 279.785082] binder: 21216:21222 ioctl c0306201 200001c0 returned -22 [ 279.799582] netlink: 284 bytes leftover after parsing attributes in process `syz-executor.5'. 22:27:04 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x1200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 279.838838] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 22:27:04 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0b") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:04 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 279.923458] netlink: 284 bytes leftover after parsing attributes in process `syz-executor.5'. [ 279.963047] x86/PAT: syz-executor.4:21232 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:04 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:04 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 280.001430] binder: BC_ATTEMPT_ACQUIRE not supported [ 280.010552] FAULT_INJECTION: forcing a failure. [ 280.010552] name failslab, interval 1, probability 0, space 0, times 0 [ 280.027518] binder: 21233:21245 ioctl c0306201 200001c0 returned -22 [ 280.042356] CPU: 1 PID: 21280 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 280.049314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.058665] Call Trace: [ 280.058687] dump_stack+0x172/0x1f0 [ 280.058709] should_fail.cold+0xa/0x1b [ 280.058733] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.064926] ? lock_downgrade+0x880/0x880 [ 280.064960] __should_failslab+0x121/0x190 [ 280.082314] should_failslab+0x9/0x14 [ 280.086125] kmem_cache_alloc+0x2ae/0x700 [ 280.090287] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 280.095308] ? __vm_enough_memory+0x324/0x5a0 [ 280.095329] vm_area_dup+0x21/0x170 [ 280.095344] copy_process.part.0+0x3407/0x7a30 [ 280.095380] ? __cleanup_sighand+0x70/0x70 [ 280.103479] ? lock_downgrade+0x880/0x880 [ 280.103504] ? kasan_check_write+0x14/0x20 [ 280.103519] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 280.103538] _do_fork+0x257/0xfd0 [ 280.128960] ? fork_idle+0x1d0/0x1d0 [ 280.132687] ? fput+0x128/0x1a0 [ 280.135979] ? ksys_write+0x1f1/0x2d0 [ 280.139803] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 280.144575] ? trace_hardirqs_on_thunk+0x1a/0x1c 22:27:04 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x7, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 280.149340] ? do_syscall_64+0x26/0x620 [ 280.153319] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.158695] ? do_syscall_64+0x26/0x620 [ 280.162684] __x64_sys_clone+0xbf/0x150 [ 280.166667] do_syscall_64+0xfd/0x620 [ 280.166689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.166699] RIP: 0033:0x459a29 [ 280.166714] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.175668] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 280.175685] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 280.175693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 280.175701] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 280.175710] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 280.175717] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:04 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:04 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0b") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:04 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 280.262127] x86/PAT: syz-executor.4:21280 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 280.281437] x86/PAT: syz-executor.4:21280 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:04 executing program 4 (fault-call:9 fault-nth:36): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 280.354095] binder: BC_ATTEMPT_ACQUIRE not supported 22:27:04 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x48400, 0x0) write$P9_RCLUNK(r1, &(0x7f0000000040)={0x7, 0x79, 0x1}, 0x7) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r2, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:04 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 280.377986] binder: 21381:21398 ioctl c0306201 200001c0 returned -22 22:27:04 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:04 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x8, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:04 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0b") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 280.528613] x86/PAT: syz-executor.4:21464 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 280.553912] binder: BC_ATTEMPT_ACQUIRE not supported [ 280.565033] FAULT_INJECTION: forcing a failure. [ 280.565033] name failslab, interval 1, probability 0, space 0, times 0 22:27:04 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 280.576730] binder: 21469:21473 ioctl c0306201 200001c0 returned -22 [ 280.577310] CPU: 1 PID: 21464 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 280.590165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.599523] Call Trace: [ 280.602126] dump_stack+0x172/0x1f0 [ 280.605776] should_fail.cold+0xa/0x1b [ 280.609707] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.614824] ? find_held_lock+0x35/0x130 [ 280.618893] ? percpu_ref_put_many+0x94/0x190 [ 280.623401] __should_failslab+0x121/0x190 [ 280.627658] should_failslab+0x9/0x14 [ 280.631477] kmem_cache_alloc+0x47/0x700 [ 280.635551] ? __lock_is_held+0xb6/0x140 [ 280.639633] anon_vma_clone+0xde/0x480 [ 280.643537] anon_vma_fork+0x8f/0x4a0 [ 280.647349] ? dup_userfaultfd+0x15e/0x6c0 [ 280.651594] ? memcpy+0x46/0x50 [ 280.654889] copy_process.part.0+0x34e5/0x7a30 [ 280.659512] ? __cleanup_sighand+0x70/0x70 [ 280.663760] ? lock_downgrade+0x880/0x880 [ 280.667933] ? kasan_check_write+0x14/0x20 [ 280.672179] ? __mutex_unlock_slowpath+0xf8/0x6b0 22:27:04 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:05 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x9, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 280.677035] _do_fork+0x257/0xfd0 [ 280.680508] ? fork_idle+0x1d0/0x1d0 [ 280.684230] ? fput+0x128/0x1a0 [ 280.687517] ? ksys_write+0x1f1/0x2d0 [ 280.691339] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 280.696108] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 280.700884] ? do_syscall_64+0x26/0x620 [ 280.704869] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.710240] ? do_syscall_64+0x26/0x620 [ 280.714227] __x64_sys_clone+0xbf/0x150 [ 280.718213] do_syscall_64+0xfd/0x620 [ 280.722030] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.727225] RIP: 0033:0x459a29 [ 280.730423] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.749325] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 280.749342] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 280.749350] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 280.749364] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 22:27:05 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 280.771586] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 280.771596] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:05 executing program 4 (fault-call:9 fault-nth:37): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:05 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000000)={0xfff, 0x9, 0x2ad, 0x2, 0xfffffffc, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$sock_inet_tcp_SIOCOUTQNSD(r5, 0x894b, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_G_OUTPUT(r3, 0x8004562e, &(0x7f0000000100)) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:05 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 280.883772] binder: BC_ATTEMPT_ACQUIRE not supported [ 280.888937] binder: 21585:21593 ioctl c0306201 200001c0 returned -22 [ 280.913053] x86/PAT: syz-executor.4:21583 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 280.954936] x86/PAT: syz-executor.4:21583 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:05 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0xa, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:05 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 281.125823] x86/PAT: syz-executor.4:21710 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 281.147095] FAULT_INJECTION: forcing a failure. [ 281.147095] name failslab, interval 1, probability 0, space 0, times 0 [ 281.163942] binder: BC_ATTEMPT_ACQUIRE not supported [ 281.176201] binder: 21709:21713 ioctl c0306201 200001c0 returned -22 [ 281.200941] CPU: 1 PID: 21710 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 281.207918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.217283] Call Trace: [ 281.219891] dump_stack+0x172/0x1f0 [ 281.223544] should_fail.cold+0xa/0x1b [ 281.227456] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.236482] ? __lock_is_held+0xb6/0x140 [ 281.240576] __should_failslab+0x121/0x190 [ 281.244828] should_failslab+0x9/0x14 [ 281.248642] kmem_cache_alloc+0x47/0x700 [ 281.252750] ? anon_vma_chain_link+0x154/0x1c0 [ 281.257354] anon_vma_clone+0xde/0x480 [ 281.261264] anon_vma_fork+0x8f/0x4a0 [ 281.265085] ? dup_userfaultfd+0x15e/0x6c0 [ 281.269336] ? memcpy+0x46/0x50 [ 281.272637] copy_process.part.0+0x34e5/0x7a30 [ 281.277263] ? __cleanup_sighand+0x70/0x70 [ 281.281509] ? lock_downgrade+0x880/0x880 [ 281.285679] ? kasan_check_write+0x14/0x20 [ 281.289928] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 281.294796] _do_fork+0x257/0xfd0 [ 281.298263] ? fork_idle+0x1d0/0x1d0 [ 281.301987] ? fput+0x128/0x1a0 [ 281.305273] ? ksys_write+0x1f1/0x2d0 [ 281.309097] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 281.313863] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 281.318631] ? do_syscall_64+0x26/0x620 22:27:05 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:05 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)) io_setup(0x9, &(0x7f0000000380)=0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) io_submit(r1, 0x1, &(0x7f0000000180)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) io_cancel(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) io_submit(r1, 0x0, &(0x7f0000000540)) [ 281.322620] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.328001] ? do_syscall_64+0x26/0x620 [ 281.331993] __x64_sys_clone+0xbf/0x150 [ 281.335995] do_syscall_64+0xfd/0x620 [ 281.339818] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.345018] RIP: 0033:0x459a29 [ 281.348218] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.367126] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 281.374839] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 281.374847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 281.374854] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 281.374862] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 281.374870] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 281.454415] x86/PAT: syz-executor.4:21710 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 281.463978] binder: BC_ATTEMPT_ACQUIRE not supported [ 281.493577] binder: 21783:21804 ioctl c0306201 200001c0 returned -22 [ 281.509045] x86/PAT: syz-executor.4:21710 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:05 executing program 4 (fault-call:9 fault-nth:38): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:05 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0xe, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:05 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) ioctl$KVM_SET_MP_STATE(r0, 0x4004ae99, &(0x7f0000000340)=0x1698a2816ec444b5) r2 = socket$packet(0x11, 0x3, 0x300) sendmsg(r2, &(0x7f0000000300)={&(0x7f0000000000)=@generic={0x2, "a74afebba7ef6ffa69d5985ad42fadc9fd01adf8ac3607c50b11e147bcf0b72475c7ee4f8c876222fe10e6a3b97546289c06777b13543da3e9209155c8b5d20f8700c7b3334c77989d4841b86d86d453caa284698adbe405a65157af605adb8f95cc607cf105b18fd3b6f8085c3b9e76e5dbd1542c861c4b5792047e2be7"}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000100)="3a38e15138c565962239978ea8129690af14374d873d134817cd65ac0561efe13a2719de44402ad8d4b6c64f891a4c9580104d70c79460da6e29c028ff65c7e2a8aba31a", 0x44}, {&(0x7f0000000200)="b6e220e041e6f850d0131ce78992996f7f096b09a2bdbee821aa3364764863a09b297385be2f9be8504eb819043c07e0b49ab8453c924a9e1d3f009420defd76f4e1334da066779d651a9e497f2244d2540bc14c7ee4dae05773920e891e133c8ed4a0c5ec3216d330be3dacadc03266e3edb910cd9031ad2d4ac7a8ef1b41ca90f3c86f3e786e28eac8be156d7cbf2f4730088f95f26d1ba6de2c95ac6e96fe9e96e40d092c75073e43f7ecbf8f2439d48f083bd942379ed3dd9c4935a2696e8dce32c21217522521e96b59667236a926b8858cace98a0d577a097157a411a5ecca041206826e070ef61230bcde7f6172", 0xf1}, {&(0x7f0000000840)="208b911dd0487a75153b95bfa6a3463a91367aac73e0002b970390b25b558774385f1c3d24a7d293753d41099c4dff301e506d0fd69ca818c9adb8b79ba157de6a5205cb52e32663ede29d4a868c8bf2a0ebbaeec203ad70d8dc5788e9c5fc6c1716be63bfe8db364eb59985b2ec3f174494c0660411f8f93c82305ca9590d39777b00318596707bca506887009728fdfac861a2d54683243885bcb534d4a45f0fe5c36de491b72e10d65258891b60b65893f41b135315345bb87f77465b879c317ff46456cbca590ebda00bdc8d044e647648ae19e731daec1ec2fbc3558305d299171ad85535e3f104ba7862933f59e0778b0e77e156ed76fdf569544d25e0a19b4fcf83fffbc4c08f94786acf8ed52405666372fcce96c16dcd993ed28ab136b96bbfe6acc252635c6926d495ec151c4bf5aced39df201ab3518a216ab2ac3580404f4afdb6865c0ad8908c5167a768859e9a4c6331972b824277b8b04db4f205b29c966ea7c7ae3bce0e6b0aa53e5310678e77dcd065c8e825198f1ef5e1d4037ce21038756f419f23cb851cdecc68126350803eb075b7d2311c21b8dd648f45667ee1d6daa30336fbb096672145c68683288883da375054a8a6634b68de9b33734b8ea6629f526ef40d4ce62073ce485325239377781a412484f8969ed2df962376f9e18f21f52ee853ef8cc4c27d41c201e2976ba25fb13301a96a22d44c4d9232eda476025b0dfb94ff385a2e0c17a28e127becbb54e5c86908730b68175ba43a400f4503382bdb5b6770949dc889df8ca8520529c499068fdf592299ffa7584c27f6aa37c42b583e54267cb82ea4874f455d2d7265dc6b4be3c2008732f9a26fe2c6d946d2c041e91affeadeea6cb2267d97993fcb3fed2a63f27edd9d6f4d8b36496f45a309f2c1668f4e14324213527eb8503e1cf957be6cddfb481f6eddb633a7a19d57551cb8a8adab7e4f493329828e46b3805abee57693d4395b84e9431063b929eceada5b93a362ac735b99785d879f9e2182ca9e675a1f97eece7ad8bb930f42c882c9241c2093989a4038f9bc7d05c8a7b1e31d2893ebd3a841aea7929ac57c79b209bd1c09217b674069a68502d8d1bbdb8541ef86d48cae017cf959ddd4fb78f4f1a5f60dc170de600abe2172e93221fb279fb0eb756637dfa3b8e2de35f72d7f1268231eb303108bb5d02e7de42135ba94ad8b79061e547e740b4f4121ee02fa55d51a7298248c995d156bb15c9ab3a05980bba5b02198552b99d33fe9fc9b3465c2c04f089b28931c3bc4166a89f9f493132c183b849473915d4f353fad49f48ae310d48563cebe09291a643ecc209accd568f6619d8402e6ca972956f5ee4f6829ef1bd1274ac213611fe0c9811111036979898436b0ef3daab0d2f6e13d444e50bb452788aa521ffa176b08c615fa9feaddf98522dd01bf1acf972109fea2627a844ad9b2592c69362a6dd116d021586d0884e8bcaedb8cf74ce8a12b3fafe9d1270ffaa3d401269f8dd155ef3c9d79e93b95dfa10602d7049fb193de600a4f162b74adf3a7f9e1854f4e8094a96180bbd346f2ff51a3bda374a480402e304e94e5e6a81335f70d86863bfc75d3cb635d4825daaf8031d39d24b1b595c68ffcc1f0504278aa77e2d4ebd868ae96a2c4441be3e8074281e043316f4d2eb45132e839a9d16a291cc3d6bb7da8a58ab4406ea5105bb85d712decf0f3ab118d6283e7d452d44c093628636131682234dc79cb1c6ef96e97974e4aaa8f266c8b04d36af9c79db778c342bc62011112db9403bb2eb68e46f6870952a1b909601b32b248978877d46c112b41a9164ba263bd88d80d59843436436f799ae396be01ab7deb106b315c174853e97eec86c3ad0a4e502c47a6e8724fdae1339c141e7105c1950acf2e7ae23ffc9382a57a3a8f442777aa1748563456a1741f15caf947b21f9dc5f4c15940ba4943a64d763b1bb4723d1bba725714b2f066645b36756ac5705a6a0a95b9108beff50f0de3d791ed2facac66b77a584d2fc5b220d0962da90be862cfe6f992f8520ec0169182e949febe6240c725e89d271218dc6caa9fdf8a5ae13d34e851ba86999d4d8e5fb2e6e23e8d84746da235cffba34b2d0456999e3a1b24092102b3d2136014181f601e180083344c322a0a2192f1a2ae5a076678138fb31a5c0500b123b7e08629fae8071b3ef825fbd653dbc26bff0b3af1cce677f3de81cef74aa48f5a6464a8d00414f67495a1e14c54f204bc75cdc408fc5a099653cf503b9149f14d3c632a1811f09f8f90f20c7ca159cc2ba3ae79ddf2beacc283c9a2829e8dcbe2f12c9b1b9f202822aeb07034ccb2962b4778b6eb05869a4d155e47583a517d38b94a7312e3afacef4aac9cbbe78f8ea7a3ec44e2e1045a205a5a5f7439d37f1333b579f7ae64de2e55ce379c509cc6b34056bfb338dee4a40a53fd1cf623ae4e14524075023dd380bbedb5192558aa4a53e254efaea8d38ed0fd1ee4840abbd40cf9c4a71bdeba1d032b4ca3e2f70483ad43cd71930751a9549e754eede0dc109a47380f47d41d23eb6b78cd33eca11762f1138b7dd0dc6d13442f32ffb73df4d3213f166b9802e5ec4d186645944f1f80d0efada46f0ebe124c1aa58e105505ce87a8590bb788c02499c5d845e3ebab569c7f5ccb59882706655e1da7e303e27645123665cacb0546b700e5f21728ae78af2d46988b3093540ac8b888b63082b20b26c03955b2e1f4fed096331c841a4dd8bc79d379b97b1ec48edbb87b123421de7c880959ae7169b08fb515aef394de2dfc2c164c2ad3f0ae0ef1e6934214297c72742675fa9f176168af0d5c88098589bc05e65da7de1675fe40091a68b82e2a74421e5a5439464a556c144abcdca5a2276db203408a04fcbe45f5f0b71a14302c1770516991717a87127500f9b97c45e71899a2b65b58d4bd3354cc8aefa5c1a4fa6dbc5e61e280e66502fb5a8822d878d9b5a6b327ef0e4fcc3858f46337a0310ec5a4f2420a447724c62102f7b4288f0ed11f473cdb819ec68a699bcb3180966764e698804d023bb2f86a4e03eeb037de1dddbda98714af4a8982718c132180325b8fffc53536561caa8c72a54f7613231b43eb05b1453a62e0246ac17d77f1cd6a73084a6d2a41303584a6b5e39abb6e46b61b313b0b332d42e090e5c079489c4c3e6fd88460e3dba37cbf898de06777fac1c30ffd5ebaa3018a954154f99ba0b4934cf28ab231e5d098c10ba4720c5546797baf94a5be8f40935def921f9ad6d2913196593b990ee1bca3f871d4e464f654f674e56f977d36244f0d0bbcbbe9556d2271490eeee28bff17ddd2fab052a2414b2e5e00656b70bdd06782e67f94b770c3b6533cb131c33ddca2a70511c515174e47e180936405a3319c3fed38d7e3ef4233a8534fd1b22c81fdbc440b14384154abc57d343b69355e22242ec7a37720c3aaf69f7af4dfd9a1f25d03cf24a1694d111250dbe52dff92402df8d01edaa403109f771e8046cbd0c05dfcd3bc27f29a0eafcc47e81338661dfbf6d0213812bc62e93bf025446a8f0994eec0e1277cd2c3e24c196c91d4ff7195b3a0a1ccaca2b70ecef5edbf86a5e21910726f196e0f6bb7188ee961e2cce3ea21fb16aef4ebe460235ad33d33283c1d8e4bb022fc652245672d7fa223d1cd74e3480adaf0f30dd64d1fa4dabe2dd497c8c2a147fd4b39e7474ef7fdf4b74507463cceadf77b9179b46d79b62c997509aa543297f8fac8b31182a7227a58f0d3d31d81177fa9bfc169930965fe5caee12605d27a994b9b076587a39e3c1b27bf603f79d096a2372cace33637c4be80fa9d077d492a47b3b8466bb34dd33cd8928f1194c994ac58568974a20630f74669bd07a23e22e0de913e3da8e9e1960140f46438a3bf73e811eb7e3f53613b54ce32d5eefff6bc437798857aa7b6f7a32b14201c71274207f93868c4f9047a4fe7a8d7bce4b8b254fc4930d5122947225a0adedce221b87c95f848c36d0798b07ea68f42ccca2626f093509db4ce18e9b5662b98ef91d4e9822843d1fc61ad5eaddc5a42cb9e00f16c90f0202e700082cd3368763594efd5eb182d1f8fbfff5cb8149c834728a70f363843ad0c141c2b95a38026c4c98e54044c206463c673c9c4b73813d60df38e2f58e7c92db40c686b9c105a3f9c0b95a9f54713a2b519ed216fb3e2ba1bc50138911853f3072b41677a32bfee0de19af06a782ef12976e4dea45427ab17db8dd8e9ee7a4537cd3633a195eb9180558832e010efd56ade53464c089d79f86b38664526e875b284608295d64c0ec2a0b3e2f28d645348a954a6fa39c185be395557d51e96c48b45a847b8c7b160e7c851cb1bc976a1e2eaa51f2dc706cf7d306749dce15bfcd42593a64fc7c854892c1061e1b8950844d7add776475215c155b6359c95d5a6fbd242124e7d27ef6e550ebf627eb0a7d3531a9240a281e544ffa7ed7a028e015ca2ea7db32a4b77330d0732910c81e1355039bae054a32229ebd3bc31ccc2883493e7ac0cc11303ca1bcadc4efcc2885b88a3302d3e57578ad6f3dcf8ec44075afb21345e3e60d935ad3eb5a50ace808d7d35ecbbadcab8e9d595ac72119aa9491949b8fb266ba754d79df66bf25379a2e5af5d39730f84dd1c5deeb983ae2bf0919db485c6d8331b2f97e5497c5dac34327ffe8a131f76567559f94ea6da3890213ce3b88e025632178fdecc7724c6bbd2af654f5a05d441c6598f08c3b35737e42b9984656bc542664153c81c35bd3829f3c67b3dc7be11cca4a8e75b5f4cffe702c2f792b97957c94eef9e608eda204abaebe90b62dfa2c25258f03790daeef6ad25711d85a39dc1949f363e6f96990c20900cf6f7169e59fd9a832ec04ffa1e069fe5794434f7126efcff03c823359341c3074f8db103bb875acc6f2b3289dd56d699a473eb475fc10b09177c0307b6b435d0e186898045e377f85317e39cb912d86ce27194473dd9e2ccd675611c13dd00f00efc799be306f6de352008850a514c6d94b3ac9072c65235cd266445deb30d676781f4f91c6728fe9d7065d87699f93049012c57f065c3717d9704af7400e138e03a1a32bff079cc46bd5c93f20651fb3aeb862ac9f83a9ff7991e358b2a78a121df63317bcc8779b091e74199ab899cc74c895fc4af96364cafa8f6548efcfbb91778b2ac21240d34251a1fc99272b29b6b49a7f38d6d2166d973c49416dbec77ec02d3050a7081923b44bb2db26f58d54a8043aebade5318360526a7f57ce7388e0589ae470a92d4a9c3f678a590412e3ffb07127be9d97c16ff85a37096791a89b8eaee4d3c0d9719d8a6f13467601c59b996887774837a344c33d673f22d0f059a801af90bae8e5eaaf504bfeac20412c79465bf54f3a0be7b90283b7e8ac5eb3d82834ebe3f7ad4805f6612124bc741b6a137d20d33cd1dfde20d6255a6fa02ea01ec9cd8d50c26e11df92dfb07a4888ff1cfb65b6c20bf604242503fc50abfc9a287b8b2be4e238ab0d33fb03e7a54fa93c9601603d75dc619c198369cbb3ea2ffb8bdfe3c108540ca3238478bfe0f4a8f428bed9c32fbe0edcf2fe1ccb86fac1001839631d5bd1157f02d9a40583d2e691558d28cb650736daff32ead1f935c4de757a23ab36536ed296aec0ea0b2e6cfd89ee66b21aeca0eb0648e9ba30de1be596a6b21695605f633c8e1b3febe27797e8e847a7d2db2e4c781415e5732f7129422fba344c92f6a3976596b7144fcacee17f80e77", 0x1000}], 0x3, &(0x7f0000002d80)=ANY=[@ANYBLOB="e8000000000000001601000036ea59274758e7ffd423feb1339d448f58d5bb7edb36139ce3f3d250c2fc85afcb604ab0bab6f4e6ce37188f4927dbcf68ae4b6d43f4fbfa1e0a041d2372f8c694918c28456b938ebed378b64f3b68d9ed7fe4b2696863e0a618bf6f4d17fbf15fb3733d353cb3bac9809de79592657c2f7bd31534b5ca137027c51841097fbc5834598e8fd3f3202a1cb83e9976093b238ecaf3f39c8268cfbb20bc6fa9359dd2831e9d920d19388ff5f9a9f220fc7d8deeea5b5b8a7b2566a626186592f0fcac1b903bce94a023162a07edb5d54cc78cd2fadd1b99000000000000000100000000000002010000080000001016b5c1e9e09736d916a9d875a6cd737514da49f0d65fb55d92fa77cdabf4f9aacdb83ba80de3c709f5794bbc28fe059908da1e58eac87d78efacb79b22eb809cf0ee9424cc6a7bfcff4d8be74a74fa32459596e4902ae713de3db20f6420e67df70df66247b4e6bc221ccbb289324db9354f07b96ea6111983bfb539d38a271968546512d07b762c6e59761185ea08252cd1711f429e0961c48288e9822f3e523ba2b5332ee2c51a15af540a11c0db2878f4b9d0d22433e535db82e1202ebbfa71b154a3c7db32a649101a4f380a4ca1aae0e4b753a54fd54b349ba9abdefab99e742a258ec2c3b064b670a8a71e00e00000000000000018010000fdffffff9ab3fdb658e2f8618f0c340cc7a74f0e96cd6aa885577bc666292f98d3c6e4f9a905255cfd70ad2879103719404cc3fe44e046a649da65cb7c834959717262ac025b0916926a27035fe0158cb3aa3177add3301ab06ffb1a1ea178eb4eacd95432459e7b6c6f9d760fc4011d0684538422395ffd7c19f5f4a9a234990f7b200cd7324ece49be11d908965fa06d7b341834f3537d62e3fcd4e7309b266c5e69febf1c729634b5696fdd8b2813296c417a53cbafc45198ed9da8e5a92e2800d01e33d3c702d8556db4a13a246361e2070010100000000000000101000006000000bd07a7824a66b95e324a2a690015e715206b0d6ecf7233c92e0e270d768db3a9dfefa133ea767df87927647613f26da6451cfffffefffffffffff17c70c35483a8b67496636fca0576a04558da9964f83648d163bcdda29c2522d98b5f9784d59bb33fa7f3e917aa7337a2f5f5f5064b17ea7c889c699ab73055dd1f3c22e07b79229a6803d0783f00b409c085b0dc0782102228c2822ca7eb6cefe28378c0ff9b61d364164dfbf0e453f726e7ad2f52af176018709a57945a4cd4e3c6ebf86181281ee66be1cfd0153efeffd3eb690bfd06a1695eb78aa666e69167fafe06c11c52fb3c4b7e2c622fd0abcf8ffa9307040a2d5e15e522edeae55cf94f928abcbc5ba8cb757b66c61325fe48711385904336eb387dd3f1a4dccae41c534f96d1860758be746f3252fb1d4c5d4d79481842e6d7c1b5bc489aca87093a038cef07ac3d78694fa3227a2aee5459c2ebed2117f84a84e91be0738a193d80ece602ba7d1b4bdc98a6aff0784b47031d9329d3c2a9635e76f00ba95abf5291163bd40c672fe8db6d6c57371d976d8937d680cc2e158741c9e976999ee3e7860b8487ebda0ba055d606216b875204e9dc9d0bfd88f719dcad97625b2d42962e2e5cf1633179ab218ac2c572f561aaedb7fce626cc0ded34d24f5d18b5ffeac6adf91af18de1f74bb27bbd91fc2922d3562edd0ac307df23d64ec16db88c60abe9a0c4399dc7a33cd935f2fa1f38b4a5b7606b92531bfc1647a9939bba66a2612b6ee86cc0df5c5797e7d2b0c04f6119d1bcbf735daf1b812bb5e9851daae29ef53a17f1feec1500c286db7b6d9289e19070419041d1a1da4c56000ea5e8384f76feca123cd5fff206348199d2bc6467eaecfcead09e87594b6719e3b9a65a6f109321dd7ca1990491606688a1d3e7b607292e41b2ac4ca6c90b14656b489e5f06a899d550d7ccfcd72c59419f15832ddee61eebe4115371b992e4c408ad75de743b348fd224aa5883a1817a05a07a39242351f8af496427a9272c5f2a26b6880cf31ec7a2462f879dd520d658b5b4f48632aaf6f80ff21a7374feea38e79511b5d9a69e095e69b387ed9bbd5d9ddf57d2d14ef48b4cdf045449d0498f7a8488887e4c63f4d4431afdb28b636ccfa5a161fe595178bde6fec1f69e5d572636f280ccbac5357a0116be763316e84d7a8d6d8535aafb2b4a2be5e473c560c98bd8741a2cfdebea9d1655b31d1434a430aa63fb8e0e48270d7cc6f7d85e64b7d9b7b780be83f2295dfbc97eba14000604a7e959ac63c454634fc1d9fb310fab0eea42f630db7f2b169b4aeb853f54c0a1604bf4cab1cd9b5bb617b7a0e35add966f14e1a19c0730eeeb1769825d1050b092719e0ff739368220488f4adb3957319075f930b8289824d193015e49f698b0ee5e8dbf4ddd2987f871146fbfb9403cc0790e1e84019865c92195e0863d3dd172aec0d72f96233b164aea48c800f3cb0eb3c3347f6d376d6ac619bcc6ab39673c846fa41870e108166a5aca40635695529a7befe7337008997a7f879a867afa8c215ed67ecd149dd8647fe4eba248f9642d32bed2729f672360d7df93fd146f4239dfad8019e700e4c0e94ed87bd7065c184c674eeda57fa46399a898aec6d0ab7376f31b320dab88b1b304d7bfe2a5f9e1004aaa50d95525d69c5568c3998d9e5b838772ac200662f24bfa2b278d0f185f16060686cc8d61ea995173a0bf45805c10cc713a8e893953314c3c046abfc126937c8c98d33b1481af17ecaf210d39b9a43ae265743eeddca866c99295f8b696f8621024a9255e25ca550ed43d6d1ba697fa0396550a1f5c0559e933b21b46aee350a954407bbfb8cb644e697a2df03205bce4c8d15e1791f379e6ec61c2742fa337465f9f69a5eb8b3123f6174b1c854471e8f6268a7c0e7869c0821c8caf65c8fde0dd36c724c6003d4189829fcb357b264a1e52a4bc6d31216e0d829df8c18642a1545d02fd964b4cbaa72078675a729ee00bd4a4409b02f6ffbfe4b951782e3c2995342369ffe5c9ec25396f127e16ab46d69a043a0a4962b5324f7101b98880725c49365b16105f2ed058377313ed244f2e94495459c2f8b62a7976fc001a93be9b988a52b70d454c430812a91bd2f640e0fc22fcee7ce02798bd0c502fea7fb90e7b1089d962e7bb8933f643aa60aa30ab7f5f3d16c6aeb0ec6aac81fc4734023384412288de636939e4448de4bddb89e0d661c44e03a79ea59a0aa2e962bee47ceda2f219f03d707e9d502102eff01470e698daba5a4aeb6332d8c42ba4c973815cefac12eeffa7fd548e3b703df79303184d120f0ec93d355491538f6afb93818cbc6bd629f7cca875be2267669eb2835d736d58618bb0113d7312e24a59d250146d1fbf229c7c7ab970dab04fac0a3d330d88e9e3d16c341f9e9d443de81de63dbe6512e9dd60caa192abe167089a5a5d2ef64565e8db06d6b54fc07b3b12f5ae39aded015aa67dfb25e973f436c6cc46213b06bbe5042fe802f3a9657d471a3521f89943e5a4c0265c67d4b65c2cda14de02d4d48e0f48994c555ab06731fc39e149d768394e6f31ea0992c9b96f91bcbe9553d41b67d4f9a66a20614a735c1bebe37465f056bfb3d3c34623452458bbdb7f9a80bacf057653e61964ff14bd9645bda50f691e28d14d7f5c25a760c88b7b4bb26bd83259199a3d1ec1e74cd37fd706de735d32b76344c3594b4ec465e0a44e5e4f0fe32e6aeaeec59eadfe52ec025ef8898482c75d5af95754324ff8db917b9829e31f980669d6a3ad2f89400557d38926255aefd3ead4196a8807708afa2b973457eae26899533123085cf75c5ac442922090fc7e3d0fc15e5b47e69aeed4afe3011a8a364d9d18af1dccfbf0af2020cfa70b3e9efb810a54ab53e11f702b42fbf917f3322815ef5529b9761070f51334035e687f0d5f427e0096c5458d3a0ccf1f64c8e52eeb23268754071b0f75a399215f6fe6a2c13d17a12b6f7f17d960548c8814cb0403adc6dd539f6844b4e2823b4403fbbafe47c494aa941dd35c8453bf5589d5534ac79127dbe40aad032a15d511169ea67ffbf94ac72335442509851202cdc1052d251730cab108d3bd3f9bbf8e817f8becddb5b21de4ebc6bcb84375e8b5a021859e21c8b4abe887a36a97d0e0732741da139b4033a28e1767e252635bae80277a3e15fe09942df5d1548e01ff60a18a00b9d0d68cb96acab226ce4231ce7091205a1a30ac5c53b9aef74c607bd3fa11fdecc4b95bff08789804f13cdc2add3c40bef3729191a08483141f5bc4b885dd097cf7ef8316a407b55afc0f09341dcfcddb7e91f544fef27a3c67759c5fedcfa1df5aed539a28571531889e504771da4c26ba5ebb619178b01c45f84caf7033d8ba0af2b7687e6b1889709183dd4f5114afaff591e47567aac4bda22e8773dee5138000b898a29f00d8467caa0bbd09c7e0456da7e20e19b88bf9dbd1b6a1854c516a3c89858d876d3ef96ac505d465a551ddca70b42aa96ccc22619db9021f7eaa4681903f26333a0f42c92af90d65609bfae714b27a94f6da3f841abef34480c68dd964ea387b53206472306a4a8f4f9f66ce2978bcc8c33cab500a8e2969e8758d6a2987edcf51d8da6bf9813cd1b4aa1c4efa6057dc01be294b2cb014b156ab46fae31b8bcb1bb86c0a3e2c52d80e2c8554e6e0716949477a8d0b87722d912b37c6788f33d2a25e3d8100d3ac8be751fd26e8434a4978e5d893dcef43f2e5a0d20d40dad1bcbaac155dec7ed786222de4c368c8d8737f4c8ccff903eaaf9393af45bad771af737ae4216a14b65f020b9bd508d4a7184299f9a5ec90ad7e46de8170dd26f9e7790d1882f09dbaa433122fbedcf2c9416aef793d6ec0bfd3ad69e6885f8e88862dc08b77eb730c4de60fd221669bec2a5e50e454e0c8a08c605ae5c10a4af6a09d7bed4251dcc4216998f6588b6cbdf6bbeee0f2f3aff5376d055284b3143f798106b29305aab0ae080a3d4116110f9039e9a9badf21c216e450eb4ff18878bebe542185faacd78ff06ba9508f10105d20aaba6c6ae0b65292df03110e50ab238f1789ab5c7b189287ac5ce322cb48e2c9eebeb955fae4a978ac0a5825f0bce24d6a22b4beba2b83b1d813639ee05f55d1da07d916715ce1021a1c68da0ccf8ecd7c5b950317d2b88a1224a489b8caececdaef808158e3573e5df9ee70312bbd49cb3749ed5d6bfaa4013d3dd16f9eaa04bf05653160d0935f3e04e7265a5de2cada81fd1bbd12d4825c5e776cd4f5334bea62baff5e52f26067108ab9093bed02a4cd8e5f9dd1676da5c78da31863af2b9757bef9f3621173d4d480dd18f42a34b459a5f8c8159b884bd0c238ddbdab45a368504c08ca2f594e8bce813d45499f7bb2d3b4ed8622b2de37ff026b1d6f99fed93c44eef058567d440e3ac78c647d841cead6b56f06f2f8ad2c8aca196e603a68933a85e501081516856a109a9abaa359b83a91cb995494fb05b97dccbea177b54e65d36b812ef8d3f67f2aac7b0e3de4460668496b0d886f03494b7619d54709671d764463e3c1d89c34bd8b6c4b295cef532de4cba93c83e132ba7aa3a2225f14383150509a770e7d18a32c59571a1cf2e409e6f3c044026db0fecedd2e57a97b00066ca66832a1184fdd8469ad2f0cccceb5bd55fefb3d185f61217e87fb4ab91f0d1b1746ef15a5b49d00ddbc4319475cb4989523a392b072a75a5e1aaef2c766b79bc3046ed32f50c063ea6bd11b53c35955b03f2b70f1696d68a39a84cf939b557ae67c97a0414af80bbbea86412a19080f5af04dd5d07af7be47535e770f9accecdd0c447d6040c9449a7413cd6d3eeb33ed0b45572d977aa0d483645e39d9fda8b0e940e4ec8e323b8b12c3fcb0fb3c625bedd84862069087cc25c8a94f26bcbbdb4a11997d54f46f05305ff365e23609cc0f40a5fb687c9f545a0ae3b1ea38d75c78b495a9d1ef9dc70dc5d71dce63b40228aedbad5e78f9fd335ef4326340eae90eddacdc797f8c9c598aecad92d3bef6b88dd72bd119ca70439caf8d25b20dfcb2f7eaad4a8a1e6a49bf4438178a07c019842ce7145248049cc2a94aa82d47f7d3288ab80bd08a24399cab0d85788c1e1f63e63f0446f3aed5cd8b1ab2164bb5184fb62afba45a6a4767132e316dbde78c4425445aada7375242453a1e7b19832ec5cdb3e86e22f3fcac046fd7af677528dc06b53dfe758a3edd631a75081b8d3b9713d86bdcc4404f363713265f205a8e2140e657aba1d58aebff419eec94b8d932e6832a93f4055042b3800496c3add4f73d23486d62d04098f32eeac83711e126c6100b03175af8b4c21d42b6d22bf173b94e269ead3e3fc3133cf03ae5e3fafba55ad70af4073b17a5fa9aadabf8717de0f528f09862e363f20a23d637a2b8912a0be85c86159a9f8c03ba0a7eb63935d81d68c42ec18da9d37d6968daa2372701458a40ac9f1fb9b48d548f21073bd6953bb7d9adb87ce217ac14f11ff450c17b351d89afa1dde29a59d0706b49b15568168b1c23e1669120333c4d8503d6a1ead9e15b8a647b6b8aa2eeb6103d26c0753f5b43cd3da1ee746b2773726ce3fb0c5776a1e9e05b59302774cbb95ab9ac897d45d37f5ec51ec9d368a0469df22f628ade63668c5bcb161949ae468505af02617be8da4764c8514d4cf173cff151587eed8c08d7e30e06321a1eb5435639545d8aacd79bbe57ee9b1beb66bc6cd55f4781622ac0023c740e785396d2bc425eaceb5fd6200000000000000001000000050000000bfa34e997f5c9c2d700000000000000a80000000000000007010000030000008888b1e11f7d50773c9266f66bcedfaa0c058c3c8664c7a2e01d6a035013d560be833edffe13eb17cd3e782fe5e8b20fba437507436890aa7fd2e8d78127ed4d4fe7f9f33e8d6fc00cdd6d1d409b02b2a0aa876ca0aac937be430d9e870389ff2c2a5f272624b632cf35ade465b179810fe56806da4dfcf9e4b39192cfca3b119e6a4fbeaee674e33dbf80d1a96fd68422a0000000000000e8000000000000000100000005000000e21873bd38869bb9cfa10634946331754ad262ebd09edbd6f4683729fdb3669cabf807967c621746b447297c3a35abf1da6a11bf3a4eed27d1f66a14fb3c46f5ddacbbb7f32338b5ac027d13fa0d0b7004a2c6883fdf64275c84656c627a035ded472f43a24c673662b606b49d783d846da86d98969fe2aa95e19b932d0ebe5869241d0648ba44cc009aa0b8dcc60164fff66dad6ab28b7af7a30d86c47937eaadc6dddaff53a6596a3573b380b675a069ab32d6a9d5fd9493ca912aca8a94a65318b86a77cf6c14167427329f98e545c58900000000000020000000000000000001000002000000c2f13de9bafaec305abd00000000000060000000000000000e01000000000100ff599a4e0b2da049404453a9093126128561a04582a459e50c8947c5295e73ccf15518c2ea17255943f5eaa4a05736c012be2e9ddb7dc468d35e9c70204a98b8507d37654372a0e56e9d000000000000"], 0x1508}, 0x88080) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:05 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:05 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b00") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:05 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x1200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 281.646602] binder: BC_ATTEMPT_ACQUIRE not supported [ 281.666394] binder: 21839:21844 ioctl c0306201 200001c0 returned -22 22:27:06 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b00") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:06 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 281.729627] x86/PAT: syz-executor.4:21859 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 281.784381] FAULT_INJECTION: forcing a failure. [ 281.784381] name failslab, interval 1, probability 0, space 0, times 0 [ 281.805325] CPU: 1 PID: 21859 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 281.812284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.821652] Call Trace: [ 281.824258] dump_stack+0x172/0x1f0 [ 281.827911] should_fail.cold+0xa/0x1b [ 281.831820] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.836935] ? lock_downgrade+0x880/0x880 [ 281.841107] __should_failslab+0x121/0x190 [ 281.845369] should_failslab+0x9/0x14 [ 281.849190] kmem_cache_alloc+0x2ae/0x700 [ 281.853353] ? anon_vma_clone+0x320/0x480 [ 281.853631] binder: BC_ATTEMPT_ACQUIRE not supported [ 281.857527] anon_vma_fork+0xfc/0x4a0 [ 281.857545] ? dup_userfaultfd+0x15e/0x6c0 [ 281.857559] ? memcpy+0x46/0x50 [ 281.857577] copy_process.part.0+0x34e5/0x7a30 [ 281.857616] ? __cleanup_sighand+0x70/0x70 22:27:06 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b00") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 281.857634] ? lock_downgrade+0x880/0x880 [ 281.863101] binder: 21959:21960 ioctl c0306201 200001c0 returned -22 [ 281.866535] ? kasan_check_write+0x14/0x20 [ 281.866549] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 281.866570] _do_fork+0x257/0xfd0 [ 281.866589] ? fork_idle+0x1d0/0x1d0 [ 281.866606] ? fput+0x128/0x1a0 [ 281.913185] ? ksys_write+0x1f1/0x2d0 [ 281.917009] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 281.918431] binder: BC_ATTEMPT_ACQUIRE not supported [ 281.921782] ? trace_hardirqs_on_thunk+0x1a/0x1c 22:27:06 executing program 1: syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 281.921798] ? do_syscall_64+0x26/0x620 [ 281.921812] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.921829] ? do_syscall_64+0x26/0x620 [ 281.927083] binder: 21961:21962 ioctl c0306201 200001c0 returned -22 [ 281.931711] __x64_sys_clone+0xbf/0x150 [ 281.931732] do_syscall_64+0xfd/0x620 [ 281.931753] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.964492] RIP: 0033:0x459a29 22:27:06 executing program 1: syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 281.967705] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.986619] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 281.994351] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 282.001729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 282.009105] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 282.016485] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 282.023774] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 282.042167] x86/PAT: syz-executor.4:21859 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:06 executing program 4 (fault-call:9 fault-nth:39): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:06 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 282.106945] x86/PAT: syz-executor.4:21859 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:06 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x10, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:06 executing program 5: creat(&(0x7f0000000000)='./file0\x00', 0x40) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0) 22:27:06 executing program 1: syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:06 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:06 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0) 22:27:06 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:06 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r2, 0x42b, 0x0, 0x0, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'caif0\x00'}}}}}, 0x34}}, 0x0) sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2a000001}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00012bbd7000fcdbdf25010000000000004008410000ea970659004c00188000000103726f6164636173742d6c696e6b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c695f99f454f6b9b615c633e41445083b166de9f5c988fb6428aa489237093c94c774013b1b2d9d9ae81baa9652d74a1df89e5cdb75351aaaeb5e3ea755cf69bded96f0cdbff06dc70bee7026cb6b4855e0fb1a1804e9d3f93cb748ec5780655cb089bb27e2feacbf8e9c632a1a282e5dff2290b00"/228], 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$USBDEVFS_GET_CAPABILITIES(r5, 0x8004551a, &(0x7f0000000140)) 22:27:06 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 282.291419] x86/PAT: syz-executor.4:22051 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:06 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x11, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 282.344139] binder: 22090:22093 ioctl c0306201 0 returned -14 [ 282.368140] FAULT_INJECTION: forcing a failure. [ 282.368140] name failslab, interval 1, probability 0, space 0, times 0 22:27:06 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0) [ 282.409610] CPU: 1 PID: 22094 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 282.416588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.426007] Call Trace: [ 282.428622] dump_stack+0x172/0x1f0 [ 282.432276] should_fail.cold+0xa/0x1b [ 282.436191] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 282.441494] ? lock_downgrade+0x880/0x880 [ 282.445688] __should_failslab+0x121/0x190 [ 282.449940] should_failslab+0x9/0x14 [ 282.450606] binder: 22101:22102 ioctl c0306201 0 returned -14 [ 282.453752] kmem_cache_alloc+0x2ae/0x700 [ 282.453766] ? anon_vma_clone+0x320/0x480 [ 282.453790] anon_vma_fork+0x1ea/0x4a0 [ 282.453803] ? dup_userfaultfd+0x15e/0x6c0 [ 282.453823] copy_process.part.0+0x34e5/0x7a30 [ 282.453859] ? __cleanup_sighand+0x70/0x70 [ 282.484944] ? lock_downgrade+0x880/0x880 [ 282.489114] ? kasan_check_write+0x14/0x20 [ 282.489130] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 282.489150] _do_fork+0x257/0xfd0 [ 282.489168] ? fork_idle+0x1d0/0x1d0 [ 282.505399] ? fput+0x128/0x1a0 [ 282.508701] ? ksys_write+0x1f1/0x2d0 [ 282.512521] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 282.512538] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 282.512553] ? do_syscall_64+0x26/0x620 [ 282.512567] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.512584] ? do_syscall_64+0x26/0x620 [ 282.535403] __x64_sys_clone+0xbf/0x150 [ 282.539402] do_syscall_64+0xfd/0x620 [ 282.543227] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.548432] RIP: 0033:0x459a29 [ 282.551644] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.557623] Started in network mode [ 282.570558] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 282.570574] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 282.570581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 282.570589] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 282.570598] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 282.570605] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 282.615769] x86/PAT: syz-executor.4:22094 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 282.627782] Own node identity , cluster identity 4711 22:27:06 executing program 4 (fault-call:9 fault-nth:40): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:06 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0) 22:27:06 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:06 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:06 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x2c, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 282.651550] x86/PAT: syz-executor.4:22094 freeing invalid memtype [mem 0x00002000-0x00002fff] [ 282.659672] Failed to obtain node identity [ 282.673047] Enabling of bearer rejected, failed to enable media 22:27:07 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:07 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 282.720760] binder: 22210:22215 ioctl c0306201 0 returned -14 22:27:07 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") pwritev(r1, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x124, 0xfffffffffffffffe) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fdatasync(r3) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) accept4$x25(r5, &(0x7f0000000040), &(0x7f0000000100)=0x12, 0x81000) io_submit(r2, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 282.826104] x86/PAT: syz-executor.4:22223 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:07 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:07 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 282.919369] FAULT_INJECTION: forcing a failure. [ 282.919369] name fail_page_alloc, interval 1, probability 0, space 0, times 0 22:27:07 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 282.973472] CPU: 0 PID: 22232 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 282.980469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.989834] Call Trace: [ 282.992450] dump_stack+0x172/0x1f0 [ 282.996106] should_fail.cold+0xa/0x1b [ 283.000015] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 283.005140] ? __might_sleep+0x95/0x190 [ 283.009156] __alloc_pages_nodemask+0x1ee/0x750 [ 283.013844] ? save_stack+0xa9/0xd0 [ 283.017494] ? __alloc_pages_slowpath+0x2870/0x2870 [ 283.022537] ? copy_process.part.0+0x34e5/0x7a30 [ 283.027399] ? mark_held_locks+0x100/0x100 [ 283.031658] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 283.037238] alloc_pages_current+0x107/0x210 [ 283.041663] pte_alloc_one+0x1b/0x1a0 [ 283.045484] __pte_alloc+0x2a/0x360 [ 283.049120] copy_page_range+0x151f/0x1f90 [ 283.053356] ? anon_vma_fork+0x371/0x4a0 [ 283.057431] ? find_held_lock+0x35/0x130 [ 283.061501] ? anon_vma_fork+0x371/0x4a0 [ 283.065628] ? vma_compute_subtree_gap+0x158/0x230 22:27:07 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x33, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 283.070577] ? vma_gap_callbacks_rotate+0x62/0x80 [ 283.075444] ? pmd_alloc+0x180/0x180 [ 283.079168] ? __vma_link_rb+0x279/0x370 [ 283.083340] copy_process.part.0+0x543d/0x7a30 [ 283.087935] ? __cleanup_sighand+0x70/0x70 [ 283.092160] ? lock_downgrade+0x880/0x880 [ 283.096307] ? kasan_check_write+0x14/0x20 [ 283.100532] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 283.105388] _do_fork+0x257/0xfd0 [ 283.108861] ? fork_idle+0x1d0/0x1d0 [ 283.112646] ? fput+0x128/0x1a0 [ 283.115930] ? ksys_write+0x1f1/0x2d0 [ 283.119809] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 283.124572] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 283.129330] ? do_syscall_64+0x26/0x620 [ 283.133294] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.138652] ? do_syscall_64+0x26/0x620 [ 283.142640] __x64_sys_clone+0xbf/0x150 [ 283.146621] do_syscall_64+0xfd/0x620 [ 283.150431] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.155629] RIP: 0033:0x459a29 [ 283.158819] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.177712] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 283.185423] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 283.192694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 283.200078] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 283.207351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 283.214624] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 283.229172] x86/PAT: syz-executor.4:22232 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 283.239168] x86/PAT: syz-executor.4:22232 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:07 executing program 4 (fault-call:9 fault-nth:41): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:07 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000000)={0x9e80, 0x7fff, 0xffffb940, 0x8, 0x3}, 0x14) fcntl$setstatus(r0, 0x4, 0x44000) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000004c0)={0x40, 0x5, 0x8, 0x83f, 0xed, 0x2, &(0x7f0000000580)="92cbc0c489442f4ab073bddc5e46d2d221770efaa01c3e0ec2dd009f9e6cdf16d6ca9c928a3065aa6eaea43af296afd37fbee80eb7209aa6867eb429eb5dc8802feb9a2ae6b56ca41312f3af3382896e8f5994de43f2e1727d8941a527f634d8688abba557969a846aee17133eff11ce19c0eca65e9e321dc07004ce4bea0c6b39a5463b3013ae42da66a367fc194644a8691334d9dff1fe325e2b144845c06335a2291f56950bf69b038ef417a5c0f1c5001c9b3ee02092db3a84ab9e8c8a51b14b95b79db785493d8216cdba112838582376de59bba747c1fd3c7d702214985789340d26fdb7cd1ade60f54a"}) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/relabel\x00', 0x2, 0x0) pwritev(r2, &(0x7f0000000400)=[{&(0x7f0000000100)="4c0ee6e84ca509", 0x7}, {&(0x7f0000000840)="9c86fcdd6a2a11dd0e6879631343702382075152d05dade2739c09ed44f4d92d98808c9e0ee1d5703f7dfb92d6562338bca0f5cd4465de0de3685b9ed63366602c6e2cc71a9ba4f238820b87f17e549491241c4dff4decb137ec10f3738c22982e478850ba773765f2a4060bad372a7b4d24c3e091ce92c79dc3bc6c84f6fa814640f4e3cdba1c37dc80554bb54be3fde5903bf3c61d08281558c73c5d1cab3154b05186a1af26657cb52dc1c304b9147a4c3438c8af59f4d304f3f01209dd08d45ae616708f09b12584ada37ececb8aebd39de7431ba358a953bfbbbee8bf2f49e3a651ffe5decda6f458c279505f3aac16584a6010cf2b9de1395a478bb030fa3d5e2a188ff34b5f3f0685d830d2ee719e1e86bc580e31b58a938ecebab044e72230c6a2eed9f0aa27ecb2ebff44a2ae5e21b2b8dfb63bf8a7f7256f40ac5b370a683a0c010bec4d0e621488118733b8657f46e75016ab659f8eb84a3ead0c6e7bb73eda564b7cbff60c5e0b15e2274b9b260c23f708cd67bdd91b7c86d1032134f14c67d7f796e9fb5ab99b1c6763388c935f9f35ca3eab3bc87aa7b0c4fb6be884fa13a2db694a596c07f0e5bb94a7909401b370a6f76ca79264b489d7d3194d880fbb6573fafdb4a055b68a8163ced664850147efa0c63efcff6340277d8f8222433d52a080871f245226990bfffdec2241126787a4ece9c71b164623e1257c7accd25d0c2668c17110ae7e54a47a084f86b449410472562aed7e07bf49d3cadef84a8d7058d63058957a5ba0dac6312cc386bfab079a1fd5c758fa6b9dc0d5f7a96c4830d2f8fdd6f3e09c3ac29cc33d2a42590ff1d59ab36b35949523bab542ea70f82d2513de03a1fbbb613014c0ce889b8738be18c9e45152e4427aa8d73a34edf867474a6250b0719fbe8da4170236b145e5daff449a31ed017d93d26454aefb432702c1b7c3b9f9fb45562087358347ff5413565a4de094137deadb30e14f79ebd6989c72b23f9bdf0525f8dd2e1add4e2c11bdb920254cb10cc7a3c2ba32401e7fcb211c89b24a463d0d0dca75e961457bb5d94e5c816ed1cb60af4e73c4f039cd035919ab8a20cf5a9e2e59b4437b2b51e02a5cb184198b8729fe601fc016befb678820faa8bb4a91ab1c70b12213eee519ac95eb167d3a8beabe6d832ca9648d52fcf3e14e18b83418b4181f58b93c74cdb331571d7e91cc3500fbee55ba35a46e30db1f8c9b088307c2d83bff427f2ae2b0a66cd15cac004852458671777578e3e6057ccf509787f0d9ca89f213a33360ee4287c0f11efbf6970c510e37bd3132e961582242753536f951aa3bfe11ee8da24f700ef7a608b3d1d8c60fd9927b130a62b959f5763ac985023c044681b83e56768d2fc66ce32759ea2995f1d5e5150d1872bc41b4144454362259670a5d2a07e99731620e42a9f592c5888b3cafc50e46564c662a6573f144502635963139abec7d6013f8a374ecb7696fa8ef254e95cbb2680f9aef550063e62107055ec1a6851f5ee9e3c7212d3fb4ef74b36e6d39d1e811b0893988d6e0af96943009793cc30ef8943c9a5a942ee4f1b5c662dd8f2441069cd336473d4f81a29ffc3a17c45ac99e935a5156d1a0d0868cb2d80013083ce72dfd87c67a7f090c31227d1302bbcdd4cabc3547c6d173f63b43752c5dc436685c2be197b9d537936846ae07cc9dcc8eb7d899efeb3c3c1b342c37016ca6f16cc959d61d74a0606197125194dceeb30c3e38f1e3a0bf362afdaec803a1a727ffce85fa873e5c20dbdad6afe45aa74a60bdbf48e7a9a9e51d9c8e0d1ee2caa3902da86463312b160c88df5005205c26ea5fe41541a3d293c9120b2fcdac5e2c193f191d9c511ad147bed500e308b5f0fe191b629218ba95263f87d07fde2f3769a427f1d5eca2281534f06948bb955357e37be9e9d749a49fcf61346392e74d2ec7efdac9b34871601d07a68d3941a95b9223fd35a85d0f98619a63c337bf0384e924056ec683c2e47472cc8496fe1fba22b8e74534fdabb270be757906e40ae68dffd4e960e5292d32af11295db5e1b5f92860e192a82af1c90cb4dee3ec2967963bdf5bc7273b7e9b5e0fe7a8d8784e18caa22962fa11d8d710f6379a58be04a3c629caad2ab24ace310eb7462967181ec97b9194906b57980c089945b3c98dd5f2f5413953e5e32f8b1cb06e52d99b37355c363bf73bf09f04f35a67dab51c609aad9a44e0d7da4acb4a86443a8df385234077867aafc21ca3eb0dfc7b7132b32e60b7c93b14fc319db2d76875619a78e7d0e767b12bb352e4b5788e11e1b98149eedb2d2770da36009be04f104861266b64c7801db81a4f43563b58eba9b8f58179fd988f7e179dbf5c0948561ded68b04633ad7b723798e3df05557e10cf435b41bd26e39340e37a37b13d14dc9f222759691844d7dff3948da04e9fbb7d882f709e31144bcaed03247939ac8bbdc2e891b1fb98adc831735e22f0e5c0a64b9f911ca86b0642fb5423f8f3672d89c1d90eef9b2021ed8d435d6c7b7c91c343ff603566cb24d39e4613d436124181656fe2e07d756f1910678d885660bea3f40e52d0d79c59d303f099cf491be6f454527d4e5a7a0bd58813cfeb2d6b3a5b7880ab7fd3a6568999cc8745b447db2ff1fb150a60ae59b18b3ebc94a20b068e42dd4a02127dbdb493a2e9d6d4b5fb409e968b92aec1f183e666ce483e7c29887a4407b5e1526476ef4f275ef148eac3d4581391b72db5be9e6e3e3b3980c0c214598532d6d690a727012b9a9ba8d6f34b2d451807cb8362a117ddca998b43a48ffdf00db18aa5f4e79a21c7e1f7fb4ea1856518fb41acac6551c75b383d3174e1c8575834be7d213bfdf7f5210f9fe35e32e5c519531d770170ce29ddfd4dba8896c26ed4c54d539d9f6dbb215d318beca4e1f3dd91bdede05225f7c15f7ad7bc44caaa08b9f30a771f4e3561ceaed66d9638b5cae87430e3f9273327072089ba7d1d2a790cc4d90797cb151494835825f4113f0f3ffeee96a165cdf87ed4b122e63d4f5d4592883ca7ef2ae67ba63ec49e1486f94e6e5db886fd51b08ad15cdb4c31cf73859c3c4e30ec1382cc6fafabbbbb8d3090148019da5d24d9637a9df13510ddcccc2ae75b5146a7b09b1b38a9e540ede3018ae28cdd79baac7c62573c3a08734077a5b9633df82ddbe1ec6a0ff3c4712a69a4f4383ed67ab28baff1cf1a82fda77a58496bc25b0fb1552a992528fb05d3a7f515041a034d7431dee23ea0f00ba9ad9300f139210c3eb99c70e2e2ffdbb3aba441e82a40bb5bdddbbabb5c421207285cabf104cc5fa44c1c3cc04ef5c643b582257dd6423f1b2274f976feb2e020d02b6f8506f21a9b5491e162c86db84a9afa521d65034692a658c757862a780b33129c35aa769be03aff392004c7bbc4cc5fa2f0c930458aa51e9b4d176eeb225321714d5156466d967e26af589b8c4a7e5b254f1d1b197ebd28e82f563a8f34861aae4ca120116bb5936c99073f708b257db62518e5e8b3b7295d16f4e7526ba1b61d8475b34e6fa8bd01eec8cdb63431fb8b20328537a9046967ae17a8a5c38ee09444609cc7c29d4e8449e3ac3a2a5d38f7b8aafd959071173ff3aa5ad1db634f1d1730b59ef54a242a0f84b8f7d62c0f3518ce03ba97825d2c6ed3f0b16558a08cdc0af121b2562c7c3f20753e54b3d5c2fdb85f049cd5c1fe0517a62a85c0d7bd2275cb634eba05d32c5bc3cc343e482de0542fcf18e90f1a772536417e98ed97f28a2025a4c431446b3879070ac920f3ee5ba137fb5a11bc7eebafcf75b8d7d6c13fff9114397c8c3285cc38d49784046a75857d4e8d2038a4cc8214990e5862bc1b3330ae02154ddc419649ce3275b04fb16f198f4066b552d7569db61daeba5e1442cc6459f5edfc2a7ae1a1d9fe6ea481c764d84104984d2097403cd06d49bb0c45080318b415226aa5d836d80ef96ea184762b3d3b3fb959c0780655449449fe51ae30abaac12433983dd36546dbfa91eb611a57a2616418f7f96f7be6737310fbdf9c84ec6d1f32441a1a0a4dd9cab284a4ad6247fb97c21d1cb8acfd408458c8115ac76fe627011c79d17bd6dcd725c240942d9c44741c666d79c83f396601606d88b559f1fc7701eaed22dad6c132457b037f7eeda1ae4b8130677411f7bbbb46841897d20a73b2f285f7dd54ad047e1ab38933f28ae465ed090007090a5c9020d2df6f83011185cdae936175c7c061c5d606c96cd306baa17de0cfab5ac64c4f538f7987ba1a921b6a15bf9e848e5acd7183f542056b159d34c24a4bc0fac835fb5768b4f1e8ace1bf98f6bd67d726c3c52b01e46c5df9da5f50865b9b8fb2f02cbea9d447f8ca4c9e840b6aac2ee704655a09c0b50c8603df8983ca51aee05a0ad858912932ce2b2a6a0606a5f847a5e406eb9b85c7d808a9fb9e9139667a4641fbe691df43fd487af1a4b5ea82ed58837206629181d3f7dd2198ee0c8dc3b78ab957acc82c143d9989fe57076abcf7efe6e1c8c4ec2866428eaeb7e0b354f8d230fcbe0d16ec9f34062971ca57bf571b45179ce9b19e37b25cb400ca7867ccd5b85d5f4e4eb19a2b512de75e3a2ca809e1f9e6a9385303669c2a53ffe8e60589084b35a54c0ec56a9ed4bd06fcfe48aa654cf77269ea07d441ec81dd841f6f07ed0f27c8d1a4e934b8c6b5c1457816c21b8f0c8073fc46f017fab2d89a08d4c6da78de2502a7c70cd401d60c0aa842309374fcac9e9681694c3e697feffa4b5e5b4806ea2fed27ddddf8284c1912b89c0e71a6b1c1730bfc98b4c213ea014bbd981c0e052aa00ee0b8f50d33bddda6847d3ba0ea9fbc049dbe86eeb33c301d042d332b9529bfa65d23fc927ff7efde0f2c1abcc4bf2583b87ffc71680349597cdc5401fa09074370906779696457015a192b94812b32a54c3246aec992681a1f8b2c3e9d052a70b289388c268cb8fcf972fcd17cb5bb2a626a8b93e9bfa8b55e63d2f65eaa2241264172ec864564ea8508f5ece3f1cd3f2cdfb0cb78c14282604137566b245c6fffb29699855b9ed3f83ae09a0c2dbfadea3cc2d11251664af6319f901e0541abd9528dc2733a60dedb8f474ce4e0a424a8db805c9c595afbd2a91a2f163eb9009729ebc2f7dabd6ccf539e4d7100cc22e92729b923154e0d0f04c2628e5ea232a3f2551b9a39aec676bf7d886cff04ff5f6713909ce5ae0a642d528299b5eb5a88a929331c9b4096770eede9371c2c9e30e1ee4d405f52f9b768bd44ee93ea50eebf86a26ab0a82e606878d9c9d311b03e0f21a0e0e4ab99fd41aa0ad77e73ad96f1e73130b7eaeb8d25eebdbf70fd08914a774419e94443b5511ec5fe90f255b460c293fea6b7989b3f2b97e2861165cfd5f8539fda3d361a81c60202d091024555507a2338195ec877de2008095c0fcbb3b26012ed28748c569a2ee9bdc7ebff1723210b3efa702cef1849c97208a84803a68caa5a40eae727c5ed99f3a50fc27c9986589aa104601ea18d9900468e4183aac8461749c559de7b661f15ea01dab0ddeafe9b2c10299f1143d68ba4934a9da52eb6a20e74a1ef9da38a13c711d4613d1f9b4528de9dd929fe202f3655a7c612a92217e69ff1bf15d81924430a7c29093b675318ef08280e6f05619ee7e8a282998c6bfb66c67c767e0469e2f269331c545ebd8a2f1638e195aa9483116c1ddf9b6d61d5ef19c15083e67f175a2b8eddf63c09c85370d00de3842413abd5b1d12b9648003374ef4026a0eaca82", 0x1000}, {&(0x7f0000000140)="62b8f7dc984f4615472e3575dd348c041a0c8b5338e9f4b57c2632790e98033fd8edcbe921e6892716e4a4e82a568bab0de0b3f358d3ffe676f3ebb32fe9bbef2cd20e44c5f2dc14a8df6733d1ee", 0x4e}, {&(0x7f0000000200)="489b1d014698750cb2f5704540d71c3024e5", 0x12}, {&(0x7f0000000240)="3a798794dec3d43d9d81ef3c64e62242c930304818377de5d76019681680ea04e83b82832e386fed54bdda78f540fb88b808403dda2fcd7e92890a83e084b5f28f0d86d8e6472d32a5e22c50b56028f4cb8a9dcda89441da3ebd1cd33a3172254404e27d0969425a7cc4b83a0cc8ef5d69bb7a4a96ee0bbb9550fc36aef74dfe06aa87a0131d483b1adc1d568f037fbc2e15fb776f74026b5b533bdc3f76609bedc80afab29b089117d72e466390d9d9fa51edc6a2e20ccf1cbe34d2f777e05ed7b275ed233b0b590f4859c2310e9f72044e25a6d6f99c8a181eaab4974c8e98ff97c8fd05508304e20e8f060f455e47b9df1678706979273fed6b4b62fae6", 0xff}, {&(0x7f0000000340)="7d150e043bf9f2372f1d4c597798996862455cc9c3ec61be8c2d36d513125b12f9a251c07f818b640b73a8016811c9d6d475283dfbec87db16751af9a11a2945a14183687051295bcf21cca5dd946ef62c9cc2e721dd0f90e1c87cc68ac7050e6129723cdedf7f6c73bee1afd261c2e78ff6441a3ea3989c5ffd63eb65c88667dcaa81eb95d2cd3e73131d4de80d13dfc3ace31d9971455543716e7e0ba7ca9d1b5d15565da4edf5dfa6d7a63ddc126bcc73dda5043cad6b", 0xb8}, {&(0x7f0000001840)="93a711bb8ffb8149b34f29afb82c95a7e690a1ae5b98f4057e6699360684638a857e6f80e8d24aba82cf4d5c44b5f2b4cac17ed92637b3c88745ba5244c786e2a894a55d010d4cee4e9e062b59f9f79e9be4db2ea0dfb08f1d9d3e39cb25fa076e3f00bfaf4d072d861f4e976e9e40208fa812f8d206e45580a93b71b8361ab76ef4442572b53ba9fa2c6e359a24b2921b3f398f35f896b1c9a8476e5980b50c0ea5180ef58a0a609725bf5efecc46af9e0853f835577960f022b64099d48a3fccb3bb9d446abd2eb40892617214553e5e731dd1c7a4b6d94e69285bd7c15397d340781a9ab7aaf3104f3f5472a6f8d19772d632676bc3f157309b6209c81ad84acb81e1f4e8d5dd1fff800066a643b4c1f010cd36d99170556ee479abeeda8cf4e5974c36fcac124dba8175545d14660a41ad847c5f41bebced2aa19820f4681465ae47e321ea4ed0195c92808b2a16bc828ef64bc8af2ffa1dbbc4602bf06f7ff9bc8da48e03eb9a76ac87938d5609a6e1444fe5562401ca11386c4123368daf27a8a9c1d00b35d8848c4900bf465f16b5ad243ceb25a523226b5ba1e687ac799464f20d4b069becc29b7f9d77cc0e84a63f81703be6d42383877deb2c031bc2b16365f2d7a839e071ae1b4c0c7d8ba7de7d9171ba93fb2aa1906e77e82e4ee0789c637208281f499f92832bf98ef97568af6e46367a9115ee5ed0353a22be5c5e78e59491dd00d037b008d6c7aacaabac8e6870eb2df01bc2981c60630a2e1a8a7778a9e05a7d06273c23ecbf0c287501f87610e3e0c9acbf00d6b8c5cc9272b20c4a9fd975981c61db20813ff89aa5f177191457fe90520dc7c8c86d5dbebece3d1df1cd11637e23cc73f0f5d2d70021a817259893815233adb30cf618dc8815612d212f10a6d0186d7c2234d7004e2e01cfe17498937b92d7d01186a1eef4bb13af3289da7343294ec4559985229054c305d1bedb24382bfb66a5987e3b4e8466efce77696df4721bf51c2c4c92c4d5a9366bd62d29e31ce3665266c3eb7fec04f047ad648e2898d72b92297a4a8e1a08d25b09b9f1c8910dec03e0069c9f8e76a4f8519612b7d54c5d9c7be9c1c7af57ae3c0df2cd22877849dd6006777e6649d3d32e1ae2f9ae230b31b5a269a1375b3e1c60b9a9e62e8314e54057df69ee1b922ebad7f019ec14727cb097630549e573b563cbcdc9b8c3e4e99b17426626d26c02ea341d8fd30e2d6f0c211eafce9b73f7833d67d2639d7862cb82c7bd976dde14d2abe13cd3a80210205d221d359ade8c63eecc94fbb9059d169cec66fc75e4f0ccc268acd824585c3b9d5e7083b15e77e2b8d491feedaef04608041c4ce16793d4aa769be5b38ef3fba1241d92d34b45f279337e2ddf5d1952b9fcba6c7f6a06770c06ae6f66e32598c6daa12d1041db6d5287b093f4781119d5f4dff30c161e62a5a6b36311ab63d0ef8a43df0fe7e0df26ba953e523789a097ac722b154986e547d23fd1a2c4565aecad55fbf8bb8e662944848a1c9bf3600482e23e9bce47457f034979b2af0d733acd47185c62c9a84becdf78bc49ac9f6ff3c27e2e790593649b0579c09aab9466c3eff48f425830db50e028ef6e917a3a3ba8264744545200448f0f8789376ef4f8c9b50e7dc2f49b57a03caa61c8dcb3cfd4297f3ab702fb0a2e6f1b3a4495b142ddde168a3bef5c157673a1edc5b9fa5c2caea1a32b894537f85e72dea4c31e0925c46407002756fda94899bf840bd82a3a7ebff57b5698494cecaa0191f053072abb3c60df9e0a87988540776ac787ba96b4dc42cab5e196b0ff584911963c6648a2f8ded5fa86ded2afcab643e10c3d0ea9cfdd5f494c1a2db1346f64d6325b811c618020b30e2bee2237f42b1a466b9a59eb4068f2f551dc5bb5afc56eaa939cea11f6d7013647955766b6901310da5bbdbd55b460ba03c12bd559c5966136a3192c6b87f76186227dc39dfbb20be42938c862707213d5fe0433212433e3dc73036563a40dfbe77313236cca8e4d5ee6e4483c3799e5b443b4af27125f3fb918b99d359e82cfc4c3f25305d65cd81768af4b1974700cece884a110f9e7d7a92bc722982769f0189a95d6d4aa268bdba093a378d9ab0893d1524baadfe12ef55fd55d4c5869232d4406f247182edcb904a09f2d2da207b75fbdde9cb30825f83d48135424828a72959ead488f1a9b59b2290a8cb27f7021c4853dbdb2e50629d0e2f514cfd87ccb470c0e4dc21dd3ecc8008667f72cb9bd9b54065d8df1f4e899aa9ac7adbb7aa6e5d1d3c6c99b628986a9012f597da8eaaba602c9877f9e53b96aa49d34da1b504114635ff95c42d462b862b251cecaa157c5421af8e76060e022f357c99ab6975f1b9f268128b6c51b0ed1ada92410446125c231e0045b9577424711e58385c42cfffe5cc6815301374633a2c9021ed43e838cff993d1fc70cf7f2a34950c0ed14d8f3328a342280d0720c76ea28ad7f27211f0d429e1f5490af10666c7502a9d07bb4138693b1021fdf0f144e5374519c604137ddc970b9981a2adb1c89b77d2b00aba356ad6451a7deeb3edd6ab983d1077c510cae23c01e16310ab3097c196a5d45c2c98a0f41a890d7706b6821c9b7f10e9f3d1525fda70461660502b45242dccc712415ab8a9d76ec657d8e512ba53d1ae55d0601aa2c7e87d62adf5b7b9a755d46ab93bdacfc884803e681f548017584c7352bb7c3f0c339836660fab9c38fba6d343e53fabacc635c4abeec93f214ca64942cbc53b02c05a9aedf6ca59bc7dc5345f0deb7523498fb719f8647ef0258c3f228b8f61b64b2ba9a2a884152012187b2a4214900d55a62165c25bff147f918666e11958336d5b083e60f20924a8eea9c8ffc0538d9eb48ff5129465e7fa2c672c64cc9bcbd15ad971e173744f0651793b5e1d869e3339f4b2976a002cc11a58a2d578f19c97713a8ce825419a7db26789789c454c18f0ab6bc9c4d6cb50724a4f7806e1605dd30da8e9666cfa93926ce1acf299e47318e080cb9131021787f7a4a0ee9d2b0ca11e70701e6c95386aafff85fb4d4360b3a569a011f00d7330f2bb2bc8e8ff19d17dc634d3c550fc346e408187fc4772a31af201d950ecaec485e2826eca455931017c464d164c5db9400f6b542fcb15c5f2657ca174c9e9063d3e3449821f7d2cdd68cf0c85c5261512035fc1aae7e16038964cce006941c196e1205016cf42c23fcccf384da916e7b411d332ca455e37fd5942b7046557b6eeff824744880ead0cc851556455cdb6948c6c88310ef60deb0b6f255bbd0effe55b37deed05b867def0c168b79f6ff9cdaadae2701253f623b554eaa7538b51dc597eb1a736428fb7fb8656cc920c88eb855faa04e261a2b834ee032c610e116f03ed36744c9224d18bf8ae414bcc4cf2cdf9cb5c7beefa87ba18ad2ed46a4925823b97dcb0541bf43d3b46b7d459afd9a3af3641f67620880fd2d052e63af015b0a06c08425dd303364735f71da3c115d0ab3c36291ba119f68ef0a0e7fab389a01a1e2c18388863e82d2648da9e43cf6908f412069fbb94fcbd5f13ee01a967dd8f9ecdee7017d63841d8f6fc1025058c20dbfcecf5076e1e960e599a5f602a7fd70e359aaff925e413ac73823a8c05fceaf77a8e07c5c7053cc05589e20ce9100bce4e7c2aafa0938f74557dc58a1a376fd7dc32abe9cda14cb07d3730e650aeb43325ed7d6c3484b76e0f5042351adc29d24f35ead274da9fec3ec6ce73b55041fb75d63d4b1499b8624232b2874ccd2173d4a78686e768e608db126614ffd836eb57e3ed29777fef5a379c96c1d2ae2e70d3f5a10f77bdf202021856a3ff51aa9096afc973c971763fdaf678a7d1b2a33a407b5b3e53ded788380ea59b65b6bf386742da3a219a04fb85d9429aa30f9b57518ccbedf2040a2d33cc1b910eeb31f1f32be81d71d9c072a010127ff9f9658bd630819b19e80192b5a5c0960797eaeb11561e0673a46bac5ab7539f6f95d3f6d95b60926ea29598765c8867ba4a366d16f7bae52e9601b2958baef41038d1b6b62fec6345ed519feda73f6c7b4a8786971ef4dbb69cd99a69841ee4f823d18e8884156ab5773bcbd3670721249d236e5a4de2f79ac63004420c7d62f011e872fa7be4284673cf142f4132a7d2849c0e798d1f5587a8d19d983b0c23bfcabab70dbbea10dedc5a86bdc2fe632b515fc5b7167568fb0e04cea41ea142294efbaf72f84281a8b774a2a0e907d7bbbef91776e2903cca5c8d18c4045b98595f721ba4563d61f43a3733dff022782cee976807a5a8b01b2d5ab1f18d7be534be1183e8695c702d54aa1368db1028309a656dce240394c1511e08b05966d666a2c421143cf737fd02a50c94456add4f79a4000f11e3c48a8bc8ee7314a057d0c34e4873a6a35fd1dbe51590a73516d19fc7af953647c29b87b6589bfdcc44e89c1674639c2662fa4cab3334c8e44964df321719287d4b5ed923bf4e0df31d2e0f949dfc6203a9fcc796958e24096672fbe026ff151b84cbc5f82481f4db5cdf425c78312566dcf6d4694ec4c9215cd2740dd0948b181e95964a69d6f008093f4523af0ba1f8ea439aea4385628266a26b4a6185a033672b5129c6d563605494dd32cdcefd7977a5a055582b3a195b70904ada0f917fb4e1d3947ed066c1f5164b5f6b5db8a5106e1d3f6cda58316b36ef4eb823a1dd15e193947509d182e1dae3d4b5d92962677398e9561765e4cc9d25db3b63fe7718c2020e3ae5d6e01decdad1058cdaffd5d884a8fcaa8ea5af3302b531745bc42529925e8535b3172f00371bade026c151aaad1a7bfe5c83d3dcd37737da8192aa1765e8f5fa885853df48c60b7289cadbedf461aa0bd675bd57546cab85a74732300e8a2c213d2819af54b2a656eb7851721d65d5cbc151469756d8e39736011d79d07ec2d2e3ae1980a3f28654b9f5dd95d1622dd0ee212ca652a38decee9983a0739f3c4002c572888aee34ed69d879eafa754918080b42d930dbac5ade52f120774ded83375dd9262b475885e9a25e813c6a4241ced9ed5666111681d311a01e72ebd37b7b9a6aba329ec1b0762385cd6636355e01b93ea0c40b5b9869562cb3f0b1bd5a730e4e1c1f418f81a1506b530945de2b085f0cfc8442e8bb359b0af323469a8a1663ea5d5486adaac0dbf179d3b5b76045db57c96594e9c1f3bb82b2b8a5dac56532fa86a1049b74c1b98facbc627d3b5565a7cd8348d51d564e4557b6d2d4bebc3e467095ace0523907190e15241ac3564409b9770447dc9eae13d92875f1c3980649d2bddb3c8fcda90b6a1513a38bc72d12f8c2cb1baed1f554a6c980a02bc40b4f3c3af0afeff088965b37191d604969487e68a1ed59f8ee944fd31f074de364da9525b91cd1b1bb59d589c612b6a484204d240bdbd3adf847e4dba6414259d819327a151cb88abd553b08b661460dd23cc5f4a41461e3dd4ee6f72d1ba8ce565e0bd391ca5901e0fbdd1948ece763ce7ede66e94120f156323ee7781644ed0d65585bffa09160460928328020e2bb71aad9ac0cba4f87e6bd950e58cf98e337b63b9e1b6e03245b3f2b9c1ecd40aa21c02061dc7889ebda7b91aaf758541b734282ae98d5b00d3c26da00a38d63646b614935d7114c265e20bb5caa59ddea755430d514e46e9de058c0f394745e577be31d59e5a5ce1267b061430b0e2be41b0c5bbece3d9579ade34918639c86a17162a3a8d686473722c894d5633a5a886318ad210f08c", 0x1000}, {&(0x7f0000002840)="0b1b5a8eac89f29fc316e195052e2df252a445c990654ce14d44faa5095d97b8e2956f9772f73767e7be5f801fb421e6dd8ca3506741b805ab7b429817e4a6db8395c303523a4113f9ee78fec98ac0311731af6dc14454ce4aa25bf7f2ad35fe77ea939c9e51eda53db69628173b300547c04160b9c8d163bed686dcd20730db423cb43b6c15221d88a36e9b3d769511f2fdd4969305ef84ddf61f16e19ea472d74d7892250a3286fd6c587440b4b183f5a20ab3da3c74eb8c5dfd371e21817d7f471140a9fa9323eb9d5bed6d82a20a30166de69d99151f28421f56a6787a2047cc3c04663818be89f9493eb93e3cf059a2bed1248b4e7f208408938cf5e4030edb8f036809e921c8fa178eb9776e6338927b77c82dee90cba0caa991dfbee394a3de7e8502377b6d7af5b59228b3e2247aa07253b3ab2b2a96c85e7f283d86994e1e7a54fed53fec369a1738a6cdebd9b58537e28888ea665480461ae43f5d89b393dad70a8658a18a601932d131b34b314ea7c13bd280cdde0861b0c21084b6d32655c097eb9ec20817cdfa10dc1f4ab50e6ec7527b03dbc1c0132b5c8652e2868ba30dcfeddc6b4c8b3125f702c8614fcfdce0f6e1870cbc66628b441443061ea418df925721864d28a22f9c8d5ace65d30bcfdc76f7ddcd543c20b23595c4f20242f140b517254509a8f46420343bf742c1461e6d41e87286a43f8c01a99064db95076a4263137ef61c55f1d7f0b9d8802ce1105e2c2f19485e78987cfa7272dac05d3fec20666afb268bb75bc4f8c554c13cc7b3fc375a5ecf0c2d07e873abb468dc6bcad665b8ff2dd1f255c7d4f082c323db2f6012fd2626a45d4cd806334432c1d4274c0048ea857447d79202cf7c234024ebd49c9b2f6977c98a1349bac9c09ef9a2b93e2c5e2816d2a8ee115a238e96789d971a04a12fb1a1eb60b50db860a9096674f154bf899eeb8d9d8491f34de7619e377ec6437dde5af67ab2f4ec6d2dce9c1f3ea2e57e9dbc4a5c03477e5ee1b1f515f70c29fbaa6078cf9783a04020f1fafe9a4b6892b3b5c3289399889647e0c5920e445ceb4699d7f881b38968cc78a56aad41e7c659f00ff64c9a18b5d27c56cec010b5153ed66f5737ca182a2775344aca8b07b5e01ba2ad11e058785a725e146285c0a29f05d8a39135c9bbf955853cf58198170e491d618a327cd9f42beaea5a6d4b8b22b6f663a263f3eacd0cfdf75a298be09d13c0856b81ab0c60b065f3edcaf17b65322b6b36e14d022677a0594e9251c2922aabaf8ee92d1c744a24cd4f068ade505459423d30d4788c6cb889ceb41cd9d57e8dc5153b459ae831f3ccc9719ad96ede491751176ccb576eba3fc1dfdf754f0f0e42ac009baea9ff4e69fe47049640ae4001302a9c3ff5cd4fb71e0fd9240b8680c284a5f168939bf4d6c05a5f94ee3908a5af1f3c966534bd30de997681e349613948518f6a5eae00b12714a4720b6d341515f0b3f747299edc1ce9b3e5b2cb313dbc0bd5e7079d6c11181ec7286816b0669f142249b80f89845a6c2db507bf39139ad3f60fd967966eaf7b26d7a30ff2adc565c78344368efd68518aa07df9a6af3c2390d4fb2b392c10a38703781a0e33f74642084b4cd0cb5de8f17d32c1f724318aa28acad974d8b4ac625eef99121f5a435209873e2089854f335bd1a61b2d32bff3f754bbcccb86f5dbc037225793f8596e076f107ef414b3f70e2146704be6ce3badf0434257dbf148563fda2358fd75c13aa84bb88c965c6f1a68e99c525b53b933b893656abcbf3e8ac6f6e735d03d059b71f910e62a7fe4fe807cd78c37a36c23f7036c3bf6221654dcd9c4132d35bfbd38facd3f540c92422e56ca385d934f94a83c3f95e845e45e462a9bc8c05d4bf6d9029c075d81b07bdd2b3f430028aa6a2a7ea298c9b657744edfb7bbc7243bc3887ed144b096427fc8b3063f47de1b99009b054f0e1e66c877ec51de79554db74a2f7603b71859681e1ac71f1350be9c7aaa6132501d8b91830a648859fa459ce04f1569594cc470a70dfa9c51d71c463472297bf7d1da5512c70abe9125aac10351b227f412d579d4f8a7c315a466ceb7d5036bbf062f5d414db1a62c34d06125909c91e92cb4da81eb8ab2412a913684cd190893203bc06ec12cd98230cc45a0711c341ed899140953bcfd7115d8edcd64c5d957c55953dcc99328a3a46ec391b2432d1bd6986664eb1b7014c9e368bc8663cb8658a3d3f06f57fa63fad34462f8f45da5c26aefe4c6ec1f6db2c5de91cdd85c62bd159fb5e5d1ee623cbe109ee7ae81313f383abdaf18000c578e9a72892ff85854094decfcc81b2ffbd562c29e772239c2041894a8290ee94f3c5555b6408e227f40c17fce816734369a77ac042fbb9f7ed39250bc1eff5c500a1e0377bec4e57f2467809abac002185b617dc36f92cd8271574fb87746e121faa5ec3d7dc3cb7c154e93e22b9f0958adb21b87a06053b183611e3871e331cfbe9b3a9968503e4c8ba373930ae5f593331974a5579e57c77c0d668aef5f98752720016d3ca329f999d13761e6b457df1d48fd4b58da8d4fd47a994c157af6df525e06d4091e1f632dd740884318e5d5038cb47513fa28f5730bbd8dc1b24d1c2d8cd7c762b01de34d30e6ccfcbc5d734d36d8a1b302dc46bb961b8c720991cf60b6140b23a5a44894151482c34535cc14c69440c88305eb9638a3b73426af7e907e9f023460681d204a432f71ea6b35451657f1be9d0fd2fa1eedbe12818fdfa0c4f54f9cf972f6f221710878e5239714939dd4bb6e5b28feed1b86d9029e1db25bfc83137eb0334ae943a197f09b2fd945d4624035dc24e534685b013fefc7f5275c7cbaf17ede42066c83c1cbdd776b9eeb5003c29d02bc32b06e305bbc11d9688b9e204e6f321d8ed47048808542372b72b49531b5ff736dc9de25fc59bdaed41d01b618e0bcac15c84bf342aec74077efa366f34bd33daec2cb3a8442770b8859cd7ea71a64b5e2cde96643e21a61cefdf4fb8189b7f85783a2c96ed235611a9a9d7b0bc835999760afb516ae0092f26857383e7c3caef90030f2d70f1934d04cf80c4fdca8bf87a7fbb1982083c3f2769360d923d20d05112f4edf9d3014d6e32f4d205a2572af04bfad75be4def3faba4d0cd39aa31b0d18a08853cb131861ccccd14c36575ebe9e4a209fd738074f974a54c40b44cde926daf8140d8842efb14f162b41ce56503eac236768a3ea12c8c38596f517192c38b831d1be8966e15a915e842c26a3dcd6b2e32741773572cfb30edd1e1896d474cb729a27fe82368f07860adcb4d064ff57e2e54066fca5cbd6109c9631ecb4e3a2e24116c637b1058f4a43fd677b142cdb02f187690802db06bd66e97711c6cbc49ffb90a3b623b3997257b22882fb96957204def7d5f65f377085b9cb032e37529acf5005f99c7717658a1a914ef814448d7ad12a5e84660f234444fb47c1469adffb44d0f9bb9d9447ebd7002f4d10decac52ea66ec7897322a6616bb8d3c76c93e441f03034ace497416cdbf453294d03e515177c6c7e550d300599d19a21e0a52888ef21f772dd50d6a60ff8f0d03581bb685eedb1fbab20035ae3ad224156c5115164e34f0c885aa506173e39b3b71a6b4307b3343d118711041af85c4a66ecd5026736fda3f7ae0211bcacd0ede3c53597cc4bc86a925548493ffb66151346ef6492ecc4617aee0e80b6a8b4e0f050b9b7c0b4ecc131a92a7fb09282072286d41f2df1c1e4effdb088b26468db53dce42f036ad17d06a4d25ee8f510ede66b1defcc49b601c0b58c407b1787dd7b8d77436784e3d2d64c12bdf58d7babbc98b4fb99bffb6c4070d98fa3281667bad9019161c0c90b45acd35b5c885969a7cbee2b405018af3a3fa5f00ad1b3df28c773ed7116b5b830dc5b1c4c7c075246cdf578521c4bfd3342c7cbfe1451554b62ad54c8068b3d706f8e0776610bf5ce2f54bca5cd20a6dda0d26a75e3f91d18b2b9e0456fad8c196be558112446da4c0ae58e6b797ff10e6dbd6862c996966af6c41d09b6ce4808cbb956efa5d3abe607c2bddaac0d1770cd97069f902a12387aaf835eb5a587f711e32599e2d16d12c21f431ea21f8e2fc5c541139d6934fa59d84b4490b184e3cd0bd91f86e9244dfe04d2a149e9d8f31181873f5df468c0dbab74dc62158c226d4bce2d2ffb2abfbc944d7b289a731d2a398a2919aa46aeae102e03ac9b0229a75a50a169f3eaf7a679b5579574528dad6f0bee581efeebbc9ae60136bf402fcfe960f329191669e81789d70d8ddd1dbae6fc5b44804befc1af1fd6e6825b107787c303cf5afc2536b78e4e73941f755c469e26b371dab0935dfb2b7d46a3c974123e1359ab55a10cf4aa208a0c92136ac8c15c744d93de311ffd0ac7e7c50e4e63574a0cfb873b938fa33f01299b98ef61c94fe086092d916021ab8ca7a84784188ab3c1d180d749cc14669dc22de2ac180a53d39698778e1516f642ef310530d9d0497fd7d011cf6c3f723244b922f5eec885e074dcf97385c12e79b48c2e3b5ab182a56307bfa0304e6190d3907a30ee0266d210fb7b797454f267e9dc1c4799fa1cab10cccd82bd3e1fc5817b0fda201cc50a3547c7dbd58d1029028af75ffc5800ff35f559f99c673fb7387005ac0064787b068493e13b8f0ecae064192068ec89c6e04ce4a4bd48dfc242c2cbfa073afb2a3705c536c8194f178ee9cc58b79316802d2996aebe9e5b341c80d37f741d1fd728c41d24fa65b0d6323d6e7e77153d63d69451c3a9721956c51b07d60a616b9b5236f9e8e847a9ca3eaa0b16e6e82a4bd65428825e15eecc33855929ee9e6eacdefa33813a01741429db99c804392eaaade2a35d1c70907643fd9ec2a94ca9e01642d6d5ec65e6407a5d74ec5cce7e599c5ad4cc31507d3b813549c541ea51bcb7ab726f239ef40728daa26d5687e5484f23bd9abc830711e60991e198bd8785e00b2695ce01ded15a75480bb34fa3be3e8335ccbe86d70a01f59c88e72ba5f56806c1057e78c945436aed516a3d9473a5c631382eb6a7993dfd8e52ba91f6240d9eeaf4d2b0e56ac47c7a264ab8a4ef152ebc4eec2faec36a0c873b6495fb257f18d63184bfc50a843c40ccd0673628ed92bc34bec1734eb35ff8557ac259cdafc66600e380689ba1d5929f991e20c687877db16736cb3dd9b3f641b51dab9c2696f7867d798335600d096b6801f81a028ff7383b5a9b80a64d36529950bd7c3e7c13b34a1748784b423c0219e349a57751d656791b771fec133ce6a59caf0452c9ec44eddced24e3c8c9524ff5bc234d9ee53e839a3cc6350b76ca67ba5b8bd0b6b1c2b1b2d5f642eb4a7bc1d22d6f65f1da82d54044138a8d7b26d43930188b2806cb9ded008b863020f74a79c1090d27b70153d019acd5bd9bdb53c11fa56f114fb58d211e91755a45185cd74d16f0db11a832e28676e5c456aa431fb2ea26dd0a91dc0c48b14e615c83836585312ad90272a8b4670d8a99d8512158e24cbd8173e7b3bd9c53a2dc805131f4894a0a946b2349b342bb6e7ddfa9da843857dc5cce35caa64e4a27a61cade4cb9dd8b5cd35a614d8adafb6437c7d7877d910ee2fb4e19dec30cdbe14cbad77d6b48410804fcd35536e0d8353183663857eabec713ace9e12d5b5b9f73a23decfe885688b4c3a5acc9910aa3ce2a7f0bea29b2d81202f4ff7ae5691ced37af39655096e7413ce43423929e3d1ade3b87bc233a23cd7b6f", 0x1000}], 0x8, 0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:07 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:07 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:07 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:07 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x60, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:07 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0xc, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:07 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_GET_XCRS(r1, 0x8188aea6, &(0x7f0000000100)={0x6, 0xffff, [{0x4}, {0x82ac, 0x0, 0xfffffffffffffff9}, {0x8, 0x0, 0xffffffff80000000}, {0x80000000, 0x0, 0x1}, {0xffff, 0x0, 0x70}, {0x7, 0x0, 0x8}]}) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r2, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r2, 0xc0406619, &(0x7f0000000040)={{0x7, 0x0, @identifier="42837b6293e9c8ad7d224bd70326814f"}}) fcntl$setstatus(r2, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r2, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r4 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x2, 0x2) dup3(r4, r2, 0x40000) [ 283.471400] x86/PAT: syz-executor.4:22463 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:07 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 283.562442] FAULT_INJECTION: forcing a failure. [ 283.562442] name failslab, interval 1, probability 0, space 0, times 0 [ 283.628991] CPU: 1 PID: 22463 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 283.635965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.645333] Call Trace: [ 283.647946] dump_stack+0x172/0x1f0 [ 283.651600] should_fail.cold+0xa/0x1b [ 283.655514] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 283.660644] ? lock_downgrade+0x880/0x880 [ 283.664824] __should_failslab+0x121/0x190 [ 283.669181] should_failslab+0x9/0x14 [ 283.673049] kmem_cache_alloc+0x2ae/0x700 [ 283.677215] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 283.682776] ptlock_alloc+0x20/0x70 [ 283.686425] pte_alloc_one+0x6d/0x1a0 [ 283.690233] __pte_alloc+0x2a/0x360 [ 283.693859] copy_page_range+0x151f/0x1f90 [ 283.698100] ? anon_vma_fork+0x371/0x4a0 [ 283.702164] ? find_held_lock+0x35/0x130 [ 283.706225] ? anon_vma_fork+0x371/0x4a0 [ 283.710290] ? vma_compute_subtree_gap+0x158/0x230 [ 283.715222] ? vma_gap_callbacks_rotate+0x62/0x80 [ 283.720072] ? pmd_alloc+0x180/0x180 [ 283.723816] ? __vma_link_rb+0x279/0x370 [ 283.727879] copy_process.part.0+0x543d/0x7a30 [ 283.732477] ? __cleanup_sighand+0x70/0x70 [ 283.736707] ? lock_downgrade+0x880/0x880 [ 283.740856] ? kasan_check_write+0x14/0x20 [ 283.745085] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 283.749953] _do_fork+0x257/0xfd0 [ 283.753443] ? fork_idle+0x1d0/0x1d0 [ 283.757178] ? fput+0x128/0x1a0 [ 283.760452] ? ksys_write+0x1f1/0x2d0 [ 283.764254] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 283.769004] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 283.773753] ? do_syscall_64+0x26/0x620 [ 283.777719] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.783074] ? do_syscall_64+0x26/0x620 [ 283.787068] __x64_sys_clone+0xbf/0x150 [ 283.791041] do_syscall_64+0xfd/0x620 [ 283.794866] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.800048] RIP: 0033:0x459a29 [ 283.803260] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.822154] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:07 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:08 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 283.829882] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 283.837146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 283.844434] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 283.851696] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 283.859223] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 283.880947] binder: BC_ATTEMPT_ACQUIRE not supported [ 283.887368] binder: 22478:22492 ioctl c0306201 200001c0 returned -22 [ 283.897306] x86/PAT: syz-executor.4:22463 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:08 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240), 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:08 executing program 4 (fault-call:9 fault-nth:42): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) [ 283.936051] x86/PAT: syz-executor.4:22463 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:08 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x78, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:08 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:08 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x1200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 284.092395] x86/PAT: syz-executor.4:22598 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:08 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240), 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:08 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socket(0x10, 0x2, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000240)=ANY=[@ANYBLOB="5ab8d318ce01001000", @ANYRES32=0x0], &(0x7f0000000180)=0x8) r5 = socket(0x10, 0x2, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r6, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r7, 0xffff, 0x6}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000280)={0x0, 0x4, 0x43, 0x7, 0x7f, 0x9, 0x0, 0x101, {0x0, @in6={{0xa, 0x4e24, 0x0, @mcast2, 0x1}}, 0xff, 0x2, 0x84, 0x8, 0x2}}, &(0x7f0000000340)=0xb0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snapshot\x00', 0x101040, 0x0) r8 = socket(0x10, 0x2, 0x0) r9 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r9, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r8, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r10, 0xffff, 0x6}, &(0x7f0000000140)=0xc) r11 = socket$inet6_tcp(0xa, 0x1, 0x0) r12 = fcntl$dupfd(r11, 0x0, r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r12, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r10, 0x1000}, &(0x7f00000003c0)=0x215) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000000)={r4, 0x4}, &(0x7f0000000040)=0x8) ioctl$ASHMEM_GET_NAME(r0, 0x81007702, &(0x7f0000000840)=""/4096) ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000200)={0xfffffffa, 0x36314d4e, 0x2, @stepwise={0x6, 0x7, 0x1, 0x0, 0x2, 0x6e4b}}) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r13, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 284.162152] FAULT_INJECTION: forcing a failure. [ 284.162152] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 284.213529] CPU: 0 PID: 22654 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 284.220509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.229879] Call Trace: [ 284.232487] dump_stack+0x172/0x1f0 [ 284.236146] should_fail.cold+0xa/0x1b [ 284.240055] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 284.245173] ? __might_sleep+0x95/0x190 [ 284.249164] __alloc_pages_nodemask+0x1ee/0x750 [ 284.253856] ? __lock_is_held+0xb6/0x140 [ 284.257938] ? __alloc_pages_slowpath+0x2870/0x2870 [ 284.262973] ? find_held_lock+0x35/0x130 [ 284.267059] ? find_held_lock+0x35/0x130 [ 284.271130] ? copy_page_range+0x124f/0x1f90 [ 284.275547] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 284.281106] alloc_pages_current+0x107/0x210 [ 284.285542] pte_alloc_one+0x1b/0x1a0 [ 284.289345] __pte_alloc+0x2a/0x360 [ 284.293073] copy_page_range+0x151f/0x1f90 [ 284.297296] ? anon_vma_fork+0x371/0x4a0 [ 284.301362] ? pmd_alloc+0x180/0x180 [ 284.305083] ? __vma_link_rb+0x279/0x370 [ 284.309154] copy_process.part.0+0x543d/0x7a30 [ 284.313751] ? __cleanup_sighand+0x70/0x70 [ 284.317989] ? lock_downgrade+0x880/0x880 [ 284.322148] ? kasan_check_write+0x14/0x20 [ 284.326386] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 284.331232] _do_fork+0x257/0xfd0 [ 284.334684] ? fork_idle+0x1d0/0x1d0 [ 284.338390] ? fput+0x128/0x1a0 [ 284.341663] ? ksys_write+0x1f1/0x2d0 [ 284.345501] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 284.350258] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 284.355007] ? do_syscall_64+0x26/0x620 [ 284.358972] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 284.364335] ? do_syscall_64+0x26/0x620 [ 284.368327] __x64_sys_clone+0xbf/0x150 [ 284.372323] do_syscall_64+0xfd/0x620 [ 284.376133] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 284.381319] RIP: 0033:0x459a29 [ 284.384527] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 284.403441] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:08 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x7c, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:08 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 284.411156] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 284.418420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 284.425687] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 284.432959] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 284.440220] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:08 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240), 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:08 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 284.506137] x86/PAT: syz-executor.4:22598 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:08 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 284.573527] x86/PAT: syz-executor.4:22598 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:08 executing program 4 (fault-call:9 fault-nth:43): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:08 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0xfc, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:08 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0xc, 0x0, &(0x7f0000000240)=[@free_buffer={0x4008630a}], 0x0, 0x0, 0x0}) 22:27:09 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 284.770146] binder: BC_ATTEMPT_ACQUIRE not supported 22:27:09 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x46800) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TCSETXF(r3, 0x5434, &(0x7f0000000000)={0x20, 0x6, [0x824, 0x0, 0xfff, 0x3, 0x7], 0x2}) [ 284.796100] binder: 22839:22842 ioctl c0306201 200001c0 returned -22 22:27:09 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 284.837797] x86/PAT: syz-executor.4:22852 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:09 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x103, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 284.882836] FAULT_INJECTION: forcing a failure. [ 284.882836] name failslab, interval 1, probability 0, space 0, times 0 [ 284.904195] CPU: 0 PID: 22852 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 284.911167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.920621] Call Trace: [ 284.923230] dump_stack+0x172/0x1f0 [ 284.926877] should_fail.cold+0xa/0x1b [ 284.930790] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 284.935901] ? lock_downgrade+0x880/0x880 [ 284.940048] __should_failslab+0x121/0x190 [ 284.944288] should_failslab+0x9/0x14 [ 284.948098] kmem_cache_alloc+0x2ae/0x700 [ 284.952245] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 284.957776] ptlock_alloc+0x20/0x70 [ 284.961459] pte_alloc_one+0x6d/0x1a0 [ 284.965282] __pte_alloc+0x2a/0x360 [ 284.968922] copy_page_range+0x151f/0x1f90 [ 284.973153] ? anon_vma_fork+0x371/0x4a0 [ 284.977251] ? pmd_alloc+0x180/0x180 [ 284.980961] ? __vma_link_rb+0x279/0x370 [ 284.985031] copy_process.part.0+0x543d/0x7a30 [ 284.989641] ? __cleanup_sighand+0x70/0x70 [ 284.993869] ? lock_downgrade+0x880/0x880 [ 284.998040] ? kasan_check_write+0x14/0x20 [ 285.002264] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 285.007116] _do_fork+0x257/0xfd0 [ 285.010572] ? fork_idle+0x1d0/0x1d0 [ 285.014306] ? fput+0x128/0x1a0 [ 285.017573] ? ksys_write+0x1f1/0x2d0 [ 285.021365] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 285.026122] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 285.030874] ? do_syscall_64+0x26/0x620 [ 285.034841] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.040193] ? do_syscall_64+0x26/0x620 [ 285.044178] __x64_sys_clone+0xbf/0x150 [ 285.048173] do_syscall_64+0xfd/0x620 [ 285.051980] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.057160] RIP: 0033:0x459a29 [ 285.060342] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:27:09 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:09 executing program 1: mq_open(&(0x7f0000001240)='eth0Aselinuxppp1\\\\\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x400000000000003, 0x0, 0x0, 0x9}) [ 285.079528] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 285.087236] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 285.094536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 285.101883] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 285.109143] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 285.116401] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:09 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x1) pwritev(r1, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r2, 0x0, &(0x7f0000000540)) 22:27:09 executing program 1: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x908, 0x1) ioctl$USBDEVFS_BULK(r0, 0x802c550a, &(0x7f0000000100)={{}, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 285.192308] x86/PAT: syz-executor.4:22852 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 285.231022] x86/PAT: syz-executor.4:22852 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:09 executing program 4 (fault-call:9 fault-nth:44): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:09 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:09 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:09 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x1f4, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) [ 285.433202] x86/PAT: syz-executor.4:23083 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:09 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:09 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000000)=""/52) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 285.494086] FAULT_INJECTION: forcing a failure. [ 285.494086] name failslab, interval 1, probability 0, space 0, times 0 [ 285.550497] CPU: 1 PID: 23083 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 285.557478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.566848] Call Trace: [ 285.569464] dump_stack+0x172/0x1f0 [ 285.573117] should_fail.cold+0xa/0x1b [ 285.577033] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 285.582160] ? lock_downgrade+0x880/0x880 [ 285.586346] __should_failslab+0x121/0x190 [ 285.590603] should_failslab+0x9/0x14 [ 285.594422] kmem_cache_alloc+0x2ae/0x700 [ 285.598588] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 285.603619] ? __vm_enough_memory+0x324/0x5a0 [ 285.608141] vm_area_dup+0x21/0x170 [ 285.611782] copy_process.part.0+0x3407/0x7a30 [ 285.616436] ? __cleanup_sighand+0x70/0x70 [ 285.616452] ? lock_downgrade+0x880/0x880 [ 285.624834] ? kasan_check_write+0x14/0x20 [ 285.629086] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 285.633953] _do_fork+0x257/0xfd0 [ 285.637429] ? fork_idle+0x1d0/0x1d0 [ 285.641334] ? fput+0x128/0x1a0 [ 285.644626] ? ksys_write+0x1f1/0x2d0 22:27:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:09 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) [ 285.648450] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 285.653220] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 285.657984] ? do_syscall_64+0x26/0x620 [ 285.662058] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.667439] ? do_syscall_64+0x26/0x620 [ 285.671429] __x64_sys_clone+0xbf/0x150 [ 285.671450] do_syscall_64+0xfd/0x620 [ 285.671471] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.671482] RIP: 0033:0x459a29 22:27:10 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r1, &(0x7f0000000080), 0x297ef) 22:27:10 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 285.671497] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 285.679245] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 285.679262] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 285.679270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 285.679279] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 285.679288] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 285.679297] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:10 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x300, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 285.962871] x86/PAT: syz-executor.4:23083 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 285.979220] x86/PAT: syz-executor.4:23083 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:10 executing program 4 (fault-call:9 fault-nth:45): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:10 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000200)="1af4f8d6bee8ecf78bcc59f5df747440cb6afe0036c6d761e7d888b47015cd20d4a121011c28ad44e06631104a346531e1edccd9e658c3000000fbffffff00002fa1040098ab288677ab7f3e2e1ea9515a1bd59bf0df313eef21c681372d29bc7d0fc39a3aeaacc8d0c37296abd77ba06064a49b7aa8de85d0613133ae02b7755463013f3c8410f9b6c1d1beb00fc50c55a2327c62081000002c78cb523620", 0x1}], 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") tee(r0, r1, 0x6, 0x0) io_setup(0x800, &(0x7f00000001c0)=0x0) io_setup(0x9, &(0x7f0000000380)=0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) io_submit(r3, 0x2000000000000142, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) io_submit(r3, 0x1, &(0x7f0000000180)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}]) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r9, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") mount$9p_fd(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x200000, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@nodevmap='nodevmap'}, {@cache_loose='cache=loose'}]}}) io_setup(0x9, &(0x7f0000000380)=0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) io_submit(r10, 0x1, &(0x7f0000000080)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r11, 0x0}]) io_submit(r10, 0x1, &(0x7f0000000180)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r11, 0x0}]) io_cancel(r10, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) io_cancel(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x596e812dc6fe6eb1, 0x0, 0xffffffffffffffff, 0x0, 0x339}, 0x0) io_submit(r3, 0x0, &(0x7f0000000540)) 22:27:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:10 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:10 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r1, &(0x7f0000000080), 0x297ef) 22:27:10 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x1200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x235, 0x2902) 22:27:10 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x301, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:10 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f0000000000)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 286.210359] x86/PAT: syz-executor.4:23341 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 286.273184] FAULT_INJECTION: forcing a failure. [ 286.273184] name failslab, interval 1, probability 0, space 0, times 0 [ 286.291353] CPU: 1 PID: 23341 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 286.298320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.307688] Call Trace: [ 286.310297] dump_stack+0x172/0x1f0 [ 286.313954] should_fail.cold+0xa/0x1b [ 286.317865] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 286.322982] ? lock_downgrade+0x880/0x880 [ 286.327155] __should_failslab+0x121/0x190 [ 286.331415] should_failslab+0x9/0x14 [ 286.335234] kmem_cache_alloc+0x2ae/0x700 [ 286.339389] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 286.344420] ? __vm_enough_memory+0x324/0x5a0 [ 286.348932] vm_area_dup+0x21/0x170 [ 286.352573] copy_process.part.0+0x3407/0x7a30 [ 286.357199] ? __cleanup_sighand+0x70/0x70 [ 286.361439] ? lock_downgrade+0x880/0x880 [ 286.365605] ? kasan_check_write+0x14/0x20 [ 286.369864] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 286.374732] _do_fork+0x257/0xfd0 [ 286.378206] ? fork_idle+0x1d0/0x1d0 [ 286.381937] ? fput+0x128/0x1a0 [ 286.385234] ? ksys_write+0x1f1/0x2d0 [ 286.389057] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 286.393825] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 286.398589] ? do_syscall_64+0x26/0x620 [ 286.402582] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.407961] ? do_syscall_64+0x26/0x620 [ 286.411957] __x64_sys_clone+0xbf/0x150 [ 286.415950] do_syscall_64+0xfd/0x620 [ 286.419769] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.424967] RIP: 0033:0x459a29 [ 286.428171] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.447076] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 286.454853] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 286.462133] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 22:27:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x235, 0x2902) 22:27:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x235, 0x2902) 22:27:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) [ 286.469415] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 286.476691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 286.483970] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 286.512284] x86/PAT: syz-executor.4:23341 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:10 executing program 4 (fault-call:9 fault-nth:46): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:10 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r1, &(0x7f0000000080), 0x297ef) 22:27:10 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:10 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x3e8, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 286.542646] x86/PAT: syz-executor.4:23341 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:10 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) fanotify_init(0x1, 0x40c06) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, 0x0}, &(0x7f0000000340)) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000540)={{}, {}, [], {}, [{0x8, 0x0, r2}]}, 0x10, 0x0) getgroups(0x4, &(0x7f0000000000)=[0x0, 0xee01, r2, 0xee00]) r4 = getegid() r5 = socket$alg(0x26, 0x5, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, 0x0}, &(0x7f0000000340)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000540)={{}, {}, [], {}, [{0x8, 0x0, r6}]}, 0x2c, 0x0) setresgid(r3, r4, r6) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000040)='./file0\x00', r0}, 0x10) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r7, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:10 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) [ 286.708734] x86/PAT: syz-executor.4:23477 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:11 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) [ 286.792093] FAULT_INJECTION: forcing a failure. [ 286.792093] name failslab, interval 1, probability 0, space 0, times 0 [ 286.831906] CPU: 1 PID: 23491 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 286.838872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.848232] Call Trace: [ 286.850830] dump_stack+0x172/0x1f0 [ 286.854484] should_fail.cold+0xa/0x1b [ 286.858398] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 286.863519] ? lock_downgrade+0x880/0x880 [ 286.867695] __should_failslab+0x121/0x190 [ 286.871943] should_failslab+0x9/0x14 [ 286.875752] kmem_cache_alloc+0x2ae/0x700 [ 286.879908] ? anon_vma_clone+0x320/0x480 [ 286.884082] anon_vma_fork+0xfc/0x4a0 [ 286.887891] ? dup_userfaultfd+0x15e/0x6c0 [ 286.892138] ? memcpy+0x46/0x50 [ 286.895433] copy_process.part.0+0x34e5/0x7a30 [ 286.900042] ? __cleanup_sighand+0x70/0x70 [ 286.904286] ? lock_downgrade+0x880/0x880 [ 286.908470] ? kasan_check_write+0x14/0x20 [ 286.912713] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 286.917571] _do_fork+0x257/0xfd0 [ 286.921040] ? fork_idle+0x1d0/0x1d0 [ 286.924762] ? fput+0x128/0x1a0 [ 286.928046] ? ksys_write+0x1f1/0x2d0 [ 286.931862] ? trace_hardirqs_on_thunk+0x1a/0x1c 22:27:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:11 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) 22:27:11 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) [ 286.938363] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 286.943124] ? do_syscall_64+0x26/0x620 [ 286.947115] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.952494] ? do_syscall_64+0x26/0x620 [ 286.956574] __x64_sys_clone+0xbf/0x150 [ 286.960564] do_syscall_64+0xfd/0x620 [ 286.964385] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.969574] RIP: 0033:0x459a29 [ 286.972759] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.991667] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 286.999375] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 286.999383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 286.999391] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 286.999399] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 286.999407] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 287.121308] x86/PAT: syz-executor.4:23491 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:11 executing program 4 (fault-call:9 fault-nth:47): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:11 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) 22:27:11 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x3ef, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:11 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = gettid() tkill(r2, 0x1000000000016) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x102, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@ipv4, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe8) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r7, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setreuid(0x0, r9) sendmsg$nl_netfilter(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x266c38a37187b444}, 0xc, &(0x7f0000000140)={&(0x7f0000000840)={0x15f4, 0x7, 0x6, 0x200, 0x70bd2b, 0x25dfdbfc, {0x5, 0x0, 0x2}, [@nested={0x106c, 0x49, [@generic, @generic="09224dad807ce8d81787fe41890e744cec15e8dab353", @typed={0x10, 0x67, @str='procem0-\x00'}, @typed={0x8, 0x34, @pid=r2}, @generic="88656eea22b9f8db24439b2944193cbcf3be6ec196a1", @generic="c709e98a9b38151fccd83d87152980ddc0adee66b4dbf7289716e77b185b8af640ac1417a33fee1ebb73fce8b2abfe53cb6940cffd816d51b7fd90ecea96e293278797fdc5b6d2f9e7661085ae6356572ca1d8a8e9860ef51349b4cad37e48b1374e2b84fbbb4d748d396aa5e06434ca542de3494bee7fff9f8f266b757fca7762819841d4ec8193cb2297112a8fcc30a907ebd387fbfd7dffc77cd4fca6dd9416aeceaf3d613c312f414835a2689b156b634cd25c4e2b75871c2349d2f73120db660c9134eb8fe81b91e854068d59ff6d24ccfd34a384aafadc79532214f978bf2b8fafa2b6ac4331b5eeecef5aabd7b2eb1784fd6fdd1609ed186820ac56990637a869b81409679dd8bb0111ea2038abe1d1937e99920e0c0c1a0a816c6e07b4da69c7e66c2df3320a88f8e3907d8ff56c8a0b4f84ef6e31b336ee8b09ebd5d39f189b1415efdbf1d24bc91af6f72b53cc7c3cf5d2cafd74cca6676ddb21e0c18cbf176a3e9c0b410b52df798cd304392237cfbf623f816a99bb04444491e0554b761b632fb71769f9e4941e01c6debc1fdf323c9cb08e5669ccc67d47c58288baaacf8f7520ffb3ebf0986aff8246853b43d34487ad0d3c38949c7e1f7e14fc49e70f93217501985594e2e42bcce56e0be774734efb789dd734c6fd97f4f29442e6e06c2664404990557755d0646de68f3aa9ed5465124c83a1004b1031c533cbc6a503a3ba77ec19da662ee72c61857f0ca0e168529dcb810d189817b30ec6886df7da84a8a50a1484650a5618284175d18423a04271ce056dc7428b3ba414e4542e7f660c54dc1cd6efe7662e2f70fde432d7d108ae49b268ed54bed2be343c5718750af296d5b253bc90edb8e18db0f274f36266332229876b3a038214b04d39db0ead80faf467816eaf43975d4a951a749cd0806e14f9e5cf2a0095ed65531da5e90e9598f466ef7b29d49ff124616393559d6a334867b6c417b2b0ba95b0bf3e8f91fc3b47a7dd7501b3e9d241df9233fd13211490bfc00a62aea32f67064cbb60f4e1c79b35e95e56cac89dfa7f156edb69a36307c664511d33647a1bb43e770b2985955494b84469e7269c28809d22f42e1942940f62ac5e600808c79210418c71506e2fb4d613a6f11620329285a19a5f2fa3828367a77904ced854d124743acfe37427bcf25d22ee63ee902b69519e5c7c1542f484f79b3dff356719669c47e038a68704b47ad775f67d9f06d0d5b10719fea3f0bcd428fef56cbcf777d9e12155983eaa216afbb89377813b59885ffd1cb2ae2b560c789b196afd62302e898cab724160c200c5222ce8bae2901278b40c0a649bcd5d564ab4607ee478cdd2f2a9ac3f9b462f50ebb6e9dccc7f7ea1ce1266d403ac22b993933f1eb7faf562b52a8a0e7553df0b288c5f4e473988571182383068fc66a61c4c5058a44ea5e4fb69574ff85fcf50a079eab65e8883ffb937c2cde9313763e8fc22e5108f31436a2fb19729f247d82b457613ae06838f87eaee45637ad4ab9be4ab631973f2c8fe9f7934d7fbbc77dd71b4678e7b12c8a0e130f7c8bd3e6d54b396b956d16cf558d4682f1c5bb3dec89e84b474ba4805997d0428951d4d918a83bd050dfdaa595aac23132855c62a412637e28e7b9a792392249eac7264f6375da75cd66ad8ee6c52f8ce841a3d73a6cb8968e1950800923bf425aa4d17be97e0612511fa051d6a4be2bcb7575d4b0e2c421170586c2f3826cbd5c6068133d300673715a78e2c22c807ce56715b6651f0ded4392c97c6e3243f84f4447ee0a016f2b26cec2297edaa779e20e3253b450d71b1bb38a4424e2fb1bf05bd7681015a0f9b769d1714fbf47e69ab5e33ea4cbb3d0178438d44647fc070583454f57b5bad7c606a6778714e85232ec1d19e7339de2a78884f5b6b62a73f992818efdc588c69a606863c4d3536c4b00c262693f1db165778c59b0e9b697892c9ba13e7d06616c4b646b95508acb8fea8c43fa8abb64f8baf980a89fd2fa77acfcfcaf8197a080702b5695c98b9e0900995535925edd3c52708356b8195ed537bb67a72db33a3ce7edce83838c3f9d924248cb4158067f6e6ac0d3669eed2788c805c407be8398849398d85d16476f731023ac64b82a3909e078c48d476322463e9f77fbced400568b5247156659f47f50aa00d89d1d5437f64d6a3f70e126c7e3970efa58c552a890a96ecfb6f4c06350e6138eb36dc1bf53ee52661c98115cd17c67e8bd9f5fc6da6436fef8d35c438407d82dbaaf4b5e8c179faaa7fed1f9567edebc49183781d6c4bc5c3b1a09e6879b969c70feaf129053f730f031ff6e7700e22b5d7eca688bc2fcabf32926ad9a1e6595de3151d4845cea3444e1033d2545f24530ecfc37d7797a9023106a23647ac3cad81098419cb554b8d90829dcf77ea06f0de44a4321c6109d4b1b149065a7e19f790a75d168376663d61581727b5af0f721b8e65a14006ba5a7c16283fb7c283785d76b423c35d1fa97010e95c2839986da7580d698d73de41a2fb4c62d690c30924ced50d68485f667b10ec5eb3a2816eafe2cf499cce2185b4c66acac9489c32b6fcae96b943bcb7d135538768e161a0224c84a92160ad2e3020f3713368b75c60132193338a67ae73817a4318e094748e16e0d880af237248a0d145d0acfb5c764dbb1d60bb7a7782b75e15e97a1378628588083e0034f179ae7e29d1bcc95fb74f2f34cd21ae8a308bc6bfce1d4206da437f85c0b71d29687dd20470c899037d875812d9e3f95142ca2ebb252305c816270f0a56198b8251408fc4f50adbe20635bc69cd2bfc734c437a041a414e7f0e555da3d0d97e13f55f01db665d5bc5c1a73dfdabc903e901f6e6f70aafdbfd8164796a8d1ff6d88a01197eaf815e85406d80159ef9f5732ff57602dd496cf6acf24db2f6a0812260553411ea68b701d5a5c97b56d33810582c52eb260ac3856b3f46e8233f14212ec86755c22f2ce443b3eb8b356a3424605483dd69b224a49d667bd7b7a5e0cd4eba7684e4256a6649d19644af23a73284b51e0bb5c05287b2a0d7c6b44cb7e9c488ed6c7622654a547e7ac6ed6562fe738f7b95ef4f48a355b4bcd5773c103cc0f4c4063c50f8ecfa902c40febb619d17881239f15b8c2b86f6a5c55d9fa6abf2e032a7748eeb14b30751144ac9298fa14827ffd218c0b2ceadbe799997ea2f05b61c1ceb749f31942b9da371741dcd242831553b8ab06a958525b59455cc34efa42d2da4465d5c07057e44bfd8ad865a28d09068b6713ccae59f9c77a8cda62578fcd080f640fc9d0909d0285ddee27b777ce9c1f9dad28f3a460a81102db526806c09aeaa8221fb1f63094643e9853117258f8f5a9dd33c501d78fe14abd71fadb6596d2cbc49737274e31f170b5bdd3b182a2665941948191a3313d1a95bf8ef80e85352f20984603791097104881f1710564dd8c28896d8289c269b93921e6600affea6aca9b67747f060dfeb83bd3a38dce7d1c58603db68acf0222daa3de8cde3e6edb8037842130681d816286250f61c2288074e9a3b0f8f157fbba23d1f71f8bc9c777801fde18b9a47221bbbcc75eb392d7b797413b05e5b8e9e854af62da21ed58d2ef1ed97fe988ea70efe1e605251a90f73841610d55d4b5afec6eaecc59b44987872864e6cc8731b1ae9a07d1712cf754f51fbaddaaaa771d3417c53e3471dbe9c7acd38f2d485f92fab0c7876b989a804867589f0293c1c73864b95d511ede0dd40bc66bb71f488dbcd96b093a3da22683bc0246b84a03a6bb1124d0293de6769bf129570064be101884bdba6f217d75e49ca495bd01e923251876dd2857abd053c82645e065bc0f3e6a1436a62234b490f314eff9540ad3a3d34bf1c0252370f57991f18d09754b2605cf383a439746aa35008c75338c2dab150bc6d3e88d25bcc1502fdf5777d2f31b9b56148053fcd2cbed359c8aa83e30f7fd3b23c321a760aa054af1abd2bb50d5d301ffdab00142497b3f49e3f3999ef31c6d5e13cbec37bd62b5b9e86dafc47ede9bfdd5cf666253000e804b2a321d105bd688bb1000a7aef9e1f4fc77495fc73d28f6ef88754219f82cc47a0b9e9d4d83a1cbc17e6af0904b949c8d6c2779c56dcfe8b822aaac2e059de643f9aae53ca67308ae4d6bf7245914dc86282b5e32efb0efc6eb1f7a4061c168134000782f45489517538d37eacd48f9eb9a3c3497616fc2d224ef95659fa6372b232e0a19dfbb1961e6cbfbc84156d17a09c8b75565fe581966c802872cc33e979f24da2e04447d59743f8cbdbe1123857c0e1f2c1a60a4500106934f4b1289888099c953268b407f4aef64474ae3339b32e411d485cba8401b81d51724d44d14868699edb40160cb6ae7957379d34cdb4679ce9e54de85de98a58fe8b6640da5a29181cb8e6a55c55d5f76407bb9a3027cd5eed46f1f696062b751e2b4ef9aeed4cbe8b2915f064fb267941b99e1b5aeeafb807342b8bc6cc8a6bc61ada179523d58961881c784223fa9c31114c2152805a834ed1e179ff003327bb201f3bf43a36c3323711432cbb0a2bc4dcf8f09c7b63ac14fa6a0e13f979be48089cfeccba2d290fdf4b28ea0d008fb5bd156c57fb8d007651319f8bb887a87fe0ef9a0e510c4d9dc259f2c3e9002b92bde2d37fca7a7b987e87375eadf58cc31436b230ca8a12695f932c8503064deb9853b884587cf03ed99ccbd7533ebe2792734374e6ee6c76dd645f0cbc1010b7718a1ddc26fbc8c6925ee550802052c960fff16c8f8f18eca6528c703045576d01885bb758895bd1d1192eaa9b2301b537618445b40addddc0f92d29b07c351672da68b7daa25a1bbb49139b65104b10f5ae3c5a94889feace0a0dc7848f0641f175799e70201c764a48fad4398920cd31fa51d4f5a12b890b396d2a000aae17593f6e0368cf333704c67f3bb30f2cca47a94090556438854e162725faa882c3025265d58e31c97febded7aa14b7c36f0f9b7aacf1a9e1cadd82bb836278faed112db8fd9007f07b98d1556074e0a532aed4630780d2fd6fed08d8ac9780733997a4d46bd38ed488805cc14fd3fc5da6e6fbc66ab7381d8e398b33e94412fa423d008ae4107163c2d5c2e6f6793c388283a47496cf749da90ad9347c9379ec2dab7237492d7081da93b1988c8199794c1f2a20e3c1f51f8d3a86212359916775646b9a3873f528253a7b7e2ee1cecea763b7acb01f4341355cd255c94ade6783ae297bf1c230718538b768f652dd8e91a73250d3c7883cd55df0a450a930ee2889cc2a78a2548f727a02d073557528d96553ee5c4f275b5d4cf42b7b622d51e66863032f400e6c6db1d9ddf3b0656e9d9d19e788aa1892529c6321faa5b1e9d5bc30edfa0675f8b2ac5781bbb78a331a0d4d22f2345439278ddcfe106ba0a4812b9e70de6b2ce7f7dafc1bd12556c87cd595708e99fd9eb4d4a846ce4f62b21abc5353c1f8b7af6ebfd917eb71ec92db32d80edcf15e0f261bc886cff6a5cff66457233e114a0d1b304138e172203c00645da202d33fdae16ebf369b93ce85129fd7ae795fb233f92a055d746117b9fae9a7df8126df6c058a99883a3ef1853f328094d3ace709d3934123d6e99ca8c782a0950a80db1c18d8c428983ba94b8f1a02eaa95d225a0eee8b9b4073abe625890d12de827f32506ca72b80f08a8c9bb4ce0ac8feaa4217a65f90918cae3e4694a4be98b7dff83a77bea16283b7a75f1216b857a8c78edd9b96385a84c67e1b", @typed={0x4, 0x6c}, @typed={0x8, 0x4, @fd=r3}, @generic="01211579a81acbce3b6affc062", @typed={0x8, 0x88, @fd}]}, @generic="da828df07b5c79646bdaa409ead69fe3e1daa8f87028fbaf9bd77dcac85ea3100ebafb2309edd061e65ad3a538c97691a8c85a3d2f0e0a98f0756b0e654266b27d406d845defa2875c5af7fa748cf0f389a241c8708f0177777409e3a7176348499114adc8beb74fd5ca53", @nested={0xf4, 0x8a, [@typed={0x8, 0x5e, @uid=r6}, @typed={0x8, 0x4, @fd=r7}, @generic="399c738d8912dc43a7fb70084ea0a93d64ba47f8afdf45f39d197749a20e77bf09da80ab75a44385de2384903192c0986c54a79f392515e7e8013dc235ab5a46a19ea8e5aa282e01dd94340109d0dbaa162adacf8596521c860ab9f24cf61a2bd49cab", @generic="f838559769af4b7a9f3b632aa2473b342fbb205d42a79639def5ee2ac3761184fa0ba0f112ece2ca560fc847daa86f0a6c6e5911711ea512d7c8dc68af98a73f7faec82d0e29a3a05c03e4ee8c9aec07695bec2ee93e6e5a62", @typed={0x14, 0x36, @ipv6=@mcast2}, @typed={0xc, 0x6b, @u64=0x7}, @typed={0x4, 0x4e}]}, @nested={0x160, 0x89, [@generic="0de0559c52be7c99c26f08a0ecc264f745341eeb6f6efc5a3df711650b85d3afe8d5c45885f9b8f3247afbea323c676b4913d9c50ad4c4bdb3399534591e5df68c7e34edac45a0fff2b438d9dc11", @generic="6dd8ac34f3384b408c7a8d8ea9298655343d3fb315c52900159c7282dca17b3b13178e8b67169beb5e3cf2d3f398f7186fe17c7fe1e16962d58fcc63d7abbbab79625fda4060624884165321ea11272c69e883845bc97bdae4ddb2aeadc46e3248ffa38798a32812ebc49e2de46fdaf6ce378380aa073f9045fb034c0eb9e517519df9a98f56f30b51ed9de1337fa4186c5d8af45caeee22d020d3e3a2dc928a084acf8b1392d3581c63e0317cf7f427125f98d11bb6a111d61c91f2c3f8b9ef544d2ecff5c960e138063976c8b7233ec1db4da851a2f1dc4f046f3a7ebcfc606c0c648a1c23c26e4499", @typed={0x14, 0x15, @ipv6=@local}, @typed={0x4, 0x2e}, @typed={0xc, 0x45, @u64}, @generic]}, @typed={0xc, 0xa, @u64=0x80000001}, @nested={0x21c, 0x7e, [@typed={0x8, 0x8f, @ipv4=@remote}, @typed={0x14, 0x7e, @ipv6=@mcast1}, @generic="12fc226efb200a76e4e1c0614b611702960ea2cab7f2cacfbb4f5b6ac617b85cd34bb68ef4dc887d4904846585ad408af01f2c17983ad8613e33ee068c1be95a52b930805e2eee55f519460dbe57eb36ed2cea47dcc7a4a991281277fd7b064890b978e0e91bbe4b4c9df776a4e1fc3238e5", @typed={0xc, 0x44, @u64=0x8001}, @generic="5ee4c159af3a5db93438bb43fee4ad900dc0aaf5cf86697caffba1a2d02cbaa36169e308d8d959881289eedf85eddea0d8520bc939362e6b3b2901479f61f18bd78e82136f7af982062126823454b9d4df754ddc121f052f3f27dc5373fc39fcb11f885c8afcdff317438ec694863d93351e653546118a6cbf64f23f977764", @typed={0x14, 0x42, @ipv6=@rand_addr="4a0d77d46051ba6c953e9a634222882f"}, @generic="5024f08d9a1ddcdde25de9e72810d17e04b85c1c13f0edc4db764e", @typed={0x8, 0x30, @uid=r9}, @generic="6fa5134aef7828a421f44a1eff01d4e876bc662d221f4b105b973df98909086d64a92237f0953f97b73b3972ae4efa047925dd609077831b6773e58239a3580b40c4650539a2255ebb1bd5b59add3090da5853cd0175c2638f45ed37b0ee1a2a25d43fc444165523752b701881a56fb1c25112cb1b0cc7a76fd050042dce42a5904c855db0a91f24ff3ade95f456588bed8292669b8a55ced643fde08a37f128d65b0d9402bb2882b376f6658cdf37eea998849d6bb0c5addc2f1ffd6e4ad8484ba4f302b4b96791"]}, @generic="7293ec014fdda8f4ec4377f4d663a994a349cc164df7496f50cd94da855c9f42737a99531bb888bbb060b8fbb965a9c1bf606aa10ba4e1af430965f6c2ba376531472c139ddb1828a26437e28cd20ecc02a503d7eec5674ae8db105dedce06c893406a246532301b9e17ff978466700bd4a19bd4c583b4a03d089a7756", @typed={0x10, 0x18, @str='^mime_type\x00'}]}, 0x15f4}, 0x1, 0x0, 0x0, 0x4044000}, 0x44) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) [ 287.167521] x86/PAT: syz-executor.4:23491 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:11 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:11 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) 22:27:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:11 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x4d8, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 287.322554] x86/PAT: syz-executor.4:23714 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 287.373905] FAULT_INJECTION: forcing a failure. [ 287.373905] name failslab, interval 1, probability 0, space 0, times 0 [ 287.392257] CPU: 0 PID: 23714 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 287.399202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.408550] Call Trace: [ 287.408574] dump_stack+0x172/0x1f0 [ 287.408596] should_fail.cold+0xa/0x1b [ 287.408613] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 287.408629] ? lock_downgrade+0x880/0x880 [ 287.427936] __should_failslab+0x121/0x190 [ 287.432185] should_failslab+0x9/0x14 [ 287.436002] kmem_cache_alloc+0x2ae/0x700 [ 287.440154] ? anon_vma_clone+0x320/0x480 [ 287.444322] anon_vma_fork+0x1ea/0x4a0 [ 287.448216] ? dup_userfaultfd+0x15e/0x6c0 [ 287.452470] copy_process.part.0+0x34e5/0x7a30 [ 287.457089] ? __cleanup_sighand+0x70/0x70 [ 287.461333] ? lock_downgrade+0x880/0x880 [ 287.465500] ? kasan_check_write+0x14/0x20 [ 287.469851] ? __mutex_unlock_slowpath+0xf8/0x6b0 22:27:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 287.474712] _do_fork+0x257/0xfd0 [ 287.478181] ? fork_idle+0x1d0/0x1d0 [ 287.481904] ? fput+0x128/0x1a0 [ 287.485210] ? ksys_write+0x1f1/0x2d0 [ 287.489012] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 287.493764] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 287.498512] ? do_syscall_64+0x26/0x620 [ 287.502470] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.507821] ? do_syscall_64+0x26/0x620 [ 287.511791] __x64_sys_clone+0xbf/0x150 [ 287.515768] do_syscall_64+0xfd/0x620 [ 287.519564] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.524748] RIP: 0033:0x459a29 [ 287.527941] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.546849] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 287.554565] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 287.561846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 22:27:11 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) [ 287.569134] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 287.576397] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 287.583665] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:11 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 287.616776] x86/PAT: syz-executor.4:23714 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 287.654132] x86/PAT: syz-executor.4:23714 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:12 executing program 4 (fault-call:9 fault-nth:48): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:12 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:12 executing program 1: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) 22:27:12 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x500, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 287.852078] x86/PAT: syz-executor.4:23859 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 287.913098] FAULT_INJECTION: forcing a failure. [ 287.913098] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 287.936350] CPU: 0 PID: 23901 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 287.943313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.952674] Call Trace: [ 287.955280] dump_stack+0x172/0x1f0 [ 287.958923] should_fail.cold+0xa/0x1b [ 287.962830] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 287.967937] ? __might_sleep+0x95/0x190 [ 287.971900] __alloc_pages_nodemask+0x1ee/0x750 [ 287.976563] ? __alloc_pages_slowpath+0x2870/0x2870 [ 287.981564] ? save_stack+0x45/0xd0 [ 287.985174] ? kasan_kmalloc+0xce/0xf0 [ 287.989044] ? kasan_slab_alloc+0xf/0x20 [ 287.993093] ? __lock_acquire+0x6ee/0x49c0 [ 287.997331] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 288.002872] alloc_pages_current+0x107/0x210 [ 288.007273] pte_alloc_one+0x1b/0x1a0 [ 288.011059] copy_huge_pmd+0x7d/0x620 [ 288.014848] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 288.020372] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 288.025907] copy_page_range+0x7a1/0x1f90 [ 288.030055] ? anon_vma_fork+0x371/0x4a0 [ 288.034122] ? find_held_lock+0x35/0x130 [ 288.038180] ? anon_vma_fork+0x371/0x4a0 [ 288.042234] ? lock_downgrade+0x880/0x880 [ 288.046394] ? pmd_alloc+0x180/0x180 [ 288.050106] ? __vma_link_rb+0x279/0x370 [ 288.054165] copy_process.part.0+0x543d/0x7a30 [ 288.058764] ? __cleanup_sighand+0x70/0x70 [ 288.062981] ? lock_downgrade+0x880/0x880 [ 288.067139] ? kasan_check_write+0x14/0x20 [ 288.071359] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 288.076189] _do_fork+0x257/0xfd0 [ 288.079628] ? fork_idle+0x1d0/0x1d0 [ 288.083349] ? fput+0x128/0x1a0 [ 288.086636] ? ksys_write+0x1f1/0x2d0 [ 288.090437] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 288.095177] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 288.099918] ? do_syscall_64+0x26/0x620 [ 288.103879] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.109227] ? do_syscall_64+0x26/0x620 [ 288.113188] __x64_sys_clone+0xbf/0x150 [ 288.117153] do_syscall_64+0xfd/0x620 [ 288.120955] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.126129] RIP: 0033:0x459a29 [ 288.129308] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 288.148190] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 288.155882] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 288.163131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 288.170395] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 288.177653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 288.184922] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 288.221998] x86/PAT: syz-executor.4:23901 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 288.233267] x86/PAT: syz-executor.4:23901 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:14 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:14 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) 22:27:14 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x598, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:14 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:14 executing program 5: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x4) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x9, 0x2000) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000200)=ANY=[@ANYBLOB="05000000e007754f524ef41427e96fd5d7ec7a368832ae7feb15a2ac0e88b849bfd04977bd5f879e8e0034f0c01aedaf8ca70b86dd387879027a57e23177085002ca850501", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000180)=0x18) io_submit(r1, 0x0, &(0x7f0000000540)) ioctl$sock_rose_SIOCRSCLRRT(0xffffffffffffffff, 0x89e4) unshare(0x10000800) 22:27:14 executing program 4 (fault-call:9 fault-nth:49): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:14 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) [ 290.339467] x86/PAT: syz-executor.4:23978 freeing invalid memtype [mem 0x00001000-0x00001fff] 22:27:14 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x5c8, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 290.394018] FAULT_INJECTION: forcing a failure. [ 290.394018] name failslab, interval 1, probability 0, space 0, times 0 [ 290.410599] CPU: 0 PID: 23978 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 290.417558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.426916] Call Trace: [ 290.429519] dump_stack+0x172/0x1f0 [ 290.433277] should_fail.cold+0xa/0x1b [ 290.437158] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 290.442247] ? lock_downgrade+0x880/0x880 [ 290.446401] __should_failslab+0x121/0x190 [ 290.450632] should_failslab+0x9/0x14 [ 290.454424] kmem_cache_alloc+0x2ae/0x700 [ 290.458572] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 290.464112] ptlock_alloc+0x20/0x70 [ 290.467737] pte_alloc_one+0x6d/0x1a0 [ 290.471522] copy_huge_pmd+0x7d/0x620 [ 290.475328] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.480846] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.486379] copy_page_range+0x7a1/0x1f90 [ 290.490517] ? anon_vma_fork+0x371/0x4a0 [ 290.494575] ? find_held_lock+0x35/0x130 [ 290.498626] ? anon_vma_fork+0x371/0x4a0 [ 290.502669] ? lock_downgrade+0x880/0x880 [ 290.506814] ? pmd_alloc+0x180/0x180 [ 290.510510] ? __vma_link_rb+0x279/0x370 [ 290.514566] copy_process.part.0+0x543d/0x7a30 [ 290.519153] ? __cleanup_sighand+0x70/0x70 [ 290.523384] ? lock_downgrade+0x880/0x880 [ 290.527530] ? kasan_check_write+0x14/0x20 [ 290.531743] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 290.536574] _do_fork+0x257/0xfd0 [ 290.540011] ? fork_idle+0x1d0/0x1d0 [ 290.543715] ? fput+0x128/0x1a0 [ 290.546987] ? ksys_write+0x1f1/0x2d0 [ 290.550772] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 290.555511] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 290.560249] ? do_syscall_64+0x26/0x620 [ 290.564231] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.569585] ? do_syscall_64+0x26/0x620 [ 290.573555] __x64_sys_clone+0xbf/0x150 [ 290.577523] do_syscall_64+0xfd/0x620 [ 290.581313] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.586518] RIP: 0033:0x459a29 [ 290.589712] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.608599] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 290.616292] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 290.623552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 290.630813] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 290.638066] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 22:27:14 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 290.645328] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:15 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:15 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x8b) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000)="199d8c1302c446f84967320d4b53385adf21d57afd795805b2785a0fd413d27fe3960102ab4f1c75bdcb2606aed2df3cf6b52bebd54305a1e8015fd41cfce40aa6eab701065d8e8764407a74", 0x4c, 0xc00}]) [ 290.726529] x86/PAT: syz-executor.4:23970 freeing invalid memtype [mem 0x00000000-0x00000fff] [ 290.750916] x86/PAT: syz-executor.4:23970 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:15 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:15 executing program 4 (fault-call:9 fault-nth:50): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:15 executing program 1: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x235, 0x2902) 22:27:15 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:15 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080), 0x297ef) 22:27:15 executing program 5: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x800, 0x0) getsockname$netlink(r0, &(0x7f0000000040), &(0x7f0000000100)=0xc) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r1, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000140)) fcntl$setstatus(r1, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r2, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:15 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x600, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 290.959958] x86/PAT: syz-executor.4:24213 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 290.981643] FAULT_INJECTION: forcing a failure. [ 290.981643] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 291.005781] CPU: 1 PID: 24213 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 291.012740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.022093] Call Trace: [ 291.022114] dump_stack+0x172/0x1f0 [ 291.022138] should_fail.cold+0xa/0x1b [ 291.022156] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 291.022175] ? __might_sleep+0x95/0x190 [ 291.022193] __alloc_pages_nodemask+0x1ee/0x750 [ 291.045950] ? copy_huge_pmd+0x415/0x620 [ 291.050009] ? __alloc_pages_slowpath+0x2870/0x2870 [ 291.055037] ? lock_downgrade+0x880/0x880 [ 291.059171] ? pmd_pfn+0x12e/0x1d0 [ 291.062701] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 291.068233] alloc_pages_current+0x107/0x210 [ 291.072635] pte_alloc_one+0x1b/0x1a0 [ 291.076435] __pte_alloc+0x2a/0x360 [ 291.080051] copy_page_range+0x151f/0x1f90 [ 291.084281] ? anon_vma_fork+0x371/0x4a0 [ 291.088333] ? find_held_lock+0x35/0x130 [ 291.092382] ? anon_vma_fork+0x371/0x4a0 [ 291.096435] ? lock_downgrade+0x880/0x880 [ 291.100576] ? pmd_alloc+0x180/0x180 [ 291.104278] ? __vma_link_rb+0x279/0x370 [ 291.108335] copy_process.part.0+0x543d/0x7a30 [ 291.112931] ? __cleanup_sighand+0x70/0x70 [ 291.117169] ? lock_downgrade+0x880/0x880 [ 291.121310] ? kasan_check_write+0x14/0x20 [ 291.125533] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 291.130366] _do_fork+0x257/0xfd0 [ 291.133838] ? fork_idle+0x1d0/0x1d0 [ 291.137564] ? fput+0x128/0x1a0 [ 291.140843] ? ksys_write+0x1f1/0x2d0 [ 291.144646] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 291.149395] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 291.154139] ? do_syscall_64+0x26/0x620 [ 291.158103] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.163453] ? do_syscall_64+0x26/0x620 [ 291.167417] __x64_sys_clone+0xbf/0x150 [ 291.171381] do_syscall_64+0xfd/0x620 [ 291.175176] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.180348] RIP: 0033:0x459a29 [ 291.183538] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.202426] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 291.210122] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 291.217380] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 291.224636] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 291.231891] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 291.239155] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:15 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 291.360936] x86/PAT: syz-executor.4:24213 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:15 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) write$P9_RCLUNK(r0, &(0x7f0000000000)={0x7, 0x79, 0x1}, 0x7) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:15 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 291.424996] x86/PAT: syz-executor.4:24213 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:15 executing program 4 (fault-call:9 fault-nth:51): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:15 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x297ef) 22:27:15 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0800b5055e0bcfe87b0071") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:15 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x700, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:15 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r3, 0x40045731, &(0x7f0000000000)=0x10000) [ 291.646627] x86/PAT: syz-executor.4:24359 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 291.685817] FAULT_INJECTION: forcing a failure. [ 291.685817] name failslab, interval 1, probability 0, space 0, times 0 [ 291.712318] CPU: 1 PID: 24359 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 291.719279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.728643] Call Trace: [ 291.731248] dump_stack+0x172/0x1f0 [ 291.734898] should_fail.cold+0xa/0x1b [ 291.738800] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 291.743931] ? lock_downgrade+0x880/0x880 [ 291.748079] __should_failslab+0x121/0x190 [ 291.752313] should_failslab+0x9/0x14 [ 291.756101] kmem_cache_alloc+0x2ae/0x700 [ 291.760235] ? pmd_pfn+0x12e/0x1d0 [ 291.763770] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 291.769303] ptlock_alloc+0x20/0x70 [ 291.772918] pte_alloc_one+0x6d/0x1a0 [ 291.776728] __pte_alloc+0x2a/0x360 [ 291.780351] copy_page_range+0x151f/0x1f90 [ 291.784578] ? anon_vma_fork+0x371/0x4a0 [ 291.788635] ? find_held_lock+0x35/0x130 [ 291.792692] ? anon_vma_fork+0x371/0x4a0 [ 291.796751] ? lock_downgrade+0x880/0x880 [ 291.800893] ? pmd_alloc+0x180/0x180 [ 291.804616] ? __vma_link_rb+0x279/0x370 [ 291.808668] copy_process.part.0+0x543d/0x7a30 [ 291.813261] ? __cleanup_sighand+0x70/0x70 [ 291.817499] ? lock_downgrade+0x880/0x880 [ 291.821667] ? kasan_check_write+0x14/0x20 [ 291.825907] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 291.830748] _do_fork+0x257/0xfd0 [ 291.834196] ? fork_idle+0x1d0/0x1d0 [ 291.837901] ? fput+0x128/0x1a0 [ 291.841170] ? ksys_write+0x1f1/0x2d0 [ 291.844966] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 291.849718] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 291.854473] ? do_syscall_64+0x26/0x620 [ 291.858438] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.863791] ? do_syscall_64+0x26/0x620 [ 291.867777] __x64_sys_clone+0xbf/0x150 [ 291.871757] do_syscall_64+0xfd/0x620 [ 291.875645] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.880828] RIP: 0033:0x459a29 [ 291.884012] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.902899] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:16 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 291.910604] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 291.917858] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 291.925113] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 291.932372] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 291.939625] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 291.958334] x86/PAT: syz-executor.4:24359 freeing invalid memtype [mem 0x00000000-0x00000fff] 22:27:16 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, &(0x7f0000000000)={{0x6, 0x0, @identifier="c9d044bc7911cfe1b0406eec10ec794d"}}) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0xffffffff, &(0x7f0000000100)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:16 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 291.992012] x86/PAT: syz-executor.4:24359 freeing invalid memtype [mem 0x00002000-0x00002fff] 22:27:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:16 executing program 4 (fault-call:9 fault-nth:52): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:16 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x297ef) 22:27:16 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x763, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) 22:27:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:16 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0x3, 0x8bf6558023625c93) 22:27:16 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) [ 292.232713] FAULT_INJECTION: forcing a failure. [ 292.232713] name failslab, interval 1, probability 0, space 0, times 0 [ 292.370697] CPU: 1 PID: 24499 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 292.377674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.387033] Call Trace: [ 292.387054] dump_stack+0x172/0x1f0 [ 292.387078] should_fail.cold+0xa/0x1b [ 292.393276] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 292.393293] ? lock_downgrade+0x880/0x880 [ 292.393320] __should_failslab+0x121/0x190 [ 292.393340] should_failslab+0x9/0x14 [ 292.393355] kmem_cache_alloc+0x2ae/0x700 [ 292.393370] ? pmd_alloc+0x180/0x180 [ 292.393390] vm_area_dup+0x21/0x170 [ 292.393404] copy_process.part.0+0x3407/0x7a30 [ 292.393442] ? __cleanup_sighand+0x70/0x70 [ 292.406530] ? lock_downgrade+0x880/0x880 [ 292.414537] ? kasan_check_write+0x14/0x20 [ 292.414553] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 292.414574] _do_fork+0x257/0xfd0 [ 292.414593] ? fork_idle+0x1d0/0x1d0 [ 292.414607] ? fput+0x128/0x1a0 [ 292.414623] ? ksys_write+0x1f1/0x2d0 [ 292.430644] ? trace_hardirqs_on_thunk+0x1a/0x1c 22:27:16 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:16 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x900, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 292.430658] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 292.430674] ? do_syscall_64+0x26/0x620 [ 292.443259] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.443279] ? do_syscall_64+0x26/0x620 [ 292.485072] __x64_sys_clone+0xbf/0x150 [ 292.489067] do_syscall_64+0xfd/0x620 [ 292.492891] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.498085] RIP: 0033:0x459a29 [ 292.501286] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 292.520195] RSP: 002b:00007ff46cd7bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 292.527920] RAX: ffffffffffffffda RBX: 00007ff46cd7bc90 RCX: 0000000000459a29 [ 292.535194] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 292.542473] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 292.549752] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd7c6d4 [ 292.557025] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 22:27:16 executing program 4 (fault-call:9 fault-nth:53): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00\a\x13', 0x275a, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil) clone(0x0, 0x0, 0x0, 0x0, 0x0) 22:27:16 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008910, &(0x7f0000000000)="0800b5055e0bcfe87b0071") fcntl$setstatus(r0, 0x4, 0x4c000) io_setup(0x40000100000001, &(0x7f00000001c0)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r3 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x4000, r0, &(0x7f0000000000), 0x0, 0xc04, 0x0, 0x3, r3}]) 22:27:16 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:16 executing program 0: inotify_add_watch(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x297ef) 22:27:16 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) 22:27:16 executing program 2: r0 = socket$inet6(0xa, 0x100000003, 0x3a) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x987, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1c) [ 292.728176] x86/PAT: syz-executor.4:24732 freeing invalid memtype [mem 0x00001000-0x00001fff] [ 292.771815] FAULT_INJECTION: forcing a failure. [ 292.771815] name failslab, interval 1, probability 0, space 0, times 0 [ 292.811359] CPU: 1 PID: 24732 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 292.818440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.827804] Call Trace: [ 292.830408] dump_stack+0x172/0x1f0 [ 292.834049] should_fail.cold+0xa/0x1b [ 292.837941] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 292.837958] ? lock_downgrade+0x880/0x880 [ 292.837983] __should_failslab+0x121/0x190 [ 292.847219] should_failslab+0x9/0x14 [ 292.847235] kmem_cache_alloc_trace+0x2cc/0x760 [ 292.847252] ? __init_cache_modes+0x260/0x260 [ 292.864417] ? follow_phys+0x276/0x360 [ 292.868330] reserve_memtype+0x1e1/0x880 [ 292.872403] ? lock_downgrade+0x880/0x880 [ 292.876570] ? pat_init+0x4b0/0x4b0 [ 292.880197] ? __init_cache_modes+0x260/0x260 [ 292.884695] ? do_raw_spin_unlock+0x57/0x270 [ 292.889136] reserve_pfn_range+0x1b3/0x500 [ 292.893382] ? arch_io_reserve_memtype_wc+0xa0/0xa0 [ 292.898407] ? save_stack+0x45/0xd0 [ 292.902047] ? kasan_slab_alloc+0xf/0x20 [ 292.906109] ? kmem_cache_alloc+0x12e/0x700 [ 292.906122] ? vm_area_dup+0x21/0x170 [ 292.906133] ? copy_process.part.0+0x3407/0x7a30 [ 292.906147] ? _do_fork+0x257/0xfd0 [ 292.918988] ? __x64_sys_clone+0xbf/0x150 [ 292.919011] track_pfn_copy+0x196/0x1e0 [ 292.919028] ? reserve_pfn_range+0x500/0x500 [ 292.919044] ? get_mem_cgroup_from_mm+0x139/0x320 [ 292.919070] copy_page_range+0x15f6/0x1f90 [ 292.944222] ? copy_process.part.0+0x30f9/0x7a30 [ 292.948969] ? find_held_lock+0x35/0x130 [ 292.953030] ? vma_compute_subtree_gap+0x158/0x230 [ 292.957952] ? vma_gap_callbacks_rotate+0x62/0x80 [ 292.962784] ? pmd_alloc+0x180/0x180 [ 292.966486] ? __vma_link_rb+0x279/0x370 [ 292.970540] copy_process.part.0+0x543d/0x7a30 [ 292.975129] ? __cleanup_sighand+0x70/0x70 [ 292.979350] ? lock_downgrade+0x880/0x880 [ 292.983493] ? kasan_check_write+0x14/0x20 [ 292.987713] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 292.992547] _do_fork+0x257/0xfd0 [ 292.995989] ? fork_idle+0x1d0/0x1d0 [ 292.999688] ? fput+0x128/0x1a0 [ 293.002964] ? ksys_write+0x1f1/0x2d0 [ 293.006757] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.011499] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.016253] ? do_syscall_64+0x26/0x620 [ 293.020214] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.025561] ? do_syscall_64+0x26/0x620 [ 293.029526] __x64_sys_clone+0xbf/0x150 [ 293.033491] do_syscall_64+0xfd/0x620 [ 293.037284] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.042456] RIP: 0033:0x459a29 [ 293.045637] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 293.064526] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:17 executing program 5: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) pwritev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="1a", 0x1}], 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000001, &(0x7f00000001c0)=0x0) ioctl$TIOCGLCKTRMIOS(0xffffffffffffffff, 0x5456, &(0x7f0000000000)={0x6d, 0x4, 0x1, 0x2, 0x16, 0x9, 0x0, 0x0, 0x2, 0xfffff73c, 0x2, 0x10000}) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) 22:27:17 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000240)=[@free_buffer, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0}}], 0x3f, 0x0, &(0x7f0000000300)="b7a75d25c7158d9005c472ffa4594c4c175e88a63b9d2995a1ee1c01aae010d9ce2ef219a0c17c781eed410931b598d3f4e2039d03a7a22b221efe7bdacbb9"}) 22:27:17 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xffffffffffffff8d, 0x0, 0x229, 0x0, 0xfffffebc}}], 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_mr_vif\x00') preadv(r1, &(0x7f00000017c0), 0x235, 0x2902) [ 293.072221] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 293.079477] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 293.086733] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 293.093987] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 293.101242] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 293.114846] WARNING: CPU: 0 PID: 24732 at arch/x86/mm/pat.c:1064 untrack_pfn+0x25c/0x2a0 [ 293.123100] Kernel panic - not syncing: panic_on_warn set ... [ 293.123100] [ 293.130468] CPU: 0 PID: 24732 Comm: syz-executor.4 Not tainted 4.19.76 #0 [ 293.137376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.146725] Call Trace: [ 293.149301] dump_stack+0x172/0x1f0 [ 293.152921] panic+0x263/0x507 [ 293.156100] ? __warn_printk+0xf3/0xf3 [ 293.159979] ? untrack_pfn+0x25c/0x2a0 [ 293.163858] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.169382] ? __warn.cold+0x5/0x4a [ 293.172997] ? untrack_pfn+0x25c/0x2a0 [ 293.176874] __warn.cold+0x20/0x4a [ 293.180399] ? untrack_pfn+0x25c/0x2a0 [ 293.184273] report_bug+0x263/0x2b0 [ 293.187892] do_error_trap+0x204/0x360 [ 293.191768] ? math_error+0x340/0x340 [ 293.195557] ? kasan_check_read+0x11/0x20 [ 293.199690] ? do_raw_spin_unlock+0x57/0x270 [ 293.204101] ? error_entry+0x7c/0xe0 [ 293.207803] ? trace_hardirqs_off_caller+0x65/0x220 [ 293.212819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 293.217653] do_invalid_op+0x1b/0x20 [ 293.221352] invalid_op+0x14/0x20 [ 293.224793] RIP: 0010:untrack_pfn+0x25c/0x2a0 [ 293.229273] Code: 00 00 00 00 48 8b 45 d0 65 48 33 04 25 28 00 00 00 75 28 48 81 c4 88 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 d4 97 3a 00 <0f> 0b eb b3 48 89 df e8 48 2b 71 00 e9 b0 fe ff ff e8 5e 20 0e 00 [ 293.248159] RSP: 0018:ffff88804fe7f8a0 EFLAGS: 00010246 [ 293.253510] RAX: 0000000000040000 RBX: ffff88805b763d68 RCX: ffffc9000e6bb000 [ 293.260763] RDX: 0000000000040000 RSI: ffffffff8130cb1c RDI: 0000000000000005 [ 293.268017] RBP: ffff88804fe7f950 R08: ffff88805049a340 R09: ffffed10112cc709 [ 293.275272] R10: ffffed10112cc708 R11: ffff888089663843 R12: 1ffff11009fcff15 [ 293.282524] R13: 00000000ffffffea R14: 0000000000000000 R15: ffff88804fe7f928 [ 293.289800] ? untrack_pfn+0x25c/0x2a0 [ 293.293681] ? track_pfn_insert+0x180/0x180 [ 293.297989] ? vm_normal_page_pmd+0x400/0x400 [ 293.302483] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.307843] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 293.313370] ? uprobe_munmap+0xad/0x2b0 [ 293.317338] unmap_single_vma+0x1c2/0x300 [ 293.321473] unmap_vmas+0xae/0x180 [ 293.325009] exit_mmap+0x2c2/0x530 [ 293.328540] ? __ia32_sys_munmap+0x80/0x80 [ 293.332770] ? __khugepaged_exit+0x2da/0x400 [ 293.337163] ? rcu_read_lock_sched_held+0x110/0x130 [ 293.342169] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 293.347701] ? __khugepaged_exit+0xcf/0x400 [ 293.352019] mmput+0x15f/0x4c0 [ 293.355203] copy_process.part.0+0x5aaf/0x7a30 [ 293.359792] ? __cleanup_sighand+0x70/0x70 [ 293.364013] ? lock_downgrade+0x880/0x880 [ 293.368154] ? kasan_check_write+0x14/0x20 [ 293.372377] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 293.377212] _do_fork+0x257/0xfd0 [ 293.380655] ? fork_idle+0x1d0/0x1d0 [ 293.384354] ? fput+0x128/0x1a0 [ 293.387619] ? ksys_write+0x1f1/0x2d0 [ 293.391409] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.396167] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.400912] ? do_syscall_64+0x26/0x620 [ 293.404871] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.410219] ? do_syscall_64+0x26/0x620 [ 293.414183] __x64_sys_clone+0xbf/0x150 [ 293.418145] do_syscall_64+0xfd/0x620 [ 293.421936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.427109] RIP: 0033:0x459a29 [ 293.430299] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 293.449201] RSP: 002b:00007ff46cd9cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 293.456906] RAX: ffffffffffffffda RBX: 00007ff46cd9cc90 RCX: 0000000000459a29 [ 293.464163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 293.471425] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 293.478682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff46cd9d6d4 [ 293.485937] R13: 00000000004bfeeb R14: 00000000004d20b0 R15: 0000000000000006 [ 293.494692] Kernel Offset: disabled [ 293.498403] Rebooting in 86400 seconds..