00000240)={0x6, 0xfff, @fd, 0x80000000}, 0x2, 0x0, r6}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001540)={r7, 0x0, 0x3e, 0x1000, &(0x7f0000000300)="28c05553221c8be81cffa1be1d38821960d26f3f8b840e61a1797eac193c2286300402212932f864bcf2d943757a01e0b8d517cf0b9976241c314a4fd775", &(0x7f0000000440)=""/4096, 0x2, 0x0, 0x4, 0x82, &(0x7f0000001440)="0e02f4d8", &(0x7f0000001480)="c0786e50c4fefaed02f1dfbc423bd753f42ef669d0e5a2a07a1f9289a05140d3f2a7f76dab66038ce55f04dd9c65ddc3c4dadb7d94af975ee761fc2025e246f456f9d7cace6caa8e89d09a19e73a139d45df44518ed34383477628c26bd80a36a8249f2508cae9cc158e650d3bcbd3e7c54327c0ed59baab181c37691f00c1e27210"}, 0x40) 21:46:39 executing program 4: r0 = perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r4 = dup2(r2, r3) fcntl$setown(r3, 0x8, r1) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r7, 0x0, 0xffffffffffffffff, 0x0) r8 = syz_open_procfs(r7, &(0x7f0000001700)='attr/exec\x00') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000001440)={0x3, &(0x7f0000001400)=[{0x1, 0x1e, 0x5, 0x4}, {0x200, 0x0, 0x8, 0x3f}, {0x1, 0x2, 0x3f, 0x8000}]}) r10 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r10, &(0x7f00000017c0), 0x199, 0x0) r11 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r11, &(0x7f00000017c0), 0x199, 0x0) r12 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r13 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r13, &(0x7f00000017c0), 0x199, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r14, @ANYRES32=r14, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) r15 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r15, &(0x7f00000017c0), 0x199, 0x0) r16 = socket$alg(0x26, 0x5, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r17, 0x0, 0xffffffffffffffff, 0x0) stat(&(0x7f0000001480)='./file0\x00', &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r19 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r19, &(0x7f00000017c0), 0x199, 0x0) r20 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r20, &(0x7f00000017c0), 0x199, 0x0) r21 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r21, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r22) fstat(r0, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(r5, &(0x7f00000016c0)={&(0x7f0000000000)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000140)="63bcf4a14ff3dffd8be6b59c84094e56930f4422436ac8635363692d92f9df9bc334bf8bbcb4820c183ffaa414c1be8ef5c6da012fcfd965083166006a0b61e16bff9b5d55670114be5dea39ab477cd4aed0dfc59a68281ef0f80871ea57bda25408d5583b0fbb112fed0d995191b400de3d4685608503b48004ebe7f6ed9fef23ca083e598856552ff97b94376ccfed9b49132192506754f4042b0f854724c244906dbbf371a4809799608a9fde0c70ced219a3aad8903641ff8c7c6f28562ce4c941bfd46afef6c62c5a8d5e6d57ea4eb2facdfcf8876179b258f6d3083a4abbed24", 0xe3}, {&(0x7f0000000240)="058b92462ccdc762f4e2e0177293b998cefcb830753096cf76b3971328d99b964028805bfe9cfffecb9c3d0efe70d5dc88da5a633b3773de8e11d1e6052c85e0491e46976f89f4921c95d8bb026278f344358f83eea3", 0x56}, {&(0x7f0000000300)="e4ffcf806976d29dbdf3b7d48e46c9abd81b888bc16f16ddb436e7eb54ea7f135db3a5fc49baadde5ee087264bd3da908a4db348459e090c5017c4048b518d808dc3a3e8686272d2c3517ed3ba2c27b60a150b593d18cd3e0e9d6dfe46bcaaa99991ac675d2760574611e12954f65ccce26703599e8dc1b00fa25bd758ae1932a81cf4d4c7ba294987c1d216738a48d67b677b26259ea558387e2fb84bc29f132d6b2094ce36366bb1c7c41d588d471d850f2d9dae9a05cc9c70cfe20b493cb9805ef8becdfd7ca11dc6a31f96700836", 0xd0}, {&(0x7f0000000400)="69b394707fab092d03b01cfc15b7971d821d4b89fefa564bfd6c76b45869e003cb94d94d0d8b0274a7fd0b27a904bdf72d5b110e299ffe88940833bd363fdf88fb85199d77de83611a280d3dad0e940f2adbb44f13689aeb84705d38d6a66cf8c740b3821032c149b4b945b37553be0c3f05fa201525901169184c101c75549da418373cd7dbf4b87f3ec58d08220ab169afa419e1fc6c87a7aa8d387f576a717201c54f7e473f1a5314acb4ff20ea3c5b94ae49d3dffcb0f529ea621910e66279354dbeddc98cacb90d602a38f9456fba7fadf4fb8832fac4f0b7918dae767f41271e9e8b60b6f3d3a29fb10a61157ce891203e856336d05981e956ac8852779b68a58db2e31c521f8fbec7341b903cf43d1d926646d763ba621d74e7646991ea7f16d2ea78adae41d175b1ff13560472b8eaded89fd12e426e5f0009891b2f8ae7f3e00be1d073b92ad8aa71cd530761961c59c5f73a82fd1926d9daea1d937fffb73d2a6eccd522f84fec4aa78d72254d20fda157c931d2a84b62484e0fc16fb7f83f56a5a87eb476731cf51b44d4071bebd4faca93c846c608716523aa9572d8c582cd17e457db9129a19532fc67ba2dafa4ad5ecf656627ee3d3f4cd43381f99eba9aeaa3013b47b66aefddb3cecadca71f812f476066e63417354e059eacd34dec0398f53140819a612b1f5bdddc688775e59d42df48caff6b9371646e1a7653d04e27be0d29079b1bfec97c273f5691ee1473b533c5aad894429b97b76193e376cbe57690ae7d0230a15284fe5f20b58183b23dca07ce1992360e41f3b30dbdb67b486fb3398cab18806782d9fc876395fdd184ef0929320f716d03bdbaf5079b05cf253d321a163c907107a0b0cb89b63780b9ca4199aca7552aaa5807ff9a2d89a3cb702eded0f46605453d1c81c622de542e3d87e834a95cd4a4405920b862b37d2cadf05403b580fa33d4712727d8eb680368c839caff47022bc4a76db0c0d66fa7841eabda6491fe5913397c1ab4e02afb0c198757d3e0437a58e702187efb75e7c69e2c733d393fff6e4d51ec2ee96f209ddccdb919b89690cedfa2b806bd24b795f3f57ffe8c7eaec003c9c026af4ad7b4361369b42ce52bf65d8c146fb7a1206f4025d4108e870b51370f87defefddf3a80660e8fdf18d2c5267dbf41e13aa5106da68023f44b8b2a85d34b4319b119c83523e257a1d3df1e41a21516781a24a47ec7f0672a02a9f8fbd8886ee1dd32e09f4f8efda0fa02f11fc69d732fe42ffb9bb64aabbbab2f1d10f2dd73cd5ad20edf8eded97e8135d0241061d204afc8e7675f92a577b0db05d6767a7d5aed0029c7162ddd9f9e8db3d428645147b83d2661172514a7d5745011c76b5217a0a17a2d6a0d23b2a0bfc9cb32bb715a89a8b0838da44cee25178273d2d713498e3e2e8ca69ed961e4d5724713d3ba45cdc7fb2e056e4e4cb5fd4afb8e4666648d8a1ebde132be4a61b22fbaa2845a11534c13fbed7d5991dfb4f6d204ac969eff028755743c095f9326b72484fb8a77f42f1fbb1bc73aaf3bf6ae2eaef3a4df241aeddb6c12149559baa6a1d8a39a6bd8be42d0d03fe1201efb1e74d391298a2e4dea4f565c3303c1b90b8bde4e5353576de15da180305025f96112d54821266caf36cab44980bafd9fe22acea959bc3c0e0c9a8aa75e41005b325888a55ea3889fd1119a6e04127a6d96fbde117f4c7f2a3244dd52be4fa63e3e7e5ede9cd200827fbf0dbf7a3e512d7c4facf5f4f6e311d058fd5e7329f8dedb4a91549ac688c62f98b7360020926571a22c358b91753c2e82905c1ed495b9469a6eecbe2249369034f805b6507779a4b8ac4f1dd50c11a9c99846c3bca374ebabd45664840c5f659a52c05e9d0c379bf9eb83a70c86c6a0b4c9b276495f02730911b2e4fa97910bed753580d04009d551e6b4b0c897b90de35a6a9f92431abe6f61fe52e4438cf5553a856bc64c1458ab894249cbaa9e8d102367eaba0e13f11a12bd4c513292ee486b315f4822eb1fdfd1172a5bcb7c1cdd4ad83ecc452724b57611c30ad50544307de24831211e9cd46d9e1e78c82d1e9902029807bc72686e844cf35c7f5fca82d3dbf3b951985e051cd20d8101fc1d3609b97b256e6f3e6e2d20c24fc8f1f15e36d7dcf55ec803ebab6359498e702e8e2b5daeb0fc983ce71caa8f78919f0345b06efbbd62488d6fffc03376606f97a7590dac8cc5c88b6c24fe66be76863e13d7bbf8647b6c3f1e6745b0ed2dbde3f23f9faf83b58eab6ed0fecc364ab5524752a3135a1ed24987dcccf8b2c293bf115cc48135cd8b0564984c183d53b577ef1518b4004573d460f3bc10a6305688e2d393174b7a42e75c581fe148cd32f4024d2dc77ee0c63775169d354080524e0a10a6e19b3fd119cdd276f64e75b95788ef5e6e9786ebc8fc59107d9bc918d6146f5e03662d4093706697284cc5b27c75f5350559c1c7fe47bcd79f4aca61bd6c02042c18b2b3ab334d3df8793138c6d27f8a7378c4509a0c1787dcff5dd58c7c059519dd5091208b900907e2e95f81c8fd3070291e92941af99cf70fa3c3e4e1986ebda2fba0c7ec4d9b9334f8df2ea567d34bfeb94218376118f449d047df3c724be5f04356b6d173010b39b35c559b293fc041e92631d7a45b8f42727938e3a47177a813646cb8739aef41e952c7b8171315f9ae7244b2b3b622254ffc7e0f35d9d45874311fa8b657411d0696f1daa331312482163cd2df002b680e6ee6bdb4c376268054cf4928fb98ccd28c40c33f907721a515220081833f8d08839cb1f28ef1b2b1445a2afbacf5c028be6d109adb254f7b85ec1cb2af62d3eb53c3a0dce0ef146db2e210040928d2ddb8a9299d624d4f03d1927c4b7899c3f64d1511abbd56b99fe906101edb91b205a2060a5e4ec63bfbed658e2aae82d00f07f983ca95372d9b86001866ecf8766f6e45b7bd8c280e3a5aa6e3be5b1d94301615385ee2f9ba6ef7b045572368bd3bc1a515134e4043b846416235cc4b99a9e1eb81f9d8f0bcda250e4e8234d420e176bfe8519f2ed9f1a1d36b78a61150b080f921c5c49fdac239de68b01a7499ac8d0f56cb2e3e50c5b44f86ee67456edae989307a52b5e6b22e850cd1ac36761d61b63860c81e95f8c9dbac1620ad5a5f929d9c87c1c545adab79bb4c9ac192427f73b2caa78f362585a54ee60b522616b0a141a4b126a09262e1443c94f73005df5610cea45ed0dba528f9ae394aa9242bc3bacf7efd8c201d9f65f341c60e7d4ed5056f1a55dda568e55f209b765bcadbb7756861b5f47b8f5dcb2553fb48838c7cefb8d0eff9f59acdbdef0637c2d82cda48bce9a4dac2e58ef320b6d54ecdf6e995c2d25bbd0a0804c8cc3423c693c83eaaaa2d2b91d4d9d2d26b3dae34f92aaae8b16a010e4e6e4007ea794378e4c55757570f42297ab88d21070cda0930df2561f511c2591cda713f81a56345e08bc981a1b01e81a77c86c288f9a0f9cb3084b36f3a949e0de406296761eea9ef56445aa9d77131fa65814f47056296ac274ab4b09cbb74b7f15d2d716ec0108ec18fa88b9f000468452e5ca5272958bd088b4473d5d5a9b6ce35c14468fd069eeb9c0ad445cadf25abee50f446061d3565ef024a46a0a2a1431d21e932cfce921a00c89461cc0622ff92e10b165c9f1a38ec51518eb1307967ab107b8826e69b462d59cfa8e45cabd8aad2c718d8147b825578aa0939a8ac5562d96bb979cc9be2079552188bfaa7101822a35ee6286899d29cf87168277f3a67fc81ee0dbe3bf3ae747ee9979d944f87a7f4e2f0b3e62a7d14e37f1e7c83209b4b7d24a10b2046178444eecb3050cd20c863e9629f0685a0ddd0e2f4d7c7e9debb8fd39349dbb6b17e8b5ff66ec41c32885d3c81d01fae3f96fad7b162d2cdd0faf558551217a64910794f777dae96590e47e6076c9e9e185ad6c9efc5b8b7cb1cc3eb9503414638069728bb88d73bda066e7ade1a685524fdd3f2dac3a801570471a1a066afd30177c4108c4d4e1bfe6abbabc4124e05ccca702398f28cc74e78ed5d3c7350bc799003772e44935babe8a573b82cc5f157fbfd2e79c002d3d1590c12c1fd403e3c25f6a8955ac54bbb551b32c8f71a71e877afa8f631638c6f39be1abab1041f0f3bfead65e3b7dd068d507d36904ab8e267456ee28c37620c77ad2ba5c8dfc17239fe885ae0621214bc0153736e0109dbd9579facd6385496edfd87aff66744304b0afc74c8b09abb49f83d088d74859f63e88d6e45dd05241c01a0b46696770696a53c012c1a60efd706d06185f23d073f223ba894571fd5dab3ab2be8f76820ba0af54b97413f79531664e46033c6faa8402bc7c96cde6542675c23cd71acafcdd54423d4282a509e0ad3384c8ef988b2137f85433eab4970d87bbc53d3ddad586970270037bb23f4a016b5f97bdc00ec65d920e512c81cf050a279571862fc2b40c70d9e6bf024c5a0132ff7622f41876c974a379de36da488ea015b111a3a7cd97baf1830f56e7b4f1bbad4e9f07060c9b0dede4b62ee81157763d1d77811b21029cb8e64e235d48f8540204a35391c4337300635c5eb80767b1f0f51099e2ef2e39a53e75177394be3af188f3ae129bc7224f40318973d3806fc438023fa1e4c7f2a039465ac18fff1549b90138ce916c3b9854cb6ab6dfca7db82cb09c24b2dee6cf96277e839c4154b316d9845f19cfecc13801ffa0826aaaebf17e544860837998ce59f66c27fe92d437cb042a9a586a6f6a2f92546f65fe64ff3d80a01028bfd33d998b99156e0e85bf1eb3784225935e0b702d7e6df361af740b3e297152162f721edcf8b6a2ebde1ac3c5fcf1d1b8bb6a0c3f59667407adeca64a60597f8e599529c4d28504cfc4f60dde5aba0716e3bdf7f6e5cd88c8e0a90638074d7f8f4713af74a94f4cea329c32e730ee089eacd62353b42e65183805e875a30c4d891f652f01b06b23f73398139814ed6e814fde0578b36530595b4379f75e0d72256dbd10aa5e7ba6e9647fc638a3f8d2f0c6165a1dc5944a4ba345c024d8a7271a31b976173adc06f16dd8ba6e319ebdac4a54ef865e5c0740cb2769ee34fed11c77cad3b69f3462f372344b7482c13767c779109bb6863344fc3ba8247e8e6a6b2c15692d02c1758e5d88dfa172c3daa205452af736c3c81c8dfc312a542796df0771f3156ee4bc3974ebe3a5c22c3ddeaced6863037e78efc2e8e5b0a341441f0b4e0f062ff699f8d08d85216ba851c3c24449c0c26a40c9fd02d0e364e1bc771a5f602730f728e8609e79150e64df7dd073a57e79a366e25bc8cbf59b4d6ed2855be86fbdb561548e5b0a00ec7c70f102fd9bf95a3f0b49a8454bbb65aca850045f34fd2db510eda7fa4a8ff3f90b501a13ec08bbb5e1e3f6ebf0d159a6958bd71439b766cdf84c40569951f90c2a277d9e182e1ea29df7f67e72ad5d5fc852eabf7c531b0c9708c9bed58c7a0c21205ca954479a1f94273b8463fd695ac3d7911dc3e21bb5ab7cfe0d7466c5dab9f2bff7802ffcdd4f3dab0e24f46441ba9a482cc3be9388287b3367708034241458071971a3a7d98f982ae3302c164595c6ad06e3c48af2114d278dfd105afbbba3892ad0637595f50ef80e0e2531846825016bcfe2d63078c6791bc659358a851a829a8cee952458d86c6bdc9296608afeffef409e252c9f450d1f9eb8f77cf61a4c818b31c621cd0f3134a56a5a6bfada863cc27e8e6f0ed04fa62396756cb38c1e0c462ab", 0x1000}], 0x4, &(0x7f00000015c0)=[@rights={{0x14, 0x1, 0x1, [r6]}}, @rights={{0x30, 0x1, 0x1, [r8, r9, r10, 0xffffffffffffffff, r3, r11, r12, r13]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xffffffffffffffff, r14}}}, @rights={{0x30, 0x1, 0x1, [r2, r4, r15, r0, r16, r2, r0, r2]}}, @cred={{0x1c, 0x1, 0x2, {r17, r18, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r19, r20, r0]}}, @cred={{0x1c, 0x1, 0x2, {r1, r22, r23}}}], 0xf8, 0x20004000}, 0x20040880) tkill(r1, 0x16) 21:46:39 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={0x0, r0}, 0x10) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCMBIS(r3, 0x5416, &(0x7f0000000080)=0xffff) sendfile(r1, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:41 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, 0x0) tkill(r0, 0x16) 21:46:41 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) creat(&(0x7f0000000000)='./file1\x00', 0x98) r1 = open$dir(&(0x7f00000001c0)='./file1\x00', 0x100000, 0x2) lsetxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='trusted.overlay.opaque\x00', &(0x7f0000000180)='y\x00', 0x2, 0x2) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) uselib(&(0x7f0000000080)='./file1\x00') unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:46:41 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r5, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4) r6 = open$dir(&(0x7f0000000000)='./file0\x00', 0xeaff1dc146839af7, 0x8) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r6) 21:46:41 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000002000ff37f7eb932485190091dd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d876566169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406d8fafafb95841c009173ff0348091396c548c081b890fcf000000000000000000"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:41 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000200)='+-$\x00', 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {r3, r4+30000000}}, 0x0) 21:46:41 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x4, 0x20001, 0x2}, 0xfffffffffffffeb6) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r3, 0x28, &(0x7f0000000040)={0x0, 0x0}}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={r4}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000600)={r4, 0x1, 0x8}, 0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={r4, 0x4dd, 0x8}, 0xc) [ 2878.437841] kauditd_printk_skb: 16 callbacks suppressed [ 2878.437850] audit: type=1800 audit(1577137601.819:416): pid=17673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17705 res=0 [ 2878.476770] audit: type=1804 audit(1577137601.839:417): pid=17673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1529/file1" dev="sda1" ino=17706 res=1 [ 2878.565789] audit: type=1800 audit(1577137601.839:418): pid=17673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17705 res=0 21:46:42 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) rmdir(&(0x7f0000000000)='./file0\x00') ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) write$RDMA_USER_CM_CMD_ACCEPT(r3, &(0x7f0000000140)={0x8, 0x120, 0xfa00, {0x0, {0xffff, 0x7, "355eca71945f7628b5172060e6e746e06dacbe6b6e756146dd8e736249a366f8b234f9f976266c3ba33053cd3a8b02eac4571c9d86716ed25db216ccb48f4b2d70685cca93c2617d44fc08d8bc857b94db7bb55a6ce79eb88e9fe79f2b595ce255dbd11f438142abd0a69611f8d42d0850e87068e99ac4df92af62355db8bbeefec1ef5b2cd98e97f5b5d775186fad0e9520edc6c55469fe2c800663620d03534997ab0563d6436b4ff26ba078e209dbb23f291398b4fbabff363d8781fb5a793b4f1e45a028106454f1d476eec3ae08f23d0e1309cd203bee7da3dcca5dabcdea7df899ff20cf2475304b18d5e5beff8534044edc8231c0686be8018830589c", 0x3f, 0xa4, 0x40, 0x40, 0x5, 0xed, 0x0, 0x1}}}, 0x128) 21:46:42 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84) r3 = socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000140), &(0x7f0000000180)=0x4) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000001c0)={0xbe, 0x8001, 0x5, 0x200}, 0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000444ff8)={r4, 0x7}, 0x8) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000)={r4, 0x7, 0x0, 0x1}, &(0x7f0000000080)=0x10) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000002880)='/selinux/commit_pending_bools\x00', 0x1, 0x0) bind$bt_sco(r5, &(0x7f00000028c0)={0x1f, {0x1f, 0x80, 0x0, 0x9a, 0x7, 0x53}}, 0x8) [ 2878.701172] audit: type=1804 audit(1577137601.859:419): pid=17681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1529/file1" dev="sda1" ino=17706 res=1 21:46:42 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000440)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb93248519730322e2e27f2e0cd8b600000100e0e80091cd881e082f2ad3e25febe01b9ea2f7f4165f184d666fe5badd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f7770cdb9b942118cc7fe40d0f70d8c276414e46d73814b60ab2157999696d2c6650c406da8afafb95841c08c19f80bc32f68a0fb2b525a55206f976792270308"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r3 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r4 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r4, 0xa) preadv(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0) write$FUSE_LK(r3, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r3, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r5, 0x0, 0xffffffffffffffff, 0x0) setpriority(0x3, r5, 0x2) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r3, 0x541c, &(0x7f0000000180)) [ 2878.749549] audit: type=1800 audit(1577137602.119:420): pid=17695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17710 res=0 21:46:42 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x9, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2878.783078] audit: type=1804 audit(1577137602.119:421): pid=17695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1530/file0" dev="sda1" ino=17710 res=1 21:46:42 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = open(&(0x7f0000000580)='./file0\x00', 0x200000, 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f00000005c0)={0xffffffffffffffff, r4}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) newfstatat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x7000) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000040)='/dev/loop0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='fuseblk\x00', 0x8, &(0x7f0000000480)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r6}, 0x2c, {'group_id', 0x3d, r7}, 0x2c, {[{@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0x69}}], [{@fowner_lt={'fowner<', r8}}]}}) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x800000000000357, 0x0, 0x0) r9 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) ioctl$EVIOCREVOKE(r9, 0x40044591, &(0x7f0000000540)=0x8) ioctl$IMADDTIMER(r9, 0x80044940, &(0x7f0000000000)=0x3611895945644307) 21:46:42 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$PPPIOCCONNECT(r1, 0x4004743a, &(0x7f0000000140)=0x1) preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000040)) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SCSI_IOCTL_START_UNIT(0xffffffffffffffff, 0x5) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r3, 0xa, 0x12) recvmmsg(r4, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r5 = dup2(r3, r4) fcntl$setown(r4, 0x8, r2) fremovexattr(r5, &(0x7f0000000000)=@known='trusted.overlay.opaque\x00') tkill(r2, 0x16) [ 2878.973563] audit: type=1800 audit(1577137602.349:422): pid=17695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17705 res=0 [ 2879.043368] audit: type=1804 audit(1577137602.349:423): pid=17695 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1530/file0" dev="sda1" ino=17705 res=1 21:46:44 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400000, 0x0) ioctl$KDFONTOP_SET_DEF(r3, 0x4b72, &(0x7f0000000040)={0x2, 0x0, 0xe, 0x1b, 0x7, &(0x7f0000000300)="063ca16a41befe5cc72a9e84c732e8ec9dc94287a266d473f518c4889f2a76289ec2df99c27fbe495660112a6dc01e65f62ace0629a23c48cf7a0b56499186a8f13ff6874c98ba28d23ad6f6c81cd4bb74770ce8cc9c22c60290b9c0de013268568b0448a8da23f30ec898d20bf715a74c58388e71262c7c6f31e411428539eec5fae0d85805c22939e38c6d37a9cb1495b07a506bda4b3a413c062c59e4ec841b3e738be82a897934a4c6bf102a9623fc1e82057db0b0b89300502a5fc3926998aad18383121ceadc168803bb882d7b4bcdf2c5bf2376603d7ceac6a83ab2049d4a6768aab89323889fc1a8d05ed1279334229a97c4b131ceee012711cd08f0e2fb203d528f8cda91b7942ded4a1a777f7891211d7cb0d9656dac0185e1346e438e4ee5819e25f9c075135f74d3a331b7f52542cde5a8a991115a13ad01ce3379a115cae11b55ef8448a7b98689b95038921d9558ca5b8d7fda117d665af41a3eca05007ffb55915029e8026a3861fa16bcf4693fc422ffbf52851142338dcfc73e6975b4d9af453fc0dac067e149f736c5ed6d7aa54440d114f9a4c8616867870618d04d775482f7406013e7cb44551eaa09982ad4099aa9c7211a576d6e1e2d96cc87aa8d219fdb5b08c005df4130e930ecbebf34ca83a80aa0a79f8e34028cb6ec44d2dc3d4319f9dc961b994295f44048a1f245e83e2b9d0003638e29eeb2da4a350447cb94ce7129202bdf72e6c41fbaf5cc793db96e6c3ce044262773414dfbe3f69b8299d9489f519db1cec82654776c1520a48108f5944b793796046e81f6a03865bd054a660471e3712ca10f7a87d83b9fe3cbed82c7df96d7bbbf8cdafd5e53572722b71e5ed9af4f4792e38151a767536e4aaa14b1872ce161ffbcf656b6e9fe0d7960d17cf3d2609984f996449218f1217fbf4b162452ed893a362d4c3a0534cd177ba70bc2c09d1ddcde93efe46d703d5612b1003f1419339be022f2b1734dc81863419a2c126d14bb7765253daed70990d1bf6d4a463fce062bca0845c3825d03663477d7516ba2c9b20707571e1d167e7f1f26357a071d5dd368cc31cc7bbf1de2f15d112dfab2250c35dfc7e5b5ff5e941e9b88e3be480b9095a23e08e96319cff770f76871a173403312bb066dfcc015c40e488b50b66c128ebc2124a9442d21c99d64aa4a5f2a39901c8e65ea978bf34b8d163fec610e9c30b8da68c779758382afb429b14e3a371efc1adb04308c8f641fe4bbe3bd8a203166d2468c4d2ec0bd73255bd01219f4e239239c91a79f8abae42af4a09412250e6125ae6de0a5c867049dae0b3ec2cd53c2a50560c14df18d24711cb5b75ba6e4946fe0c2028d7ffbb36b7775134a58d58b3276954d886ae953dc60a03cdcf9e1dad9165d1c4851ac80d42c8f3704cc193782eb08c22e1860d83f39b9d22a"}) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:44 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(0x0, 0x16) 21:46:44 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x30, r3, 0x7}, 0x30}}, 0x0) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r3, 0x200, 0x70bd27, 0x25dfdbfe, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4800) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r4, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000080)=0xc) 21:46:44 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000440)=ANY=[@ANYBLOB="050b000000000000ff44f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d876a718647a74730689e3794d71e6d0b588276169dc738bf2030df195147e0f91475c50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafa95841c009173ff0348091396c548c081b890fcfd1d9f26da59e3b428a6db728e8d5ca78b1fcdd8214541b6a5919047a"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:44 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2881.457562] audit: type=1800 audit(1577137604.839:424): pid=17730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16835 res=0 21:46:44 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0, [], [{0x80000, 0xfffffff9, 0x7, 0x0, 0x7, 0x9}, {0xfffffffb, 0x2, 0xedf2, 0x9, 0x4, 0xffffffff}], [[]]}) tkill(r0, 0x16) [ 2881.498827] audit: type=1804 audit(1577137604.839:425): pid=17730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1531/file0" dev="sda1" ino=16835 res=1 21:46:45 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r0 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r0, 0x1000000) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) sendfile(r4, 0xffffffffffffffff, 0x0, 0xeefffded) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsa\x00', 0x50200, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) ioctl$VFIO_GET_API_VERSION(r6, 0x3b64) ioctl$VIDIOC_STREAMOFF(r5, 0x40045613, &(0x7f00000000c0)=0x3ff) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r7, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:45 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) ioctl$PPPIOCSNPMODE(0xffffffffffffffff, 0x4008744b, &(0x7f0000000080)={0x8021, 0x1}) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x38a00, 0x0) r4 = perf_event_open(&(0x7f0000000240)={0x3, 0x70, 0x4, 0x2, 0x7, 0x7, 0x0, 0x4b, 0x8, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x3, @perf_config_ext={0x3, 0x5}, 0x2008, 0x3, 0x400, 0x1, 0x3, 0x0, 0x4ff3}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x1) perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x1, 0x7f, 0xe1, 0x0, 0x9, 0x20000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f00000000c0), 0x5}, 0x10000, 0x1, 0x5, 0x1, 0x401, 0x1, 0x2}, r3, 0xe, r4, 0x8) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:45 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x20800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10010}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000ac0)='/dev/autofs\x00', 0x1, 0x0) ioctl$TUNSETVNETBE(r4, 0x400454de, &(0x7f0000000b00)=0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r3, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f00000000c0)=r3) syz_genetlink_get_family_id$nbd(&(0x7f0000000080)='nbd\x00') fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') prctl$PR_SET_KEEPCAPS(0x8, 0x1) preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = dup3(0xffffffffffffffff, r5, 0x80000) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x11501, 0x0) sendmsg$kcm(r7, &(0x7f0000000a80)={&(0x7f0000000300)=@generic={0x9ac06c3b93827605, "4ebe4e8ae067934382fccdaba6ebdc81f340bd339631a94d4ab4e395bbd40dd4521daff67225bfc3d2a8740f2c8503ee0cc003b13b555e9a1af929b41b4ed27e1e9d446759f7224bc592dbca25d64b94449284a928f4a01bd8d226b62818d26857804dc9e02a9009aa3bcca8e5edacc8e76e9ad70798133945bf66f6443a"}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000380)="280ac41d11e12846e4d79dd2eb2ff84b5e2592b2e4b23b13a770c47176fc36adfde67b2511f045d557a9b9b86a87d27f70b79100d0c7b0fffe7d6718a72ac4faba22f895bc693dd744f03807b43bc63eb6e0aadbf521a102c5fbd796bd3d43c4e0c7f9c0627e50151f8dcb1695eadad78df3c94feffa214a25b02f94677771045871c561217a16da4e177a379cb7c684d2546644da017b401fa5ff5ddabfc2811305e802049a10a0876cc874e6ce1358ab534a488dcb823f06a6071a935dd329d6886ef1412d9fdc249c3a3230f0bf4495af839f6cf84b7f4fe75cc3997bcb12892bbb", 0xe3}, {&(0x7f0000000280)="743476414ae662084f6eae741610d3cb3564eca7701151f28b", 0x19}, {&(0x7f0000000480)="c7ec8a2feac52954f17303ee9bddd3d28c05e575544b6ae955c80d824686d5df94f22f10925831a3a031f926c3736513c79f07e42cf211e62cd9487fc26547d5bc9080a4039557578d21861297516ebfe7ca73ec70b6482abd", 0x59}, {&(0x7f0000000500)="c0ccbf8a142376b5aff6471130da41554ab3d799b90489d58e66abe5a068fb5e02f53c4ba4b4ac94c5", 0x29}, {&(0x7f0000000540)="53418009b8cc7996f4671c4e6da26e3c4e7d75a3ef73743a0ad8917a02b2ac04da3b667d477472f04b26e7a34b8f38d98f587a5b5abb51d599aebc99f01a8aba3129412a2d2e11f760de0c4887da1129ae7180ee3e4a25fc43c72168c6f6253bc4deb6d939fea9bbd40955b7fd09f04a4f1e3880b746e0d434dae37b3f459171ab5f1d12f53de200b7620784599fe178276f92a0330336cbf4d7cb78501e704134ea0d9f07efaec97fafca013648814a7608887a738d5490a3d04942b1d5d8ff93f5c0b61a9a6ce0e8f6d53f0bf9d991a5b017ddf5bf5c32ddf8ac9b32558ee6fda8809f741ef1513df8d6b2c957670b82a7d678024799", 0xf7}], 0x5, &(0x7f00000006c0)=[{0xe0, 0x105, 0x5, "de73accd4c747c5d94c3d8190ffa6c450373ee722bb0d15925b193a74303b83ce2a6541f15fffa337cc8ae839b9779aa41273b6cb0ada437b96b1d03f025435533e8ae1b2588a9dee415cbb94e99a1b32f85a0d65982592223d5f18c614a294773119e8b411dc89da8e59b24999e9d795b4c0491bdd9a365578476b8bf35ed4cd862992b1cc1a665bb46ec988c3fbdf03bcbc550f1f88fa6617d3b1baa575f52e5c8b3ba6a61d016f7a006cd04ce66d8b1901a69d482c93e36ac8acb31d811d8e821026ba1779c7fa69d7d4810"}, {0x38, 0x1, 0x5, "c005354ecb05a89fb3bac992e938c36d00e69c3ee3af0a2bc62549fe85436d08680afafb07"}, {0xd0, 0x0, 0xc7d1, "cb3d3ee68bb2332648695dcc197ff2eb1b653a950c03967233d63c9f9d410f6edc50f7ea2c7908a13068438cb5aa29c4d9df5dddecc35d18c1f5703a83339e6450be6cec83464a6f3352cfd11d6e38950c1efbcfa3597fa91c943e75d0c6c592114009d7ee19bae74ba864d297cb5054ea7560001be4edcd3c50b8a57ceef58f5e051039914707293832d9d85b967f45011ec1ce69ea1f4cc3262ffd41178172a7e98d2b459e9c0ac4f6828cc9960c1ddbcaabbba79fd75b4bef7229"}, {0x10, 0x100, 0x500}, {0x38, 0x113, 0x2, "a72df7dd893fc5aa96d4f87f5fe6ad753a9849d2b7f19487c1033cbd1f56dd73cebca932b6d4137d"}, {0x108, 0x81, 0xc3f, "fe313b0861f699bb5e32ff9ca54c9f07315f330c2479cc7cc016517202c3f3a510cee93acf969d54d9f97789a198f9f26d60193e7e0290cf5b863455ef0bf76b80c165082d18aec9efca5cba62b9f73d7fc64b2eb13211ae1c196714a7cd6e1b48450fcef67858395543c213d0bf0e0661a85e061493fed8860cd9aa5d0c293aedfe5ddc355913934e2a548ec42fb5445dbb83b640ab4aff4fb86381996fbf231ca8882064ed72ff0934b672b8af3a9505144b2a727ca7427469493402ebdbec09c8168f904abedeb60fd6b6302bb7f512f8ece9ae23b2d09b67651e32a94f8fb7a3267b59fd9b0258cd9aea2e9a6bacfee89119345e2524"}, {0x60, 0x114, 0x64, "a5eb3b56764a219ddf6228ac9975cebbafff74e2cb431a4bf96b40d4d4a585f31159c7978269b5052dcb55dcddd43ce9206cd48103e3243eafeb967f35da68814979fd980cd753cd42576658"}], 0x398}, 0x48041) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r6, 0x402c5342, &(0x7f0000000140)={0x8bc4, 0xdc, 0xfffffe01, {0x0, 0x66d}, 0x80000000}) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:45 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) write$binfmt_elf64(r0, &(0x7f0000000800)=ANY=[@ANYBLOB="7f454c46f1369f06070000000000000003003e0001040000880300000000000040000000000000001c036a356137a37c92bcfd41160af9b0000000000000800000000008380002001ba40000020003000030410000000010000000000000ff03000000000000060000000000000004000000000000003baf000000000000df9500000000000097b32ecef9cbde0736b68a553379d74b9b95db52929e5357e949a4f27a330ec24fc8d2e20e610ceb9646138ea85fe789026c46ce4cce37c9544ffb3170c85897a4e00c0a9a1128288b01720918b40b50ed2263de472c28213b65191e7376fea4ed9ab752503828d3e86ac4ba5d5364468bb7a3b986b2a1a9d7f02e6d37b2439b55de2c444c31c91beda057b138aa351059957821c3392ce3c9b68a0e299b571bcb4a44564a39639e3d976dbfb10817ad7dccfd71a7ab378200b1078df3942a1a381afcc02da244d50600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005e1c5b380144c7746305f4afa05c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000389200"/1857], 0x741) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self\x00', 0x20000, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x10, r2, 0x613a1000) 21:46:45 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x400, 0x0) ioctl$IMDELTIMER(r2, 0x80044941, &(0x7f0000000200)=0x3) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r3, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x1e, 0x3, @tid=r3}, &(0x7f0000000040)=0x0) ioctl$VIDIOC_DQEVENT(r0, 0x80885659, &(0x7f0000000080)={0x0, @motion_det}) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:45 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) sendmsg$unix(r3, &(0x7f00000001c0)={&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000440)="fbd9f26cfd0def9c59def21ae77c6f7470a74ac8914b293ff1064ffcb18c38ec97d89c1c95ef2ac58da1d1ecfb5c9cd4d0e2751395b306f0e765c46a3bc69804be9446a4e7095ae056d81aca325a21dc0079ec64ee1041c48e997fad3a52c0e65fb4fdbd4a9f6f5aefa5bbef3ff35e6ee28bee3cf18f67ea9cf88e3127cc7e6c54b38b5c769514397c87f8f5ab504757c8ad0c9f605ae00db5933549d5070aed0a833839f7328a1b4af1ca5eb0687efc57adc46607942d5c853090a02d652b5bd207", 0xc2}, {&(0x7f0000000540)="b547a77e7acb5b9063d0399a5e49a182e0466aefd45cba0b1f2080641b1a1dea5efa9c16d619e350f29db442ebbd28585ce964e64d7b3ccbf050f66c3f54483986eaa19ca489cba078cc72d1c84df58fdfef6ecb65b6a8df01c0d55458b3cfab3d2c0b64e8fd4688cb8544b09fe1eb97c2ad83cb2ed0ec6d7942acd149cb3068ecc9b403958600fc4c8afad57a522272a0c29cf1e29f180b03512e6928de8eaba03c3d62319074c39a6b0d4dcf99b77ab8316dd41e0e5beb6b46b8c403fb86a483b66bd213cae1eeeea611b956eb4ef28cd6629becaf24f534bf9bb3a7", 0xdd}, {&(0x7f0000000640)="9c92ead7cb0dbf3bb794fe9a7637436f18e3ffd9113b16fc88dd940b64a96037e1869a02236cd32a9a1c5344a7d1528ddadda6ff19484e85397dbfe8220d9225e0d3a17c36c4d0f931a7660bd822a30063ac6cfa2660", 0x56}], 0x3, 0x0, 0x0, 0x20000000}, 0x4000000) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:45 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = accept4$inet6(r3, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000500)=0x1c, 0x40000) getsockopt$inet6_tcp_int(r4, 0x6, 0xe, &(0x7f0000000540), &(0x7f0000000580)=0x4) ptrace$peek(0x4, r0, &(0x7f0000000000)) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x80241, 0x0) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:45 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000140)={{{@in=@broadcast, @in6=@remote}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000000)=0xe8) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:46:45 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(0x0, 0x16) 21:46:45 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$BLKROTATIONAL(r3, 0x127e, &(0x7f0000000280)) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x2c6, 0x0, 0xfffffee1}, 0x1400000}], 0x1, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x60000, 0x0) tkill(r0, 0x16) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) sendmsg$TIPC_NL_SOCK_GET(r5, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1100c0}, 0xc, &(0x7f00000003c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="c000e367527884cd40764d6408bf0000a8e40000", @ANYRES16=r4, @ANYBLOB="10082dbd7000fedbdf250600000094fe010014000200080001002000000007fe01001600000000000400000001000a004e2000000007fe8000000000000000000000000000bb05000000000002000a004e21297384c700000000000000000000ffffac1e0001a60bffff000004000000010002004e207f0000010000000000000000000002000a004e20000000090000000000000000000000000000000000010000100001006574683a6e6c6d6f6e300000"], 0x80}, 0x1, 0x0, 0x0, 0x8040}, 0x24008808) 21:46:45 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x20, 0xffffffffffffffff, 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:45 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) io_setup(0x800, &(0x7f0000000000)=0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x108000, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x200000, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ttyS3\x00', 0xc0000, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000400)='/selinu\x00\x10\x00\x00c/hash\x7fsta\xa8\x00', 0x0, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x6, 0x400) preadv(r7, &(0x7f00000017c0), 0x199, 0x0) r8 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/btrfs-control\x00', 0x40002, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r8, 0x8982, &(0x7f0000000740)={0x3, 'ip6_vti0\x00', {0x80000001}, 0x2}) r9 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000700)='/sel\x01\x80\x00\x00\x00\x00\x00\x00m\x85t\b\x00ending_jools\x00', 0x1, 0x0) io_submit(r0, 0x4, &(0x7f0000000540)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x1000, r1, &(0x7f0000000140)="dd7d0056079749a4b6de990c3700e8fce67350997affccce4a78c66169e3d15019783e737fce91d6774821944c3e55414efd0708e1b88ec979a97f27bd02925bd37d3f1f60fc4f1fdf890a67636642393c7672d1636496f28e30400895ed637d596e764e002974e836b4ee8651b9eb67b47628b7a0270880e4b7ca6314d0d393b567e95c1d7e98e0c2b4a1f74761442fd0401680ec2e692e5a6315a9be2af9e0ff91442dda0b4674db6f69b44aa15f8218d9bb4171de23c26f214beb480d8c59483f667654524f1e7b32f3099490b0212c10f68e71224405", 0xd8, 0x4, 0x0, 0x0, r2}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x7, 0x80, r3, &(0x7f0000000300)="c1", 0x1, 0x401, 0x0, 0x0, r4}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x7, 0x1, r5, &(0x7f0000000380)="ebdd5411936a6ecc0d07fe5b701332ca99bccc1b61f4a6c7b3fd2459e737857d7cd07f84f13c5b74be759bbb204d21bec7dbf65210097edb2388a049874d43a058c2c05fbf14f780399d17cf928b36327c5b1af48dfb35cc840d4197870ea3c176ef17d17618aa118b8ad4", 0x6b, 0x3f, 0x0, 0x2, r6}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x8, 0x1, r7, &(0x7f0000000480)="4521ff81ea023ec04370025ab3170907150687f3488de36010e29b3e45", 0x1d, 0x1, 0x0, 0x0, r9}]) r10 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000580)='/dev/dlm-monitor\x00', 0x200, 0x0) sendmsg$nl_generic(r10, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x18, 0x13, 0x0, 0x70bd25, 0x25dfdbfb, {0x3}, [@typed={0x4, 0x8d}]}, 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x200440c9) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x200000, 0xffffffffffffffff, 0x0) r11 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r12, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r12, 0xa, 0x12) recvmmsg(r13, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r12, r13) fcntl$setown(r13, 0x8, r11) tkill(r11, 0x16) 21:46:45 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f00000000c0)='./file0\x00', 0x14280, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') bind$ax25(0xffffffffffffffff, &(0x7f0000000140)={{0x3, @bcast}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}, 0x48) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) inotify_init() r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40000, 0x0) read$usbfs(r3, &(0x7f0000000300)=""/199, 0xc7) preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r6, 0x404c534a, &(0x7f0000000280)={0x9f73, 0x40, 0xfff}) sendfile(0xffffffffffffffff, r0, 0x0, 0x2002) lgetxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=@random={'os2.', '\x00'}, &(0x7f0000000800)=""/4096, 0x1000) 21:46:45 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') renameat(r2, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00') 21:46:45 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r4 = open(&(0x7f0000000440)='./file0\x00', 0x2, 0x1) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r4, &(0x7f00000006c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x85bf3ef5a238a868}, 0xc, &(0x7f0000000680)={&(0x7f0000000500)={0x15c, r5, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x20, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0x28, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xd6}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x5c, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5cba}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7f}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1f}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x20}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100}]}, @TIPC_NLA_BEARER={0x60, 0x1, [@TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'veth1_to_bridge\x00'}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x256}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8}]}]}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x40}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10001}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x800}]}]}, 0x1bf}, 0x1, 0x0, 0x0, 0x50}, 0x10040) preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000700)='/dev/snapshot\x00', 0x8000, 0x0) ioctl$PPPIOCSMRU1(r6, 0x40047452, &(0x7f0000000740)=0x8) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r7, &(0x7f00000017c0), 0x199, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={0x0, r7}, 0x10) setsockopt$inet_udp_int(r3, 0x11, 0x33, &(0x7f0000000200)=0x20, 0x4) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000140)) r8 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @dev}}, &(0x7f0000000080)=0x80, 0x80000) r9 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r8, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="88000000", @ANYRES16=r9, @ANYBLOB="000229bd7000fddbdf250c000000680003001400060000000000000000000000ffffe000000108000500ffffffff140006000000000000000000000000000000000108000500ac1414aa0800030000000000140002c632eb9a99000000000000000000000000000000000008000500000000000800040005000000080004000800000004000200"], 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x40) fcntl$setown(r2, 0x8, r0) ioctl$LOOP_SET_FD(r6, 0x4c00, 0xffffffffffffffff) sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f0000000a80)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x41}, 0xc, &(0x7f0000000a40)={&(0x7f0000000b00)=ANY=[@ANYBLOB="70020000", @ANYRES16=r5, @ANYBLOB="00022bbd7000fbdbdf25070000001c0002000400040008000100804e000008000100faffffff04000400bc0004002400070008000300000400000800010016000000080000005cba000008000300000000001400010062726f6164636173742d6c696e6b00001400010062726f6164636173742d6c696e6b00000c00010073797a30000000001400010062726f6164636173742d4c696e6b00000c00010073797a31000000000c00010073797a310000000014000700080002003bce000008000100070000001400010062726f6164636173742d6c696e6b00000c00010073797a3000000000b400040014000700080001000000000008000300000000000c00010073797a3100000000340007000800020002000000080003000400009e520cbc000e000000080004007afc000008000200080080000800030040000000240007000800020005000000080003000500000008000300faffffff08000400050000000c00010073797a31000000000c00010073797a30000000001400010062726f6164636173742d6c696e6b00000c00010073797a31000000001400090008000100300000000800010081000000200004001c00070008000300060000fc00080002000900000008000300b304000044000900080001000600000008000200050000000800010007000000080002000200000008000100040000000800010004000000080002000900000008000200030000005800010014000200080001000000000008000400260000001400010069623a73797a6b616c6c6572310000002c0002000800010009000000080002007200000008000100150000000800030004000000080001001a000000fc59aa50b5bfad937b23385447b2787898a22abcbff82592f438ee901817282276608dad649bba54eef29d6a68b74fb3292dd5824acc7ea5d74f200883c4e54bc9e97a442e5735bc6dd8fb18cd02a8c44f80eb61cd051b3bd318703106a844fc925c3c0be84d46ba3ca6ce36902d00c84181b5fd37fd7775878a3944e3759f858541b0e62f8003cd44ff293cc1ca2e8667bc921567b66c344cbafd0135fd1516b6644d752c5be1f51695e915864ae5503664edec25370e434aaed6"], 0x270}, 0x1, 0x0, 0x0, 0x24000844}, 0x800) tkill(r0, 0x16) 21:46:45 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f00000004c0)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e67e0f91476b50bb181fa21eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf1b0f5813b04daf458a1a85997795cd60af42506e3af7c6f449d1b062e261ec301b28eb041bad7b5a8568373c680e86d4c7e74f2f613c1b7ae3fc86947a77c2d5b3f06fd9d4df2e44b22d4201fc8602e6e9eb2ea6a47dbe0fa60a09b8883f169b39179039ab749dd0977d05a787f365a6fffbd2574c6c2c3ab5b7e17f1610c0149f0cf34d9860218357794812fb9df3b3973481e2df73d2a594017b0a5af6bf1ffaa19af09fcb23939155949fa9067107cf0347e7a2135a2ef70ff49fcc91"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:46 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff}, 0x800) fallocate(r0, 0x42, 0x9, 0x80) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r4, 0x0, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs(r4, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000000c0)=0x7) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:46 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000140)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x40) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:46:46 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002cc0)=[{{&(0x7f0000000000)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000080)=""/14, 0xe}, {&(0x7f0000000140)=""/7, 0x7}, {&(0x7f0000000180)=""/103, 0x67}], 0x3, &(0x7f0000000240)=""/11, 0xb}, 0x910}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000280)=""/40, 0x28}, {&(0x7f0000000300)=""/249, 0xf9}, {&(0x7f0000000400)=""/88, 0x58}, {&(0x7f0000000480)=""/112, 0x70}, {&(0x7f0000000500)=""/208, 0xd0}, {&(0x7f0000000600)=""/193, 0xc1}, {&(0x7f0000000700)=""/89, 0xfffffe6c}, {&(0x7f0000000780)=""/133, 0x85}, {&(0x7f0000000840)=""/204, 0xcc}, {&(0x7f0000000940)=""/109, 0x6d}], 0xa, &(0x7f0000000a80)=""/91, 0x5b}, 0x1}, {{&(0x7f0000000b00)=@in={0x2, 0x0, @broadcast}, 0x80, &(0x7f0000000fc0)=[{&(0x7f0000000b80)=""/254, 0xfe}, {&(0x7f0000000c80)=""/111, 0x6f}, {&(0x7f0000000d00)=""/98, 0xfffffe5a}, {&(0x7f0000000d80)=""/136, 0x88}, {&(0x7f0000000e40)=""/85, 0x55}, {&(0x7f0000000ec0)=""/45, 0x2d}, {&(0x7f0000000f00)=""/192, 0xc0}], 0x7, &(0x7f0000001040)=""/250, 0xfa}, 0xea}, {{&(0x7f0000001140)=@alg, 0x80, &(0x7f0000002580)=[{&(0x7f00000011c0)=""/110, 0x6e}, {&(0x7f0000001240)=""/125, 0xfffffffffffffea1}, {&(0x7f00000012c0)=""/123, 0x7b}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000002340)=""/164, 0xb0}, {&(0x7f0000002400)=""/69, 0x45}, {&(0x7f0000002480)=""/232, 0xe8}], 0x7}, 0x7ff}, {{&(0x7f0000002600)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f00000026c0)=[{&(0x7f0000002680)=""/56, 0x38}], 0x24f, &(0x7f0000002700)=""/191, 0xbf}, 0x5}, {{&(0x7f0000002b40)=@pptp={0x18, 0x2, {0x0, @local}}, 0x80, &(0x7f0000002b00)=[{&(0x7f0000002840)=""/165, 0xa5}, {&(0x7f0000002900)=""/203, 0xcb}, {&(0x7f0000002a00)=""/233, 0xffffffffffffff8e}], 0x3, &(0x7f0000002c00)=""/143, 0x8f}, 0xff}], 0x6, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:46 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) write$FUSE_OPEN(r0, &(0x7f0000000340)={0x20, 0x0, 0x4, {0x0, 0x1}}, 0x20) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x1b2) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r3 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00') sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, r3, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e23}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x180}, 0x25f7f7cab3884c40) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x61, &(0x7f0000000140)={'filter\x00', 0x4}, 0x68) preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGETD(r2, 0x5424, &(0x7f0000000000)) 21:46:46 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(0x0, 0x16) 21:46:48 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000000)='./file0\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$USBDEVFS_CLEAR_HALT(r1, 0x80045515, &(0x7f0000000040)={0x8}) sendfile(r0, 0xffffffffffffffff, 0x0, 0x9546) 21:46:48 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) accept4$bt_l2cap(r4, 0x0, &(0x7f0000000000), 0x100400) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:48 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000080)={{r0, r1+30000000}, {0x0, 0x9}}, 0x0) r2 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$UI_BEGIN_FF_ERASE(r3, 0xc00c55ca, &(0x7f0000000280)={0x9, 0x7ff, 0x8b2}) r4 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r4, 0x1000000) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r5, 0x0, 0xffffffffffffffff, 0x0) r6 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e48000032000509d25a80648c63940d0324fc601000104038000000053582c137153e370948018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) capget(&(0x7f0000000100)={0x19980330, r5}, &(0x7f0000000140)={0xf06, 0x8, 0x5, 0x7, 0x7, 0x7}) r7 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x92800) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r7, 0x84, 0x16, &(0x7f00000002c0)=ANY=[@ANYBLOB="0300748709f6308cb42eb7fdccac0d358408134fea6025d459b54f1705373d84db8a466972a35066997e1dd574a3d58326ea9738b205000000000000000556437108906bc176739fc0e4fb83dd7995"], 0xa) sendfile(r2, r4, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r9, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r9, 0x0, &(0x7f0000000480)={{0x77359400}}, &(0x7f00000004c0)) timer_settime(r8, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r11 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r11, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCSISO7816(r11, 0xc0285443, &(0x7f0000000440)={0x3, 0x6, 0x2, 0x9, 0x7f}) preadv(r10, &(0x7f00000017c0), 0x199, 0x0) ioctl$TUNSETLINK(r10, 0x400454cd, 0x0) 21:46:48 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x0) 21:46:48 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) socket$nl_generic(0x10, 0x3, 0x10) newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x800) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, 0x0}, &(0x7f0000000340)=0x47) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="265d338f1b78d22f7c8fee00e67f0628b067f23f651e71c8ed79776909b5ea71e5cb7560a19a60b6b90336b43108190a9845dfbf803db6529f6cf927cf4fa35d5ee8ab700f4fcf48c299cfda4d018aac223bcfb82ad3c03d176f74298afdc0ea177d2e8675", @ANYRES32=r5, @ANYRES32=r5, @ANYBLOB="10000600c57c7be0700888f6008000"], 0x4, 0x0) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r7) write$FUSE_ENTRY(r3, &(0x7f0000000140)={0x90, 0xfffffffffffffffe, 0x7, {0x0, 0x0, 0x3, 0x2, 0x0, 0x1, {0x4, 0xb64, 0x5, 0x80000000, 0x5de, 0xba, 0xf4b9, 0x7, 0x84, 0x7fb4, 0x3, r7, r5, 0x3b5f, 0x5}}}, 0x90) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r8, 0x89e8) [ 2885.345995] kauditd_printk_skb: 24 callbacks suppressed [ 2885.346003] audit: type=1800 audit(1577137608.729:450): pid=17851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17162 res=0 [ 2885.367448] netlink: 18398 bytes leftover after parsing attributes in process `syz-executor.2'. [ 2885.391111] openvswitch: netlink: Flow get message rejected, Key attribute missing. 21:46:48 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x280082, 0x8) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x185) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x200000, 0x1) dup2(r0, r2) connect$llc(r0, &(0x7f0000000000)={0x1a, 0x3, 0x5, 0x1, 0xe, 0x3, @local}, 0x10) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000880}, 0xc, &(0x7f00000003c0)={&(0x7f00000001c0)={0x1d4, r4, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x24, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_MEDIA={0x1c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_BEARER={0xac, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @rand_addr=0x5}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x3, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5a0, @remote, 0x5}}, {0x14, 0x2, @in={0x2, 0x4e22, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'batadv0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffff}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK={0x94, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_LINK={0x40, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8575}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffcf}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9b}]}]}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x86dfa3ebea711c95}, 0x40) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f0000000440)={0x7ff}) [ 2885.476149] audit: type=1800 audit(1577137608.789:451): pid=17851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17162 res=0 21:46:48 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) mknodat(r1, &(0x7f0000000000)='./file0\x00', 0x8000, 0x200) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x20, 0xa00) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) sendfile(r2, r3, 0x0, 0x1) [ 2885.586130] audit: type=1800 audit(1577137608.969:452): pid=17868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17162 res=0 21:46:49 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x1811431a6be83fd8, 0x2) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x1) 21:46:49 executing program 4: pause() r0 = add_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000300)="daea4222a3c103decac85722a0e7a3740d45de16a5f438684f9ff1d59bc0526bc002bdb48703a5e5f5799e2e8517f1618bb5700dd36cf6d3db296158d7a72ff8d8817fc90448960230c0f3e5cd3e0bc9125d6b3e60a73c44ff13101c0887c574d3d9ab6dc90fe1a25f51327992c6f1ec29", 0x71, 0xfffffffffffffffd) add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, r0) r1 = add_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="dd61db391fb0beb45102c2b2ca38dd44019cc16fda793b02698791045f5b38a4d7e65b152f2359c0b74f26528d6ef1064524a3f1591ebf", 0x37, r0) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000140)={r1, 0x61, 0xdb}, &(0x7f0000000180)={'enc=', 'raw', ' hash=', {'nhpoly1305-sse2\x00'}}, &(0x7f0000000200)="488a99cd86c1e45cd308707516bdcaf33aefcb84594793ed0aa06297e9d84745a494ee5b582e667133537ce9dc2e8d1acacc4dcb6187e41ade2f90bc5f63f0f1a4c1fc1e7716abc1c99a694bb082aff3322377e0d5a78e8c030130deebb351d1dc", &(0x7f0000000300)=""/219) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r3, 0xa, 0x12) recvmmsg(r4, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r3, r4) fcntl$setown(r4, 0x8, r2) tkill(r2, 0x16) syz_init_net_socket$x25(0x9, 0x5, 0x0) [ 2885.679261] audit: type=1804 audit(1577137608.969:453): pid=17868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1540/file0" dev="sda1" ino=17162 res=1 [ 2885.728474] audit: type=1800 audit(1577137608.999:454): pid=17868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17162 res=0 21:46:49 executing program 0: io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$alg(0x26, 0x5, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0x27dea1aa) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) shutdown(r3, 0x7ac1d0268d8b3375) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140)) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(r4, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x730000}, 0x200000}) tkill(r0, 0x16) 21:46:49 executing program 1: r0 = open(&(0x7f0000000100)='./file1\x00', 0x40c2, 0xe) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000800)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fbd337bf71db236d0f44d25ab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202e89ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x20b) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$RTC_EPOCH_SET(r2, 0x4008700e, 0x0) sendfile(r0, r1, 0x0, 0x9546) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{0x0, 0x2710}, {0x77359400}}) [ 2885.766711] audit: type=1804 audit(1577137608.999:455): pid=17868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1540/file0" dev="sda1" ino=17162 res=1 [ 2885.858780] audit: type=1800 audit(1577137609.239:456): pid=17879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file1" dev="sda1" ino=17185 res=0 21:46:49 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x100, 0x404800) setsockopt$rose(r2, 0x104, 0x5, &(0x7f0000000140)=0x9, 0x4) write$selinux_context(r0, &(0x7f0000000000)='system_u:object_r:ipmi_device_t:s0\x00', 0x23) [ 2885.967549] audit: type=1800 audit(1577137609.349:457): pid=17884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17185 res=0 [ 2885.999454] audit: type=1804 audit(1577137609.379:458): pid=17884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1543/file0" dev="sda1" ino=17185 res=1 21:46:49 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x0) 21:46:49 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) r4 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xffffffffffffffff, 0xa00) recvfrom$x25(r4, &(0x7f0000000440)=""/94, 0x5e, 0x40010260, 0x0, 0x0) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) [ 2886.212755] audit: type=1800 audit(1577137609.599:459): pid=17884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16977 res=0 21:46:51 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={&(0x7f0000000080)="7c15ecbbdbe9d0514ad0c883537bf1063bd4cedfc0d127391617d1529f1139b5965f67b742dc4d75c0a757ddbd2e85fdda7407b4ec075d1fe3150c3682edcf0754cc07e395fcb6ceeb", &(0x7f0000000100)="c0b85bd379f7602837d7a68b7941ef38e0ff2093f2bfa0"}}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:51 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000140)={0x2, 0x2, 0x0, 'queue0\x00', 0xff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r3) quotactl(0x6, &(0x7f0000000000)='./file1\x00', r3, &(0x7f0000000080)="db787d3b47d385da7b") sendfile(r0, r1, 0x0, 0x9546) 21:46:51 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000854000/0x3000)=nil, 0x3000}, 0x2}) r3 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r4 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r4, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r3, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r3, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r3, 0x541c, &(0x7f0000000180)) 21:46:51 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='\x00\x00\x00\x00\x00\x00\x00') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDCTL_DSP_NONBLOCK(r4, 0x500e, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss={0x2, 0x2}, @timestamp, @timestamp, @window={0x3, 0x1, 0xdc00}], 0x4) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:51 executing program 3: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x0) 21:46:51 executing program 1: setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0x6, &(0x7f0000000000)=0x1, 0x4) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)) sendfile(r0, r1, 0x0, 0x9546) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) vmsplice(r2, &(0x7f0000000340)=[{&(0x7f00000001c0)="ae7b27d8259d4d9ec17a3c87707b09441afccb8bd01c718cc221e60642501a9b30c2f722d4ee2df7fcfcb4daa04b6c013492a118ec60bee810a9b4148e0924749f2623d2bc8cf9f777349af1d09300a46897fb", 0x53}, {}, {&(0x7f0000000240)="84ef6cec77f7c7c390b787839028119b874eedf8f88c6551490deb99cd41a6b94ceb4ef1e4383a5c84256074e93a36b93afddc4b0e805cb066f6d8cbb4739db2332f7d0e185619cf979266339628fb9179651ea13fae0299bb1670b4827ac5fa6c4117d56ae25287e8b7a65f5f2a378ffe9e83eb82a135c1afe95da14be830295ccc3c90e91a19729c2597d0c62893676f0b104f9957289357f194f0018e474b024dc8f0ebc89953b1e1ae8ef37e98b44762b16fa0268d2b688ac0405ce41183a7f907f78e5f891f9694b15b9514ae592396989ea6d0e0bf02504bdab5c32123d9221206413d9e", 0xe7}], 0x3, 0x0) 21:46:51 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x645d59c17fb71611, @perf_bp={&(0x7f0000000000), 0x3}, 0x8000, 0x100000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:52 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x100) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000280)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r5) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000540)={{{@in=@initdev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}}}, &(0x7f0000000380)=0xe8) r7 = getgid() r8 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) statx(r8, &(0x7f00000003c0)='./file0\x00', 0x400, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r11, @ANYRES32=r11, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) r12 = getegid() getresgid(&(0x7f00000007c0)=0x0, &(0x7f0000000800), &(0x7f0000000840)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r14, @ANYRES32=r14, @ANYBLOB="10007f000000000020000000000000"], 0x4, 0x0) getgroups(0x4, &(0x7f0000000880)=[0x0, 0xee01, 0x0, r14]) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r15, @ANYRES32=r15, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r16, @ANYRES32=r16, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000008c0)={0x0, 0x0, 0x0}, &(0x7f0000000900)=0xc) getresgid(&(0x7f0000000a00), &(0x7f0000000a40)=0x0, &(0x7f0000000a80)) setxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f0000000940)={{}, {0x1, 0x8}, [{0x2, 0x1, r1}, {0x2, 0xd, r2}, {0x2, 0xe, r3}, {0x2, 0x3, r5}, {0x2, 0x4, r6}], {0x4, 0x1}, [{0x8, 0xf86706cd620686bf, r7}, {0x8, 0x0, r9}, {0x8, 0x4, r10}, {0x8, 0x3, r11}, {0x8, 0x1, r12}, {0x8, 0x0, r13}, {0x8, 0x0, r18}, {0x8, 0xa, r15}, {0x8, 0x0, r16}, {0x8, 0x1, r17}], {0x10, 0x2b997bc10b738ef4}, {0x20, 0x6}}, 0x9c, 0x1) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r19 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r20 = memfd_create(&(0x7f0000000440)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xaf\xd6K\x90E\xe2\x14\xdb\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x8) ftruncate(r20, 0x1000000) sendfile(r19, r20, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r21, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:52 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) ioctl$MON_IOCQ_RING_SIZE(r3, 0x9205) tkill(r0, 0x16) 21:46:52 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xfff, 0x80) r2 = syz_open_procfs(0x0, &(0x7f0000000380)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#\x87[\x82\x89K\xb7\x91PT\xe9\'\xf8 \x9e\x8a@\x10F\x008\xed\x9c\xca\x19D%:\\\xb5\xa6\xa5\x8a\x01\x81\x04Cx\xd6\xb1\xaaw1\x91\xc5\xd6z\xd0\xcb\x89\xc4i\x94Dr\xe8\x13(\xf9\xf7\xd2\xf8\x1c') setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000080)=0x8, 0x8) preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000200)=ANY=[@ANYBLOB="050000000000000001645c07432354698ecc23d32cb602c8f5000040f4000000feff0000090000000000000000000000950c000001000001000000a52300000000000000000000190000000200000001000080010101000000000014dce50907000000030000003f0000000104000000000000000000000500000000080000080000000000000000"]) 21:46:52 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000440)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb93248519bf29331378a5c7f8c67b0e320091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r4, 0xc0505405, &(0x7f0000000000)={{0x2, 0x3, 0x9, 0x0, 0x7}, 0x1ff, 0xd65b, 0x58814182}) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x161301, 0x0) ioctl$KDGETMODE(r5, 0x4b3b, &(0x7f00000001c0)) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:52 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) setrlimit(0x5, &(0x7f0000000080)={0x7, 0x3f}) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x3, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:52 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = openat(r3, &(0x7f0000000000)='./file0\x00', 0x880, 0x4) ioctl$TCSBRKP(r4, 0x5425, 0x7fffffff) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:52 executing program 3: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/nullb0\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000d, 0x12, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r1, 0x6, 0x3, 0x0, &(0x7f0000000040)) 21:46:52 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='setgroups\x00') close(r3) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cachefiles\x00', 0x0, 0x0) close(r4) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r5, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r6, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}}}}, 0x90) write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000000)={0x7, 0x8, 0xfa00, {r6}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f00000000c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000080), r6}}, 0x18) write$RDMA_USER_CM_CMD_CONNECT(r2, &(0x7f0000000440)={0x6, 0x118, 0xfa00, {{0x2, 0x1, "581f7db02606db86ae24a53ec7e5df4d458a4320fbd70b220a52b0097d2f1d622b10fb005bd16991825c1e4f870e807e5f7983bd75fd7cbb3a149253d7d0f5c1c35ef669db2957e9e814bbfdad944163441ad40c13c2de3a987b58932ceccfba8da1c0dd027f5793b744768178a2fda5ff9f5944c5d597c7dc2958a3f52559e66d07a3fd789f40c12555ddd16d357acad7b5b5864785ba5b06b96ba2d56a14f75e4223c5ba920f3d33dfa29e78825973f92be47a72593679608d4a70a390c2e292cbebdfbf46209791c9c4df5184fbc1896a889ff9e7560893e3597583636c375bf5e6ab6815438aaf12bfaf402f3e9d623e19ff8d73d1875a01af8c5f0d5238", 0x1, 0x3f, 0xe0, 0x6, 0x6, 0x2, 0x7}, r6}}, 0x120) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCL_GETSHIFTSTATE(r8, 0x541c, &(0x7f0000000140)={0x6, 0xff}) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(r7, 0x2, &(0x7f0000000080)={{r11, r12+10000000}, {r9, r10+30000000}}, 0x0) r13 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r13, &(0x7f00000017c0), 0x199, 0x0) mknodat(r13, &(0x7f0000000180)='./file0\x00', 0x20, 0x86) r14 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r14, &(0x7f00000017c0), 0x199, 0x0) fcntl$setlease(r14, 0x400, 0x0) 21:46:52 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) sendto$x25(r0, &(0x7f0000000140)="c2d5a6e733f0b13927b920fee38078646b6912644848b857b01e672c103b80fdb25caf5d595827c316c5947611c778ef2ca84040fd60a68b593c129d8780a48131e8c4d721db18443541f88e2f01bd64b0155bdd4eccaa0a0280917041549931dab9d05994dc250109b7a84fda63a9a75908a810f762898d60cbea75349d565cce1b6151a4416899782a5afb983e86479bc7cd4857e17c6c8bd99b3398aef2c27c57632dd767e0dcfcff15f9c9421320d096892591e16ed1f67afbade2d8f88e1c35a42f3224e15818b034", 0xcb, 0x40004, 0x0, 0x0) r1 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r1, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0x80045530, &(0x7f0000000280)=""/65) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r1, r2, 0x0, 0x9546) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x501401, 0x0) 21:46:52 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]}) keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000000300), 0x0, 0x0, 0x0) 21:46:52 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r3, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000080)=0xc) 21:46:52 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc7206439000094d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000440)={0x800, 0x320, 0x400, 0x384, 0x0, 0x9, 0x0, 0x2, {0x2, 0x2}, {0x5, 0x7fff, 0x1}, {0x9, 0x1f}, {0x7, 0x8, 0x1}, 0x1, 0xc0, 0x6, 0x1, 0x1, 0xbf0, 0x5, 0xc3, 0xc8, 0x9, 0xfffffffd, 0x8, 0x29, 0x100, 0x0, 0x9}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0xfffffffffffffef8, 0x0, 0x200008, {{0xb5}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x400000, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:53 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0xa06, 0xe0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r2, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(r2, &(0x7f0000000180)='net/l2cap\x00') setsockopt$inet6_dccp_buf(r3, 0x21, 0x2edb4c470be395dc, &(0x7f00000001c0)="c14c90278bffbf64aad08560e50d215dc5ab08f1010f679e841daa8c8af3341a8f87deb5f6a9f5", 0x27) ioctl$KDDELIO(r0, 0x4b35, 0x5) lsetxattr$smack_xattr_label(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.SMACK64\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="0057db74de59c3af4d1d69f3b8989564321fe40a6f606634a444f966875d5519de939cb040c0e1372438d46d22ca7f63"], 0x1, 0x2) 21:46:53 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000240)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = signalfd(0xffffffffffffffff, 0x0, 0x0) dup2(0xffffffffffffffff, r0) 21:46:53 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) readlinkat(r2, &(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000140)=""/207, 0xcf) 21:46:53 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x80050000}]}) r0 = dup(0xffffffffffffffff) dup(r0) 21:46:53 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) write$P9_ROPEN(r3, &(0x7f0000000080)={0x18, 0x71, 0x2, {{0x45, 0x0, 0x6}, 0xc1}}, 0x18) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:53 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) lsetxattr$trusted_overlay_opaque(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.opaque\x00', &(0x7f0000000100)='y\x00', 0x2, 0x3) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) accept4$unix(r3, &(0x7f0000000200), &(0x7f0000000140)=0x6e, 0x80000) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:53 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, &(0x7f0000000000)=0x5, 0x4) ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000080)=""/24) r2 = open(&(0x7f0000000400)='./file0\x00', 0x2000, 0x90) getpeername$netrom(r2, &(0x7f0000000440)={{0x3, @default}, [@null, @rose, @rose, @rose, @null, @null, @remote, @bcast]}, &(0x7f00000004c0)=0x48) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_QUERY_DV_TIMINGS(r2, 0x80845663, &(0x7f0000000280)={0x0, @reserved}) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f0000000180)={0x0, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e23, @remote}, {0x2, 0x4e21, @local}, 0x8, 0x0, 0x0, 0x0, 0xddbb, &(0x7f0000000140)='ipddp0\x00', 0x1, 0x8, 0x7}) [ 2890.455781] kauditd_printk_skb: 22 callbacks suppressed [ 2890.455790] audit: type=1800 audit(1577137613.839:482): pid=18019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17168 res=0 21:46:54 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r0 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r0, 0x1000000) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) sendfile(r1, r0, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2890.549198] audit: type=1804 audit(1577137613.879:483): pid=18019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1550/file0" dev="sda1" ino=17168 res=1 [ 2890.657944] audit: type=1804 audit(1577137613.879:484): pid=18019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1550/file0" dev="sda1" ino=17168 res=1 21:46:54 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={&(0x7f0000000080)="83294bcf9864b94eed80515cacede281784fd3864eee967bf8b20abca867f42e6ecbe802972eb0e7b4e2531d42609e015b79d9e712dce264a687c183cf8a643ca7dfbb0da99a778ca1bfaff9bacdb757c13b2c7630336c5a5c54b68f87ba01ef4f3160ddc0c622", &(0x7f0000000100)='9 '}}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:54 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, &(0x7f0000000000), &(0x7f0000000080)=0x4) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2890.787433] audit: type=1800 audit(1577137614.119:485): pid=18019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17168 res=0 [ 2890.869635] audit: type=1804 audit(1577137614.119:486): pid=18019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1550/file0" dev="sda1" ino=17168 res=1 [ 2890.941459] audit: type=1804 audit(1577137614.119:487): pid=18019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1550/file0" dev="sda1" ino=17168 res=1 [ 2890.971077] audit: type=1800 audit(1577137614.309:488): pid=18036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16877 res=0 [ 2890.995141] audit: type=1804 audit(1577137614.319:489): pid=18039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1551/file0" dev="sda1" ino=16877 res=1 [ 2890.997807] vivid-004: kernel_thread() failed [ 2891.168856] audit: type=1800 audit(1577137614.549:490): pid=18036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16877 res=0 [ 2891.197047] audit: type=1804 audit(1577137614.559:491): pid=18036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1551/file0" dev="sda1" ino=16877 res=1 21:46:55 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) r0 = perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000080)={{r2}, 0xffffffff80000001, 0x2ec, 0x7}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x4000, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r6) r8 = dup3(r6, r7, 0x0) write$input_event(r8, &(0x7f0000000000)={{0x77359400}}, 0x18) write$P9_RSTAT(r8, &(0x7f0000000240)=ANY=[@ANYBLOB="700000007d0200000069000700050000000100000000040000000000000800000004180000000300000007000000000000000b0028747275737465646c6f40180073797374656d707070302d76626f786e65743170726f63180700697036677265000c002d76626f786e6574312a7d40"], 0x70) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(0xffffffffffffffff, 0x40086424, &(0x7f0000000080)={r9}) ioctl$DRM_IOCTL_RM_CTX(r8, 0xc0086421, &(0x7f00000002c0)={r9, 0x5}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r5, 0x4010641c, &(0x7f0000000180)={r9, &(0x7f0000000300)=""/255}) fcntl$setsig(r3, 0xa, 0x12) recvmmsg(r4, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r10 = dup2(r3, r4) fcntl$setown(r4, 0x8, r1) tkill(r1, 0x16) r11 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r11, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r10, 0xc0205648, &(0x7f0000000040)={0x9a0000, 0x3ff, 0x5, r11, 0x0, &(0x7f0000000000)={0x990964, 0x1, [], @value64=0x7ff}}) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r12, 0x2) 21:46:55 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x5f, 0x6, 0x80000000, 0x6a, 0x1}, r0, 0x3, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) getpid() fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$VHOST_GET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af14, &(0x7f0000000000)={0x7, 0x80000000}) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) recvfrom$llc(r1, &(0x7f0000000440)=""/119, 0x77, 0x40004000, &(0x7f0000000040)={0x1a, 0x20, 0x0, 0x1, 0x0, 0x7, @remote}, 0x10) 21:46:55 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f00000001c0)={'ipddp0\x00', @dev={[], 0x17}}) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x80000, 0x0) perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x70, 0x20, 0x3f, 0x1a, 0x1, 0x0, 0x20, 0x40001, 0x5, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x101, 0xac6568d4ffdb745d, @perf_bp={&(0x7f0000000000), 0xc}, 0x2410, 0x7, 0x800, 0x4, 0x2, 0x1ff, 0x2}, 0xffffffffffffffff, 0x5, r2, 0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) r5 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp1\x00', 0x108401, 0x0) ioctl$SNDCTL_DSP_NONBLOCK(r5, 0x500e, 0x0) fcntl$setsig(r3, 0xa, 0x12) recvmmsg(r4, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r3, r4) fcntl$setown(r4, 0x8, r0) tkill(r0, 0x16) 21:46:55 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 21:46:55 executing program 1: r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000080)={0xd, 0x5, 0x17, 0x6, 0x2, 0x41f, 0x6, 0x3d, 0x1}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r1, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r1, r2, 0x0, 0x9546) 21:46:55 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) utimes(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={{}, {0x0, 0x2710}}) 21:46:55 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpgid(0x0) clock_gettime(0x0, 0x0) mlockall(0x0) write$P9_RAUTH(r0, 0x0, 0xfffffdb7) 21:46:56 executing program 4: r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:56 executing program 3: r0 = gettid() prctl$PR_SET_NAME(0xf, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f00000001c0)) rename(0x0, 0x0) semget(0xffffffffffffffff, 0x0, 0x0) semctl$SETVAL(0x0, 0x0, 0x10, &(0x7f00000000c0)) semctl$GETPID(0x0, 0x2, 0xb, 0x0) stat(0x0, 0x0) setgid(0x0) semctl$IPC_INFO(0x0, 0x0, 0x3, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) ptrace$peek(0xffffffffffffffff, 0x0, 0x0) name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x1000000000016) 21:46:56 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:56 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) ioctl$BINDER_SET_MAX_THREADS(r3, 0x40046205, &(0x7f0000000000)=0xffffffff) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:56 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) tee(r2, r0, 0x0, 0x2) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x4, 0x0, 0x1, 0x3, 0x6, @dev={[], 0x24}}, 0x14) 21:46:56 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000180)=0xc) write$FUSE_CREATE_OPEN(r3, &(0x7f00000001c0)={0xa0, 0xfffffffffffffffe, 0x2, {{0x6, 0x2, 0x1, 0x0, 0x3, 0x98a, {0x3, 0x0, 0x0, 0x2940, 0x3, 0x200000000000007f, 0x0, 0x77, 0x0, 0x0, 0x2, r5, r4, 0x8, 0xffffff4f}}, {0x0, 0x21}}}, 0xa0) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:56 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) creat(&(0x7f0000000000)='./file0\x00', 0x0) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) 21:46:56 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x200, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000000440)={{{@in6=@mcast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@broadcast}}, &(0x7f0000000540)=0xe8) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r7) mount$9p_xen(&(0x7f0000000040)='syz\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x2, &(0x7f0000000580)={'trans=xen,', {[{@afid={'afid', 0x3d, 0x4}}, {@cache_loose='cache=loose'}, {@access_uid={'access', 0x3d, r5}}, {@access_any='access=any'}, {@cache_loose='cache=loose'}, {@fscache='fscache'}, {@cache_fscache='cache=fscache'}, {@uname={'uname'}}, {@aname={'aname', 0x3d, '\xe7#vmnet1\x9b.\',wlan0{|'}}, {@noextend='noextend'}], [{@euid_lt={'euid<', r7}}, {@fsmagic={'fsmagic', 0x3d, 0xf98691c}}]}}) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:56 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) dup2(r1, r1) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:56 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:46:56 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x9, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a50ce01c9f3c86b, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x80284504, 0x0) r1 = gettid() r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f00000001c0)={0x9d0000, 0xff, 0x81, r2, 0x0, &(0x7f0000000180)={0x9909dc, 0x101, [], @string=&(0x7f0000000140)=0x40}}) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8983, &(0x7f0000000200)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r4, 0x5452, &(0x7f00000002c0)=0xece) recvmmsg(r5, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}, 0xfffffffc}], 0x0, 0x0, 0x0) dup2(r4, r5) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x200, 0x0) fcntl$setsig(r6, 0xa, 0x19) fcntl$setown(r5, 0x8, r1) tkill(r1, 0x16) 21:46:56 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x1, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r4, 0x40086414, &(0x7f0000000140)={0x1}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:57 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000000080)={0x0, 0x80000000}) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) setxattr$security_smack_transmute(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x2) sendfile(r1, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:57 executing program 3: add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) r3 = openat$rtc(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f00000018c0)={0x6, &(0x7f0000000300)=""/1, &(0x7f0000001800)=[{0x7, 0x8a, 0x0, &(0x7f0000000340)=""/138}, {0x0, 0x0, 0x0, 0x0}, {0x9, 0x6b, 0x800, &(0x7f0000000480)=""/107}, {0x0, 0x1000, 0x2, &(0x7f0000000640)=""/4096}, {0x0, 0xb4, 0xcd17, &(0x7f0000001640)=""/180}, {0x6, 0xfc, 0x1, &(0x7f0000001700)=""/252}]}) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r4 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) recvfrom(r4, &(0x7f0000000140)=""/163, 0x100000345, 0x0, 0x0, 0x0) sendto$unix(r4, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429) recvfrom(r4, &(0x7f0000003240)=""/4096, 0x100000205, 0x0, 0x0, 0x415) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYPTR64], 0x1}}, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0x40000, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) dup(0xffffffffffffffff) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r6 = dup(r5) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8b28, &(0x7f0000000000)='wlan0\x00') r7 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000080)={0x1}) r8 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) write$FUSE_NOTIFY_POLL(r8, &(0x7f00000002c0)={0x18}, 0x41df82041a8d7d5c) getgroups(0x0, &(0x7f0000000000)) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0x0) 21:46:57 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x5, 0xfd, 0x0, 0x0, 0x0, 0x41c1, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x94a0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, &(0x7f0000000000)=""/45) tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) prctl$PR_MCE_KILL(0x21, 0x1, 0xd911dbd111a88420) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c0f1b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_ENUMINPUT(r4, 0xc050561a, &(0x7f0000000440)={0x9, "1ff04ec4841f3781e83a85a0bf2b27390ef2b45d751db06aa9cb1d3afd6e1074", 0x1, 0x9, 0x4, 0xb700, 0x100, 0x2}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) [ 2893.915366] rtc_cmos 00:00: Alarms can be up to one day in the future 21:46:57 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x20a00, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f00000000c0)={{0x1f, 0x20}, 'port0\x00', 0x0, 0x400, 0x3, 0x1, 0x29b0, 0x0, 0x9, 0x0, 0x0, 0xfd}) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:57 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f0000000140)={0x0, 0xfb, 0xb4, 0x1, 0x3, "473ac377389fc91e5b6f354349bf8c5c", "d82dcd5e20091ee48e80457b51ff4beb7192be350570f12cba48dc800ee096bfb305c00f97a3bd83defba6b3cceb00880341afdd05472525f65b4cb6d753470f7806324c6192336c6848a5bc6f4394c792f9226118ca7725a34d053417b435c9993471d5a6cccb738a42ba1afc8f929df25636b2f96b9826f31d167553ccc3ad33f4b3d6364e6c5cde7cd0a1364a2319546d2eda0055bd8a9c464ec454253c"}, 0xb4, 0x1) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000200)) sendfile(r0, r1, 0x0, 0x9546) getsockopt$inet6_buf(r0, 0x29, 0xbbbe798b3351ea41, &(0x7f0000000400)=""/16, &(0x7f0000000440)=0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) sysfs$2(0x2, 0xeb, &(0x7f0000000380)=""/82) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000200)='SEG6\x00') r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000480)='/dev/full\x00', 0x41400, 0x0) ioctl$UI_END_FF_UPLOAD(r4, 0x406855c9, &(0x7f0000000500)={0xd, 0x5, {0x57, 0x3, 0x5, {0x2, 0x3}, {0x2}, @rumble={0x101, 0x5}}, {0x57, 0x0, 0x7f, {0x0, 0xfc00}, {0x2, 0x3}, @period={0x5b, 0x3, 0x5, 0x0, 0xffff, {0x100, 0x0, 0xfff, 0xac55}, 0x1, &(0x7f00000004c0)=[0x800]}}}) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="8dc3664f860d1050ef726b000000000000fedbdf2502"], 0x1c}}, 0x58800) sendmsg$SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x78, r3, 0x402, 0x70bd27, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @remote}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x3}, @SEG6_ATTR_SECRET={0x14, 0x4, [0xff, 0xfffffffd, 0x7edb, 0x0]}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x3}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x8}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x6}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x62aa73c0}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xfffffffd}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x7fffffff, 0x9]}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000000}, 0x4) 21:46:57 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r3, 0x80045700, &(0x7f0000000080)) 21:46:57 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) socket$pppoe(0x18, 0x1, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400080, 0x0) fsetxattr$trusted_overlay_upper(r4, &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000100)={0x0, 0xfb, 0x38, 0x2, 0x3, "9447a1b417cad1524d1677590b705500", "feafc887d2f7a11b86ca69dff416e6c9053e1978b3969f77e5d505d72289024958905d"}, 0x38, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:57 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0xb8) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={r0, &(0x7f0000000800)="0befaec1d2867ea448880b25bf50c5cd859a37f6e0d9c28d0af9cf0e9dcee78130717351196050d5d212f4dadd1da961d3beb045b559a4ed06149b029a28ef21fb797da0a26ad4b84a2949d5ae752347655d9ea8370e77c64c3cb8bb1f3306238e351101607c36bea35843b9f1a106d03399654b1e1cd8c6852735b874ddb2245889590f7cf62c0d21684a2dc088b86b15f121896474eaa8bfff63f29aa3f228948aa02055e0d03962037b3ff0af5b8a97d25e69ffad911fa71bf0753b022e96aac4f4888c3ca865ab46125c643dc0af0287e266070c8e67c3a8a416bf12c368e89bca94c75a425322c555f66413680a9bad3298afbd487d8e0be07f09e9cd1b97d2756837c99818e0cba0a6d7a605a536d50d7908c3554b3446e8b5fd1d17092f11a6b8556a38218aa83c83019f350a55d3be3e1a626d81ee687acb690ac3fcf1278fe8040e0584cc624bbb3f4325813740da8cd326bcd972f031451f2202e7adb4e3abb987fee9312baf04522d8f8e8bcd557994719711f62ee460bddbb1d97c8b492cd90abe6878ee23eb7ad1934a5b977fe35a2df0f76003593d9edc0da0e28db6d5df91c3e9724a666e4d287749cbc802318e9f50fd172497cfc775635c0a6bc37cd97a379a71dd95985623849a711fe3bd758a0a9a32f2884a3af1b46811d42cd8eaf5703715095906b59daeaab96977b9a974e7c73b0a7788c39be2db3d51aca096c5e8910234987a42feff54b605c0a8e3dbf82341f775cba6983bf1afd052c42a3929315be76fc6285cd0c6ca4a7040fefd8bbda8fc6838487df1ae7c2832ab11fadc675b1ea0c8991d7a6d71cc3e591d3f1e27a7474c8c4ea62f3071e602ad1252ca05617d15f095e5f08881e5abc4857c1508e3003a4dd239afc000ff1e6edae4466924eb09c17d663d85972dd0ff857df8c47d14f0bd136af38fc3d837224e2fe53a20aad908b3c12373fe8035ede356570f262a0585a2534b067edcca63aec45ef3565ade8870ce4596f570b7e298b240bdc2a7960a750947dd24ca2f60b3a1982c037d2049d3f35cc959335e914dd59e303779fbf3aaa7c642355a8acd9979ae49cbb64a68371f2679ae9bbaab4e27e58facf2aad37d7094aa18aa8d4ce58b41a36a5353da0967483e7991375ad0b9a0ecdafffd2fd9ebc5b96295de379a4151ae82fef2cc4cb1888c5caec1e26959786b723b9eaab26738123fe6347622b558fef247ee2432544c66067e5f0a70689dff4b4933130eadef2099289d002fbe9d9fb11f843ced07440494be3d39d0486534d29eb673cc41622fad2615d50e8a02c526c9cf2f0139eb2bcf9e650b490b08582b51eff82bb6a8d128e12cef74e140893bd52f58b331e2d6d3d3565ed445d554223abb9b6422a7c2213f9c90ed561bb8abe59311dc0953a374a4ae8a8da398f8305cbbbe25e0933e570f083e2210be107a9de7491b22f1910b388c186dea77c56e628612dd9b7b30e57117942585c2566d428b01f6020b06cafc6703d6ef267495f39e8ecbbdcf5a12a56a215041f1b6f63306b2cc87967f23d94e87ac82088cb9fa87b6682e8dc5de084e57a852ea7a9f0bb6e0a8b1bbee17ff8e18511bd999f6681395bd6e46fb3758438a43999af8e7bb105b70df73b96a0a689cfeba7b469c1958ccbadeb6c02dc76a4e33adafc1537267509047aed3fbeb8032142db1a90d73551ed631695c11d24b785d14106ad5414285de1c3e2ab6d3a6b26b8ae9238a7623019162f2e2d6f24230421aaef9402bfb3801a1a83feff23f210de51b99cc9ca3a77bcf98177bacc6fcb973ddb9a309656f80485491bf8dfcec957a20e43b8023899c66286f6ed59b3addcbddcd204ceaf6e0223271a09d53b046654284fe034c000a3ee02fd1f95d1ba56e1c29f2b63c71812887298d7136b8f7ee71282ff227b05a92cacbd9aea7e8005acbd4430362bed58ea83b6098b39c7f8de1976d4ade34513d5cd499a54c73a493be44ed4a421dfc05acbf8d6eb31343e48675f8e5ebea473599d54e484103dd4f68fd448fe6a47d426b126feea9d4a8ab1822fdf11c19b7c959eeba3061a2e86c2ba3f1fb97887223976fdb71dcbbe0fa135cb309545032cd3cd85253d4d57009299a430eb21009d56787a1132c1379a84f8098f79fc77a64d1556604c74dab0faa41629ccca4e066fb68b5e1b81007c2cb090a9302902528197c73eb7c71ced5035cba6ad8d7bb7e3dfc43c4336f7fb320ff07dbe84f1988e453b13c2d4107621eed699114280a5ee154d38083ebbe3e674c86ad7461521566de3896af59c9b5feecc5173b42d34c24d50465c614d2771f3a36c915405a51bf8eac782cd82141e44ed9f84bd5365d4326d000a92263ca0754378cd90ddbcc5fbf65f7900355349b7ca8ff98b771ddb4bcaf9ccfed85e6dc21f7cb464fd30b07491abd4652269326b72db3d2c5cb72b871ed4848b3bdc206220c049155f6b81fcec81efb20557bf3fb18c464c430a686a7e2bbefd290eb4fc6b49cda6defbf96944e0b625fc0286aa3f30047300e2838cc40e637db7a5db9b8b4b8bba2d649c30c3a00591524182ca14a4d18e0ac6453d04f199de8fbb8f98dd2de6c6a3aae6113ef85f5768a2ead602b0313e9f1c1c7d445f05e3b2622fbeb890d388ff8a2765d019a7c3c5e9cf70b55eb1df4aaa6a7266c358244d3ea9a3a6ce9a1d7a9fbbb93ab9fa0a4e0af453f8721c0f6628cc3602b0029733e64c6e25225f95613168d151f2e1b4e917ff4f90a74fd5a3562f5ed309cb087f1c65cca6ecfaff24a3ba98d6b5785d04851ba1f255a8a1bdd7b4668e2ce5ac5df082a94020ce724022746511739bcec467c06f46c4e228e5aa378ac3c7b313f05dbf0ece003aeabf9c97cd4ef24becc21f8e993569b4058af5ad20583f8e00a0bd84b6795101afefa6816f2fca2882048a601aab44c402dc66db99e7e17bc39103874e0aa9e9d4bade93da62323ee0ef125533d9b85ee7640a13502271b996e1fdaaf4557caca8e4ec2172dd80d3e0a4bd1645e8855b218f6f30b2b3eb9aa84ff2aa5029e587c421dc4221a11e8a65019d64654a445c15c56e7f8ff57de0e1f5700af4c1b6f70d97e47e0749d584130d55d512f73674e03b4f46b6095a219da8df9cc7aa77ed550709c412e83dff5793cf0b222e2a912823e6f11adf3326c5748688bf0e93b9ae46d9d09f3e00ea77c07c357038c4de21e81464d1752c05c20b64dd13e80455cfd5aba62dda4cc7f8673a05899eb78ba2089ae852c71bf1244b2fd1ae05f9cea1463b7a4ecc3c94a079d3290781b67d5e571b2da043b445546e34fc90daf45a137e6e53b81bc7a3711b504338ca40f63cdf13390206112f57ef940ec07d976f2de35d636830e897b5997897da3469efbd9b6868e571410e8b8670489181643f88862b900452c97cfcf9d2bccf050b63828a771947233afd1a2091364193211affb0bb7fbe7854d55994e0460db4f2f59619b461c2565fb946853d149da3dacf746a62a526cfb12df787785042266c47380f717c2ad630623c863d72a1f0b8381bb7efa02bc4c93d64c078da81212a932fd7130fd35f40982e5e0cda6aa2986a3f6350e5b6d456e0feea0ab47dbb27ea0925f50a893795454704dd06ac7689b6a055c333cf183f68f5a956d1d403be9b8c890aa1f86ba1d8f2910c7c69285038bd80db704f13ef7309bc3e943365bd1d4fcdb5f9178fceeb93ceca5f0139053bb5d976d087f4420df1777e2d342a31acfa23907dcba7cee948632e2f112b3609df542cd798afa9c30315f68af3e655771bef51b577f5de9d1df07120b768eed02e512e417b89522bdc2c75c51009f2187ef9d40ba22031ebb7573fd4ab8a61abda723b274f432a305df3ab72fd230efc5ed3ab2569026a696dea31d88a37ae20790451931d4960a573d9faa2bcf64cce0d8a377fa5a9b5bb32d4cb6dac3828283b04551a59a8e363a574331fd1a11778a58eba06ff0105f499de86c26ef5a88ce112ea17e2b726fce916100f24d717b1ea9756de02f23ef4ed8c3215d067bd5ce25659a9dff95619a96ed67cb52e067210d1e5bcf56b29b18e7e99428c37bb8cf2fb73d3d35457c752ddc453edc8b4a74440b1d997a3e5764921592c332de8d2e3259ddf49f83c6f632b8c25b0c7a89460ea81dd2b4cf4fe3138028765f83068f58a3319c13f994fa86e43b9fb085f2bbf319a20479cb8ba1b702b3632b7692ffbdc6d3c3c8ac7e7752fff1a09057a1f4742eb20a88041b5c6de4c3d04615287728a63bf88327f576340a6f0dd85ab20bae01da8b658467ac605103c45ee014c8eb909e5f7fa7f1f40132ad912af2dbe41ff761760a95229e8d288d0c3ac608be31823d0d6b03f0d7c022ed8e8cb3cd09c528f14fe232963731688c1ffed0f2369ca4772a2dc3f93b55656b346fb0add33f5663cf920917477a639312f4d9845d571c79c915c5c28ab893306fda411c4a2f7f5fd1b78a99ecc2fd470ca777f650d077470e1d71ceb2faff33d3fe1c9655bfdd7964afbd13f006fa7f55e00f066154c6ac0f10ac00eba7fdc35ed23158036ab734a99902b2d1e72bd54e2f04404f53612222499aaaa3199ad6f60746453539c5a38d3fb64105a934f00354f1f4963741a73d0425354dbcd69401359d87e66d43feba556cf8d57e4616e59cc65c981d9319922188412974bca303637f6804652b4ac1629e626667ff7c653745af8308d16b55a9ae9b02d845585f3c298cf5f9e3d9cd33129acf7bdeaa90086fbb5e4edf59c5e5ec89d4d6dc935b84cbb1cbda149ed1c5897727880c402eb6f2345e1890fbfd5dc8436f8bac61ad236c63dc48f78b6ad9740e5f7224b91fca63102d79d0fe8b4426582a4ec2ef957d2295a0c53e5877310dbfa6751b5d394fd4ebbcbb597b78fa1057a9dd6dc5d13548311380af9503c1acc4e8d43b2587da8a0087baa8f46aee1577dfae2c6ab1da7a78855a70fb9d60a0ff3db9ab5d09d49475788e16b9421106ac73be6c90fc7ddd37023e54145c0c540949cde44cf4853c2ddf899ee012b3ea667ebab9e5c76a8e824fb1bf97935dad29f92c2820ce7af57f25ca39ef126ee116b46658a00dbdd93a23b1badcf45ac50a08e79c159e7564a1b49c34db5cf52988ced9eaec83eabb7a6960286bbf494d99ea25daa0f23c98939c5b78731e78b77d7859359d6a2191d75356790706938067d19818b89b742b2a945f8605f76dc94ccf825fb346d3986cd6566a20e0bddb5e8a93dae2ee656f5932443d68863b2a48140ce04fcceafca72a121e280d821258d20d707fb9abbaa6882ffa78abc884367c7b05ab00c9f7d430071979abf488023adcf6381129d0ca49fda27e180e2f53f93cec7e5c266bea3456087b690025f6b36e3dc2700c843f8bc8eb6325080d3fb04691431e26de3f9797bd487a1465bb4daa8f0814cbabddd5b1d4e1e12d08504293031e2714c02ab8eb6dc62fc9afe6c0e9565cf4feb170716559f8e01a9013c6de7b9e4a3cfc4a0ef79bee30c9edff0614efcf8849465397fc7abb8d478b770da6c8de0471a49cf9c8a53ad6bddb1ee578d69bd5afd115df25c2cfb1b42f823f16f078f5c500212378385339090798c7ad2df0bcb58ff7bbb5b03005cd47af3567273566ba173b3347e30f2e0fb251d1214c0f05bf1e5bc0ba0d1c86d5c682e47e6e1ea3250e96ef80bb645220d6e4a8a134257563d9254d0005a5bed24db350fccc8bb534bf709087551aaf26ced5c8149a26cd311127a58dd181757a", &(0x7f0000000140)=""/212}, 0x20) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2894.709702] rtc_cmos 00:00: Alarms can be up to one day in the future 21:46:59 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x2202c2, 0x557144b9d2c7606e) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000140)={0x0, {0x2, 0x4e23, @remote}, {0x2, 0x4e22, @rand_addr=0x5}, {0x2, 0x4e23, @rand_addr=0x8}, 0x50, 0x0, 0x0, 0x0, 0x81, &(0x7f0000000000)='gre0\x00', 0x9ecc, 0xab0}) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xfbb, 0x81, 0x0, 0x0, 0x14, 0x10, "30979672b239c213af063c971afd370a92cf50a3f57586b2d21b6da56608557bf90ed0af7bb820e6629930d7462bdfbbf1258df2b5cef0dc55da6fe3e2a96466", "3b3ac4b5de0387d22bdc44a0edbab25fc6c7b9b40ab6aa074a7019976ce2157d576d13b9381cbf93c62260b2266ab3598d2ddbc3c58072d52682f66c4d335ea6", "4b0db1fd2c2991e2efea5f5e11c27c9a2a9fbe1274d31f72ee4a9602c6007492", [0x9, 0x6]}) ioctl$IMCLEAR_L2(r0, 0x80044946, &(0x7f0000000080)=0x4) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) sendfile(0xffffffffffffffff, r1, 0x0, 0x9546) 21:46:59 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = dup3(r4, 0xffffffffffffffff, 0x80000) write$vhci(r5, &(0x7f0000000080)=@HCI_EVENT_PKT={0x4, "d91f2e075e1b660578710591c97d1c8893393f84c2edfb8ea815a2d3bed9225b076f61968780654316c7eaddfa6fbdad24e249124077d0b62947afead261bfa109d8d1da8573dedc51d2ba735f2f2a6aada1bbe6a8d1074309b9408023bf657429875ab8cd2bc5d9dc771727958a0ce429676eb65ea76f893853040101de090728af50d3923b011b34e429cb0195855f13d6e48fcb6118a3eda86112388d0f60abecbd5eadeb393724e1dd373aaf1b7bba74d8e3b70bf71dd506833e09f85f0025cdc505248d154de5500a872e08a46726aecd712339cf59cf2cfa94d1ac28a53122a0565c8e17900e13f45e423686092053cdc2c704d1771672647e06"}, 0xfe) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:46:59 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x2c7, 0x0, 0xfdb7, 0x0, 0xfffffffffffffde4}, 0x4}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:59 executing program 3: add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) r3 = openat$rtc(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f00000018c0)={0x6, &(0x7f0000000300)=""/1, &(0x7f0000001800)=[{0x7, 0x8a, 0x0, &(0x7f0000000340)=""/138}, {0x0, 0x0, 0x0, 0x0}, {0x9, 0x6b, 0x800, &(0x7f0000000480)=""/107}, {0x0, 0x1000, 0x2, &(0x7f0000000640)=""/4096}, {0x0, 0xb4, 0xcd17, &(0x7f0000001640)=""/180}, {0x6, 0xfc, 0x1, &(0x7f0000001700)=""/252}]}) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r4 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) recvfrom(r4, &(0x7f0000000140)=""/163, 0x100000345, 0x0, 0x0, 0x0) sendto$unix(r4, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429) recvfrom(r4, &(0x7f0000003240)=""/4096, 0x100000205, 0x0, 0x0, 0x415) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYPTR64], 0x1}}, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0x40000, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) dup(0xffffffffffffffff) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r6 = dup(r5) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8b28, &(0x7f0000000000)='wlan0\x00') r7 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000080)={0x1}) r8 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) write$FUSE_NOTIFY_POLL(r8, &(0x7f00000002c0)={0x18}, 0x41df82041a8d7d5c) getgroups(0x0, &(0x7f0000000000)) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0x0) 21:46:59 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xece) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) accept4$llc(r3, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000040)=0x10, 0x6ae3f55cbafcb5ae) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) sendto$rose(r3, &(0x7f0000000080)="9d537d2f4524f67c8f2fcc935975a6deda1af417b756896b0ef9b81a706801ca77e9cd7ee845c55a958c5bae08c762952dbb0319f861499abc2d", 0x3a, 0x804, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x4, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @bcast, @null]}, 0x40) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:46:59 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r0 = getpid() tkill(r0, 0x9) r1 = open(0x0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000380)=ANY=[@ANYBLOB="050b000000000000000000000000ff37f7eb932485190091cd881e082f3dd3e25febe01bdd801cfc22fb9fc72048c6a54a94d8765630647a74e6d0b588276169dc738bf2030df195147e0f91476b50bb181fb01eff3f777014e46d73814b60ab2157999696d2c6650c406da8afafb95841c009173ff0348091396c548c081b890fcf"]) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cgr.\xa0\x00S\xe6\x83\x13\x95\x8dZ\xeeO0\xdb1\xfe\xc5\\p\x06\x00\x00\x00nts\x00N\xbd\xdf6\x0eHD2\x19\xe0\x11\xa8\xab\xf0\x95a\xfb}\xf5J\x81\x91\xc3\xeb\x06R3`<\x86i\xd6\xb9=i^\xe0\xda-\xd1A!\x94q\x18\xac(\x92\xbd\x9bc\xf9\xf9\xca\t\xdfP\x90\x89\xd73\x15\xcc\xc7\xe7\xf6z&\x8c\xedl\x8c\x90\x80m\x00\b\x05$UB\v\xbc\x06\xdf\xca\t\x9e gS\xe5\xf7b:\x91\xe3\xd9v\f?Xs\xab\xe1\xde\xc1\xa7\xb6\x9b|8\xec}\xd5\x0f\xbf\xda\x9e\x928):!\xf7\x82\xe1@1\xad&\x135+\xa6\xa5_p\xcc\xd2J\xa7\x9f\xe4\xaa\xfb\xd5\x91\x17\x06&K\xbb\xc0,\x85_\xb4\x90}\xebx\xdf\xf8$B)\xcdp\\:S\v\xf3\t9\xd5\x1f\xe1Gx9\xcd-p7\xd7\x1f\x8az\x1e\x99\xb8Z_g}\x8dts<; \xdd\xdf\xc3\v\xea\x846\xf2\xde\xf7\xc3\xca\xf7\xbb\ba+\xb3\xb9]\xcdp\v\x01\\\x1f\xb4\xb7\xe4\xe3\xa8\x04\xd2y\xe3\xb4 \xb7\x00\b\x00\x00n\xef\xc79\x03\x00'/298, 0x275a, 0x0) r3 = openat$nvram(0xffffffffffffff9c, 0x0, 0x20, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x7c0, 0x2}, 0x1000, 0x9, 0x1, 0x6, 0x80000000, 0x5, 0x1}, r0, 0x2, r3, 0xa) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000140)={0x3}) r4 = gettid() ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r4, 0x10, &(0x7f0000000000)={0x9}) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, 0x3, {{0x20}}}, 0x28) dup3(r1, r2, 0x0) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x569000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$TIOCL_SETVESABLANK(r2, 0x541c, &(0x7f0000000180)) 21:46:59 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000000)=0xff, 0x4) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:46:59 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000080)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\"(2,\x8c\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00C\x84\xd4\xf6\x02\'F\x14\xb0b\v\x93\x8b\xaa\xfc,\x96h\xde!\xcc5\xb1?S\xa7m]\xd66\xdc\x1d$\xd2\x01\xb1\xd4\xca\xfe\xe2\x84\x12\x88\x9bX\x18@\xd8~\xcf\x153\xae\xc5<\xd6\xbd\\\'^X@', 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2896.318711] kauditd_printk_skb: 20 callbacks suppressed [ 2896.318720] audit: type=1800 audit(1577137619.699:512): pid=18187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17448 res=0 [ 2896.333192] rtc_cmos 00:00: Alarms can be up to one day in the future [ 2896.411915] vivid-004: kernel_thread() failed 21:46:59 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vga_arbiter\x00', 0x40, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000001500)={@loopback, 0x0}, &(0x7f0000001540)=0x14) recvfrom$packet(r2, &(0x7f0000001440)=""/175, 0xaf, 0x40000000, &(0x7f0000001580)={0x11, 0x1a, r3}, 0x14) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2896.439361] audit: type=1804 audit(1577137619.739:513): pid=18187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1558/file0" dev="sda1" ino=17448 res=1 21:46:59 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = socket$inet6(0xa, 0x803, 0x4) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000000), 0x4) socket$inet(0xa, 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0445611, &(0x7f0000000480)={0x4, 0x0, 0x4, 0x70000, 0x3, {}, {0x6, 0x0, 0x0, 0x0, 0x2, 0x0, "9957c135"}, 0xb3, 0x3, @userptr, 0xffffffff}) 21:47:00 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x80000, 0x0) ioctl$KDFONTOP_SET_DEF(r3, 0x4b72, &(0x7f0000000040)={0x2, 0x1, 0x1b, 0x3, 0x1ee, &(0x7f0000000300)="a0a6cd111bf8c79be14bc17080c7dd9ec0eac56b2110b0f15fec6f0e72bde3b16bb86e71399a0d1096849d5a94b8cc2aea4ed6454d19a5ed2621b5fb14ff8cf43ddbfac08bba55b7c9ba79e1f751dc712145e4281ed2c715079c0ea366bfe4e14df0959448f1334877640e28c55576d5630453f433fcf70defcac83c95a8c6dfeade4530324022fa77d32a0b87c06dcc7f00617a349174425d59f1f0dc68f5d2a29afdcf2ee945a8c7c464c54d9703e9aedde23161ba1a6bd3accab962d93c948b9d0c0407fc5bd276fc05263d7ae918b16598443e5397da9fce57a0c3c3b6bfddb117b44cad0619a323527d2613bd6a8d0c2e37d1d96caf4a82a30454590cbd2ce06226273d3bfbbfbb3049b3ba274bacac6d6d76a593b830f78d72143030063bdd65b6e03fbf0ed04b64c7b3408f6357b4c39bca02098fa363062976500011b7fb09b3f09554866a0c968854430db20a49f7a8213202acb66a2b55c78c7158fb9686ec0eb8f713566e409932a0524c19033a95a437ae7274cf1c656a261354733850b1537d8d909964dacf052a3ccf084c1651feb002d61f80460abc4763825d83511453d1561adb7ecc62ed04c5c32b597015c4af2da9abc4fd1ad8419e78234c316061a7de11e862dc974cbc4fe27365b7011cbf53e43e85f6bd40ade2eae2284f66c326985d35345bb34fcc8b19550a6d1ace450e50b46051f569447f1f4acc42d260e501a5cbb7c5df1991663295c652031fb2731b95cb4aa9a987249c6b42c1d538a99784369e643096be112b864997132f8549ea65324356e36eefab7de83f0ff8b72f3dbbfb015654eab8c25dac0542d08461fe65974a09ef6353ae58d75b12a0e9cde3f877daac1ca52b3143c001a7fcbeaa5700c67cb3561551be058774732fb24745f61129b11e3651fea34a7d9dcbf96bb4b14f5feece911f7aaa020da10c5368cb9198623d5c99b984c841ac70e71ae65eb7ea223322d1e612b3c0edb907f8f8a50ebaecc26f4f17027c7740645d59b4cedbb09f7140139b3ac1b996ea413fb9cab868907d7dae7962eb44a283f73868f6b72625381c449e2eb353d99b0413eed61418259e8c6d2e2efc2cfea48c7a51d551957127b85626f1cfa1ca59007a85e9179af18724929fd5010387ff28d08336538e3f27f44d7defdd9dfee4c0369eed0eb8b06a6aa1d87db7ac1f10e865677ac05e0056af60a8e5a2bfd22c7f0c8020ba96e1fdc316aeff5ac644d2b834a1fedb86eaeedc4dab670ea877e2e7bccd7aa2658d30f4e578a973c9223e753941eba8fd3ba0011e4809f9adfd6e331f7fd5c048d7b432dc4429c4a1ab2ed30e001f36bced29cacdf1b51b4e2eba29df2e3cccf88354d3751eff16ed5592f1b56b6c742b1f56e983a48b3acd2994e1ebe94e32b67fa49c7de3a486d70b959a4415d84bfe734cc5e130d6"}) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2896.596190] audit: type=1800 audit(1577137619.979:514): pid=18187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17448 res=0 21:47:00 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) renameat(r2, &(0x7f0000000000)='./file0\x00', r3, &(0x7f0000000080)='./file0\x00') r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$TUNSETSNDBUF(r5, 0x400454d4, &(0x7f0000000280)=0xa39) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2896.652689] audit: type=1804 audit(1577137620.009:515): pid=18187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1558/file0" dev="sda1" ino=17448 res=1 21:47:00 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev.vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SIOCGETLINKNAME(r3, 0x89e0, &(0x7f0000000100)={0x2, 0x1}) clock_gettime(0x0, &(0x7f0000000080)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {r5, r6+10000000}}, 0x0) [ 2896.739739] audit: type=1800 audit(1577137620.119:516): pid=18222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17438 res=0 21:47:00 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000000)) [ 2896.776021] audit: type=1804 audit(1577137620.119:517): pid=18222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1559/file0" dev="sda1" ino=17438 res=1 [ 2896.947170] audit: type=1800 audit(1577137620.329:518): pid=18222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17435 res=0 [ 2896.970565] audit: type=1804 audit(1577137620.329:519): pid=18222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1559/file0" dev="sda1" ino=17435 res=1 21:47:02 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff}, 0x0, 0xfffffffffffffffc, 0x0, 0x53b078cc03a43024}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:02 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r0, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:02 executing program 5: r0 = open(&(0x7f0000000000)='./bus\x00', 0x1fe, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000600)=ANY=[@ANYRES64, @ANYRES16=r0, @ANYRESDEC=0x0], 0x1e) r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) sendfile(r0, r0, &(0x7f00000001c0)=0x1, 0x8080fffffffe) r2 = socket(0x2, 0x803, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r3 = dup(r2) r4 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x8000fffffffe) 21:47:02 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x8000, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000000)=""/27) r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$P9_RMKDIR(r0, &(0x7f0000000140)={0x14, 0x49, 0x2, {0xe2, 0x4, 0x8}}, 0x14) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) setsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f00000003c0)=0x20, 0x1) setsockopt$inet_group_source_req(r1, 0x0, 0x0, &(0x7f0000000280)={0x9, {{0x2, 0x4e22, @remote}}, {{0x2, 0x4e24, @loopback}}}, 0x108) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = dup2(r4, 0xffffffffffffffff) ioctl$IOC_PR_REGISTER(r5, 0x401870c8, &(0x7f0000000080)={0xfff, 0x6}) unlink(&(0x7f0000000040)='./file0\x00') arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000440)) r6 = add_key(&(0x7f0000000180)='syzkaller\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f00000003c0), 0x0, 0xfffffffffffffff8) keyctl$restrict_keyring(0x1d, r6, &(0x7f0000000400)='syzkaller\x00', 0x0) sendfile(r0, r2, 0x0, 0x9546) 21:47:02 executing program 3: add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) r3 = openat$rtc(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f00000018c0)={0x6, &(0x7f0000000300)=""/1, &(0x7f0000001800)=[{0x7, 0x8a, 0x0, &(0x7f0000000340)=""/138}, {0x0, 0x0, 0x0, 0x0}, {0x9, 0x6b, 0x800, &(0x7f0000000480)=""/107}, {0x0, 0x1000, 0x2, &(0x7f0000000640)=""/4096}, {0x0, 0xb4, 0xcd17, &(0x7f0000001640)=""/180}, {0x6, 0xfc, 0x1, &(0x7f0000001700)=""/252}]}) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r4 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) recvfrom(r4, &(0x7f0000000140)=""/163, 0x100000345, 0x0, 0x0, 0x0) sendto$unix(r4, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429) recvfrom(r4, &(0x7f0000003240)=""/4096, 0x100000205, 0x0, 0x0, 0x415) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYPTR64], 0x1}}, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0x40000, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) dup(0xffffffffffffffff) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r6 = dup(r5) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8b28, &(0x7f0000000000)='wlan0\x00') r7 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000080)={0x1}) r8 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) write$FUSE_NOTIFY_POLL(r8, &(0x7f00000002c0)={0x18}, 0x41df82041a8d7d5c) getgroups(0x0, &(0x7f0000000000)) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0x0) 21:47:02 executing program 1: ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(0xffffffffffffffff, 0x4008af23, &(0x7f0000000080)={0x3, 0xffffffff}) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, &(0x7f0000000000)) 21:47:02 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) fgetxattr(r0, &(0x7f0000000100)=@known='trusted.syz\x00', &(0x7f0000000280)=""/127, 0x7f) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = dup2(0xffffffffffffffff, r2) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r3, 0xc0505350, &(0x7f0000000080)={{0x0, 0x81}, {0x20, 0x40}, 0x81, 0x2, 0x3f}) r4 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r4, 0x1000000) sendfile(r1, r4, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r5, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2899.403997] rtc_cmos 00:00: Alarms can be up to one day in the future [ 2899.461021] audit: type=1804 audit(1577137622.849:521): pid=18256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir998460285/syzkaller.zklgbe/393/bus" dev="sda1" ino=17449 res=1 21:47:02 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r0, 0x1000000) sendfile(0xffffffffffffffff, r0, 0x0, 0xeefffdef) ioctl$VT_SETMODE(0xffffffffffffffff, 0x5602, &(0x7f0000000080)={0x5, 0x3, 0x2, 0xb22}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2899.607971] audit: type=1800 audit(1577137622.849:520): pid=18255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17715 res=0 21:47:03 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:03 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x2, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x2, &(0x7f0000000080)={0x0, 0x18, 0x0, @thr={&(0x7f0000000500)="005a6d6e85251e72ff0d8f9840035302b668d66cf16cc218b57d59bb0ef1205a772da07c9ac7032058dd8c824bf9f838a2ba44fec1b9f49791fcc49e7a6ea7cc24fe09d480e0d783565fa250bc28221ffe9fa81bb87ccd0161c952e3b53a728c7dae7977261e62cf02a591a224b6eace32b0c3cf07665629c736ec4c7fae2430205466a1f2ec661c937336f63b6ab5966c5a3ce96af422932fd0c5963626eaf82ff54075cdb362c4cdee184fac26feaf232effe4e08c9230569f230c1da246a50c6cbea52e36ed3f423e7aa7148250ad98f5c4bcb4c617bbf7d7b19f0f2a30a96dd4bbad694f31ab9127e7dac6b0b3d51bc371b3438efddc9987fae595022a95a80e89ca735bdfde455442a6080b5f044cca1cb085417ef15e3f7efe9d263a79d800eef33e0708bda2a4e88a738b0d3f011ef01283c70f072bfbdd724adf8c488a8442031ad02ebcfb0b279276a42da72e29b7abf6729ad49c38ea8242a5ff0e47e41c064424992ae1d70b2bc8414b22445e0c75f40c76f934c0b28a32d2d7e9d7b6db0777175d154687ecbc3904", &(0x7f0000000440)="578a019dd10fd03a5e2e377cdc941b86692eabdd7dd2e823a1f8d20590c4c55e260803444d11c49033dbaead902af113779e69c2014a224872e035698aa2c1b0c12b1a415e0fe0bd993432c47d9e05bc97533d511b353442100a11262c2dafd59c847ac0cf0a5fb58d28b6e411448a5dcbff71bea440f522c998c1d95f1a1defa64ae62da10461cc2ce910eb3df2ebcebd86ec1d5c8c41b21d5d62fe18fdf09e961e796c6db8471c3c63bd0975f97e4053c8112c8d817048"}}, &(0x7f00000000c0)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:03 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x44, r4, 0x531, 0x0, 0x0, {0x9}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syzkaller1\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}]}]}, 0x44}}, 0x0) sendmsg$IPVS_CMD_SET_DEST(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)={0xac, r4, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x30, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@empty}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x10000}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x16}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1f}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xfffffff8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x20}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3ff}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x11}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2b}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x100}]}, 0xac}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000080)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0) recvfrom$rose(r5, &(0x7f0000000800)=""/4096, 0x1000, 0x20, &(0x7f0000000000)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x28, &(0x7f0000000440)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000004c0)={r6, 0x800, 0x10}, 0xc) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r7, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f0000000280)=ANY=[@ANYBLOB="040000001b339c08cbe30d3bd76bc7e84207f99d33d700613b0000001f69370d729342754c59f024b48dadec81fdba090000b447bdb650d6ae24fd3f6181ad0afa9d0dcb74beda1462b9d42709f9c104161e327b73a0277065f8054d3b7ebbbef65737ecbb46940c4181d10d30e31fb6b69d98bed64690744bd71467b15ff40fd2b891c2c58c496e204af793329233844fe3f16f021dc3f86b9479b57503294f5396efb50a6dd9ce3f87d9337dc86e03dc0f12f8e12cdcd901b2e36f10cbfcbc5db443cc3f22317357a39e4cc1909674e25915b64d30b4d5eb885d29344829606aaeff43bc1c4029d73a", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000140)=0x14) 21:47:03 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8983, &(0x7f0000000080)) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2899.858280] IPVS: Unknown mcast interface: syzkaller1 [ 2900.061250] IPVS: Unknown mcast interface: syzkaller1 21:47:05 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) tkill(r0, 0x16) 21:47:05 executing program 0: syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x1000, 0x80) prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:05 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) timer_delete(0x0) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:05 executing program 3: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x4, @dev={[], 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000000140)) sendmmsg(r0, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000600)="cb", 0x1}], 0x1}}], 0x1cb, 0x0) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(0xffffffffffffffff) 21:47:05 executing program 5: futex(&(0x7f000000cffc), 0x3, 0x0, 0x0, &(0x7f0000000040), 0x0) 21:47:05 executing program 5: poll(&(0x7f0000000080), 0x1, 0x8000000000049) r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvfrom$inet(r0, 0x0, 0xc83df61c, 0x0, 0x0, 0x800e0086e) recvmsg(r0, &(0x7f0000001440)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000000040)=""/119, 0x77}, {0x0}, {0x0}], 0x3}, 0x0) shutdown(r0, 0x0) [ 2902.427019] kauditd_printk_skb: 9 callbacks suppressed [ 2902.427027] audit: type=1800 audit(1577137625.809:531): pid=18294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17727 res=0 21:47:05 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@ipv6_newaddr={0x34, 0x14, 0x609, 0x0, 0x0, {}, [@IFA_FLAGS={0x8, 0x9}, @IFA_ADDRESS={0x14, 0x1, @mcast1}]}, 0x34}}, 0x0) 21:47:05 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) r1 = dup2(r0, 0xffffffffffffffff) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x5, 0x0, 0x1}, 0x0, 0x0, r1, 0x0) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r3, 0xa, 0x12) recvmmsg(r4, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r3, r4) fcntl$setown(r4, 0x8, r2) tkill(r2, 0x16) [ 2902.529737] audit: type=1804 audit(1577137625.809:532): pid=18294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1563/file0" dev="sda1" ino=17727 res=1 21:47:06 executing program 3: add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9) request_key(0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001900)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) r4 = dup3(r2, r3, 0x80000) ioctl$DRM_IOCTL_MAP_BUFS(r4, 0xc0186419, &(0x7f00000018c0)={0x7, &(0x7f0000000300)=""/1, &(0x7f0000001800)=[{0x7, 0x8a, 0x0, &(0x7f0000000340)=""/138}, {0x6, 0x74, 0x5, &(0x7f0000000400)=""/116}, {0x1, 0xe6, 0x7, &(0x7f0000000540)=""/230}, {0x9, 0x6b, 0x800, &(0x7f0000000480)=""/107}, {0x80, 0x1000, 0x2, &(0x7f0000000640)=""/4096}, {0x0, 0xb4, 0xcd17, &(0x7f0000001640)=""/180}, {0x6, 0xfc, 0x1, &(0x7f0000001700)=""/252}]}) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r5 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) recvfrom(r5, &(0x7f0000000140)=""/163, 0x100000345, 0x0, 0x0, 0x0) sendto$unix(r5, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429) recvfrom(r5, &(0x7f0000003240)=""/4096, 0x100000205, 0x0, 0x0, 0x415) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sendmsg$IPVS_CMD_SET_SERVICE(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYPTR64], 0x1}}, 0x0) openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8b28, &(0x7f0000000000)='wlan0\x00') r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r8 = dup(r7) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8b28, &(0x7f0000000000)='wlan0\x00') r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r9, 0x4028700f, 0x0) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) write$FUSE_NOTIFY_POLL(0xffffffffffffffff, 0x0, 0x0) keyctl$get_persistent(0x16, 0x0, 0x0) getgroups(0x0, &(0x7f0000000000)) r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r11 = dup(r10) ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x8b28, &(0x7f0000000000)='wlan0\x00') ioctl$PERF_EVENT_IOC_DISABLE(r11, 0x2401, 0x2) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0x0) [ 2902.661599] audit: type=1800 audit(1577137626.049:533): pid=18294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17727 res=0 [ 2902.695929] rtc_cmos 00:00: Alarms can be up to one day in the future 21:47:06 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000180)={0x9b0000, 0x7, 0x3, r2, 0x0, &(0x7f0000000140)={0x990968, 0x80000000, [], @p_u8=&(0x7f0000000080)=0x20}}) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) setsockopt$inet6_int(r4, 0x29, 0x12, &(0x7f0000000280)=0x3f, 0x4) ioctl$SG_EMULATED_HOST(r3, 0x2203, &(0x7f00000001c0)) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r7, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000340)={0x1, 0x7, 0x4, 0x41020000, 0x401, {0x77359400}, {0x4, 0x6, 0x8, 0xff, 0x8, 0x5, "63e80105"}, 0xcc1, 0x1, @planes=&(0x7f0000000300)={0xfffffffb, 0x8c1f, @fd=r7, 0x8000}, 0x10000}) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) write$P9_RUNLINKAT(r2, &(0x7f00000002c0)={0xfb, 0x4d, 0x2042}, 0x9dbd3307409f952b) r9 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x14002, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r9, 0xc040564b, &(0x7f00000003c0)={0x4, 0x0, 0x8, 0xcad, 0x400, {0xfff}}) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x8002000095ca) [ 2902.700218] audit: type=1804 audit(1577137626.049:534): pid=18294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1563/file0" dev="sda1" ino=17727 res=1 21:47:06 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r3, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$DRM_IOCTL_AGP_ACQUIRE(r3, 0x6430) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000140)=0xfffffffa) tkill(r0, 0x16) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000180)=""/23, 0x17}, {&(0x7f0000000300)=""/167, 0xffffffffffffffa8}, {&(0x7f00000001c0)=""/19, 0x13}, {&(0x7f00000003c0)=""/4096, 0x1000}], 0x4, 0x0) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x6400, 0x0) dup3(r4, r6, 0x80000) [ 2902.768204] audit: type=1800 audit(1577137626.149:535): pid=18324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17727 res=0 [ 2902.799581] audit: type=1804 audit(1577137626.149:536): pid=18324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1564/file0" dev="sda1" ino=17727 res=1 21:47:06 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x2, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x80400, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r3, 0x4010ae74, &(0x7f0000000140)={0x7fffffff, 0x3ff, 0x401}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x66597f0dbe521c8c, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 2903.491501] rtc_cmos 00:00: Alarms can be up to one day in the future [ 2903.571512] audit: type=1800 audit(1577137626.959:537): pid=18336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16770 res=0 [ 2903.594937] audit: type=1804 audit(1577137626.959:538): pid=18336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1564/file0" dev="sda1" ino=16770 res=1 21:47:08 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) fcntl$setown(r2, 0x8, r0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDCTL_DSP_SETDUPLEX(r3, 0x5016, 0x0) tkill(r0, 0x16) ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000000)={0x7, 0x6}) 21:47:08 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) linkat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', r0, &(0x7f00000002c0)='./file0\x00', 0x400) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000140)=ANY=[@ANYRES32=r2, @ANYBLOB="b2000000a5d0b4fc83514166c823b52b9bc07e085ab871ab23d480e0167502abf9b946ba0745420ff8d94729da85ef1881faf8ac0e5846636ab4b1ed0cffffffff00000000631af013eac450ab5173d5de0f82459a0db9ebdc851965dffe72caa9509e6cf9b05bfbbb16333cfccdaf95f04efa92e3d088284e9474df578aee2cfe74a38035c508558d2f61c03ee0affbc486c0202acd2dad5e1d1a17867e2cafae078303878b88f900"/182], &(0x7f0000000200)=0xba) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000300), &(0x7f0000000340)=0xe) mknod$loop(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x9546) 21:47:08 executing program 5: geteuid() perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) open(0x0, 0x141042, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x101002) write$evdev(r0, &(0x7f0000000000)=[{{0x0, 0x7530}}], 0xfe72) open(0x0, 0x0, 0x0) lstat(0x0, 0x0) 21:47:08 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000080)={{0xffffffffffffffff, 0x0, 0x178521ac, 0x0, 0x20}, 0x4, 0x200}) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000280)=""/178) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r3, 0x81785501, &(0x7f0000000440)=""/210) sendfile(r1, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:08 executing program 3: add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9) request_key(0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001900)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000080)={0x1, 0x0, {0x0, 0x0, 0x0, 0xe, 0x0, 0x81}}) r4 = dup3(r2, r3, 0x80000) ioctl$DRM_IOCTL_MAP_BUFS(r4, 0xc0186419, &(0x7f00000018c0)={0x7, &(0x7f0000000300)=""/1, &(0x7f0000001800)=[{0x7, 0x8a, 0x0, &(0x7f0000000340)=""/138}, {0x6, 0x74, 0x5, &(0x7f0000000400)=""/116}, {0x1, 0xe6, 0x7, &(0x7f0000000540)=""/230}, {0x9, 0x6b, 0x800, &(0x7f0000000480)=""/107}, {0x80, 0x1000, 0x2, &(0x7f0000000640)=""/4096}, {0x0, 0xb4, 0xcd17, &(0x7f0000001640)=""/180}, {0x6, 0xfc, 0x1, &(0x7f0000001700)=""/252}]}) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58) r5 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) recvfrom(r5, &(0x7f0000000140)=""/163, 0x100000345, 0x0, 0x0, 0x0) sendto$unix(r5, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429) recvfrom(r5, &(0x7f0000003240)=""/4096, 0x100000205, 0x0, 0x0, 0x415) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) sendmsg$IPVS_CMD_SET_SERVICE(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYPTR64], 0x1}}, 0x0) openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8b28, &(0x7f0000000000)='wlan0\x00') r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r8 = dup(r7) ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x8b28, &(0x7f0000000000)='wlan0\x00') r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_SET(r9, 0x4028700f, 0x0) fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) write$FUSE_NOTIFY_POLL(0xffffffffffffffff, 0x0, 0x0) keyctl$get_persistent(0x16, 0x0, 0x0) getgroups(0x0, &(0x7f0000000000)) r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r11 = dup(r10) ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x8b28, &(0x7f0000000000)='wlan0\x00') ioctl$PERF_EVENT_IOC_DISABLE(r11, 0x2401, 0x2) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0x0) [ 2905.531783] audit: type=1800 audit(1577137628.909:539): pid=18347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17740 res=0 [ 2905.560587] rtc_cmos 00:00: Alarms can be up to one day in the future 21:47:09 executing program 5: geteuid() perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) open(0x0, 0x141042, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x0, 0x101002) write$evdev(r0, &(0x7f0000000000)=[{{0x0, 0x7530}}], 0xfe72) open(0x0, 0x0, 0x0) lstat(0x0, 0x0) [ 2905.571507] audit: type=1804 audit(1577137628.949:540): pid=18347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1565/file0" dev="sda1" ino=17740 res=1 21:47:09 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x10002, 0x0) perf_event_open$cgroup(&(0x7f0000000280)={0x1, 0x70, 0xd4, 0x8, 0x5, 0x7f, 0x0, 0x905f, 0xe0a53b2309b72969, 0xb, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x7fff, 0x1, @perf_bp={&(0x7f0000000100), 0x3}, 0x2000, 0x9, 0x9, 0x2, 0x40, 0x9, 0x5}, r1, 0x6, r2, 0x2) r3 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ftruncate(r4, 0x1000000) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r5, 0x80184132, &(0x7f00000000c0)) pwrite64(r1, &(0x7f0000001480)="bd7445b968625cd6505598064cee82825ff6e063c189aa8631b94e5efbae45d549eac36c7c7577ddc24e11df199303352cafcf6ba0ebc615fdcdebede84f221997a36a0438145958735b2ce7452546b692a85cc8a1051a5f177345ab784df2269de105588412dbb09bcb9c75c0f225828cd3f3b3ec6bdb6dda4b2f48cca9dce9d4558276bf484f70f9079a2f68422bb19475d1d474359b4182b78ad2098e7c45ebd09dc4e894724eb1e6c40cef61566a7efbda3a9d91e29486aebdc67fa671676201308a04544018eba9490955e0f7d3ee439eb27747af", 0xd7, 0x8001) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000080)=0x16, 0x4) sendfile(r0, r3, 0x0, 0xeefffdef) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000300)={0x3, 0x9}, 0xc) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r7, &(0x7f00000017c0), 0x199, 0x0) write$nbd(r7, &(0x7f0000000440)=ANY=[@ANYBLOB="674466980000000002000400040000003c24885e54f99c76020d0d021b0a4d074f3c13ddd3621ce7a54fdabb85c3b4b7fe6d8a95ccd84773937098f31a5e52e80a2a4242186bdb7d9656c3e21c9d55bf8af9136e9907c87096e70b8cd61d6f25b576288d4eb96d663d91d66fe76bb3ab5c1d644901d3a3f3876aeaa7ee029cad4646bb7354544f2103e35936c7da82ca9818bb98c61462e6b3f8b4a7b35d7878651b5725ceed8da72108ed412f12d1f45f739d108dea3dd0802d4a74602daef0b425bcb50215ef1e06b2a8eb1274bf5fd348fa2a7e4343282c2fc7cf6023a79c3a3b2a82d5df465e858197174d9e865300baf5e6682865d679bab8ca8211304f4834ed70d571842f6c308631024c8f909e985daf603b945fb80bdcf9f700cb49a006230831f9b688e3a92e706f4651e1845f49ee0ee4a5fdcf50df720aaa9cb9b230645e7c5077ef448bde2a5d0dad81011fd2ae86cdc1342b6295e0deed483eb56ef6c8d087672746c99466f859130f24dce0be710b3c4550c575743b4615c794c7f636d42d7b21a6d19e070907139f5b37a3406725eab5ab631363b18af649381c95997081e7606bb433e1c6eb0e258f7c0c29db5d27af493d5c94d44d12bac81dc012310f45a55c639324f473f817cb567cfe86b11c4b910035e85e244b72f4a45d2eb87cc3b243bb31bf6ceac38f1ac69e14355a84b57f0967090b0d2fab20939bc55e7f10e8030e4d3db1899e30fc56a0d8b762cfaa3f54bd141c8add3596484e1bd7c29a75dedd9421956bee9302b410672357639ba92dc75b108a1195e2cfaa1eef48c1df7e998929d2b251954b6a509c1bd629e8045245f6007765429977d8690ce00745f6d889e0476b7484623dcd4ac26dfe693454cbb0714660624c37bab4208ef3e2942a81fa37f0fe13341f5cc30e1ca10f923ec4b8655bef1dca9d79bcab43a3800c6e453000074981424b8a2ea139f17e48774009ff3510c49bb70a5ae248c364401fac43ff87f86ed82d66c2e6d502cc10460a822791213e5e87c9d053d5d2202eeb37fcc3e0efe38bb03c23431a6276aaf862e41de56228aa72eb6c02c202a5be6d4b971cdc018f1fbda329b09c5091164e83ae6b5f7a5355b80ca3eea781d65de73fd088dceab07d9073cd5f1aebc7a4a6adf5443d0829ce2c36e5466ab6e91c404415fa97de1250d7b51246551e3b9936640b3a03029aca39db250ea00595188b834842900703daf62738a4a13fc051d3d280e113b5148b8546fe4379f5e21263c43bf7c328e4c29626c898c68bc332749d8ca4d3aab044997dd913860be69a706821c513ddf13c9d4c00896c78cfe3a24f241e4845ffef38145bb608603747dcdd3962124434a07c757b661e8d132ab693e88a144f8d36ce633bf061f6a89dae4e14893a317c7502c831f63d8b7e83424ee986b92a28002049ada42a7bce2bded929cf2b0bf1a5b79bc6ca29724be21a011fe42e97caade0d0d538f641acf4aa727721637746a9d1b792540af212d792d09ef4d34fdf54dabf2b4922cd2e82d5651adf08cd22ef6d416c40ca1f35f2844a4f222a42ffa5eb9d1392573d224ae7741595d933fff16a129388de4b44e9d69fa0d31fc69d4c2911fefa3f161e9de5f468eccfa6b7c89cec6956a7159e0fdabfd4c608580ab46cb416115aa50a5dbb9d703ef669f51b943599af3c6e0f38e06669982a557669140659e091b26fa76c83969092cda83dbd82d7c8b571958b138c4f7fc275906c5b3096095900223eabb0cad8882884ac93917257917189e66166b46f7958fc1aeebf747599be97ecc9734ff0d03a6c748a4febe696a9c3456ce8d85edfefa6a9af117d0e8e8eb36a8e5d00a7dd9d6ff714a2b6aa3ac252f3ff2c9a0942a1d6cd73a10b68272b21fd0e8f937fe4b7da8f91fe0245ac997826e5b9820042317794dbda432f4270dda33d1b662c23b962bd49144eafe2e85470cd95df750f2c89b7fd0d013a09b4a82c29a6277dbdd0432ebff67118e506bbc44bda39a5f4f975e4ff8133d30c9032df54efb96ba51aa9e2697ffb6b30953f41c1c7d8744191332ff7ba4339b5d2879abb29a9faa02e306c904caafb1f5103427aed64aa45a7582d83bcc651bd9784f9504e8312a7a737269224c85c951d3396dc37559e82396d1d2a6ca5f863770bfa4f832cc74c6b949966ef48e1ed68a13a3ced919736cf2aa489e605f347cdf09f23a54beaa31490231e2b779c9ca2b969fe77e815f66ad33d5a4f9318a1e360004213b6d53abe17d895a59849f3a5ae634cf7164da90cb8fbd93ea32dc07ac556ff0e89ae0b33d72e2fa1a56da18d52f7a45d0094c3ee66428d1e4d44f18eddfee344b742ec55d65a6f90620c2d1c8b3bfcc79bfbcc9c251eeeea4093e61388912965ba427216e8e3256cc1fef34283b729a412e3aea4bf947f7d1153a852df27b5d65cb1a840829e428a432185f9bb5d3a5cfcc9c03e7b5a7e8e47e9123eeee936e2d93450fd6ff41aec126d665ca75eb825148c6bb15ba4dba83522029f7aef344d764b0878550152c31ce26773afec61b91c561dc3d5a99fc0cfda935d100ebdd37e2365de0ce82760aebb65dc59042c72240d5f3481ec53b534d19dbee06419c84f703d7a1666cfcca724892acac266f683302d36d90697091a31078b9278d69be8e6881580424ac42439d683bf313ed86d689eb2dd8640adb033fc54f7e155a505dd3133e57ae544c988074382dc2b7d4df9e4c32349fc7af88a374e1a9acb90467fb3a62cb61df030ec2d5e3a6e4bac65fc73eaabc4be699b046ed0e5c1d390d1369d106109a9ce2df33cfdc3acbd944c6cde31f87fac43c44dd62d26e40362d9b99a046d3a51efa72cf0cd023ac47088ce2dc6e26f764dc01ffe993bfb4e7291baa61493c523d71465b841e03cb60cc1b8dc3ba84cbc96fdd1b4ee0d6b150ab3bd854e2f65f54abbef2b979f8bfb217dc4cabd0c8fa4eeb26c52e9d5aa52b084ccb5975b14101c12caefd055bd9c6e67d2aaaa9840d375c50a9b95241a4592bed09bc1cf40f5e0eb089aa9c5ce6668331fb6b3ba0a2850b86c07c723e2d689c3117d2ed5fcb2b8494cd5b5bef6583dbafb4805713fca785d6a6b6744c4f0e15388b8fc9bb9ef94c3ec30e6b26792e1deef8c6ba106f4c01ef067f2b5397cd45a70304a19db6563d73d91c0c88a1fd32595240453ef28f6131f8219fba7f174d739c2b48c68100f4ff16a626923ab9f5da556bf225b2591838e40795f2c9f7fb2fae516a907db384bb362825065a060563f5e66a81343342abcb89769951313be6af95fdaead600b882cb6f4c48c711d374fb00a8adf43d34cd2d1a80d66dd555cdc13ab2267bb75b19c8fa478ecf673cef7d113b37bc453f146969bf890a13ba6f4b00aceb04ef572d7d4b8285d461e9dc93706b6e00c5ba7e65aab782a2e48b98fec29be26ad70b1d4861cb4f54fb972345fe1a29b1e689e70bb61ad7bea8aef7765e6a410c729ce794362aaaba731180be920233c309c6cb78c25e89027bc866050daeeccb19faf4742624f312ea3df8220dd159881696d39289a21e2f24b157c8097f3834f17e1b6304f626253f6ebcfce5fe89e20899874084fc35b3f21e114c8375404c557eb0ec7ae7abd8047b26e590da6871773cb984474323f67196f350c07052e2702866ba7c44262a5f7f9c9bf2df862e9b4d8eb0f1544faaa0cb6e78693bf99d9c6a249b2f544546f5a48294a3aa29743bd65ab203f596006021e30311d75f0ed0abf75649a67696cccc96abf34c698101c10b1c8bb6978f881e6f2ac2d660b8bbb4e5150535b3a31fa856560a5140d01d435e071e0b1d00d9c74dbaa1122b45c4b078b76073b746267a59a20e9f3eb6d27d387db9506f3c7943ac428ed2f813ae1260743d91c4f2369a7e19c017d73c838501bc9709fa7dd5fbbb27f8098311d2626c89507ffb5ce920f95c39494ab0915cea83a7c8e70878c727b8979eed1ea6f5ca6df3ec8e1691e2ab7ced896a016a46e5a3a1b4637f3375ac71fe6c3fcb48b4ce7a4cd262f71b06baf8a4b09848f58faa80b523359b01984150285aef967e8db7f01a1400ef0846222d9bc4618a202aaa9dfa5cf3c4f9f089983eab8662bfef38dc026996f657a08049ac251a94398d648ec0dfb9895436c5f685de23693a848c7b68d47ea963fc1a6fd270cb9eec89e20096dba388f9ed6a900931cdf72c360b584fadda853cc8455ff6d8cf7085d81ae277ea7eca0095c6594ff9a32e0dfffa84ff3e25d12655d71dadfcd2bdce2c780a2cc034a87dce9941b5a282ae48a1ce6387e75ef615f840ba4221bb6a9bb96e22a3283ea30ae19658c87a55bc4d79f120ad51835a19f886b9baca62f7e4716d8dcb7dee0adff8e8b82bda5484fb5fba0bc795c64dbd2b97ba4358f455621c46571d6b0187a873cfc477dce48ac710f3ae77dc487509be94274fb13df83005cd3ced4fc8f20d1992a5a3db11b608d1172584a634f84020d61a73a61dfd9f79738020265f078d4bf141b9fe078bbc9f47e0d3e6091809f1d2b8d50c0cbeb6c8347ecfb87e1f74d27483abcb0d670811241254dc22992c7b810d3a32a509cd86e80f4ee5ae3aa720cc563656e7a01c7c2f6388ed814a979741b9a5b97ba5ef181b863a97ceadef957f99f40eb58e72b3427d40df645351d324a392f5729ff2a6a8ed6ea5e737bd62b3e2cd6d677f1b1471cf955b6e641e6384a5f70631283986f6aa711c8efc9ec63a148bb3de100944e6aa1e906f24a45e11a8d00217d809fd1b5115c2139c4978538fc4c76ac7b8cea696d718c7eba7a1cf080dc18d75e7b1939a775ee4c03d30762cc63cd0e4edfa72c1287c655ad5b996802e0edc7cfdee74b9dae825676dec92d486b37266b26df4bf52831d7b0e484395f15247fd1b6620fd0409810bb04b41fa12c4a28a4b6eb94f92cfa7866597ff0f480c562d92b3ae1f6e47a01c89b614c0b9c09565f80663eb79e4db05da2869797b51ea202e800bef434177d6815c8dc797c922b52a7c93835ab84032a90a05510abfaca21855b3d959e3685d40bb642ed560ec9fd5fdfef89a482b240002c2aaba9cdeec5836f7e8ba14266efae4bcd49f9b343e27340af5e996edb45175e4e8115e70ac3d824f126b5239ecf33d9fc64b52b15f79d860a33873b82894893295b18032068127f049be15bcd2cc3df99783637edbeed8d141ecfab8feb9c3ea31f62833b4565a873e3e17864552bd71c15a8392d7dcb7f93c4ea136e39304a7d62d7b08d482f8c5112b540ac5eedd0cbb71d5dd0e0e0e1597da4c7e8bc9447290ac50bcd38f19aba79e5bc2b5a0f83ca3ea5ac35ffea9d933c5a340e03d5fd08866d6be34de6c878311d8ec6950cc69237783dca6c07661ded64d5a80c7531462d3a487d97e5ffa633cd9d8b5041e8eb01d1726b5b33c6708b57b7d95d9c2c89f617a6aba25be0d4cdd4883d244cc59f800a23dfb69879a80d63b5ebd063c9e628d1a40245743bb458cb844dd4ad10fd8f6c7ece3607fff8ff2cfa68ac018e132bcbdf2a30622c5cf4820aa768b486b000318ff4e1af2f686a52d7adb3551e3f19eb48bb761e583435d7af757c5f4d876e4d5393df93c05a6cead3c2ba3646642c4725b9cd5f7080efe613d7f5be7946b9d9742c1a3288f9c29f23fb167bee61a7dff4bc4bfa1a88cf5bf0dbcbc407039cd7c34aacd02dad32304b6976e36786bb1c7d6c04d7362b31beb0badcdcf34573bd83c70a1d22cda062f54fab194615a75be80f70de17365e858580acc094d272776"], 0x1010) timer_settime(r6, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:09 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x18}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:09 executing program 1: r0 = open(&(0x7f0000000000)='./file0\x00', 0x160c2, 0x4) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:09 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) sync() perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) fcntl$setsig(r4, 0xa, 0x37) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, &(0x7f0000000000)={0x3, [0x9, 0x80000001, 0xffff]}) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:09 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x0) 21:47:09 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x1016) 21:47:11 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) recvfrom$netrom(r3, &(0x7f0000000000)=""/118, 0x76, 0x2000, &(0x7f0000000140)={{0x3, @default, 0x8}, [@default, @default, @bcast, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x48) 21:47:11 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x4a2f, 0x800) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) lseek(r0, 0x4, 0x3) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/policy\x00', 0x0, 0x0) getsockopt$inet6_buf(r2, 0x29, 0x30, &(0x7f0000000440)=""/4096, &(0x7f0000000100)=0x1000) preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000140)) r3 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r4 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r4, 0x1000000) sendfile(r3, r4, 0x0, 0x80000009) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r5, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:11 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{0x77359400}, {0x77359400}}) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f0000000400)=0x1000) r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SIOCX25GFACILITIES(r3, 0x89e2, &(0x7f0000000440)) preadv(r2, &(0x7f00000017c0), 0x199, 0x0) name_to_handle_at(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="e900000007000000f3d51eff3463201bdf9759d720e76dee9c16d6e8b4dcc9f0ad1dcfb43fbe9c1fd8c30e6fea6c8fa384234c85fe23adc5393329106b7f25692012e9038cd10eb21c1ab7306a99374ca1840889c5776a5e4b6ba3c2130465d3bbf8a31aea7bbfa6152a5122fa84f6aca00d16635398f3d0dfcd2708f3d64865e31b0a9d0cd47bff7bae59153f52110bbde52773f39001776f19106bcca12205cf2438b0e2b360b8a8077090f95fc052cf79a5d53ad005372f2cc4f210baf5208b91c944876599dca43894e776682723cba89efd8865caf018dd0f0b5073d25380e95c383986dce645"], &(0x7f0000000280), 0x3e153eab89cddb9a) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r4 = socket(0x8, 0x2, 0x0) unlink(&(0x7f0000000040)='./file0\x00') getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000380), &(0x7f00000003c0)=0x4) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="48000000100005070000000000000000000000004c49967762a7f76c8aff223ed7a2fd752bb4ddcc874ebb5083826f1d2dc85b2dacbcb94cd4bc06000000e01a5674", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x48}}, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r9, &(0x7f00000017c0), 0x199, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r10, &(0x7f00000017c0), 0x199, 0x0) r11 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r11, &(0x7f00000017c0), 0x199, 0x0) r12 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r12, &(0x7f00000017c0), 0x199, 0x0) r13 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r13, &(0x7f00000017c0), 0x199, 0x0) r14 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r14, &(0x7f00000017c0), 0x199, 0x0) r15 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r15, &(0x7f00000017c0), 0x199, 0x0) r16 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r16, &(0x7f00000017c0), 0x199, 0x0) r17 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r17, &(0x7f00000017c0), 0x199, 0x0) r18 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r18, &(0x7f00000017c0), 0x199, 0x0) sendmsg$nl_route_sched(r18, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYPTR=&(0x7f00000009c0)=ANY=[@ANYPTR64=&(0x7f0000000940)=ANY=[@ANYPTR64, @ANYRES16=r10], @ANYPTR64=&(0x7f0000000c40)=ANY=[@ANYRES64=r0, @ANYBLOB="a83f3f9d053c77334acbcc81e8cce4980f14212ee5f53dd285d8541cb295a27cf19d6ae9b6b7b42b1524b4a37a7beff28d26d33129b1b1c0d69f28a3b7dc5732c007de41634fd5b1e54c5da892fcace589038497f479b3e6c165d4825f547fd4a66d3751d6eda1d2ac9c9e14151a1293a804f18d9d530e016847dbca56142b354821b84f5219325887bed0f71118cc25aacc93754f462d74ff8f5b9de6e10563e990bc4368c01efba42a1bf7cd15845d81658be110b4d5076bc0caefb4db7b46ef9e", @ANYRES64, @ANYPTR64, @ANYPTR64=&(0x7f0000000ac0)=ANY=[@ANYBLOB="492c7c5983d479c6614d3515c8dd0a2fbea0142b1dc1c8c1ce683b25a913c6e8a2720189feca4302f34e709f2bef92c6f8a76f4a9f5a3999189f91654d6d6ea35f76a02c5fc6b6502fa593d7d62f4e2fb1b9f888eb5461b265f0ca7141ecf8fd05906cb943859abcb78234d649b05aeb49dc1d032f1e2de1b6cc069e3bc28a7f03cf77d152e44758e96007f1f53ecf08026c8aa43310387ff65849882a8771760727d700f73f09d32c77f6adce00fa0419073a5ffaf9488c425e89eb70c337a6b595c771c0cda687cdf41554", @ANYPTR, @ANYPTR, @ANYRES64, @ANYRES16=r2], @ANYPTR=&(0x7f0000000bc0)=ANY=[@ANYRES32=r11, @ANYRES64=r16, @ANYRES16=r5, @ANYRESOCT=r0, @ANYRES16]], @ANYRESDEC=r12]], 0x1}, 0x1, 0x0, 0x0, 0xc004}, 0x4020040) r19 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r19, &(0x7f00000017c0), 0x199, 0x0) r20 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r20, &(0x7f00000017c0), 0x199, 0x0) sendmsg$nl_route_sched(r19, &(0x7f0000000300)={0x0, 0x127, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="500000002900210400"/20, @ANYRES32=r7, @ANYRESOCT=r20], 0x3}}, 0x20000000) r21 = socket$nl_route(0x10, 0x3, 0x0) r22 = socket$netlink(0x10, 0x3, 0x0) r23 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r23, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r23, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r22, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r24}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r21, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r24, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r22, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="500000002900210400"/20, @ANYRES32=r24, @ANYBLOB="00000000ffffffff000000000c0080eb8600000075701000200002001c0002000500000000000800050062706600040002000400060000ff156569735843de8b4c1ef779b8d8f7bf7afb33e23753792ac1f351b2483d67b19c323679afde2698ebe5f83bc5b1d2c1df41944400193870e465324b63063fc06b6d0e583c75ba0a6d8da2ca131e39aeef0f"], 0x50}}, 0x0) r25 = socket$nl_route(0x10, 0x3, 0x0) r26 = socket$netlink(0x10, 0x3, 0x0) r27 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r27, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r27, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r26, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r28}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r25, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r28, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r26, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="500000002900210400"/20, @ANYRES32=r28, @ANYBLOB="00000000ffffffff000000000c0080eb8600000075701000200002001c0002000500000000000800050062706600040002000400060000ff156569735843de8b4c1ef779b8d8f7bf7afb33e23753792ac1f351b2483d67b19c323679afde2698ebe5f83bc5b1d2c1df41944400193870e465324b63063fc06b6d0e583c75ba0a6d8da2ca131e39aeef0f"], 0x50}}, 0x0) r29 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r29, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r30) sendmsg$nl_route(r4, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4002000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)=@ipv6_delroute={0x80, 0x19, 0x200, 0x70bd2a, 0x25dfdbfc, {0xa, 0x20, 0x10, 0x6, 0x0, 0x0, 0xfd, 0x9, 0x2000}, [@RTA_EXPIRES={0x8, 0x17, 0x2}, @RTA_OIF={0x8, 0x4, r7}, @RTA_OIF={0x8, 0x4, r24}, @RTA_IIF={0x8, 0x1, r28}, @RTA_MARK={0x8, 0x10, 0x2}, @RTA_GATEWAY={0x14, 0x5, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @RTA_UID={0x8, 0x19, r30}, @RTA_GATEWAY={0x14, 0x5, @remote}, @RTA_ENCAP={0xc, 0x16, @typed={0x8, 0x1000, @fd}}]}, 0x80}, 0x1, 0x0, 0x0, 0x10}, 0x1088e) sendfile(r0, r1, 0x0, 0x9546) syz_open_dev$dmmidi(&(0x7f0000000340)='/dev/dmmidi#\x00', 0x6, 0x505c40) 21:47:11 executing program 5 (fault-call:6 fault-nth:0): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:11 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0x160c2, 0x4) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:11 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x42c00) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x8001, 0xa2, 0x3, 0x5, 0x7, "44ecc1864bb53e7c"}) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000080)) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) [ 2908.568821] kauditd_printk_skb: 4 callbacks suppressed [ 2908.568830] audit: type=1800 audit(1577137631.939:545): pid=18393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16802 res=0 [ 2908.594987] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2908.650675] audit: type=1804 audit(1577137631.959:546): pid=18393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1567/file0" dev="sda1" ino=16802 res=1 [ 2908.679233] audit: type=1800 audit(1577137631.999:547): pid=18396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.3" name="file0" dev="sda1" ino=16913 res=0 [ 2908.707725] FAULT_INJECTION: forcing a failure. [ 2908.707725] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2908.726412] audit: type=1804 audit(1577137632.019:548): pid=18396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir183872369/syzkaller.YOUcrF/1630/file0" dev="sda1" ino=16913 res=1 [ 2908.733680] CPU: 0 PID: 18395 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2908.761712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2908.761717] Call Trace: [ 2908.761737] dump_stack+0x142/0x197 [ 2908.761754] should_fail.cold+0x10f/0x159 [ 2908.761763] ? __might_sleep+0x93/0xb0 [ 2908.761776] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2908.761789] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2908.794968] ? mark_held_locks+0xb1/0x100 [ 2908.799113] alloc_pages_vma+0xc9/0x4c0 [ 2908.803082] wp_page_copy+0xa5f/0x13d0 [ 2908.806961] ? retint_kernel+0x2d/0x2d [ 2908.810838] ? follow_pfn+0x220/0x220 [ 2908.814627] do_wp_page+0x24b/0x1250 [ 2908.818331] ? finish_mkwrite_fault+0x620/0x620 [ 2908.822989] __handle_mm_fault+0x1cc3/0x33d0 [ 2908.827390] ? copy_page_range+0x1de0/0x1de0 [ 2908.831785] ? find_held_lock+0x35/0x130 [ 2908.835834] ? handle_mm_fault+0x1b6/0x7c0 [ 2908.840065] handle_mm_fault+0x293/0x7c0 [ 2908.844115] __do_page_fault+0x4c1/0xb80 [ 2908.848164] ? vmalloc_fault+0xe30/0xe30 [ 2908.852215] do_page_fault+0x71/0x511 [ 2908.856018] page_fault+0x25/0x50 [ 2908.859461] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2908.864199] RSP: 0018:ffff88801eb7fac0 EFLAGS: 00010246 [ 2908.869551] RAX: 0000000000000000 RBX: ffff88801eb7fdc0 RCX: ffffc90008839000 [ 2908.876805] RDX: 00000000000026e3 RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2908.884210] RBP: ffff88801eb7fcc8 R08: ffff88809255a400 R09: 0000000000000000 [ 2908.891477] R10: 0000000000000000 R11: ffff88809255a400 R12: 0000000000000000 [ 2908.898758] R13: 0000000000000000 R14: 0000000020003000 R15: 0000000020003030 [ 2908.906052] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2908.910216] ? ___sys_sendmsg+0x840/0x840 [ 2908.914355] ? mark_held_locks+0xb1/0x100 [ 2908.918491] ? save_trace+0x290/0x290 [ 2908.922277] ? retint_kernel+0x2d/0x2d [ 2908.926151] ? trace_hardirqs_on_caller+0x400/0x590 [ 2908.931171] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2908.935918] ? check_preemption_disabled+0x3c/0x250 [ 2908.940920] ? retint_kernel+0x2d/0x2d [ 2908.944803] __sys_recvmmsg+0x226/0x6b0 [ 2908.948767] ? SyS_recvmsg+0x50/0x50 [ 2908.952465] ? lock_downgrade+0x740/0x740 [ 2908.956613] ? retint_kernel+0x2d/0x2d [ 2908.960490] ? trace_hardirqs_on_caller+0x400/0x590 [ 2908.965507] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2908.970272] SyS_recvmmsg+0x125/0x140 [ 2908.974056] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2908.978186] ? do_syscall_64+0x53/0x640 [ 2908.982144] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2908.986294] do_syscall_64+0x1e8/0x640 [ 2908.990168] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2908.995000] entry_SYSCALL_64_after_hwframe+0x42/0xb7 21:47:12 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) recvfrom$netrom(r4, &(0x7f0000000000)=""/73, 0x49, 0x40000000, &(0x7f0000000140)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x2}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @null]}, 0x48) syz_genetlink_get_family_id$devlink(&(0x7f0000000080)='devlink\x00') [ 2909.000186] RIP: 0033:0x45a919 [ 2909.003361] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2909.011056] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2909.018311] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 [ 2909.025620] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2909.032877] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 [ 2909.040134] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 21:47:12 executing program 5 (fault-call:6 fault-nth:1): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:12 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:12 executing program 3 (fault-call:5 fault-nth:0): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2909.253575] FAULT_INJECTION: forcing a failure. [ 2909.253575] name failslab, interval 1, probability 0, space 0, times 0 [ 2909.256230] FAULT_INJECTION: forcing a failure. [ 2909.256230] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2909.265353] CPU: 1 PID: 18423 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2909.284751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2909.294121] Call Trace: [ 2909.296733] dump_stack+0x142/0x197 [ 2909.300384] should_fail.cold+0x10f/0x159 [ 2909.304557] should_failslab+0xdb/0x130 [ 2909.308542] __kmalloc+0x2f0/0x7a0 [ 2909.312102] ? af_alg_wait_for_completion+0xb0/0xb0 [ 2909.317118] ? sock_kmalloc+0x7f/0xc0 [ 2909.320926] sock_kmalloc+0x7f/0xc0 [ 2909.324693] af_alg_alloc_areq+0x24/0x1e0 [ 2909.328852] skcipher_recvmsg+0x740/0xd30 [ 2909.333020] ? skcipher_release+0x50/0x50 [ 2909.337189] ? selinux_socket_recvmsg+0x36/0x40 [ 2909.341899] ? security_socket_recvmsg+0x91/0xc0 [ 2909.346663] ? skcipher_release+0x50/0x50 [ 2909.350840] sock_recvmsg+0xc6/0x110 [ 2909.354561] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2909.359580] ___sys_recvmsg+0x21f/0x4d0 [ 2909.363566] ? ___sys_sendmsg+0x840/0x840 [ 2909.367718] ? __fget+0x210/0x370 [ 2909.371183] ? lock_downgrade+0x740/0x740 [ 2909.375336] ? __fget+0x237/0x370 [ 2909.378796] ? __fget_light+0x172/0x1f0 [ 2909.382779] ? __fdget+0x1b/0x20 [ 2909.386147] ? sockfd_lookup_light+0xb4/0x160 [ 2909.390648] __sys_recvmsg+0xb6/0x140 [ 2909.394460] ? SyS_sendmmsg+0x60/0x60 [ 2909.398281] SyS_recvmsg+0x2d/0x50 [ 2909.401822] ? __sys_recvmsg+0x140/0x140 [ 2909.405886] do_syscall_64+0x1e8/0x640 [ 2909.409770] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2909.414629] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2909.419818] RIP: 0033:0x45a919 [ 2909.423005] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2909.430717] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2909.437989] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2909.445260] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2909.452535] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2909.459806] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2909.467110] CPU: 0 PID: 18417 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2909.475115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2909.484478] Call Trace: [ 2909.487075] dump_stack+0x142/0x197 [ 2909.490716] should_fail.cold+0x10f/0x159 [ 2909.494876] ? __might_sleep+0x93/0xb0 [ 2909.498778] __alloc_pages_nodemask+0x1d6/0x7a0 21:47:12 executing program 3 (fault-call:5 fault-nth:1): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2909.503467] ? trace_hardirqs_on_caller+0x400/0x590 [ 2909.508501] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2909.513549] alloc_pages_vma+0xc9/0x4c0 [ 2909.516554] FAULT_INJECTION: forcing a failure. [ 2909.516554] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2909.517540] wp_page_copy+0xa5f/0x13d0 [ 2909.517554] ? retint_kernel+0x2d/0x2d [ 2909.517569] ? follow_pfn+0x220/0x220 [ 2909.517582] ? do_raw_spin_unlock+0x16b/0x260 [ 2909.517594] do_wp_page+0x24b/0x1250 [ 2909.517609] ? finish_mkwrite_fault+0x620/0x620 [ 2909.517633] __handle_mm_fault+0x1cc3/0x33d0 [ 2909.517648] ? copy_page_range+0x1de0/0x1de0 [ 2909.535730] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 2909.537511] ? find_held_lock+0x35/0x130 [ 2909.537526] ? handle_mm_fault+0x1b6/0x7c0 [ 2909.537556] handle_mm_fault+0x293/0x7c0 [ 2909.549559] __do_page_fault+0x4c1/0xb80 [ 2909.549576] ? vmalloc_fault+0xe30/0xe30 [ 2909.558662] do_page_fault+0x71/0x511 [ 2909.558680] page_fault+0x25/0x50 [ 2909.558693] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2909.558699] RSP: 0018:ffff888080b27ac0 EFLAGS: 00010246 [ 2909.558714] RAX: 0000000000000000 RBX: ffff888080b27dc0 RCX: ffffc90008839000 [ 2909.571719] RDX: 00000000000063d1 RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2909.571726] RBP: ffff888080b27cc8 R08: ffff88808e112580 R09: 0000000000000000 [ 2909.571731] R10: 0000000000000000 R11: ffff88808e112580 R12: 0000000000000000 [ 2909.571736] R13: 0000000000000000 R14: 0000000020004000 R15: 0000000020004030 [ 2909.571762] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2909.571784] ? ___sys_sendmsg+0x840/0x840 [ 2909.571797] ? trace_hardirqs_on_caller+0x400/0x590 [ 2909.571809] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2909.571818] ? save_trace+0x290/0x290 [ 2909.571829] ? check_preemption_disabled+0x3c/0x250 [ 2909.571839] ? __might_fault+0x110/0x1d0 [ 2909.571853] ? find_held_lock+0x35/0x130 [ 2909.584216] ? __might_fault+0x110/0x1d0 [ 2909.584250] __sys_recvmmsg+0x226/0x6b0 [ 2909.584267] ? SyS_recvmsg+0x50/0x50 [ 2909.592375] ? lock_downgrade+0x740/0x740 [ 2909.592394] ? __mutex_unlock_slowpath+0x71/0x800 [ 2909.592404] ? check_preemption_disabled+0x3c/0x250 [ 2909.592432] SyS_recvmmsg+0x125/0x140 [ 2909.592442] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2909.592451] ? do_syscall_64+0x53/0x640 [ 2909.592461] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2909.604448] do_syscall_64+0x1e8/0x640 [ 2909.604460] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2909.604481] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2909.604489] RIP: 0033:0x45a919 [ 2909.604498] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 [ 2909.617115] ORIG_RAX: 000000000000012b [ 2909.617122] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2909.617128] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 [ 2909.617134] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2909.617141] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 [ 2909.617147] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 [ 2909.630991] CPU: 1 PID: 18428 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2909.646320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 21:47:13 executing program 5 (fault-call:6 fault-nth:2): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:13 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000080)=0x1800000, 0x4) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2909.646325] Call Trace: [ 2909.646344] dump_stack+0x142/0x197 [ 2909.646366] should_fail.cold+0x10f/0x159 [ 2909.681345] ? __might_sleep+0x93/0xb0 [ 2909.681363] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2909.681376] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2909.689408] ? save_trace+0x290/0x290 [ 2909.689422] ? follow_page_pte+0x25e/0x1590 [ 2909.689437] alloc_pages_vma+0xc9/0x4c0 [ 2909.702134] __handle_mm_fault+0x186c/0x33d0 [ 2909.702149] ? copy_page_range+0x1de0/0x1de0 [ 2909.702160] ? find_held_lock+0x35/0x130 21:47:13 executing program 3 (fault-call:5 fault-nth:2): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2909.702170] ? handle_mm_fault+0x1b6/0x7c0 [ 2909.702191] handle_mm_fault+0x293/0x7c0 [ 2909.715151] __get_user_pages+0x465/0x12e0 [ 2909.715168] ? follow_page_mask+0x1630/0x1630 [ 2909.723278] ? lock_acquire+0x16f/0x430 [ 2909.723298] get_user_pages_unlocked+0x1f0/0x2f0 [ 2909.732141] ? get_user_pages_locked+0x3d0/0x3d0 [ 2909.732150] ? get_user_pages_fast+0x171/0x2d0 [ 2909.732164] get_user_pages_fast+0x228/0x2d0 [ 2909.732175] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2909.732190] iov_iter_get_pages+0x20f/0xd10 [ 2909.732204] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2909.732221] af_alg_make_sg+0x85/0x400 [ 2909.732235] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2909.732245] ? af_alg_data_wakeup+0x80/0x80 [ 2909.732254] ? rcu_read_lock_sched_held+0x110/0x130 [ 2909.732264] ? __kmalloc+0x376/0x7a0 [ 2909.732276] af_alg_get_rsgl+0x1d3/0x530 [ 2909.746027] skcipher_recvmsg+0x774/0xd30 [ 2909.746045] ? skcipher_release+0x50/0x50 [ 2909.757633] ? selinux_socket_recvmsg+0x36/0x40 [ 2909.757647] ? security_socket_recvmsg+0x91/0xc0 [ 2909.757659] ? skcipher_release+0x50/0x50 [ 2909.772201] sock_recvmsg+0xc6/0x110 [ 2909.772211] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2909.772223] ___sys_recvmsg+0x21f/0x4d0 [ 2909.772237] ? ___sys_sendmsg+0x840/0x840 [ 2909.772249] ? __fget+0x210/0x370 [ 2909.772267] ? lock_downgrade+0x740/0x740 [ 2909.772283] ? __fget+0x237/0x370 [ 2909.772299] ? __fget_light+0x172/0x1f0 [ 2909.772310] ? __fdget+0x1b/0x20 [ 2909.772323] ? sockfd_lookup_light+0xb4/0x160 [ 2909.786892] __sys_recvmsg+0xb6/0x140 [ 2909.804116] ? SyS_sendmmsg+0x60/0x60 [ 2909.804140] SyS_recvmsg+0x2d/0x50 [ 2909.804147] ? __sys_recvmsg+0x140/0x140 [ 2909.804160] do_syscall_64+0x1e8/0x640 [ 2909.804169] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2909.804190] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2909.810377] RIP: 0033:0x45a919 [ 2909.810383] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2909.810394] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2909.810399] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2909.810404] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2909.810409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2909.810414] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2909.936545] FAULT_INJECTION: forcing a failure. [ 2909.936545] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2909.955629] CPU: 1 PID: 18444 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2909.960275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2909.960281] Call Trace: [ 2909.960302] dump_stack+0x142/0x197 [ 2909.960321] should_fail.cold+0x10f/0x159 [ 2909.960333] ? __might_sleep+0x93/0xb0 [ 2909.960346] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2909.960360] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2909.960372] ? save_trace+0x290/0x290 [ 2909.960386] ? follow_page_pte+0x25e/0x1590 [ 2909.960402] alloc_pages_vma+0xc9/0x4c0 [ 2909.960418] __handle_mm_fault+0x186c/0x33d0 [ 2909.960432] ? copy_page_range+0x1de0/0x1de0 [ 2909.960441] ? find_held_lock+0x35/0x130 [ 2909.960454] ? handle_mm_fault+0x1b6/0x7c0 [ 2909.973604] handle_mm_fault+0x293/0x7c0 [ 2909.973619] __get_user_pages+0x465/0x12e0 [ 2909.973637] ? follow_page_mask+0x1630/0x1630 [ 2909.973647] ? lock_acquire+0x16f/0x430 [ 2909.973665] get_user_pages_unlocked+0x1f0/0x2f0 [ 2909.973679] ? get_user_pages_locked+0x3d0/0x3d0 [ 2909.973685] ? get_user_pages_fast+0x171/0x2d0 [ 2909.973699] get_user_pages_fast+0x228/0x2d0 [ 2909.981319] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2909.981336] iov_iter_get_pages+0x20f/0xd10 [ 2909.981351] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2909.981370] af_alg_make_sg+0x85/0x400 [ 2909.981383] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2909.981394] ? af_alg_data_wakeup+0x80/0x80 [ 2909.981405] ? rcu_read_lock_sched_held+0x110/0x130 [ 2909.981416] ? __kmalloc+0x376/0x7a0 [ 2909.981429] af_alg_get_rsgl+0x1d3/0x530 [ 2909.981449] skcipher_recvmsg+0x774/0xd30 [ 2909.981467] ? skcipher_release+0x50/0x50 [ 2909.992237] ? selinux_socket_recvmsg+0x36/0x40 [ 2909.992249] ? security_socket_recvmsg+0x91/0xc0 [ 2909.992259] ? skcipher_release+0x50/0x50 [ 2909.992271] sock_recvmsg+0xc6/0x110 [ 2909.992280] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2909.992291] ___sys_recvmsg+0x21f/0x4d0 [ 2909.992320] ? ___sys_sendmsg+0x840/0x840 [ 2909.992332] ? __fget+0x210/0x370 [ 2909.992350] ? lock_downgrade+0x740/0x740 [ 2910.000622] ? __fget+0x237/0x370 [ 2910.000638] ? __fget_light+0x172/0x1f0 [ 2910.000649] ? __fdget+0x1b/0x20 [ 2910.000660] ? sockfd_lookup_light+0xb4/0x160 [ 2910.000672] __sys_recvmsg+0xb6/0x140 [ 2910.000681] ? SyS_sendmmsg+0x60/0x60 [ 2910.000707] SyS_recvmsg+0x2d/0x50 [ 2910.000714] ? __sys_recvmsg+0x140/0x140 [ 2910.000725] do_syscall_64+0x1e8/0x640 [ 2910.000734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2910.000752] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2910.012102] RIP: 0033:0x45a919 [ 2910.012107] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2910.012117] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2910.012123] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2910.012129] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2910.012135] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2910.012140] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2910.026545] FAULT_INJECTION: forcing a failure. [ 2910.026545] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2910.056705] CPU: 1 PID: 18442 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2910.066507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2910.066513] Call Trace: [ 2910.066536] dump_stack+0x142/0x197 [ 2910.066560] should_fail.cold+0x10f/0x159 [ 2910.085626] ? __might_sleep+0x93/0xb0 [ 2910.085644] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2910.085657] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2910.085679] alloc_pages_vma+0xc9/0x4c0 [ 2910.085694] wp_page_copy+0xa5f/0x13d0 [ 2910.085709] ? follow_pfn+0x220/0x220 [ 2910.085723] ? do_raw_spin_unlock+0x16b/0x260 [ 2910.102957] do_wp_page+0x24b/0x1250 [ 2910.102974] ? finish_mkwrite_fault+0x620/0x620 [ 2910.102988] __handle_mm_fault+0x1cc3/0x33d0 [ 2910.103002] ? copy_page_range+0x1de0/0x1de0 [ 2910.103013] ? find_held_lock+0x35/0x130 [ 2910.103021] ? handle_mm_fault+0x1b6/0x7c0 [ 2910.103042] handle_mm_fault+0x293/0x7c0 [ 2910.109229] __do_page_fault+0x4c1/0xb80 [ 2910.109245] ? vmalloc_fault+0xe30/0xe30 [ 2910.109260] do_page_fault+0x71/0x511 [ 2910.117270] page_fault+0x25/0x50 [ 2910.117284] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2910.117293] RSP: 0018:ffff8880a0f27ac0 EFLAGS: 00010246 [ 2910.126966] RAX: 0000000000000000 RBX: ffff8880a0f27dc0 RCX: ffffc90008839000 [ 2910.126973] RDX: 000000000000832e RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2910.126979] RBP: ffff8880a0f27cc8 R08: ffff888055960480 R09: 0000000000000000 [ 2910.126985] R10: 0000000000000000 R11: ffff888055960480 R12: 0000000000000000 [ 2910.126993] R13: 0000000000000000 R14: 0000000020005000 R15: 0000000020005030 [ 2910.135103] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2910.135124] ? ___sys_sendmsg+0x840/0x840 [ 2910.143498] ? save_trace+0x290/0x290 [ 2910.143507] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2910.143519] ? __might_fault+0x110/0x1d0 [ 2910.143529] ? find_held_lock+0x35/0x130 [ 2910.143540] ? __might_fault+0x110/0x1d0 [ 2910.143566] __sys_recvmmsg+0x226/0x6b0 [ 2910.143583] ? SyS_recvmsg+0x50/0x50 [ 2910.156281] ? check_preemption_disabled+0x3c/0x250 [ 2910.156294] ? retint_kernel+0x2d/0x2d [ 2910.156312] ? fput+0x6/0x150 [ 2910.164625] SyS_recvmmsg+0x125/0x140 [ 2910.164637] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2910.164649] ? do_syscall_64+0x53/0x640 [ 2910.164658] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2910.164670] do_syscall_64+0x1e8/0x640 [ 2910.173119] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2910.173137] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2910.173145] RIP: 0033:0x45a919 [ 2910.173150] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2910.173160] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2910.173167] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 [ 2910.173172] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2910.173179] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 21:47:14 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:14 executing program 3 (fault-call:5 fault-nth:3): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:14 executing program 5 (fault-call:6 fault-nth:3): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:14 executing program 2: timer_create(0x7, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2910.173184] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 [ 2910.700599] FAULT_INJECTION: forcing a failure. [ 2910.700599] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2910.719358] audit: type=1800 audit(1577137634.099:549): pid=18457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17125 res=0 [ 2910.742874] CPU: 1 PID: 18453 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2910.750674] audit: type=1804 audit(1577137634.129:550): pid=18457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1568/file0" dev="sda1" ino=17125 res=1 [ 2910.750778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2910.787470] Call Trace: [ 2910.790080] dump_stack+0x142/0x197 [ 2910.793734] should_fail.cold+0x10f/0x159 [ 2910.797883] ? __might_sleep+0x93/0xb0 [ 2910.801798] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2910.806505] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2910.811551] ? save_trace+0x290/0x290 [ 2910.815373] ? follow_page_pte+0x25e/0x1590 [ 2910.819731] alloc_pages_vma+0xc9/0x4c0 [ 2910.823738] __handle_mm_fault+0x186c/0x33d0 [ 2910.824070] vivid-004: kernel_thread() failed [ 2910.828163] ? copy_page_range+0x1de0/0x1de0 [ 2910.828176] ? find_held_lock+0x35/0x130 [ 2910.828187] ? handle_mm_fault+0x1b6/0x7c0 [ 2910.828209] handle_mm_fault+0x293/0x7c0 [ 2910.828220] __get_user_pages+0x465/0x12e0 [ 2910.828235] ? follow_page_mask+0x1630/0x1630 [ 2910.828244] ? lock_acquire+0x16f/0x430 [ 2910.828260] get_user_pages_unlocked+0x1f0/0x2f0 [ 2910.828275] ? get_user_pages_locked+0x3d0/0x3d0 [ 2910.871710] ? get_user_pages_fast+0x171/0x2d0 [ 2910.876316] get_user_pages_fast+0x228/0x2d0 [ 2910.880747] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2910.885585] ? __sanitizer_cov_trace_pc+0x2d/0x60 [ 2910.890466] iov_iter_get_pages+0x20f/0xd10 [ 2910.894833] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2910.899777] af_alg_make_sg+0x85/0x400 [ 2910.903673] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2910.909258] ? af_alg_data_wakeup+0x80/0x80 [ 2910.913586] ? rcu_read_lock_sched_held+0x110/0x130 [ 2910.918609] ? __kmalloc+0x376/0x7a0 [ 2910.922382] af_alg_get_rsgl+0x1d3/0x530 [ 2910.926458] skcipher_recvmsg+0x774/0xd30 [ 2910.930639] ? skcipher_release+0x50/0x50 [ 2910.934805] ? selinux_socket_recvmsg+0x36/0x40 [ 2910.937507] audit: type=1800 audit(1577137634.319:551): pid=18457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17125 res=0 [ 2910.939486] ? security_socket_recvmsg+0x91/0xc0 [ 2910.967222] ? skcipher_release+0x50/0x50 [ 2910.968493] audit: type=1804 audit(1577137634.359:552): pid=18457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1568/file0" dev="sda1" ino=17125 res=1 [ 2910.971377] sock_recvmsg+0xc6/0x110 [ 2910.971389] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2910.971401] ___sys_recvmsg+0x21f/0x4d0 [ 2910.971414] ? ___sys_sendmsg+0x840/0x840 [ 2910.971426] ? __fget+0x210/0x370 [ 2910.971443] ? lock_downgrade+0x740/0x740 [ 2910.971458] ? __fget+0x237/0x370 [ 2911.026723] ? __fget_light+0x172/0x1f0 [ 2911.030719] ? __fdget+0x1b/0x20 [ 2911.034105] ? sockfd_lookup_light+0xb4/0x160 [ 2911.038613] __sys_recvmsg+0xb6/0x140 [ 2911.042415] ? SyS_sendmmsg+0x60/0x60 [ 2911.046220] SyS_recvmsg+0x2d/0x50 [ 2911.049763] ? __sys_recvmsg+0x140/0x140 [ 2911.053832] do_syscall_64+0x1e8/0x640 [ 2911.057724] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2911.062583] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2911.067763] RIP: 0033:0x45a919 [ 2911.070944] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2911.078653] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2911.085922] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2911.093200] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2911.100471] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2911.107749] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2911.128458] FAULT_INJECTION: forcing a failure. [ 2911.128458] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2911.141932] CPU: 0 PID: 18452 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2911.149826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2911.149834] Call Trace: [ 2911.161831] dump_stack+0x142/0x197 [ 2911.165482] should_fail.cold+0x10f/0x159 [ 2911.169635] ? __might_sleep+0x93/0xb0 [ 2911.169652] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2911.169665] ? retint_kernel+0x2d/0x2d [ 2911.169676] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2911.169692] ? get_task_policy.part.0+0x1/0xa0 [ 2911.191740] alloc_pages_vma+0xc9/0x4c0 [ 2911.195727] wp_page_copy+0xa5f/0x13d0 [ 2911.199670] ? follow_pfn+0x220/0x220 [ 2911.203463] ? do_raw_spin_unlock+0x16b/0x260 [ 2911.207947] do_wp_page+0x24b/0x1250 [ 2911.211729] ? finish_mkwrite_fault+0x620/0x620 [ 2911.216393] __handle_mm_fault+0x1cc3/0x33d0 [ 2911.220795] ? copy_page_range+0x1de0/0x1de0 [ 2911.225196] ? find_held_lock+0x35/0x130 [ 2911.229271] ? handle_mm_fault+0x1b6/0x7c0 [ 2911.233524] handle_mm_fault+0x293/0x7c0 [ 2911.237600] __do_page_fault+0x4c1/0xb80 [ 2911.241668] ? vmalloc_fault+0xe30/0xe30 [ 2911.245948] do_page_fault+0x71/0x511 [ 2911.249745] page_fault+0x25/0x50 [ 2911.253201] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2911.257948] RSP: 0018:ffff8880847dfac0 EFLAGS: 00010246 [ 2911.263305] RAX: 0000000000000000 RBX: ffff8880847dfdc0 RCX: ffffc90008839000 [ 2911.270570] RDX: 0000000000009776 RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2911.277835] RBP: ffff8880847dfcc8 R08: ffff888041766540 R09: 0000000000000000 [ 2911.285094] R10: 0000000000000000 R11: ffff888041766540 R12: 0000000000000000 [ 2911.292351] R13: 0000000000000000 R14: 0000000020006000 R15: 0000000020006030 [ 2911.299623] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2911.303768] ? ___sys_sendmsg+0x840/0x840 [ 2911.307906] ? save_trace+0x290/0x290 [ 2911.311703] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2911.316631] ? __might_fault+0x110/0x1d0 [ 2911.320685] ? find_held_lock+0x35/0x130 [ 2911.324732] ? __might_fault+0x110/0x1d0 [ 2911.328790] __sys_recvmmsg+0x226/0x6b0 [ 2911.332766] ? SyS_recvmsg+0x50/0x50 [ 2911.336478] ? trace_hardirqs_on_caller+0x400/0x590 [ 2911.341481] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2911.346227] ? check_preemption_disabled+0x3c/0x250 [ 2911.351232] ? retint_kernel+0x2d/0x2d [ 2911.355111] ? SyS_recvmmsg+0x60/0x140 [ 2911.358984] ? __sanitizer_cov_trace_pc+0x45/0x60 [ 2911.363821] SyS_recvmmsg+0x125/0x140 [ 2911.367617] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2911.371756] ? do_syscall_64+0x53/0x640 [ 2911.375720] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2911.379879] do_syscall_64+0x1e8/0x640 [ 2911.383756] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2911.388588] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2911.393762] RIP: 0033:0x45a919 [ 2911.396982] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2911.404687] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2911.411950] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 [ 2911.419248] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2911.426511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 [ 2911.433780] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 21:47:15 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000140)) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-monitor\x00', 0x24000, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r2, 0x89e8) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f00000000c0)={0xa20000, 0x40, 0xfff, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x9a0910, 0x157, [], @value64=0x8}}) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000100)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:15 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_DBG_G_REGISTER(r1, 0xc0385650, &(0x7f0000000000)={{0x0, @addr=0x3f}, 0x8, 0x81, 0x404}) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) sendfile(r0, r0, 0x0, 0x6) [ 2912.105393] audit: type=1800 audit(1577137635.489:553): pid=18469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17201 res=0 [ 2912.128893] audit: type=1804 audit(1577137635.489:554): pid=18469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1569/file0" dev="sda1" ino=17201 res=1 21:47:15 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000040)={0x3, 'ip6gre0\x00', {0x6}, 0x400}) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1f}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) ptrace$cont(0x7, 0x0, 0xa533, 0x4) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) 21:47:15 executing program 3 (fault-call:5 fault-nth:4): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:15 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000000)='veth1\x00') tkill(r0, 0x16) 21:47:15 executing program 5 (fault-call:6 fault-nth:4): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:15 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x6}, &(0x7f0000000180)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={r1, 0xbc, &(0x7f00000001c0)=[@in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e22, 0x7, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x1a}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, [], 0x23}, 0x8}, @in6={0xa, 0x8, 0x4, @empty, 0x400}, @in6={0xa, 0x4e24, 0x478d9d7a, @empty, 0x8}, @in={0x2, 0x4e22, @local}, @in6={0xa, 0x4e22, 0xf4ef, @ipv4={[], [], @loopback}, 0x81}]}, &(0x7f00000002c0)=0x10) r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000080)={0x4, 0x800, 0x523}) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000300)='/dev/cachefiles\x00', 0xc0, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000340)={0x0, 0x4d5b, 0xfb, "4e90bd7ed1afc66ff8c8e4ffce91a40f867aadb4b635b09eb18abecbe4c0baab1a3fda3cc1198170e6743cb3c1f628e8a1a718c271954ddb252e6322fb9610f0cc730cad6858d4c8db73d1b3e3c7584c8d0b927242caace293a4b27b0f14e19efce0c8a0b9f81ed6a2f801d563c0bab37ff0a36b7c561d41eb4bbc27502e18c497bddf7d59b108e9018824c1f0e437cfcdb62309eb7eb97f342cf3240ae229aac033f90662cdfc7f08de65d8c76616a0d1ff0326be6645ec38f70eb93a01e903c17c53eb265215b31030a950d90869423ced71ddb90a2cb4d5c6f225385de12412854ed19f1dc4626213147110856f6820209be6e4c9d0a6d552eb"}, 0x103) sendfile(r0, r2, 0x0, 0x9546) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000000)=0x5, 0x4) 21:47:15 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f0000000080)={0x90e7, 0x3ff, 0xfffffffe, 0x1, 0x1}) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000440)={{0x8, 0x0, 0x0, 0xfffff8c4, 'syz1\x00', 0x8001}, 0x0, [0x7fff, 0x4, 0x68, 0x7fff, 0x0, 0x1ff, 0x3, 0x6, 0xde1, 0xca, 0x0, 0x0, 0x1ff, 0xe761, 0x7fffffff, 0x9, 0x8, 0x800, 0x42, 0xf3e3, 0x400, 0x2, 0x0, 0x27a, 0x400, 0x9, 0xf1, 0x60, 0x9, 0x0, 0x0, 0x2, 0x40, 0x0, 0xa19, 0x4, 0x0, 0x1ff, 0x2, 0x400, 0x6, 0x7fffffff, 0x0, 0xee9, 0x595e, 0x920a, 0x3, 0x5d6d, 0x9d6, 0xca, 0x9c, 0x7, 0x1, 0x2000000000000000, 0x5, 0x2, 0x8, 0x3, 0x5, 0x6, 0x9, 0xfb2d, 0x0, 0x7, 0x1, 0x8, 0xffffffffffff15e7, 0xfffffffffffffff7, 0x0, 0x7, 0x468c2120, 0x10000, 0x95d2, 0x6, 0x5, 0x324d, 0x53f3, 0x10000, 0x7, 0x100000000, 0x6, 0x4, 0x401, 0x1000, 0x8, 0x6f5e, 0x7, 0x7, 0x9, 0x20, 0x1, 0x9, 0x3, 0x7f, 0x1, 0x5, 0x6, 0xffff, 0x40, 0x7, 0x8, 0x100, 0x5, 0x9, 0x79, 0x51b3ddf6, 0x1f, 0x1, 0x2298, 0x93, 0x101, 0x5, 0x0, 0x8, 0x200, 0x8, 0x714, 0xc668, 0xffffffff, 0x8, 0x690, 0x8, 0x1, 0xb6c7, 0x8b67, 0x7, 0x1, 0x40]}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2912.247282] FAULT_INJECTION: forcing a failure. [ 2912.247282] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2912.272166] CPU: 1 PID: 18480 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2912.280103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2912.289465] Call Trace: [ 2912.292071] dump_stack+0x142/0x197 [ 2912.295741] should_fail.cold+0x10f/0x159 [ 2912.299902] ? __might_sleep+0x93/0xb0 [ 2912.303805] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2912.308619] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2912.313666] ? save_trace+0x290/0x290 [ 2912.317482] ? follow_page_pte+0x25e/0x1590 [ 2912.321833] alloc_pages_vma+0xc9/0x4c0 [ 2912.325867] __handle_mm_fault+0x186c/0x33d0 [ 2912.330312] ? copy_page_range+0x1de0/0x1de0 [ 2912.334746] ? find_held_lock+0x35/0x130 [ 2912.338841] ? handle_mm_fault+0x1b6/0x7c0 [ 2912.343114] handle_mm_fault+0x293/0x7c0 [ 2912.345509] FAULT_INJECTION: forcing a failure. [ 2912.345509] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2912.347196] __get_user_pages+0x465/0x12e0 [ 2912.347215] ? follow_page_mask+0x1630/0x1630 [ 2912.347228] ? lock_acquire+0x16f/0x430 [ 2912.347249] get_user_pages_unlocked+0x1f0/0x2f0 [ 2912.347271] ? get_user_pages_locked+0x3d0/0x3d0 [ 2912.381319] ? get_user_pages_fast+0x171/0x2d0 [ 2912.385919] get_user_pages_fast+0x228/0x2d0 [ 2912.390354] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2912.395137] iov_iter_get_pages+0x20f/0xd10 [ 2912.399501] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2912.404469] af_alg_make_sg+0x85/0x400 [ 2912.408377] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2912.413853] ? af_alg_data_wakeup+0x80/0x80 [ 2912.418206] ? rcu_read_lock_sched_held+0x110/0x130 [ 2912.423242] ? __kmalloc+0x376/0x7a0 [ 2912.426985] af_alg_get_rsgl+0x1d3/0x530 [ 2912.429846] vivid-004: kernel_thread() failed [ 2912.431094] skcipher_recvmsg+0x774/0xd30 [ 2912.431126] ? skcipher_release+0x50/0x50 [ 2912.431146] ? selinux_socket_recvmsg+0x36/0x40 [ 2912.431160] ? security_socket_recvmsg+0x91/0xc0 [ 2912.431169] ? skcipher_release+0x50/0x50 [ 2912.431182] sock_recvmsg+0xc6/0x110 [ 2912.431191] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2912.431203] ___sys_recvmsg+0x21f/0x4d0 [ 2912.431218] ? ___sys_sendmsg+0x840/0x840 [ 2912.431229] ? __fget+0x210/0x370 [ 2912.431246] ? lock_downgrade+0x740/0x740 [ 2912.482051] ? __fget+0x237/0x370 [ 2912.485520] ? __fget_light+0x172/0x1f0 [ 2912.489516] ? __fdget+0x1b/0x20 [ 2912.492905] ? sockfd_lookup_light+0xb4/0x160 [ 2912.497414] __sys_recvmsg+0xb6/0x140 [ 2912.501228] ? SyS_sendmmsg+0x60/0x60 [ 2912.505060] SyS_recvmsg+0x2d/0x50 [ 2912.508612] ? __sys_recvmsg+0x140/0x140 [ 2912.512684] do_syscall_64+0x1e8/0x640 [ 2912.516573] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2912.521432] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2912.526626] RIP: 0033:0x45a919 [ 2912.529822] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2912.537551] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 21:47:15 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r0) unlink(&(0x7f0000000040)='./file0\x00') ioctl$TIOCL_SCROLLCONSOLE(r0, 0x541c, &(0x7f0000000000)={0xd, 0x4}) sendfile(r0, r1, 0x0, 0x9546) 21:47:15 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) fallocate(r1, 0x39, 0x80000001, 0x4) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$SIOCX25SCAUSEDIAG(r4, 0x89ec, &(0x7f0000000080)={0x3, 0x1}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) getsockopt$sock_buf(r5, 0x1, 0x1c, &(0x7f00000000c0)=""/186, &(0x7f0000000280)=0xba) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2912.544837] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2912.552123] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2912.559405] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2912.566696] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2912.578141] CPU: 0 PID: 18478 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2912.586219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2912.595590] Call Trace: 21:47:16 executing program 3 (fault-call:5 fault-nth:5): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2912.598206] dump_stack+0x142/0x197 [ 2912.601864] should_fail.cold+0x10f/0x159 [ 2912.606024] ? __might_sleep+0x93/0xb0 [ 2912.609931] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2912.614627] ? trace_hardirqs_on_caller+0x400/0x590 [ 2912.619682] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2912.624719] ? retint_kernel+0x2d/0x2d [ 2912.628629] alloc_pages_vma+0xc9/0x4c0 [ 2912.632623] wp_page_copy+0xa5f/0x13d0 [ 2912.636521] ? retint_kernel+0x2d/0x2d [ 2912.640423] ? follow_pfn+0x220/0x220 [ 2912.640438] ? do_raw_spin_unlock+0x16b/0x260 21:47:16 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000080)={0x9d0000, 0x7, 0x946, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9b0902, 0x8001, [], @string}}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0xc04c5349, &(0x7f0000000140)={0x3, 0x40, 0x80000001}) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2912.640450] do_wp_page+0x24b/0x1250 [ 2912.640462] ? finish_mkwrite_fault+0x620/0x620 [ 2912.640476] __handle_mm_fault+0x1cc3/0x33d0 [ 2912.640490] ? copy_page_range+0x1de0/0x1de0 [ 2912.648840] ? find_held_lock+0x35/0x130 [ 2912.648854] ? handle_mm_fault+0x1b6/0x7c0 [ 2912.648877] handle_mm_fault+0x293/0x7c0 [ 2912.678407] __do_page_fault+0x4c1/0xb80 [ 2912.682493] ? vmalloc_fault+0xe30/0xe30 [ 2912.686581] do_page_fault+0x71/0x511 [ 2912.690404] page_fault+0x25/0x50 [ 2912.693873] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2912.698635] RSP: 0018:ffff8880a0e97ac0 EFLAGS: 00010246 [ 2912.704013] RAX: 0000000000000000 RBX: ffff8880a0e97dc0 RCX: ffffc90008839000 [ 2912.711296] RDX: 0000000000015a6f RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2912.717482] FAULT_INJECTION: forcing a failure. [ 2912.717482] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2912.718580] RBP: ffff8880a0e97cc8 R08: ffff88808d718140 R09: 0000000000000000 [ 2912.718588] R10: 0000000000000000 R11: ffff88808d718140 R12: 0000000000000000 [ 2912.718593] R13: 0000000000000000 R14: 0000000020007000 R15: 0000000020007030 [ 2912.718621] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2912.718643] ? ___sys_sendmsg+0x840/0x840 [ 2912.718663] ? save_trace+0x290/0x290 [ 2912.764378] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2912.769310] ? retint_kernel+0x2d/0x2d [ 2912.773211] ? __might_fault+0x110/0x1d0 [ 2912.777290] ? find_held_lock+0x35/0x130 [ 2912.781366] ? __might_fault+0x110/0x1d0 [ 2912.785448] __sys_recvmmsg+0x226/0x6b0 [ 2912.789441] ? SyS_recvmsg+0x50/0x50 [ 2912.793192] ? lock_downgrade+0x740/0x740 21:47:16 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) fsetxattr$trusted_overlay_nlink(r3, &(0x7f0000000000)='trusted.overlay.nlink\x00', &(0x7f0000000040)={'U-', 0x5}, 0x16, 0x1) tkill(r0, 0x16) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00') sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x7c, r4, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={[], [], @remote}}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @ipv4={[], [], @loopback}}, @FOU_ATTR_PEER_V4={0x8, 0x8, @local}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @rand_addr="92ac3f827aa8d20dccc3f52b436eeded"}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @rand_addr=0x7}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0x23}}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x2e}]}, 0x7c}, 0x1, 0x0, 0x0, 0x44800}, 0x40021) [ 2912.797344] ? retint_kernel+0x2d/0x2d [ 2912.801249] ? check_preemption_disabled+0x3c/0x250 [ 2912.806287] SyS_recvmmsg+0x125/0x140 [ 2912.810099] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2912.814268] ? do_syscall_64+0x81/0x640 [ 2912.818249] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2912.822401] do_syscall_64+0x1e8/0x640 [ 2912.826292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2912.831148] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2912.836342] RIP: 0033:0x45a919 [ 2912.839531] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2912.847239] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2912.854499] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 [ 2912.861765] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2912.869032] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 [ 2912.876291] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 [ 2912.883572] CPU: 1 PID: 18503 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2912.891656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2912.901024] Call Trace: [ 2912.903620] dump_stack+0x142/0x197 [ 2912.907276] should_fail.cold+0x10f/0x159 [ 2912.911438] ? __might_sleep+0x93/0xb0 [ 2912.915347] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2912.920038] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2912.925069] ? save_trace+0x290/0x290 [ 2912.928889] ? follow_page_pte+0x25e/0x1590 [ 2912.933232] alloc_pages_vma+0xc9/0x4c0 [ 2912.937327] __handle_mm_fault+0x186c/0x33d0 [ 2912.941756] ? copy_page_range+0x1de0/0x1de0 [ 2912.946175] ? find_held_lock+0x35/0x130 21:47:16 executing program 5 (fault-call:6 fault-nth:5): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2912.950252] ? handle_mm_fault+0x1b6/0x7c0 [ 2912.954513] handle_mm_fault+0x293/0x7c0 [ 2912.958595] __get_user_pages+0x465/0x12e0 [ 2912.962855] ? follow_page_mask+0x1630/0x1630 [ 2912.967364] ? lock_acquire+0x16f/0x430 [ 2912.971365] get_user_pages_unlocked+0x1f0/0x2f0 [ 2912.976146] ? get_user_pages_locked+0x3d0/0x3d0 [ 2912.980922] ? get_user_pages_fast+0x171/0x2d0 [ 2912.985515] get_user_pages_fast+0x228/0x2d0 [ 2912.989923] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2912.994684] iov_iter_get_pages+0x20f/0xd10 [ 2912.999003] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2913.003952] af_alg_make_sg+0x85/0x400 [ 2913.007848] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2913.013311] ? af_alg_data_wakeup+0x80/0x80 [ 2913.017646] ? rcu_read_lock_sched_held+0x110/0x130 [ 2913.022684] ? __kmalloc+0x376/0x7a0 [ 2913.026419] af_alg_get_rsgl+0x1d3/0x530 [ 2913.030508] skcipher_recvmsg+0x774/0xd30 [ 2913.034691] ? skcipher_release+0x50/0x50 [ 2913.038851] ? selinux_socket_recvmsg+0x36/0x40 [ 2913.042043] FAULT_INJECTION: forcing a failure. [ 2913.042043] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2913.043533] ? security_socket_recvmsg+0x91/0xc0 [ 2913.043546] ? skcipher_release+0x50/0x50 [ 2913.043560] sock_recvmsg+0xc6/0x110 [ 2913.043571] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2913.043582] ___sys_recvmsg+0x21f/0x4d0 [ 2913.043598] ? ___sys_sendmsg+0x840/0x840 [ 2913.043610] ? __fget+0x210/0x370 [ 2913.043630] ? lock_downgrade+0x740/0x740 [ 2913.043650] ? __fget+0x237/0x370 [ 2913.092254] ? __fget_light+0x172/0x1f0 [ 2913.096270] ? __fdget+0x1b/0x20 [ 2913.099664] ? sockfd_lookup_light+0xb4/0x160 [ 2913.104178] __sys_recvmsg+0xb6/0x140 [ 2913.107978] ? SyS_sendmmsg+0x60/0x60 [ 2913.111800] SyS_recvmsg+0x2d/0x50 [ 2913.115340] ? __sys_recvmsg+0x140/0x140 [ 2913.119405] do_syscall_64+0x1e8/0x640 [ 2913.123296] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2913.128150] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2913.133378] RIP: 0033:0x45a919 [ 2913.136565] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2913.144277] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2913.151726] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2913.158997] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2913.166283] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2913.173563] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2913.182867] CPU: 0 PID: 18513 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2913.190797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2913.200169] Call Trace: [ 2913.202773] dump_stack+0x142/0x197 [ 2913.206429] should_fail.cold+0x10f/0x159 [ 2913.210610] ? __might_sleep+0x93/0xb0 [ 2913.214521] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2913.219213] ? trace_hardirqs_on_caller+0x400/0x590 [ 2913.224254] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2913.229300] alloc_pages_vma+0xc9/0x4c0 [ 2913.233295] wp_page_copy+0xa5f/0x13d0 [ 2913.237209] ? retint_kernel+0x2d/0x2d [ 2913.241119] ? follow_pfn+0x220/0x220 [ 2913.244952] ? do_raw_spin_unlock+0x16b/0x260 [ 2913.249462] do_wp_page+0x24b/0x1250 [ 2913.253196] ? finish_mkwrite_fault+0x620/0x620 [ 2913.257901] __handle_mm_fault+0x1cc3/0x33d0 [ 2913.262347] ? copy_page_range+0x1de0/0x1de0 [ 2913.266783] ? find_held_lock+0x35/0x130 [ 2913.269833] FAULT_INJECTION: forcing a failure. [ 2913.269833] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2913.270854] ? handle_mm_fault+0x1b6/0x7c0 [ 2913.270880] handle_mm_fault+0x293/0x7c0 [ 2913.270895] __do_page_fault+0x4c1/0xb80 [ 2913.270911] ? vmalloc_fault+0xe30/0xe30 [ 2913.270932] do_page_fault+0x71/0x511 [ 2913.302957] page_fault+0x25/0x50 [ 2913.306435] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2913.311198] RSP: 0018:ffff888080b27ac0 EFLAGS: 00010246 [ 2913.316580] RAX: 0000000000000000 RBX: ffff888080b27dc0 RCX: ffffc90008839000 [ 2913.323862] RDX: 00000000000161a0 RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2913.331158] RBP: ffff888080b27cc8 R08: ffff8880852b8440 R09: 0000000000000000 [ 2913.338442] R10: 0000000000000000 R11: ffff8880852b8440 R12: 0000000000000000 [ 2913.345886] R13: 0000000000000000 R14: 0000000020008000 R15: 0000000020008030 [ 2913.353194] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2913.357369] ? ___sys_sendmsg+0x840/0x840 [ 2913.361535] ? save_trace+0x290/0x290 [ 2913.365350] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2913.370296] ? retint_kernel+0x2d/0x2d [ 2913.374199] ? __might_fault+0x110/0x1d0 [ 2913.378279] ? find_held_lock+0x35/0x130 [ 2913.382358] ? __might_fault+0x110/0x1d0 [ 2913.386507] ? tcf_idrinfo_destroy+0x30/0x130 [ 2913.391037] __sys_recvmmsg+0x226/0x6b0 [ 2913.395047] ? SyS_recvmsg+0x50/0x50 [ 2913.398779] ? __schedule+0x7c0/0x1cd0 [ 2913.402710] ? retint_kernel+0x2d/0x2d [ 2913.406645] SyS_recvmmsg+0x125/0x140 [ 2913.410469] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2913.414634] ? do_syscall_64+0x53/0x640 [ 2913.418615] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2913.422761] do_syscall_64+0x1e8/0x640 [ 2913.426665] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2913.431522] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2913.436706] RIP: 0033:0x45a919 [ 2913.439909] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b 21:47:16 executing program 3 (fault-call:5 fault-nth:6): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:16 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2913.447605] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2913.454865] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 [ 2913.462122] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2913.469384] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 [ 2913.476655] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 [ 2913.483950] CPU: 1 PID: 18522 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2913.491841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2913.491847] Call Trace: [ 2913.491863] dump_stack+0x142/0x197 [ 2913.491879] should_fail.cold+0x10f/0x159 [ 2913.491889] ? __might_sleep+0x93/0xb0 [ 2913.491902] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2913.520137] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2913.520150] ? save_trace+0x290/0x290 [ 2913.520163] ? follow_page_pte+0x25e/0x1590 [ 2913.520184] alloc_pages_vma+0xc9/0x4c0 [ 2913.520199] __handle_mm_fault+0x186c/0x33d0 [ 2913.520214] ? copy_page_range+0x1de0/0x1de0 [ 2913.520224] ? find_held_lock+0x35/0x130 [ 2913.520233] ? handle_mm_fault+0x1b6/0x7c0 [ 2913.520256] handle_mm_fault+0x293/0x7c0 [ 2913.558628] __get_user_pages+0x465/0x12e0 [ 2913.562895] ? follow_page_mask+0x1630/0x1630 [ 2913.567414] ? lock_acquire+0x16f/0x430 [ 2913.571426] get_user_pages_unlocked+0x1f0/0x2f0 [ 2913.576214] ? get_user_pages_locked+0x3d0/0x3d0 [ 2913.580990] ? get_user_pages_fast+0x171/0x2d0 [ 2913.585586] get_user_pages_fast+0x228/0x2d0 [ 2913.590163] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2913.594942] iov_iter_get_pages+0x20f/0xd10 [ 2913.599284] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2913.604235] af_alg_make_sg+0x85/0x400 [ 2913.608139] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2913.613713] ? af_alg_data_wakeup+0x80/0x80 [ 2913.618057] ? rcu_read_lock_sched_held+0x110/0x130 [ 2913.623096] ? __kmalloc+0x376/0x7a0 [ 2913.626821] af_alg_get_rsgl+0x1d3/0x530 [ 2913.630878] skcipher_recvmsg+0x774/0xd30 [ 2913.635022] ? skcipher_release+0x50/0x50 [ 2913.639162] ? selinux_socket_recvmsg+0x36/0x40 [ 2913.643833] ? security_socket_recvmsg+0x91/0xc0 [ 2913.648601] ? skcipher_release+0x50/0x50 [ 2913.652746] sock_recvmsg+0xc6/0x110 [ 2913.656601] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2913.661621] ___sys_recvmsg+0x21f/0x4d0 [ 2913.665718] ? ___sys_sendmsg+0x840/0x840 [ 2913.669868] ? __fget+0x210/0x370 [ 2913.673316] ? lock_downgrade+0x740/0x740 [ 2913.677458] ? __fget+0x237/0x370 [ 2913.681038] ? __fget_light+0x172/0x1f0 [ 2913.685020] ? __fdget+0x1b/0x20 [ 2913.688389] ? sockfd_lookup_light+0xb4/0x160 [ 2913.692872] __sys_recvmsg+0xb6/0x140 [ 2913.696657] ? SyS_sendmmsg+0x60/0x60 [ 2913.700471] SyS_recvmsg+0x2d/0x50 [ 2913.704010] ? __sys_recvmsg+0x140/0x140 [ 2913.708070] do_syscall_64+0x1e8/0x640 [ 2913.711949] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2913.716909] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2913.722098] RIP: 0033:0x45a919 [ 2913.725279] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2913.732978] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2913.740241] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2913.747507] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2913.754836] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2913.762117] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:18 executing program 5 (fault-call:6 fault-nth:6): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:18 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1, 0x80000, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000500)='fou\x00') r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000440)='/dev/bsg\x00', 0x0, 0x0) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) r11 = socket(0x11, 0x800000003, 0x0) bind(r11, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r11, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) ioctl$sock_inet6_SIOCADDRT(r10, 0x890b, &(0x7f0000000000)={@remote, @ipv4={[], [], @dev}, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x0, 0x80, 0x0, 0x400, 0x400000000000000, 0xa1200005, r12}) ioctl$sock_inet6_SIOCADDRT(r9, 0x890b, &(0x7f0000000280)={@dev={0xfe, 0x80, [], 0x26}, @mcast2, @empty, 0x0, 0x0, 0x5, 0x400, 0x0, 0x4000000, r12}) r13 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x0, 0x0) r14 = socket$inet6_tcp(0xa, 0x1, 0x0) r15 = socket$inet6_tcp(0xa, 0x1, 0x0) r16 = socket(0x11, 0x800000003, 0x0) bind(r16, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r16, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) ioctl$sock_inet6_SIOCADDRT(r15, 0x890b, &(0x7f0000000000)={@local, @initdev={0xfe, 0x88, [], 0xfd, 0x0}, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x0, 0x7e, 0x1, 0x500, 0x2, 0x80000, r17}) ioctl$sock_inet6_SIOCADDRT(r14, 0x890b, &(0x7f0000000280)={@dev={0xfe, 0x80, [], 0x26}, @loopback, @empty, 0x0, 0x0, 0x5, 0x400, 0x0, 0x4000000, r17}) ioctl$sock_inet6_SIOCSIFADDR(r13, 0x8916, &(0x7f0000000040)={@dev={0xfe, 0x80, [], 0xb}, 0x57, r17}) sendmsg$FOU_CMD_ADD(r8, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x88800000}, 0xc, &(0x7f00000004c0)={&(0x7f00000005c0)=ANY=[@ANYRES16=0x0, @ANYBLOB, @ANYRES32=r12, @ANYBLOB="0800060000000000080008007f0000011400070000000000000000000000ffffac1e01011400090000000000000000000000ffffac14142208000b00", @ANYRES32=r17, @ANYBLOB="08000600e0000001"], 0x6}, 0x1, 0x0, 0x0, 0x8000}, 0x10) ioctl$sock_SIOCADDRT(r3, 0x890b, &(0x7f0000000580)={0x0, @xdp={0x2c, 0x2, r12, 0x36}, @nfc={0x27, 0x1, 0x2, 0xdd069ba3677b842c}, @ipx={0x4, 0x64, 0xdb, "0b8d46298d44", 0xff}, 0x5, 0x0, 0x0, 0x0, 0x8898, 0x0, 0x7fffffff, 0x401, 0xa1}) r19 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000440)='/dev/bsg\x00', 0x0, 0x0) r20 = socket$inet6_tcp(0xa, 0x1, 0x0) r21 = socket(0x11, 0x800000003, 0x0) bind(r21, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r21, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) ioctl$sock_inet6_SIOCADDRT(r20, 0x890b, &(0x7f0000000280)={@dev={0xfe, 0x80, [], 0x26}, @mcast2, @empty, 0x0, 0x0, 0x5, 0x400, 0x0, 0x4000000, r22}) r23 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x0, 0x0) r24 = socket$inet6_tcp(0xa, 0x1, 0x0) r25 = socket(0x11, 0x800000003, 0x0) bind(r25, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r25, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) ioctl$sock_inet6_SIOCADDRT(r24, 0x890b, &(0x7f0000000000)={@local, @initdev={0xfe, 0x88, [], 0xfd, 0x0}, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x0, 0x7e, 0x1, 0x500, 0x2, 0x80000, r26}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000280)={@dev={0xfe, 0x80, [], 0x26}, @loopback, @empty, 0x0, 0x0, 0x5, 0x400, 0x0, 0x4000000, r26}) ioctl$sock_inet6_SIOCSIFADDR(r23, 0x8916, &(0x7f0000000040)={@dev={0xfe, 0x80, [], 0xb}, 0x57, r26}) sendmsg$FOU_CMD_ADD(r19, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x88800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB, @ANYRES32=r22, @ANYBLOB="0800060000000000080008007f0000011400070000000000000000000000ffffac1e01011400090000000000000000000000ffffac14142208000b00", @ANYRES32=r26, @ANYBLOB="08936ef018dcfc286202a376d38be278a05becd951380b63"], 0x6}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r27 = accept$ax25(r8, &(0x7f0000000640)={{}, [@remote, @rose, @null, @remote, @netrom, @rose]}, &(0x7f00000006c0)=0x48) ioctl$sock_SIOCDELRT(r27, 0x890c, &(0x7f0000000900)={0x0, @xdp={0x2c, 0x6, r22, 0x32}, @ax25={0x3, @null, 0x5}, @xdp={0x2c, 0x8, 0x0, 0x1c}, 0xfffd, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5b0c, 0x9, 0x3f}) sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000a40)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80a014}, 0xc, &(0x7f0000000a00)={&(0x7f0000000980)={0x64, r7, 0x1002, 0x70bd26, 0x25dfdbfd, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r18}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0xc}, @FOU_ATTR_PEER_V4={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, [], 0x22}}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @broadcast}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IFINDEX={0x8, 0xb, r28}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @rand_addr=0x9}]}, 0x64}, 0x1, 0x0, 0x0, 0x1}, 0x40014) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='~I_(', @ANYRES16=r7, @ANYBLOB="020027bd7000fedbdf250200000008000800ffffffff"], 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x4000004) r29 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r30, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r30, 0xa, 0x12) recvmmsg(r31, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r30, r31) fcntl$setown(r31, 0x8, r29) tkill(r29, 0x16) 21:47:18 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r1, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e1934ef946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x2b) sync() unlink(&(0x7f00000001c0)='./file0\x00') open(&(0x7f0000000000)='./file0\x00', 0x10000, 0x8) sendfile(r0, r1, 0x0, 0x9546) 21:47:18 executing program 3 (fault-call:5 fault-nth:7): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2915.277432] FAULT_INJECTION: forcing a failure. [ 2915.277432] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2915.316668] kauditd_printk_skb: 10 callbacks suppressed [ 2915.316676] audit: type=1800 audit(1577137638.689:565): pid=18536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17465 res=0 [ 2915.390322] CPU: 0 PID: 18535 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2915.398274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2915.407650] Call Trace: [ 2915.410264] dump_stack+0x142/0x197 [ 2915.413923] should_fail.cold+0x10f/0x159 [ 2915.418110] ? __might_sleep+0x93/0xb0 [ 2915.422022] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2915.425143] FAULT_INJECTION: forcing a failure. [ 2915.425143] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:47:18 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/144, 0x10}, {&(0x7f00000018c0)=""/69, 0x45}], 0x3, 0x1) r2 = accept(r0, &(0x7f0000000000)=@l2, &(0x7f0000000080)=0x80) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000000140)={0x1, [0x8001]}, 0x6) r3 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r4, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r4, 0xa, 0x12) recvmmsg(r5, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001) r6 = dup2(r4, r5) r7 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r7, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2334, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r8, 0x0, 0xffffffffffffffff, 0x0) fcntl$lock(r7, 0x0, &(0x7f00000013c0)={0x1, 0x4, 0x4, 0x1, r8}) r9 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000200)='SEG6\x00') sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, r9, 0x0, 0x0, 0x25dfdbfe, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}]}, 0x1c}}, 0x58800) sendmsg$SEG6_CMD_GET_TUNSRC(r6, &(0x7f0000001880)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001840)={&(0x7f00000017c0)={0x6c, r9, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x2, 0x6]}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x3}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x5}, @SEG6_ATTR_DST={0x14, 0x1, @ipv4={[], [], @remote}}, @SEG6_ATTR_ALGID={0x8}, @SEG6_ATTR_ALGID={0x8, 0x6, 0xa5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20}, 0x800) fcntl$setown(r5, 0x8, r3) tkill(r3, 0x15) r10 = add_key(&(0x7f0000001400)='big_key\x00', &(0x7f0000001440)={'syz', 0x2}, &(0x7f0000001480)="efd3fc55d6e8fc32110bd68d3a4205ec14099c191252552a7f3ae135461e6def82a102e781315fca0515d72465303562a7a980588ca82edd9dc48764b140b1c7e95193fdb8cfaccf6a92cc8ae9e6c9f277409858670e8829c4e04cce08fe063b61f82a80a314942d7da559eec6c8cda7f65a4c8aa61723f34657159f31ead6e664fe3f13af4af914140942d9c15161b418fc46eb5539dfea39914713e0a2d8e919fb90", 0xa3, 0xffffffffffffffff) keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000001540)={r10, 0xa0, 0xad}, &(0x7f0000001580)={'enc=', 'oaep', ' hash=', {'sha256-avx2\x00'}}, &(0x7f0000001600)="f4275fad4243f0ff58c7ced0525b247b721871f397ff6e8459db8f23ba654492b1ba76f8cbdebdc05900d59bd4036ab8c53993d49cd207969c8e3c9b7e0b851c9d9122f034696e0c3b63181022a5c63987d87ca2a5103fac9457ba6949e299099037d4773231097e121f6deab2e13f075dbf344cc7b156de46065a016b078f103bc9f2215f3fc0e4de8a36e7b9ca8b07b21e6d8920b10cad45f65c1c70b27d2c", &(0x7f00000016c0)=""/173) [ 2915.426710] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2915.426723] ? save_trace+0x290/0x290 [ 2915.426738] ? follow_page_pte+0x25e/0x1590 [ 2915.426756] alloc_pages_vma+0xc9/0x4c0 [ 2915.426771] __handle_mm_fault+0x186c/0x33d0 [ 2915.426786] ? copy_page_range+0x1de0/0x1de0 [ 2915.426797] ? find_held_lock+0x35/0x130 [ 2915.426808] ? handle_mm_fault+0x1b6/0x7c0 [ 2915.426832] handle_mm_fault+0x293/0x7c0 [ 2915.477159] __get_user_pages+0x465/0x12e0 [ 2915.481425] ? follow_page_mask+0x1630/0x1630 [ 2915.485929] ? lock_acquire+0x16f/0x430 [ 2915.489922] get_user_pages_unlocked+0x1f0/0x2f0 [ 2915.494707] ? get_user_pages_locked+0x3d0/0x3d0 [ 2915.499501] ? get_user_pages_fast+0x171/0x2d0 [ 2915.504112] get_user_pages_fast+0x228/0x2d0 [ 2915.508662] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2915.513437] iov_iter_get_pages+0x20f/0xd10 [ 2915.517787] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2915.522747] af_alg_make_sg+0x85/0x400 [ 2915.526656] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2915.532131] ? af_alg_data_wakeup+0x80/0x80 [ 2915.536468] ? rcu_read_lock_sched_held+0x110/0x130 [ 2915.541495] ? __kmalloc+0x376/0x7a0 [ 2915.545231] af_alg_get_rsgl+0x1d3/0x530 [ 2915.549429] skcipher_recvmsg+0x774/0xd30 [ 2915.553609] ? skcipher_release+0x50/0x50 [ 2915.557771] ? selinux_socket_recvmsg+0x36/0x40 [ 2915.562467] ? security_socket_recvmsg+0x91/0xc0 [ 2915.567263] ? skcipher_release+0x50/0x50 [ 2915.571423] sock_recvmsg+0xc6/0x110 [ 2915.575159] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2915.580199] ___sys_recvmsg+0x21f/0x4d0 [ 2915.584191] ? ___sys_sendmsg+0x840/0x840 [ 2915.588370] ? __fget+0x210/0x370 [ 2915.591850] ? lock_downgrade+0x740/0x740 [ 2915.596016] ? __fget+0x237/0x370 [ 2915.599497] ? __fget_light+0x172/0x1f0 [ 2915.603487] ? __fdget+0x1b/0x20 [ 2915.606864] ? sockfd_lookup_light+0xb4/0x160 [ 2915.611374] __sys_recvmsg+0xb6/0x140 [ 2915.615177] ? SyS_sendmmsg+0x60/0x60 [ 2915.618255] audit: type=1804 audit(1577137638.699:566): pid=18536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1572/file0" dev="sda1" ino=17465 res=1 [ 2915.619005] SyS_recvmsg+0x2d/0x50 [ 2915.649883] ? __sys_recvmsg+0x140/0x140 [ 2915.653972] do_syscall_64+0x1e8/0x640 [ 2915.657886] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2915.662762] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2915.667965] RIP: 0033:0x45a919 [ 2915.671169] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2915.678898] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2915.686177] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2915.693571] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2915.700896] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2915.708311] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2915.715717] CPU: 1 PID: 18533 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2915.723630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2915.733091] Call Trace: [ 2915.735711] dump_stack+0x142/0x197 [ 2915.739490] should_fail.cold+0x10f/0x159 [ 2915.743648] ? __might_sleep+0x93/0xb0 [ 2915.747652] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2915.752327] ? check_preemption_disabled+0x3c/0x250 [ 2915.757342] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2915.762359] alloc_pages_vma+0xc9/0x4c0 [ 2915.766326] wp_page_copy+0xa5f/0x13d0 [ 2915.770204] ? retint_kernel+0x2d/0x2d [ 2915.774079] ? follow_pfn+0x220/0x220 [ 2915.777866] ? do_raw_spin_unlock+0x16b/0x260 [ 2915.782506] do_wp_page+0x24b/0x1250 [ 2915.786215] ? finish_mkwrite_fault+0x620/0x620 [ 2915.790878] ? __handle_mm_fault+0x1cb7/0x33d0 [ 2915.795448] __handle_mm_fault+0x1cc3/0x33d0 [ 2915.799852] ? copy_page_range+0x1de0/0x1de0 [ 2915.804260] ? find_held_lock+0x35/0x130 [ 2915.808325] ? handle_mm_fault+0x1b6/0x7c0 [ 2915.812559] handle_mm_fault+0x293/0x7c0 [ 2915.816614] __do_page_fault+0x4c1/0xb80 [ 2915.820676] ? vmalloc_fault+0xe30/0xe30 [ 2915.824726] do_page_fault+0x71/0x511 [ 2915.828513] page_fault+0x25/0x50 [ 2915.831955] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2915.836697] RSP: 0018:ffff888012fc7ac0 EFLAGS: 00010246 [ 2915.842048] RAX: 0000000000000000 RBX: ffff888012fc7dc0 RCX: ffffc90008839000 [ 2915.849302] RDX: 0000000000027daa RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2915.856608] RBP: ffff888012fc7cc8 R08: ffff8880a9a86540 R09: 0000000000000000 [ 2915.863875] R10: 0000000000000000 R11: ffff8880a9a86540 R12: 0000000000000000 [ 2915.871129] R13: 0000000000000000 R14: 0000000020009000 R15: 0000000020009030 [ 2915.878400] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2915.882543] ? ___sys_sendmsg+0x840/0x840 [ 2915.886685] ? save_trace+0x290/0x290 [ 2915.890471] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2915.895388] ? __might_fault+0x110/0x1d0 [ 2915.899433] ? find_held_lock+0x35/0x130 [ 2915.903477] ? __might_fault+0x110/0x1d0 [ 2915.907531] __sys_recvmmsg+0x226/0x6b0 [ 2915.911492] ? SyS_recvmsg+0x50/0x50 [ 2915.915208] ? lock_downgrade+0x740/0x740 [ 2915.919348] ? retint_kernel+0x2d/0x2d [ 2915.923221] ? trace_hardirqs_on_caller+0x400/0x590 [ 2915.928222] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2915.932973] SyS_recvmmsg+0x125/0x140 [ 2915.936756] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2915.940890] ? do_syscall_64+0x53/0x640 [ 2915.944866] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2915.949015] do_syscall_64+0x1e8/0x640 [ 2915.952889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2915.957720] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2915.962893] RIP: 0033:0x45a919 [ 2915.966067] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2915.973760] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2915.981028] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 21:47:19 executing program 3 (fault-call:5 fault-nth:8): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2915.988282] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2915.995541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 [ 2916.002795] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 [ 2916.042708] FAULT_INJECTION: forcing a failure. [ 2916.042708] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2916.062076] audit: type=1800 audit(1577137639.399:567): pid=18536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16580 res=0 [ 2916.066855] CPU: 1 PID: 18548 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2916.093006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2916.101672] audit: type=1804 audit(1577137639.409:568): pid=18536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1572/file0" dev="sda1" ino=16580 res=1 [ 2916.102364] Call Trace: [ 2916.102385] dump_stack+0x142/0x197 [ 2916.102403] should_fail.cold+0x10f/0x159 21:47:19 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x154) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$LOOP_CLR_FD(r2, 0x4c01) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f0000000000)) preadv(r4, &(0x7f00000017c0), 0x199, 0x0) dup2(r3, r4) [ 2916.102413] ? __might_sleep+0x93/0xb0 [ 2916.102426] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2916.148667] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2916.153699] ? save_trace+0x290/0x290 [ 2916.153715] audit: type=1800 audit(1577137639.449:569): pid=18551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16660 res=0 [ 2916.157499] ? follow_page_pte+0x25e/0x1590 [ 2916.157517] alloc_pages_vma+0xc9/0x4c0 [ 2916.157534] __handle_mm_fault+0x186c/0x33d0 21:47:19 executing program 5 (fault-call:6 fault-nth:7): prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2916.157548] ? copy_page_range+0x1de0/0x1de0 [ 2916.157559] ? find_held_lock+0x35/0x130 [ 2916.183260] audit: type=1804 audit(1577137639.449:570): pid=18551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1573/file0" dev="sda1" ino=16660 res=1 [ 2916.184896] ? handle_mm_fault+0x1b6/0x7c0 [ 2916.184924] handle_mm_fault+0x293/0x7c0 [ 2916.184938] __get_user_pages+0x465/0x12e0 [ 2916.184953] ? follow_page_mask+0x1630/0x1630 [ 2916.184964] ? lock_acquire+0x16f/0x430 [ 2916.184982] get_user_pages_unlocked+0x1f0/0x2f0 [ 2916.184997] ? get_user_pages_locked+0x3d0/0x3d0 [ 2916.229152] ? get_user_pages_fast+0x171/0x2d0 [ 2916.229167] get_user_pages_fast+0x228/0x2d0 [ 2916.229180] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2916.229199] iov_iter_get_pages+0x20f/0xd10 [ 2916.264311] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2916.264331] af_alg_make_sg+0x85/0x400 [ 2916.264346] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2916.264358] ? af_alg_data_wakeup+0x80/0x80 [ 2916.264369] ? rcu_read_lock_sched_held+0x110/0x130 [ 2916.264381] ? __kmalloc+0x376/0x7a0 [ 2916.305162] af_alg_get_rsgl+0x1d3/0x530 [ 2916.309252] skcipher_recvmsg+0x774/0xd30 [ 2916.313429] ? skcipher_release+0x50/0x50 [ 2916.317587] ? selinux_socket_recvmsg+0x36/0x40 [ 2916.322274] ? security_socket_recvmsg+0x91/0xc0 [ 2916.327046] ? skcipher_release+0x50/0x50 [ 2916.331210] sock_recvmsg+0xc6/0x110 [ 2916.334942] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2916.339976] ___sys_recvmsg+0x21f/0x4d0 21:47:19 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f00000000c0)) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r2, 0xc040564a, &(0x7f0000000080)={0x8f, 0x0, 0x1016, 0x10001, 0x4, 0x0, 0x3ff}) ftruncate(r1, 0x1000000) r3 = openat$ion(0xffffffffffffff9c, &(0x7f00000018c0)='/dev/ion\x00', 0x40000, 0x0) sendfile(r3, r0, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2916.343968] ? ___sys_sendmsg+0x840/0x840 [ 2916.348135] ? __fget+0x210/0x370 [ 2916.351614] ? lock_downgrade+0x740/0x740 [ 2916.355787] ? __fget+0x237/0x370 [ 2916.359260] ? __fget_light+0x172/0x1f0 [ 2916.363246] ? __fdget+0x1b/0x20 [ 2916.366629] ? sockfd_lookup_light+0xb4/0x160 [ 2916.371140] __sys_recvmsg+0xb6/0x140 [ 2916.374959] ? SyS_sendmmsg+0x60/0x60 [ 2916.378841] SyS_recvmsg+0x2d/0x50 [ 2916.382394] ? __sys_recvmsg+0x140/0x140 [ 2916.386474] do_syscall_64+0x1e8/0x640 21:47:19 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) openat$vim2m(0xffffffffffffff9c, &(0x7f0000001480)='/dev/video35\x00', 0x2, 0x0) syz_open_dev$evdev(&(0x7f00000014c0)='/dev/input/event#\x00', 0x6, 0x24506) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5387, &(0x7f0000001440)) tkill(r0, 0x16) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000013c0)={0x0, 0xfffffffffffffffc, 0x52, 0xfd, @scatter={0x3, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/220, 0xdc}, {&(0x7f0000000000)=""/102, 0x66}, {&(0x7f0000000300)=""/154, 0x9a}]}, &(0x7f0000000240)="1c50a9a622a210e20ad1295b6fbbe42dbb4df5920f9713c7187496bb9f745f9479f2ad74e935a933cd7352bd629f8d692399f28d6cc4064d3c6ef03dbf81917368b5d714c2ad2d0f68aeaad757cb911bd159", &(0x7f00000003c0)=""/4096, 0x69, 0x10020, 0x2, 0x0}) [ 2916.390375] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2916.395243] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2916.400445] RIP: 0033:0x45a919 [ 2916.401019] FAULT_INJECTION: forcing a failure. [ 2916.401019] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2916.403633] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2916.403646] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2916.403651] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:47:19 executing program 3 (fault-call:5 fault-nth:9): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2916.403658] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2916.403664] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2916.403670] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2916.447366] audit: type=1800 audit(1577137639.829:571): pid=18551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16568 res=0 21:47:19 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x400000, 0xd2) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2916.479800] audit: type=1804 audit(1577137639.859:572): pid=18551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1573/file0" dev="sda1" ino=16568 res=1 [ 2916.522765] FAULT_INJECTION: forcing a failure. [ 2916.522765] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2916.549358] CPU: 1 PID: 18564 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2916.557289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2916.566656] Call Trace: [ 2916.569255] dump_stack+0x142/0x197 [ 2916.572991] should_fail.cold+0x10f/0x159 [ 2916.577187] ? __might_sleep+0x93/0xb0 [ 2916.581096] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2916.585782] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2916.590805] ? save_trace+0x290/0x290 [ 2916.594609] ? follow_page_pte+0x25e/0x1590 [ 2916.598937] alloc_pages_vma+0xc9/0x4c0 [ 2916.602917] __handle_mm_fault+0x186c/0x33d0 [ 2916.607325] ? copy_page_range+0x1de0/0x1de0 [ 2916.611734] ? find_held_lock+0x35/0x130 [ 2916.615797] ? handle_mm_fault+0x1b6/0x7c0 [ 2916.620054] handle_mm_fault+0x293/0x7c0 [ 2916.624120] __get_user_pages+0x465/0x12e0 [ 2916.628368] ? follow_page_mask+0x1630/0x1630 [ 2916.632874] ? lock_acquire+0x16f/0x430 [ 2916.636869] get_user_pages_unlocked+0x1f0/0x2f0 [ 2916.641639] ? get_user_pages_locked+0x3d0/0x3d0 [ 2916.646406] ? get_user_pages_fast+0x171/0x2d0 [ 2916.651019] get_user_pages_fast+0x228/0x2d0 [ 2916.655477] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2916.660253] iov_iter_get_pages+0x20f/0xd10 [ 2916.664719] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2916.669679] af_alg_make_sg+0x85/0x400 [ 2916.673583] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2916.679044] ? af_alg_data_wakeup+0x80/0x80 [ 2916.683387] ? rcu_read_lock_sched_held+0x110/0x130 [ 2916.688418] ? __kmalloc+0x376/0x7a0 [ 2916.692157] af_alg_get_rsgl+0x1d3/0x530 [ 2916.696234] skcipher_recvmsg+0x774/0xd30 [ 2916.700390] ? skcipher_release+0x50/0x50 [ 2916.704539] ? selinux_socket_recvmsg+0x36/0x40 [ 2916.709213] ? security_socket_recvmsg+0x91/0xc0 [ 2916.713968] ? skcipher_release+0x50/0x50 [ 2916.718119] sock_recvmsg+0xc6/0x110 [ 2916.721833] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2916.726851] ___sys_recvmsg+0x21f/0x4d0 [ 2916.730842] ? ___sys_sendmsg+0x840/0x840 [ 2916.734998] ? __fget+0x210/0x370 [ 2916.738457] ? lock_downgrade+0x740/0x740 [ 2916.742622] ? __fget+0x237/0x370 [ 2916.746078] ? __fget_light+0x172/0x1f0 [ 2916.750051] ? __fdget+0x1b/0x20 [ 2916.753419] ? sockfd_lookup_light+0xb4/0x160 [ 2916.757922] __sys_recvmsg+0xb6/0x140 [ 2916.761720] ? SyS_sendmmsg+0x60/0x60 [ 2916.765537] SyS_recvmsg+0x2d/0x50 [ 2916.769072] ? __sys_recvmsg+0x140/0x140 [ 2916.773136] do_syscall_64+0x1e8/0x640 [ 2916.777027] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2916.781875] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2916.787064] RIP: 0033:0x45a919 [ 2916.790252] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2916.797965] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2916.805243] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2916.812524] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2916.819809] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2916.827089] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2916.834596] CPU: 0 PID: 18554 Comm: syz-executor.5 Not tainted 4.14.160-syzkaller #0 [ 2916.842501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2916.851874] Call Trace: [ 2916.854471] dump_stack+0x142/0x197 [ 2916.854491] should_fail.cold+0x10f/0x159 [ 2916.854502] ? __might_sleep+0x93/0xb0 [ 2916.854515] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2916.862282] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2916.875862] alloc_pages_vma+0xc9/0x4c0 [ 2916.879872] wp_page_copy+0xa5f/0x13d0 [ 2916.883783] ? follow_pfn+0x220/0x220 [ 2916.887610] ? do_raw_spin_unlock+0x16b/0x260 [ 2916.892135] do_wp_page+0x24b/0x1250 [ 2916.895866] ? finish_mkwrite_fault+0x620/0x620 [ 2916.900688] __handle_mm_fault+0x1cc3/0x33d0 [ 2916.905116] ? copy_page_range+0x1de0/0x1de0 [ 2916.909542] ? find_held_lock+0x35/0x130 [ 2916.913614] ? handle_mm_fault+0x1b6/0x7c0 [ 2916.917888] handle_mm_fault+0x293/0x7c0 [ 2916.921970] __do_page_fault+0x4c1/0xb80 [ 2916.926050] ? vmalloc_fault+0xe30/0xe30 [ 2916.930136] do_page_fault+0x71/0x511 [ 2916.933960] page_fault+0x25/0x50 [ 2916.937426] RIP: 0010:___sys_recvmsg+0x2d2/0x4d0 [ 2916.942185] RSP: 0018:ffff88808d7e7ac0 EFLAGS: 00010246 21:47:20 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) clock_nanosleep(0x5, 0x3, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2916.947562] RAX: 0000000000000000 RBX: ffff88808d7e7dc0 RCX: ffffc90008839000 [ 2916.954844] RDX: 00000000000280ed RSI: ffffffff8514c1c0 RDI: 0000000000000001 [ 2916.962135] RBP: ffff88808d7e7cc8 R08: ffff888092404640 R09: 0000000000000000 [ 2916.969416] R10: 0000000000000000 R11: ffff888092404640 R12: 0000000000000000 [ 2916.976693] R13: 0000000000000000 R14: 000000002000a000 R15: 000000002000a030 [ 2916.983973] ? ___sys_recvmsg+0x2d0/0x4d0 [ 2916.988132] ? ___sys_sendmsg+0x840/0x840 [ 2916.992288] ? save_trace+0x290/0x290 [ 2916.996140] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2917.001083] ? __might_fault+0x110/0x1d0 [ 2917.005149] ? find_held_lock+0x35/0x130 [ 2917.009197] ? __might_fault+0x110/0x1d0 [ 2917.013258] __sys_recvmmsg+0x226/0x6b0 [ 2917.017233] ? SyS_recvmsg+0x50/0x50 [ 2917.020959] ? lock_downgrade+0x740/0x740 [ 2917.025118] ? __mutex_unlock_slowpath+0x71/0x800 [ 2917.029960] ? check_preemption_disabled+0x3c/0x250 [ 2917.035002] SyS_recvmmsg+0x125/0x140 [ 2917.038815] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2917.042969] ? do_syscall_64+0x53/0x640 [ 2917.046957] ? __sys_recvmmsg+0x6b0/0x6b0 [ 2917.051124] do_syscall_64+0x1e8/0x640 [ 2917.055025] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2917.059893] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2917.065084] RIP: 0033:0x45a919 [ 2917.068319] RSP: 002b:00007f3cbca61c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2917.076131] RAX: ffffffffffffffda RBX: 00007f3cbca61c90 RCX: 000000000045a919 [ 2917.083394] RDX: 08000000000001f0 RSI: 0000000020002bc0 RDI: 0000000000000005 [ 2917.090659] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2917.097925] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3cbca626d4 [ 2917.105187] R13: 00000000004c8fa4 R14: 00000000004e0a30 R15: 0000000000000006 21:47:21 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) socket(0x8, 0xf, 0x3) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) mq_timedreceive(r2, &(0x7f0000000080)=""/40, 0x28, 0xfffffffffffff001, &(0x7f0000000140)={0x0, 0x989680}) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) r3 = socket$inet6(0xa, 0x801, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet_udp(0x2, 0x2, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x4030582a, &(0x7f0000000380)) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r5, 0x6612, 0x0) setsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x0, 0xffffff00}, 0x10) r6 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20}, 0x19) listen(r3, 0xfffffffffffffffd) syz_emit_ethernet(0x8a, &(0x7f0000000200)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "8000", 0x54, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x15, 0x11, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x4, 0x3}, @sack_perm={0x4, 0x2}, @generic={0x1, 0x7, "9aef56da18"}, @fastopen={0x22, 0xd, "655536e409bfb0b30d51e8"}, @generic={0x0, 0x4, "a1e3"}, @eol, @md5sig={0x13, 0x12, "b92a96f5577b91b78f61632f2f2c3ec0"}, @mss={0x2, 0x4, 0xfff}, @generic={0x5, 0x2}]}}}}}}}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r7, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:21 executing program 3 (fault-call:5 fault-nth:10): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:21 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9545) 21:47:21 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@empty}}, &(0x7f0000000240)=0xe8) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x800, &(0x7f0000000300)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r4}, 0x2c, {'group_id', 0x3d, 0xffffffffffffffff}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x6}}, {@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x1600}}], [{@smackfsdef={'smackfsdef'}}]}}) tkill(r0, 0x16) 21:47:21 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f0000000000)={{0x1f, 0x5}, 'port1\x00', 0x0, 0x11006, 0x8, 0x6, 0x0, 0x6, 0xfffffffb, 0x0, 0x4, 0xb7}) preadv(r0, &(0x7f00000017c0), 0x199, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x9, r0, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r4, 0x0, 0xffffffffffffffff, 0x0) ptrace$getregs(0xc, r4, 0x1000, &(0x7f0000000300)=""/4096) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) r5 = syz_open_dev$audion(&(0x7f0000001400)='/dev/audio#\x00', 0x400, 0x80) setsockopt$netlink_NETLINK_PKTINFO(r5, 0x10e, 0x3, &(0x7f0000001440)=0x6, 0x4) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) [ 2918.479439] audit: type=1800 audit(1577137641.859:573): pid=18586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17106 res=0 [ 2918.506663] FAULT_INJECTION: forcing a failure. [ 2918.506663] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2918.507397] audit: type=1804 audit(1577137641.899:574): pid=18586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1575/file0" dev="sda1" ino=17106 res=1 [ 2918.531400] CPU: 1 PID: 18590 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2918.553957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2918.563330] Call Trace: [ 2918.565930] dump_stack+0x142/0x197 [ 2918.569569] should_fail.cold+0x10f/0x159 [ 2918.573727] ? __might_sleep+0x93/0xb0 [ 2918.577636] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2918.582321] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2918.587498] ? save_trace+0x290/0x290 [ 2918.591471] ? follow_page_pte+0x25e/0x1590 [ 2918.595818] alloc_pages_vma+0xc9/0x4c0 [ 2918.599814] __handle_mm_fault+0x186c/0x33d0 [ 2918.604244] ? copy_page_range+0x1de0/0x1de0 [ 2918.608749] ? find_held_lock+0x35/0x130 [ 2918.612839] ? handle_mm_fault+0x1b6/0x7c0 [ 2918.617114] handle_mm_fault+0x293/0x7c0 [ 2918.621207] __get_user_pages+0x465/0x12e0 [ 2918.625489] ? follow_page_mask+0x1630/0x1630 [ 2918.630005] ? lock_acquire+0x16f/0x430 [ 2918.634009] get_user_pages_unlocked+0x1f0/0x2f0 [ 2918.638795] ? get_user_pages_locked+0x3d0/0x3d0 [ 2918.643570] ? get_user_pages_fast+0x171/0x2d0 [ 2918.648174] get_user_pages_fast+0x228/0x2d0 [ 2918.652611] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2918.657394] iov_iter_get_pages+0x20f/0xd10 [ 2918.661749] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2918.666727] af_alg_make_sg+0x85/0x400 [ 2918.670639] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2918.676159] ? af_alg_data_wakeup+0x80/0x80 [ 2918.680508] ? rcu_read_lock_sched_held+0x110/0x130 [ 2918.685543] ? __kmalloc+0x376/0x7a0 [ 2918.689284] af_alg_get_rsgl+0x1d3/0x530 [ 2918.693377] skcipher_recvmsg+0x774/0xd30 [ 2918.697553] ? skcipher_release+0x50/0x50 [ 2918.701722] ? selinux_socket_recvmsg+0x36/0x40 [ 2918.706417] ? security_socket_recvmsg+0x91/0xc0 [ 2918.711201] ? skcipher_release+0x50/0x50 [ 2918.715370] sock_recvmsg+0xc6/0x110 [ 2918.719112] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2918.724149] ___sys_recvmsg+0x21f/0x4d0 [ 2918.728147] ? ___sys_sendmsg+0x840/0x840 [ 2918.732315] ? __fget+0x210/0x370 [ 2918.735798] ? lock_downgrade+0x740/0x740 [ 2918.739972] ? __fget+0x237/0x370 [ 2918.743591] ? __fget_light+0x172/0x1f0 [ 2918.747590] ? __fdget+0x1b/0x20 [ 2918.750993] ? sockfd_lookup_light+0xb4/0x160 [ 2918.755512] __sys_recvmsg+0xb6/0x140 [ 2918.759334] ? SyS_sendmmsg+0x60/0x60 [ 2918.763169] SyS_recvmsg+0x2d/0x50 [ 2918.766728] ? __sys_recvmsg+0x140/0x140 [ 2918.770809] do_syscall_64+0x1e8/0x640 [ 2918.774716] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2918.779589] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2918.784791] RIP: 0033:0x45a919 [ 2918.787987] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2918.795714] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2918.803002] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2918.810289] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2918.817580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 21:47:22 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000080)=0x50f, &(0x7f00000000c0)=0x4) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:22 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x1050c3, 0x102) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x60000, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, 0x4000}, &(0x7f0000000080)=0x10) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) sync_file_range(r2, 0x40, 0xe53, 0x4) ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) [ 2918.824869] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:22 executing program 3 (fault-call:5 fault-nth:11): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:22 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$PPPIOCSFLAGS1(r1, 0x40047459, &(0x7f0000000280)=0x2bc4065b431ac78) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000001c0)=0x0) r4 = syz_open_procfs(r3, &(0x7f0000000140)='net/sco\x00\xb1\xde\xb6m\x02\xe5\xee\xa3\xe4\xa0%$\xb9\xb8\x9csjZ3\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) ustat(0x7, &(0x7f0000000080)) [ 2919.005881] should_fail.cold+0x10f/0x159 [ 2919.010042] ? __might_sleep+0x93/0xb0 [ 2919.013952] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2919.018639] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2919.023665] ? save_trace+0x290/0x290 [ 2919.027479] ? follow_page_pte+0x25e/0x1590 [ 2919.031847] alloc_pages_vma+0xc9/0x4c0 [ 2919.035844] __handle_mm_fault+0x186c/0x33d0 [ 2919.040281] ? copy_page_range+0x1de0/0x1de0 [ 2919.044708] ? find_held_lock+0x35/0x130 [ 2919.048798] ? handle_mm_fault+0x1b6/0x7c0 [ 2919.053089] handle_mm_fault+0x293/0x7c0 [ 2919.057171] __get_user_pages+0x465/0x12e0 [ 2919.061429] ? follow_page_mask+0x1630/0x1630 [ 2919.065949] ? lock_acquire+0x16f/0x430 [ 2919.069950] get_user_pages_unlocked+0x1f0/0x2f0 [ 2919.074732] ? get_user_pages_locked+0x3d0/0x3d0 [ 2919.079501] ? get_user_pages_fast+0x171/0x2d0 [ 2919.084110] get_user_pages_fast+0x228/0x2d0 [ 2919.088543] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2919.093324] iov_iter_get_pages+0x20f/0xd10 [ 2919.097672] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2919.102628] af_alg_make_sg+0x85/0x400 [ 2919.106537] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2919.112012] ? af_alg_data_wakeup+0x80/0x80 [ 2919.116353] ? rcu_read_lock_sched_held+0x110/0x130 [ 2919.121493] ? __kmalloc+0x376/0x7a0 [ 2919.125241] af_alg_get_rsgl+0x1d3/0x530 [ 2919.129339] skcipher_recvmsg+0x774/0xd30 [ 2919.133524] ? skcipher_release+0x50/0x50 [ 2919.137691] ? selinux_socket_recvmsg+0x36/0x40 [ 2919.142384] ? security_socket_recvmsg+0x91/0xc0 [ 2919.147159] ? skcipher_release+0x50/0x50 [ 2919.151327] sock_recvmsg+0xc6/0x110 21:47:22 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socket$key(0xf, 0x3, 0x2) [ 2919.155058] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2919.160098] ___sys_recvmsg+0x21f/0x4d0 [ 2919.164101] ? ___sys_sendmsg+0x840/0x840 [ 2919.168273] ? __fget+0x210/0x370 [ 2919.171753] ? lock_downgrade+0x740/0x740 [ 2919.175930] ? __fget+0x237/0x370 [ 2919.179401] ? __fget_light+0x172/0x1f0 [ 2919.183401] ? __fdget+0x1b/0x20 [ 2919.186790] ? sockfd_lookup_light+0xb4/0x160 [ 2919.191307] __sys_recvmsg+0xb6/0x140 [ 2919.195121] ? SyS_sendmmsg+0x60/0x60 [ 2919.198957] SyS_recvmsg+0x2d/0x50 [ 2919.202509] ? __sys_recvmsg+0x140/0x140 [ 2919.206590] do_syscall_64+0x1e8/0x640 [ 2919.210501] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2919.215369] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2919.220573] RIP: 0033:0x45a919 [ 2919.223780] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2919.231508] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2919.238807] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2919.246095] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 21:47:22 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0xff, 0x0, 0x41c0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3, 0x210000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r4) r6 = dup3(r4, r5, 0x0) write$input_event(r6, &(0x7f0000000000)={{0x77359400}}, 0x18) write$P9_RSTAT(r6, &(0x7f0000000240)=ANY=[@ANYBLOB="700000007d0200000069000700050000000100000000040000000000000800000004180000000300000007000000000000000b0028747275737465646c6f40180073797374656d707070302d76626f786e65743170726f63180700697036677265000c002d76626f786e6574312a7d40"], 0x70) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(0xffffffffffffffff, 0x40086424, &(0x7f0000000080)={r7}) ioctl$DRM_IOCTL_RM_CTX(r6, 0xc0086421, &(0x7f00000002c0)={r7, 0x5}) ioctl$DRM_IOCTL_LOCK(r3, 0x4008642a, &(0x7f0000000040)={r7, 0xf}) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:22 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000340)={0xb, 0x3, 0x4}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ipv6_route\x00') bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={r4, r3, 0x16, 0x1}, 0xffffffffffffff00) getsockopt$bt_sco_SCO_CONNINFO(r2, 0x11, 0x2, &(0x7f00000001c0)=""/29, &(0x7f0000000280)=0x1d) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r5 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x20080) recvfrom$inet(r5, &(0x7f00000002c0)=""/21, 0x15, 0x2003, &(0x7f0000000300)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10) write$P9_RLINK(r5, &(0x7f0000000140)={0x7, 0x47, 0x2}, 0x7) [ 2919.253377] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2919.260663] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:22 executing program 3 (fault-call:5 fault-nth:12): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2919.358290] FAULT_INJECTION: forcing a failure. [ 2919.358290] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2919.370560] CPU: 1 PID: 18629 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2919.378460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2919.387818] Call Trace: [ 2919.390426] dump_stack+0x142/0x197 [ 2919.394072] should_fail.cold+0x10f/0x159 [ 2919.398231] ? __might_sleep+0x93/0xb0 [ 2919.402128] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2919.406821] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2919.411866] ? save_trace+0x290/0x290 [ 2919.415678] ? follow_page_pte+0x25e/0x1590 [ 2919.420133] alloc_pages_vma+0xc9/0x4c0 [ 2919.424149] __handle_mm_fault+0x186c/0x33d0 [ 2919.428577] ? copy_page_range+0x1de0/0x1de0 [ 2919.432994] ? find_held_lock+0x35/0x130 [ 2919.437070] ? handle_mm_fault+0x1b6/0x7c0 [ 2919.441332] handle_mm_fault+0x293/0x7c0 [ 2919.445483] __get_user_pages+0x465/0x12e0 [ 2919.449741] ? follow_page_mask+0x1630/0x1630 [ 2919.454253] ? lock_acquire+0x16f/0x430 [ 2919.458245] get_user_pages_unlocked+0x1f0/0x2f0 [ 2919.463018] ? get_user_pages_locked+0x3d0/0x3d0 [ 2919.467786] ? get_user_pages_fast+0x171/0x2d0 [ 2919.472388] get_user_pages_fast+0x228/0x2d0 [ 2919.476818] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2919.481595] iov_iter_get_pages+0x20f/0xd10 [ 2919.485925] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2919.490897] af_alg_make_sg+0x85/0x400 [ 2919.494812] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2919.500283] ? af_alg_data_wakeup+0x80/0x80 [ 2919.504609] ? rcu_read_lock_sched_held+0x110/0x130 [ 2919.509614] ? __kmalloc+0x376/0x7a0 [ 2919.513339] af_alg_get_rsgl+0x1d3/0x530 [ 2919.517411] skcipher_recvmsg+0x774/0xd30 [ 2919.521560] ? skcipher_release+0x50/0x50 [ 2919.525696] ? selinux_socket_recvmsg+0x36/0x40 [ 2919.530367] ? security_socket_recvmsg+0x91/0xc0 [ 2919.535140] ? skcipher_release+0x50/0x50 [ 2919.539346] sock_recvmsg+0xc6/0x110 [ 2919.543060] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2919.548069] ___sys_recvmsg+0x21f/0x4d0 [ 2919.552063] ? ___sys_sendmsg+0x840/0x840 [ 2919.556321] ? __fget+0x210/0x370 [ 2919.559770] ? lock_downgrade+0x740/0x740 [ 2919.563922] ? __fget+0x237/0x370 [ 2919.567591] ? __fget_light+0x172/0x1f0 [ 2919.571575] ? __fdget+0x1b/0x20 [ 2919.574947] ? sockfd_lookup_light+0xb4/0x160 [ 2919.579436] __sys_recvmsg+0xb6/0x140 [ 2919.583226] ? SyS_sendmmsg+0x60/0x60 [ 2919.587041] SyS_recvmsg+0x2d/0x50 [ 2919.590579] ? __sys_recvmsg+0x140/0x140 [ 2919.594658] do_syscall_64+0x1e8/0x640 [ 2919.598554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2919.603397] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2919.608575] RIP: 0033:0x45a919 [ 2919.611759] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2919.619467] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2919.626725] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2919.633991] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2919.641356] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2919.648619] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:23 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x10}) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0xfffffffffffffdae, 0x0, 0x0, 0x0, 0xfffffffffffffde4}, 0xb5}], 0x8000000000001f0, 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000180)={0xffffff80, 0x7, 0xfffffffa, 0xb24}, 0x10) r4 = dup2(r1, r2) mq_timedreceive(r2, &(0x7f0000000000)=""/60, 0x3c, 0x0, &(0x7f0000000040)) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f0000000140)={0x5, 0x746}) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:24 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffe000/0x2000)=nil) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:24 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) r4 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84) r5 = socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000444ff8)={r6, 0x7}, 0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f00000000c0)={r6, 0x7fff}, &(0x7f0000000100)=0x8) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:24 executing program 3 (fault-call:5 fault-nth:13): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:24 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000000)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:24 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f0000000280)=[{&(0x7f0000000300)=""/216, 0xd8}, {&(0x7f0000000580)=""/201, 0xc9}, {&(0x7f0000000140)=""/122, 0x7a}, {&(0x7f0000000500)=""/70, 0x46}], 0x4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r5, 0x84, 0x8, &(0x7f00000001c0), &(0x7f0000000400)=0x4) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000680)=ANY=[@ANYRES32=0x0, @ANYBLOB="00f519a07c6b8ee5325fb2cb949b6595363ea6d9a1bef8c9c786d0a57973bbee96586e0a03777c151871e87f1873c141021dd4f37dc10e13bd2f02702885e87e1a60358ef1f22be4ebac0f7579b3eff72e8b977f8efc7fafc43d78b44aa271e2e41b10d81c8bfaee5e536bbd4bdab0ea1665237dabf5ed62d2f24fa2ccb94e53d6aee0fafa07d71352195667b9d62e706b31b886fa53390e0f98c74438fcdb8b9145570f7fb6110910898eb70cc5147bfdfa3787fd19a279ba93cba5b5082ff17753009c342ec056049def0b6fdbce0eed46311aa4657b49e8a4fbf93b064f8eca4175"], &(0x7f0000000040)=0xa) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={r6, 0x5}, 0x8) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:24 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000300)={@remote={[], 0x3}, 0xc, 'bpq0\x00'}) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r3, 0xa, 0xe) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r4 = dup2(r2, r3) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x106, 0xf}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r4, &(0x7f0000000280)={0x10, 0x30, 0xfa00, {&(0x7f0000000000), 0x1, {0xa, 0x4e23, 0x6, @rand_addr="dd0e3ff59f0e7a62b75a46bb79f5456b", 0x6}, r7}}, 0x38) preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$GIO_FONT(r5, 0x4b60, &(0x7f0000000140)=""/206) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) [ 2921.506186] FAULT_INJECTION: forcing a failure. [ 2921.506186] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2921.543578] CPU: 0 PID: 18645 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2921.551520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2921.551978] kauditd_printk_skb: 10 callbacks suppressed [ 2921.551986] audit: type=1800 audit(1577137644.929:585): pid=18648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17362 res=0 [ 2921.560879] Call Trace: [ 2921.560904] dump_stack+0x142/0x197 [ 2921.560923] should_fail.cold+0x10f/0x159 [ 2921.560934] ? __might_sleep+0x93/0xb0 [ 2921.560950] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2921.560963] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2921.560974] ? save_trace+0x290/0x290 [ 2921.560986] ? follow_page_pte+0x25e/0x1590 [ 2921.566546] audit: type=1804 audit(1577137644.929:586): pid=18648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1579/file0" dev="sda1" ino=17362 res=1 [ 2921.589353] alloc_pages_vma+0xc9/0x4c0 [ 2921.589373] __handle_mm_fault+0x186c/0x33d0 [ 2921.589387] ? copy_page_range+0x1de0/0x1de0 [ 2921.589397] ? find_held_lock+0x35/0x130 [ 2921.589407] ? handle_mm_fault+0x1b6/0x7c0 [ 2921.589430] handle_mm_fault+0x293/0x7c0 [ 2921.589442] __get_user_pages+0x465/0x12e0 [ 2921.589459] ? follow_page_mask+0x1630/0x1630 [ 2921.589469] ? lock_acquire+0x16f/0x430 [ 2921.589486] get_user_pages_unlocked+0x1f0/0x2f0 [ 2921.589506] ? get_user_pages_locked+0x3d0/0x3d0 [ 2921.589516] ? get_user_pages_fast+0x171/0x2d0 [ 2921.700784] get_user_pages_fast+0x228/0x2d0 [ 2921.705215] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2921.709999] iov_iter_get_pages+0x20f/0xd10 [ 2921.714423] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2921.719354] af_alg_make_sg+0x85/0x400 [ 2921.723284] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2921.728738] ? af_alg_data_wakeup+0x80/0x80 [ 2921.733053] ? rcu_read_lock_sched_held+0x110/0x130 [ 2921.738069] ? __kmalloc+0x376/0x7a0 [ 2921.741775] af_alg_get_rsgl+0x1d3/0x530 [ 2921.745838] skcipher_recvmsg+0x774/0xd30 [ 2921.749982] ? skcipher_release+0x50/0x50 [ 2921.754119] ? selinux_socket_recvmsg+0x36/0x40 [ 2921.758794] ? security_socket_recvmsg+0x91/0xc0 [ 2921.763604] ? skcipher_release+0x50/0x50 [ 2921.767747] sock_recvmsg+0xc6/0x110 [ 2921.771449] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2921.776452] ___sys_recvmsg+0x21f/0x4d0 [ 2921.780444] ? ___sys_sendmsg+0x840/0x840 [ 2921.784582] ? __fget+0x210/0x370 [ 2921.788026] ? lock_downgrade+0x740/0x740 [ 2921.792186] ? __fget+0x237/0x370 [ 2921.795656] ? __fget_light+0x172/0x1f0 [ 2921.799628] ? __fdget+0x1b/0x20 [ 2921.802998] ? sockfd_lookup_light+0xb4/0x160 [ 2921.807502] __sys_recvmsg+0xb6/0x140 [ 2921.811336] ? SyS_sendmmsg+0x60/0x60 [ 2921.815135] SyS_recvmsg+0x2d/0x50 [ 2921.818668] ? __sys_recvmsg+0x140/0x140 [ 2921.822731] do_syscall_64+0x1e8/0x640 [ 2921.826615] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2921.831579] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2921.836769] RIP: 0033:0x45a919 [ 2921.839957] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2921.847681] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 21:47:25 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x22cae39d5c730e7a, 0x0) ioctl$KDENABIO(r1, 0x4b36) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x401, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) ioctl$int_in(r4, 0x5452, &(0x7f00000002c0)=0xfffffffffff7ffff) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') readv(0xffffffffffffffff, &(0x7f0000000980)=[{&(0x7f0000000380)=""/187, 0xbb}, {&(0x7f0000000440)=""/54, 0x36}, {&(0x7f0000000480)=""/254, 0xfe}, {&(0x7f0000000580)=""/116, 0x74}, {&(0x7f0000000600)=""/175, 0xaf}, {&(0x7f00000006c0)=""/47, 0x2f}, {&(0x7f0000000700)=""/50, 0x32}, {&(0x7f0000000740)=""/74, 0x4a}, {&(0x7f00000007c0)=""/204, 0xcc}, {&(0x7f00000008c0)=""/130, 0x82}], 0xa) accept4$unix(r1, &(0x7f0000000180), &(0x7f0000000280)=0x6e, 0xce21fb7830085f3a) preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$RTC_PIE_ON(r5, 0x7005) dup2(r2, r3) fcntl$setown(r3, 0x8, r0) ioctl$SIOCRSSCAUSE(r1, 0x89e1, &(0x7f0000000000)=0xe7f) tkill(r0, 0x16) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp6_SCTP_NODELAY(r6, 0x84, 0x3, &(0x7f0000000300), &(0x7f0000000340)=0x4) [ 2921.854960] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2921.862230] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2921.869495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2921.876757] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:25 executing program 3 (fault-call:5 fault-nth:14): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2921.898460] audit: type=1800 audit(1577137645.279:587): pid=18648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17197 res=0 21:47:25 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x4) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40400) openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/status\x00', 0x0, 0x0) setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000080)=0x1, 0x4) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000001c0)={0x5, 0x4, 0x4, 0x40002000, 0x80000000, {0x0, 0x2710}, {0x3, 0xe, 0x81, 0x7b, 0x31, 0x0, "fb1bba1a"}, 0xffffffc1, 0x4, @planes=&(0x7f0000000180)={0x7fffffff, 0xffffffff, @fd=0xffffffffffffffff, 0x4}, 0x5}) signalfd(r3, &(0x7f0000000240)={0x20}, 0x8) sendfile(r0, r1, 0x0, 0x9546) [ 2921.945529] audit: type=1804 audit(1577137645.279:588): pid=18648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1579/file0" dev="sda1" ino=17197 res=1 [ 2921.997783] FAULT_INJECTION: forcing a failure. 21:47:25 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2921.997783] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2922.012029] CPU: 0 PID: 18669 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2922.019957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2922.027598] audit: type=1800 audit(1577137645.409:589): pid=18670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16882 res=0 [ 2922.029318] Call Trace: [ 2922.055049] dump_stack+0x142/0x197 [ 2922.058706] should_fail.cold+0x10f/0x159 [ 2922.062874] ? __might_sleep+0x93/0xb0 [ 2922.066884] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2922.071585] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2922.076622] ? save_trace+0x290/0x290 [ 2922.080446] ? follow_page_pte+0x25e/0x1590 [ 2922.082819] audit: type=1804 audit(1577137645.469:590): pid=18670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1580/file0" dev="sda1" ino=16882 res=1 [ 2922.084787] alloc_pages_vma+0xc9/0x4c0 [ 2922.084806] __handle_mm_fault+0x186c/0x33d0 [ 2922.084820] ? copy_page_range+0x1de0/0x1de0 [ 2922.084833] ? find_held_lock+0x35/0x130 [ 2922.129002] ? handle_mm_fault+0x1b6/0x7c0 [ 2922.133253] handle_mm_fault+0x293/0x7c0 [ 2922.137320] __get_user_pages+0x465/0x12e0 [ 2922.141550] ? follow_page_mask+0x1630/0x1630 [ 2922.146036] ? lock_acquire+0x16f/0x430 [ 2922.150014] get_user_pages_unlocked+0x1f0/0x2f0 21:47:25 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r0 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r0, 0x1000000) timer_create(0x0, &(0x7f0000000000)={0x0, 0x10, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2922.154804] ? get_user_pages_locked+0x3d0/0x3d0 [ 2922.158007] vivid-004: kernel_thread() failed [ 2922.159567] ? get_user_pages_fast+0x171/0x2d0 [ 2922.159585] get_user_pages_fast+0x228/0x2d0 [ 2922.159599] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2922.159619] iov_iter_get_pages+0x20f/0xd10 [ 2922.182295] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2922.187254] af_alg_make_sg+0x85/0x400 [ 2922.191169] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2922.196643] ? af_alg_data_wakeup+0x80/0x80 [ 2922.200990] ? rcu_read_lock_sched_held+0x110/0x130 [ 2922.206031] ? __kmalloc+0x376/0x7a0 [ 2922.209768] af_alg_get_rsgl+0x1d3/0x530 [ 2922.213878] skcipher_recvmsg+0x774/0xd30 [ 2922.218057] ? skcipher_release+0x50/0x50 [ 2922.222216] ? selinux_socket_recvmsg+0x36/0x40 [ 2922.226901] ? security_socket_recvmsg+0x91/0xc0 [ 2922.231679] ? skcipher_release+0x50/0x50 [ 2922.235847] sock_recvmsg+0xc6/0x110 [ 2922.239580] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2922.244606] ___sys_recvmsg+0x21f/0x4d0 [ 2922.248602] ? ___sys_sendmsg+0x840/0x840 [ 2922.252770] ? __fget+0x210/0x370 [ 2922.256252] ? lock_downgrade+0x740/0x740 [ 2922.260428] ? __fget+0x237/0x370 [ 2922.263897] ? __fget_light+0x172/0x1f0 [ 2922.267886] ? __fdget+0x1b/0x20 [ 2922.271275] ? sockfd_lookup_light+0xb4/0x160 [ 2922.275784] __sys_recvmsg+0xb6/0x140 [ 2922.279584] ? SyS_sendmmsg+0x60/0x60 [ 2922.283403] SyS_recvmsg+0x2d/0x50 [ 2922.286948] ? __sys_recvmsg+0x140/0x140 [ 2922.291010] do_syscall_64+0x1e8/0x640 [ 2922.294894] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2922.299737] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2922.304928] RIP: 0033:0x45a919 21:47:25 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000001880)={@rand_addr, 0x0}, &(0x7f00000018c0)=0x14) sendmsg$inet6(r3, &(0x7f0000001800)={&(0x7f00000017c0)={0xa, 0x7, 0x4, @mcast2, 0x80}, 0x1c, &(0x7f0000001740)=[{&(0x7f00000000c0)="debcb446356321579c7372fbb3c76a77a0ea32eef88e31f6a50d14b9175ead9c93c15746ebd338c916507aec29d725f472600979b23053e206a4c2af52175f1dda378afc861602e0921c62e2a94bb30d9cec22b7ad67c009f804be8eb45936082db4208d335df6cd67e08e6d2a5eb6307d3560a19428af9debf94c62eea8b9bd1cacb42a1230e0fb1358b15ba47750ea21ffa70da22103a3ef55c120a5a3bd100c803ddb331d2982519fb6546df25487f8", 0xb1}, {&(0x7f0000000200)="0eeb231933835b745b7209a9b95e6222ac5708e359d27cc38e5ff817fb8c91ebefb55c5f366badffbc061046fe09e2347f6467cbdef92e8b94a11be0b2f9ad137546b1c5c80e057672ef11e1e5d8c8a33f11a6bfdce0e2ae6fcc5b5b4bc88ccc4b3129f1298bbd49", 0x68}, {&(0x7f0000000440)="ed11ce97ba7293ebb5faad307e611021e7273f17a4fcee94c32e3ea8d3229d1e143c3b8f12b5ae473e9be7b9efb247a03a11d5786b9ba347ce59304a7ca47027403207134c546e6b9c6a2c366e4868559079f0f5f25d143f4a188db6a7694dfa684a2b14b50061f634112f5a3f0af71a49137bec48101d96d62d2b880c1d87e6c66e6209d448fb4145434909b14b44e620e2e5f1a8981bbce63d0b63e9e6284ae82895f95aae88c9284e0b974deed3da2e7359b40f64d191232443402239b654ee93e804f32ed26bd65f4b33c7ad0629812d630c975b731e78dff0cf0d1241c7ec58fc99fab15b10a89f5d78d72ac429fb7d481f0fb187752a1b7edb81eb6cd1ff8df072aae99081fb89d6b264f85faf41b34bf7186db7e8bfd16792a0edd93a9e8f0a9884fa07238fca8a9924c1f23a6616aedda9df7bc3ff9d839e9fd53df87ff7c51baecebdfbe341cc2cfd440fe8c72b65f50bda866410a97ee54ecdf605e951d037e1c695de559a9379e07e8e416dc953a4c7e55343fcd9d3deac566a15f4809d77725e12fd28f3900e3258d19583b2901ab73c0904394a01d7bd0b814d14d4037325068ee823c6cb788d479c59c81e89368e835e25b5219b6e85f5a791f7da2883c64045cca47bd59ee59a89a075ed3bf5a71431755b2c216cd86b6a1735026b3e40b485f66f1796443dff67c9c0409464a7e6d474442bfad1d34a346ee259e06bcb67b96bcefc984269e1e384cc8c1edb626045f0b86636d56f6b08a6ae4b967f777dd583c7b800f2264108b9ed973c1d0ecbabcdec9ed0010c14d3d31f3edf511cba853ba0e07f310d6b31984347839266dff7af256fff16763828fcfa95c31f679ec53b5fbedafd475feede2c29687533cf5a580d9443669c7e9da27ea858665a752d92dfe393c291f3f7a427c9f8091215a5e057593d0db3a37f12c88ac5dc6e25a7a56e66817020266012c604caf6d13a45d801b17d73e1db4205a3f3333e36f0799237e47cda787d10f1a573c67093e3d61bfad004e2bc6d804f0ed8f7103ea25677b9a436d2b71c528bfa1bf413d75b706b337a7b7f2a654a50f2553aee132faffdc34fc348c0a72562e13b0defcf9df8dd90123dba7b1f35d117b490120934cc1c4f0499fe8375958ad311572ddbea9b4d63b7880d046809f512ea3136ce69dc536c4917a82cd03dce51675def02a430af561fbb011c7a3d302634b92e7bf761f338fb21640ed6e86ab0458ddc8d1f86850dc6507aea209a8d6d36c1ed6f3bf3ea23982e67278eb804b92c850145d6382d2f62823398ceec779bece5a6d8d011892223863b51c28b473e2d7fd0b7f58ab84eed4cd03e162b4a64963babbc66189b73942b5ef26f1dafcef798fa248a34756c0ac32831e293047143ea38cfa5e1ff0f8bde363a8e0204029ef2ae4c47a690c1bb7cf3dd39696660fe8f191a65439432fff308c7c7bf136e7b8cc9727155651e5ebd483e67391d3d09bed43014699d5865b0225505c0abbe53aa37273baa28497070716aee8dcb8c3f5097e160e10b65f9fcc50d6c31c935a64ed91ca3de207f671bebf3603e202731d22856bc0fffacee6125e2fffe09bc450f1b8ec1e7195a6fd190d0177c96b546c4045962a24d3e0db977bbf3d98725a953cfb91a08df88f4993a7cfb62d742997ea2bccb11d90dae94909fc96730be1e7e4c86d07f36f82139fc747abf85dd014de76e7d31ea7628ea932f2df45873cd0c6f7b17bf262fb6fbc7dc90129b58265df36f521c1359ffcd541c2987bace6a4cfd4e758638584c9891dab9a1cb8ec77b61d4f4ed15f6432c9c1a3e4b306b2af460535f3e4545b073d4e30acc6207a1bac3b9eb048d499a3936c64e59de90047a52b80630646d5d476d8fd655cf84b664e8d97eb264cc7f43278ebc7987e6815327f252cb1486e078262b57bc231f70946109cca0a26f42afdb9218c3205b3521a2c64e999f11e9a9dd4518d116be4d5819505bde361df36e540665a150a80d739feff5af0605c61abedfc5e8eb7156e02239956e75299f9cc50abac9b33f9f888047ec7a67f8c9b0b10adcfa8e64784cfa43e8c3b8321a8647d35ce56fca6adeda06f4023eb1c7a3d4b3caba618e34bb7bab6e01e3be5d1e23569494ccc7de28a3c9a87f4b75db32662309a022a6b31124cd60fea95bdf88ea546500dff90d9733565ead3c0343136ab34588b0c7a7d6b1c76cfab1da700e664401b99b5aa09bdf4ded6170970dc36b195952cb217a3c49f7990540ef4b9482fb92da576e7664b130800e741f49732161f823d985769a6d8d36e6fe1479e940eeea6b2a9fab3a07d35e31bf002d8bed43cc3500291a0951b72febf205c20bffe306c38f6a68848054fb8327a78e65d84293302e8ff8a555ffd00115ff018c282a118e1e91c02ffcc518b5eddc448b8f2649daf0e512c8de3d57eb27565aef93b009e5b7d47494dbbc2a011d2803ab565e4ff29ab68f6f373ca942414c6a3f5fc88c51df0be2047495b44d89d758979a1eb86cd7654581e56eda818dfa0a6bd1308a395f4125ff98f54d97f7ca95dbfc6513ebdde147f406b088482464edd64397a79efc7dd31651c887922967d538eaf6569c12c2b8930b316900bb6f6561e094a01320356e788bbe7ed15e8c88dd6e3b9c5e681fe9d838a51d9605b74be58d5fad288f047ad7edcccb7c2cae874ecd4abb4d72cc5a6ef3f3d7eb7b5a3a63523b9cabc504a46cc158e894594f4d2f9bd538d54746ce505efe065f50a7eab6f495bb1b17afe22097a7cbe587f57828b880e635ad8e262238c966ba25308c201da8e96a352507b58e2dd6f6fc10003735ab821fa3042c8de5369a601f119658b2bb009f9ba72a2e5f2decaf470766291e24b077c335eb053e0903297629741da254e76bac76eec6c8d1e9427956aabb76ad2a199ed78e204280b805c91251dcaf584a83b648bf22fbfbb2c6f9eb08c2890d52092d30384ec1bfca6a508785f88e7f8b2364f1ea5b5db3b1b57696a2cb85ea35c3bad3479346ecbd272d3d157331d43c7c5776b71d2e9752599948cbb699d3e85df036da2c9f5ac77c569dbcee92ce0456a7126739bce0544883881ea57dab8e67cc4041ed645b5d2884a5e4cf2b2daf9043beaa7f81de0d7b7e991a0b17edb995a18e4a50adce8ecafa01deb816a2eb11d459c82df597fb25bb52bb7963eaddea944f2f586cbe19c9fcbe1cff1a3b6f128a0b88ace2e0b9c208ae776f9a46ec2f2f934d802e302e01ae49948f5330b3ce098365e8cb56bff106bbb40444ec2ed851bf3fcc041fbd1099d3453d6c7f93e2ed136c69dc6c82d62dcdbea73bfe4be43a45b8f75ea53df312642b678a165f31150f35ace4760d5442a91f201746ec6388aa72cfc938343eaf800273fc0f249404e0d3df889383b5f2c21911d845bf1a5d9e6abdcdb6e077be861f0e4d4171e4dbc34d2cf526edf1e42cd5a7e4e96a161860a6736a26e10fb8e9eafe3a1dbfae9d3bb8cdace22cbcb50c82520bc88b17b02d96e3259e741232ca7fa86bc51648991b65381d794abb78824fab02d2f05ddd2ec7bc21cd837680f5b60db5ff95a3ef38bbf0b1555372194aeeb8d45310b758585ce7abe940096af2646b05566104df12b4e427fa16b6f726714c0f3a65605d2fa69db13110e52192dbd2ac2d5664fe5874cefadb16b921990b7be9ee9f36e619a151a077cda2e8c42670633c9ee68c647418244b5485fb798d498b3a8e2267001573b6e89f847db7c7c174ffb299d976713aa1b27aae945a3b79212629c26c9301165f41994dc8439fc86a22c876631cc066b8807dd962c649a81c9f4b9e1513120eebbf913d7869256327700dcf0703bb03261cdb58a65ab46fe86fe17a82e4cefeb9690a5afaca80b3274744e38d674ac57a78f80d5bfe80187b5422067f74480492e4f5a1583570e27a062898704568849d751607ff9e9b33b9436762e331251f4b0e7dd718fd191ae584e3547502d8dec5b864bfa384fe7b58beec0392296262b3b6c410b7d6df87effa4b39ba265d9b35ad57cb38dd0b3ebd8a17ebb42db1e18c14a412783e9925b6580029426fc683325a39d6505f34c1b74f6bce7ad9e4a349534d03ce8f08e17a3e0897a6cce8e0c976d9a63f32bb0baea3d80358194375595ec31482da98a7f9b40816d5d8fddd83e117c71a86eadbc7b60703bc1b131f0bf674903e8e2dd3bf7bd160ae4ac0f685f813d3e797893caa14d395797ad3853c5b5a8bd8a9ceb17f0d04e65b56c456923c1ffc1c13dc58f9e762a182f824187c5aefb6947a0dce5aec38fec9cca03d2b7fd5d9cd2edd54cce51d41f816b8d3aa7e85cef0ea9cd65179f2049d9cfed10278cb32e49a5024e2719c93820ce6fd7c3acb9789222d6a406e07851ff8617fdbfe713d920781e15adf58296881e27e69b823d7c1eeebc13e522d0623701e6236df87bd5c67f66e78c70f58829f56716c7264a3c8b4cb391719544ae02fbe0c9d5f0a442a3fdc171bdf9f66c74c6a9a12da5bfb381a0568380508d75bcce73e506f18e4ad8d56819599ebef3077299e545083008b41f74e17669c94683034386b607c6f09cbd8b90e4d9e3860c3be77de247c918aae59fe3c5cadad0cebb47438b70aefe61423efd8a8cf70795c6c23982b89e73fbcdc467bc25dc5be435fdd98fa34527cdd23296da58b4e11dbdb8cfcbcbd4e43f29104c5d9b42544b41adfef85d62c29a559854633f475e96b9bb83b0cd3c5fd644e776c27552afbccd2607674472695093ba8be637586fa67fdf464d19fca7202e9fce88277c86ed0067ff47fbf22755c22a504a5b4113749906a70b3b69fba7681dcf25c1c855b5b7d1c29d0310728c72f24f8031ce674439172c3626fc21a09c7cb126719598c25e89f4769a593d94459c2f250f0bd040cad7452f482912247b20cda96c32e5ef6fa5bf88e26d35fc002ae9d8234176e4cd37d8cb8644bff11ac52f817e4450549a488edb8cabcc346b908a2146006c750600dd3fbcb8cca7fbb1ca4e1bfa5487639ef05b0f2a46d2a97a4fd83c519e1d2626ad40c8a72e0aab1e2a43f053999d2d260851090a4e5cd2e3c19996e2e9f1839563a4911afd6f756d9924a194fcbadc22df55a09efd9d9bc475ecec9d7231fe44fbb652bdca1a2d79595f7623f529ba4287339aa6cf85057b5e106c470df26a3b0fe7a4daf0d1233741ef6aa51ae361b92e33ce69a390a9b644d8ef09e924158fa56f568ba2a55317093ff893bded5c36d70359f02c99ceb21aa6a9081db6ea451586b416682c40598152057132d236ee453d9b2dff918b52bd4eaee45cdb56866cd5d32ef872af919c7f1cd15462d5971dc96fc8e8bdc29c731987dac9170e4b66248b403d7c9aef10dabebbbd3ae8eb17debe07919200151b68fd0ef1c72148e4089b07ee56478af0a9a172d4a150bcecb507c933eb864bf30437765fd5749b18402a11b523fcb6a98c7467b19548c710d4539f7c3fae72e8262bb92ab37d15a597f4149acb6203809bb94871b82fd7d49f0b7a8b9c5cb453a2045741a2e27a1e53187ee5e8a551d8e952c0824fa069236d4a77755669879a7126b93bd49ef569fb601e3ff8882088ba3b8eb6a65a2cf6f9d1bfdc466fef0d4088684a2dbc9273e0fff1205b398d4a42233fe52e1ee98d0188eb6c3a46a093eca328f5dbe8edf970a786c557af5a887f06f49a14bd19237ff655ab7b74ef21de3d84158d89f1cd34c58169852a73b2f4af209d1790f2c2008db8d47318ca142fe68f0c8", 0x1000}, {&(0x7f0000001440)="a6007d03c0cc2ddbe779bd2fe617ce0d1d675c0f3ee71316323fb1857a1e9297862f9c7ca5ea0a5dd615887dafa1e037694fbe65610c486e7ef9cd0ecc7a625f6dd9d104767f178b0f41080409e527d60a4c24af73435a1dbbcfd575597eedd289d46298536aa870843f5ade46ed8eacb175d66dbb8cc66eb6fdc4cc215d5040dc48847e6fab402ac4c06237418077e4b1a8a6dbbcbcd0e0d6547adb0a4fb45e349a7abd9f9cfb93e73647d91f47043d60e97bf8625c6879db68921225f592ec131dc89bc9f6198900e81be0c57850711b7da5b277f1de4236778e028bfa4627", 0xe0}, {&(0x7f0000000280)="8fb0e828e1f1a71fb7171c460f52724f22b3847452a6bfcccd7875cb6897616f5d524cc9a1c299119613376576b958df761c76f701c5d6bf8be44e7e9c6a4f57e43a3801da08ff54f8b3d3906f2e82be2758ceb23bf554c11aed935743801e52962e10fd551a6ab5a0bc5a2cdf4b4e52ea2477d1cd1be03025761e74675fbbca0914ecf265b7d2fc208a644cb8230667a050b72ad8b4fca55736909e13af539029ad87f75f35fd79dd20adcf5e86163f477856d9c28d7f530d", 0xb9}, {&(0x7f0000001540)="d063f2f15291dcf4da9c6adb965e08ccfe4eec4333826be136b42caa620746e9e96fe8d7d983b779f70f0771b60d2b88c9c1ba951d026170c09b6c7cd92ab4cef0271d61a43af9f96ae6ef62f9672ec9b6c5a39d7ef6aed8fcea782bc292e143841e528554d54c591874d9bd1eaf670e9b8025183202bc56076bf4286f54a117fd8132c535f0111e7ff1352060d7b6e0b69bd0aa0e9c892a1fbee041add152f063bc86995779000ae186e75d9393fdbf774b5bab9ac7bab14053825a7d21df3bd2dfc85112b75253b946d90f163c442c91cfbcca09f1270324a4", 0xda}, {&(0x7f0000001640)="3f1dfcd2e7bf820d8b5b1400ed3c7955f916c808636db8f235f5f57658030b4558820d3d37571ab6c78fe2e90395835df396e9e51c87a26596ecfaafa972e035144bda56d2b184969e2adc66750e0bf14f96f39b5f45559266492630f5d3d392145d6c6511463804c8428c3481fea3bd59a1998099cd", 0x76}, {&(0x7f00000016c0)="0bdad0be61cb6d491c8cfd513f603d1af142c03331514a09971fa46e994ae7b03dc5348107ece314425321b948c1e1291b4556f087d5eee7a512337b26e43d27cf5455f78038ab5a1edd6855555f5af7c46a1cc6dd9758c9176143d60ba94ddc", 0x60}], 0x8, &(0x7f0000001900)=[@pktinfo={{0x24, 0x29, 0x32, {@loopback, r5}}}, @hopopts={{0x18, 0x29, 0x36, {0x3a, 0xbe}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xfffffffc}}], 0xfffffffffffffdc7}, 0x10006) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2922.308117] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2922.315824] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2922.323290] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2922.330576] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2922.337848] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2922.345119] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2922.401668] audit: type=1800 audit(1577137645.789:591): pid=18670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16882 res=0 [ 2922.425289] audit: type=1804 audit(1577137645.789:592): pid=18670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1580/file0" dev="sda1" ino=16882 res=1 21:47:27 executing program 2: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x6, &(0x7f0000000200)={0x0, 0x3b, 0x6, @thr={&(0x7f0000000240)="18696c8a1bdd0a35a5794fc3c05f7e25111ad2491e37c6ccc76078b871dca2595b6c49eea049075218eb7eef1ec876d0d7cf86a2216454e42e36057f0006e3ed0b0d721e2566889743cfd4d8cb894c6ff0160de13b32815b777b594a0320b6fa52dad3471e26b83cb050bad97e0aa6455f55d6657bf4725ba98128561c42e6501ad8598e4859b71795acac6d40b33d89229e310aa54287f859ab02d1a8e54ba9a70fc93395f71dffbf825c05ad32915838056d4695aaa8b32da41ac6fed8fd80dd0f019ef847222c14cf37ad641876e2", &(0x7f0000000440)="cc675bf4e3c85c82dbaa14b0c815d8653e93f4af06ce85b7affdc9876d1eb415b7d1cad3ec37b88b4a58307da5d167b3781d0d4e44f2fcd99b389510d775a3ec207bb334de896791eee2fc98f36e7602194d11b35c094660611a3b278544c149477ec854d55ab7cc27ebcaaa152d73694335dd060d23adc0e84668ce0dfc5fb4a0a55df7607e06efeba57925ec79db77863b41aa78e7ad2b54a1577b5386f9d4d7d057880fd5e165ebdf8e4cbb36dfe5343795339120cb5d55b04a0631e088d4"}}, &(0x7f00009b1ffc)) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x200, 0x0) ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000500)=""/146) r3 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r3, 0x1000000) sendfile(r1, r3, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:27 executing program 3 (fault-call:5 fault-nth:15): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:27 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=0x12, 0xc0000) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nvram\x00', 0x282, 0x0) r4 = socket$inet(0x2, 0x800, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000180)={0x4b4, 0x3b, 0x5, 0x0, 0x0, [{{r0}, 0x6}, {}, {{r3}, 0x10000}, {{r4}, 0x6}, {{r5}, 0x773}]}) 21:47:27 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x118, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = socket$key(0xf, 0x3, 0x2) fcntl$setsig(r3, 0xa, 0x4) socket$key(0xf, 0x3, 0x2) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:27 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x3, 0x5, 0x0, 0x0, 0x0, 0x41c2, 0x1010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf97}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$EVIOCREVOKE(r4, 0x40044591, &(0x7f0000000040)=0x3) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r5, 0x8983, &(0x7f0000000140)={0x8, 'batadv0\x00', {'ip6gretap0\x00'}, 0x2}) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) ioctl$KVM_S390_UCAS_MAP(0xffffffffffffffff, 0x4018ae50, &(0x7f0000000080)={0x0, 0x2, 0x2}) [ 2924.611251] FAULT_INJECTION: forcing a failure. [ 2924.611251] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2924.623279] audit: type=1800 audit(1577137647.999:593): pid=18696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17466 res=0 [ 2924.651400] CPU: 1 PID: 18694 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2924.659341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2924.668712] Call Trace: [ 2924.671327] dump_stack+0x142/0x197 [ 2924.672069] Unknown ioctl -2143271653 [ 2924.674971] should_fail.cold+0x10f/0x159 [ 2924.674984] ? __might_sleep+0x93/0xb0 [ 2924.675002] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2924.675017] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2924.675030] ? save_trace+0x290/0x290 [ 2924.689786] audit: type=1804 audit(1577137647.999:594): pid=18696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1581/file0" dev="sda1" ino=17466 res=1 [ 2924.691562] ? follow_page_pte+0x25e/0x1590 [ 2924.691583] alloc_pages_vma+0xc9/0x4c0 [ 2924.691599] __handle_mm_fault+0x186c/0x33d0 [ 2924.691613] ? copy_page_range+0x1de0/0x1de0 [ 2924.691631] ? find_held_lock+0x35/0x130 [ 2924.691642] ? handle_mm_fault+0x1b6/0x7c0 [ 2924.691668] handle_mm_fault+0x293/0x7c0 [ 2924.691681] __get_user_pages+0x465/0x12e0 [ 2924.691698] ? follow_page_mask+0x1630/0x1630 [ 2924.691707] ? lock_acquire+0x16f/0x430 [ 2924.691727] get_user_pages_unlocked+0x1f0/0x2f0 [ 2924.774987] ? get_user_pages_locked+0x3d0/0x3d0 [ 2924.779767] ? get_user_pages_fast+0x171/0x2d0 [ 2924.784378] get_user_pages_fast+0x228/0x2d0 [ 2924.788814] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2924.793698] iov_iter_get_pages+0x20f/0xd10 [ 2924.798094] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2924.803066] af_alg_make_sg+0x85/0x400 [ 2924.806978] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2924.812567] ? af_alg_data_wakeup+0x80/0x80 [ 2924.817049] ? rcu_read_lock_sched_held+0x110/0x130 [ 2924.822287] ? __kmalloc+0x376/0x7a0 [ 2924.826016] af_alg_get_rsgl+0x1d3/0x530 [ 2924.830111] skcipher_recvmsg+0x774/0xd30 [ 2924.834294] ? skcipher_release+0x50/0x50 [ 2924.838464] ? selinux_socket_recvmsg+0x36/0x40 [ 2924.843161] ? security_socket_recvmsg+0x91/0xc0 [ 2924.848068] ? skcipher_release+0x50/0x50 [ 2924.852249] sock_recvmsg+0xc6/0x110 [ 2924.856132] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2924.861169] ___sys_recvmsg+0x21f/0x4d0 [ 2924.865188] ? ___sys_sendmsg+0x840/0x840 [ 2924.869367] ? __fget+0x210/0x370 [ 2924.872848] ? lock_downgrade+0x740/0x740 [ 2924.877023] ? __fget+0x237/0x370 [ 2924.880505] ? __fget_light+0x172/0x1f0 [ 2924.884506] ? __fdget+0x1b/0x20 [ 2924.887894] ? sockfd_lookup_light+0xb4/0x160 [ 2924.892548] __sys_recvmsg+0xb6/0x140 [ 2924.896500] ? SyS_sendmmsg+0x60/0x60 [ 2924.900448] SyS_recvmsg+0x2d/0x50 [ 2924.904013] ? __sys_recvmsg+0x140/0x140 [ 2924.908202] do_syscall_64+0x1e8/0x640 21:47:28 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000a40)="34fd98aa1d0e7adec937a5f331a75f657934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb084d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03a32d5c389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a148e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d634125b442d165577c16d11", 0x38e) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) recvfrom$rxrpc(r2, &(0x7f0000000140)=""/220, 0xdc, 0x2042, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e21, 0x0, @mcast2}}, 0x24) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:28 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) tkill(r0, 0x16) [ 2924.912120] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2924.917003] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2924.922209] RIP: 0033:0x45a919 [ 2924.925567] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2924.933302] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2924.940727] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2924.948110] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2924.955398] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 21:47:28 executing program 1: r0 = open(&(0x7f0000000000)='./file0\x00', 0x4100, 0x90) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000100)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b876394000c004b101c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe59010000002868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d634123251d67b14993ee1637148b0aee9a8b59d2f217cf464e5ac195b2f34e05c997726ca8c2d2addf94882e8b0362a131f401151925532c87f28f7f724fe11257fb61e0ef513d85c56f2bad8fc75cac70fbcc6bc3b40aa583cbf196a511af6b65ed1c5a4", 0x268) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:28 executing program 3 (fault-call:5 fault-nth:16): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2924.962713] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2925.043961] FAULT_INJECTION: forcing a failure. [ 2925.043961] name failslab, interval 1, probability 0, space 0, times 0 [ 2925.057336] CPU: 0 PID: 18723 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2925.065276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2925.074651] Call Trace: [ 2925.074677] dump_stack+0x142/0x197 [ 2925.074696] should_fail.cold+0x10f/0x159 [ 2925.074713] should_failslab+0xdb/0x130 [ 2925.074725] __kmalloc+0x2f0/0x7a0 21:47:28 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f00000002c0)=0x1000) preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_interrupt={0x1, {0x1}, 0x1, 0x40, &(0x7f0000000140)="e50cfad15fc78c769fe3114d41eb8400b9d3195f704eeb9cec35a5cbda32bea54c564b32d696cba1b44b99e1f0d6bb0d4c26e0b83b190a9083fbe4d4c2b11acf42d504951e81f908847265ae7d48e61f5f9593556c2a1f445c59232302459426cdafd764a3e0aea3a39d60ac9fd4f328", 0x70, 0x1ff, 0x7ff, 0x0, 0x6, 0xff, &(0x7f0000000800)="90e406094a93c55b7fbb692a20f1861098fd0dbb0a3195e36c733b53f56260b5951d0e37b0e7cad6a2c93a7b918f908f73c0da6a25d79783e71a106bfc10dd6307e9e90deaa384f43f3dfc9c0d44ae37995b5612c03188c4a9c8b423d6803801551d5783b8c848eba85a245332aae7fe4cec4d7f1ef29a3397e3e0f926d4d821dcd0ae6402c2793df276e22333841002e116c4e64a01524d78d323e6cd83448ca8058c2c47e49654aba2140a4c2f64493711c9755a8cb5be8ec6b53b6a193f06fffa29a9649e63f51c7bb2545a7cfa9eb688caccace5abfd1fa81debf22f894798a1126a7ad34f70a9220ab427a288d008e802832c583ac2ffca864f10c4b88b169ba3fdbb820b992b0d34e575e544a00a0d843542f029d4177892dfbd038695ccd1ef01bd8242b2b76faa69160018aa7b0a5f2f7f6e1824e76f688a03cf3b413d35d64174f95014e792cce2e75b34f9fa0b73bbc36dab172562cf11d0467a25159bf0f03f2738428541c11845568e0bc6a0264b54af6b79611007aa8c09fa5888b1c482d666343cb9ea55294eaa7d2694b4800546897217922561bacc067046a4a2c25c5b5fa55f23f54c182106c04c8274db4045f63ca9b4a452924f1aa66accfa0c2c60416e468766f93b9f234d4b47a6aae05fd58470f0eedb79e1d01bdeb003c9b551ad9e7f167e196cd68f1cbeec647c44291f1fa5bcdcf8a080c957d469ead9d93f3aa461a3b8059f5aa148b370ea5d55178bc4e19ec02cb6df7e69b706b88bcd1c624fbf676ce5bcfe015fe0b8efd33495e350f1891c128b17baa3b60b27a93322a7e633834db88ce6ba71f76b6004fd73fcb86cf750bf838312bbc5de0115bd4f89c82bd28f8df003565612222256fa22d50ba4b6c194b77aa50b2329d4d7d6331f850e439b8c98391d986d18621bea596dea1b57ca5551392c0e850f7ec26ba8ca7db2558ec16efe7a3d09a1fbb4828de3244e28d81923985a071569d9f894088de2e403d9f8853d3718f3571a7a2b1ffa750529676020107744291bf60aada2d91376e6d2110efef1d3fdf474e914b7a3fb16533a65e6ef1b1cc4c37991c328c073cb48d0e645d0e5128ee5335f3365f5f9322858f36fb999a847ad9994c2f47a80e15d50158632da1d1f3fd08538b2c75f6f688557d8ec8748f882ca5a4e07e554f91394d13a2d9f8aac9f0eabd68b5d6ae6fd099dc8509e4688930f5dbf807f96e37a2b363569c8b2c5d3633657ad785de0a4646e4af48aeb22e41124147d6487c214612babb89350862e880357444c446c7dac258f68755fd5a3eea48fe3a982d1ae23ac3cac6e260890823985d854e1a31425a091b578a053a592ebf4aac526aa90eaf15f7a2665ceb590254d43730743f50b83858e378fa1a41b9c509154372ef07e91afca8e9dd9de9cfb513615f0a69c478cde146f38789fb6d045745c031f0c9f5286edaf679e399fbad6ba6469286f9b62365f764fdf88f25fbf74d43b80982294929306e4efee587af49778eb71cf39caf7574eb8cd230986d6e5504776ee81f12e670846355cfe0e846d278b11d60c3451048474f39778e7ea1030bf0e9e02a9f76a9851b773f164754a456134a4a6e115b3d27fb97e5f3053b9fd37c54c89216d4b536aa312b846b9f7ce5510de27ec42655c495cadd8bc26ff2b7fc7b935380c49da6dca36a7ec188c9c1679216da7304f6734040aa540890fa17fb432a215a3e80b8bc275fb8d0dc9b56adc6c25a26b04854a8ea28d67586cc9814ade81a4bda226a4a804c005f5bd7b6f8ef845d0cadbd813ad57a008a41cb3c745355db68a595279da7354395e2898ab2bf726c3eae0f5c4d1773234c2639c496d016820a06d786aa7f9031d7ebae9d965e8f942a50ad73000e5f8051ccdabefd143e148c8e92b4bac420d1d3e7ae0679ab05368e14983cd0aaeedc23645e1f2d4e2bd51043616125a27f6ab4de00a62e8679172629012e0ff5007b358f0cb26bf84ba2d14efd0f2bf8a0497e31b186c9f4aa4610df5944cec6e6d064e9f4cc869a4af621ae2ef09e96b59ae47846a117cd157fe89aa906201da94676d98228090a557a210f9022d076741fcee016d812319a1ec092dd32e70d4990f0a7150787f3d97d05aff550c7816a6e4aba4b135fff604110c3301fc4797a850e99e404d1eb2a5827c3801e1a42f9126e0f9fe56dc6ad5ef6b03f9a51e6c5f48e4244e423c16e9853d1146c37a629c7f78366bdf3e7885edaed7fd1a0fc29554aed3f218c9e479a80d33a8b10f9ce1493b31bd528b19d0c05d3721a4eb621352929a7dff743a02d95691b12106a968c47d9bae09626f45f3b17b86f69b4c86b620211c8bfb0afc2405697502ce58cafb4bd1db3cf6f84fb18463a89e15c811db7d33628e5b213cd2c9163bc9a9eb7cf174762b5e9e75d901669e56e3a0615344bf784378b07f7a4e6922fc47d5f23e09b2b2f9572536876d56e378bbac679894b6eb3932cead3b0e385d977741281b5307d9c76157a62ad935b649b2ba51d3cde3d72379ef352e105ae6a0cc32ef83c1dc85b5b96e8c5ad6d2e46c06eb49701a358179b2897e8078d7778fbc1b1af96d119a8f2baf61b8558ac35bd46607c9f4ec41b8b5bec01c428fd47ca51ecfc88b112a4281110fb44484e5465509afa58666eff80387e9cf5b1aafb0fb183f9b717b2a46a9f79afdedba4b56839838de2b281ae41c0bca90e56129e62def9f6a05710afb8173f44ca12fdd9a75e7c75de7c8f6c0ac80d840179ab0af54e123e64f555d9bfc3fae8a1e1c4ce3457896aeb336556800405bc7de387cb1b10a970ca024c9da2ce041f2dddf7b02fc98dda597f97dd9b9dcdf639c5d27d53845b0fe7bafce58d97d730e4803ccaa84e5ae2f69f354a13106070844bb25c0321d13ff1a514de9a04a4634b8bbeb48a1a6c756f159ff06455ec62e6acfd411746e2d465e1ca2039ccc2a6a8aa5aba5ff90b42a04de62120e6946311254dfcfd4eb0ceb75989d76b7acc2d1287591d1c33cc71fb12951776133b792317d86c7eb859ad5857f6446d56d5cd83b5f1355cf6877878096ca6d83bfe01f3bfe000fd0e535b8566293fa239490b73ebc5e44f5f085f319d86422c566ed9d59d4d78ea912c910991986484cc651999d4fbb549bb6f47678ead35d0f364287e0afcd6eeaefe15a2b4ee55fcb70864f785abf724cfd914e2cc24054d636dc66f747547dd15462d8f069d4bacfb22b91e8ff05c5ea01578c7baf115db4fbba46d85f3f96536f629fa3df1fb240a6e0096ee3120861937057be9395c6991fc5949ddab8321e94e5d009a353562b7be634854d488fbedb06c1fc4a55d5d24a0739a3e73d23e628ab0831dda6c36ab5942067c99d918926bed9cf4cbc1766eddad32c0e165d04b3c088fc37de0be6ed8d8d6415e98cb334f6b50b07f817d053eed5b0b3eecf70e961e4991a25f61ce47736aaff5ad576d7ae29a4971a48b8e3b0d34713380362c4b81004431be534d41b32213f1b2d9758b75077891289d03596acb34d00b76dda5266f1a3307c55aa342f412c05500723ce0c834633016b95006bb0a240ec62eb6797c037bec2c8cb827e95d5e1ca6598b24aa1e729803aa8f2432b99af59a70ee8a6e1d94b0e9c6285d8622443840ee91d15d6f9481ff39c6ebf41eb94c313f8a0117b886ec1a7db11a27419ddb5cafb397cc9867c0c330adf8292ac2380d56eda8270cba32f5345594f3c6f91c109955715fc867fd7ca72bdd8db8d89cfaf9d25d92b1d365c61ad21938e1757b804cb0ab1e2fc3d246aad1cf85c38275efae07b54d2ae0b95e3fbbd787a5c58ee60251366c3fb2d345f63168a8a89cf2fc082c323c2420ed2f47bb5d948d8e5fc3f2ae46a3a56bb7d18eb674cafa70606b3322e3dcfdbcfe7f72c0ed10cc7a2d01fe462d3fcbc11b33b36ca702d423bd6363cdb246e16405695fc4d3f280ee636dde7de807024598328b668dc526c638adc2fa94b63283076468b419093e7ee4a109b846190b4365b45deea658830932d74ef444964bb59139079ebe61a005ee1c1a447ccd4bcdc44f7834109e9c897ae092dd42ae69d404cbe5e9bc78197720d822cfa55328228572a0d8b31af7b05e5316b34fbf51b38c07eaa7b2cbbee95ea6320f4e46cc0e4cf7c2642bf6d464a754ce99b13543553689f50e2a146a5c8e63a01a2789f2783dddfea346160b87f3f160c2e45436abf97e9f4837d53271b59557f5c92707e5975bfcf4ee2e85e36e9b0ffb3e1a11962a16ba679cb629934ba3ba9e83945c8f2a03ae501bf84fa9713b981c9fced22b22e98b36c74708717b1ade4657fbc895ff93a46cf9453611149fa95f8e3c48b098e5843e88a1b6e9afbe3947f20d575b100abdc38f5dd939f5b2563017504c1318c057a0d2c918e819a5042fcc78f97bdc4a990e59b895bedc0cc293b0704927ea4107a01d6decb92fd46bc777611101e7bf4b1a2c76031f1191b6ad2dc2f7d91c5b9afe6ed56f20014cf4f810af53d3b2c5ced6abc174fb1a9e30331706cda818bab8ec9b6d94afb15718566649ad04286737fd2744d69259e54148413434257d622393a71d0f27988d46e212acbc3428a09a6cc5f0addf7cbf67a5987afa6dbbb22e162dcfa3f163bb4bab195ddde3dcc4f879fd6048af72e9bb6febae7505ed59bf85d7c1bdde8f738cde78df81a561291ae3df6fe3fb6d834700728c2cb5b5374f020186d385e5174dfff323a7f09227abf90973122754e2e11d24ffba55ca92dbaae44bc8064be408736fe3216756cc2cfeb3b6ecd64b7d62b676aded0ee53c1f6d00da97091caa8abaaab2b5e15a75b7956544342556f2cef08db9e42866507364135af4e7c02b5a0cb639166d8d6a3a3146e1ee91f75031398e5c64e51cba647d384bc7530734d2ad0052d491f790fec98b37e70f9054245af4c02db1d00e50f46540cbf77a8ca4f6ab6956b9a81e4ae6ae9edd6d7abf4096a17450483c13584d3884da0c85aebea5fc647947658e264a0d02344b562244fcd05ca3047dd1c3129e67bcd7031303d2e9de26b2e3dc0cf59be349a1dfe0467122bf7b7b23f06152c911e1a980c57900377a61b401a23c3d20876a4210e5127c1a14b9d2174c9f38bf33066ddb0f8164b1717ee45978f2f79333f53931d4009832420e4440d1f2e445bc2857f119b3cab23f43dc92999908a236fbbb98c60a08f6e3735ec6eeb430372c3de3e3804ac0fdd51504332423f2b1fc94eaaa166b715d024c2f2dd51b1d0a6fc9f8470b8ffdb287d8313fb5c8be35ddfaa36fd9c8932d498abee2ff410c2767e116d3fc2babbc15c215611b287d7a785fdd993139d2c993327305430ca9cc0dbedeaa6fa75145f548031e0ae9f41ead8ff49ac5e1c5bcca1c91f21e6ab1a791b1f5a26e88bb468d60cb7bb5cefa57650a16bc545b45072e039425076fa412ab0ae23f26d2691deef3a42bbe6d374376f16e58e87b117b31d82d662fc86a0cc478ddfd5c802bc9e80896970fb68ca907d28957867f6d1336775c4e08fecac9410274bccea28977c3e76f6d6bc5d24429a795eb482a3646dee4f913e19b9a8f85bcd0d2d6b5fd3caee4057672d7bdb3594382c6c4ad6fb0b82adf971ecf183e89f2d0dea299db548e69a2eb4ad3cec3e7460575b9c1f6ab9f96cd7d4f12c998dcd7074dfa946355e32ae5349a84a6506b9d3819a2fca965a04e3875d48f4bd86f601008e33de01bdff0cfed4f84539baaafb63eeba935bdbaea64bd7288224fe60097297d72e"}) r1 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r1, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) setxattr$security_evm(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='security.evm\x00', &(0x7f0000000280)=@ng={0x4, 0x7, "3615b06ae6dd7aba26ffe1"}, 0xd, 0x3) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r1, r2, 0x0, 0x9546) 21:47:28 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2925.085082] ? af_alg_make_sg+0x2f7/0x400 [ 2925.085099] ? iov_iter_advance+0x218/0xc60 [ 2925.085113] ? sock_kmalloc+0x7f/0xc0 [ 2925.105031] sock_kmalloc+0x7f/0xc0 [ 2925.108683] af_alg_get_rsgl+0xca/0x530 [ 2925.112687] skcipher_recvmsg+0x774/0xd30 [ 2925.116870] ? skcipher_release+0x50/0x50 [ 2925.121214] ? selinux_socket_recvmsg+0x36/0x40 [ 2925.125890] ? security_socket_recvmsg+0x91/0xc0 [ 2925.130750] ? skcipher_release+0x50/0x50 [ 2925.134964] sock_recvmsg+0xc6/0x110 [ 2925.138686] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2925.143719] ___sys_recvmsg+0x21f/0x4d0 [ 2925.147709] ? ___sys_sendmsg+0x840/0x840 [ 2925.151860] ? __fget+0x210/0x370 [ 2925.155311] ? lock_downgrade+0x740/0x740 [ 2925.159478] ? __fget+0x237/0x370 [ 2925.162940] ? __fget_light+0x172/0x1f0 [ 2925.166926] ? __fdget+0x1b/0x20 [ 2925.170292] ? sockfd_lookup_light+0xb4/0x160 [ 2925.174781] __sys_recvmsg+0xb6/0x140 [ 2925.178582] ? SyS_sendmmsg+0x60/0x60 [ 2925.182394] SyS_recvmsg+0x2d/0x50 [ 2925.185930] ? __sys_recvmsg+0x140/0x140 [ 2925.189990] do_syscall_64+0x1e8/0x640 [ 2925.193886] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2925.198736] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2925.203923] RIP: 0033:0x45a919 [ 2925.207112] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2925.214836] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2925.222106] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2925.229524] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2925.236795] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 21:47:28 executing program 3 (fault-call:5 fault-nth:17): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2925.244066] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2925.288450] FAULT_INJECTION: forcing a failure. [ 2925.288450] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2925.300999] CPU: 0 PID: 18735 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2925.309089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2925.318449] Call Trace: [ 2925.321053] dump_stack+0x142/0x197 [ 2925.324699] should_fail.cold+0x10f/0x159 [ 2925.328841] ? __might_sleep+0x93/0xb0 [ 2925.332734] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2925.337411] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2925.342423] ? save_trace+0x290/0x290 [ 2925.346245] ? follow_page_pte+0x25e/0x1590 [ 2925.350596] alloc_pages_vma+0xc9/0x4c0 [ 2925.354593] __handle_mm_fault+0x186c/0x33d0 [ 2925.359013] ? copy_page_range+0x1de0/0x1de0 [ 2925.363438] ? find_held_lock+0x35/0x130 [ 2925.367504] ? handle_mm_fault+0x1b6/0x7c0 [ 2925.371750] handle_mm_fault+0x293/0x7c0 [ 2925.375821] __get_user_pages+0x465/0x12e0 [ 2925.380073] ? follow_page_mask+0x1630/0x1630 [ 2925.384567] ? lock_acquire+0x16f/0x430 [ 2925.388535] get_user_pages_unlocked+0x1f0/0x2f0 [ 2925.393296] ? get_user_pages_locked+0x3d0/0x3d0 [ 2925.398163] ? get_user_pages_fast+0x171/0x2d0 [ 2925.402739] get_user_pages_fast+0x228/0x2d0 [ 2925.407150] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2925.411903] ? save_trace+0x290/0x290 [ 2925.415712] iov_iter_get_pages+0x20f/0xd10 [ 2925.420033] ? __lock_is_held+0xb6/0x140 [ 2925.424111] ? check_preemption_disabled+0x3c/0x250 [ 2925.429138] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2925.434061] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2925.439511] af_alg_make_sg+0x85/0x400 [ 2925.443551] ? iov_iter_advance+0x218/0xc60 [ 2925.447886] ? af_alg_data_wakeup+0x80/0x80 [ 2925.452235] af_alg_get_rsgl+0x1d3/0x530 [ 2925.456320] skcipher_recvmsg+0x774/0xd30 [ 2925.460689] ? skcipher_release+0x50/0x50 [ 2925.464829] ? selinux_socket_recvmsg+0x36/0x40 [ 2925.469563] ? security_socket_recvmsg+0x91/0xc0 [ 2925.474315] ? skcipher_release+0x50/0x50 [ 2925.478459] sock_recvmsg+0xc6/0x110 [ 2925.482173] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2925.487186] ___sys_recvmsg+0x21f/0x4d0 [ 2925.491175] ? ___sys_sendmsg+0x840/0x840 [ 2925.495323] ? __fget+0x210/0x370 [ 2925.498776] ? lock_downgrade+0x740/0x740 [ 2925.502936] ? __fget+0x237/0x370 [ 2925.506410] ? __fget_light+0x172/0x1f0 [ 2925.510507] ? __fdget+0x1b/0x20 [ 2925.513877] ? sockfd_lookup_light+0xb4/0x160 [ 2925.518479] __sys_recvmsg+0xb6/0x140 [ 2925.522279] ? SyS_sendmmsg+0x60/0x60 [ 2925.526110] SyS_recvmsg+0x2d/0x50 [ 2925.529652] ? __sys_recvmsg+0x140/0x140 [ 2925.533724] do_syscall_64+0x1e8/0x640 [ 2925.537620] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2925.542468] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2925.547656] RIP: 0033:0x45a919 [ 2925.550848] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2925.558576] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2925.565965] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2925.573229] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2925.580501] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2925.587847] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:30 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) openat$selinux_create(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/create\x00', 0x2, 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r2, 0x1, &(0x7f0000000180)={{r3, r4+10000000}, {0x0, 0x1c9c380}}, 0x0) 21:47:30 executing program 3 (fault-call:5 fault-nth:18): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:30 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) accept(r2, &(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f0000000000)=0x80) [ 2927.602742] kauditd_printk_skb: 10 callbacks suppressed [ 2927.602752] audit: type=1800 audit(1577137650.989:605): pid=18739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17410 res=0 [ 2927.636972] FAULT_INJECTION: forcing a failure. [ 2927.636972] name fail_page_alloc, interval 1, probability 0, space 0, times 0 21:47:31 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x40, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x4, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000000), 0x4) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2927.645493] audit: type=1804 audit(1577137651.019:606): pid=18739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1585/file0" dev="sda1" ino=17410 res=1 [ 2927.684383] CPU: 1 PID: 18740 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2927.692324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2927.701693] Call Trace: [ 2927.704299] dump_stack+0x142/0x197 [ 2927.707980] should_fail.cold+0x10f/0x159 [ 2927.712153] ? __might_sleep+0x93/0xb0 [ 2927.716074] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2927.720773] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2927.725806] ? save_trace+0x290/0x290 [ 2927.729622] ? follow_page_pte+0x25e/0x1590 [ 2927.733960] alloc_pages_vma+0xc9/0x4c0 [ 2927.737959] __handle_mm_fault+0x186c/0x33d0 [ 2927.742400] ? copy_page_range+0x1de0/0x1de0 [ 2927.746918] ? find_held_lock+0x35/0x130 [ 2927.751018] ? handle_mm_fault+0x1b6/0x7c0 [ 2927.755292] handle_mm_fault+0x293/0x7c0 [ 2927.759367] __get_user_pages+0x465/0x12e0 [ 2927.763626] ? follow_page_mask+0x1630/0x1630 [ 2927.768141] ? lock_acquire+0x16f/0x430 [ 2927.772265] get_user_pages_unlocked+0x1f0/0x2f0 [ 2927.777042] ? get_user_pages_locked+0x3d0/0x3d0 [ 2927.781819] ? get_user_pages_fast+0x171/0x2d0 [ 2927.786462] get_user_pages_fast+0x228/0x2d0 [ 2927.790902] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2927.795675] ? save_trace+0x290/0x290 [ 2927.799485] iov_iter_get_pages+0x20f/0xd10 [ 2927.803958] ? __lock_is_held+0xb6/0x140 [ 2927.808038] ? check_preemption_disabled+0x3c/0x250 [ 2927.813081] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2927.818058] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2927.823527] af_alg_make_sg+0x85/0x400 [ 2927.827422] ? iov_iter_advance+0x218/0xc60 [ 2927.831754] ? af_alg_data_wakeup+0x80/0x80 [ 2927.836093] af_alg_get_rsgl+0x1d3/0x530 [ 2927.840186] skcipher_recvmsg+0x774/0xd30 [ 2927.842514] audit: type=1800 audit(1577137651.069:607): pid=18739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17410 res=0 [ 2927.844377] ? skcipher_release+0x50/0x50 [ 2927.844386] ? selinux_socket_recvmsg+0x36/0x40 [ 2927.844401] ? security_socket_recvmsg+0x91/0xc0 [ 2927.870575] audit: type=1804 audit(1577137651.069:608): pid=18739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1585/file0" dev="sda1" ino=17410 res=1 [ 2927.871563] ? skcipher_release+0x50/0x50 [ 2927.871579] sock_recvmsg+0xc6/0x110 [ 2927.871593] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2927.921715] ___sys_recvmsg+0x21f/0x4d0 [ 2927.925694] ? ___sys_sendmsg+0x840/0x840 [ 2927.929925] ? __fget+0x210/0x370 [ 2927.933388] ? lock_downgrade+0x740/0x740 [ 2927.937526] ? __fget+0x237/0x370 [ 2927.940979] ? __fget_light+0x172/0x1f0 [ 2927.944956] ? __fdget+0x1b/0x20 [ 2927.948369] ? sockfd_lookup_light+0xb4/0x160 [ 2927.952862] __sys_recvmsg+0xb6/0x140 [ 2927.956654] ? SyS_sendmmsg+0x60/0x60 [ 2927.960614] SyS_recvmsg+0x2d/0x50 [ 2927.964146] ? __sys_recvmsg+0x140/0x140 [ 2927.968199] do_syscall_64+0x1e8/0x640 [ 2927.972078] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2927.976932] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2927.982116] RIP: 0033:0x45a919 [ 2927.985296] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2927.993022] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 21:47:31 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f0000000080)=@get={0x1, &(0x7f0000000180)=""/227, 0x7fff}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r4, 0x0, 0xffffffffffffffff, 0x0) move_pages(r4, 0x1, &(0x7f0000000000)=[&(0x7f0000fff000/0x1000)=nil], 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:31 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x90b, 0x41) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000180)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x4}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) [ 2928.000280] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2928.007549] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2928.014820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2928.022081] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:31 executing program 3 (fault-call:5 fault-nth:19): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:31 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x41ca40, 0x8) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') mmap$usbmon(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000001, 0x10, r0, 0x101) sendfile(r0, r1, 0x0, 0x9546) [ 2928.123279] FAULT_INJECTION: forcing a failure. [ 2928.123279] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2928.150260] audit: type=1800 audit(1577137651.529:609): pid=18762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17474 res=0 [ 2928.153611] CPU: 1 PID: 18758 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2928.181199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2928.182295] audit: type=1800 audit(1577137651.539:610): pid=18762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17474 res=0 [ 2928.190571] Call Trace: [ 2928.190591] dump_stack+0x142/0x197 [ 2928.190611] should_fail.cold+0x10f/0x159 [ 2928.190632] ? __might_sleep+0x93/0xb0 [ 2928.190645] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2928.190659] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2928.237613] ? save_trace+0x290/0x290 [ 2928.241436] ? follow_page_pte+0x25e/0x1590 [ 2928.245779] alloc_pages_vma+0xc9/0x4c0 [ 2928.249775] __handle_mm_fault+0x186c/0x33d0 [ 2928.254206] ? copy_page_range+0x1de0/0x1de0 [ 2928.258636] ? find_held_lock+0x35/0x130 [ 2928.262717] ? handle_mm_fault+0x1b6/0x7c0 [ 2928.266987] handle_mm_fault+0x293/0x7c0 21:47:31 executing program 1: r0 = open(&(0x7f00000001c0)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x200, 0x8) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000140)={0x9b, 0x376ae45b890f186a, 0x4, 0x40, 0x1, {r2, r3/1000+10000}, {0x5, 0x8, 0x1, 0x4, 0x67, 0x8, "da34359d"}, 0x2, 0x4, @userptr=0x1, 0x3, 0x0, 0xffffffffffffffff}) setsockopt$inet6_udp_int(r4, 0x11, 0x64, &(0x7f00000000c0), 0x4) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2928.267986] audit: type=1800 audit(1577137651.539:611): pid=18767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17474 res=0 [ 2928.271064] __get_user_pages+0x465/0x12e0 [ 2928.271083] ? follow_page_mask+0x1630/0x1630 [ 2928.271093] ? lock_acquire+0x16f/0x430 [ 2928.271110] get_user_pages_unlocked+0x1f0/0x2f0 [ 2928.271126] ? get_user_pages_locked+0x3d0/0x3d0 [ 2928.302580] audit: type=1804 audit(1577137651.539:612): pid=18767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1587/file0" dev="sda1" ino=17474 res=1 [ 2928.302880] ? get_user_pages_fast+0x171/0x2d0 [ 2928.302897] get_user_pages_fast+0x228/0x2d0 [ 2928.302911] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2928.302923] ? save_trace+0x290/0x290 [ 2928.302939] iov_iter_get_pages+0x20f/0xd10 [ 2928.302950] ? __lock_is_held+0xb6/0x140 [ 2928.302961] ? check_preemption_disabled+0x3c/0x250 [ 2928.374778] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2928.379751] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2928.385238] af_alg_make_sg+0x85/0x400 [ 2928.389155] ? iov_iter_advance+0x218/0xc60 [ 2928.393518] ? af_alg_data_wakeup+0x80/0x80 [ 2928.397872] af_alg_get_rsgl+0x1d3/0x530 [ 2928.401973] skcipher_recvmsg+0x774/0xd30 [ 2928.406161] ? skcipher_release+0x50/0x50 [ 2928.410337] ? selinux_socket_recvmsg+0x36/0x40 [ 2928.415025] ? security_socket_recvmsg+0x91/0xc0 [ 2928.419796] ? skcipher_release+0x50/0x50 [ 2928.423971] sock_recvmsg+0xc6/0x110 [ 2928.427715] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2928.432824] ___sys_recvmsg+0x21f/0x4d0 [ 2928.436818] ? ___sys_sendmsg+0x840/0x840 [ 2928.440988] ? __fget+0x210/0x370 [ 2928.444479] ? lock_downgrade+0x740/0x740 [ 2928.448645] ? __fget+0x237/0x370 [ 2928.452177] ? __fget_light+0x172/0x1f0 [ 2928.456157] ? __fdget+0x1b/0x20 [ 2928.459534] ? sockfd_lookup_light+0xb4/0x160 [ 2928.464046] __sys_recvmsg+0xb6/0x140 [ 2928.467861] ? SyS_sendmmsg+0x60/0x60 [ 2928.471697] SyS_recvmsg+0x2d/0x50 [ 2928.475256] ? __sys_recvmsg+0x140/0x140 [ 2928.479348] do_syscall_64+0x1e8/0x640 [ 2928.483257] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2928.488136] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2928.493350] RIP: 0033:0x45a919 [ 2928.496554] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2928.504285] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2928.508334] audit: type=1800 audit(1577137651.539:613): pid=18767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17410 res=0 [ 2928.511559] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2928.511567] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2928.511572] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2928.511577] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:32 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100, 0x1}, 0x0, 0x40000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:32 executing program 3 (fault-call:5 fault-nth:20): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:32 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r0, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r0, 0xa, 0x12) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/21, 0x15}, {&(0x7f0000000300)=""/193, 0xc1}, {&(0x7f0000000140)=""/87, 0x57}, {&(0x7f0000000400)=""/149, 0x95}, {&(0x7f00000001c0)=""/24, 0x18}], 0x5, 0x6) setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f0000000040), 0x4) preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$SOUND_MIXER_READ_RECMASK(r2, 0x80044dfd, &(0x7f0000000000)) dup2(r0, r1) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000280)='/dev/urandom\x00', 0x111001, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) tee(r4, r5, 0x4, 0xb) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x200000000000013, &(0x7f0000000040)=0x480100000001, 0x4) connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000440), 0x12f85e) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000000)={@empty}, 0x20) tkill(r7, 0xb) ptrace$setopts(0x4206, r7, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) [ 2928.661240] audit: type=1804 audit(1577137651.939:614): pid=18767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1587/file0" dev="sda1" ino=17410 res=1 [ 2928.754443] FAULT_INJECTION: forcing a failure. [ 2928.754443] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2928.790847] CPU: 1 PID: 18779 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2928.798783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2928.808156] Call Trace: [ 2928.810766] dump_stack+0x142/0x197 [ 2928.814416] should_fail.cold+0x10f/0x159 [ 2928.818581] ? __might_sleep+0x93/0xb0 [ 2928.822495] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2928.827193] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2928.832232] ? save_trace+0x290/0x290 [ 2928.836053] ? follow_page_pte+0x25e/0x1590 [ 2928.840403] alloc_pages_vma+0xc9/0x4c0 [ 2928.844406] __handle_mm_fault+0x186c/0x33d0 [ 2928.848842] ? copy_page_range+0x1de0/0x1de0 [ 2928.853271] ? find_held_lock+0x35/0x130 [ 2928.857352] ? handle_mm_fault+0x1b6/0x7c0 [ 2928.861622] handle_mm_fault+0x293/0x7c0 [ 2928.865711] __get_user_pages+0x465/0x12e0 [ 2928.869972] ? follow_page_mask+0x1630/0x1630 [ 2928.874488] ? lock_acquire+0x16f/0x430 [ 2928.878517] get_user_pages_unlocked+0x1f0/0x2f0 [ 2928.883303] ? get_user_pages_locked+0x3d0/0x3d0 [ 2928.888081] ? get_user_pages_fast+0x171/0x2d0 [ 2928.892685] get_user_pages_fast+0x228/0x2d0 [ 2928.897117] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2928.901896] ? save_trace+0x290/0x290 [ 2928.905720] iov_iter_get_pages+0x20f/0xd10 [ 2928.910060] ? __lock_is_held+0xb6/0x140 [ 2928.914134] ? check_preemption_disabled+0x3c/0x250 [ 2928.919172] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2928.924117] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2928.929592] af_alg_make_sg+0x85/0x400 [ 2928.933501] ? iov_iter_advance+0x218/0xc60 [ 2928.937841] ? af_alg_data_wakeup+0x80/0x80 [ 2928.942184] af_alg_get_rsgl+0x1d3/0x530 [ 2928.946270] skcipher_recvmsg+0x774/0xd30 [ 2928.950448] ? skcipher_release+0x50/0x50 [ 2928.954612] ? selinux_socket_recvmsg+0x36/0x40 [ 2928.959299] ? security_socket_recvmsg+0x91/0xc0 [ 2928.964076] ? skcipher_release+0x50/0x50 [ 2928.968243] sock_recvmsg+0xc6/0x110 [ 2928.971977] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2928.977016] ___sys_recvmsg+0x21f/0x4d0 [ 2928.981017] ? ___sys_sendmsg+0x840/0x840 [ 2928.985187] ? lock_release+0x44d/0x940 [ 2928.989193] ? lock_downgrade+0x740/0x740 [ 2928.993372] ? __fget+0x237/0x370 [ 2928.996848] ? __fget_light+0x172/0x1f0 [ 2929.000964] ? __fdget+0x1b/0x20 [ 2929.004365] ? sockfd_lookup_light+0xb4/0x160 [ 2929.008888] __sys_recvmsg+0xb6/0x140 [ 2929.012702] ? SyS_sendmmsg+0x60/0x60 [ 2929.016533] SyS_recvmsg+0x2d/0x50 [ 2929.020083] ? __sys_recvmsg+0x140/0x140 [ 2929.024166] do_syscall_64+0x1e8/0x640 [ 2929.028066] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2929.032932] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2929.038135] RIP: 0033:0x45a919 [ 2929.041330] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2929.049062] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2929.056343] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2929.063635] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2929.070919] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2929.078201] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:34 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ftruncate(r2, 0x8) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)) rt_sigtimedwait(&(0x7f0000000080)={0x2}, &(0x7f00000000c0), &(0x7f0000000140)={0x0, 0x989680}, 0x8) 21:47:34 executing program 3 (fault-call:5 fault-nth:21): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:34 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='\x03\x03\x12M\x1d\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3+Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#\x00r\x00\x1e\x84x8\x10H\xe6\xb9\xe4\xf6\xc1~0\xe5+\x82F\xff\x10\xb4\xba\xb9\xad~\x1b\x86_h\x99j\x94\f\x1a') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) bind$unix(r1, &(0x7f0000000140)=@abs={0x2, 0x0, 0x4e20}, 0x6e) r2 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r3 = dup(r2) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'gre0\x00', 0x10}) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r2, 0x0, 0x9546) 21:47:34 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r5, &(0x7f0000000040)={0x34, 0x3, 0x0, {0x5, 0x13, 0x0, '\xffvmnet1ppp1}%cgroup'}}, 0x34) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0xf7, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000000), 0x9}, 0x1000, 0x0, 0x0, 0x7, 0x9}, r4, 0x0, 0xffffffffffffffff, 0x0) ptrace$cont(0x9, r4, 0xfffffffffffffffa, 0x401) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0xfd, 0x0}, 0x6}], 0x254, 0x20010012, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x605, r6) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) 21:47:34 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$RTC_IRQP_SET(r3, 0x4008700c, 0x1d00) tkill(r0, 0x16) 21:47:34 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @mss={0x2, 0x53b}], 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r0) tkill(r0, 0x16) [ 2930.668200] FAULT_INJECTION: forcing a failure. [ 2930.668200] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2930.686922] CPU: 1 PID: 18790 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2930.694853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2930.704218] Call Trace: [ 2930.706817] dump_stack+0x142/0x197 [ 2930.710544] should_fail.cold+0x10f/0x159 [ 2930.714719] ? __might_sleep+0x93/0xb0 [ 2930.718733] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2930.723423] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2930.728457] ? save_trace+0x290/0x290 [ 2930.732274] ? follow_page_pte+0x25e/0x1590 [ 2930.736626] alloc_pages_vma+0xc9/0x4c0 [ 2930.740630] __handle_mm_fault+0x186c/0x33d0 [ 2930.745069] ? copy_page_range+0x1de0/0x1de0 [ 2930.749504] ? find_held_lock+0x35/0x130 [ 2930.753582] ? handle_mm_fault+0x1b6/0x7c0 [ 2930.757844] handle_mm_fault+0x293/0x7c0 [ 2930.761936] __get_user_pages+0x465/0x12e0 [ 2930.766192] ? follow_page_mask+0x1630/0x1630 [ 2930.770709] ? lock_acquire+0x16f/0x430 [ 2930.774717] get_user_pages_unlocked+0x1f0/0x2f0 [ 2930.779502] ? get_user_pages_locked+0x3d0/0x3d0 [ 2930.784278] ? get_user_pages_fast+0x171/0x2d0 [ 2930.788887] get_user_pages_fast+0x228/0x2d0 [ 2930.793322] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2930.798092] ? save_trace+0x290/0x290 [ 2930.801985] iov_iter_get_pages+0x20f/0xd10 [ 2930.806313] ? __lock_is_held+0xb6/0x140 [ 2930.810383] ? check_preemption_disabled+0x3c/0x250 [ 2930.815512] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2930.820457] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2930.825934] af_alg_make_sg+0x85/0x400 [ 2930.829845] ? iov_iter_advance+0x218/0xc60 [ 2930.834198] ? af_alg_data_wakeup+0x80/0x80 [ 2930.838674] af_alg_get_rsgl+0x1d3/0x530 [ 2930.842776] skcipher_recvmsg+0x774/0xd30 [ 2930.846958] ? skcipher_release+0x50/0x50 [ 2930.851255] ? selinux_socket_recvmsg+0x36/0x40 [ 2930.855931] ? security_socket_recvmsg+0x91/0xc0 [ 2930.860685] ? skcipher_release+0x50/0x50 [ 2930.864828] sock_recvmsg+0xc6/0x110 [ 2930.868552] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2930.873576] ___sys_recvmsg+0x21f/0x4d0 [ 2930.877562] ? ___sys_sendmsg+0x840/0x840 [ 2930.881776] ? __fget+0x210/0x370 [ 2930.885246] ? lock_downgrade+0x740/0x740 [ 2930.889394] ? __fget+0x237/0x370 [ 2930.892844] ? __fget_light+0x172/0x1f0 [ 2930.896830] ? __fdget+0x1b/0x20 [ 2930.900196] ? sockfd_lookup_light+0xb4/0x160 [ 2930.904690] __sys_recvmsg+0xb6/0x140 [ 2930.908485] ? SyS_sendmmsg+0x60/0x60 [ 2930.912389] SyS_recvmsg+0x2d/0x50 [ 2930.915980] ? __sys_recvmsg+0x140/0x140 [ 2930.920043] do_syscall_64+0x1e8/0x640 [ 2930.923929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2930.928771] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2930.934131] RIP: 0033:0x45a919 [ 2930.937309] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2930.945018] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2930.952285] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2930.959678] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 21:47:34 executing program 1: r0 = open(&(0x7f0000000000)='./file0\x00', 0x200, 0x128) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000080)) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) write(r2, &(0x7f0000000340)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac300455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b692ad69f3768797d1971da8a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f510688abc9e455adcd1f57cb59b4311bc8f4ef944c1de8217", 0x20b) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r2, 0x0, 0x9546) [ 2930.966965] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2930.974237] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:34 executing program 3 (fault-call:5 fault-nth:22): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2931.118626] FAULT_INJECTION: forcing a failure. [ 2931.118626] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2931.141734] CPU: 1 PID: 18813 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2931.149670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2931.159037] Call Trace: [ 2931.161645] dump_stack+0x142/0x197 21:47:34 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2b}}, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x4e23, 0x1f, @mcast2, 0x401}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e21, @local}], 0x7c) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000140)={{0xf000, 0xf357e42b47807e06, 0xf, 0x0, 0x80, 0x5, 0x29, 0xf8, 0x20, 0x69, 0x2, 0x4}, {0x2, 0xf000, 0x9, 0x0, 0x1, 0x7, 0x8, 0x3, 0x9, 0x40, 0x6, 0xfd}, {0x100000, 0x6000, 0xb, 0x3f, 0x42, 0x40, 0xb3, 0xba, 0x2, 0x1d, 0x29, 0x2}, {0xf000, 0x2000, 0x10, 0x21, 0x3f, 0x7, 0x3, 0x3, 0x9, 0x5, 0x3f}, {0x5001, 0x19000, 0x9, 0x4, 0x80, 0x80, 0xe, 0x1, 0x3f, 0x81, 0x9, 0x80}, {0xf000, 0x1000, 0xf, 0x3, 0x6, 0x11, 0x81, 0x1, 0x1, 0x1, 0x0, 0x6}, {0x2, 0xf000, 0xd, 0x7, 0xe3, 0x81, 0x81, 0x0, 0x97, 0x0, 0x3, 0x2}, {0x2000, 0x2, 0x0, 0x6, 0x5, 0x5, 0x3f, 0xa0, 0x4, 0x4, 0x1, 0x7f}, {0xf000, 0x3800}, {0x4000, 0x5000}, 0x20000000, 0x0, 0x0, 0x8, 0x4, 0x0, 0x2, [0x8, 0x80, 0x100000001, 0x7]}) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000300)={{0x5, 0x1f}, {0x6, 0x5}, 0x4, 0x1, 0xf7}) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) [ 2931.165331] should_fail.cold+0x10f/0x159 [ 2931.169506] ? __might_sleep+0x93/0xb0 [ 2931.173420] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2931.178113] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2931.183150] ? save_trace+0x290/0x290 [ 2931.186980] ? follow_page_pte+0x25e/0x1590 [ 2931.191327] alloc_pages_vma+0xc9/0x4c0 [ 2931.195328] __handle_mm_fault+0x186c/0x33d0 [ 2931.199974] ? copy_page_range+0x1de0/0x1de0 [ 2931.204399] ? find_held_lock+0x35/0x130 [ 2931.208470] ? handle_mm_fault+0x1b6/0x7c0 [ 2931.212710] handle_mm_fault+0x293/0x7c0 [ 2931.216783] __get_user_pages+0x465/0x12e0 [ 2931.221017] ? follow_page_mask+0x1630/0x1630 [ 2931.225502] ? lock_acquire+0x16f/0x430 [ 2931.229469] get_user_pages_unlocked+0x1f0/0x2f0 [ 2931.234221] ? get_user_pages_locked+0x3d0/0x3d0 [ 2931.238966] ? get_user_pages_fast+0x171/0x2d0 [ 2931.243568] get_user_pages_fast+0x228/0x2d0 [ 2931.247996] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2931.252769] ? save_trace+0x290/0x290 [ 2931.256590] iov_iter_get_pages+0x20f/0xd10 [ 2931.260931] ? __lock_is_held+0xb6/0x140 21:47:34 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)=@in6={0xa, 0x4e23, 0x2, @local, 0x4}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000080)="792e0833f48293babd422dc201e7098e5719d6047b84f0fdbe801b4eb557765cb06e4894de2b20cad7e4917b6a281f77a43a9553114bdc719854e5d226", 0x3d}, {&(0x7f00000001c0)="28899fafe976329768f78968cf58ae2e6b4eb2ce60eeb8e0362f", 0x1a}], 0x2, &(0x7f00000002c0)=[@txtime={{0x18, 0x1, 0x3d, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x2}}, @mark={{0x14, 0x1, 0x24, 0xfffffff1}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x78}, 0x40) io_setup(0x0, 0x0) r0 = perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10fa760aee5a5a8d, 0xfffffffffffffffc, 0x0, 0x7, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000380)={0x81, 0x0, 0x2}) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e22, 0x400, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xca}], 0x14) ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x40000000000ecf) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) [ 2931.265009] ? check_preemption_disabled+0x3c/0x250 [ 2931.270047] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2931.275006] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2931.280480] af_alg_make_sg+0x85/0x400 [ 2931.284391] ? iov_iter_advance+0x218/0xc60 [ 2931.288738] ? af_alg_data_wakeup+0x80/0x80 [ 2931.293095] af_alg_get_rsgl+0x1d3/0x530 [ 2931.297193] skcipher_recvmsg+0x774/0xd30 [ 2931.301372] ? skcipher_release+0x50/0x50 [ 2931.305541] ? selinux_socket_recvmsg+0x36/0x40 [ 2931.310231] ? security_socket_recvmsg+0x91/0xc0 [ 2931.315011] ? skcipher_release+0x50/0x50 [ 2931.319180] sock_recvmsg+0xc6/0x110 [ 2931.322917] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2931.327959] ___sys_recvmsg+0x21f/0x4d0 [ 2931.331959] ? ___sys_sendmsg+0x840/0x840 [ 2931.336127] ? __fget+0x210/0x370 [ 2931.339594] ? lock_downgrade+0x740/0x740 [ 2931.343741] ? __fget+0x237/0x370 [ 2931.347189] ? __fget_light+0x172/0x1f0 [ 2931.351153] ? __fdget+0x1b/0x20 [ 2931.354515] ? sockfd_lookup_light+0xb4/0x160 [ 2931.359011] __sys_recvmsg+0xb6/0x140 [ 2931.362812] ? SyS_sendmmsg+0x60/0x60 [ 2931.366643] SyS_recvmsg+0x2d/0x50 [ 2931.370204] ? __sys_recvmsg+0x140/0x140 [ 2931.374260] do_syscall_64+0x1e8/0x640 [ 2931.378157] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2931.383127] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2931.388322] RIP: 0033:0x45a919 [ 2931.391502] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2931.399200] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2931.406606] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:47:34 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x154) read$midi(r2, &(0x7f0000000140)=""/244, 0xf4) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2931.414109] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2931.421501] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2931.428858] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:34 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', &(0x7f0000000140)=""/138, 0x8a) tkill(r0, 0x16) 21:47:34 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00000000c0)=0x0) timer_settime(r0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r1 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r1, r2, 0x0, 0xeefffdef) ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000080)={0x3, 0x200, 0x1, 0x5, 0xe, "aea514300e0deae3ef37aab969ba5cfd0bb52d"}) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:34 executing program 3 (fault-call:5 fault-nth:23): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:34 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2931.560990] FAULT_INJECTION: forcing a failure. [ 2931.560990] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2931.580609] CPU: 0 PID: 18836 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2931.588556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2931.597926] Call Trace: [ 2931.600533] dump_stack+0x142/0x197 [ 2931.604185] should_fail.cold+0x10f/0x159 [ 2931.608351] ? __might_sleep+0x93/0xb0 [ 2931.612260] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2931.616952] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2931.621991] ? save_trace+0x290/0x290 [ 2931.625818] ? follow_page_pte+0x25e/0x1590 [ 2931.630169] alloc_pages_vma+0xc9/0x4c0 [ 2931.634158] __handle_mm_fault+0x186c/0x33d0 [ 2931.638587] ? copy_page_range+0x1de0/0x1de0 [ 2931.643015] ? find_held_lock+0x35/0x130 [ 2931.647098] ? handle_mm_fault+0x1b6/0x7c0 [ 2931.651354] handle_mm_fault+0x293/0x7c0 [ 2931.651367] __get_user_pages+0x465/0x12e0 [ 2931.651383] ? follow_page_mask+0x1630/0x1630 [ 2931.651393] ? lock_acquire+0x16f/0x430 [ 2931.651413] get_user_pages_unlocked+0x1f0/0x2f0 [ 2931.651428] ? get_user_pages_locked+0x3d0/0x3d0 [ 2931.651435] ? get_user_pages_fast+0x171/0x2d0 [ 2931.651449] get_user_pages_fast+0x228/0x2d0 [ 2931.651462] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2931.651473] ? save_trace+0x290/0x290 [ 2931.651488] iov_iter_get_pages+0x20f/0xd10 [ 2931.651499] ? __lock_is_held+0xb6/0x140 [ 2931.659803] ? check_preemption_disabled+0x3c/0x250 [ 2931.708690] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2931.713644] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2931.719124] af_alg_make_sg+0x85/0x400 [ 2931.723035] ? iov_iter_advance+0x218/0xc60 [ 2931.727382] ? af_alg_data_wakeup+0x80/0x80 [ 2931.731728] af_alg_get_rsgl+0x1d3/0x530 [ 2931.735800] skcipher_recvmsg+0x774/0xd30 [ 2931.739961] ? skcipher_release+0x50/0x50 [ 2931.744124] ? selinux_socket_recvmsg+0x36/0x40 [ 2931.748799] ? security_socket_recvmsg+0x91/0xc0 [ 2931.753571] ? skcipher_release+0x50/0x50 [ 2931.757727] sock_recvmsg+0xc6/0x110 [ 2931.761597] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2931.766640] ___sys_recvmsg+0x21f/0x4d0 [ 2931.770697] ? ___sys_sendmsg+0x840/0x840 [ 2931.774899] ? __fget+0x210/0x370 [ 2931.778359] ? lock_downgrade+0x740/0x740 [ 2931.782702] ? __fget+0x237/0x370 [ 2931.786183] ? __fget_light+0x172/0x1f0 [ 2931.790175] ? __fdget+0x1b/0x20 [ 2931.793555] ? sockfd_lookup_light+0xb4/0x160 [ 2931.798050] __sys_recvmsg+0xb6/0x140 [ 2931.801849] ? SyS_sendmmsg+0x60/0x60 [ 2931.805661] SyS_recvmsg+0x2d/0x50 [ 2931.809240] ? __sys_recvmsg+0x140/0x140 [ 2931.813307] do_syscall_64+0x1e8/0x640 [ 2931.817207] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2931.822073] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2931.827264] RIP: 0033:0x45a919 [ 2931.830450] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2931.838270] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2931.845591] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2931.852869] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2931.860149] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2931.867646] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:37 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) r2 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000080)) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:37 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r3, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(r3, &(0x7f0000000000)='net/mcfilter\x00') dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:37 executing program 3 (fault-call:5 fault-nth:24): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:37 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x6, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x0) r3 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0) fanotify_mark(0xffffffffffffffff, 0x80, 0x0, r3, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x281, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7fdffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x0, 0x0) listen(0xffffffffffffffff, 0x400000001ffffffd) r4 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r5 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg(r5, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}], 0x4000000000000d0, 0x0) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) prctl$PR_SET_FP_MODE(0x2d, 0x1) tkill(r0, 0x16) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) openat(r6, &(0x7f0000000080)='./file0\x00', 0x642000, 0x8ff91204c66f0db9) 21:47:37 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) write(r0, &(0x7f0000000140)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944cade821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$SG_EMULATED_HOST(r2, 0x2203, &(0x7f0000000000)) sendfile(r0, r1, 0x0, 0x9546) [ 2933.693898] FAULT_INJECTION: forcing a failure. [ 2933.693898] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2933.694126] kauditd_printk_skb: 14 callbacks suppressed [ 2933.694134] audit: type=1800 audit(1577137657.079:629): pid=18854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17502 res=0 [ 2933.719416] CPU: 0 PID: 18853 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2933.742267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2933.751633] Call Trace: [ 2933.754243] dump_stack+0x142/0x197 [ 2933.757906] should_fail.cold+0x10f/0x159 [ 2933.762072] ? __might_sleep+0x93/0xb0 [ 2933.765982] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2933.770676] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2933.770745] audit: type=1804 audit(1577137657.099:630): pid=18858 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1592/file0" dev="sda1" ino=17502 res=1 [ 2933.775695] ? save_trace+0x290/0x290 [ 2933.775709] ? follow_page_pte+0x25e/0x1590 [ 2933.775727] alloc_pages_vma+0xc9/0x4c0 [ 2933.775742] __handle_mm_fault+0x186c/0x33d0 [ 2933.775755] ? copy_page_range+0x1de0/0x1de0 [ 2933.811479] audit: type=1800 audit(1577137657.099:631): pid=18854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17502 res=0 [ 2933.815289] ? find_held_lock+0x35/0x130 [ 2933.815303] ? handle_mm_fault+0x1b6/0x7c0 [ 2933.815329] handle_mm_fault+0x293/0x7c0 [ 2933.815342] __get_user_pages+0x465/0x12e0 [ 2933.819928] audit: type=1804 audit(1577137657.099:632): pid=18854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1592/file0" dev="sda1" ino=17502 res=1 [ 2933.824179] ? follow_page_mask+0x1630/0x1630 [ 2933.824189] ? lock_acquire+0x16f/0x430 [ 2933.824209] get_user_pages_unlocked+0x1f0/0x2f0 [ 2933.824227] ? get_user_pages_locked+0x3d0/0x3d0 [ 2933.824236] ? get_user_pages_fast+0x171/0x2d0 [ 2933.824249] get_user_pages_fast+0x228/0x2d0 [ 2933.824262] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2933.923290] ? save_trace+0x290/0x290 [ 2933.927093] iov_iter_get_pages+0x20f/0xd10 [ 2933.931474] ? __lock_is_held+0xb6/0x140 [ 2933.935550] ? check_preemption_disabled+0x3c/0x250 [ 2933.940564] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2933.945494] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2933.950985] af_alg_make_sg+0x85/0x400 [ 2933.954868] ? iov_iter_advance+0x218/0xc60 [ 2933.959179] ? af_alg_data_wakeup+0x80/0x80 [ 2933.963491] af_alg_get_rsgl+0x1d3/0x530 [ 2933.967546] skcipher_recvmsg+0x774/0xd30 [ 2933.971687] ? skcipher_release+0x50/0x50 [ 2933.975823] ? selinux_socket_recvmsg+0x36/0x40 [ 2933.980484] ? security_socket_recvmsg+0x91/0xc0 [ 2933.985232] ? skcipher_release+0x50/0x50 [ 2933.989382] sock_recvmsg+0xc6/0x110 [ 2933.993088] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2933.998097] ___sys_recvmsg+0x21f/0x4d0 [ 2934.002061] ? ___sys_sendmsg+0x840/0x840 [ 2934.006196] ? __fget+0x210/0x370 [ 2934.009643] ? lock_downgrade+0x740/0x740 [ 2934.013783] ? __fget+0x237/0x370 [ 2934.017248] ? __fget_light+0x172/0x1f0 [ 2934.021342] ? __fdget+0x1b/0x20 [ 2934.024770] ? sockfd_lookup_light+0xb4/0x160 [ 2934.029260] __sys_recvmsg+0xb6/0x140 [ 2934.033048] ? SyS_sendmmsg+0x60/0x60 [ 2934.036871] SyS_recvmsg+0x2d/0x50 [ 2934.040473] ? __sys_recvmsg+0x140/0x140 [ 2934.044536] do_syscall_64+0x1e8/0x640 [ 2934.048419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2934.053271] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2934.058509] RIP: 0033:0x45a919 [ 2934.061694] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2934.069461] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2934.076772] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2934.084041] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 21:47:37 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x34501, 0x4c) write(r0, &(0x7f0000000140)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f203516393309481e9be8d0534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b27785850aa80c3b81615ba19ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573725109ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c7796ea47267b97136bc92168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef9910f44c1de821785f6d62eecb743a79560f0126d47e25013e42a2b016747f3dc00ed64b2418f4368f74dd34d70f1cddd586d92d4c49d3dee36185e29b4123af0d066b1952d77d20121ca8ca6503d9b66f15013b6cbb84818090dc4f6de1ff92006830906555b9eb49f4fcb1c76d3a342be2895d5ba6a748a875cfb8a37cf424f6e714dd5cad7e70c481b4c5ae6ac630293452846530dfdf38be6e280cb5b35f04e08a88c63a4f91b21efe562440b74d4b8fd7850aee3c6c076a049c0c00b1502f66d7fe618f4f5202bfa01791fcf06cd8478b49a072da82d29b23251490e12340b14453b1e5dd9bf43bb62cfc9b0ec1bbf9ff2020a70572a8be937", 0x2f2) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2934.091379] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2934.098640] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2934.145559] audit: type=1800 audit(1577137657.529:633): pid=18865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17502 res=0 [ 2934.207583] audit: type=1800 audit(1577137657.569:634): pid=18865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17214 res=0 21:47:37 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0), 0x166, 0x100, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) r3 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @host}, 0x10, 0x800) getsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040), 0x10) tkill(r0, 0x16) 21:47:37 executing program 3 (fault-call:5 fault-nth:25): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:37 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000100)={0x0, 0x2, 0x6, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x9a0905, 0x5, [], @p_u8=&(0x7f0000000080)=0x6}}) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000440)="abd2898fababebe8848a7d76618aab8b8704fd386e6204b38b2bc43b438cfec596aa6a653bd9c5dd33a3b89953d341c327c1f6ef04c189cdeadaca40d1e53d759816714bc69708a9bfe90193e482843b4ca78746c484e66be7a790256622b933f1887acccdfc5bea8c6fc6ccb678f46a8ce3fb165d0b02942423a3140fcc97ffac9b563503813572f1c2b97907d43625add250fd3c7c29c0d699eaeb21400cc99f20e36304af8c89612d72036861d5de8135747f66ac09deed2e114eae71a4c3e02734ed2b121127f3c9ab4de391ec9a19cd69e464b2764e985cc6e89c3c99ce8bca4061b2bddbe12b7dfcd971c9ead7a38b4b3bbe53f8d690ede5e176da6a546f4e87d918fb1ead80dc629d96180fda6c281fedb4753ade52c7f85e989a56601a100fbbe12c60d186b8a578302358fa4e2cd780be237948144f0ecbcd6f4ac44d9c341a9e3bd47070ad249f0a9956546e1131865229e16bdb0c0efb124c017b8c6fb093324a7a88ffca4836db8fadab6b6d0ad3c56822e78f9e4871444346b651c5f992b9cc947b43e798c5b39d5fc947eb5319eca837b3ca4e1b0b8956a61f2d9ef873f2d0a3c4805b0544e8f358418af6bcd09776682b747f7455847b3ccb0a28b7334140858b80b1868976e0b1aa3deed5d9025b201f11d7b8e3f89cfba6f717d81e11a522a3d715ebc7c448c77dea3e297defc60095733e5c38d2057b5a5b61aa8a553e9ad4ba2f0f759b849bdbd10ab931379a11ad0c02b59657439d634b466db4a2ed0fe06731891e45e79074107bc4732daa719b2bcd2acfa8003f5a9560f4769b177ad4569f5a0fcfcea2904c8f6fab616a9ca89fa74d66acd2bb0127f7a1dd323d1165f659837086bed7887f8aa71ff636fe05b3c4068cc2da554455d5d245ac8a46558b47389c4586066e7748b5fe54439a7e550d276aabf112f7dfb93619b0f451f69ccce1008d0d92f3c7b5e4bcf7d83b8a6c11816c66a12649ca04c389ccf260f59a3a4b2ace78e6c8ae063f153f44d5a9af23c695560ddf5d459324d95a38ce11e1cb50c0b72ec2a8784815149b3b66f93dc2000d08d111679dcea22d2d7b5062c3e642c49aa8e4fd90cfe111365f1c8803cb7ebde63f487b0205f8e44349c20576b850992743ddb630b52ad167183ba83d2d1a255bdfb51c3f50dc7631088c9d1827a69b9992d8e3e6e19cb3c994ee0ac13b80d1e9392312ded36987a680171d850245e37ebbac282946e456526c1c642cefb81c0add1ef2998f45894b560884bd593d36af1ad5a4702d56906826d35aa59913050b8f4b540bac62533928b30a2c79ad3103014581091140884291602d03abc8f34d8f891f627849170771603b55b4475cfc134c92b7d5d888f1efd9f093e3ac906e152e378ea798f8e2d3bf189048e97933b5d7274898ac108292eb995ffdd7d9175d4ef04770bb07e53effe6554306e80060139c5d599e39a496a6c5e1373cc640d673ee2547032252bbea9d398955f49d98e9856ad8dffb406368d4dc2f9b483622e9d5ce09d43c7789bc12bd28f5df6e225ca05b68cecb3d329e00db756079a114ed3444906bf1f16369a83ad0b01c558514f41d9804a022b82d241f3b999c261b1ef86e97fb8643624c8396b60dfe039b512e6d5d027334bdf13352e728e537ef756a0464a3f2a8e2fa29f900a8e2d4ae2097e47a57c4bed6d153b279df5903bf036c78aaee72c654f75787871c4eb2241709a90a983f4d057714ff5c410a375257a2688a1b851238456538cb7ff1167583a67f43a5ec3b7c521426b8b2946a45adb6e07fb15c05d489886640fe65e7aa5116a62b2db3e020c96cf7d6b06d8927aadea021e36b2b048b41ff2d620b3f269e21f5645d436727659ac1ff1eab027cf52e198eb239330e754a9f2cf05377f9cb621de31e6f77de83fad4be35fdb1808afa6efd96fc468e9461e61e39fa2185117d0325a2a2500eeb6c74b98d975b9e0017fa167d48e9e4bda3dd6fd4c0df04d24ead9869629f7e0a89b1b1db68ddb8b8917f4ad4347bc05a0a5af883c1780fd25b4ba0186c8696edbb647ad1921cf7c0fe6a4d02fe44d6f35656f75c5d15b0e72db35d0040dee2b9244640a3272bd017b198ee94e3965689346d3c92f1250cf6c7cfbe1a84abe592ebfe4bd18b8161c98e52e197df15ee877e8dd4eab596b0c6b6c72007f4ee65028c342e344bf470c9b48eef433525415c1e203f33ad80d6ba61b378a9d55b05f41f24acbdd0206d5d2dc98d5d3f162640f6e2ab785160d9a33ec7c59f35cc1ea8d547770607b1c6e912d3d8eb03ae76c4d83edba6365ec41ce7540c363a92ed53759823e57ad0957437c50748f45d3bac25f5caad2b2f44236bf0d911bdac51b89ad379b80ae3c9d9a05782d4e0ec5c91c7b2a7904a8b395913f94d16126619c0367fba7224d6664317ecb69109d0f03f288c1596271831ecde976fed24b771fb1392ef93837933a856c4aee443a22b6550da543ea7c37dff850e9b61c9a08889db1c9622cae09a77fb2c72b0c366a50e8beca72ea539a1f8ae09aaa655b6e64139f76c2eed74991d3f61b593cd49e5bc8914507de66f0c7972be262f913a9c555b7a62496b00d87822ebcffdbb0da06a2deba49dd345a414dc716e7999bc693a67ae9440e3970d9084bd7922a40955a60e1645dcedb202dc903d018ccb2477e2bcafee48305e08a3bc083778623f1e2e53a2fa2f25a06fb7699c224aaf1cc3d56e241475b0a825733cfaa31344cc229b58c6c4cc3003ae2bf78475f14cbf6f566685e8a441ca1534c7108f4a5ca0fb7ba755b9b594a9e7e3473d8e58e218bb5cb4e11aacf1c51849e6f414b8d7087415d88366af72874b8155ef2d1183c2acb51701b6bc1b607b0e7ecfe3cfdd89fb92e3d49f589ad9b3f6c29b44df375a54617306be3a4b9cf9a063fb0ba8ea2ca93d973054ca439e5cc6d09c62f671b0030a03cab878a9b787bd1161530ac6e7c4d1c3980d536f78f6a047e10653a9a19f8c6979bd2f1f350f3366be084e8f8744e7c83b984ad7935ec457a5c56e11090ce2da3d4a91d15d7bb66b7f8136b10c809603fce39cc907186a5735b20cd367343e52ff60cb4f93fe9d80f6f96261d65cb9b8199d65d68a4c643a0299d9df6274f7e3cfcccc7df7edc0fed06f799fc2844894422c1e0306e6fd88d347cadd4af37113cb3b3385291d1fa94f8583b61dc4e1527e8f45dc36e98439c005d26428c00ee9523b71933b61ecd9d7c30efde0547467be91004855b98f08cce5f536f74a31119e47c32e001dcbe2792d4eaf27997cee899ce5527c89d737d3e82f605c27bccf87c4d7437746b28b7f80a6999d1653e457085f3c27b60ccbacc31cab4e709fed59bad73409eff2ccba92caba4eb02b7810a76268c02ebd3c11645e0476c97ddf346a86be70b09e260d3893b7f7c696f62bba3100ddd7ed7592af12714d62dc1165454e9ca27f3b5626336e1974d2612af69d3310f4a7db0eef70921eca10c3684d5a81fde41ad022b3253de23509830d29acba7e80d37dfe005c3b9d17a540f8838a5d7c0caaa306bf4caa09fb7847140efb60d4f5e186bbcc99359f79f3330666f43fee02a9267eddd4499e86c419d5ad1f6c75416658704fc910cd6d37bbfa5063d3ca5d8980a0981642963172f286ca53db6d16e4650871d210676b844e5e08368eab6bc66fcb4c8bc038d472003f3636365f8ff99ca1b891046946522d559a1423bfb83635dbae7ca0a6a6e053748cb154b1e800b18e1199c9240eb02332364af3ff626192b947ba4f8aaeb361ae34ffae241b37813a8804a943bb01ca60aea463e9889ae84fc89c75f9351e25741eb9b5c69242c71c5c79dc0fb9013bdae726bc6920270e99173d001a63b2d8ff009731145ca87275e8213647ef17e4c058ba7d17f9363ffd7f360d481dada93cdb1f5464957601d9b8cc20123d3acb4674d94bf3d292617db52efb0bfb33ab4da3cccac93a66e42917b6b3ac137ea7e8a2799c6362026528e0c869d251b6ccfd266e66dab15b1154e862f48c89a286bec2fed9058a358db48ef4882e2c4cd6cded4e12c495efff30d11ef0e8f9e35c527ba7ca72c07cd27465c78ee5bdbbbaebe79b5c7978473e01c0a4b298f0d8f2f2bb50e055cfb3e32bbb6048f1be8b9eadce1c9d7088399965a2771aacb26b83e8730c43256bcdc201bb2f9d465a0fe521680ee08b9f94659512e447c369d50c7e2ff6edbeb6850f81ae26342bc0e5794c82498e7d97de631ffe764276e4e1920d6a8756a2c5facf7fae7bd92d0e850e0f7b89bb5aefe7acd1ad91a75aaafabf0f822abbf6e3d0cc280c27e695e49f64c1e4a8ea3f9aaea150ee484dc61cbf9bf8a724caaee40a89974e5499e9b5968bd0945cf71c37e00166841b65817892ae4f8883eb72845561d1a0926cf004d1b794b922d2cfe611f1594ec39402215f523dc12d3c156ebb6ddd041abd77ad12b90971e81c0bd918ed223e7594fc1c79b50a4fbb66ba02f9e7d718033ae40be35fbd4697bdf63934bb54fdccc8b4760ceaa7e35dc70836f805e5f162afef1eb2aab91fa96bd21e076f7b92c098e399876480358ccd98c1d5701411b38aeea4bd49993084a7d6bf6813211b784a43dbe417b0977549f0df2997abda4d01f02a4690c70c18ac71da4735588458bf952fd8e5bdb4df7343f4d736746d228bdd79cf6fdec937f04e38abed29a2e8369f9620794be8a1110a66a848b88eee63b079f5bf9b90d9392657568071b9859c88009957e48a1274f05376de819d9263832e22cf8a6edce881e9852e1a9dc1a4aa2acf172b6d0415a562488ea6884acf8f35ccacf6098cf6767b52e48493b8c6d0f555fb5b830e4c7f0e3e41cdeaa748e5b2e876dc78b5951815134dd03a0c8fc48791a221bc209d482cc7e9494986faf4004ddad7f6f5225df73628d704e14ba9d37a042661e91b2c4ef17cd44220a5569e53734c1b920546e000d730b9c44c7bc697af05e910d97789a293cf82636a09ce7a91e6cc34e6d12a788f3922f4fab35bad2e03d3503d173f9d48f087219f19a414fa4dcb946a12d75a6d4859b5e6f4b2864e9ed4b7f6a6d3482d9b50d614f785106cfb95761ea9e9cac8462fd16447920b022923e67bff2026d62eec93b3aa0d0ea9d26d466c63d700478b1344ed0e7dee3251b42ad3cc51b6ad3b41835689498f91fbd35743b05303997cefd610eb4fd1c5541bd43bdb8105ea33d92ca17c67812590b87a2b836010a5c6e95029c1786137ff606428196d77e4ee62a6fc94953e255b438eef84591d20380ddd891b54538a9c04320b901865132df1c158f8bb8c84760f7ef5f4443b13ba4ad71dc2cf545dc207824c073fc7d7f034f3a8575f2554f69ca70613ac45f7919b4a17e116b9217444943c1cca305e809cd2e4186506674eac3f225c1fae18dab11f0538a109952fda992d2be8476f7ffce4a38ab1fb1f7e237c8db60ee66948149b19efdb9dc00371de67fdd28075a39430c18e8d22d20f42cf585546557f5a86ac29e282f2cc5db1e089603b0e74b5ae9e2266ddecccfb89a4780c773edf50237823eda9c2da799de562aa599bbc276a528689e00e6d552d55fa92310176a3b975b5a215be65b0a22c6b7ffa3e9142584dd457e347eba6dc48e5119e9c9182af07502763ad699360583451cce8c4a982dd6dbfe800499428fba987e2fdeaa7e5b8924e4db7e807845bfd04338609fe6292bccfab4631d6789c9a611b8c9711fcc3b72fe8014610163aef32da958e41", 0x1000) 21:47:37 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) r3 = syz_open_procfs(r2, &(0x7f0000000400)='\x01\x00W\xb7\x8d\v<\xb2\xe7=\xf8\xb9eDn\xdeO\xd4R\xe4I\xf6DH\xf8\x00\xb3\x1b\x98\xc6:\x17,!\xe1N\xcc\bh\x99\x02\xf8\xf9\x054\xbd~\xb9E\x9f\xad\xaalE<\xbb\xae\xc4.\x184\xa7\xf9\xc4\\hg\xe0\'j6\xeb\xa05\x9f/\x87j\x9a\xc6\xea+\x8ec\x1ca\xa3\xefM\xffK\xcb\xb2\xa3\xd4\xeb%\x0e\x81\xf6bD\x10\xfb\xcf\xb2##\x98&\xa6zL{j\xa04\x1a\xa9L\xb2M\xcav\x83') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = dup(r3) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0xc0505350, &(0x7f0000000140)={{0x7, 0x2}, {0x3, 0x4}, 0x7fff, 0xff17b2ff1e833b4b, 0x1}) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:37 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) setsockopt$inet6_tcp_int(r3, 0x6, 0x9c98ca06bc04aaae, &(0x7f0000000000)=0x3, 0x4) [ 2934.364119] FAULT_INJECTION: forcing a failure. [ 2934.364119] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2934.369932] audit: type=1800 audit(1577137657.749:635): pid=18878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17486 res=0 [ 2934.394300] CPU: 0 PID: 18875 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2934.401249] audit: type=1804 audit(1577137657.749:636): pid=18878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1594/file0" dev="sda1" ino=17486 res=1 [ 2934.406937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2934.406943] Call Trace: [ 2934.406964] dump_stack+0x142/0x197 [ 2934.406985] should_fail.cold+0x10f/0x159 [ 2934.406996] ? __might_sleep+0x93/0xb0 [ 2934.407012] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2934.462753] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2934.467763] ? save_trace+0x290/0x290 [ 2934.471551] ? follow_page_pte+0x25e/0x1590 [ 2934.475890] alloc_pages_vma+0xc9/0x4c0 [ 2934.479879] __handle_mm_fault+0x186c/0x33d0 [ 2934.484303] ? copy_page_range+0x1de0/0x1de0 [ 2934.488729] ? find_held_lock+0x35/0x130 [ 2934.492809] ? handle_mm_fault+0x1b6/0x7c0 [ 2934.497077] handle_mm_fault+0x293/0x7c0 [ 2934.501155] __get_user_pages+0x465/0x12e0 [ 2934.505419] ? follow_page_mask+0x1630/0x1630 [ 2934.509937] ? lock_acquire+0x16f/0x430 21:47:37 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) ioctl$sock_inet6_udp_SIOCINQ(r3, 0x541b, &(0x7f0000000000)) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2934.513950] get_user_pages_unlocked+0x1f0/0x2f0 [ 2934.518729] ? get_user_pages_locked+0x3d0/0x3d0 [ 2934.523501] ? get_user_pages_fast+0x171/0x2d0 [ 2934.528102] get_user_pages_fast+0x228/0x2d0 [ 2934.532516] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2934.537284] ? save_trace+0x290/0x290 [ 2934.541094] iov_iter_get_pages+0x20f/0xd10 [ 2934.545558] ? __lock_is_held+0xb6/0x140 [ 2934.549611] ? check_preemption_disabled+0x3c/0x250 [ 2934.554631] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2934.559556] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2934.565000] af_alg_make_sg+0x85/0x400 [ 2934.568890] ? iov_iter_advance+0x218/0xc60 [ 2934.573236] ? af_alg_data_wakeup+0x80/0x80 [ 2934.577685] af_alg_get_rsgl+0x1d3/0x530 [ 2934.581765] skcipher_recvmsg+0x774/0xd30 [ 2934.585916] ? skcipher_release+0x50/0x50 [ 2934.590076] ? selinux_socket_recvmsg+0x36/0x40 [ 2934.594776] ? security_socket_recvmsg+0x91/0xc0 [ 2934.599543] ? skcipher_release+0x50/0x50 [ 2934.603695] sock_recvmsg+0xc6/0x110 [ 2934.607418] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2934.612426] ___sys_recvmsg+0x21f/0x4d0 [ 2934.616392] ? ___sys_sendmsg+0x840/0x840 [ 2934.620546] ? __fget+0x210/0x370 [ 2934.624023] ? lock_downgrade+0x740/0x740 [ 2934.628168] ? __fget+0x237/0x370 [ 2934.631613] ? __fget_light+0x172/0x1f0 [ 2934.635683] ? __fdget+0x1b/0x20 [ 2934.639037] ? sockfd_lookup_light+0xb4/0x160 [ 2934.643708] __sys_recvmsg+0xb6/0x140 [ 2934.647510] ? SyS_sendmmsg+0x60/0x60 [ 2934.651323] SyS_recvmsg+0x2d/0x50 [ 2934.654850] ? __sys_recvmsg+0x140/0x140 [ 2934.658955] do_syscall_64+0x1e8/0x640 [ 2934.662832] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2934.667675] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2934.672855] RIP: 0033:0x45a919 [ 2934.676037] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2934.683751] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2934.691023] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2934.698405] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2934.705676] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 21:47:38 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$SOUND_OLD_MIXER_INFO(r3, 0x80304d65, &(0x7f0000000080)) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$KDGKBENT(r4, 0x4b46, &(0x7f00000000c0)={0x2, 0x6, 0xe0}) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2934.713137] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:38 executing program 3 (fault-call:5 fault-nth:26): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2934.906692] audit: type=1800 audit(1577137658.289:637): pid=18878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17211 res=0 [ 2934.916653] FAULT_INJECTION: forcing a failure. [ 2934.916653] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2934.975648] CPU: 0 PID: 18899 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2934.983584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2934.984686] audit: type=1804 audit(1577137658.289:638): pid=18878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1594/file0" dev="sda1" ino=17211 res=1 [ 2934.995496] Call Trace: 21:47:38 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$EVIOCGABS20(r4, 0x80184560, &(0x7f0000000140)=""/58) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) ioctl$TUNSETSTEERINGEBPF(r5, 0x800454e0, &(0x7f0000000000)=r6) r7 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x2) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) ioctl$RTC_WIE_ON(r8, 0x700f) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r7, 0x0, 0x9546) [ 2934.995519] dump_stack+0x142/0x197 [ 2934.995536] should_fail.cold+0x10f/0x159 [ 2934.995546] ? __might_sleep+0x93/0xb0 [ 2934.995562] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2934.995574] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2934.995584] ? save_trace+0x290/0x290 [ 2934.995596] ? follow_page_pte+0x25e/0x1590 [ 2934.995612] alloc_pages_vma+0xc9/0x4c0 [ 2934.995625] __handle_mm_fault+0x186c/0x33d0 [ 2934.995638] ? copy_page_range+0x1de0/0x1de0 [ 2935.067807] ? find_held_lock+0x35/0x130 [ 2935.071891] ? handle_mm_fault+0x1b6/0x7c0 [ 2935.076166] handle_mm_fault+0x293/0x7c0 [ 2935.080258] __get_user_pages+0x465/0x12e0 [ 2935.084522] ? follow_page_mask+0x1630/0x1630 [ 2935.089040] ? lock_acquire+0x16f/0x430 [ 2935.093042] get_user_pages_unlocked+0x1f0/0x2f0 [ 2935.097829] ? get_user_pages_locked+0x3d0/0x3d0 [ 2935.102601] ? get_user_pages_fast+0x171/0x2d0 [ 2935.107217] get_user_pages_fast+0x228/0x2d0 [ 2935.111652] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2935.116432] ? save_trace+0x290/0x290 [ 2935.120265] iov_iter_get_pages+0x20f/0xd10 [ 2935.124610] ? __lock_is_held+0xb6/0x140 [ 2935.128691] ? check_preemption_disabled+0x3c/0x250 [ 2935.133729] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2935.138681] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2935.144163] af_alg_make_sg+0x85/0x400 [ 2935.148088] ? iov_iter_advance+0x218/0xc60 [ 2935.152442] ? af_alg_data_wakeup+0x80/0x80 [ 2935.156796] af_alg_get_rsgl+0x1d3/0x530 [ 2935.161003] skcipher_recvmsg+0x774/0xd30 [ 2935.165192] ? skcipher_release+0x50/0x50 [ 2935.169364] ? selinux_socket_recvmsg+0x36/0x40 [ 2935.174060] ? security_socket_recvmsg+0x91/0xc0 [ 2935.178845] ? skcipher_release+0x50/0x50 [ 2935.183026] sock_recvmsg+0xc6/0x110 [ 2935.186768] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2935.191812] ___sys_recvmsg+0x21f/0x4d0 [ 2935.195818] ? ___sys_sendmsg+0x840/0x840 [ 2935.199998] ? __fget+0x210/0x370 [ 2935.203497] ? lock_downgrade+0x740/0x740 [ 2935.207687] ? __fget+0x237/0x370 [ 2935.211165] ? __fget_light+0x172/0x1f0 [ 2935.215160] ? __fdget+0x1b/0x20 [ 2935.218549] ? sockfd_lookup_light+0xb4/0x160 [ 2935.223062] __sys_recvmsg+0xb6/0x140 [ 2935.226884] ? SyS_sendmmsg+0x60/0x60 [ 2935.230718] SyS_recvmsg+0x2d/0x50 [ 2935.234276] ? __sys_recvmsg+0x140/0x140 [ 2935.238367] do_syscall_64+0x1e8/0x640 [ 2935.242276] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2935.247148] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2935.252366] RIP: 0033:0x45a919 [ 2935.255570] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2935.263306] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2935.270690] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2935.277974] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2935.285263] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2935.292547] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:40 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) socket$inet(0x2, 0xa, 0x7a) 21:47:40 executing program 4: perf_event_open(&(0x7f00000000c0)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x20640, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffb}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = getpid() r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='pids.current\x00', 0x0, 0x0) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xc0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=0x6, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x0, 0x5}, 0x0, 0x0, &(0x7f0000000540)={0x5, 0x4, 0x8, 0x67}, &(0x7f0000000580)=0xc39, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=0x800000008000000}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r1, r2, 0x0, 0x7, &(0x7f0000000280)='nodev:\x00', r3}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000200)={r3}, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r4, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r4, 0xa, 0x12) recvmmsg(r5, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r6 = dup2(r4, r5) fcntl$setown(r5, 0x8, r0) tkill(r0, 0x16) r7 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84) r8 = socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_tcp_buf(r8, 0x6, 0xb, &(0x7f0000000140)=""/122, &(0x7f0000000080)=0x7a) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r7, 0x84, 0x76, &(0x7f0000444ff8)={r9, 0x7}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000000)={0x8, 0x8, 0x0, 0xffffd35f, r9}, &(0x7f0000000040)=0x10) 21:47:40 executing program 3 (fault-call:5 fault-nth:27): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:40 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000080)) 21:47:40 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) accept4$llc(r2, 0x0, &(0x7f0000000000), 0x40000) sendfile(r0, r1, 0x0, 0x9546) [ 2936.829059] FAULT_INJECTION: forcing a failure. [ 2936.829059] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2936.858665] CPU: 1 PID: 18916 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2936.866597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2936.875970] Call Trace: [ 2936.878591] dump_stack+0x142/0x197 [ 2936.882254] should_fail.cold+0x10f/0x159 [ 2936.886432] ? __might_sleep+0x93/0xb0 [ 2936.890346] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2936.895054] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2936.900107] ? save_trace+0x290/0x290 [ 2936.903929] ? follow_page_pte+0x25e/0x1590 [ 2936.908281] alloc_pages_vma+0xc9/0x4c0 [ 2936.912287] __handle_mm_fault+0x186c/0x33d0 [ 2936.916724] ? copy_page_range+0x1de0/0x1de0 [ 2936.921157] ? find_held_lock+0x35/0x130 [ 2936.925245] ? handle_mm_fault+0x1b6/0x7c0 [ 2936.929518] handle_mm_fault+0x293/0x7c0 [ 2936.933602] __get_user_pages+0x465/0x12e0 [ 2936.937866] ? follow_page_mask+0x1630/0x1630 [ 2936.942384] ? lock_acquire+0x16f/0x430 [ 2936.946396] get_user_pages_unlocked+0x1f0/0x2f0 [ 2936.951186] ? get_user_pages_locked+0x3d0/0x3d0 [ 2936.955968] ? get_user_pages_fast+0x171/0x2d0 [ 2936.960585] get_user_pages_fast+0x228/0x2d0 [ 2936.965021] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2936.969799] ? save_trace+0x290/0x290 [ 2936.973624] iov_iter_get_pages+0x20f/0xd10 [ 2936.977972] ? __lock_is_held+0xb6/0x140 [ 2936.982057] ? check_preemption_disabled+0x3c/0x250 [ 2936.987102] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2936.992065] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2936.997555] af_alg_make_sg+0x85/0x400 [ 2937.001468] ? iov_iter_advance+0x218/0xc60 [ 2937.005812] ? af_alg_data_wakeup+0x80/0x80 [ 2937.010168] af_alg_get_rsgl+0x1d3/0x530 [ 2937.014267] skcipher_recvmsg+0x774/0xd30 [ 2937.018456] ? skcipher_release+0x50/0x50 [ 2937.022636] ? selinux_socket_recvmsg+0x36/0x40 [ 2937.027329] ? security_socket_recvmsg+0x91/0xc0 [ 2937.032114] ? skcipher_release+0x50/0x50 [ 2937.036288] sock_recvmsg+0xc6/0x110 [ 2937.040032] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2937.045076] ___sys_recvmsg+0x21f/0x4d0 [ 2937.049082] ? ___sys_sendmsg+0x840/0x840 [ 2937.053257] ? __fget+0x210/0x370 [ 2937.056743] ? lock_downgrade+0x740/0x740 [ 2937.060918] ? __fget+0x237/0x370 [ 2937.064402] ? __fget_light+0x172/0x1f0 [ 2937.068404] ? __fdget+0x1b/0x20 [ 2937.071797] ? sockfd_lookup_light+0xb4/0x160 [ 2937.076315] __sys_recvmsg+0xb6/0x140 [ 2937.080140] ? SyS_sendmmsg+0x60/0x60 [ 2937.083979] SyS_recvmsg+0x2d/0x50 [ 2937.087546] ? __sys_recvmsg+0x140/0x140 [ 2937.091631] do_syscall_64+0x1e8/0x640 [ 2937.095546] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2937.100422] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2937.105627] RIP: 0033:0x45a919 [ 2937.108824] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2937.116551] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2937.123834] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2937.131122] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2937.138416] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2937.145706] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:40 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-control\x00', 0x0, 0x0) getsockname$unix(r3, &(0x7f0000000180), &(0x7f0000000280)=0x6e) personality(0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(0xffffffffffffffff, 0xc0045520, &(0x7f0000000040)=0x1) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) setsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0x7, &(0x7f0000000000)=0x1, 0x4) recvmmsg(r2, &(0x7f0000000140), 0x40000000000006d, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:40 executing program 3 (fault-call:5 fault-nth:28): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2937.309111] FAULT_INJECTION: forcing a failure. [ 2937.309111] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2937.323251] CPU: 1 PID: 18931 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2937.331175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2937.340549] Call Trace: [ 2937.343164] dump_stack+0x142/0x197 [ 2937.346827] should_fail.cold+0x10f/0x159 [ 2937.351001] ? __might_sleep+0x93/0xb0 [ 2937.354920] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2937.359623] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2937.364662] ? save_trace+0x290/0x290 [ 2937.368492] ? follow_page_pte+0x25e/0x1590 [ 2937.372845] alloc_pages_vma+0xc9/0x4c0 [ 2937.376846] __handle_mm_fault+0x186c/0x33d0 [ 2937.381285] ? copy_page_range+0x1de0/0x1de0 [ 2937.385714] ? find_held_lock+0x35/0x130 [ 2937.389797] ? handle_mm_fault+0x1b6/0x7c0 [ 2937.394073] handle_mm_fault+0x293/0x7c0 [ 2937.398164] __get_user_pages+0x465/0x12e0 [ 2937.402428] ? follow_page_mask+0x1630/0x1630 [ 2937.406943] ? lock_acquire+0x16f/0x430 [ 2937.410948] get_user_pages_unlocked+0x1f0/0x2f0 [ 2937.415732] ? get_user_pages_locked+0x3d0/0x3d0 [ 2937.420507] ? get_user_pages_fast+0x171/0x2d0 [ 2937.425128] get_user_pages_fast+0x228/0x2d0 [ 2937.429574] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2937.434359] ? save_trace+0x290/0x290 [ 2937.438192] iov_iter_get_pages+0x20f/0xd10 [ 2937.442551] ? __lock_is_held+0xb6/0x140 [ 2937.446636] ? check_preemption_disabled+0x3c/0x250 [ 2937.451676] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2937.456627] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2937.462112] af_alg_make_sg+0x85/0x400 [ 2937.466024] ? iov_iter_advance+0x218/0xc60 [ 2937.470372] ? af_alg_data_wakeup+0x80/0x80 [ 2937.474718] af_alg_get_rsgl+0x1d3/0x530 [ 2937.478814] skcipher_recvmsg+0x774/0xd30 [ 2937.482995] ? skcipher_release+0x50/0x50 [ 2937.487167] ? selinux_socket_recvmsg+0x36/0x40 [ 2937.491875] ? security_socket_recvmsg+0x91/0xc0 [ 2937.496653] ? skcipher_release+0x50/0x50 [ 2937.500827] sock_recvmsg+0xc6/0x110 [ 2937.504571] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2937.509617] ___sys_recvmsg+0x21f/0x4d0 [ 2937.513624] ? ___sys_sendmsg+0x840/0x840 [ 2937.517795] ? __fget+0x210/0x370 [ 2937.521270] ? lock_downgrade+0x740/0x740 [ 2937.525440] ? __fget+0x237/0x370 [ 2937.528918] ? __fget_light+0x172/0x1f0 [ 2937.532914] ? __fdget+0x1b/0x20 [ 2937.536304] ? sockfd_lookup_light+0xb4/0x160 [ 2937.540815] __sys_recvmsg+0xb6/0x140 [ 2937.544630] ? SyS_sendmmsg+0x60/0x60 [ 2937.548463] SyS_recvmsg+0x2d/0x50 [ 2937.552028] ? __sys_recvmsg+0x140/0x140 [ 2937.556117] do_syscall_64+0x1e8/0x640 [ 2937.560032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2937.564906] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2937.570114] RIP: 0033:0x45a919 [ 2937.573314] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2937.581045] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2937.588333] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2937.595617] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2937.602910] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 21:47:41 executing program 3 (fault-call:5 fault-nth:29): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2937.610194] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2937.697616] FAULT_INJECTION: forcing a failure. [ 2937.697616] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2937.715611] CPU: 0 PID: 18939 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2937.723546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2937.732917] Call Trace: [ 2937.735535] dump_stack+0x142/0x197 [ 2937.739204] should_fail.cold+0x10f/0x159 [ 2937.743377] ? __might_sleep+0x93/0xb0 [ 2937.747293] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2937.752000] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2937.757041] ? save_trace+0x290/0x290 [ 2937.760867] ? follow_page_pte+0x25e/0x1590 [ 2937.765215] alloc_pages_vma+0xc9/0x4c0 [ 2937.769217] __handle_mm_fault+0x186c/0x33d0 [ 2937.773659] ? copy_page_range+0x1de0/0x1de0 [ 2937.778090] ? find_held_lock+0x35/0x130 [ 2937.782178] ? handle_mm_fault+0x1b6/0x7c0 [ 2937.786479] handle_mm_fault+0x293/0x7c0 [ 2937.790567] __get_user_pages+0x465/0x12e0 [ 2937.794858] ? follow_page_mask+0x1630/0x1630 [ 2937.799371] ? lock_acquire+0x16f/0x430 [ 2937.803375] get_user_pages_unlocked+0x1f0/0x2f0 [ 2937.808164] ? get_user_pages_locked+0x3d0/0x3d0 [ 2937.812940] ? get_user_pages_fast+0x171/0x2d0 [ 2937.817550] get_user_pages_fast+0x228/0x2d0 [ 2937.821980] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2937.826757] ? save_trace+0x290/0x290 [ 2937.830586] iov_iter_get_pages+0x20f/0xd10 [ 2937.834933] ? __lock_is_held+0xb6/0x140 [ 2937.839014] ? check_preemption_disabled+0x3c/0x250 [ 2937.844056] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2937.849013] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2937.854488] af_alg_make_sg+0x85/0x400 [ 2937.858517] ? iov_iter_advance+0x218/0xc60 [ 2937.862865] ? af_alg_data_wakeup+0x80/0x80 [ 2937.867216] af_alg_get_rsgl+0x1d3/0x530 [ 2937.871323] skcipher_recvmsg+0x774/0xd30 [ 2937.875500] ? skcipher_release+0x50/0x50 [ 2937.879667] ? selinux_socket_recvmsg+0x36/0x40 [ 2937.884358] ? security_socket_recvmsg+0x91/0xc0 [ 2937.889134] ? skcipher_release+0x50/0x50 [ 2937.893301] sock_recvmsg+0xc6/0x110 [ 2937.897038] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2937.902086] ___sys_recvmsg+0x21f/0x4d0 [ 2937.906088] ? ___sys_sendmsg+0x840/0x840 [ 2937.910253] ? __fget+0x210/0x370 [ 2937.913732] ? lock_downgrade+0x740/0x740 [ 2937.917907] ? __fget+0x237/0x370 [ 2937.921395] ? __fget_light+0x172/0x1f0 [ 2937.925388] ? __fdget+0x1b/0x20 [ 2937.928775] ? sockfd_lookup_light+0xb4/0x160 [ 2937.933288] __sys_recvmsg+0xb6/0x140 [ 2937.937106] ? SyS_sendmmsg+0x60/0x60 [ 2937.940945] SyS_recvmsg+0x2d/0x50 [ 2937.944500] ? __sys_recvmsg+0x140/0x140 [ 2937.948583] do_syscall_64+0x1e8/0x640 [ 2937.952489] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2937.957359] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2937.962565] RIP: 0033:0x45a919 [ 2937.965762] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2937.973491] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2937.980775] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2937.988064] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2937.995356] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2938.002640] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:41 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x30, r3, 0x7}, 0x30}}, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x140c600}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x24, r3, 0x318, 0x70bd25, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0xdd5}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20048800}, 0x44000) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:41 executing program 3 (fault-call:5 fault-nth:30): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2938.193924] FAULT_INJECTION: forcing a failure. [ 2938.193924] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2938.232109] CPU: 0 PID: 18944 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2938.240147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2938.249515] Call Trace: [ 2938.252129] dump_stack+0x142/0x197 [ 2938.255791] should_fail.cold+0x10f/0x159 [ 2938.259956] ? __might_sleep+0x93/0xb0 [ 2938.263865] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2938.268568] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2938.273606] ? save_trace+0x290/0x290 [ 2938.277431] ? follow_page_pte+0x25e/0x1590 [ 2938.281784] alloc_pages_vma+0xc9/0x4c0 [ 2938.285784] __handle_mm_fault+0x186c/0x33d0 [ 2938.291261] ? copy_page_range+0x1de0/0x1de0 [ 2938.295696] ? find_held_lock+0x35/0x130 [ 2938.299788] ? handle_mm_fault+0x1b6/0x7c0 [ 2938.304073] handle_mm_fault+0x293/0x7c0 [ 2938.308169] __get_user_pages+0x465/0x12e0 [ 2938.312440] ? follow_page_mask+0x1630/0x1630 [ 2938.316956] ? lock_acquire+0x16f/0x430 [ 2938.320957] get_user_pages_unlocked+0x1f0/0x2f0 [ 2938.325741] ? get_user_pages_locked+0x3d0/0x3d0 [ 2938.330521] ? get_user_pages_fast+0x171/0x2d0 [ 2938.335128] get_user_pages_fast+0x228/0x2d0 [ 2938.339568] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2938.344349] ? save_trace+0x290/0x290 [ 2938.348172] iov_iter_get_pages+0x20f/0xd10 [ 2938.352514] ? __lock_is_held+0xb6/0x140 [ 2938.356594] ? check_preemption_disabled+0x3c/0x250 [ 2938.361633] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2938.366587] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2938.372071] af_alg_make_sg+0x85/0x400 [ 2938.375985] ? iov_iter_advance+0x218/0xc60 [ 2938.380336] ? af_alg_data_wakeup+0x80/0x80 [ 2938.384689] af_alg_get_rsgl+0x1d3/0x530 [ 2938.388858] skcipher_recvmsg+0x774/0xd30 [ 2938.393151] ? skcipher_release+0x50/0x50 [ 2938.397317] ? selinux_socket_recvmsg+0x36/0x40 [ 2938.402013] ? security_socket_recvmsg+0x91/0xc0 [ 2938.407148] ? skcipher_release+0x50/0x50 [ 2938.411331] sock_recvmsg+0xc6/0x110 [ 2938.415082] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2938.420122] ___sys_recvmsg+0x21f/0x4d0 [ 2938.424127] ? ___sys_sendmsg+0x840/0x840 [ 2938.428348] ? __fget+0x210/0x370 [ 2938.431835] ? lock_downgrade+0x740/0x740 [ 2938.436029] ? __fget+0x237/0x370 [ 2938.439508] ? __fget_light+0x172/0x1f0 [ 2938.443503] ? __fdget+0x1b/0x20 [ 2938.446890] ? sockfd_lookup_light+0xb4/0x160 [ 2938.451411] __sys_recvmsg+0xb6/0x140 [ 2938.455230] ? SyS_sendmmsg+0x60/0x60 [ 2938.459069] SyS_recvmsg+0x2d/0x50 [ 2938.462630] ? __sys_recvmsg+0x140/0x140 [ 2938.466712] do_syscall_64+0x1e8/0x640 [ 2938.470619] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2938.475511] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2938.480713] RIP: 0033:0x45a919 [ 2938.483920] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2938.491647] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2938.498936] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2938.506223] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2938.513510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2938.520906] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:41 executing program 3 (fault-call:5 fault-nth:31): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2938.646012] FAULT_INJECTION: forcing a failure. [ 2938.646012] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2938.673036] CPU: 1 PID: 18947 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2938.680967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2938.690335] Call Trace: [ 2938.692966] dump_stack+0x142/0x197 [ 2938.696633] should_fail.cold+0x10f/0x159 [ 2938.700806] ? __might_sleep+0x93/0xb0 [ 2938.704721] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2938.709425] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2938.714474] ? save_trace+0x290/0x290 [ 2938.718308] ? follow_page_pte+0x25e/0x1590 [ 2938.722665] alloc_pages_vma+0xc9/0x4c0 [ 2938.726671] __handle_mm_fault+0x186c/0x33d0 [ 2938.731111] ? copy_page_range+0x1de0/0x1de0 [ 2938.735544] ? find_held_lock+0x35/0x130 [ 2938.739635] ? handle_mm_fault+0x1b6/0x7c0 [ 2938.743915] handle_mm_fault+0x293/0x7c0 [ 2938.748027] __get_user_pages+0x465/0x12e0 [ 2938.752301] ? follow_page_mask+0x1630/0x1630 [ 2938.756840] ? lock_acquire+0x16f/0x430 [ 2938.760850] get_user_pages_unlocked+0x1f0/0x2f0 [ 2938.765643] ? get_user_pages_locked+0x3d0/0x3d0 [ 2938.770419] ? get_user_pages_fast+0x171/0x2d0 [ 2938.775033] get_user_pages_fast+0x228/0x2d0 [ 2938.779478] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2938.784262] ? save_trace+0x290/0x290 [ 2938.788095] iov_iter_get_pages+0x20f/0xd10 [ 2938.792442] ? __lock_is_held+0xb6/0x140 [ 2938.796519] ? check_preemption_disabled+0x3c/0x250 [ 2938.801558] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2938.806513] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2938.811994] af_alg_make_sg+0x85/0x400 [ 2938.815923] ? af_alg_data_wakeup+0x80/0x80 [ 2938.820274] af_alg_get_rsgl+0x1d3/0x530 [ 2938.824373] skcipher_recvmsg+0x774/0xd30 [ 2938.828544] ? retint_kernel+0x2d/0x2d [ 2938.832468] ? skcipher_release+0x50/0x50 [ 2938.836638] ? selinux_socket_recvmsg+0x36/0x40 [ 2938.841333] ? security_socket_recvmsg+0x91/0xc0 [ 2938.846120] ? skcipher_release+0x50/0x50 [ 2938.850294] sock_recvmsg+0xc6/0x110 [ 2938.854037] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2938.859083] ___sys_recvmsg+0x21f/0x4d0 [ 2938.863089] ? ___sys_sendmsg+0x840/0x840 [ 2938.867263] ? __fget+0x210/0x370 [ 2938.870745] ? lock_downgrade+0x740/0x740 [ 2938.874929] ? __fget+0x237/0x370 [ 2938.878413] ? __fget_light+0x172/0x1f0 [ 2938.882410] ? __fdget+0x1b/0x20 [ 2938.885804] ? sockfd_lookup_light+0xb4/0x160 [ 2938.890324] __sys_recvmsg+0xb6/0x140 [ 2938.894146] ? SyS_sendmmsg+0x60/0x60 [ 2938.897982] SyS_recvmsg+0x2d/0x50 [ 2938.901543] ? __sys_recvmsg+0x140/0x140 [ 2938.905628] do_syscall_64+0x1e8/0x640 [ 2938.909540] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2938.914417] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2938.919627] RIP: 0033:0x45a919 [ 2938.922830] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2938.930553] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2938.937843] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:47:42 executing program 3 (fault-call:5 fault-nth:32): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2938.945134] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2938.952420] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2938.959712] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2939.002822] kauditd_printk_skb: 10 callbacks suppressed [ 2939.002830] audit: type=1800 audit(1577137662.389:649): pid=18948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17506 res=0 [ 2939.038006] audit: type=1804 audit(1577137662.419:650): pid=18943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1597/file0" dev="sda1" ino=17506 res=1 [ 2939.077189] FAULT_INJECTION: forcing a failure. [ 2939.077189] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2939.104624] CPU: 1 PID: 18952 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2939.112559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2939.121931] Call Trace: [ 2939.124553] dump_stack+0x142/0x197 [ 2939.128222] should_fail.cold+0x10f/0x159 [ 2939.132395] ? __might_sleep+0x93/0xb0 [ 2939.136319] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2939.141287] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2939.146343] ? save_trace+0x290/0x290 [ 2939.150168] ? follow_page_pte+0x25e/0x1590 [ 2939.154517] alloc_pages_vma+0xc9/0x4c0 [ 2939.158521] __handle_mm_fault+0x186c/0x33d0 [ 2939.162960] ? copy_page_range+0x1de0/0x1de0 [ 2939.167391] ? find_held_lock+0x35/0x130 [ 2939.171474] ? handle_mm_fault+0x1b6/0x7c0 [ 2939.175746] handle_mm_fault+0x293/0x7c0 [ 2939.179835] __get_user_pages+0x465/0x12e0 [ 2939.184102] ? follow_page_mask+0x1630/0x1630 [ 2939.188622] ? lock_acquire+0x16f/0x430 [ 2939.192634] get_user_pages_unlocked+0x1f0/0x2f0 [ 2939.197422] ? get_user_pages_locked+0x3d0/0x3d0 [ 2939.202205] ? get_user_pages_fast+0x171/0x2d0 [ 2939.206814] get_user_pages_fast+0x228/0x2d0 [ 2939.211248] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2939.216026] ? save_trace+0x290/0x290 [ 2939.219852] iov_iter_get_pages+0x20f/0xd10 [ 2939.224197] ? __lock_is_held+0xb6/0x140 [ 2939.228272] ? check_preemption_disabled+0x3c/0x250 [ 2939.233322] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2939.238276] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2939.243770] af_alg_make_sg+0x85/0x400 [ 2939.247685] ? iov_iter_advance+0x218/0xc60 [ 2939.252030] ? af_alg_data_wakeup+0x80/0x80 [ 2939.256380] af_alg_get_rsgl+0x1d3/0x530 [ 2939.260474] skcipher_recvmsg+0x774/0xd30 [ 2939.264651] ? skcipher_release+0x50/0x50 [ 2939.268821] ? selinux_socket_recvmsg+0x36/0x40 [ 2939.273517] ? security_socket_recvmsg+0x91/0xc0 [ 2939.278293] ? skcipher_release+0x50/0x50 [ 2939.282470] sock_recvmsg+0xc6/0x110 [ 2939.286201] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2939.291240] ___sys_recvmsg+0x21f/0x4d0 [ 2939.295246] ? ___sys_sendmsg+0x840/0x840 [ 2939.299420] ? __fget+0x210/0x370 [ 2939.302897] ? lock_downgrade+0x740/0x740 [ 2939.307074] ? __fget+0x237/0x370 [ 2939.310554] ? __fget_light+0x172/0x1f0 [ 2939.314552] ? __fdget+0x1b/0x20 [ 2939.318062] ? sockfd_lookup_light+0xb4/0x160 [ 2939.322580] __sys_recvmsg+0xb6/0x140 [ 2939.326404] ? SyS_sendmmsg+0x60/0x60 [ 2939.330239] SyS_recvmsg+0x2d/0x50 [ 2939.333793] ? __sys_recvmsg+0x140/0x140 [ 2939.337875] do_syscall_64+0x1e8/0x640 [ 2939.341779] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2939.346655] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2939.351864] RIP: 0033:0x45a919 [ 2939.355064] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2939.362788] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2939.370072] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2939.377356] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2939.384640] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2939.391926] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:43 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x10000, 0x0) ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f0000000040)) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) 21:47:43 executing program 3 (fault-call:5 fault-nth:33): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:43 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x802, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000000)={{0x0, 0x4, 0x2, 0x0, 0x7ff}}) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000080)=[@window={0x3, 0x7, 0x9}, @timestamp, @sack_perm, @window={0x3, 0x243f, 0x3f}, @mss={0x2, 0x80000001}], 0x5) [ 2939.915471] FAULT_INJECTION: forcing a failure. [ 2939.915471] name failslab, interval 1, probability 0, space 0, times 0 [ 2939.937054] audit: type=1800 audit(1577137663.319:651): pid=18960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17505 res=0 [ 2939.986696] CPU: 1 PID: 18959 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2939.994649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2940.004711] Call Trace: [ 2940.007325] dump_stack+0x142/0x197 [ 2940.010983] should_fail.cold+0x10f/0x159 [ 2940.015193] should_failslab+0xdb/0x130 [ 2940.019193] __kmalloc+0x2f0/0x7a0 [ 2940.022756] ? af_alg_make_sg+0x2f7/0x400 [ 2940.026929] ? iov_iter_advance+0x218/0xc60 [ 2940.031267] ? sock_kmalloc+0x7f/0xc0 [ 2940.035085] sock_kmalloc+0x7f/0xc0 [ 2940.038734] af_alg_get_rsgl+0xca/0x530 [ 2940.042748] skcipher_recvmsg+0x774/0xd30 [ 2940.046948] ? skcipher_release+0x50/0x50 [ 2940.051115] ? selinux_socket_recvmsg+0x36/0x40 [ 2940.055805] ? security_socket_recvmsg+0x91/0xc0 [ 2940.060588] ? skcipher_release+0x50/0x50 [ 2940.064759] sock_recvmsg+0xc6/0x110 [ 2940.068495] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2940.073538] ___sys_recvmsg+0x21f/0x4d0 [ 2940.077537] ? ___sys_sendmsg+0x840/0x840 [ 2940.081703] ? __fget+0x210/0x370 [ 2940.085180] ? lock_downgrade+0x740/0x740 [ 2940.089364] ? __fget+0x237/0x370 [ 2940.092843] ? __fget_light+0x172/0x1f0 [ 2940.096843] ? __fdget+0x1b/0x20 [ 2940.100230] ? sockfd_lookup_light+0xb4/0x160 [ 2940.104745] __sys_recvmsg+0xb6/0x140 [ 2940.108567] ? SyS_sendmmsg+0x60/0x60 [ 2940.112406] SyS_recvmsg+0x2d/0x50 [ 2940.115964] ? __sys_recvmsg+0x140/0x140 [ 2940.120043] do_syscall_64+0x1e8/0x640 [ 2940.123949] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2940.128827] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2940.134034] RIP: 0033:0x45a919 [ 2940.137232] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2940.144954] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2940.152240] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2940.159523] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2940.166811] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2940.174093] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:43 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) syz_mount_image$ceph(&(0x7f0000000000)='ceph\x00', &(0x7f0000000080)='./file1\x00', 0x4, 0x7, &(0x7f0000000800)=[{&(0x7f0000000140)="9267ef62de496a33a94684758b310a6cc2a64851ccf18d9f35102d56d4f1f357b689867141c36129570dd718c97e0bf64164546f8bd8a55983abe9b469a7d095076c366d5598296605e007a1e8da77cdebbb20c498262c803eb524243a5fc7230a9a2ddc89c3d92f59bc609d165ca786cf422c43a189e234dc5b11157995eacb41f1df708b3faa243a5670526c3c2cb2ea974c7ce5a0c635bdc6c81618304da68d6121a86d07408da16977fb3f4d4ee4d14b34ca4fb3bd492529bc04d62c02ee726dd30fb8724fa09f70", 0xca, 0x7}, {&(0x7f0000000240)="2a11e34baf9a34b340b403a95fa5de4ff1c68b915b9e7d3b4f21cd405c6db42037284b898e5340f68b943e", 0x2b, 0x54fd}, {&(0x7f0000000280)="1ce649355e0a10c1edaef83b1a23bf3f8275f9eb8285da360d56c36929951148b5f354e55b7d48be723d67d2747a7ce0141f4369c6caf99686e1a5d602861671de0d3bdb5c40e1f90b9e0cc25c943aac955d58cbaa9b8d25fcb88e7574ea6dbc2ad3d867f0197f425f552e13a432ab63c6fd074f15365ec6323228ad6b1f9a635b319fe1a61ae6817879acb8208280e33dff59ce23b687b44076f89019d81efe3dcd40f0ceebf31453a2d2d7931cfff4d1e9ec874bf4592b510ba3049c87b72c0b6ecbef02e946765e", 0xc9, 0x2}, {&(0x7f0000000380)="569084d486c056f28e2e7fce6e95ac0b7ac2bba52d405cc74cecfbf5c743d4b5c8813029c865a000b4a7b76277fabc6d404370ba1a8a74c850149087f469f3a05e9d3a649e9ef5009cf80813c7b589efc677345c4400d8a453f6a11d7ee8b235faa4fbbe4dfac15e59f63c884806366809e96b9012aad89b5d4aa1e03dc92e67c0a1b4c28a3f04ac8b728e6ea0a6fe6e55dbe1cd56dba5fae8a201df4166770df23b012e3be20cd7f9e9dca0546794d4ba", 0xb1, 0x100}, {&(0x7f0000000440)="86973844c4f3e7061b534a4eeb7c88e5af1a0eb9abe7e91e07fab7fd2e559ffc97bd2940059e3df2f1642a2eb2171eeed0af6156f52f4d8d4a899ea89cdffb9437e6a5256aeb08677fe06898d311b750aaf6f7e2e8cfebac00d640c2ed08dd257afcb40f5be2c9408ad2be5e8d0354ad0ea363cf84625732f82c6815b484d2ffdb82b12ab8059269007591468d623bbee79f4067b9943f", 0x97, 0xffffffffffffffc1}, {&(0x7f0000000500)="eb5f7750bea2072c3805", 0xa, 0x6}, {&(0x7f0000000540)="afd9872f714ac5c8fea968757e901e8712d659765e947daae6f15b1a58f92e3fdda4934b4d09d612cc9b01f1", 0x2c, 0x8}], 0x800000, &(0x7f0000000580)='\x00') [ 2940.227728] audit: type=1800 audit(1577137663.369:652): pid=18960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17505 res=0 21:47:43 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) fstat(r1, &(0x7f0000000000)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r0) tkill(r0, 0x16) 21:47:43 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r3, 0x0, 0xffffffffffffffff, 0x0) tkill(r3, 0x16) [ 2940.349658] audit: type=1800 audit(1577137663.699:653): pid=18967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17250 res=0 [ 2940.459873] audit: type=1804 audit(1577137663.699:654): pid=18967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1599/file0" dev="sda1" ino=17250 res=1 21:47:43 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x1, 0x182) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:43 executing program 4: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) msgrcv(r0, 0x0, 0x1ad, 0x0, 0x0) msgctl$IPC_RMID(r0, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) [ 2940.548165] audit: type=1800 audit(1577137663.879:655): pid=18967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17250 res=0 [ 2940.600246] audit: type=1804 audit(1577137663.889:656): pid=18967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1599/file0" dev="sda1" ino=17250 res=1 21:47:44 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4) unlink(&(0x7f0000000140)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2940.660502] audit: type=1800 audit(1577137663.989:657): pid=18980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17238 res=0 21:47:44 executing program 3 (fault-call:5 fault-nth:34): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2940.743405] audit: type=1800 audit(1577137663.989:658): pid=18980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17238 res=0 [ 2940.758479] FAULT_INJECTION: forcing a failure. [ 2940.758479] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2940.819568] CPU: 0 PID: 18988 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2940.827539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2940.836913] Call Trace: [ 2940.839527] dump_stack+0x142/0x197 [ 2940.843183] should_fail.cold+0x10f/0x159 [ 2940.847357] ? __might_sleep+0x93/0xb0 [ 2940.851279] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2940.855978] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2940.861015] ? save_trace+0x290/0x290 [ 2940.864838] ? follow_page_pte+0x25e/0x1590 [ 2940.869185] alloc_pages_vma+0xc9/0x4c0 [ 2940.873183] __handle_mm_fault+0x186c/0x33d0 [ 2940.877624] ? copy_page_range+0x1de0/0x1de0 [ 2940.882058] ? find_held_lock+0x35/0x130 [ 2940.886143] ? handle_mm_fault+0x1b6/0x7c0 [ 2940.890411] handle_mm_fault+0x293/0x7c0 [ 2940.894493] __get_user_pages+0x465/0x12e0 [ 2940.898758] ? follow_page_mask+0x1630/0x1630 [ 2940.903274] ? lock_acquire+0x16f/0x430 [ 2940.907279] get_user_pages_unlocked+0x1f0/0x2f0 [ 2940.912060] ? get_user_pages_locked+0x3d0/0x3d0 [ 2940.916837] ? get_user_pages_fast+0x171/0x2d0 [ 2940.921446] get_user_pages_fast+0x228/0x2d0 [ 2940.925900] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2940.930683] ? save_trace+0x290/0x290 [ 2940.934508] iov_iter_get_pages+0x20f/0xd10 [ 2940.938852] ? __lock_is_held+0xb6/0x140 [ 2940.943037] ? check_preemption_disabled+0x3c/0x250 [ 2940.948084] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2940.953035] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2940.958515] af_alg_make_sg+0x85/0x400 [ 2940.962427] ? iov_iter_advance+0x218/0xc60 [ 2940.966773] ? af_alg_data_wakeup+0x80/0x80 [ 2940.971125] af_alg_get_rsgl+0x1d3/0x530 [ 2940.975219] skcipher_recvmsg+0x774/0xd30 [ 2940.979398] ? skcipher_release+0x50/0x50 [ 2940.983563] ? selinux_socket_recvmsg+0x36/0x40 [ 2940.988255] ? security_socket_recvmsg+0x91/0xc0 [ 2940.993032] ? skcipher_release+0x50/0x50 [ 2940.997206] sock_recvmsg+0xc6/0x110 [ 2941.000949] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2941.005986] ___sys_recvmsg+0x21f/0x4d0 [ 2941.009982] ? ___sys_sendmsg+0x840/0x840 [ 2941.014151] ? __fget+0x210/0x370 [ 2941.017638] ? lock_downgrade+0x740/0x740 [ 2941.021815] ? __fget+0x237/0x370 [ 2941.025296] ? __fget_light+0x172/0x1f0 [ 2941.029291] ? __fdget+0x1b/0x20 [ 2941.032689] ? sockfd_lookup_light+0xb4/0x160 [ 2941.037207] __sys_recvmsg+0xb6/0x140 [ 2941.041033] ? SyS_sendmmsg+0x60/0x60 [ 2941.044870] SyS_recvmsg+0x2d/0x50 [ 2941.048430] ? __sys_recvmsg+0x140/0x140 [ 2941.052511] do_syscall_64+0x1e8/0x640 [ 2941.056426] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2941.061316] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2941.066523] RIP: 0033:0x45a919 [ 2941.069725] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2941.077449] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2941.084735] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2941.092021] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2941.099307] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2941.106588] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:44 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x2) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = accept$packet(r0, 0x0, &(0x7f00000001c0)) setsockopt$sock_void(r2, 0x1, 0x24, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) getsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000080)=0x8) ioctl$VIDIOC_ENUMINPUT(r3, 0xc050561a, &(0x7f0000000140)={0x7ff, "94b7547a5274fd2ca6d2cfea0a701d3ba685dcd1809550ec9107158f0542d0a1", 0x3, 0xed3, 0x1, 0x3408000, 0x5080242}) sendfile(r0, r1, 0x0, 0x9546) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f00000002c0)={{0x0, @remote, 0x4e22, 0x0, 'ovf\x00', 0x29, 0x8001, 0x59}, {@remote, 0x4e24, 0x2000, 0xee11, 0x4, 0x8}}, 0x44) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) write$fb(r6, &(0x7f0000000340)="755b9ad5ac619ffacaaa6152d72556fd5d20c5ca7d18af7a52a0244517ff83104f540ce8b2022a6b864828d31179e14d8d4a214bb8dda05868b9db3e8d8867", 0x3f) setsockopt$llc_int(r5, 0x10c, 0x5, &(0x7f0000000280)=0x3ff, 0x4) 21:47:44 executing program 3 (fault-call:5 fault-nth:35): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2941.307823] FAULT_INJECTION: forcing a failure. [ 2941.307823] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2941.336068] CPU: 0 PID: 18998 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2941.343999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2941.353367] Call Trace: 21:47:44 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x4e21, 0x2f, @rand_addr="a9709bb98b37ec4944f1f7b55ad3eaf6", 0x8}, {0xa, 0x4e22, 0x8, @local, 0x7}, 0xca, [0x3, 0x80000001, 0x2, 0xfffffffc, 0x3ff, 0x1, 0x1, 0x4]}, 0x5c) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = dup2(r5, r3) stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000640)=ANY=[@ANYBLOB="652c9e4065d048d2", @ANYRES32=r8, @ANYRES32=r8, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) write$FUSE_ATTR(r6, &(0x7f00000003c0)={0x78, 0xccc767b88073bd09, 0x7, {0x0, 0x6, 0x0, {0x6, 0x9, 0x8, 0x7, 0x101, 0x9, 0x40, 0x5, 0x8, 0x1, 0x7, r7, r8, 0x7, 0x7fff}}}, 0x78) r9 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000680)=ANY=[@ANYBLOB="1f432341051e688beef7db11deb40b895b325c761f037e3ec3c26e1ac1eea9608ede73981ab501791c19415b8e63d4f24a2e3bc93b03e5963b89dded6b7734b6c5998e6f42fc4a67aa6fcbcf187a86fc73905bf38533e437ae1177e18f4e6817546a10d3033d49964de0", @ANYRES32=r11, @ANYRES32=r11, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) write$P9_RGETATTR(r4, &(0x7f0000000140)={0xa0, 0x19, 0x1, {0x2, {0x2, 0x4, 0x2}, 0x100, r10, r11, 0x300, 0x0, 0xac1, 0x0, 0x0, 0x3, 0x1, 0x2, 0x25d, 0xa2, 0x40, 0x4, 0xd146, 0x7, 0x80}}, 0xa0) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) tkill(r1, 0x16) r12 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r13) mount$9p_unix(&(0x7f0000000440)='./file0\x00', &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)='9p\x00', 0x41, &(0x7f0000000540)={'trans=unix,', {[{@loose='loose'}, {@msize={'msize', 0x3d, 0x2e}}, {@msize={'msize', 0x3d, 0xef6}}, {@version_u='version=9p2000.u'}, {@fscache='fscache'}, {@version_9p2000='version=9p2000'}, {@noextend='noextend'}, {@cache_fscache='cache=fscache'}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@seclabel='seclabel'}, {@permit_directio='permit_directio'}, {@fsmagic={'fsmagic', 0x3d, 0x1}}, {@uid_lt={'uid<', r13}}]}}) [ 2941.355977] dump_stack+0x142/0x197 [ 2941.359631] should_fail.cold+0x10f/0x159 [ 2941.363798] ? __might_sleep+0x93/0xb0 [ 2941.367710] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2941.372405] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2941.377445] ? save_trace+0x290/0x290 [ 2941.381266] ? follow_page_pte+0x25e/0x1590 [ 2941.385609] alloc_pages_vma+0xc9/0x4c0 [ 2941.389603] __handle_mm_fault+0x186c/0x33d0 [ 2941.394037] ? copy_page_range+0x1de0/0x1de0 [ 2941.398466] ? find_held_lock+0x35/0x130 [ 2941.402553] ? handle_mm_fault+0x1b6/0x7c0 [ 2941.406824] handle_mm_fault+0x293/0x7c0 [ 2941.410910] __get_user_pages+0x465/0x12e0 [ 2941.415173] ? follow_page_mask+0x1630/0x1630 [ 2941.419683] ? lock_acquire+0x16f/0x430 [ 2941.423688] get_user_pages_unlocked+0x1f0/0x2f0 [ 2941.428476] ? get_user_pages_locked+0x3d0/0x3d0 [ 2941.433388] ? get_user_pages_fast+0x171/0x2d0 [ 2941.437998] get_user_pages_fast+0x228/0x2d0 [ 2941.442430] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2941.447212] ? save_trace+0x290/0x290 [ 2941.451050] iov_iter_get_pages+0x20f/0xd10 [ 2941.455394] ? __lock_is_held+0xb6/0x140 [ 2941.459473] ? check_preemption_disabled+0x3c/0x250 [ 2941.464861] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2941.469824] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2941.475301] af_alg_make_sg+0x85/0x400 [ 2941.479210] ? iov_iter_advance+0x218/0xc60 [ 2941.483574] ? af_alg_data_wakeup+0x80/0x80 [ 2941.487921] af_alg_get_rsgl+0x1d3/0x530 [ 2941.492011] skcipher_recvmsg+0x774/0xd30 [ 2941.496187] ? skcipher_release+0x50/0x50 [ 2941.500353] ? selinux_socket_recvmsg+0x36/0x40 21:47:44 executing program 0: prctl$PR_SET_DUMPABLE(0x4, 0x0) io_setup(0xfffffffc, 0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc, 0x5, 0x3, 0x0, 0x9c}, 0x0, 0x10, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x6, 0x0, 0x0, 0x8}) ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000040)={0xaa3, r1}) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r3, 0xa, 0x12) recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0xffffff9c, 0x0, 0x0, 0x0, 0xfffffffffffffde4}, 0x1000}], 0x400015b, 0x0, 0x0) lgetxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.nlink\x00', &(0x7f0000000300)=""/193, 0xc1) dup2(r3, r4) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0xff70, 0xdb6e, 0x0, 0x2544}, 0x8) syz_open_dev$tty20(0xc, 0x4, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) ioctl$PPPIOCSFLAGS1(r6, 0x40047459, &(0x7f00000001c0)=0x4080) fcntl$setown(r4, 0x8, r2) tkill(r2, 0x16) [ 2941.505043] ? security_socket_recvmsg+0x91/0xc0 [ 2941.509813] ? skcipher_release+0x50/0x50 [ 2941.513979] sock_recvmsg+0xc6/0x110 [ 2941.517716] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2941.522773] ___sys_recvmsg+0x21f/0x4d0 [ 2941.526781] ? ___sys_sendmsg+0x840/0x840 [ 2941.530945] ? __fget+0x210/0x370 [ 2941.534425] ? lock_downgrade+0x740/0x740 [ 2941.538600] ? __fget+0x237/0x370 [ 2941.542076] ? __fget_light+0x172/0x1f0 [ 2941.546067] ? __fdget+0x1b/0x20 [ 2941.549447] ? sockfd_lookup_light+0xb4/0x160 [ 2941.553962] __sys_recvmsg+0xb6/0x140 [ 2941.557906] ? SyS_sendmmsg+0x60/0x60 [ 2941.561741] SyS_recvmsg+0x2d/0x50 [ 2941.565297] ? __sys_recvmsg+0x140/0x140 [ 2941.569548] do_syscall_64+0x1e8/0x640 [ 2941.573450] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2941.578320] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2941.583524] RIP: 0033:0x45a919 [ 2941.586723] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2941.594445] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2941.601730] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:47:45 executing program 3 (fault-call:5 fault-nth:36): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2941.609014] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2941.616291] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2941.623575] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:45 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000800)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d06000000ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f9a565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a736de9b17bbfe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed183bcfd35d63412c9f35aabf338ff2f4618a460c0e2b56afd07f5565e39ea29fb34280c0f907778ba4c2d4f0a9d0ab0a21757058c6e95a9da9f29ad044acdbe5e75db133a947eb6625f41b0ac7c83ec9781e9fca96fe05d0e335decce4d1a9e4af88068e04fc55d2eaa7e7713693dc2d536e1b4d623da1343f186751b08ccd0596185932661d0771ecc22118e81fb80bff71c9cd0a134618880d131ce00b15b2dac06888c7b119ecfe4d810e234f83767fa4a12f4b80d1ee96e81b0d8053bcf77619290ca730ea50a7a66775220648a3b5b278983e68cb5d8d856f15a4da0f5213883d77a13b897ef99ae49e164688eb3085ec892a1c199bf1b66d20fbf546d4753a85562e45c63fb45db844c62af629273027d63c7b4760eba64d46c941a7142ca9b96ff7982dbba52198d0ee52f8fe496a5cc66b8b9a6ed10c49dc59179e917e8f319ae04cbdc2f258488159a70f032214302f89009daa0c1bb6611d36cbab1", 0xfffffe64) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r2, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x2, &(0x7f0000000000)={0x0, 0x7, 0x1, @tid=r2}, &(0x7f0000000080)) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2941.731143] FAULT_INJECTION: forcing a failure. [ 2941.731143] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2941.759196] CPU: 0 PID: 19006 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2941.767152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2941.776530] Call Trace: [ 2941.779160] dump_stack+0x142/0x197 [ 2941.782821] should_fail.cold+0x10f/0x159 [ 2941.786993] ? __might_sleep+0x93/0xb0 [ 2941.790911] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2941.795632] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2941.800674] ? save_trace+0x290/0x290 [ 2941.804505] ? follow_page_pte+0x25e/0x1590 [ 2941.808874] alloc_pages_vma+0xc9/0x4c0 [ 2941.812876] __handle_mm_fault+0x186c/0x33d0 [ 2941.817320] ? copy_page_range+0x1de0/0x1de0 [ 2941.821859] ? find_held_lock+0x35/0x130 [ 2941.825953] ? handle_mm_fault+0x1b6/0x7c0 [ 2941.830226] handle_mm_fault+0x293/0x7c0 [ 2941.834322] __get_user_pages+0x465/0x12e0 [ 2941.838601] ? follow_page_mask+0x1630/0x1630 [ 2941.843127] ? lock_acquire+0x16f/0x430 [ 2941.847137] get_user_pages_unlocked+0x1f0/0x2f0 [ 2941.851928] ? get_user_pages_locked+0x3d0/0x3d0 [ 2941.856710] ? get_user_pages_fast+0x171/0x2d0 [ 2941.861318] get_user_pages_fast+0x228/0x2d0 [ 2941.865752] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2941.870534] ? save_trace+0x290/0x290 [ 2941.874372] iov_iter_get_pages+0x20f/0xd10 [ 2941.878719] ? __lock_is_held+0xb6/0x140 [ 2941.882817] ? check_preemption_disabled+0x3c/0x250 [ 2941.887860] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2941.892823] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2941.898309] af_alg_make_sg+0x85/0x400 [ 2941.902222] ? iov_iter_advance+0x218/0xc60 [ 2941.906579] ? af_alg_data_wakeup+0x80/0x80 [ 2941.910932] af_alg_get_rsgl+0x1d3/0x530 [ 2941.915027] skcipher_recvmsg+0x774/0xd30 [ 2941.919235] ? skcipher_release+0x50/0x50 [ 2941.923493] ? selinux_socket_recvmsg+0x36/0x40 [ 2941.928306] ? security_socket_recvmsg+0x91/0xc0 [ 2941.933085] ? skcipher_release+0x50/0x50 [ 2941.937259] sock_recvmsg+0xc6/0x110 [ 2941.941003] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2941.946048] ___sys_recvmsg+0x21f/0x4d0 [ 2941.950050] ? ___sys_sendmsg+0x840/0x840 [ 2941.954220] ? __fget+0x210/0x370 [ 2941.957703] ? lock_downgrade+0x740/0x740 [ 2941.961885] ? __fget+0x237/0x370 [ 2941.965370] ? __fget_light+0x172/0x1f0 [ 2941.969366] ? __fdget+0x1b/0x20 [ 2941.972763] ? sockfd_lookup_light+0xb4/0x160 [ 2941.977285] __sys_recvmsg+0xb6/0x140 21:47:45 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) fstat(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x200000, &(0x7f00000001c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id', 0x3d, r4}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@blksize={'blksize'}}], [{@smackfshat={'smackfshat'}}, {@appraise='appraise'}]}}) sendfile(r0, r1, 0x0, 0x9546) [ 2941.981111] ? SyS_sendmmsg+0x60/0x60 [ 2941.984949] SyS_recvmsg+0x2d/0x50 [ 2941.988506] ? __sys_recvmsg+0x140/0x140 [ 2941.992587] do_syscall_64+0x1e8/0x640 [ 2941.996500] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2942.001374] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2942.006585] RIP: 0033:0x45a919 [ 2942.009789] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2942.017515] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2942.024807] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:47:45 executing program 3 (fault-call:5 fault-nth:37): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2942.032091] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2942.039383] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2942.046671] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2942.124115] FAULT_INJECTION: forcing a failure. [ 2942.124115] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2942.137171] CPU: 1 PID: 19015 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2942.145095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2942.154473] Call Trace: [ 2942.157094] dump_stack+0x142/0x197 [ 2942.160757] should_fail.cold+0x10f/0x159 [ 2942.164928] ? __might_sleep+0x93/0xb0 [ 2942.168846] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2942.173547] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2942.178591] ? save_trace+0x290/0x290 [ 2942.182416] ? follow_page_pte+0x25e/0x1590 [ 2942.186769] alloc_pages_vma+0xc9/0x4c0 [ 2942.190775] __handle_mm_fault+0x186c/0x33d0 [ 2942.195219] ? copy_page_range+0x1de0/0x1de0 [ 2942.199661] ? find_held_lock+0x35/0x130 [ 2942.203748] ? handle_mm_fault+0x1b6/0x7c0 [ 2942.208036] handle_mm_fault+0x293/0x7c0 [ 2942.212119] __get_user_pages+0x465/0x12e0 [ 2942.216375] ? follow_page_mask+0x1630/0x1630 [ 2942.220886] ? lock_acquire+0x16f/0x430 [ 2942.224892] get_user_pages_unlocked+0x1f0/0x2f0 [ 2942.229678] ? get_user_pages_locked+0x3d0/0x3d0 [ 2942.234448] ? get_user_pages_fast+0x171/0x2d0 [ 2942.239059] get_user_pages_fast+0x228/0x2d0 [ 2942.243498] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2942.248282] ? save_trace+0x290/0x290 [ 2942.252109] iov_iter_get_pages+0x20f/0xd10 [ 2942.256451] ? __lock_is_held+0xb6/0x140 [ 2942.260541] ? check_preemption_disabled+0x3c/0x250 [ 2942.265576] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2942.270530] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2942.276029] af_alg_make_sg+0x85/0x400 [ 2942.279942] ? iov_iter_advance+0x218/0xc60 [ 2942.284284] ? af_alg_data_wakeup+0x80/0x80 [ 2942.288644] af_alg_get_rsgl+0x1d3/0x530 [ 2942.292743] skcipher_recvmsg+0x774/0xd30 [ 2942.296924] ? skcipher_release+0x50/0x50 [ 2942.301093] ? selinux_socket_recvmsg+0x36/0x40 [ 2942.305789] ? security_socket_recvmsg+0x91/0xc0 [ 2942.310569] ? skcipher_release+0x50/0x50 [ 2942.314751] sock_recvmsg+0xc6/0x110 [ 2942.318489] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2942.323532] ___sys_recvmsg+0x21f/0x4d0 [ 2942.327548] ? ___sys_sendmsg+0x840/0x840 [ 2942.331728] ? __fget+0x210/0x370 [ 2942.335208] ? lock_downgrade+0x740/0x740 [ 2942.339391] ? __fget+0x237/0x370 [ 2942.342872] ? __fget_light+0x172/0x1f0 [ 2942.346871] ? __fdget+0x1b/0x20 [ 2942.350263] ? sockfd_lookup_light+0xb4/0x160 [ 2942.354790] __sys_recvmsg+0xb6/0x140 [ 2942.358620] ? SyS_sendmmsg+0x60/0x60 [ 2942.362453] SyS_recvmsg+0x2d/0x50 [ 2942.366014] ? __sys_recvmsg+0x140/0x140 [ 2942.370100] do_syscall_64+0x1e8/0x640 [ 2942.374032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2942.378903] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2942.384113] RIP: 0033:0x45a919 [ 2942.387319] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2942.395048] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2942.402337] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2942.409623] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2942.416911] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2942.424203] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:45 executing program 3 (fault-call:5 fault-nth:38): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2942.535996] FAULT_INJECTION: forcing a failure. [ 2942.535996] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2942.555630] CPU: 1 PID: 19018 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2942.563565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2942.572936] Call Trace: [ 2942.575551] dump_stack+0x142/0x197 [ 2942.579330] should_fail.cold+0x10f/0x159 [ 2942.583504] ? __might_sleep+0x93/0xb0 [ 2942.587424] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2942.592261] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2942.597303] ? save_trace+0x290/0x290 [ 2942.601131] ? follow_page_pte+0x25e/0x1590 [ 2942.605476] alloc_pages_vma+0xc9/0x4c0 [ 2942.609480] __handle_mm_fault+0x186c/0x33d0 [ 2942.613916] ? copy_page_range+0x1de0/0x1de0 [ 2942.618376] ? find_held_lock+0x35/0x130 [ 2942.622465] ? handle_mm_fault+0x1b6/0x7c0 [ 2942.626761] handle_mm_fault+0x293/0x7c0 [ 2942.630843] __get_user_pages+0x465/0x12e0 [ 2942.635105] ? follow_page_mask+0x1630/0x1630 [ 2942.639618] ? lock_acquire+0x16f/0x430 [ 2942.643623] get_user_pages_unlocked+0x1f0/0x2f0 [ 2942.648404] ? get_user_pages_locked+0x3d0/0x3d0 [ 2942.653177] ? get_user_pages_fast+0x171/0x2d0 [ 2942.657792] get_user_pages_fast+0x228/0x2d0 [ 2942.662228] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2942.667005] ? save_trace+0x290/0x290 [ 2942.670834] iov_iter_get_pages+0x20f/0xd10 [ 2942.675183] ? __lock_is_held+0xb6/0x140 [ 2942.679276] ? check_preemption_disabled+0x3c/0x250 [ 2942.684317] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2942.689962] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2942.695441] af_alg_make_sg+0x85/0x400 [ 2942.699356] ? af_alg_data_wakeup+0x80/0x80 [ 2942.703713] af_alg_get_rsgl+0x1d3/0x530 [ 2942.707978] skcipher_recvmsg+0x774/0xd30 [ 2942.712162] ? skcipher_release+0x50/0x50 [ 2942.716329] ? selinux_socket_recvmsg+0x36/0x40 [ 2942.721029] ? security_socket_recvmsg+0x91/0xc0 [ 2942.725809] ? skcipher_release+0x50/0x50 [ 2942.729980] sock_recvmsg+0xc6/0x110 [ 2942.733714] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2942.738756] ___sys_recvmsg+0x21f/0x4d0 [ 2942.742759] ? ___sys_sendmsg+0x840/0x840 [ 2942.746926] ? __fget+0x210/0x370 [ 2942.750429] ? lock_downgrade+0x740/0x740 [ 2942.754602] ? __fget+0x237/0x370 [ 2942.758082] ? __fget_light+0x172/0x1f0 [ 2942.762138] ? __fdget+0x1b/0x20 [ 2942.765534] ? sockfd_lookup_light+0xb4/0x160 [ 2942.770059] __sys_recvmsg+0xb6/0x140 [ 2942.773886] ? SyS_sendmmsg+0x60/0x60 [ 2942.777720] SyS_recvmsg+0x2d/0x50 [ 2942.781275] ? __sys_recvmsg+0x140/0x140 [ 2942.785362] do_syscall_64+0x1e8/0x640 [ 2942.789270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2942.794142] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2942.799344] RIP: 0033:0x45a919 [ 2942.802550] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2942.810301] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2942.817585] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2942.824878] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2942.832166] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2942.839452] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:47 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$rds(0x15, 0x5, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x222104, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5) fcntl$setown(r2, 0x8, r0) preadv(0xffffffffffffffff, &(0x7f0000000500)=[{&(0x7f0000000140)=""/134, 0x86}, {&(0x7f0000000200)=""/191, 0xbf}, {&(0x7f0000000080)=""/28, 0x1c}, {&(0x7f0000000300)=""/153, 0x99}, {&(0x7f00000003c0)=""/149, 0x95}, {&(0x7f0000000480)=""/101, 0x65}], 0x6, 0xffffffff) tkill(r0, 0x16) 21:47:47 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x24) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:47 executing program 3 (fault-call:5 fault-nth:39): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2943.664011] FAULT_INJECTION: forcing a failure. [ 2943.664011] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2943.679448] CPU: 1 PID: 19025 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2943.687398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2943.696778] Call Trace: [ 2943.699399] dump_stack+0x142/0x197 [ 2943.703063] should_fail.cold+0x10f/0x159 [ 2943.707251] ? __might_sleep+0x93/0xb0 [ 2943.711173] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2943.715871] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2943.720911] ? save_trace+0x290/0x290 [ 2943.724737] ? follow_page_pte+0x25e/0x1590 [ 2943.729092] alloc_pages_vma+0xc9/0x4c0 [ 2943.733104] __handle_mm_fault+0x186c/0x33d0 [ 2943.737543] ? copy_page_range+0x1de0/0x1de0 [ 2943.741971] ? find_held_lock+0x35/0x130 [ 2943.746056] ? handle_mm_fault+0x1b6/0x7c0 [ 2943.750320] handle_mm_fault+0x293/0x7c0 [ 2943.754405] __get_user_pages+0x465/0x12e0 [ 2943.758671] ? follow_page_mask+0x1630/0x1630 [ 2943.763190] ? lock_acquire+0x16f/0x430 [ 2943.767201] get_user_pages_unlocked+0x1f0/0x2f0 [ 2943.771984] ? get_user_pages_locked+0x3d0/0x3d0 [ 2943.776757] ? get_user_pages_fast+0x171/0x2d0 [ 2943.781371] get_user_pages_fast+0x228/0x2d0 [ 2943.785803] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2943.790605] ? save_trace+0x290/0x290 [ 2943.794430] iov_iter_get_pages+0x20f/0xd10 [ 2943.798774] ? __lock_is_held+0xb6/0x140 [ 2943.802855] ? check_preemption_disabled+0x3c/0x250 [ 2943.807909] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2943.812862] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2943.818351] af_alg_make_sg+0x85/0x400 [ 2943.822264] ? iov_iter_advance+0x218/0xc60 [ 2943.826611] ? af_alg_data_wakeup+0x80/0x80 [ 2943.830963] af_alg_get_rsgl+0x1d3/0x530 [ 2943.835064] skcipher_recvmsg+0x774/0xd30 [ 2943.839245] ? skcipher_release+0x50/0x50 [ 2943.843415] ? selinux_socket_recvmsg+0x36/0x40 [ 2943.848111] ? security_socket_recvmsg+0x91/0xc0 [ 2943.852886] ? skcipher_release+0x50/0x50 [ 2943.857064] sock_recvmsg+0xc6/0x110 [ 2943.860801] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2943.865842] ___sys_recvmsg+0x21f/0x4d0 [ 2943.869842] ? ___sys_sendmsg+0x840/0x840 [ 2943.874008] ? __fget+0x210/0x370 [ 2943.877494] ? lock_downgrade+0x740/0x740 [ 2943.881672] ? __fget+0x237/0x370 [ 2943.885150] ? __fget_light+0x172/0x1f0 [ 2943.889143] ? __fdget+0x1b/0x20 [ 2943.892539] ? sockfd_lookup_light+0xb4/0x160 [ 2943.897060] __sys_recvmsg+0xb6/0x140 [ 2943.900882] ? SyS_sendmmsg+0x60/0x60 [ 2943.904719] SyS_recvmsg+0x2d/0x50 [ 2943.908280] ? __sys_recvmsg+0x140/0x140 [ 2943.912364] do_syscall_64+0x1e8/0x640 [ 2943.916271] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2943.921145] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2943.926553] RIP: 0033:0x45a919 [ 2943.929756] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2943.937510] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2943.944802] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2943.952091] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 21:47:47 executing program 3 (fault-call:5 fault-nth:40): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2943.959379] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2943.966666] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2944.033344] FAULT_INJECTION: forcing a failure. [ 2944.033344] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2944.050638] CPU: 1 PID: 19032 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2944.058571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2944.067940] Call Trace: [ 2944.070556] dump_stack+0x142/0x197 [ 2944.074219] should_fail.cold+0x10f/0x159 [ 2944.078392] ? __might_sleep+0x93/0xb0 [ 2944.082307] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2944.087008] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2944.092048] ? save_trace+0x290/0x290 [ 2944.095873] ? follow_page_pte+0x25e/0x1590 [ 2944.100223] alloc_pages_vma+0xc9/0x4c0 [ 2944.104222] __handle_mm_fault+0x186c/0x33d0 [ 2944.108659] ? copy_page_range+0x1de0/0x1de0 [ 2944.113093] ? find_held_lock+0x35/0x130 [ 2944.117177] ? handle_mm_fault+0x1b6/0x7c0 [ 2944.121453] handle_mm_fault+0x293/0x7c0 [ 2944.125544] __get_user_pages+0x465/0x12e0 [ 2944.129810] ? follow_page_mask+0x1630/0x1630 [ 2944.134330] ? lock_acquire+0x16f/0x430 [ 2944.138339] get_user_pages_unlocked+0x1f0/0x2f0 [ 2944.143123] ? get_user_pages_locked+0x3d0/0x3d0 [ 2944.147897] ? get_user_pages_fast+0x171/0x2d0 [ 2944.152513] get_user_pages_fast+0x228/0x2d0 [ 2944.156951] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2944.161730] ? save_trace+0x290/0x290 [ 2944.165557] iov_iter_get_pages+0x20f/0xd10 [ 2944.169908] ? __lock_is_held+0xb6/0x140 [ 2944.174021] ? check_preemption_disabled+0x3c/0x250 [ 2944.179063] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2944.184023] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2944.189514] af_alg_make_sg+0x85/0x400 [ 2944.193431] ? iov_iter_advance+0x218/0xc60 [ 2944.197793] ? af_alg_data_wakeup+0x80/0x80 [ 2944.202155] af_alg_get_rsgl+0x1d3/0x530 [ 2944.206255] skcipher_recvmsg+0x774/0xd30 [ 2944.210444] ? skcipher_release+0x50/0x50 [ 2944.214614] ? selinux_socket_recvmsg+0x36/0x40 [ 2944.219313] ? security_socket_recvmsg+0x91/0xc0 [ 2944.224099] ? skcipher_release+0x50/0x50 [ 2944.228270] sock_recvmsg+0xc6/0x110 [ 2944.232006] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2944.237058] ___sys_recvmsg+0x21f/0x4d0 [ 2944.241063] ? ___sys_sendmsg+0x840/0x840 [ 2944.245231] ? __fget+0x210/0x370 [ 2944.248717] ? lock_downgrade+0x740/0x740 [ 2944.252896] ? __fget+0x237/0x370 [ 2944.256395] ? __fget_light+0x172/0x1f0 [ 2944.260402] ? __fdget+0x1b/0x20 [ 2944.263797] ? sockfd_lookup_light+0xb4/0x160 [ 2944.268317] __sys_recvmsg+0xb6/0x140 [ 2944.272137] ? SyS_sendmmsg+0x60/0x60 [ 2944.275977] SyS_recvmsg+0x2d/0x50 [ 2944.279530] ? __sys_recvmsg+0x140/0x140 21:47:47 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000500)='/dev/full\x00', 0x8000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x30, r3, 0x7}, 0x30}}, 0x0) sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0xc0004400}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x24, r3, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x9}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x2) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e20, 0x4, @mcast2, 0x7}}}, &(0x7f0000000440)=0x84) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000480)={0x0, 0x0, 0x3, 0x7fff}) ioctl$DRM_IOCTL_AGP_FREE(r4, 0x40206435, &(0x7f00000004c0)={0x401, r5, 0x10000, 0xd686}) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) mmap$usbmon(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x20010, r6, 0xfff) r7 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r8 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r8, 0x1000000) sendfile(r7, r8, 0x0, 0xeefffdef) r9 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r9, &(0x7f00000017c0), 0x199, 0x0) recvfrom$rxrpc(r9, &(0x7f0000000080)=""/185, 0xb9, 0x37a68b44489afb63, &(0x7f0000000140)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e22, 0x1, @mcast2, 0x80000000}}, 0x24) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r10, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2944.283610] do_syscall_64+0x1e8/0x640 [ 2944.287513] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2944.292455] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2944.297689] RIP: 0033:0x45a919 [ 2944.300867] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2944.308576] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2944.315841] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2944.323099] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2944.330359] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2944.337628] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2944.352802] kauditd_printk_skb: 13 callbacks suppressed [ 2944.352812] audit: type=1800 audit(1577137667.739:672): pid=19024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17524 res=0 [ 2944.381323] audit: type=1804 audit(1577137667.739:673): pid=19024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1605/file0" dev="sda1" ino=17524 res=1 21:47:48 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) sendmsg$unix(r3, &(0x7f00000001c0)={&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000280)="ef4d445e694f50f68be3d8887d6dd6b1b6b5069af78a20849440e1e766ded81aa9a038d074c57130dae5de691a0cedb5089a41cfc4199861f714593d30380d5ddf39aa2e11964ac7e3b06c828f8466cac7dd8f00a12de51c386ff12e3eeff6f8ee7344637efedb3c879cf0860ad7bb3d823ee07a165a9d31ac6e4f5daa5c6006c4c02edb569370fbae77759974af099ff1749a60fb0e72654a5f389b821a83456e56955f0c7d342e31c17fa4eea7c30741d0971e8581dbc463acb59f3229b97ca5d5f0a2da98e3d8da3ab4cabe2ed5aa65196accb0e040df30cdf172ac6a", 0xde}], 0x1, 0x0, 0x0, 0x4000000}, 0x4410) preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r8, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="500000002900210400"/20, @ANYRES32=r8, @ANYBLOB="00000000ffffffff000000000c0080eb8600000075701000200002001c0002000500000000000800050062706600040002000400060000ff156569735843de8b4c1ef779b8d8f7bf7afb33e23753792ac1f351b2483d67b19c323679afde2698ebe5f83bc5b1d2c1df41944400193870e465324b63063fc06b6d0e583c75ba0a6d8da2ca131e39aeef0f"], 0x50}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@delqdisc={0x40, 0x25, 0x2272b0dbe6fd5b74, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x99dc7ddc4d5d7825, 0xfff2}, {0xa, 0x4}, {0xe, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xc, 0x1, 'multiq\x00'}, {0x8, 0x2, {0x5, 0x5}}}, @TCA_RATE={0x8, 0x5, {0x0, 0x4}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0x3, 0x2}, 0x6) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:48 executing program 3 (fault-call:5 fault-nth:41): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:48 executing program 2: timer_create(0x11ee77f293ec5a12, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x400200, 0x0) write$P9_RFSYNC(r0, &(0x7f00000002c0)={0x7, 0x33, 0x2}, 0x7) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff0000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000e3a333a0daf2f73451c0e17a606fec68cb7d18ad181867514fe60077d4dd90123d27e7cf43548ee85857ad4a77cb56e0fcb3dfd4e70ebec677d6ac14c2c794f72cbf5fe31789e70227bfd8115efd90c8c48258f8fae82e16cf0000000000000000000000000000000000000000000000000000790ae2fd45d54b107c8c247f195e32f13799d6707432ff48bc08576031416627e9a232fe2238fff867ba8fd41b29caad2a986e0e244bd117252e47ffda1a869db7e632df4de8572344b419c45c2170fe873692d8255170c16822bdfff0135480dae93c7e33bdef00000000d8fd8c79a5d0967ab7e43686b4d1e03e326beea7905ef7de375ef8bc8143df20d13c37db269971210fab7071cc305ac88a044777aab9d86cf50afefd7b72a0950d389be3bf43aa607b7269561dd50b22bd242ac8c3249582a20d4e04fd1ab7883f656b84137d5f7a6edba86a7b9a4c2f3b3a8abf93b280ea53ce01dcc2d30f4310e8281b0cdc017f9759060ea88a2f6597e966a85c9a74ca196700218f919746bb4b84c16fd56ee4500312d75ab7613b644ba7580b2a0942394ed1737517eed1c892422f54d5a2e1cf1a60fe2dcc1a465aa8d54cb4000053c3f01ea714a7bd00"/572], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x24f}, 0x48) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000a80)={0x0, 0xffffffffffffffff, 0x3, 0x97, 0x3f, 0x10001}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r3, 0x1800000000000060, 0xe80, 0xfffffffffffffe64, &(0x7f0000000100)="000e003f0000007e5bc5795eca0000080000000000000000ffff81", 0x0, 0x100, 0xf2ffffff, 0xfffffe0c, 0x212, &(0x7f0000000280)="f2a134bd13c7bd41a2a738ad8e7625ed330eb46063bd287d832698132e59ef45f8f50845c0ac85604b448e24348e4ae93e68238b7b9d561b349d19b5f5784e031c55c5a4e48926a1526e38640a161fab39732052ee83bc3b9cb625962f3eaf1ed426e6f0442693c16b0ab6a89a5738f5bccd6ae1492f8471a7afec6b", &(0x7f0000000380)="712ae01ebf877f139c8f1b0fcd056310bfa3de7157976d3ff4c82f2e0d1885774c5b7c7c853e5424fbf469ab0726e9f41208f98d20b093ddbb7f52e015b875cea2900b2443348cdf466c18cfae89ce96f0437cb21ca3703f0b94273c7500"/106}, 0x28) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={r3, 0xc0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780), 0x0, 0x0, 0x0, &(0x7f00000007c0)={0x8, 0x3}, 0x0, 0x0, &(0x7f0000000800)={0x3, 0xe, 0x0, 0x7}, &(0x7f0000000840)=0x9, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=0x101}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r4}, 0x78) ioctl$PPPIOCGUNIT(r0, 0x80047456, &(0x7f0000000a40)) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000940)={r2, 0x10, &(0x7f0000000300)={&(0x7f0000000840)=""/198, 0xc6, r4}}, 0x10) preadv(r1, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0), &(0x7f0000000100)=0xe) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r5 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e21, 0x1ff, @loopback, 0x7}, 0x1c) r6 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r6, 0x1000000) sendfile(r5, r6, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r7, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r8 = syz_open_dev$mice(&(0x7f00000009c0)='/dev/input/mice\x00', 0x0, 0x41000) ioctl$TUNGETFEATURES(r8, 0x800454cf, &(0x7f0000000a00)) ioctl$KDFONTOP_SET_DEF(r1, 0x4b72, &(0x7f0000000140)={0x2, 0x1, 0x18, 0xe, 0x177, &(0x7f0000000440)="3ec3ec4654954688cf2413c75c7c078658b2ce0f94a03dd0e1970230022e5eb826bd581447db36943229d5e463e5104d48d9ffb35fc401781dee833e8f537924b4dcdf1b1fafa84a0975168c8316f057aead5b2bcb570a460b7c760ca78a439aba4a8b5f2825cc3c3a76af9702cc9f16c919c39a092d4d26ca1be233ecf183a7df8bdc99422d016e39aa4db7fa754af591ecae4e7ac8f0806a0e4542a8ad2cfcacf14510d6a8481a773474c52f2f5b8fedd39a91792ed09901fc5df320566f497ec73eba3d40c58c97e447a49afb935193ae3f48e67d2402dfa13915d5bbe1cd785acb160dc41ed5aea137b671b1016a3a4533eaf6821c0597cdfd435555db714c629eda1116b7274b580cb2be5bae32b6033074cbaeb703493c5aee34e4fbb075991cbf5ffe6102e0323d1679c262ada45c014cd62c9fe877507c6150be8fc17532cc7b962b1f925e2cc123ad35abfc705e6ba58e7dfac68ab175154912c7291ceeb11a909780dbcb58f51ab742c18892fc1ec20277a934ca9d03bd7a9d5b37518d2089d55ff08fdbc82f0aa601bdd6cca42b8096abd38e24ef7d976b1dfee12b37b7f6c8bd2b08673c64d382a6c694c25753efbb6c7ec805cf4f805a9e080d342ed8704935647bec58e5b8ba3356918731f3fc1bcfcba17d6b9202215f2c367f85f2f04a086b31700d71ed04f4f739d3849cbb48fe6e794f3ac98d66833a2632b9a1fcc770479eeb91b0db20b49204b4120f2ddaf1f0ad0ffa07243bb86a7240333380eb9604db37d4208493f241e9247d6b21f30a637bd51cfce08b06736e4682f4152156f9f2dfc5f9443c67f4bafad235ab022c2eeaef17fd66e3354eeabf5da4bf3ad506c9eb9e78d292519920dcebfe46bace676173ce89f84915fae745ea11659e380bdb5da08167a38beba31151417f4dd6d70d7e5e06be5d202572b2abc04b303ff6dd043a7b00ad5c74ac8e8762824dd3043685de490c5ec64081de4eb77c1488a9b83fb467524df9b4d227f7c9e19e975c2f97cf8bd2aa3dda351d64ca352a1c3d044cca238d786b54be232ed46cb83b88d540b5501a9b30f1a32b189573639119e6aec300f8bcc11327facc4b1b2a9809499a4985d1318ffd11cbf2cc4d6ea07e8891579fa220cf0afe20807b19fd0f99e37c71e9f54075bfba44ef9378e612df111c0dd26e918d70aeb47a6ceb973e5c91bfdd084e9a17d9411c98ad47c1ba537a43fbcabcc2926704edf0d1706ef1d94f05458dadb78d010fb9f8aa5d451cd04894b1e403bbabc39f444737e7923d20822cda01d225324d60d5ddcdd7aa6d69363a3f82b4f3091c96d01e514ec82a06808e7a50c5137585919b40a1f31aceafcf8f7bf9004f1f4ed27dfd11b9f3bebd73564372e2efa830065f47809f418e2637f7c6d932d36814a7da49e461e1fdab62f4c9628eaa764c80"}) 21:47:48 executing program 0 (fault-call:10 fault-nth:0): mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:47:48 executing program 5: lsetxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="89073893000000000000000000000000000700f4eca11f885d1b8c98c8ade5c18924010e0700000000000000a5415b5c354b333db41321e1a5dd040000fef12c5a403e38ad1c0ed286c1d66d8085ee46cbff66b453a86000ffffffef983f84"], 0x12, 0x1) prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') ioctl$RTC_UIE_ON(r4, 0x7003) preadv(r4, &(0x7f00000017c0), 0x199, 0x0) dup2(r4, r3) ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f0000000140)={'ip6gre0\x00', 0x72}) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2944.690510] FAULT_INJECTION: forcing a failure. [ 2944.690510] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2944.707032] CPU: 0 PID: 19046 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2944.707229] audit: type=1800 audit(1577137668.099:674): pid=19050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17569 res=0 [ 2944.715207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2944.715213] Call Trace: [ 2944.715241] dump_stack+0x142/0x197 [ 2944.715263] should_fail.cold+0x10f/0x159 [ 2944.715275] ? __might_sleep+0x93/0xb0 [ 2944.715291] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2944.715306] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2944.715317] ? save_trace+0x290/0x290 [ 2944.715332] ? follow_page_pte+0x25e/0x1590 [ 2944.715349] alloc_pages_vma+0xc9/0x4c0 [ 2944.715364] __handle_mm_fault+0x186c/0x33d0 [ 2944.715379] ? copy_page_range+0x1de0/0x1de0 [ 2944.715390] ? find_held_lock+0x35/0x130 [ 2944.715400] ? handle_mm_fault+0x1b6/0x7c0 [ 2944.715433] handle_mm_fault+0x293/0x7c0 [ 2944.715451] __get_user_pages+0x465/0x12e0 [ 2944.715469] ? follow_page_mask+0x1630/0x1630 [ 2944.751893] audit: type=1804 audit(1577137668.099:675): pid=19050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1606/file0" dev="sda1" ino=17569 res=1 [ 2944.754067] ? lock_acquire+0x16f/0x430 [ 2944.754090] get_user_pages_unlocked+0x1f0/0x2f0 [ 2944.754105] ? get_user_pages_locked+0x3d0/0x3d0 [ 2944.809599] ? get_user_pages_fast+0x171/0x2d0 [ 2944.809616] get_user_pages_fast+0x228/0x2d0 [ 2944.809628] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2944.809642] ? save_trace+0x290/0x290 [ 2944.841496] iov_iter_get_pages+0x20f/0xd10 [ 2944.841511] ? __lock_is_held+0xb6/0x140 [ 2944.841520] ? check_preemption_disabled+0x3c/0x250 [ 2944.841532] ? csum_and_copy_from_iter+0xd50/0xd50 21:47:48 executing program 3 (fault-call:5 fault-nth:42): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2944.841542] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2944.841559] af_alg_make_sg+0x85/0x400 [ 2944.841569] ? iov_iter_advance+0x218/0xc60 [ 2944.841581] ? af_alg_data_wakeup+0x80/0x80 [ 2944.841596] af_alg_get_rsgl+0x1d3/0x530 [ 2944.850342] skcipher_recvmsg+0x774/0xd30 [ 2944.850362] ? skcipher_release+0x50/0x50 [ 2944.850371] ? selinux_socket_recvmsg+0x36/0x40 [ 2944.850385] ? security_socket_recvmsg+0x91/0xc0 [ 2944.859731] ? skcipher_release+0x50/0x50 [ 2944.859744] sock_recvmsg+0xc6/0x110 [ 2944.859757] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2944.859769] ___sys_recvmsg+0x21f/0x4d0 [ 2944.859784] ? ___sys_sendmsg+0x840/0x840 [ 2944.868949] ? __fget+0x210/0x370 [ 2944.868969] ? lock_downgrade+0x740/0x740 [ 2944.868994] ? __fget+0x237/0x370 [ 2944.869012] ? __fget_light+0x172/0x1f0 [ 2944.877150] ? __fdget+0x1b/0x20 [ 2944.877164] ? sockfd_lookup_light+0xb4/0x160 [ 2944.877176] __sys_recvmsg+0xb6/0x140 [ 2944.877187] ? SyS_sendmmsg+0x60/0x60 [ 2944.886276] SyS_recvmsg+0x2d/0x50 [ 2944.886286] ? __sys_recvmsg+0x140/0x140 [ 2944.886300] do_syscall_64+0x1e8/0x640 [ 2944.886310] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2944.886331] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2944.896688] RIP: 0033:0x45a919 [ 2944.896693] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2944.896703] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2944.896710] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2944.896717] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2944.896722] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2944.896727] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2944.934530] FAULT_INJECTION: forcing a failure. [ 2944.934530] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2944.944872] CPU: 0 PID: 19061 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2944.952347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2944.952353] Call Trace: [ 2944.952370] dump_stack+0x142/0x197 [ 2944.952390] should_fail.cold+0x10f/0x159 21:47:48 executing program 3 (fault-call:5 fault-nth:43): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2944.952402] ? __might_sleep+0x93/0xb0 [ 2944.952415] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2944.952429] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2944.952439] ? save_trace+0x290/0x290 [ 2944.952459] ? follow_page_pte+0x25e/0x1590 [ 2944.952477] alloc_pages_vma+0xc9/0x4c0 [ 2944.952494] __handle_mm_fault+0x186c/0x33d0 [ 2944.952510] ? copy_page_range+0x1de0/0x1de0 [ 2944.952519] ? find_held_lock+0x35/0x130 [ 2944.952530] ? handle_mm_fault+0x1b6/0x7c0 [ 2944.967578] handle_mm_fault+0x293/0x7c0 [ 2944.967598] __get_user_pages+0x465/0x12e0 [ 2944.967614] ? follow_page_mask+0x1630/0x1630 [ 2944.975463] ? lock_acquire+0x16f/0x430 [ 2944.975485] get_user_pages_unlocked+0x1f0/0x2f0 [ 2944.975504] ? get_user_pages_locked+0x3d0/0x3d0 [ 2944.983079] ? get_user_pages_fast+0x171/0x2d0 [ 2944.983094] get_user_pages_fast+0x228/0x2d0 [ 2944.983107] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2944.983118] ? save_trace+0x290/0x290 [ 2944.983135] iov_iter_get_pages+0x20f/0xd10 [ 2944.983145] ? __lock_is_held+0xb6/0x140 [ 2944.983156] ? check_preemption_disabled+0x3c/0x250 [ 2944.990739] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2944.990752] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2944.990770] af_alg_make_sg+0x85/0x400 [ 2944.990781] ? iov_iter_advance+0x218/0xc60 [ 2944.990793] ? af_alg_data_wakeup+0x80/0x80 [ 2944.999551] af_alg_get_rsgl+0x1d3/0x530 [ 2944.999575] skcipher_recvmsg+0x774/0xd30 [ 2944.999594] ? skcipher_release+0x50/0x50 [ 2945.007973] ? selinux_socket_recvmsg+0x36/0x40 [ 2945.007988] ? security_socket_recvmsg+0x91/0xc0 [ 2945.008000] ? skcipher_release+0x50/0x50 [ 2945.008018] sock_recvmsg+0xc6/0x110 [ 2945.023036] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2945.023048] ___sys_recvmsg+0x21f/0x4d0 [ 2945.023065] ? ___sys_sendmsg+0x840/0x840 [ 2945.023077] ? __fget+0x210/0x370 [ 2945.023096] ? lock_downgrade+0x740/0x740 [ 2945.023112] ? __fget+0x237/0x370 [ 2945.023127] ? __fget_light+0x172/0x1f0 [ 2945.023139] ? __fdget+0x1b/0x20 [ 2945.037789] ? sockfd_lookup_light+0xb4/0x160 [ 2945.037800] __sys_recvmsg+0xb6/0x140 [ 2945.037810] ? SyS_sendmmsg+0x60/0x60 [ 2945.037835] SyS_recvmsg+0x2d/0x50 [ 2945.037842] ? __sys_recvmsg+0x140/0x140 [ 2945.037857] do_syscall_64+0x1e8/0x640 [ 2945.052400] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2945.052420] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2945.052428] RIP: 0033:0x45a919 [ 2945.052433] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2945.052444] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2945.052449] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2945.052455] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2945.052460] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2945.052471] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2945.214691] FAULT_INJECTION: forcing a failure. [ 2945.214691] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2945.222918] CPU: 0 PID: 19066 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2945.228669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2945.228676] Call Trace: [ 2945.228695] dump_stack+0x142/0x197 [ 2945.228716] should_fail.cold+0x10f/0x159 [ 2945.228728] ? __might_sleep+0x93/0xb0 [ 2945.228742] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2945.238181] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2945.238197] ? save_trace+0x290/0x290 [ 2945.238213] ? follow_page_pte+0x25e/0x1590 [ 2945.238230] alloc_pages_vma+0xc9/0x4c0 [ 2945.246078] __handle_mm_fault+0x186c/0x33d0 [ 2945.246095] ? copy_page_range+0x1de0/0x1de0 [ 2945.246108] ? find_held_lock+0x35/0x130 [ 2945.246121] ? handle_mm_fault+0x1b6/0x7c0 [ 2945.255103] handle_mm_fault+0x293/0x7c0 [ 2945.255118] __get_user_pages+0x465/0x12e0 [ 2945.255136] ? follow_page_mask+0x1630/0x1630 [ 2945.262716] ? lock_acquire+0x16f/0x430 [ 2945.262735] get_user_pages_unlocked+0x1f0/0x2f0 [ 2945.262751] ? get_user_pages_locked+0x3d0/0x3d0 [ 2945.262760] ? get_user_pages_fast+0x171/0x2d0 [ 2945.262775] get_user_pages_fast+0x228/0x2d0 [ 2945.262788] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2945.270405] ? save_trace+0x290/0x290 [ 2945.270424] iov_iter_get_pages+0x20f/0xd10 [ 2945.270435] ? __lock_is_held+0xb6/0x140 [ 2945.270444] ? check_preemption_disabled+0x3c/0x250 [ 2945.270456] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2945.270477] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2945.508776] af_alg_make_sg+0x85/0x400 [ 2945.512662] ? iov_iter_advance+0x218/0xc60 [ 2945.516991] ? af_alg_data_wakeup+0x80/0x80 [ 2945.521320] af_alg_get_rsgl+0x1d3/0x530 [ 2945.525401] skcipher_recvmsg+0x774/0xd30 [ 2945.529568] ? skcipher_release+0x50/0x50 [ 2945.533722] ? selinux_socket_recvmsg+0x36/0x40 [ 2945.538392] ? security_socket_recvmsg+0x91/0xc0 [ 2945.543283] ? skcipher_release+0x50/0x50 [ 2945.547439] sock_recvmsg+0xc6/0x110 [ 2945.551152] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2945.556176] ___sys_recvmsg+0x21f/0x4d0 [ 2945.560169] ? ___sys_sendmsg+0x840/0x840 [ 2945.564440] ? __fget+0x210/0x370 [ 2945.568018] ? lock_downgrade+0x740/0x740 [ 2945.572191] ? __fget+0x237/0x370 [ 2945.575653] ? __fget_light+0x172/0x1f0 [ 2945.579627] ? __fdget+0x1b/0x20 [ 2945.583006] ? sockfd_lookup_light+0xb4/0x160 [ 2945.587499] __sys_recvmsg+0xb6/0x140 [ 2945.591301] ? SyS_sendmmsg+0x60/0x60 [ 2945.595114] SyS_recvmsg+0x2d/0x50 [ 2945.598657] ? __sys_recvmsg+0x140/0x140 [ 2945.602729] do_syscall_64+0x1e8/0x640 [ 2945.606628] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2945.611546] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2945.616855] RIP: 0033:0x45a919 [ 2945.620051] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2945.627862] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2945.635136] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2945.642435] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2945.649706] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2945.657020] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2945.678502] audit: type=1800 audit(1577137669.059:676): pid=19055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=16965 res=0 [ 2945.702971] audit: type=1804 audit(1577137669.089:677): pid=19055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1606/file0" dev="sda1" ino=16965 res=1 21:47:50 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') symlink(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00') write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1, {0x7, 0x1f, 0x8a9f, 0x0, 0x0, 0x0, 0xfffffffb}}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="10000000feffff000200000000000000"], 0x10) ioctl$SIOCX25SCAUSEDIAG(r2, 0x89ec, &(0x7f0000000380)) ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, &(0x7f0000000280)={0x1, 0x0, {0x6, 0x8960, 0x2bcd, 0xdc}}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) fstat(r3, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = geteuid() syz_mount_image$iso9660(&(0x7f00000003c0)='iso9660\x00', &(0x7f0000000400)='./file0\x00', 0x6, 0x0, &(0x7f0000000440), 0x0, &(0x7f0000000580)={[{@unhide='unhide'}, {@map_normal='map=normal'}, {@map_acorn='map=acorn'}, {@check_relaxed='check=relaxed'}, {@map_normal='map=normal'}, {@dmode={'dmode', 0x3d, 0x4}}, {@check_relaxed='check=relaxed'}, {@dmode={'dmode'}}, {@nojoliet='nojoliet'}], [{@fowner_gt={'fowner>', r4}}, {@dont_measure='dont_measure'}, {@fowner_gt={'fowner>', r5}}, {@dont_hash='dont_hash'}]}) 21:47:50 executing program 3 (fault-call:5 fault-nth:44): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:50 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0xc100, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_netrom_SIOCADDRT(r2, 0x890b, &(0x7f0000000140)={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={'rose', 0x0}, 0x100, 'syz1\x00', @bcast, 0x2, 0x6, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @null, @bcast, @default, @null, @null]}) sendfile(r0, r1, 0x0, 0x9546) [ 2946.682593] FAULT_INJECTION: forcing a failure. [ 2946.682593] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2946.694734] audit: type=1800 audit(1577137670.069:678): pid=19075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17516 res=0 [ 2946.720408] CPU: 1 PID: 19073 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 21:47:50 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r3 = accept4(0xffffffffffffffff, &(0x7f0000000140)=@pppoe={0x18, 0x0, {0x0, @remote}}, &(0x7f0000000080)=0x80, 0x400) dup2(r2, r3) [ 2946.728335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2946.737705] Call Trace: [ 2946.740314] dump_stack+0x142/0x197 [ 2946.743971] should_fail.cold+0x10f/0x159 [ 2946.748143] ? __might_sleep+0x93/0xb0 [ 2946.752062] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2946.756768] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2946.761817] ? save_trace+0x290/0x290 [ 2946.765641] ? follow_page_pte+0x25e/0x1590 [ 2946.769989] alloc_pages_vma+0xc9/0x4c0 [ 2946.773985] __handle_mm_fault+0x186c/0x33d0 [ 2946.778418] ? copy_page_range+0x1de0/0x1de0 [ 2946.782854] ? find_held_lock+0x35/0x130 [ 2946.786943] ? handle_mm_fault+0x1b6/0x7c0 [ 2946.791250] handle_mm_fault+0x293/0x7c0 [ 2946.795344] __get_user_pages+0x465/0x12e0 [ 2946.799802] ? follow_page_mask+0x1630/0x1630 [ 2946.804315] ? lock_acquire+0x16f/0x430 [ 2946.808324] get_user_pages_unlocked+0x1f0/0x2f0 [ 2946.813109] ? get_user_pages_locked+0x3d0/0x3d0 [ 2946.817888] ? get_user_pages_fast+0x171/0x2d0 [ 2946.822501] get_user_pages_fast+0x228/0x2d0 [ 2946.826939] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2946.831716] ? save_trace+0x290/0x290 [ 2946.835550] iov_iter_get_pages+0x20f/0xd10 [ 2946.839889] ? __lock_is_held+0xb6/0x140 [ 2946.843965] ? check_preemption_disabled+0x3c/0x250 [ 2946.849012] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2946.853972] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2946.859454] af_alg_make_sg+0x85/0x400 [ 2946.863366] ? iov_iter_advance+0x218/0xc60 [ 2946.867713] ? af_alg_data_wakeup+0x80/0x80 [ 2946.872068] af_alg_get_rsgl+0x1d3/0x530 [ 2946.876181] skcipher_recvmsg+0x774/0xd30 [ 2946.880383] ? skcipher_release+0x50/0x50 [ 2946.884567] ? selinux_socket_recvmsg+0x36/0x40 [ 2946.889256] ? security_socket_recvmsg+0x91/0xc0 [ 2946.894040] ? skcipher_release+0x50/0x50 [ 2946.898218] sock_recvmsg+0xc6/0x110 [ 2946.901954] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2946.907122] ___sys_recvmsg+0x21f/0x4d0 [ 2946.911133] ? ___sys_sendmsg+0x840/0x840 [ 2946.915307] ? __fget+0x210/0x370 [ 2946.918919] ? lock_downgrade+0x740/0x740 [ 2946.923098] ? __fget+0x237/0x370 [ 2946.926578] ? __fget_light+0x172/0x1f0 [ 2946.930574] ? __fdget+0x1b/0x20 [ 2946.933959] ? sockfd_lookup_light+0xb4/0x160 [ 2946.938477] __sys_recvmsg+0xb6/0x140 [ 2946.942298] ? SyS_sendmmsg+0x60/0x60 [ 2946.946145] SyS_recvmsg+0x2d/0x50 [ 2946.949702] ? __sys_recvmsg+0x140/0x140 [ 2946.953790] do_syscall_64+0x1e8/0x640 [ 2946.957697] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2946.962569] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2946.967780] RIP: 0033:0x45a919 [ 2946.970985] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2946.978711] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2946.986009] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2946.993292] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2947.000579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2947.007864] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2947.019467] audit: type=1804 audit(1577137670.079:679): pid=19075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1607/file0" dev="sda1" ino=17516 res=1 [ 2947.049538] audit: type=1800 audit(1577137670.079:680): pid=19075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17516 res=0 [ 2947.074098] audit: type=1800 audit(1577137670.089:681): pid=19075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17516 res=0 21:47:50 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) chmod(&(0x7f0000000040)='./file0\x00', 0x28) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:47:50 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x4, 0x40) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r1, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r2, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(r2) r4 = syz_open_procfs(r3, &(0x7f0000000140)='net/ip_vs\x00') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) sendfile(r0, r4, 0x0, 0x9544) 21:47:50 executing program 3 (fault-call:5 fault-nth:45): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2947.237119] FAULT_INJECTION: forcing a failure. [ 2947.237119] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2947.276944] CPU: 1 PID: 19088 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2947.284889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2947.294258] Call Trace: [ 2947.296871] dump_stack+0x142/0x197 [ 2947.300524] should_fail.cold+0x10f/0x159 [ 2947.304691] ? __might_sleep+0x93/0xb0 [ 2947.308604] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2947.313297] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2947.318335] ? save_trace+0x290/0x290 [ 2947.322156] ? follow_page_pte+0x25e/0x1590 [ 2947.326502] alloc_pages_vma+0xc9/0x4c0 [ 2947.330501] __handle_mm_fault+0x186c/0x33d0 [ 2947.334931] ? copy_page_range+0x1de0/0x1de0 [ 2947.339361] ? find_held_lock+0x35/0x130 [ 2947.343442] ? handle_mm_fault+0x1b6/0x7c0 [ 2947.347716] handle_mm_fault+0x293/0x7c0 [ 2947.351835] __get_user_pages+0x465/0x12e0 [ 2947.356122] ? follow_page_mask+0x1630/0x1630 [ 2947.360641] ? lock_acquire+0x16f/0x430 [ 2947.364664] get_user_pages_unlocked+0x1f0/0x2f0 [ 2947.369449] ? get_user_pages_locked+0x3d0/0x3d0 [ 2947.374229] ? get_user_pages_fast+0x171/0x2d0 [ 2947.378837] get_user_pages_fast+0x228/0x2d0 [ 2947.383270] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2947.388043] ? save_trace+0x290/0x290 [ 2947.391865] iov_iter_get_pages+0x20f/0xd10 [ 2947.396223] ? __lock_is_held+0xb6/0x140 [ 2947.400307] ? check_preemption_disabled+0x3c/0x250 [ 2947.405353] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2947.410305] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2947.415789] af_alg_make_sg+0x85/0x400 [ 2947.419704] ? iov_iter_advance+0x218/0xc60 [ 2947.424052] ? af_alg_data_wakeup+0x80/0x80 [ 2947.428443] af_alg_get_rsgl+0x1d3/0x530 [ 2947.432539] skcipher_recvmsg+0x774/0xd30 [ 2947.436728] ? skcipher_release+0x50/0x50 [ 2947.440901] ? selinux_socket_recvmsg+0x36/0x40 [ 2947.445595] ? security_socket_recvmsg+0x91/0xc0 [ 2947.450375] ? skcipher_release+0x50/0x50 [ 2947.454557] sock_recvmsg+0xc6/0x110 [ 2947.458297] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2947.463335] ___sys_recvmsg+0x21f/0x4d0 [ 2947.467341] ? ___sys_sendmsg+0x840/0x840 [ 2947.471513] ? __fget+0x210/0x370 [ 2947.475000] ? lock_downgrade+0x740/0x740 [ 2947.479184] ? __fget+0x237/0x370 [ 2947.482662] ? __fget_light+0x172/0x1f0 [ 2947.486656] ? __fdget+0x1b/0x20 [ 2947.490040] ? sockfd_lookup_light+0xb4/0x160 [ 2947.494561] __sys_recvmsg+0xb6/0x140 [ 2947.498383] ? SyS_sendmmsg+0x60/0x60 [ 2947.502221] SyS_recvmsg+0x2d/0x50 [ 2947.505776] ? __sys_recvmsg+0x140/0x140 [ 2947.509856] do_syscall_64+0x1e8/0x640 [ 2947.513759] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2947.518628] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2947.523844] RIP: 0033:0x45a919 [ 2947.527050] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2947.534781] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2947.542066] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2947.549353] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2947.556642] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2947.563953] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:51 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x10, 0x0, @thr={&(0x7f0000000080), &(0x7f00000000c0)="a13c3d0f86348cdb1178d5014b00f48e3c2be8f480d709fddcf62e39c1e3c0e53af93319eceb8e6b59211d1e74ea99afb8b8ba3d0857cbfc92de79617f271f5eec528c21c0e8d7db374da26ab00275d170bcdeaff8896a011eff88a3de893c8c0557f4ee226aa32ffb95bafd19917e13224d6476dffff488f93a4825c1d6691df37ccae9"}}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:51 executing program 1: ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f) r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:51 executing program 3 (fault-call:5 fault-nth:46): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:51 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r4, 0x0, 0xffffffffffffffff, 0x0) sched_getattr(r4, &(0x7f0000000000)={0x38}, 0x38, 0x0) fcntl$setown(r2, 0x8, r0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000040)="0fc7ae0000d028c4e3d5cedb0026660f11c1363e260f019f004064f30f09660f1a7633f20f42f30f01cbf2de601c", 0x2e}], 0x1, 0x1, &(0x7f0000000180)=[@vmwrite={0x8, 0x0, 0x4, 0x0, 0x2, 0x0, 0x2, 0x0, 0x1}], 0x1) tkill(r0, 0x16) [ 2947.783334] FAULT_INJECTION: forcing a failure. [ 2947.783334] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2947.834734] CPU: 0 PID: 19100 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2947.842668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2947.852038] Call Trace: [ 2947.854651] dump_stack+0x142/0x197 [ 2947.858308] should_fail.cold+0x10f/0x159 [ 2947.862489] ? __might_sleep+0x93/0xb0 [ 2947.866406] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2947.871105] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2947.876133] ? save_trace+0x290/0x290 [ 2947.879943] ? follow_page_pte+0x25e/0x1590 [ 2947.884284] alloc_pages_vma+0xc9/0x4c0 [ 2947.888284] __handle_mm_fault+0x186c/0x33d0 [ 2947.892714] ? copy_page_range+0x1de0/0x1de0 [ 2947.897145] ? find_held_lock+0x35/0x130 [ 2947.901222] ? handle_mm_fault+0x1b6/0x7c0 [ 2947.905490] handle_mm_fault+0x293/0x7c0 [ 2947.909575] __get_user_pages+0x465/0x12e0 [ 2947.913829] ? follow_page_mask+0x1630/0x1630 [ 2947.918340] ? lock_acquire+0x16f/0x430 [ 2947.922339] get_user_pages_unlocked+0x1f0/0x2f0 [ 2947.927126] ? get_user_pages_locked+0x3d0/0x3d0 [ 2947.931900] ? get_user_pages_fast+0x171/0x2d0 [ 2947.936513] get_user_pages_fast+0x228/0x2d0 [ 2947.940943] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2947.945717] ? save_trace+0x290/0x290 [ 2947.949542] iov_iter_get_pages+0x20f/0xd10 [ 2947.953887] ? __lock_is_held+0xb6/0x140 [ 2947.957964] ? check_preemption_disabled+0x3c/0x250 [ 2947.963350] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2947.968302] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2947.973941] af_alg_make_sg+0x85/0x400 [ 2947.977849] ? iov_iter_advance+0x218/0xc60 [ 2947.982197] ? af_alg_data_wakeup+0x80/0x80 [ 2947.986549] af_alg_get_rsgl+0x1d3/0x530 [ 2947.990647] skcipher_recvmsg+0x774/0xd30 [ 2947.994847] ? skcipher_release+0x50/0x50 [ 2947.999018] ? selinux_socket_recvmsg+0x36/0x40 [ 2948.006402] ? security_socket_recvmsg+0x91/0xc0 [ 2948.011200] ? skcipher_release+0x50/0x50 [ 2948.015370] sock_recvmsg+0xc6/0x110 [ 2948.019104] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2948.024144] ___sys_recvmsg+0x21f/0x4d0 [ 2948.028149] ? ___sys_sendmsg+0x840/0x840 [ 2948.032319] ? __fget+0x210/0x370 [ 2948.035806] ? lock_downgrade+0x740/0x740 [ 2948.036761] vivid-004: kernel_thread() failed [ 2948.040003] ? __fget+0x237/0x370 [ 2948.040021] ? __fget_light+0x172/0x1f0 [ 2948.040032] ? __fdget+0x1b/0x20 [ 2948.040045] ? sockfd_lookup_light+0xb4/0x160 [ 2948.040058] __sys_recvmsg+0xb6/0x140 [ 2948.063645] ? SyS_sendmmsg+0x60/0x60 [ 2948.067471] SyS_recvmsg+0x2d/0x50 [ 2948.071027] ? __sys_recvmsg+0x140/0x140 [ 2948.075118] do_syscall_64+0x1e8/0x640 [ 2948.079030] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2948.083909] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2948.089116] RIP: 0033:0x45a919 [ 2948.092318] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2948.100050] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2948.107442] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2948.114725] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2948.122131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 21:47:51 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r1, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(r1) ptrace$peek(0x5, r2, &(0x7f0000000080)) r3 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r3, 0x1000000) sendfile(r0, r3, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:51 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) statx(r1, &(0x7f00000003c0)='./file1\x00', 0x6400, 0x7ff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000400)=0x0) syz_mount_image$xfs(&(0x7f0000000040)='xfs\x00', &(0x7f0000000100)='./file0\x00', 0x7fffffff, 0x1, &(0x7f0000000380)=[{&(0x7f0000000280)="54ea47cae7cb14bcb675acffdd28d1b59c634a8cf316cf", 0x17, 0xffffffffffffff01}], 0x2001440, &(0x7f0000000780)={[{@inode32='inode32'}, {@grpquota='grpquota'}], [{@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'user_id'}}, {@fowner_gt={'fowner>', r2}}, {@fsname={'fsname', 0x3d, '/'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/fuse\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, ')\r'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x0, 0x63, 0x36, 0x32, 0x0, 0x32, 0x5a], 0x2d, [0x62, 0x30, 0x66, 0x30], 0x2d, [0x34, 0x38, 0x64, 0x34], 0x2d, [0x65, 0xe, 0x37, 0x63], 0x2d, [0x37, 0x3d54652a0d1294c4, 0x56, 0x31, 0x3374489e301ae342, 0x62, 0x0, 0x33]}}}, {@euid_gt={'euid>', r3}}, {@obj_type={'obj_type', 0x3d, 'user_id'}}]}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:47:51 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000040)={{r0, r1+10000000}, {0x77359400}}, 0x0) r2 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r3 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) syz_read_part_table(0x3f, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000200)="d7e9594ae8cff06cca1db49d72dea2775d4ec0fc14ebd082708031a9aa3f6daf62eb1ebbb00cedc99c24dc31a0a514ac3c5a96039ba2d312eb79e1694dca9d40ad69d8daea70b37fdc3240288ec1411ca3849d1aad95b4e412ac2ef655ef55432f1657eecbbbc159f1074e02e0ea66124329ad60ca1b83e956e7525561bb8e5646d46049fd70535e2f96dc54994ed45ae58243d4b37988670249426ccdcb1e2e343dd27cc929af6058cbdd8bfdd4d76bd11e14af8958b0b36a564fc707ee4ad84a74761e1c4abb388f344b", 0xcb, 0x6}, {&(0x7f0000000440)="3826cede949bb6cac4a6b23f153548840aed9810f6253b1f8ab875d7e69ba6abf95bb70ae7d87764967d7a7a6e0a661f3446bcfe3999499ce1df97b5ff4044847e1a9e1f32f80eab88d59b8664b77b3b0ad0355d7237242c87793347400bd9548df649b32157704f08c4037f9fcf7286925664e725d4df8a577ff93c3105cf6f5b61c8ace4462147ef50e2709e711b037001e9f445480e0a136f0190421aea0b872072fb3238af76e97880365d5a5e5386d3336eb955e1bf370f24f8fae6c5e4bcb1d7352a98e5d6031a841f2834f761a2b0ff6f3b3322656545e16e743a945ea9f8514062c2bddca91e76d1a76e867d2a8532f763e726c2738021db4979c5a83dcc70e788aef48749fd5583ce48a6a0ad2eb66b9025a7b125a6aef8fc83aff4031ea370d571b02b4baeab6989acd86c43a62b4225ad541794d7c521089d921580f2f7b9e5d5492a34b46368cf5bfb15f57e8a1073fd5116391df9329a3d4030701736c81c25a698a9851592da93db15cb949565928e217548558fe6a75df22d365faccb058820542fca5c6e0809ee28b94330b819ae64d6e4612f84e7fcbfdc0084edba76b5c83fb3beaf6e3fa40508c6372d60c4ce5d8ba88a1e95e29ab5f45622760781a5cfc22884dac239a74f9ebea6218ab506ca26fe91dbc63bcbb9947b5046b4544ee0505cbb3436b1a450eb4c75b3129a53ca0bde8909dde4ea9834ddf4a0b5e0bace7817d43caf328f4d25f23b3cc345b844d1dce34c29deb3caea7561a73ed2936fea1df371cd2631c18170cc4853d12d3d8eb6488282d45acaec1bccffdcf59003a3df9cc50ff9521208349d3cb2f274099489fc6844bec5e0343cc35d1eab29c716bdec5d0e67e2c24b1e08282cee584430501f5cfb2d803ed471829f7d3d0af2b7f2c2cffdf10e7d2674f25ee6654e240234c7805baf4d8d6c43586363b0285aedab7fe8933c6237caac36e25ff19ae250b9e706ef7a19f992ff10ea4fb7351d6650ab09bd645520474bbb099bdb602f264221c00cc70817abff865306d1d74dba77e0017a3757cf299665448bfc6359f4bf5d4b76509cafd70bbe71e54b49cab3845fc06637423e1f071163590bc27906883ccd3695f7730ad6c970665b2b8e48eb6002745ed5146d9b74d1e372f4f9d42fff62e607ba8f6a7ac10daa158f09e7ac2d1a2af15ad7f5714ec363c31c53762401780e88befb50d5a484c561e7fc5392df80378d64668e63f22fee4453dbedbc6ce4599217d6c569c179fd9e9f8490dffb88e5a805ed817b9dc5c52a9122878eb8e4d79b8324fe186bac43bbaf7958b6973050b6aa6383ebcd68d760023f940aa4b283d17c93a8e1e3feff8598338cd5cf79e082552fc42695757dddd8aa65bbdf91b11a578257a7f7870f23fbb55ff19e8fc915b631d1ee303f6db435ad321ba665e976f733cfae831fba41c5a20cb36ecc8a1b56a5760f391e36b4a8d5723ea2f5a200ed3694427d18e4feda85a28a62ff06dee59532b0f854256d26528ddac7263e40176a90bde12925325345558f6435148b57a5dbe02ed4a7fedf9ae871b50afe14898eb5e91204a41d92956b4b60b0aa9dd6e4ed8b1167ca7da6b8d836de095eea574edbef0b310281b33df9e02e390a8b53994792b1144b2adc2d3bd9627e5c3f72f2094e7b79bb552e35012454c7dd2aae8c589b541e9eb8c54303551edcee1697df9f4749ec14012718fd8067b31a6693c8b1b1090fec57c9c883ab31caa661c12aa047c612b388d0909d288add82c0977df64905dded5d48fde92771fa3e16a32375295293f0960f2358b2043aa14caec1e00690e3115523155cf3b95e47a415e8a486fa88d66bd20e261d475f59f7213481504b19f3442e00c7c34b6ec60ef59095b903fe25fcbbe0c96edc415e950f4101f5026d26888b4805b2dada86b03a2fb19a51141ff1c8931e48311c424153a996c64c6b0f6797981da7189746a211e0bab6fb78c2f60cefa43939526733ffc5e950c1eea4f67a876cf8431440c41abd13089f5c2ada34c3da68f38c6fb71767645812de3dd7a9a45a039c62509c26fe61fd20198086b419d6e2d55569537c25439176373167dc14d56964c145313d5931732b06ae8bdc5aa87f341672ac4f43a63d0d8b3d45aa581f550d627906e4959562f649999cd7a1b38157c1b1e979260e429129f3f3d5a42dfd64870b1edf57a3c3049068a988afea2b6d9ae19cd3d90f39fc7866ae1638ca05aff97ab07a78dc79d75b3ceffa8df2665314847d3fc67fc5f870b35baaedfc6fd3c6b855c9dff08415bdafeb2b98fb747f65f6dc55b13eeab987c9c8c73ad1c13dd31c2f78e8eb13de316aeaec392380a61e752c384390b30a21e6e8489ac96b6077927f9e9083cb79e621f73ccf17d02e579f986af69e42dd475b09751c348f73f2a1f946cc51765cb6fcd06d14efbbb34700268014897364ea97263e8c50b4eb3340c1a258154ec378b8e5a4d6f503a26f4c98ca84ebe38876318ab917330afe9056e59f599121b7c8e16b7bac7c731dea8d27923d31ea8194025fe0daf6d25e45d848c9186e572fa52b1b0cd22595b07eee9fe69008add3f1e832720c5b1bf614fba3c77421d54cb000373fb46154e332b9112e71c2e157c5b885ede4b46360922a27a0b4efd258e906c37e029f00aa75126717a9e580682612d200888bb4d2c60a0bc5f93738738ff39bd7ed58192097cb3d64fa38372cd27698ebb4fd6eee6d2c6bbccdfd94b2301ea1c91108a6adbe0da2c09f8586399f6fac3f4182f2abb507dac71b90f056fd39239d946465acb633f4a3dc929ee16b1e93698abb0752fae912063bcb85ec27e0a415e3c68907536740878ca8d63d676f326d10ce3818e2336756de8d8a40b250654d938026966e486d4d03b1a300f5a08a10d5af18d56d87b325f33a5104011ab678b6bdcb27c899546d0caae48f610d072fe13c8a56f6af2bf8180433b3817dc48c1a8c8f3169c04be66eb22e618af6ab8f5e0a6eb75c389ea7c3d3b82bf0619026a1650b25117ca44eaff781fc4bdcdc67ac000388b593f1bebb6cea11d0d09b82eab4f84eb463dde5d43334b0da3e0ad4a1f308129a4846b64073109269c27025dd1a508272eb6c313c92f605668cc88fc581dc6c6614d681b0249b43e88b9b443bb50157a1915d8b050649781fc5005e6e55a139c8e6acdc8ef071cf4b550bcd8c0a6226c826225597eed6a7d210283edf4f26019ad206d00a5722bd5e5fab0284e1fd8fb77a9e5df5206ad29bbcc6818223f41937678e3a9f790d5afcc60d9e00906360d69307c8ae679e3b9c275943c86ba9fe67893bac835b6d5d4846b1dd25e4def9a38e7ab0e4fb8ca9e50c37dcbf258a20884f60a5778f69f742f571580bd227594483cbdbd8ae554d2d4f416b1c73c451fd5946bcbc0727272767e8af8d41b18276557a82c76840dbf90242a7de05ab0c4a572a5106aa7fe4b1117dbe35f6d73accac76b77822cad54beeaf54d9407ae3ad9a8b21210eebdf0c290acb2fc52b517ece2c7f66318cc256bb8b23d0ef88c861ac5756c33e7ad96cbb9deeb787763904064ba614c51d4445e440bfcafbf9d05233e3ef532ba106c574d93a4785fce40e3c93a5569091c22c0a9eed85768cb2979241baeee577680bbf595ae6e7cfaa4d2c0a6acd3d5b7978902f975a07e35d4ae89a43933353c61c403d3c095272fc66a710c7555998d4cc7ab3c2ac5efdc12c0be5583d6f3c3efa4a5aca5ce6bbf868f59d63561b905f97cc06470724a894e0f8a9be1629b25668e4c8f828e79a8ceb52c75366a19688342f96caeb1798a731a24e9286fa1bc259bd8f5d346d3715cd963d9803350c09db5ca1dcc8a4ae33736a543a8b304dbb36db1451bae5668b5f51e83a19a30a36bce991b7cc334ee1e5708de7ec50425c92f13e75d7c93e3d2b3f922c8af7ee5417768f3ee2bf9a10814abc8b1924588606b6091ed91b7e6cbbbf651f82493107928e049ebc23f263f9e4bd44caf1d4794dc84fdaa387ce2e43f41d47c0385e972d0b1dc7af88209891f908995a3e0da7ce835ebba2bc2eab846c3e313169db26d6457f1c8b2f530cce6c781b1f7816f633787d37a3a9eeb43bcb69da78a841d7fbc1ccdced5100f360f7303cdd63758c25a56b06d76b857e28e8c15725b5654e7ec1279063d1e6021626ff4aaed4fedecfe50cbcafca103c36ab52328e13a401ce90994e82be8ebf642d3bb5286d2c4eff4cb4adaeeffdf3b73e462de8e07d7b0b784631c47e3764e5a60ea54141ca329da4981ef87db5c4365ff3544f2c2c3b5fd5991c7b83d68995569199d609dc9f669534c535b9fa66bdf70234aee4f9a375b60be35e54ff2b0646e1872e6d283d309d5a3363e77571322564247656b32a35d8eb1fca2b4f30db9a4be1853b11ca52cbfad54f26c1259fdc9f1c5f7783538b0f4329b79b8d80de675c915dd370a19aaf7fc7a2881462496212ceacb03a4301d26502ae305b85477d8557c0ef104c97541bb2c4bdfb4d1f6b61fd7a38ddee1d543cc50ebbc9cf66c32b548b797b828fbcfe31e3d5cd4caa27ee54a447a9ca5982a8b91aac8b3d471c048fa1ca519f4b295bf6353eb7f7b5029191d0b8cdc41b0593bcd15784ddec60fd5c579a37e55fd3716f195f0b22b6adf97446d7cafe61346f84359025e76685f2794f6bef86f9ee33cd8ab398a320d2ef95cee313b7fc0772fc69e3ec6dd012318d65fc9f307f8a07c5c9c5e05f7def81fa2a38a4e426c2542766b1c95ae2bf0c5175b9b3451c734ec3e809697a6f6dc7d5d974902940e20adc94e93742705b68b941b7fe8909952d1d45350748404386deda8eda03309f4d3bea95ec0d4607a6dcbf802a870b51ad08897c5f9f7a64c5458f1e863e58b41ccb3be5558d472704bc3c88e0ab727b10df823c664d3ba4f45dbd669f51c70fd98a6036e29cb922420dcdbb3edc43d6ba4c620961c708b0f77c38e3a24d6017064947353217eee53e6ef54645f269860c6b2756d5adc5adb82311bde9b5a78664d440ff612148b5f7a74944b699e46ef11e4e45cd5c92b9b7808cf46cbd17933db68c1972fdd15b881703fb311304b1b421ec66d7a4ac173f1a6de277aaa9c6bbcb440029c5058b94c23cf46b4289bfe04da51b7600bad5135b7ea1f5131bb68fca46bf92fed101069edfb614f6be74a73f958f4ff43a7290169d3b5b734014788c7144600e8f21cab44c02cb0ba18ad2b12360061e32ab2b1d3272ab5f60f7707734d8ad3a3ac5464b81a1e8d90952896cf1fd0bf569e6446434bfdb6bbbb5a4c77b0fbd45b4983652302e073a0046d67b1375992bfecbf0eebe07ff40afa8d9687cbe8ea8458d08b76c482f39a17ccacb064383518350e2b9a7d2356347a64b1a26f0263c70f001439c8c3f7972a5b747aa0e4c0b48360a9ceef20f0f1b8c270ccada8214789748594bde93b7e7728972f4431028ff62ed59d0d0c04d19986d86787144c304a97396b4a4c8d77d1a35d42a4f22e072fe00da9a06f3cc77f84316deca02dd85ac4f63c76d27ee024e831a7ddf62b2d1c096d581f26d10fe3071112382fd20076bfff5133c6cdbfe48da415251a3defd101cf5edf1e7f2cdf6b23963edbae9dd3efca0d6e6b8c7d3afba59809e531da7019a1fbf11ca28bb132e1e55283f7b51d29f861b3349e500e9d2e9fc8257fd883a7610e00a3137d94e82c111ff82df33a5a7af6fe88f0a915cb162e5db5d080d0ad397d5f38687eebe4706b05cd0ca79870c1e4187", 0x1000, 0x6}]) ftruncate(r3, 0x1000000) sendfile(r2, r3, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2948.129416] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:51 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r4 = socket$inet6(0xa, 0x4, 0x1) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r4, 0x8983, &(0x7f0000000340)={0x6, 'caif0\x00', {0x8694}, 0x6}) preadv(r3, &(0x7f00000017c0), 0x199, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000002c0)=0xc) sched_rr_get_interval(r5, &(0x7f0000000300)) ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f0000000240)={0x1, 0x8a5b126598a23fa7, 0x1000, 0x5c, &(0x7f0000000140)="6afbfd406cfcee5c732881669c26e94702f2fc7f5529f0f1b2b44ee576598b3f17e6d590f567eccf479aae8b2996854af8165755a1ddae487f211314465cb066ccfcaa4b9c9ee43576b4a30220f60756f2a9d1cce16fabd49e32c1b3", 0x79, 0x0, &(0x7f00000001c0)="53aa2a1db5758a8fcdb66beb5cd7ea44763a0acc81a65284eef11ac1ad06698e44a16d7dd116f58d2d271337e806e0e2a5ef6ee804c2a86a19118e50afe3c0ca78b0ea38504ef80b47ab8aceb91963e99e4acada9bf8cc235e771c43525f99a675f3ff3188dd8bb0c0740ad63b31bac2ba4123d497f557e46f"}) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:51 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x1}, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xc4c80c4291415ac0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) preadv(r5, &(0x7f0000000040), 0x0, 0xfffffffffffffffe) r6 = dup3(r3, r4, 0x40000) ioctl$PPPIOCSMAXCID(r6, 0x40047451, &(0x7f0000000000)) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:51 executing program 3 (fault-call:5 fault-nth:47): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2948.346608] FAULT_INJECTION: forcing a failure. [ 2948.346608] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2948.372339] CPU: 1 PID: 19130 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2948.380284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2948.389652] Call Trace: [ 2948.392269] dump_stack+0x142/0x197 [ 2948.395931] should_fail.cold+0x10f/0x159 [ 2948.400108] ? __might_sleep+0x93/0xb0 [ 2948.404031] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2948.408733] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2948.413771] ? save_trace+0x290/0x290 [ 2948.417599] ? follow_page_pte+0x25e/0x1590 [ 2948.421957] alloc_pages_vma+0xc9/0x4c0 [ 2948.425958] __handle_mm_fault+0x186c/0x33d0 [ 2948.430392] ? copy_page_range+0x1de0/0x1de0 [ 2948.434819] ? find_held_lock+0x35/0x130 [ 2948.438896] ? handle_mm_fault+0x1b6/0x7c0 [ 2948.443166] handle_mm_fault+0x293/0x7c0 [ 2948.447253] __get_user_pages+0x465/0x12e0 [ 2948.451512] ? follow_page_mask+0x1630/0x1630 [ 2948.456040] ? lock_acquire+0x16f/0x430 [ 2948.460043] get_user_pages_unlocked+0x1f0/0x2f0 [ 2948.464819] ? get_user_pages_locked+0x3d0/0x3d0 [ 2948.470544] ? get_user_pages_fast+0x171/0x2d0 [ 2948.475152] get_user_pages_fast+0x228/0x2d0 [ 2948.479584] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2948.484352] ? save_trace+0x290/0x290 [ 2948.488177] iov_iter_get_pages+0x20f/0xd10 [ 2948.492520] ? __lock_is_held+0xb6/0x140 [ 2948.496598] ? check_preemption_disabled+0x3c/0x250 [ 2948.501639] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2948.506585] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2948.512062] af_alg_make_sg+0x85/0x400 [ 2948.515986] ? iov_iter_advance+0x218/0xc60 [ 2948.520343] ? af_alg_data_wakeup+0x80/0x80 [ 2948.524682] af_alg_get_rsgl+0x1d3/0x530 [ 2948.528771] skcipher_recvmsg+0x774/0xd30 [ 2948.532956] ? skcipher_release+0x50/0x50 [ 2948.537129] ? selinux_socket_recvmsg+0x36/0x40 [ 2948.541819] ? security_socket_recvmsg+0x91/0xc0 [ 2948.546590] ? skcipher_release+0x50/0x50 [ 2948.550757] sock_recvmsg+0xc6/0x110 [ 2948.554491] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2948.559533] ___sys_recvmsg+0x21f/0x4d0 [ 2948.563534] ? ___sys_sendmsg+0x840/0x840 [ 2948.567698] ? __fget+0x210/0x370 [ 2948.571251] ? lock_downgrade+0x740/0x740 [ 2948.575426] ? __fget+0x237/0x370 [ 2948.579054] ? __fget_light+0x172/0x1f0 [ 2948.583065] ? __fdget+0x1b/0x20 [ 2948.586447] ? sockfd_lookup_light+0xb4/0x160 [ 2948.590965] __sys_recvmsg+0xb6/0x140 [ 2948.594787] ? SyS_sendmmsg+0x60/0x60 [ 2948.598620] SyS_recvmsg+0x2d/0x50 [ 2948.602178] ? __sys_recvmsg+0x140/0x140 [ 2948.606250] do_syscall_64+0x1e8/0x640 [ 2948.610238] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2948.615107] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2948.620317] RIP: 0033:0x45a919 [ 2948.623510] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2948.631231] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2948.638519] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2948.645804] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2948.653089] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2948.660371] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:52 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='\x00\x00\x00\x00/f\x8e\xa9\rE', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:47:52 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0xffffffff, 0x800) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x420100) dup2(r3, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:47:52 executing program 3 (fault-call:5 fault-nth:48): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2948.832716] FAULT_INJECTION: forcing a failure. [ 2948.832716] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2948.855331] CPU: 1 PID: 19141 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2948.863271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2948.872639] Call Trace: [ 2948.875252] dump_stack+0x142/0x197 [ 2948.878910] should_fail.cold+0x10f/0x159 [ 2948.883077] ? __might_sleep+0x93/0xb0 [ 2948.886990] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2948.891687] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2948.896725] ? save_trace+0x290/0x290 [ 2948.900548] ? follow_page_pte+0x25e/0x1590 [ 2948.904897] alloc_pages_vma+0xc9/0x4c0 [ 2948.908898] __handle_mm_fault+0x186c/0x33d0 [ 2948.913332] ? copy_page_range+0x1de0/0x1de0 [ 2948.917762] ? find_held_lock+0x35/0x130 [ 2948.921843] ? handle_mm_fault+0x1b6/0x7c0 [ 2948.926112] handle_mm_fault+0x293/0x7c0 [ 2948.930206] __get_user_pages+0x465/0x12e0 [ 2948.934468] ? follow_page_mask+0x1630/0x1630 [ 2948.938995] ? lock_acquire+0x16f/0x430 [ 2948.943002] get_user_pages_unlocked+0x1f0/0x2f0 [ 2948.947786] ? get_user_pages_locked+0x3d0/0x3d0 [ 2948.952556] ? get_user_pages_fast+0x171/0x2d0 [ 2948.957192] get_user_pages_fast+0x228/0x2d0 [ 2948.961622] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2948.966397] ? save_trace+0x290/0x290 [ 2948.970222] iov_iter_get_pages+0x20f/0xd10 [ 2948.970234] ? __lock_is_held+0xb6/0x140 21:47:52 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x4000, 0x61) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2948.970241] ? check_preemption_disabled+0x3c/0x250 [ 2948.970253] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2948.970265] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2948.970282] af_alg_make_sg+0x85/0x400 [ 2948.970293] ? iov_iter_advance+0x218/0xc60 [ 2948.970304] ? af_alg_data_wakeup+0x80/0x80 [ 2948.970320] af_alg_get_rsgl+0x1d3/0x530 [ 2948.970341] skcipher_recvmsg+0x774/0xd30 [ 2948.970361] ? skcipher_release+0x50/0x50 [ 2948.970370] ? selinux_socket_recvmsg+0x36/0x40 [ 2948.970382] ? security_socket_recvmsg+0x91/0xc0 [ 2949.028411] ? skcipher_release+0x50/0x50 [ 2949.032581] sock_recvmsg+0xc6/0x110 [ 2949.036319] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2949.041363] ___sys_recvmsg+0x21f/0x4d0 [ 2949.045379] ? ___sys_sendmsg+0x840/0x840 [ 2949.049550] ? __fget+0x210/0x370 [ 2949.053029] ? lock_downgrade+0x740/0x740 [ 2949.057199] ? __fget+0x237/0x370 [ 2949.060679] ? __fget_light+0x172/0x1f0 [ 2949.064683] ? __fdget+0x1b/0x20 [ 2949.068071] ? sockfd_lookup_light+0xb4/0x160 [ 2949.072586] __sys_recvmsg+0xb6/0x140 [ 2949.076405] ? SyS_sendmmsg+0x60/0x60 [ 2949.080245] SyS_recvmsg+0x2d/0x50 21:47:52 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) r2 = semget(0x3, 0x0, 0x41) semctl$IPC_INFO(r2, 0x2, 0x3, &(0x7f0000000000)=""/2) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2949.083810] ? __sys_recvmsg+0x140/0x140 [ 2949.087887] do_syscall_64+0x1e8/0x640 [ 2949.091792] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2949.096662] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2949.101863] RIP: 0033:0x45a919 [ 2949.105061] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2949.112789] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2949.120073] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2949.127355] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2949.134650] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2949.141936] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:52 executing program 3 (fault-call:5 fault-nth:49): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:52 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="6f5352120d50d5df35f9e97fe1ba5ef348c3ee6c5948bc628fb1df65"]) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x8001) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x200) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r2, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r3, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(r3, &(0x7f0000000100)='net/raw\x00') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_EXPBUF(r4, 0xc0405610, &(0x7f0000000400)={0x5, 0x0, 0x0, 0x4000}) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) [ 2949.291273] FAULT_INJECTION: forcing a failure. [ 2949.291273] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2949.325925] CPU: 0 PID: 19158 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2949.333866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2949.343232] Call Trace: [ 2949.345852] dump_stack+0x142/0x197 [ 2949.349547] should_fail.cold+0x10f/0x159 [ 2949.353736] ? __might_sleep+0x93/0xb0 [ 2949.357655] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2949.362353] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2949.367393] ? save_trace+0x290/0x290 [ 2949.371216] ? follow_page_pte+0x25e/0x1590 [ 2949.375562] alloc_pages_vma+0xc9/0x4c0 [ 2949.379563] __handle_mm_fault+0x186c/0x33d0 [ 2949.383999] ? copy_page_range+0x1de0/0x1de0 [ 2949.388437] ? find_held_lock+0x35/0x130 [ 2949.392519] ? handle_mm_fault+0x1b6/0x7c0 [ 2949.396789] handle_mm_fault+0x293/0x7c0 [ 2949.400873] __get_user_pages+0x465/0x12e0 [ 2949.405137] ? follow_page_mask+0x1630/0x1630 [ 2949.409651] ? lock_acquire+0x16f/0x430 [ 2949.413649] get_user_pages_unlocked+0x1f0/0x2f0 [ 2949.418429] ? get_user_pages_locked+0x3d0/0x3d0 [ 2949.423201] ? get_user_pages_fast+0x171/0x2d0 [ 2949.427807] get_user_pages_fast+0x228/0x2d0 [ 2949.432237] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2949.437018] ? save_trace+0x290/0x290 [ 2949.440849] iov_iter_get_pages+0x20f/0xd10 [ 2949.445191] ? __lock_is_held+0xb6/0x140 [ 2949.449289] ? check_preemption_disabled+0x3c/0x250 [ 2949.454328] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2949.459273] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2949.464772] af_alg_make_sg+0x85/0x400 [ 2949.468679] ? iov_iter_advance+0x218/0xc60 [ 2949.473022] ? af_alg_data_wakeup+0x80/0x80 [ 2949.477393] af_alg_get_rsgl+0x1d3/0x530 [ 2949.481484] skcipher_recvmsg+0x774/0xd30 [ 2949.485659] ? skcipher_release+0x50/0x50 [ 2949.489837] ? selinux_socket_recvmsg+0x36/0x40 [ 2949.494528] ? security_socket_recvmsg+0x91/0xc0 [ 2949.499306] ? skcipher_release+0x50/0x50 [ 2949.503474] sock_recvmsg+0xc6/0x110 [ 2949.507205] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2949.512249] ___sys_recvmsg+0x21f/0x4d0 [ 2949.516257] ? ___sys_sendmsg+0x840/0x840 [ 2949.520437] ? __fget+0x210/0x370 [ 2949.523915] ? lock_downgrade+0x740/0x740 [ 2949.528096] ? __fget+0x237/0x370 [ 2949.531576] ? __fget_light+0x172/0x1f0 [ 2949.535569] ? __fdget+0x1b/0x20 [ 2949.538958] ? sockfd_lookup_light+0xb4/0x160 [ 2949.543475] __sys_recvmsg+0xb6/0x140 [ 2949.547414] ? SyS_sendmmsg+0x60/0x60 [ 2949.551250] SyS_recvmsg+0x2d/0x50 [ 2949.554807] ? __sys_recvmsg+0x140/0x140 [ 2949.558894] do_syscall_64+0x1e8/0x640 [ 2949.562801] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2949.567667] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2949.572870] RIP: 0033:0x45a919 [ 2949.576069] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2949.583881] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2949.591163] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2949.598448] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2949.605730] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2949.613015] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2949.635074] kauditd_printk_skb: 26 callbacks suppressed [ 2949.635084] audit: type=1800 audit(1577137673.019:708): pid=19154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17248 res=0 21:47:53 executing program 3 (fault-call:5 fault-nth:50): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2949.672602] audit: type=1804 audit(1577137673.059:709): pid=19154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1613/file0" dev="sda1" ino=17248 res=1 [ 2949.737898] FAULT_INJECTION: forcing a failure. [ 2949.737898] name failslab, interval 1, probability 0, space 0, times 0 [ 2949.755641] CPU: 1 PID: 19165 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2949.763571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2949.772942] Call Trace: [ 2949.775681] dump_stack+0x142/0x197 [ 2949.779345] should_fail.cold+0x10f/0x159 [ 2949.783533] should_failslab+0xdb/0x130 [ 2949.787527] __kmalloc+0x2f0/0x7a0 [ 2949.791084] ? af_alg_make_sg+0x2f7/0x400 [ 2949.795248] ? iov_iter_advance+0x218/0xc60 [ 2949.799587] ? sock_kmalloc+0x7f/0xc0 [ 2949.803415] sock_kmalloc+0x7f/0xc0 [ 2949.807062] af_alg_get_rsgl+0xca/0x530 [ 2949.811059] skcipher_recvmsg+0x774/0xd30 [ 2949.815242] ? skcipher_release+0x50/0x50 [ 2949.819412] ? selinux_socket_recvmsg+0x36/0x40 [ 2949.824116] ? security_socket_recvmsg+0x91/0xc0 [ 2949.828890] ? skcipher_release+0x50/0x50 [ 2949.833061] sock_recvmsg+0xc6/0x110 [ 2949.836800] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2949.841838] ___sys_recvmsg+0x21f/0x4d0 [ 2949.845842] ? ___sys_sendmsg+0x840/0x840 [ 2949.850016] ? __fget+0x210/0x370 [ 2949.853503] ? lock_downgrade+0x740/0x740 [ 2949.857684] ? __fget+0x237/0x370 [ 2949.861169] ? __fget_light+0x172/0x1f0 [ 2949.865166] ? __fdget+0x1b/0x20 [ 2949.868597] ? sockfd_lookup_light+0xb4/0x160 [ 2949.873114] __sys_recvmsg+0xb6/0x140 [ 2949.876933] ? SyS_sendmmsg+0x60/0x60 [ 2949.880788] SyS_recvmsg+0x2d/0x50 [ 2949.884470] ? __sys_recvmsg+0x140/0x140 [ 2949.888569] do_syscall_64+0x1e8/0x640 [ 2949.892606] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2949.897488] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2949.902697] RIP: 0033:0x45a919 [ 2949.905904] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2949.913638] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2949.920922] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2949.928207] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2949.935496] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2949.942784] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:54 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r2, 0xc05c5340, &(0x7f00000000c0)={0xffff, 0x2, 0x1, {0x9, 0x4}, 0x3, 0xd6ba}) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:54 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:47:54 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x9) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:54 executing program 3 (fault-call:5 fault-nth:51): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2951.148126] audit: type=1800 audit(1577137674.529:710): pid=19171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17264 res=0 [ 2951.191586] FAULT_INJECTION: forcing a failure. [ 2951.191586] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2951.208007] audit: type=1804 audit(1577137674.559:711): pid=19171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1614/file0" dev="sda1" ino=17264 res=1 [ 2951.246405] CPU: 0 PID: 19175 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2951.254360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2951.263864] Call Trace: [ 2951.266336] vivid-004: kernel_thread() failed [ 2951.266511] dump_stack+0x142/0x197 [ 2951.274649] should_fail.cold+0x10f/0x159 [ 2951.278814] ? __might_sleep+0x93/0xb0 [ 2951.282718] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2951.287411] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2951.292447] ? save_trace+0x290/0x290 [ 2951.296270] ? follow_page_pte+0x25e/0x1590 [ 2951.300618] alloc_pages_vma+0xc9/0x4c0 [ 2951.304634] __handle_mm_fault+0x186c/0x33d0 [ 2951.309070] ? copy_page_range+0x1de0/0x1de0 [ 2951.313499] ? find_held_lock+0x35/0x130 [ 2951.317590] ? handle_mm_fault+0x1b6/0x7c0 [ 2951.321867] handle_mm_fault+0x293/0x7c0 [ 2951.325956] __get_user_pages+0x465/0x12e0 [ 2951.330225] ? follow_page_mask+0x1630/0x1630 [ 2951.334744] ? lock_acquire+0x16f/0x430 [ 2951.338752] get_user_pages_unlocked+0x1f0/0x2f0 [ 2951.343674] ? get_user_pages_locked+0x3d0/0x3d0 [ 2951.348476] ? get_user_pages_fast+0x171/0x2d0 [ 2951.353085] get_user_pages_fast+0x228/0x2d0 [ 2951.357529] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2951.362452] ? save_trace+0x290/0x290 [ 2951.366281] iov_iter_get_pages+0x20f/0xd10 [ 2951.370627] ? __lock_is_held+0xb6/0x140 [ 2951.374805] ? check_preemption_disabled+0x3c/0x250 [ 2951.379855] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2951.384809] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2951.390296] af_alg_make_sg+0x85/0x400 [ 2951.394207] ? iov_iter_advance+0x218/0xc60 [ 2951.398547] ? af_alg_data_wakeup+0x80/0x80 [ 2951.403013] af_alg_get_rsgl+0x1d3/0x530 [ 2951.407117] skcipher_recvmsg+0x774/0xd30 [ 2951.411305] ? skcipher_release+0x50/0x50 [ 2951.415477] ? selinux_socket_recvmsg+0x36/0x40 [ 2951.420412] ? security_socket_recvmsg+0x91/0xc0 [ 2951.425188] ? skcipher_release+0x50/0x50 [ 2951.429406] sock_recvmsg+0xc6/0x110 [ 2951.433168] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2951.438218] ___sys_recvmsg+0x21f/0x4d0 [ 2951.442230] ? ___sys_sendmsg+0x840/0x840 [ 2951.446405] ? __fget+0x210/0x370 [ 2951.449887] ? lock_downgrade+0x740/0x740 [ 2951.454058] ? __fget+0x237/0x370 [ 2951.457645] ? __fget_light+0x172/0x1f0 [ 2951.461652] ? __fdget+0x1b/0x20 [ 2951.465040] ? sockfd_lookup_light+0xb4/0x160 [ 2951.469562] __sys_recvmsg+0xb6/0x140 [ 2951.473389] ? SyS_sendmmsg+0x60/0x60 [ 2951.477226] SyS_recvmsg+0x2d/0x50 [ 2951.480814] ? __sys_recvmsg+0x140/0x140 [ 2951.484896] do_syscall_64+0x1e8/0x640 [ 2951.488807] ? trace_hardirqs_off_thunk+0x1a/0x1c 21:47:54 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x80000014}, &(0x7f0000000040)=0x0) syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x0, 0x2) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_S_JPEGCOMP(r3, 0x408c563e, &(0x7f00000000c0)={0xffffffff, 0x9, 0xd, "c9aca656ebeef28eb092f31b179e85f948082986d887ad6f383395e06da332276ca183a79105cd996ea39c0b1384b726d41d17b05f124b9249741451", 0x37, "36393e8a4240654529850e068290e32cbd81241e6528f19fa0f08656a296f3baa59fcef018b7d3cb81ee1dca4a6e6e8ca5b822a9951e461babad7aab", 0x20}) [ 2951.493679] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2951.498882] RIP: 0033:0x45a919 [ 2951.502081] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2951.509801] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2951.517083] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2951.524366] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2951.531648] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2951.538932] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2951.613057] audit: type=1800 audit(1577137674.569:712): pid=19171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17264 res=0 [ 2951.675449] audit: type=1804 audit(1577137674.579:713): pid=19171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1614/file0" dev="sda1" ino=17264 res=1 21:47:55 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x323801, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000300)={0x0, 0xfe, "1abb0ea2dd1af1fee62f786a7e21da503a9af1347ed595818f1fcfb1ca25f06fbda769ec9a910310bfa43aa1e07d1164885cd7d0f41314f486ded47f879c300da815d12342b023be5547fe98119972d0eb6efc85fedc6875522c7f08cb34e9f299f45f33d09e1aca2eb18f6cb83a318e87deae6c4ebdfebd0cc75bac966c8bc16388decb37a0a304925725947c5aa492ed722b3a295740ae0a37a98c6a63cc80d89dad91d490eced4cf28d340ae341600d2cb23d2f14e3247e51f071cbfce24f4b23125961ca83a2ecf611041e33c888cab45ca6cfa6b01cda5ce547d73712fb3a84b41dd3d58804732eff1f1c2c259a18171993e4d73fdffde50358613c"}, &(0x7f0000000080)=0x106) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000440)={r2, @in6={{0xa, 0x4e23, 0x10000, @empty, 0x9}}, 0x2, 0x32}, &(0x7f0000000280)=0x90) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x1, 0x0) ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000000140)={{0x277065c2d1b3da3c, 0xe001, 0x8, 0x71, 0x1, 0x1, 0x1, 0xff, 0x0, 0x5f, 0x0, 0x3}, {0x0, 0x1000, 0xf, 0x7, 0x3, 0x3, 0x9, 0x7, 0x80, 0x93, 0x81, 0x2}, {0x0, 0x2000, 0x4, 0x7f, 0x0, 0xd, 0xef, 0x1, 0x20, 0x5, 0x1f, 0x4}, {0x2, 0xf000, 0x0, 0x9, 0x9, 0x40, 0x1, 0x5, 0x0, 0x40, 0x2, 0x4}, {0x3000, 0x1000, 0xf, 0x6, 0x80, 0x8, 0x2, 0x4, 0x80, 0x7f, 0x1f, 0x9}, {0x1000, 0xf000, 0x8, 0x74, 0x81, 0xff, 0x7f, 0x4, 0x3, 0x4, 0x1, 0xfe}, {0x100005, 0x2, 0x0, 0xea, 0x5, 0x1f, 0x40, 0x8, 0x0, 0x8, 0x2, 0x3f}, {0x5000, 0x6000, 0x4, 0x9, 0x7, 0x6, 0x81, 0x0, 0x4, 0x81, 0x80, 0x10}, {0x5000, 0x5004}, {0x0, 0x1000}, 0x31, 0x0, 0x2000, 0x2000, 0xf, 0x1000, 0x0, [0x8f, 0x7463, 0x3ff, 0x1]}) ioctl$int_in(r4, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r4, 0xa, 0x12) recvmmsg(r5, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r4, r5) fcntl$setown(r5, 0x8, r3) tkill(r3, 0x16) 21:47:55 executing program 3 (fault-call:5 fault-nth:52): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:55 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') read$fb(0xffffffffffffffff, &(0x7f0000000140)=""/100, 0x64) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_SIOCOUTQNSD(r4, 0x894b, &(0x7f00000002c0)) getsockopt$bt_l2cap_L2CAP_LM(r3, 0x6, 0x3, &(0x7f00000001c0), &(0x7f0000000280)=0x4) preadv(r2, &(0x7f00000017c0), 0x199, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000000)={0x20000000000000b0, &(0x7f0000000280)}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r2, 0x4010641c, &(0x7f0000000240)={0x0, &(0x7f0000000080)=""/13}) open$dir(&(0x7f0000000300)='./file0/file0\x00', 0x402004, 0x200) sendfile(r0, r1, 0x0, 0x9546) 21:47:55 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) preadv(r1, &(0x7f0000000100), 0x1000000000000158, 0x40a32) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$PPPIOCGDEBUG(r4, 0x80047441, &(0x7f0000000040)) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) [ 2951.927309] audit: type=1800 audit(1577137675.309:714): pid=19191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17542 res=0 [ 2951.959261] FAULT_INJECTION: forcing a failure. [ 2951.959261] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2951.985937] CPU: 1 PID: 19193 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2951.993886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2952.003256] Call Trace: [ 2952.005874] dump_stack+0x142/0x197 [ 2952.009534] should_fail.cold+0x10f/0x159 [ 2952.013709] ? __might_sleep+0x93/0xb0 [ 2952.017634] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2952.017864] audit: type=1804 audit(1577137675.339:715): pid=19191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1615/file0" dev="sda1" ino=17542 res=1 [ 2952.022325] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2952.022341] ? save_trace+0x290/0x290 [ 2952.022357] ? follow_page_pte+0x25e/0x1590 [ 2952.022380] alloc_pages_vma+0xc9/0x4c0 [ 2952.022396] __handle_mm_fault+0x186c/0x33d0 [ 2952.022413] ? copy_page_range+0x1de0/0x1de0 [ 2952.022425] ? find_held_lock+0x35/0x130 [ 2952.022436] ? handle_mm_fault+0x1b6/0x7c0 [ 2952.022459] handle_mm_fault+0x293/0x7c0 [ 2952.088177] __get_user_pages+0x465/0x12e0 [ 2952.092436] ? follow_page_mask+0x1630/0x1630 [ 2952.096954] ? lock_acquire+0x16f/0x430 [ 2952.100957] get_user_pages_unlocked+0x1f0/0x2f0 [ 2952.105743] ? get_user_pages_locked+0x3d0/0x3d0 [ 2952.110521] ? get_user_pages_fast+0x171/0x2d0 [ 2952.115134] get_user_pages_fast+0x228/0x2d0 [ 2952.119567] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2952.124341] ? save_trace+0x290/0x290 [ 2952.128163] iov_iter_get_pages+0x20f/0xd10 [ 2952.132508] ? __lock_is_held+0xb6/0x140 [ 2952.136587] ? check_preemption_disabled+0x3c/0x250 [ 2952.138357] audit: type=1800 audit(1577137675.519:716): pid=19191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17542 res=0 [ 2952.141614] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2952.141627] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2952.141641] af_alg_make_sg+0x85/0x400 [ 2952.141652] ? iov_iter_advance+0x218/0xc60 [ 2952.141662] ? af_alg_data_wakeup+0x80/0x80 [ 2952.141676] af_alg_get_rsgl+0x1d3/0x530 [ 2952.141694] skcipher_recvmsg+0x774/0xd30 [ 2952.195931] ? skcipher_release+0x50/0x50 [ 2952.196994] audit: type=1804 audit(1577137675.559:717): pid=19191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1615/file0" dev="sda1" ino=17542 res=1 [ 2952.200089] ? selinux_socket_recvmsg+0x36/0x40 [ 2952.200102] ? security_socket_recvmsg+0x91/0xc0 [ 2952.200113] ? skcipher_release+0x50/0x50 [ 2952.200126] sock_recvmsg+0xc6/0x110 [ 2952.200136] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2952.200148] ___sys_recvmsg+0x21f/0x4d0 [ 2952.200164] ? ___sys_sendmsg+0x840/0x840 [ 2952.200175] ? __fget+0x210/0x370 [ 2952.200194] ? lock_downgrade+0x740/0x740 [ 2952.200209] ? __fget+0x237/0x370 [ 2952.200225] ? __fget_light+0x172/0x1f0 [ 2952.200237] ? __fdget+0x1b/0x20 [ 2952.276403] ? sockfd_lookup_light+0xb4/0x160 [ 2952.280934] __sys_recvmsg+0xb6/0x140 [ 2952.284759] ? SyS_sendmmsg+0x60/0x60 [ 2952.288613] SyS_recvmsg+0x2d/0x50 [ 2952.292186] ? __sys_recvmsg+0x140/0x140 [ 2952.296525] do_syscall_64+0x1e8/0x640 [ 2952.300441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2952.305324] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2952.310542] RIP: 0033:0x45a919 [ 2952.313747] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2952.321471] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2952.328754] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:47:55 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000140)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f45039aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412de26f6cc10356da648a13aa605e362cfb4658e137df0b2d666985dfd3e8031d2119e2419ecbf055903", 0x21e) unlink(&(0x7f0000000040)='./file0\x00') ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x102}) sendfile(r0, r1, 0x0, 0x9546) [ 2952.336039] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2952.343327] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2952.350615] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:55 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) fcntl$setlease(r3, 0x400, 0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:47:55 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="3bf9b0b0dae0ba4431a17fd6b61e628af4bd", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC, @ANYBLOB=',\x00']) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/162, 0xa2}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) r3 = dup(r0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r5) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuse(0x0, &(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000280)='fuse\x00', 0x8c8, &(0x7f00000004c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r5}, 0x2c, {'group_id', 0x3d, r6}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x4}}, {@allow_other='allow_other'}, {@blksize={'blksize', 0x3d, 0xc00}}, {@allow_other='allow_other'}, {@allow_other='allow_other'}], [{@fsname={'fsname', 0x3d, '/dev/fuse\x00'}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}]}}) ioctl$VIDIOC_SUBDEV_S_SELECTION(r2, 0xc040563e, &(0x7f0000000040)={0x1, 0x0, 0x100, 0x0, {0x40000000, 0x1f, 0xc8, 0x2}}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:47:55 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) write(r2, &(0x7f0000000000)="96c742ed83fdd6c47c4ed7f08c3a4eb5bd", 0x11) sendfile(r0, r1, 0x0, 0x9546) 21:47:55 executing program 3 (fault-call:5 fault-nth:53): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2952.501078] FAULT_INJECTION: forcing a failure. [ 2952.501078] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2952.529010] CPU: 0 PID: 19211 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2952.536957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2952.546436] Call Trace: [ 2952.549047] dump_stack+0x142/0x197 [ 2952.552716] should_fail.cold+0x10f/0x159 [ 2952.556891] ? __might_sleep+0x93/0xb0 [ 2952.560812] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2952.565529] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2952.570574] ? save_trace+0x290/0x290 [ 2952.574399] ? follow_page_pte+0x25e/0x1590 [ 2952.578759] alloc_pages_vma+0xc9/0x4c0 [ 2952.582771] __handle_mm_fault+0x186c/0x33d0 [ 2952.587214] ? copy_page_range+0x1de0/0x1de0 [ 2952.591651] ? find_held_lock+0x35/0x130 [ 2952.595741] ? handle_mm_fault+0x1b6/0x7c0 [ 2952.600014] handle_mm_fault+0x293/0x7c0 [ 2952.604099] __get_user_pages+0x465/0x12e0 [ 2952.608363] ? follow_page_mask+0x1630/0x1630 [ 2952.612882] ? lock_acquire+0x16f/0x430 [ 2952.616892] get_user_pages_unlocked+0x1f0/0x2f0 [ 2952.621677] ? get_user_pages_locked+0x3d0/0x3d0 [ 2952.626451] ? get_user_pages_fast+0x171/0x2d0 [ 2952.631056] get_user_pages_fast+0x228/0x2d0 [ 2952.635488] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2952.640263] ? save_trace+0x290/0x290 [ 2952.644091] iov_iter_get_pages+0x20f/0xd10 [ 2952.648438] ? __lock_is_held+0xb6/0x140 [ 2952.652517] ? check_preemption_disabled+0x3c/0x250 [ 2952.657559] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2952.662518] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2952.667999] af_alg_make_sg+0x85/0x400 [ 2952.671910] ? iov_iter_advance+0x218/0xc60 [ 2952.676256] ? af_alg_data_wakeup+0x80/0x80 [ 2952.680608] af_alg_get_rsgl+0x1d3/0x530 [ 2952.684702] skcipher_recvmsg+0x774/0xd30 [ 2952.688878] ? skcipher_release+0x50/0x50 [ 2952.693045] ? selinux_socket_recvmsg+0x36/0x40 [ 2952.697733] ? security_socket_recvmsg+0x91/0xc0 [ 2952.702512] ? skcipher_release+0x50/0x50 [ 2952.706685] sock_recvmsg+0xc6/0x110 [ 2952.710422] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2952.715461] ___sys_recvmsg+0x21f/0x4d0 [ 2952.719464] ? ___sys_sendmsg+0x840/0x840 [ 2952.723643] ? __fget+0x210/0x370 [ 2952.727133] ? lock_downgrade+0x740/0x740 [ 2952.731312] ? __fget+0x237/0x370 [ 2952.734802] ? __fget_light+0x172/0x1f0 [ 2952.738808] ? __fdget+0x1b/0x20 [ 2952.742194] ? sockfd_lookup_light+0xb4/0x160 [ 2952.746711] __sys_recvmsg+0xb6/0x140 [ 2952.750532] ? SyS_sendmmsg+0x60/0x60 [ 2952.754372] SyS_recvmsg+0x2d/0x50 [ 2952.758053] ? __sys_recvmsg+0x140/0x140 [ 2952.762140] do_syscall_64+0x1e8/0x640 [ 2952.766064] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2952.770941] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2952.776154] RIP: 0033:0x45a919 [ 2952.779358] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2952.787169] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2952.794462] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:47:56 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="0b361b10000000feffffff020020deffffff00"], 0x10) [ 2952.801751] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2952.809036] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2952.816319] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:56 executing program 3 (fault-call:5 fault-nth:54): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:56 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/\x7f\x84v/vba#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r1, 0x1000000) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f0000000240)={'NETMAP\x00'}, &(0x7f0000000280)=0x1e) ioctl$PIO_FONT(0xffffffffffffffff, 0x4b61, &(0x7f0000000080)="dcdaa3cbecb29f2f1bac1e8329ee6696a1bb5c40d4a646fb54fb7ec3") getrusage(0x0, &(0x7f00000000c0)) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/netlink\x00') preadv(r4, &(0x7f0000000300)=[{&(0x7f0000000440)=""/98, 0x62}, {&(0x7f00000004c0)=""/73, 0x49}], 0x2, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2952.939429] FAULT_INJECTION: forcing a failure. [ 2952.939429] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2952.952234] CPU: 0 PID: 19222 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2952.960157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2952.969534] Call Trace: [ 2952.972148] dump_stack+0x142/0x197 [ 2952.975810] should_fail.cold+0x10f/0x159 [ 2952.979976] ? __might_sleep+0x93/0xb0 [ 2952.983894] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2952.988594] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2952.993635] ? save_trace+0x290/0x290 [ 2952.997464] ? follow_page_pte+0x25e/0x1590 [ 2953.001814] alloc_pages_vma+0xc9/0x4c0 [ 2953.005820] __handle_mm_fault+0x186c/0x33d0 [ 2953.010259] ? copy_page_range+0x1de0/0x1de0 [ 2953.014690] ? find_held_lock+0x35/0x130 [ 2953.018772] ? handle_mm_fault+0x1b6/0x7c0 [ 2953.023045] handle_mm_fault+0x293/0x7c0 [ 2953.027128] __get_user_pages+0x465/0x12e0 [ 2953.031403] ? follow_page_mask+0x1630/0x1630 [ 2953.035926] ? lock_acquire+0x16f/0x430 [ 2953.039931] get_user_pages_unlocked+0x1f0/0x2f0 [ 2953.044716] ? get_user_pages_locked+0x3d0/0x3d0 [ 2953.049495] ? get_user_pages_fast+0x171/0x2d0 [ 2953.054102] get_user_pages_fast+0x228/0x2d0 [ 2953.058537] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2953.063315] ? save_trace+0x290/0x290 [ 2953.067160] iov_iter_get_pages+0x20f/0xd10 [ 2953.071506] ? __lock_is_held+0xb6/0x140 [ 2953.075601] ? check_preemption_disabled+0x3c/0x250 [ 2953.080642] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2953.085596] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2953.091076] af_alg_make_sg+0x85/0x400 [ 2953.094986] ? iov_iter_advance+0x218/0xc60 [ 2953.099331] ? af_alg_data_wakeup+0x80/0x80 [ 2953.103681] af_alg_get_rsgl+0x1d3/0x530 [ 2953.107782] skcipher_recvmsg+0x774/0xd30 [ 2953.111965] ? skcipher_release+0x50/0x50 [ 2953.116132] ? selinux_socket_recvmsg+0x36/0x40 [ 2953.120875] ? security_socket_recvmsg+0x91/0xc0 [ 2953.125799] ? skcipher_release+0x50/0x50 [ 2953.129978] sock_recvmsg+0xc6/0x110 [ 2953.133720] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2953.138912] ___sys_recvmsg+0x21f/0x4d0 [ 2953.142934] ? ___sys_sendmsg+0x840/0x840 [ 2953.147119] ? __fget+0x210/0x370 [ 2953.150610] ? lock_downgrade+0x740/0x740 [ 2953.154795] ? __fget+0x237/0x370 [ 2953.158279] ? __fget_light+0x172/0x1f0 [ 2953.162277] ? __fdget+0x1b/0x20 [ 2953.165664] ? sockfd_lookup_light+0xb4/0x160 [ 2953.170184] __sys_recvmsg+0xb6/0x140 [ 2953.174009] ? SyS_sendmmsg+0x60/0x60 [ 2953.177846] SyS_recvmsg+0x2d/0x50 [ 2953.181402] ? __sys_recvmsg+0x140/0x140 [ 2953.185485] do_syscall_64+0x1e8/0x640 [ 2953.189391] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2953.194260] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2953.199470] RIP: 0033:0x45a919 [ 2953.202677] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2953.210402] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2953.217698] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2953.224985] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2953.232275] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2953.239557] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 21:47:58 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) bind$pptp(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x2, {0x1, @broadcast}}, 0x1e) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) 21:47:58 executing program 3 (fault-call:5 fault-nth:55): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:58 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000004f80)={@local, 0x0}, &(0x7f0000004fc0)=0x14) clock_gettime(0x0, &(0x7f0000006940)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f00000068c0)=[{{&(0x7f00000064c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast2}}, 0x80, &(0x7f0000006640)=[{&(0x7f0000006540)=""/192, 0xc0}, {&(0x7f0000006600)=""/29, 0x1d}], 0x2, &(0x7f0000006680)=""/89, 0x59}, 0x7}, {{&(0x7f0000006700)=@can={0x1d, 0x0}, 0x80, &(0x7f0000006840)=[{&(0x7f0000006780)=""/139, 0x8b}], 0x1, &(0x7f0000006880)=""/46, 0x2e}, 0x72}], 0x2, 0x2, &(0x7f0000006980)={r3, r4+10000000}) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r9, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="500000002900210400"/20, @ANYRES32=r9, @ANYBLOB="00000000ffffffff000000000c0080eb8600000075701000200002001c0002000500000000000800050062706600040002000400060000ff156569735843de8b4c1ef779b8d8f7bf7afb33e23753792ac1f351b2483d67b19c323679afde2698ebe5f83bc5b1d2c1df41944400193870e465324b63063fc06b6d0e583c75ba0a6d8da2ca131e39aeef0f"], 0x50}}, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket$netlink(0x10, 0x3, 0x0) r12 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r13}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r13, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="500000002900210400"/20, @ANYRES32=r13, @ANYBLOB="00000000ffffffff000000000c0080eb8600000075701000200002001c0002000500000000000800050062706600040002000400060000ff156569735843de8b4c1ef779b8d8f7bf7afb33e23753792ac1f351b2483d67b19c323679afde2698ebe5f83bc5b1d2c1df41944400193870e465324b63063fc06b6d0e583c75ba0a6d8da2ca131e39aeef0f"], 0x50}}, 0x0) r14 = socket$nl_route(0x10, 0x3, 0x0) r15 = socket$netlink(0x10, 0x3, 0x0) r16 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r16, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r15, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r17}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r14, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r17, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r15, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="500000002900210400"/20, @ANYRES32=r17, @ANYBLOB="00000000ffffffff000000000c0080eb8600000075701000200002001c0002000500000000000800050062706600040002000400060000ff156569735843de8b4c1ef779b8d8f7bf7afb33e23753792ac1f351b2483d67b19c323679afde2698ebe5f83bc5b1d2c1df41944400193870e465324b63063fc06b6d0e583c75ba0a6d8da2ca131e39aeef0f"], 0x50}}, 0x0) sendmmsg$inet(r1, &(0x7f000000a340)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000380)="f9f25c912cbbf90d6e6d2ceb61ef1108dbb241a2747c88624d0831b6ba9185ff035d34a247545248d2ea93a0bbf2fb4a6b1c12a2f88ca8aecd7540b037e9515221ff0b0897b6fd166b6c1c796baef5298a5fe4e18a8cd1de17bebe9ee57b118074c786505727725a6bca2d1ee4f970bc5fc8cea5569d8ee9de6002334da7e4c26312d35fd8901cf00d53dbbcdd6f0c9c0177d35eee84ebcc62", 0x99}, {&(0x7f0000000500)="55f5d7e6a8c6e34bf4f9caee1235813d6c43ef89115464662a5e4d7bccb746c78df01867fad5575dd26c5cc238dfb4bfdbfce3f7e0e34e183a9d3632232a15c9dfdf816ad95b41a648e2151eb87b3029341add4c61d05ed0106b1c72626bab277917bd8bd59a491f76bbdd7d3241114ea651359fa24cb4fecb6e501a8f308bb64c50736039ff44a81a5909fa8dfcad2e46a9a49be980c0fc2fdef41e66aba84f99a4d203373fc42a063d7493a7b93abbadfcc356bd3f360dcde26a3791e1ff43720d58bc8c469f9173ce7de67540ab1e", 0xd0}, {&(0x7f00000006c0)="3866c42508e94caad75e812dad69acec8ed30c50b6d96b241bd2a1a7e3a1e6173a8be79a5278566e3e533227a07ed6ac1d8cb54dcccf7601e36e4c6d4d1689068f699ae200db3c00566ff33be38d638c14ac0a56c9331bb90ba03b6050e63b9a5b7905fa669c8dfda1b76d5885ad43eee49b9ea717f9", 0x76}, {&(0x7f0000000040)="724279a394572571dc74f8811d3ad7c1adae85277aacda7eab5ed968ed0a6719c369f4b8fa2152c1a3a378", 0x2b}, {&(0x7f0000000780)="1b44b141904701f09e673cffa1254505240bd918e33b94021b654f26eee4d5308cbff2645498bc45790efe8cea358b7e6f75d1406c01b2ff4a4bd11c0d04cd120f24da13726e033d95bc491ad063c9c6efd9a5bdcc60338415336ecde8130efb30caefa6f666af6d9979959b666c5d3c957dc2f222e8a064f657abe5ae4942811af2911351dfcdf238393a96f03108766dd9ab70ab", 0x95}, {&(0x7f0000000840)="00377d7196d759a15419a12dea52c8280a7b57f0eb39284d966b209d1120dcfe20ebdd7aafac66c104976ca26fadf7cafdfe6e4d65d2f6b87d0af4922935f5b9dff05c6efd959be4602ff12812ce986c3dcd37c0c0ed7ae829e9f72febf16b6a35ecd20fc403c73a8634d00a3181a813894c96", 0x73}], 0x6, &(0x7f0000000940)=[@ip_retopts={{0x5c, 0x0, 0x7, {[@lsrr={0x83, 0x1b, 0x8, [@dev={0xac, 0x14, 0x14, 0xb}, @rand_addr=0x6, @remote, @multicast1, @multicast1, @dev={0xac, 0x14, 0x14, 0x23}]}, @noop, @cipso={0x86, 0xf, 0x80, [{0x5, 0x9, "f1d2e07c68e618"}]}, @end, @end, @generic={0x82, 0x11, "4265ec6119c039dc3708fd189bd119"}, @lsrr={0x83, 0xb, 0xff, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0xca1d}}], 0xa8}}, {{&(0x7f0000000100)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000a00)="acccceffdb9049f67870a3bd1472adffbbaab41e9fa62f8c7d1c030aa5d688ca594d4bd1ec3f60703f7cf8d486d325f5ec4d4b7bcdc98df3f72d3189188bddd739138610940f0589e6089fde2965f6d13c1b33a70ca2d66ca5a93bcd0c9dc7cf7b5e7529589ffba66819c19b297a3e98dc33127854f77ee1f628d8f81f80462670305a17bd436e035290619dd80f830fc17cebaeae33c9831df2a211718fa7a98aae92751a4087496ab912ea719dadfcf3c04a09358d183d39b7c64a0608c1b53bd53562086a312ec35dc0c119dbf04183f53462095ea01937aa225ea0f524ba97ed6c081bcd0c347421974b33fad7e8231b3591828862070fe48a2214bbc72c3c966bf3bbd8bd394aa475ddc795dbf0d51e3bd23d704d921148d46d83044c53bc880be7a3b4da9e5a662f1106d6a177714fb3fa3e86b8f60ba6e956101b51e7e70f36ebdfc32038d8a676740a337d6eea8af25403cc483f1fd63aa754973ea142e8ae821b0dd953dd3c81946f61b669fc66b13e52621b52975353e9e9c0e55f35ee54ef7774e25b5ca6d53fb92318b2c9e0dd51e2ba42dc50b7635856561a78a2eab2e0678d2325f21b883ef5d2bf98d19d7d2be1570ebe0a2aa68cd29a87a42cdeb2b5736a79ea4dfebb8d858c3d92bf6d57dd7592b7c729c5a8d2a3712f14a784617847f2ddeba44f87e5dad73e5aaa79b1871e87c2cdc641585e36833f120cb1a4e72b146441646cdf2bcb068da8a8a57c846347f8a2548629358957d741dc3637fb0b1aa8558f29e4a5866483558431a1bc8e88020d51cf699d29fc956814468dc34f4608b24ba23c34a86b167a5229cac35d47f2b7a9e85bfd2b20f6293bb98acee44cc3c0b0c3934e1a0296fa4cf6064d294a9a576fe046276bf72b0fb647389e7db3d35acf9028d9bd0fb5d2ad816a21b80468da898d2feeca97fa51c650f07161e74428e5f0968dbd4c285794d592bf833dfac9cf2de994dbbda13bf746c7d6cbddfe76d8cbc6d007113264d73e5706acf24c701326f6da0ecbb3adc219841420e49509588b6381e22780f19193320fac1075fadd4661f8758180c8093defcbc8a5d12c87d82cc9fbe48033d356bbd97543519df92ab6e5338dbbc97dde0885ef9475bc001447421079995b3711994159ab33e0ffb288849bab1f1b43f139bc899abd772ee81b9d9701e5b88349d8104bb14d1897d6c551ef70975310be1d869c1b813d5b1ec622920710cb48768bc73f31dfd409843017526655538257deaa0203e9f4be9ff24cfe0c6e9d5f6a42762436aade01b8e638f40ef79de2e46c49e5d83c408000023a224706e5dcb9a4f33ea92763fe1f97ea24fcee6a3f4257adcc5d91d70551c258f692269da1a9841938e63096ca2bb5af90ec7168532b2dce7b8f4da817e965b0fe277e7d8da06b66cf63c1e6c1bbe3b9d8fd9f22db44749a9dcf366815668457ca341a51658768d123d664db572e65ff648288ac11850c2e44ef2e9e9cb4b83c72701f7a36d4bb7d17a65c9f81a9e7eab4408e41e0988ae0333697d7308698625cd905c995f47958444c6883b987465220d713f16a28310324aff3b285760190577d1940f88d4281cd94bed5c385534f7a6a49ed027f7196e2e7876ffeee2ab77bd6bcda8423146c3204113ac3273d1b49947583e3ed2d91bd2ce8f5813ded8fa40b8949c6aca8ca91d790e529dbfd2e5b1871419e67878940016ad727916eb2ecbaf63b61469080f766b501b84c792d5021a2dde5d94702cd0b410026f20572bf46bf1fe9bd4de5d2e36ad63646d82f48f97945cd7e12cc4e138ba6d65748a106005434f76d03f7d797990596fffa60146c6f12982c5d34af224c3da61dfe6c1196e760ea688cb920905f41c5938fc608251ee193bbe9dc62adafb42be52bc911343120d413a736f1a930751d917f0de4dda10e0684c041fe1679ef5be5514236a00ae7482501a647754decdd3b5c341e1247971f001332164350bfea0ac764c913c680ff9cc1ca4215c886218673c5629bf200cbbde09e07f07b3f23dfc4d51c2e4df8ccbcfd79430b457fcc468fdcff3c5e9a08e33344e61215ec04f0fe90356be4b9b7292fc7bb1fd6745c58a9c019420d789240f09284e15a73a1aa99783abfbf024827506b3877ea42b80d2bf981b6e3a104560632be0f24ead63881fa774ede55ff7172507676778ac56e426d9df56b94764f1acf54696e9e575857f0f23b0a11bb1d46961bdfb816695ccd8f5983ff3a8c183707486e38762a2a448eed86a2ab82ff22b83f239471700f9e03c7b1560d6448ad4506271146dba2e84a42ff2f07956f56e31763f1d01ec1e5b5c5bf4d1c6c545445957514eaa19578cea53d8d7e6cda7e2bd872e3d268d1f57ba55855a618897cf401d9edf80dbae9cf9f686487f5451525ea6f7335c76a31e5ac301fb821fdc0212936becaf6cdd7e759187d57284a6400d9a4e8d971574078fb7e59e73929c011af428ed462860f2497d51d919ca7ac2397951b1e9adec5e20caf42a2ef75b80e98206d6b80a59ccf050a00a94eac20980a4ef54ec6d467dc13e88f7dbd87fbb252e04e9e1b33212f279430cdda06d01236096a27ead086a8129519efea021f14a15cdfde096ecf8cd519a2e9f7d9fe0aebb3456fbd035a8c8866cc702a94cc71cbcbca6ac8b9b0a5041be64e7a674085dc9f2da746d503fdb6b211c734f3a3050664a098ee1c2df64cac1f3784f80d75d5f5b7d97d315c80f4c31f213955b7e1d888270eb8949b07b0d6782abac0bf6d9e324f0a8a8cc7cead40766b0cb586143b645fcf1a18ad6786b71767dd22a3079777229b065202f5f9a1af9c583b7d7a442963d2e438bb098cc1ff5883faf3032777c9b05bd54b72bf89d6e94f7d45b41312d53ffd5fb3e21059a80e5eeceffb19dda039b210829b0c64a5088d81f006aa1f3af93ec5649c48f8a247a7ed4eb6d22855aaf6c4f43a72350dc30dcb9954f3907c0bd18448c067d19761163b6d578c8c9f98eb34685042b9bba63ffe0bbc19109e1ca83ffdd1da67bccbe29ce442e842558fd90b264e9a6faf5c9e953794ee4b3e84009dc6f638c0c3cce57a89bee5be7b0af4bcac87794be7ab50bcff56e30e6ce204c2bf4a06976fa1205c0df7056cf9981d569762b906e4dd726705c695af792aad72d60acedc480cda62999e772d357e90ffcd7226d3d383bc3268397dac61c3317e21a733861f1b77d66655ed27fccca3d9b46061e16817e100eef4dd146fd66a44a5eada2411cb2e65a3302486489caa2f4460123012c90c1f0e1832d7a7970789f7dcb48abbcd52f182caab92f9ab507f3d5f1ba2e0db7068fefdf961fdb73106e98c108fc6aa6ab9ef30ea0faf17e997665570a97486d7cf490578f9f71f3e88036d5b426309536096160b0f5e64f00f1b11ba6ae47a52dd4f372336e071c3fa3a4ee2ca3c8a636ea86d9e587229548645d98b51b0aecf048f2a1bc59d8479c34882a01c35de854ec6eb09287d2ae55e4f48b0d3079935eccdd8c2cfd7c251cefc9c7e9f555f45b2ece265c257bf00b06f8dbcdfa47cff7e689f0317c5239abef6191f460b587ccaa73e2f3486dff48dfe166b52a758712fb83fde1436b4603fe16437da0b22d8a16e8c272c1ffa633213522b518f1d80b579de94845662b45797ca172a98efecb026a68f5473ade9097ff07d64271309cf6cc6f30e65dde40c88ca211afa64d5646b2574c211598d7d79a915e6781527af6d0243bf4fad779d7976af19b8d373c6cb63e31833a930c02310d2004af08b4467413646089d2955ac640a5cb28b67a193216078e1d736b834ac83f08d4956fcc39cfe1a6444ad9d47adab22b3c7e93d5b1bb6ba5e89b8e1148b3b5bc374dd910bdffba7442669e3302aaf6d9eea361a2eb61b175fb1cd781d960c2efcf3f47c47da2da346575cc6a6a84e7fac89f7883d4d5d7f22badf4745706506f25b147c208b4d9b168ba2b4d705addbf4c8b57e26bdabd8ac530bf8a19a6b1bb77e8ade67033ca056cc6c3a3de12e745d6a801a54f00cc902e66282c9bd9eeaae542255e9a352f118a42b0bb1b2779c809eea6f2559eef0db09b7996deaac8a32dc64c459483ae4997c9d326754ce27b1a77bcadf92898b5cf9dcbcfd8ca7c1e3c4f281defd3a8aaf3b33279dd89a8dce9de10e0e12d42ff2591c67b5c706ea3722f3669e8c835d3012de1f44443b4a9af803452dadacad324edb13f2b8571fa98a973243d415aeda9c11bc4f70ce9e6517d474a717ee5a0c353585f4eb9493e8f1c7855152ecfc8822ac07c7006148b95f629deae533a0cc9bdea2a032f9fe2e7c8d87b35813fa049b7e28c9e68d9ae577aada672ab3cbc5fceaf1fc88d8b57429b48357e88c839bfe220894203ac17afc3176c0cdc5945f577ddcc8f9c1d2f15de8e8b95708d1ed9da5599ce804a9422a1ec99318d8d9d00d312a211d051ff5f1cda3ae046d24a53b4899fea5c5b7ad0b7ed351807559defdafb18493a55d44325cf4a97416e0ee1150738615b63fb0cf7419286e52ad389944b3181a3cc1a1d76d4ed50221390dd666a531d7e2014e0c865f8c134f95b6bd8f57c95a2bb460c2a77148706dfb5ba9eb548aa1d10ff31c50629526ec49580a5d34cd2170198ff15b3cb5dd5df7f7368ae1e9ff47461f4f925ba7b1caced4bedbe1b44af0ef920f5c2539e90098e4793826504b54adc617b9e9a26a137183bd7d92b30542500fc208b5ba63d2f8f12edf1a1bacf6779fab43e3397200eb3568763f9ea04e36b46f797951ee710cecbc1e248516796e5be8e5253617d72a8ccce4eac902eff60557a63f55e0b4ef6472c1082fcff8f9e8aa6ff3605adc1a78b133ea3369c17c3637e9e6d68d20cc254b37ed93b30803c8c44cb0e5b53d18c650931a3125ff6593d3245ebd7a5f6a5264a5f66690b6bc608c4793a7c3f2fc42c570d38fde6115ddb2d1e0a8c6f8e81154f0f7ab9881dc5bdb8d8703d2fbcaf43765e9e03162b4d4e59e2f60d0b19c848c32fa0d67af3fb671ff694e8a0d4f50149e40a9efe97f6913b531e82a0ffbe1b2de1f25ef958be7965589d3e59633e6bf8d2bdea76afd375d4afcbdb718ee0d9479cc0282a4a767e437b0cca9bdde2e26b3d405b040de6867309535256f880ee1703d3f00e90796170c645f848f3da7ca5fbe567f15a8eae96f997e4912dbc50af5aed1579dd46daf310e6908ac7aec4e63be9108846d239c2dc6dcecde77189ab9c80a6d2b3c7968adaab39c228023a328ffe75485f960b0ad0508ed872ab56caa300335ce428fb29db87795542f77838ec7136bafabad2e2ff59715e798388b5e6e7955950f205b8622601d1fd6e5c106748b51f5c60eb7d036fb19b2e9db45abecfe9770138449fec69db37ee936c83f4a144929511624bfd46c70c41a26b7bad0178bf1378cf072414437bfc6b8700aa87a51a4f54d8f079efa41e0f1ddd21417ccafb65e1a88c0e022aa0171f96ac947ee739b3398c320ed8d2aa0b514b9089dd34df65f2dfbc2d84700f44347e9c2258830f07b17f23c464d601c73b7e0f0af09ab2cdbbfa3d2120392ba9598439ca9b313a8ac977664ec713b019da8cb697f6b877f241867806639dcd813e08fda586858a4e0acf3e1fe9824a80e3c41c7ad1660c3e1e246d6e31cdf1813f799567432f22bd39936f2f2992c85b8a2398cbe960b6597551d228f50742f5f496c7592d83bd1cc460a415cb081ea45221daf99279355bd8b5b68b5ec3932793a6f5fdc11fefc04e7a9", 0x1000}, {&(0x7f0000001a00)="fc1dd04edcbfa5dacb068ade5db766985e6d07e0978b4aae78a1ceea5dd01b073c20d11ba968b540fb2dffd1da170b70f50bd52942bcf5492f648b43b9b721b1d34785fd2b65d6ae9eb252a5982c6f779b79f1c9b3f9b18dbdcc6072e32cab0256fbd5f52609e8141dbbd8126c7c102be4930333440bcf5674a963390aa08fca1c80c72a120f9f2b58ba0f91ce2731952e1a30c45ca06f2fab65e78b49fcb68ca865e6f451cd195851603af7b857408327624fd99bff1e2c2b09adca52df552c2ebbde1ded4728cbcfc79982cb445cfb45a6710606f81dc61b78883483e4fe7c2fec48fa02347f0003774b34f4b4f5f9d2010de84b1c96eead8db56e386170a37463e7e5e49f6212e0408cb784611f51952c9554dda3d2118a76b4b80e534f7b7ff7a5923e05049f4488c22a707f303927130693211ef40736c13cb7a111122523dfe61bd42fba8cba43e9d4427f55d42fbd7d4d3d767920d8f0c976646d98df3bb5a0a88383103c7ef45850e52570e3c21db446ffce8439b91309671a0b77510cd670d5475cd87e0dd2c4ebf9ebc23acb8d7a32f45afe13c68b53d3b2bbb45b36e32fe9ccfa74bc260a93e24e2143b780ecacd0b676554a48cd772d34fea5a09f9b1a30c94a09ca5807c9519c64e3e7e6c45421ba96fb3b737c5f10e7b7b598fde34f3d708663a5463f90efb5e91edb5442cdd7d45a9dd8a4e3233f16f34d1aa1e03d4fb0f833f7b18e6ffc451b7e50bb875b813c58d1553db4dac2a976fb4cd74ecfcfe09c39dd7622ccd2da9da4c3abdf401208d1de3f7010cecc6ccd2fb1236c362342bb46875cf44c971f57fe4c579c1a557bb141b989bf2a927cfec152f2000c5a0ce251442762ce272eca05f74d43953733cd3189de4ddfb620002cad0494395daeb50e7f66b8e4e47e257b6c5ce2ffb3913ca508e398167da31a9c9681508ba598cb089dc61830ec00213350d527ade2e27d873289867d760ff9249ab355e1d2da9e8b730520e0e4a9442a8934a3ce5f3b98a17d73bc40d3f12c2fff68aeef67315ac153f6830d2e37194ce3b22da7acdddfb50e0a2ecbdaeb6c76c7403b371ea4eeb3ef39dedbdc975676757cf1b9d84ece255e005f59c1dc9a48ad0b9aa548c86424a01dd736a506067241f24854d6c7fe635456fe574fb6d91ad3b0f4d9434687d1e1b7bc45c28162c602b330548140d8aaf314126285f88ffa72b03f82fef4ddc321f91576aef49c50577f8754e9fddff3dcbbdb1bdc7a7e4685eff2d5d43d386c7511a0785035503a53c00a275a7ca3bc4541a36f86f5914b9f4c43fdd4e34cc85f4bcc6d58fcf8efcc54ff9ec81b11ece18d8f8f955999016f0676d03165f3ba0626e2d6639b7fdde7b8679ce1a15ed744860e88faef2095375fa57816bb1317ae5037a73abfb466fa8de2e1e4c1306d87df4a56bfe9ec7582c7e11674a6529bdb199d1119fb2f23f6b3ed0bee95fa38fcbdb00b0fdb3cf716109621832358987e66c9b1f625bf822f715fbc5fdec3a0971c7ce71e5cbb9e6f244185c45c2ba3a994e7ee0d39d5b46f167dcbae9ee46076c5dafb5bb5ce7c68e3f07f047a73cf5b82840fa7a176e0b6fa0bc0bf57c63301d5d3d72025efe827a54e56358537bc69fe88aef57a1e42f2642f04dda51b78dd86e06ce51e65025dbff72e6a16c22a19398e3a8fddf4dda23b669978862405521e755fea57be4ae1cd6059abab6d5613445bb6bd605f904eb29cad04ff967c98530698f664c82ce17bf1c54b97b0de3efd6bf207206b8df2195f580a52611bfb4766b44a545b4ae84b198879b0cacd33a0103656e01d3c4aaa75c4f9f12e8424629714201320cad74c95c0e58d216d3d1d9d95b55305c62bb9dff55d1cc4d60c3aa69da32354bfeadd61c7edb9a017961a2aaa1f38a99f509ccced63a41139aed75fc1da79af9cf4aa4e9c709c52d39955a1b792b22c44f95a9dc9ced29fd2d0bbdc45eb42e923eb519f5488237b6750d90c79de269731db6ffa251e34e88c136856d864cf95f2f2e63e734b6577fd2f9acba3ed47e568b68e14786f42c0b53f2c9c14331fd8678ee1be658e564a46ff6795245387a715c9692249568a9e4912ef5f38313ba7e47f418870eb3c6c0c8e38cc56ce479e1cedeca24c41ee54f520e26cf2e8996b0ada3617343b561bc067c8b4bfb14344289ee7e9e1a48b9cab5ac32fa590efe28c42c07ba629ecac34ab0639fbb09ff007823fe87661436565f44ca69784d6e93c26d131f5b17134732643e1e15c578a4f4ccdbf46881d2728f6e070e9940bad2c6732b24093b63fed534ce878bd099da64fe2b53c326bd54e914a61b092cfa94255907c20ed276b1d38996cd26babc419954b0dff334cc31283ccc12bd59ac406551cf5bf8149d89220fa566311398304096fb2ec112fc6edc209962659bcc34d4ba60e18f2e2121c38c33b44b5aaff8e6199a27dbc548a4c1cd33eb549436fcfba18bf58cf8d4708479a9e55b3507d9949af46661606b44a926ea5b174344afbdce41a0c6204186d2eae1cfbd0dd770d4640cf90bb605c6ddfdc279f16708d25f5fe40948c11e2b0f0b679ed05ef80303fde6e7fa5c0694588b29f305f78ccd2837405330e1122a363603fadb7f064dc5686293b48128d2fba8cf82c36b8a1729a655538f652eb5ac80616c7cab148f7d7dcf6ac32c23a6450eb60088cddd474f2e4a29bc953d9136c2ee016049895d5fc3485da3db1fd7757df3610f5c06aaff6f712fab9d364592dae77e0637e3915a2220a5963938386697fbb30ddc1d678ae570c23896303604264c129d88501bda8e870dceb91b5e2d8140926869fceebe000ed2aa138bcdb25294c1ddce0744b3fb53dde8cb81a5a719e72022448427080872291cb8d03e3e45d1193f8599c0089f05c894f23ba5899cac3501aa84405ef04a55ee705a75bd474007a26be85578e1848971f2b5af4a04fefaa28acd40072c74f59bb12cdf77d54096d78fe94babe25c0462262074285cf52274723fa3e136dba659263d3f4f86f4caa6f7ae040598447fac393fe451df8aca6b6ac3e8ab852822098def6e66b89e610a87de557b4db5b04df2fb9ce5f12c665edeed4bca62e2a374b712524bb39c093677f0fb77cb63d9b18e0fc5a3a9e970bec11aba14755629e0fa281d6d252f8793a7b67255a63943e8f5eb294aba31453f882c8564d25095d0456afee7c45e774d14ab86436ed002177644b40a8e65521b7a0e7ca673474bf27644a3a55c701843ca74c4ce0337434c1927bc6ed7a846a50bca7e7a797094f6c6240f21cd40f78fb1a37a59e918262b37151c42e132a4abe968d40704e7018256633a28e3ea5a2fba6461dafb82d6560705c5f6623067ea1c2fa719ed832234b3bcf36f1a2cb2304be31407fe3fd75c6eed1b2d11f0e621bfd9fd63f9a18d40ba643eefc97e5b29636dd7d6927d128e002237e980ab94589754f68cbb90f691601d31c2e9ec07e5551ca2b42d06a7249d8a1dfb1b466f64b09f1aa1dd2ee34ed033ac461506562bd3409827d3e0194604a07d1c1335b84570ff05a0afdff5e9268711ec38bba19eb8e57c48bd3ff460f01ce06cdb355dc343bf9af5b49e8b9f5dbbe78ee1fc7b9a0f0b689ec718ed752aaeab4b910f8df451320faa4ec56fd97c5f3bd2aaea45cf0517a50cf1874f4e12245180725fb9518c90517a68cbc239a6f4c76ed7a30072b32e1cdf5ae2cfcd13fc1a5400141c9ea3e17c7a5d249f9f2645440bd78b7ffd83dc38361fb62824605936901b4f3e6cb48c320452541e57b6e49a627d29a3521a1552eee883138ff659ae33eec420e5f6a374f44b8818d3aaefaa1d3a17831441e2f0d8e8b0031cc1d4359ec81c607a15090de98fc36fcd61dcd994ffd5fd5712c494b2e64ccb2c7ec4958bd0ef71b0efbbec1d4005e9a725630725aa84403013c66a4366601de8d4b36d1318af1a707c04bfef2b60a4ab834258a408e46bc5c44f3766599e50099f136f916852bb3ca4b91fddf4e109d7ad481bd06b289335aad387b5e382be65c495a9e613f029ddeb8a8c775d976794b9010c15dee9acde0d02d3c05a6ae3488e6aff55d439ce7a812fc4901696d54611b79166d42857e71378af7fa1a060b8c6e2b41bb41e307bc7f256b1b6b4acee486f7b03e102dee0003ee62b2c887f456cc3278ba521c58cbafe2c57d5fa1579e33082922e48e3db4a588e607721de1fe970d60c4d92019f43e8fcde6c1ae4b6c9b5334fcb7a5cbc6d2900fc19672fceba7d09eb95e607ad3100389e54739d8580ada46efa2c08d52ec7827e9a6283f9c96d5c97d13edcd7851a5315d45d018df60676570f20846f9d2eb8dcf5c2854235a14d63ea68592c54eee104954cdd204d4b6984a7be7e8e7d3cd0f3be0e370e781a543f06136e0424b0743785d96bd4ecd681d2a1c58ed2b367d349a741f867a1a97de74b2cbce09d97f8986ed5fa310475e9d1424fc3cd85e9ce9bb8f41c0ff4cd033276621cb9192312ee351179ed17f2c56f0609ed35936d0f584905f2cf0299ffed63aa545b8061b95ef6feb2264a34320f2ea59488aad7cd773aa5b72965fd8482a63ae797bcb6d2db9516c104652d7cad97cd8f857b7c1f1c94844f550000555e9ef9e701389f3d634027bed6a344df8715393811c283ff112177f383ef3ee193231b01ff8893cbde06a3363ed9637a86bf54431eba85e34bd5d779c3523b953e736f9aa9689b0848a0559fe71f0f463d49e7cf6be0f991d74160694bf4e2c73a64197f6e4a695a10f9a7a56c618f400eb3565381da9ef3ea97a3b2408859f9aa71bc360ae77356feaa4bfd7bba0a4d76cbb6f2712fc50e5226beef994474075233fd8c6876a5c7b38cb2dbb948109d6e5b0997c79ca0d8f660f3774e82b1d8d95f2fd7c8c02fd45cefa09abbc01ebfced70078516e542203b9da374091398a0638ed2015a87f67e41e0febc8e1076468ab0e21fb005c36748c05df87e7194930cbc8394787c23dd5c1417287c47b1446516de9f7402eca69ebcf7d2ba9dac074a8eab5f30feedbc51b36e1e6c461c11fdc16e65c580704330fd4c32fafbf7fc828b0e386f7b7645f66ba8e4388958b50b8c01bf7c2799711afd0244a6428fadc134194f07c2997f64adee5f9f99941b1567cfe9e35cce7e4738d916ec9ce27113d902dd89c3da4d8379921b8570eb0f8cb062bd32990404cc12f9e232cf77e27ef24d3575010c9a39ef3ef3cd4adf8af10b28bf995579985b1b3b153d3ac4fa371c91dcc7800d85edfdcc8641504948aaeee029b3093697baed8084c554df60afb83f105f966fc80d9b40b4bb67b0adc55fcbab60f670b10d83a1fe085e439dacac7c73b2e133a7b8605e2e77aac784f4aa90ddca4871a86ebc4008521b46877e0a5c96a58f97db158adf5b76fdbd9ff2a4d6360cacd56166ac26057d458e4774ab3aea3133ae29959c0e9284d2c6d0785b8465f0316c3f8e3a61f9e53dde41a5aafd154970fecd7496ea6c79f43a010155b5357746b4ab97e3e62c528db3c74dc687c7731f1aaee87b9cc7ad24454e66580bee86e8f897aafb15c73e3ec4d345865af846e31d8e0a25116ad326334b81fae80c440f1e81b04084fd41fabd86cc88020c662ef78932d672022e313ab02f9c55af85b6beb6ff2822d50be0eaf1636d4e8ea0e979203c79c53c25692b4c1b1edf510cb07b9134fc94d5fbfbddd4ec9d265316bc72a87c3b3e357f1234294d4528f53dbf719ab6f0d4465995385d77f1271cdfc88e3fa2", 0x1000}], 0x2, &(0x7f00000069c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@end, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @loopback, @rand_addr=0x3}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0xd}, @broadcast}}}, @ip_retopts={{0x60, 0x0, 0x7, {[@timestamp={0x44, 0x8, 0x3, 0x1, 0x0, [{[], 0x8000}]}, @generic={0x88, 0xd, "5f52f40f70daae7c0c3de7"}, @rr={0x7, 0xf, 0x7c, [@loopback, @local, @dev={0xac, 0x14, 0x14, 0x1c}]}, @generic={0x3862a9d48a074f4e, 0x7, "6dfd9634a3"}, @rr={0x7, 0xb, 0x27, [@rand_addr=0xffffffe0, @local]}, @timestamp={0x44, 0x8, 0x85, 0x3, 0xb, [{[], 0x3}]}, @generic={0x89, 0x12, "344d0a838ec933b8d79d85b5c853e3ef"}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @multicast1, @local}}}, @ip_retopts={{0x3c, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x7, 0x0, 0x6, [{[], 0x7}, {[@rand_addr=0x7], 0x1}]}, @lsrr={0x83, 0x1b, 0x0, [@initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @rand_addr=0x68d5, @multicast1, @local, @broadcast]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_ttl={{0x14, 0x0, 0x2, 0x20dd}}], 0x148}}, {{&(0x7f0000006b40)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000006e80)=[{&(0x7f0000006b80)="15615b1fe36441478b64a2aa963232ae6191b927ab57f2e8e09c238572e2d29a00319d5f1775f3eb312738e19418094046c56000be8f9637501ce1f639c2f583d154334ef677025636c7dd1bec286e5892fca9df19cb996b069b3b024e6fa3e450d36ab3f155af97b1df5769c2822f73", 0x70}, {&(0x7f0000006c00)="5ab6c9c532cc1e3e7a4eb224cce97efa518818d1ac11a5f07f5dc8668a6380f3d656b96892f1dec24401f72f81f3240568454af8f96c4074739819968dd6442390487d4ed8cfdcc5f3d822847e9142d2f5df6ec3e1c3babdafd285a45950e31e56de4b80773f47fa7bedbb2e9d65ca489533d3ded904b8f55f7d9b7e8f8c00693b6b8c4b71873afdc815bc05fbc7173935aa53849b6f0deacef5b81c3541d6ff3360357cbf80131fa5c89ea6d1c7ac7ec108fdbb347f258c2001651f3a29bdd295183e6cbe2e", 0xc6}, {&(0x7f0000006d00)="b7b2833ea3c920c944cae4901494433d1273c259e4037a59701b9bd099c67b7b6e9114fb2c20cb7abbff0dd5c8792cbb781516cc97f37e628c0fdd5d6923a24ec023cf531d09ebe3fd7cc3278b97e842c23b7abbbc60a592f8a97e1056f2923c74a109342b2a30e21e99e7faab04585b78a6fdea", 0x74}, {&(0x7f0000006d80)="fd9df9ba43a8cd0d4e6247357c3eca16542515f9bf76e2dbe7ce87b8cf909833e16f49ed1498cfd122b3d3b4b9a6bb423b2c5b7505152eef4b6b030ff27119b045416ef1fd6373a261e646e32911524009428fc1b443cbca0354c33d098b101b0327c3298b46b76ef657d02748fb5d367220c8604ed18f97fa695b4e09de7727046a7a517cc72864dc1fa259dae5f5540941ccc2ef460641dafed94b73cb8bb51e72bcaded25f9dcf75304e3d7ba40225dbeb16227353c7111ada040768ce54776d1", 0xc2}], 0x4, &(0x7f0000006ec0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7f}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r13, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x68}}, {{0x0, 0x0, &(0x7f0000007180)=[{&(0x7f0000006f40)="776b12ced0637fb5b3bbc5c71d6005db744f698a553a3de0ee73208fd79c4b2c34c18267e0a2ccf868ae9371a06b278e07de500e5b201e13bd3480945fa65cce36fa8314a55f0ed78ff3d8e9ef6bcfe664debb9d824e2345d92df71eb2b35fe8fb892abfcba0f3eff076202094e2c9eb0195c4dc28a1d2c67e3a6d2c050ff2026ffea7e7bef950e2a451c2224dc6a97a93cac432c9e2c12a5ecf47745416860e1b7d164727ac893fe934a79c6c11bba2b78e0515559e919890dde14ac32845550544d8e9c70ce21736fe8201615d720ffdee237fb89c8e732784db5e5b772ff01a4ed201339a", 0xe6}, {&(0x7f0000007040)="6517cb55dff6b7ef46c39d717696fc7ee0f4394bbbbccb19cbb4578aab5090534c38104cd081b3b2b7ca85237e45131ad45334b1472fd8a4d81a3679bbbccba5f15c9d1fd2ca36d1af4e595e6ef97bf3bd83fbe29acfc3792bd03640afec6779dd00587fcb55a14990a2fa7c2badb987d35daa45199ce9112b969855976265237ce025265bd234f71e45016719ac28", 0x8f}, {&(0x7f0000007100)="ce569e02f1fca852e60657bbcb82d299d076bd14de", 0x15}, {&(0x7f0000007140)="ade1f5bd8ef588fc5795637366795e586167f1ef45c3634d12069b6970dab48e7f04170ea553aba374fa3d0b48e49657e14d0b35ed2013cde2a468", 0x3b}], 0x4}}, {{&(0x7f00000071c0)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000007300)=[{&(0x7f0000007200)="56f542ea1b243bc67e77345b1fe9c5552b76351af1b62adc76f940fc8679f2eb6025ed56ce5beda96730cfeee5af5f8382e8739581b9c9e7ec700eca14a0aa6926393a", 0x43}, {&(0x7f0000007280)="ef7858996618b4416975c9c2316e26a48088c16d26cecf6daccaa3883f12e1023de9ab3fed48e5064f7592bbb11a3d8af704b2cd0c5b5f735dfbe060754c9a7b0a4bf511387ab5", 0x47}], 0x2, &(0x7f0000007340)=[@ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}], 0x30}}, {{&(0x7f0000007380)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000095c0)=[{&(0x7f00000073c0)="cf4cb6ad06256a7800", 0x9}, {&(0x7f0000007400)="77d38b4ad8e57ce10df0cd4d82ce71ecc2654ad74435fcdab08b36c873bb82ffc5658464fa04735a20f706ff1b74cb3856c4280ddda9727f8220d1b4278e3fd3f2966adb0ebfde924deca85ce585959a5e41955f500c2fd95f9a6db4c4895f6f3ac2d599f44ba347954e9515aadcb75ec8e57f2d874612dc178384f002cea1918433fe6d75a7d8acbc419ab9e6f597e3163bf6ea5f3149cc3d38dc4ebd15ba56be1e6872e73919e7dba106592848397c847640b1b3e96b40e442c72269344b2cbef9b4c50ba2a06fb1a006e508e92a8a5b79b76484d7e082f2a20ffb35c9804bc33a2399e953b12fa68f5f1d4235e22b8a8ca859b744d3e4", 0xf8}, {&(0x7f0000007500)="05d25bbae4500940a735a083f65cf38ce455005be7c4cd75d5da7bdff80cbaa95420df78b7065f4e5b03dbcd517212f0594553e0a85b989a7c833f06db73cc20328f304222d659b525b5308f79d63deb5486c15fb6900674cc424a6cc0870a7a9ee4e2dc2afed1a70ebea86d97cb4edf3118129c660ba433b04e83cba75ea4f3e9c04e51b19bd42d64c4de2760e74d71a504d0b045faef43166448fb747173d55d2b348d2ffee2c13ee76fad2210932d1f39d939f51d3d959ccd0722de3d07173c741aff6459fa7080ad39635e2c4568b478379039d6252a84b3f051fff23488797b89a3f37247eac52f99788bec19dc4956301070c31bd38ab19d941aa47051918b68da62b44cf9ce2786b280ae3725f017b35ef8cefc492ef01aa6d36cefae3dfe938a53eb779a813039ee3cf4ed1b1fa0ba5b8303fb7187d5b9c7a0e5ea63c99e510ba21ae2a090f60964aa0f85e1f8f191e77ca0046385726cdd969e41b6eb57eeb9d68a1c504db1bf2b79b05458fc6c56ce9f8f48a9ec43ba831d22011653ed9b1162cc90082db4c2ddeb9f65a30f5d8c86a875c4e10b0d365daa80b901983343a3a2db65ca51d643db486119d0bae2c0ceeb709341114a17490cbc7e48f2a9994874b8f3d78ae8704eb72dd21cc2192b79c74ad828f7c6c0157be2b0356b821ac9146cd4929f2b8c9c0d418ced6f6e126cb92f683249f67866b5c3c9679a5f1087cf8e2b8dbbc3ca8470bcabc97adac5e45ed9f4fdacb893c696c375598f2463e01cf182c154d0908a587472d4b727291ee5cda2db1f5911bce1de03e851e821061ebd27945ada86e86d2f4408a5ff807c962ec23b57d5c9edf847bf8bb453ac763886e0ab9826f6633a892b260becb3d67ea3fff12bc891b738345aa878dce40dd4ffdea3adc7100cf530135b5ca7ce446cfb660c8c6dba9d50b8bf983340a0af5d012be9973b9cb034e76b0d885a92fa33a850320d9b43046253dbb7b49cbeeaccbd17a1ffb9b8ae145a9cb0610545ff5418eba3250db317ad5c21bcdd116adc149b783cecd6ee20fdc853563a3b325fc403afebf7e826000e8116ea19a3fc426b9bf0a719b8a49b7648f1e8a1739906a50c23c85bc2e5a9c277d4e73e95d9293d594975abe61bf1f3db2b29d2c6b59cb6411c077545228f7c8dfdec4f41ca1d902db7680bb8d19ca8fabb4d3f81f991c93991b145f86fa08dde81d5940ed9e330e3289163dd874a9c2f6dafa367b2a44435cf0f9bb3cccacf293869259f7606c1f53e802265b7cdac2550794933376710cf706578668eb1f1e093ddf9aeb3705f4f9cf70296d265add699b889c4271c4f6164b15b0319334f769e57647713698450f99ee4ccc6bdb5b6abd8240b6b5e7a146703e5ba3cd6d11671ef9dfc17a8cce4211957e7eb9eb6130030196a971252d97d834a233498a0b6caec897ddfd53b29ce01c13bc36f612851d1ccd972e7b2fedd02f23002b057f490e4913abc0dbf98e3aeb0cc119dd695949600690ea0741682413c6bfc96d3a41196abec90c9098bd4bb3202e130d1097a6c5b62ae844cf960005e831f8660716255ac5009c81ff5c74d74107cdf5d39a8fcaf59f238bd25e0d549f7a41d0d1188fcd40648ce96c7f624e02b3d253e42feef904ebd5cd364d15ed9332199acb00ea1626b3956253764cb40ff4efce036e839dc7a2a499f218bf3cccc83caac6d614d0c363b5fa22f0dfdd7516654bc7a9ca943174d920d834124667584fff10f5f24b508183f5e58b814cbf6c63206e471ce966b4084a433f0ad8612853c5676ab3371ba19f5147ec214bee7d369800cc353461b77137e8c5cdb9c053f26c23de0066e8bc43fa5caa0dcbcaadf160bf3a4f2e9d73a1026aa3b09bb63e4bff9f75172a76b46233cec536e182a8cf95f27fa4bd2de4c54cdb976cba45902f0b1e7f3931057a4191f3da079b9031e95cf525903c84656aed543bd230f59b93f573120e69189833091069b8cbb64e997f9383b5ac389a3ff0fb3ce6c6902bbbab23b2e4e315b6b4e8a8bccdc17abd0c99367fd4d235bfc028fb7e8a9c3afa0dcda610c7c47b55d5b2dc7b2efd1531620f9191d04b5bedb7f94723fa8b0a41b357ef5e3c149ba1e0f874b04648a1e4230244289a957ed70290fcebe317a59a7b8139ac26b7c4adba0d3402af34458773212f02f35f898d66857782f1e17d81a22e01e6428ca5985fc63782a40a863c2f4dd6e160411d9e93e540ccd8596f981b02c7de242ee008006f547c493f1a6029bd2f9286bdc3f7d98fcb96f9d924dc32daf291383c9b1b4877e9cba380768c9641802b8c06d833f5717fc3f93aabbb3768a6037ea3e85541646b9f16ef021f690d4ecc8214f9f2af7471348d7f8b7fabd3b0acfe7475353ac8ae36e006f4b328cc32da889b1dfdfb848ea8b2b603632313bf6bcaa9d2d241cf857045dba408ffd15835dbcd63aee1a810e9cfbe7757123328216f20bfe8c72468b961fd4edc95a787ce574100717f27359aade98abb8eee033e4ec14904395617399fe30c95587effbd39ee5a7947bc15f34f6c0c72324a0743d3c6c33f879986475066f7e2cd79d7cc8a84018ec927fa59c90b52c62b4043c92cb0d2a1947970c20987b5d2b87959e4b79ad2f842439e5f54aa576e258127e2c9925f5359117bece2e8466b64339737c599f41c43313da77573d468e8ca2f809274b32c3e421b8d9fb3d8ad2bf692f5220c278957ac082c2add2d4e1f088255e6f8d96c266e39a82610284b159e43656a1c693a8216601af135a723be474b7c1b9e055f8fff5e964452e7fcc018495fa85f0f4dbfa60b67a13b6737fe72e3669ef45596b7f211c9a5860d00d6a5c6dddd97baefd9c2514f800228fa77c95a6cb16cf7b55a17d4035c18968754c55de8007481193d34c4a1d5caed1a530e9fb781a544302c142744f064ad6e81c3ebd79f3fb47b28decd70c26aa8bb3abcc803e11625e2773de840926aff75c87f68ee5eab87d542816553d9af222153e21570ac7c489cf586563d93aa31da9f54842b42532fc5e8c0a46dce5079f8997629e9c47b3243d28ab3d1a1fbbff3b6bfab8fd1a00347017f1ee3d70f4bf3bff3c4c714121427f8ac28515b354d470b4e9b0913aaf0a2fbf20533815aec5b16183f7b91f537b1a27bd2039b67b23d654e72c772f3c1fac10fc357c0f00e2f55662bb80380a450a22b352246b35ad0453d3f757b98e6f51b2936af3920f5b8e49752c55242dcf5b87809415674b541c6baa3d2f7cf5af349e8c096b95f8bc9ab14211881e356d2d8b2a50a7d79d3dcebab347b84e54425e84cfdf70367cbbfa1a9f54af84f188baf81882f7e01374e52c28b2f54e187a509acc8862a1d267e53dbada7af97afb13b59caf546e6348aa053af4f6f06e580491b89a5a9901c6424969867e20582a76f6f0804d4c63347626132a46dc5f9fb6bdcd48cecf4c1eb340a88d840a45197c08241187b9cd2046d09d88c61f70a666b870b8cfbb2a372d8332164ab630e49c467dee82bd7b6509ebd4ff50596118ae2e01347877fd0aaf794cf054c361ff04cdc8d630ba99d3a25f85b4dc42b1a0bfcba47600f740169d8c793266e54f51d6354d16cbf617c0b5727fcbcd1cb7d6f0c18830a870d9873990236cf710d2eeae2987f04e9a15c4bd1f463c97791310678e41a5645e4b1c24fdf01d36fea8bfc27fa06937d007892657887c2e2b33ef24df0d11831970bbf17bd2f3c8c4ca6e1ccedb024aec0a48b33b1b3be2c20b0dce6000b90c023f09789300b20f4a337119470508a0a470eae38007e27a7a680ab762cefda6f7d817df43a7513ca93a86139441d66e7ec7a9a6aace8d773c879942925e62ac7adce35f6828a74f8aa940ffcc1c4af273d8d32c75c5e73b7cb28e71a78d5ad4895c04fc6b897046047d9e40596b1c5433773975aa32490b54f8d217f5bc06462579d4d2dfabf7f6fe84302b8250b92a54cbb0cb873c0a6c16f07e10f788852b79bbc821386a39eb2197d2fdade2c2e72393b0db20bd9b9b34307efeab5e03ff4f7d0a1a20dac675a2bf1d331be066109a0c4f70f7f448d6c56df97255e994fc462c95d39b83dea15cfb8f76a5742379cf6e8c269bb9026fbe74fe0ca8d7479842a8a4f9f64da459172f3899f9b1a791a93f0ec32cdab901648c92f5e826763f1d606b0482d5b7676c022203d0e5c5deba6cbe4307f59ca054238b21e01da47841e5ade660854887f2389a4ede42b2d010c286e8995d1e97bee2aed1b86777e4f4391b1d96fc440794a728846128daa738bdd32b0f96cf4ca6a3345c0da13aeca0522a791d37b653506e74da3b0744bf1446bfa56f67711666a4ebe89c3b2074548cf834fd9e87c19dfb8cc58ee60b42a6dec5b3f638ba924d394500ffe25b3ae42e43292810115efc34354cc7818fbd99221f69a0d5b70826427ee9d791e05d50b1aadbe92a5b2d2616442fbf6cb58a1307e108526751fa5832eb51ffd51c935257a71d4907b01341ad2227949925e1ad0666c43f32e41e6c2897c7da9e1606dcc6640bb44911b7a9244f1196525e4646a686c28dff04e29a5b270211e168de4f755d3916fabe616ac33f59fce26791828999e8029c670b920007fa4f974fb50f193b19e94c6c68cb30fcf5d7c0081c54de1c9b257876bf6f9f5e8b525fcfd280509c16d261d278872cb6c99ee410b8b349f8d547abaff3dbe9b007399db3bf9cf7a528cd17b7fcbfa7a4b805e62d934d28b96ef9e4da03732c6c3452e9bb949fabdb313c677fbe10eb799e6b1b378eb11da3ed5c721b6556cf4b2a09cec8b5366df4fe1597cbb58c566e013991bb3528017c3218f396721da5273cb744972e46dc291a728b5372912a309933c2bc40260332c7dae4a3e443c0acce869799745eb821869e05a786dd8a5bb2a840afb0132c365c00fd20d625a396a5fb2b4fa573dc7922466ba060de2ad2cc76345a374cdb9cf9f2186a7dd568cfe830447aa93a27828f35a7f57f3acb9901acf728f9f51edd67f4a24dd1f55d25e41c4dff257cc0e39f71dce0e2c192a22f70183d893e3e94a40c6f01279c124e96e6425c519e6130595a9033a12c76388e4aec6ec48122e03f85ebae75de6d795c1f7ccb22cd68464f6a3eec6eab9cb1ce5c2c91f45272d6ebc80cb425624548873fa507d7e1dc97c12512c66cd3cbaa87314e8ddcfbf612636586ad325a783f0a3c590610c121357ad09fb4346daa6ab522c2873e0d0c8f20522d1ea0acd62a2f7c8efca16e6a2d5bd8eb42a018780d7350165532967e21c25c550ecec95c733343889dff61bd071f865c2b46ec69d25611b0b662ac54e5cc8a9765f893c97bd2a193c7ad8ef4f9e500a32cac2bf88f6382552528b0a0ebc2c21ac662a7d193739fc2fd05bf592a92b0065af7f5456fbc377a9446cc0383709e75bf7b3ee895b411d8f68cff9b78aa9ecbd16cebdc6b4b794dd4dfdb374a32f5c29bc6a23471872699a17edebc3cc98bf25479a6db63511c27982001e9046bc8e1fd5c0e0927042d2bfe1144ee89a94c9b853b52190ee66c505dbb21d9b1de6dd505a25584d2e324e50d29d3a11fdf7a1d836dd9fe3044f16aed53387a902f5faba32860dadfbd9edd5726eae83dcc87d2ec2f8c2675964ab31daebf125789cef451996f64a3174118cb8c9f8b7c3659270b9b24375eadc4ffbec600deef20131dce49ec13a68a9ba9dffd3ed66f5758dd0af723c363af955ed3eeb1c1bcd3caa4876f6dd7c716fb1bca84e0d2278ac86aa1a4ec", 0x1000}, {&(0x7f0000008500)="b44e721131f5b52a90d0dc7f9b8bea6be7861f07224626cadc3fd69da510b40be86c1043689b946bc30949a6d4bac49b8ff4f70e075ec780daeb42d6913b351d7e4f92969cbb23316cd9c34ad7ccbf7f9e1c4d15e0e4897648a8c4bfefb039981c6bb53c50d89295194ec2214da0b0f529c9a1fb1d51330c6ea07632188e121ccf93a98f4cb3e0a4cb299362da535a4fc0bd8cbabc7fcafb6d4b194ec512a93be92fd2a999c1d306d93bf84e74d5adb53c528bff8a56d37d9b9560256419ebd465cff4c682b2efe2bd0759651363429a06ca1080e83558c0c0c8513cf357c9c84d22e8ec09cef7c185767eb7cd4ef2df3e91ff4158de1d95be0d44a0e87a4b172c504d6103019483e0d6386a006036c8c4524ed4ce39153c87bb17c9e96de2fb1c9de8cc5c0812b0614138696720e3569eb0199f386181950eefb5749f631e47f1b51ca7aef2208a9aa04deaa724afd5df7c5451efc64ed437c6d1b88f4688f6fa33621919645528eb082302a884654a7013f8b4d8c8833161eabaaefdb9eb2942fda97d33678428cf0a661966891538b67111884b887d6c9720a3393d3da4777759dd8da4c1eb93dc6ba82758ed16d767e8411698226a20a15e774a6883bb1a059a0eacd83b354152a137b6a936fd10ba73f9c867a1926aff4075336343a73404f41e49fb7864b76b64f1b216d21467a6a449d2d5479b7f9471a60bdd43e43d935b3fbe53af67eb8910a6b4048b928c2ff7dcedec7f38eeabeb715da15e0dfbc782184fb2be5a2859550403dd8ff87da5fb9a27a3cb5f6a8e6c385b2dcad078b4729ecb61f4344b3a955f224b667a1a62bb3afc7ad67ce8f53b443aed2b5f6423518d8647a5f1dea413466d447ab1707d193b855f3f2e3267c2a5c9135d8f4db68157604f6d33473aaa918f68c2557b1d390bb0dbfbe75e1311e0f8549ba694884807ad446fb9e9465b6b7a05fcbd4293c46ebe722d37333ba12b97d8918532421c2491ef2bb8846f647fc4eb1878e5e3a7962cfe0c48a4e1c9d44f44bb53cca36402457b48465e9393a34f86be9268f191aedac8c573d20385b2b6c5c00efd97784ee393a84d74ba8cc01ae08bf821901e5bca14272d0380ea350bceef60f75c24be5fa0db62f6f6045084c0e4f914c6d80201840b7e1af0ab91f85aa658459f8de8a4f69a8de5e10d2306aa20aa0e0ab4b3f6a97e89f3587e36479d967da66bb01c3dfe0f5a5dbf2ea5459a24f423b672265cc05ce17899bcdd2fda2775cd0e66e6978d72ef90739f2c0deaf7b32efdd0208fc2d0034137f01e30f3870946303ae1baa2fc8682ff61fb881d04708510dd9af7749243f0b01814fbc18ef3b776f5dd8722c856233b5fa4d31b3edcf6463ad1fd59735d196f2a127c7ed741bae28c24c993823417ae48e23ad85af4093eb4ec4dcef9b4de7e37cce08d2a350ac2ce1f529bb3584f3eabac0ba4db9776e5d88fe705fec9eed232d7289d9ca5febb9fcb33064a687fa5b7a1de41cbff1a6b56ec2601324562376c37b4c86818fe08e521fd79e9c2ea7ee25ea8cb6e0effeae95fbeeb911921568718014a8e5e3e6a4a7207a6116a1304ff333ad32f23ad9d489e09bc37fe0548308b47a4a820bba6cfc1d91b1a843bce9ec0babed3a41bc9a98d8a63eddd7efdacfb59d8ba6f68a19c9b8283f71c3dd797136a976da26c026a375c911fe57bbd439be9b47d6894d79e63e19d6571e804f685587572fe71d1b17b3dc750fabee5e128b830ab8b92779d9b206b8dbb98c400b97b3ed3525ff4ee3d00c57be147288e4136d57fee7c52456230bd87e3fb39e9b2d1dd4b6dc9ce318c9280d3e694f06942859d290ed9920a697f12be82385351f6c241158189a651cbc93f4eee4a487907e6999598a37f6d9b686e4890d8f5dabbbe735bd1098fb6c0e9c3ecbcc66f31992368d96ca67838ccf2663905d4ae17a2f88c43b0ef5dc514872fd315ebfe390a012933277fd15ca83ee41f2df40999b54c2b9dbce793a9d046e49a3575e660961a61171844a8b24d8424f0d2bf8b20b3a57a82c87a1c559245000dea75bc0ddeb00015130d1c1fa7356beb7ca4a96389360da8a11e06fefb243e7fde0aa4e125607feb400cd7b84908afb6e16e5e12ee12afe4da8962982d5df16ecff288e331ac03481a8299d6a9dffd4bfde0a824165e3a4604ff59ec3dd6c3007893134de4735fd102e3bfabb9af5bd6f622f4953c5ec3792054146308c3f26fd8f16265ce759a82d06316ca1a5f4c74659c932bb3e0408e9fd6576bbb6a6123270f10c1ba49e8a96593d8af095c9c1b3cfa711c3d3dfe0050527f0720d2f13028d80686403f9431416b8e28f91ad19852baa39f174ccc294e92d5be82a97029816561414e7db4449bc5ccb5a64930a784b457440861896f16032d077039153e122946a321fd34d8c132c48e5c38566b20ee74ef48b2e024c2b155bb28646d69f0c5d535ab2dde2e6447eec8d7163fc3baaca9659be43324060ab66542acf58c35de1b596cc6cd1f4c7b26fe1ab0540eaba6899b4dc819a5b41cecd0323affe2c6bb23440dcbdba3dadc9dbdceda3c34e97d8a98a659e65e42d4953ae880005694db031c4d6d094f0b97f2af847351ad079cf21be00d48ece2c45253cbe0da2dbc8e2bd462895f2e0bf11bba9c78f2441f60f9c2939894557233c46541892f83b02d64b4a1da670ddae25ce986329174687b2afd49815516bbe7bc5af23969bfe29b34aa85b1e264ccce007126f1f20102763f1d00c1d8854d2b7b8c9e6936ec6df3e6f168713bf6168e3cfafad7721b12c140e99cae40e4c71ef8d9168c0c6b571e287ff071e607a3940dfdf90c839b5efa5f8a81d7ca9b15f8f0be0ebcb07438a10c3f80fdfc4c68aebc03e9669dc84bc0feceffe649959969d0b8431bbd3f8368b4684b4ede2cb2d13c94069d267c87701eac7a1b737dc1e1da99e10d591b3f8e5eb0f82645266b198cde439837e1c4f2edf12ffc51e3d96e301f0d76e1209f908024c7e355626f7b9bfb33c82bd70d65b242329cd0632e64de59905f796bd832addd35f369973932df7d149c5f25a5a4c2a11265538761ee4665ac79a26965cae0f872e3042579d2b2d7b93fadcf5c75c6e88ac63f813a243abbdc881419101238fa66e86b3e1926da84e83b8572e7df0f232e66728b4895965ccdec079bf41947802931df824f5647f1f4e7245f26fabe3fccbc9b349a79538fa76a360500bf3cad08361b6660e1ad97083e64352990e615a0096c124f96b62c3dffa5aff1926320cc33bf0ac85df82df19a86de2ef857fc1a2c72a0de088c64f8740717415da6cada5949d7c4afaab2b020d014c7e8f3fa942c4a4b31217fce8b39256cbfe04c59b8fd1b9d5fff6d4ad061848dc6292bcdede1890a7f5b4ccd3633abf29231a9c00d0e3fab40cc22ad33cd9462e862cb54371b51ab6bcf6cc8fd14f3f401a9c10f0e1bb55f1f549ecbd8fd26aa0658e6c105bbcfe6eacc257eb7936d695d87492871eaf44b7256ded633cecd337909d4cb92fb3edd71dd8b1c0e17be35a04b93b1fe96734c6ea57e1d8e5e606f161e1690017e479b6a0cb03a2a5da606fa5aa544f1ae2168039aeb7a819a6b387b40dc3c6fe1bb6992dc6d4b013e2bd2280f824e87db0083a18b90b103af1bb871317b00ce0d188728c1370ebafd06ddfd5678476e00331535eb0585717b0f6511a1e827a1a5f45fcfb56eb86f609509b5d42773f79078b2f9ed2568352801702cbeaf4b400192b40730b8b0668ea108f67b91771bcb0e3bdbbbef536b5caf3263b1de24db818b018c1a6504ba8de8d3f04612c47a7c42bdc5f8adaf6035f5b8e7ef9af00c5fff8fce5073ab42ba1dc63a867caea55b1e3f6285c85946e36a7acf10c97cc5424d23b050af6f36ad39a66627e70abefb93780f515b9fb96d3d64da62eda517521dd53ab40a2b9631c8c63af716897306a4c16d1ce36979d82c027cc142300a312f5b8c3d56c70295b37c4bb33b4325da1fd58f6c60568686b112b23833b0b5f966491837e75e9d0b4a0fd1b8b2a432ae8f67dd70b22bf5de5c2cd8bc9644040935ce8f887badf0a78110254e4ef05dbd0b54407d4c76f7d496be9a9ceac87d64a3c749b01a6268dbd8f20390de7b7fff0b5b12ff5ea94aec6ccf004d77aca38d6cec446820e8c77273f190097cb87d255850b136cd15248aa1b0bbe341a7f0c4c873de44c739e985a1b498334853ed27fd5e8e3b9a440dc648e4f06554698f2e669e9bae53fe8cf2d5fdac78d0d78a05ed8eefd2fde33cca0f2109317b1f2610a7fe477c1959b4ac623e0d9b72fbc1ccb13d2ad980e329bcdbcf1e20b91c4543ec8e8d939b9bfce6428a8ac6eab41aff7ca1b26a148995d0c92d86207fcd3e63b891b21b896e6d45bc525e45ea31462946d4ee965576bcfd7a612de849b4237a49fa748eaadd889ce557867e0088f2257139687a03fc475ce0fc50018bbed219279d30aec84eb522a6bece1cea72a47de74553d9611e1283934a247f91ad889786341c4a0d18a751ca6a267895e5add7a3a1d84aee9264d7d8859278301d5d728428051fef3d76ba935785e35638386877c26104adfc61eaf6ce73477f895480dc048e46ec00d2aecf3e5f82dd6f349d6a415a8b02be5b3b2538ae8a9dac5815077aa954d6b870259dff681bf6f69c68cd6cf7f52c7a8ea964492da88b7e5bc15c808d9e84c29d468316569bcf5e7763834e1456ece27e6761119b5442b0f668222cf262d94a37ce7730556e2a3ec9d1dcc8e20dba42dcaaa996b44beb028364fe8089f9c1eba885c3b5584472bdbac73bb71758f724b5b59f6219c9ae0bb92181fe76be420592fbd82cb08c45b098f1eeb70a91044fd4673458f702cc9f6c0ac6ff7c3b37fe295d926503d624c35c18ff64a4cf7502f6047da326bcbc99efe3a5322a54f7de3ae5e7fdd4e1688edb69c7c5a55296e6110c792ef36fabd49cdb30c0727c6615d73addfa5e51c3fe8860dcef03edf037ed3f7ecf8bd62e81fca18aaeaa7a73c930cf2db5422a431bd1b166b8b1766afb4212d659e3a9c3e7bb64dcacb1be2e15002f5efd7d76fb79a5591feabb28e29289e62b737caa045e8dde011efd675478d454640d8a6c2bccb6e3f611fff045161446f08062d18d514e71d02345fb666fee3ee8b6312746adcf35a228590adceaa88354e2d61260b701a656c94ab2f3f40bf83f2928037dc90a36c333688a48d7d65c285f4c2f5984145182a1d29300729491b9939ee23413c9b2dfb596d2b2f4fca4bec04d4c8a473da61273f24facfd9fdc5b04212645afbe601c0ead2d513f3a1ae238ff5f9f3aa80207f8746ea04c09b8cb474adee14f518420839ad49a79986b840179efff4b950f94f93911059888b8a9a44820bcdc58a04263f9980cd7a00855c02d7248a18d56d96bd8a0b3e0b5d66a5b3c3ae2fb5032263eb15ebb9000f6fdd145fcff4ffa825eae31a729b54158248af5591939fcf81f5ba9ff25b0b4f98d1398271884e2be5e9f66d5a8b63cb246589c58c72ab91cddc7187175f5185388165fbda5a26e2bb530c7decd7a312b99ab7da570d81a84f46b1f3694725c6c09db7e6ab474312d62b59642d57fa64d8c7ecd776d2355f01964ae8dd6dd1d3d286ede8ae4b878c73269af58bd5a7abf591704c00a450e795d29cbea7462b33f3e74cdcf31fed03f5e93cdef33e43a134792c44410372c96b9128978bd75b33e11c24a177e4e5a18839dbfd2d2c4d62bd087d89db25b64947339c8ae", 0x1000}, {&(0x7f0000009500)="055bcf6105b9abbffed26db7f07746bd880629a19601240a541b7fbe6f87c5ec2e045ecbe80e7ed780f399ba187393caddf05c2308fa87afd771619b22df16f4bf28b06124da16da87a7cad61cc9567fe1afcf3edc43ea3549760f16d0d0eac8130c2a015f3f828f96c98f86468775257750058c5a374bfb8e157158a97156605d9f15558204feb61ca2f2d274af68c7c17a9447a9376a58283f61a5", 0x9c}], 0x5, &(0x7f0000009640)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x94}}], 0x30}}, {{&(0x7f0000009680)={0x2, 0x4e23, @loopback}, 0x10, &(0x7f0000009a40)=[{&(0x7f00000096c0)="4365ddcfa1302964770beb6542a7dbbfdf7f5af36866784b983c349473c71d16c70a40637393c21ec92589ae388ca58aeb51066dd1afa47e2b47003ace1a6f71c7cf6995eb1ed462e4f0017607668975acb3d8f70a7cf6a7b4780cdc0d809b0830b1619fc0058940d0a926124d8fed5fbb907db7764f3cad386003f8048e6d55910bfe4fde694c2353909744", 0x8c}, {&(0x7f0000009780)="a1ba67cf9e6470d01e0033b61deaa062e3f46a5ed4a1dc42867dd0410fb54fafcab085c1336e4864e35b8fb5b6d57aed41d6876c234996028baa32cd593d4719825eb2af85e8956f6fbb00f6d6784cf1f824636254d413bc602d1a29b6c8a6374e92969c0def6a47168682d972ee2cd0d60a15", 0x73}, {&(0x7f0000009800)="53173ac7a6dea34bb76b41077491777a1fd59a3d9290e0d062de7032", 0x1c}, {&(0x7f0000009840)="cee7d12dc0ca6a9749090af2966d58cde1410b30411f16a213e6197b67088f2edbaf3a8837a30f33a47d722dcb418fc3acefdedea7f3695fa0d350fdd860f2176cd74c28a585b86b6fdb6fcfed6ac5a831854a9a78fd40e024d608aad46fcf8e7ac066bb", 0x64}, {&(0x7f00000098c0)="8796c360401a6836ced7b607ff7eb7240b7e995a879d566c2a6ec6768acac031898ba191d92ab1f265fe437243ab88255c8e73be378f9db4c6913a3172623310a84f909260d4a1645d7f6c9efd135a093fbbd969f8995372d7354ab9498696889da04e69bb4ea345112413efff4b6363a0c6de7607395ba9", 0x78}, {&(0x7f0000009940)="ca87981519a2017573574c308c69aaa8ae4e86c334f315a461dd9868d1318dd0a1d998f3af33d2a3d68dd8f9fd66f91690099818f3aaf9efe563dd5d0426bc309cd4edd5452a0174fc1540830e838871d4723b25be00c0190ab593a91030f3d65456e99358ac067c922f7c33535b7de523e565da192b338df136d92ece383cf4a313bf01ac786cca61f4fcdbdca03e1f3f9103fbcd46a10634270f84fd22edab19ebef802e2c71070f073a764e76a6646d2b03d79c3f0926aac18b8b50b36a878443edd29a72ec7cd37ac80c552a15cee869d2662c1536bde5246cd3f143c7cb8ff18daa9fdaeb2e7a245f68f1d7480668", 0xf1}], 0x6, &(0x7f0000009ac0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfff}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r17, @multicast1, @multicast2}}}], 0x38}}, {{&(0x7f0000009b00)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000009d00)=[{&(0x7f0000009b40)="15ba4f88bb5c6e50ed8b72eaa04c1757a8f8c95bfb03812b23d902f12ba8ee4f0a973b275a2d591693759ace6bdeba8cc6950df87f0091c74914863a46408f18b8174f9f213667d586096833f7d8778d3f799e310c27afafce986b0e1c39f1b6443396f449d7f5e01ac1dad8c50afc9d359e812cbe04b9cff0bf873b79c34235def0a6a341eea29bdb937a69822b1ee46d3e458c800c17e77c93febddb07d11059eeeaec3d7a4942dca44c53e00db4bd15d982c85f5f535ea56e", 0xba}, {&(0x7f0000009c00)="d0f4face5d83518e1734e06622bb8e613a9a2c7fcabb6cbf5bae118e1627b269e01d2dfb8a5b09213741a44e45dfb7d1a912fe3b76a6996fc817e99e89c4a9d454c27f8e31141f9c7a9759abc78d43c4f49e5c09fa49df10caf7eb217c786b23f1cdbf99586ac2949ef3edb3b28b40b1be52de7e7340942631f017f5a36ff18abf8d453390dfdc7e3e412b1c0bb45e1fd1e6206c56db22c344580a0608143183bd1aad27af7023c1a1", 0xa9}, {&(0x7f0000009cc0)="372ea3c4dfe45dbfdc89910c4316c0ff4852047a886795fd5b4702977513204fa77dcb14bfee96204057d0288ca1a696", 0x30}], 0x3}}, {{&(0x7f0000009d40)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000009e80)=[{&(0x7f0000009d80)="a88a0cf5bd0f4da272792c988e42478ae7921c6d7365b8315afd45a27ed8b1579d4d0cb5fbfb4434a2ee38ff7b542ccd3ac4b799c1b46ff692acbed9cee989e9551039e998417d6a413ce30d0f007e52df46b52fc03a01eda62eede1d41c1b75aa7a9fe5801dca97b8f4bd53a76ba4a92cd74c061fd9cd9b28d323e09315f82e3725c994464677d809dc8d4aa29e1de56227a17c011a1b0a03fb2038c14c2ddcd08082e69dbe0c9618d88bfbdbbcde977f3295459679f3b57d9a15c2a6f10b6b2643cc41633329594cb22eeef5fa03e4bf665aa9369916bde335142d2a0b53c602293d5c35d6e1c40ca3", 0xea}], 0x1}}, {{0x0, 0x0, &(0x7f000000a2c0)=[{&(0x7f0000009ec0)="906128b0ff74", 0x6}, {&(0x7f0000009f00)="068c89960f5cc1dfa2009dafe0a419b3b9e5f38609fdc19d6a27b797e813ad6e176236106e068fa0610d2dfba132f49c322392247cf2463fe9e8497565c660c1d3a53dc0e0adda51ab342cc0724bfd63bd17c8b9d5c7649e53158ee4945d77f5faf9e691c8deb232a45a9e58aaabbe9a29bb3e576ea98cdf5b05083bac2cd153203c1e63d76304dbe8da1c478c367b45001f6bee1f196678c918d926fe48811cdac9c148378cad7a104006c5c3f05fc67bae69d6", 0xb4}, {&(0x7f0000009fc0)="68da2dad2b01d08ab63594f6249bef61761db6c20ee417a64a5aaf1b11b39f0a1a317ff4ef73da189f91ac62358e2a15af7d4f4da68ba17d707a48bd09e7d20544545a68e9340095f2c343fd8993a3bd5f9b6830c430", 0x56}, {&(0x7f000000a040)="622e3cf9b9d1fddf68d338cb53a483fe", 0x10}, {&(0x7f000000a080)="7d181641d75e696f099c639b140315be7e13067ca3c1b1b4aac6b5f1e2325363eaf5a57fe8e57f297694a23fadd1cb838d5a10a10c55ef07b4a1344e9e22ad2d7ca37e5170941025dc8706d7a48d883c2e1caf71cea018c0568904a8033ca794f0af0bf7999556014d704f1b09529c904b311127bc75aa8f8c3d1ee3391fcf09f4d875299f61625957903f856529eac9409b17d263a9d07a07b3691e4ca74fcb854b1645f64e5a4b78c2bac5470add009acdc8c6ae7d3d9090aa0ceac92bedc5133f", 0xc2}, {&(0x7f000000a180)="ae77c66bc77db7a5e9344b7f1af151b72c7f6968b08e9d9da83c94ebe6b853872bf21874804dd921ed9f00dc2012d653a531e12479ad92f8d3081f4765df15c920cc0661259f57b2ed0673c561d77d9c81940386c77f98b0412e201244162fb9fff687966fd258c889e0c34363fc36e010967e9d9a8a5646395b6293e91cef440cf39fe858bae708841634377a641cbc974ca80def3474ee07c499ab34ab50d3dccd1461897da1db27cfcc11e3f54ae081decc6613d110eeaf905c71f80c63d2f1a16a01d73b82a051e888debb3c137cb5f046ed", 0xd4}, {&(0x7f000000a280)}], 0x7}}], 0xa, 0x1000) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r19 = dup(r18) ioctl$PERF_EVENT_IOC_ENABLE(r19, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:47:58 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=0x0, &(0x7f0000000180)=0x4) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f00000001c0)={0x3ff, 0x0, 0x8, 0x7, 0x80000000, 0x3, 0x8, 0x5, r5}, 0x20) tkill(r0, 0x16) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x22c30e4f2a34f6f4, r3}) ioctl$DRM_IOCTL_GEM_OPEN(r3, 0xc010640b, &(0x7f0000000080)={r6, r7, 0x2}) 21:47:58 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x6, {0x0, 0x6, 0x1, 0x3f, 0x3, 0x1}, 0xda7, 0x1}, 0xe) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) write$smack_current(r4, &(0x7f0000000040)={'net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#'}, 0x7e) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) [ 2954.955590] FAULT_INJECTION: forcing a failure. [ 2954.955590] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2954.967570] kauditd_printk_skb: 8 callbacks suppressed [ 2954.967579] audit: type=1800 audit(1577137678.339:726): pid=19235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17747 res=0 [ 2955.001331] audit: type=1804 audit(1577137678.379:727): pid=19235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1618/file0" dev="sda1" ino=17747 res=1 [ 2955.003341] CPU: 1 PID: 19236 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2955.036756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2955.036761] Call Trace: [ 2955.036779] dump_stack+0x142/0x197 [ 2955.036796] should_fail.cold+0x10f/0x159 [ 2955.036807] ? __might_sleep+0x93/0xb0 [ 2955.036821] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2955.048779] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2955.056587] ? save_trace+0x290/0x290 [ 2955.056602] ? follow_page_pte+0x25e/0x1590 [ 2955.056621] alloc_pages_vma+0xc9/0x4c0 [ 2955.056637] __handle_mm_fault+0x186c/0x33d0 [ 2955.056649] ? copy_page_range+0x1de0/0x1de0 [ 2955.056658] ? find_held_lock+0x35/0x130 [ 2955.056668] ? handle_mm_fault+0x1b6/0x7c0 [ 2955.056691] handle_mm_fault+0x293/0x7c0 [ 2955.056707] __get_user_pages+0x465/0x12e0 [ 2955.065288] ? follow_page_mask+0x1630/0x1630 [ 2955.065300] ? lock_acquire+0x16f/0x430 [ 2955.065321] get_user_pages_unlocked+0x1f0/0x2f0 [ 2955.065334] ? get_user_pages_locked+0x3d0/0x3d0 [ 2955.065341] ? get_user_pages_fast+0x171/0x2d0 [ 2955.065354] get_user_pages_fast+0x228/0x2d0 [ 2955.065367] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2955.065377] ? save_trace+0x290/0x290 [ 2955.065391] iov_iter_get_pages+0x20f/0xd10 [ 2955.065403] ? __lock_is_held+0xb6/0x140 [ 2955.074353] ? check_preemption_disabled+0x3c/0x250 [ 2955.074368] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2955.074382] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2955.074398] af_alg_make_sg+0x85/0x400 [ 2955.074412] ? af_alg_data_wakeup+0x80/0x80 [ 2955.074428] af_alg_get_rsgl+0x1d3/0x530 [ 2955.074447] skcipher_recvmsg+0x774/0xd30 [ 2955.074466] ? skcipher_release+0x50/0x50 [ 2955.082786] ? selinux_socket_recvmsg+0x36/0x40 [ 2955.082801] ? security_socket_recvmsg+0x91/0xc0 [ 2955.082813] ? skcipher_release+0x50/0x50 [ 2955.082827] sock_recvmsg+0xc6/0x110 [ 2955.082838] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2955.082849] ___sys_recvmsg+0x21f/0x4d0 [ 2955.082866] ? ___sys_sendmsg+0x840/0x840 [ 2955.082878] ? __fget+0x210/0x370 [ 2955.082895] ? lock_downgrade+0x740/0x740 [ 2955.082910] ? __fget+0x237/0x370 [ 2955.082927] ? __fget_light+0x172/0x1f0 [ 2955.082939] ? __fdget+0x1b/0x20 [ 2955.082949] ? sockfd_lookup_light+0xb4/0x160 [ 2955.082959] __sys_recvmsg+0xb6/0x140 [ 2955.082971] ? SyS_sendmmsg+0x60/0x60 [ 2955.091799] SyS_recvmsg+0x2d/0x50 21:47:58 executing program 3 (fault-call:5 fault-nth:56): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:47:58 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) r3 = socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r5, &(0x7f00000017c0), 0x199, 0x0) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000000)={0xb2, 0xffffffff, 0x4, 0x0, 0x0, [{{r3}, 0x3}, {{r4}, 0x4}, {{r1}, 0x1f}, {{r5}, 0x80000000}]}) [ 2955.091809] ? __sys_recvmsg+0x140/0x140 [ 2955.091822] do_syscall_64+0x1e8/0x640 [ 2955.091831] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2955.091848] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2955.091856] RIP: 0033:0x45a919 [ 2955.091861] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2955.091872] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2955.091878] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2955.091884] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2955.091889] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2955.091895] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2955.279210] FAULT_INJECTION: forcing a failure. [ 2955.279210] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2955.304618] CPU: 0 PID: 19249 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2955.320894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2955.320899] Call Trace: [ 2955.320917] dump_stack+0x142/0x197 [ 2955.320936] should_fail.cold+0x10f/0x159 [ 2955.320948] ? __might_sleep+0x93/0xb0 [ 2955.320964] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2955.320977] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2955.320987] ? save_trace+0x290/0x290 [ 2955.320999] ? follow_page_pte+0x25e/0x1590 [ 2955.321015] alloc_pages_vma+0xc9/0x4c0 [ 2955.321029] __handle_mm_fault+0x186c/0x33d0 [ 2955.321044] ? copy_page_range+0x1de0/0x1de0 [ 2955.321055] ? find_held_lock+0x35/0x130 [ 2955.321065] ? handle_mm_fault+0x1b6/0x7c0 [ 2955.321087] handle_mm_fault+0x293/0x7c0 [ 2955.340773] __get_user_pages+0x465/0x12e0 [ 2955.340793] ? follow_page_mask+0x1630/0x1630 [ 2955.340805] ? lock_acquire+0x16f/0x430 [ 2955.340827] get_user_pages_unlocked+0x1f0/0x2f0 [ 2955.340841] ? get_user_pages_locked+0x3d0/0x3d0 [ 2955.340848] ? get_user_pages_fast+0x171/0x2d0 [ 2955.340863] get_user_pages_fast+0x228/0x2d0 [ 2955.340875] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2955.340887] ? save_trace+0x290/0x290 [ 2955.424791] iov_iter_get_pages+0x20f/0xd10 [ 2955.424807] ? __lock_is_held+0xb6/0x140 21:47:58 executing program 3 (fault-call:5 fault-nth:57): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2955.424817] ? check_preemption_disabled+0x3c/0x250 [ 2955.424831] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2955.424842] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2955.424858] af_alg_make_sg+0x85/0x400 [ 2955.434184] ? iov_iter_advance+0x218/0xc60 [ 2955.434215] ? af_alg_data_wakeup+0x80/0x80 [ 2955.434230] af_alg_get_rsgl+0x1d3/0x530 [ 2955.434250] skcipher_recvmsg+0x774/0xd30 [ 2955.434272] ? skcipher_release+0x50/0x50 [ 2955.434282] ? selinux_socket_recvmsg+0x36/0x40 [ 2955.434295] ? security_socket_recvmsg+0x91/0xc0 [ 2955.434305] ? skcipher_release+0x50/0x50 [ 2955.434318] sock_recvmsg+0xc6/0x110 [ 2955.434327] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2955.434339] ___sys_recvmsg+0x21f/0x4d0 [ 2955.434356] ? ___sys_sendmsg+0x840/0x840 [ 2955.434367] ? __fget+0x210/0x370 [ 2955.434386] ? lock_downgrade+0x740/0x740 [ 2955.434402] ? __fget+0x237/0x370 [ 2955.434417] ? __fget_light+0x172/0x1f0 [ 2955.434429] ? __fdget+0x1b/0x20 [ 2955.451695] ? sockfd_lookup_light+0xb4/0x160 [ 2955.451707] __sys_recvmsg+0xb6/0x140 [ 2955.451717] ? SyS_sendmmsg+0x60/0x60 [ 2955.451745] SyS_recvmsg+0x2d/0x50 [ 2955.451754] ? __sys_recvmsg+0x140/0x140 [ 2955.451768] do_syscall_64+0x1e8/0x640 [ 2955.451778] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2955.451795] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2955.451803] RIP: 0033:0x45a919 [ 2955.451808] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2955.451820] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2955.451825] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2955.451832] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2955.451838] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2955.451844] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2955.608081] audit: type=1800 audit(1577137678.999:728): pid=19235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17697 res=0 [ 2955.640321] FAULT_INJECTION: forcing a failure. [ 2955.640321] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2955.667888] audit: type=1804 audit(1577137679.039:729): pid=19261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1618/file0" dev="sda1" ino=17697 res=1 [ 2955.704701] CPU: 0 PID: 19262 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2955.712743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2955.722108] Call Trace: [ 2955.722126] dump_stack+0x142/0x197 [ 2955.722145] should_fail.cold+0x10f/0x159 [ 2955.722156] ? __might_sleep+0x93/0xb0 [ 2955.722168] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2955.722181] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2955.722191] ? save_trace+0x290/0x290 [ 2955.722203] ? follow_page_pte+0x25e/0x1590 [ 2955.722219] alloc_pages_vma+0xc9/0x4c0 21:47:59 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r1 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@ipv4={[], [], @empty}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@multicast2}}, &(0x7f0000000080)=0xe8) prctl$PR_GET_TIMERSLACK(0x1e) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r3, 0x40106614, &(0x7f0000000300)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@getqdisc={0x2c, 0x26, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x1, 0x6}, {0x1, 0x5}, {0x0, 0x9}}, [{0x4}, {0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x40880) sendfile(r0, r1, 0x0, 0x9546) [ 2955.722233] __handle_mm_fault+0x186c/0x33d0 [ 2955.722248] ? copy_page_range+0x1de0/0x1de0 [ 2955.722257] ? find_held_lock+0x35/0x130 [ 2955.722268] ? handle_mm_fault+0x1b6/0x7c0 [ 2955.722291] handle_mm_fault+0x293/0x7c0 [ 2955.722303] __get_user_pages+0x465/0x12e0 [ 2955.722319] ? follow_page_mask+0x1630/0x1630 [ 2955.722331] ? lock_acquire+0x16f/0x430 [ 2955.728556] get_user_pages_unlocked+0x1f0/0x2f0 [ 2955.728573] ? get_user_pages_locked+0x3d0/0x3d0 [ 2955.728584] ? get_user_pages_fast+0x171/0x2d0 [ 2955.736612] get_user_pages_fast+0x228/0x2d0 [ 2955.736626] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2955.736639] ? save_trace+0x290/0x290 [ 2955.736653] iov_iter_get_pages+0x20f/0xd10 [ 2955.736664] ? __lock_is_held+0xb6/0x140 [ 2955.746338] ? check_preemption_disabled+0x3c/0x250 [ 2955.746353] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2955.746366] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2955.746383] af_alg_make_sg+0x85/0x400 [ 2955.746392] ? iov_iter_advance+0x218/0xc60 [ 2955.746403] ? af_alg_data_wakeup+0x80/0x80 21:47:59 executing program 3 (fault-call:5 fault-nth:58): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2955.758497] af_alg_get_rsgl+0x1d3/0x530 [ 2955.758523] skcipher_recvmsg+0x774/0xd30 [ 2955.758543] ? skcipher_release+0x50/0x50 [ 2955.767363] ? selinux_socket_recvmsg+0x36/0x40 [ 2955.767376] ? security_socket_recvmsg+0x91/0xc0 [ 2955.767388] ? skcipher_release+0x50/0x50 [ 2955.767402] sock_recvmsg+0xc6/0x110 [ 2955.767412] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2955.767424] ___sys_recvmsg+0x21f/0x4d0 [ 2955.775738] ? ___sys_sendmsg+0x840/0x840 [ 2955.775752] ? __fget+0x210/0x370 [ 2955.775775] ? lock_downgrade+0x740/0x740 [ 2955.775789] ? __fget+0x237/0x370 [ 2955.775805] ? __fget_light+0x172/0x1f0 [ 2955.784100] ? __fdget+0x1b/0x20 [ 2955.784115] ? sockfd_lookup_light+0xb4/0x160 [ 2955.784127] __sys_recvmsg+0xb6/0x140 [ 2955.784137] ? SyS_sendmmsg+0x60/0x60 [ 2955.784160] SyS_recvmsg+0x2d/0x50 [ 2955.792596] ? __sys_recvmsg+0x140/0x140 [ 2955.792610] do_syscall_64+0x1e8/0x640 [ 2955.792621] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2955.792641] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2955.792648] RIP: 0033:0x45a919 [ 2955.792653] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2955.792664] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2955.792671] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2955.792676] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2955.792681] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2955.792687] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2955.806463] audit: type=1800 audit(1577137679.139:730): pid=19264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17633 res=0 [ 2955.820955] audit: type=1804 audit(1577137679.139:731): pid=19264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1619/file0" dev="sda1" ino=17633 res=1 [ 2955.912914] FAULT_INJECTION: forcing a failure. 21:47:59 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyprintk\x00', 0x2000, 0x0) ioctl$TIOCL_SCROLLCONSOLE(r1, 0x541c, &(0x7f0000000040)={0xd, 0x615}) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) sendfile(r0, r2, 0x0, 0xeefffdef) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$EVIOCGKEYCODE_V2(r3, 0x80284504, &(0x7f0000000200)=""/240) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) [ 2955.912914] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2955.946375] CPU: 0 PID: 19268 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2955.953356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2955.953361] Call Trace: [ 2955.953379] dump_stack+0x142/0x197 [ 2955.953396] should_fail.cold+0x10f/0x159 [ 2955.953406] ? __might_sleep+0x93/0xb0 [ 2955.953420] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2955.953434] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2955.953445] ? save_trace+0x290/0x290 21:47:59 executing program 3 (fault-call:5 fault-nth:59): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2955.953459] ? follow_page_pte+0x25e/0x1590 [ 2955.953477] alloc_pages_vma+0xc9/0x4c0 [ 2955.953492] __handle_mm_fault+0x186c/0x33d0 [ 2955.953505] ? copy_page_range+0x1de0/0x1de0 [ 2955.953515] ? find_held_lock+0x35/0x130 [ 2955.953526] ? handle_mm_fault+0x1b6/0x7c0 [ 2955.953551] handle_mm_fault+0x293/0x7c0 [ 2955.953564] __get_user_pages+0x465/0x12e0 [ 2955.953583] ? follow_page_mask+0x1630/0x1630 [ 2955.953593] ? lock_acquire+0x16f/0x430 [ 2955.953612] get_user_pages_unlocked+0x1f0/0x2f0 [ 2955.953627] ? get_user_pages_locked+0x3d0/0x3d0 [ 2955.964509] ? get_user_pages_fast+0x171/0x2d0 [ 2955.964525] get_user_pages_fast+0x228/0x2d0 [ 2955.964542] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2955.979075] ? save_trace+0x290/0x290 [ 2955.979093] iov_iter_get_pages+0x20f/0xd10 [ 2955.979104] ? __lock_is_held+0xb6/0x140 [ 2955.993626] ? check_preemption_disabled+0x3c/0x250 [ 2955.993639] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2955.993669] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2955.993684] af_alg_make_sg+0x85/0x400 [ 2955.993695] ? iov_iter_advance+0x218/0xc60 [ 2955.993706] ? af_alg_data_wakeup+0x80/0x80 [ 2955.993723] af_alg_get_rsgl+0x1d3/0x530 [ 2955.993743] skcipher_recvmsg+0x774/0xd30 [ 2955.993763] ? skcipher_release+0x50/0x50 [ 2955.993773] ? selinux_socket_recvmsg+0x36/0x40 [ 2955.993784] ? security_socket_recvmsg+0x91/0xc0 [ 2955.993794] ? skcipher_release+0x50/0x50 [ 2955.993806] sock_recvmsg+0xc6/0x110 [ 2955.993818] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2956.024061] ___sys_recvmsg+0x21f/0x4d0 [ 2956.024075] ? ___sys_sendmsg+0x840/0x840 [ 2956.024088] ? __fget+0x210/0x370 [ 2956.024105] ? lock_downgrade+0x740/0x740 [ 2956.024119] ? __fget+0x237/0x370 [ 2956.024134] ? __fget_light+0x172/0x1f0 [ 2956.024145] ? __fdget+0x1b/0x20 [ 2956.024155] ? sockfd_lookup_light+0xb4/0x160 [ 2956.024166] __sys_recvmsg+0xb6/0x140 [ 2956.024176] ? SyS_sendmmsg+0x60/0x60 [ 2956.024201] SyS_recvmsg+0x2d/0x50 [ 2956.024207] ? __sys_recvmsg+0x140/0x140 [ 2956.024217] do_syscall_64+0x1e8/0x640 [ 2956.024230] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2956.063351] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2956.063360] RIP: 0033:0x45a919 [ 2956.063365] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2956.063375] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2956.063381] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2956.063387] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2956.063392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2956.063397] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2956.199508] FAULT_INJECTION: forcing a failure. [ 2956.199508] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2956.220306] audit: type=1800 audit(1577137679.599:732): pid=19264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17633 res=0 21:47:59 executing program 3 (fault-call:5 fault-nth:60): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2956.224598] audit: type=1804 audit(1577137679.599:733): pid=19264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1619/file0" dev="sda1" ino=17633 res=1 [ 2956.235049] CPU: 0 PID: 19273 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2956.242445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2956.242451] Call Trace: [ 2956.242472] dump_stack+0x142/0x197 [ 2956.242494] should_fail.cold+0x10f/0x159 [ 2956.242508] ? __might_sleep+0x93/0xb0 [ 2956.242522] __alloc_pages_nodemask+0x1d6/0x7a0 21:47:59 executing program 1: r0 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000), 0x4) r1 = open$dir(&(0x7f0000000140)='./file0\x00', 0x4000, 0x189) write(r0, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) unlink(&(0x7f0000000040)='./file0\x00') sendfile(r0, r1, 0x0, 0x9546) [ 2956.242539] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2956.242556] ? save_trace+0x290/0x290 [ 2956.251295] ? follow_page_pte+0x25e/0x1590 [ 2956.251312] alloc_pages_vma+0xc9/0x4c0 [ 2956.251330] __handle_mm_fault+0x186c/0x33d0 [ 2956.251343] ? copy_page_range+0x1de0/0x1de0 [ 2956.251354] ? find_held_lock+0x35/0x130 [ 2956.251367] ? handle_mm_fault+0x1b6/0x7c0 [ 2956.259509] handle_mm_fault+0x293/0x7c0 [ 2956.259523] __get_user_pages+0x465/0x12e0 [ 2956.259541] ? follow_page_mask+0x1630/0x1630 [ 2956.267108] ? lock_acquire+0x16f/0x430 [ 2956.267129] get_user_pages_unlocked+0x1f0/0x2f0 [ 2956.267145] ? get_user_pages_locked+0x3d0/0x3d0 [ 2956.274559] ? get_user_pages_fast+0x171/0x2d0 [ 2956.274576] get_user_pages_fast+0x228/0x2d0 [ 2956.274593] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2956.282426] ? save_trace+0x290/0x290 [ 2956.282442] iov_iter_get_pages+0x20f/0xd10 [ 2956.282452] ? __lock_is_held+0xb6/0x140 [ 2956.282461] ? check_preemption_disabled+0x3c/0x250 [ 2956.282473] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2956.282484] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2956.282500] af_alg_make_sg+0x85/0x400 [ 2956.282511] ? iov_iter_advance+0x218/0xc60 [ 2956.290105] ? af_alg_data_wakeup+0x80/0x80 [ 2956.290123] af_alg_get_rsgl+0x1d3/0x530 [ 2956.290142] skcipher_recvmsg+0x774/0xd30 [ 2956.290161] ? skcipher_release+0x50/0x50 [ 2956.290170] ? selinux_socket_recvmsg+0x36/0x40 [ 2956.290181] ? security_socket_recvmsg+0x91/0xc0 [ 2956.290191] ? skcipher_release+0x50/0x50 [ 2956.290204] sock_recvmsg+0xc6/0x110 [ 2956.297792] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2956.297806] ___sys_recvmsg+0x21f/0x4d0 [ 2956.297821] ? ___sys_sendmsg+0x840/0x840 [ 2956.306535] ? __fget+0x210/0x370 [ 2956.306555] ? lock_downgrade+0x740/0x740 [ 2956.306571] ? __fget+0x237/0x370 [ 2956.314928] ? __fget_light+0x172/0x1f0 [ 2956.314942] ? __fdget+0x1b/0x20 [ 2956.314954] ? sockfd_lookup_light+0xb4/0x160 [ 2956.314966] __sys_recvmsg+0xb6/0x140 [ 2956.329928] ? SyS_sendmmsg+0x60/0x60 [ 2956.329954] SyS_recvmsg+0x2d/0x50 [ 2956.329964] ? __sys_recvmsg+0x140/0x140 [ 2956.344496] do_syscall_64+0x1e8/0x640 [ 2956.344506] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2956.344525] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2956.344534] RIP: 0033:0x45a919 [ 2956.344540] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2956.344550] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2956.344555] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2956.344566] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2956.359134] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2956.394205] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2956.470896] FAULT_INJECTION: forcing a failure. [ 2956.470896] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2956.499999] audit: type=1800 audit(1577137679.869:734): pid=19282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.1" name="file0" dev="sda1" ino=17697 res=0 [ 2956.510299] audit: type=1804 audit(1577137679.869:735): pid=19282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir714932015/syzkaller.S2ILbs/1620/file0" dev="sda1" ino=17697 res=1 [ 2956.556465] CPU: 0 PID: 19280 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2956.565670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2956.565675] Call Trace: [ 2956.565693] dump_stack+0x142/0x197 [ 2956.565711] should_fail.cold+0x10f/0x159 [ 2956.565724] ? __might_sleep+0x93/0xb0 [ 2956.574357] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2956.574374] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2956.574387] ? save_trace+0x290/0x290 [ 2956.574399] ? follow_page_pte+0x25e/0x1590 [ 2956.574414] alloc_pages_vma+0xc9/0x4c0 [ 2956.582603] __handle_mm_fault+0x186c/0x33d0 [ 2956.582619] ? copy_page_range+0x1de0/0x1de0 [ 2956.582631] ? find_held_lock+0x35/0x130 [ 2956.582640] ? handle_mm_fault+0x1b6/0x7c0 [ 2956.582661] handle_mm_fault+0x293/0x7c0 [ 2956.582673] __get_user_pages+0x465/0x12e0 [ 2956.582689] ? follow_page_mask+0x1630/0x1630 [ 2956.582697] ? lock_acquire+0x16f/0x430 [ 2956.582714] get_user_pages_unlocked+0x1f0/0x2f0 [ 2956.582730] ? get_user_pages_locked+0x3d0/0x3d0 [ 2956.591537] ? get_user_pages_fast+0x171/0x2d0 [ 2956.591555] get_user_pages_fast+0x228/0x2d0 [ 2956.591568] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2956.591578] ? save_trace+0x290/0x290 [ 2956.591592] iov_iter_get_pages+0x20f/0xd10 [ 2956.591602] ? __lock_is_held+0xb6/0x140 [ 2956.591608] ? check_preemption_disabled+0x3c/0x250 [ 2956.591620] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2956.600509] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 2956.600527] af_alg_make_sg+0x85/0x400 [ 2956.600539] ? iov_iter_advance+0x218/0xc60 [ 2956.600550] ? af_alg_data_wakeup+0x80/0x80 [ 2956.600565] af_alg_get_rsgl+0x1d3/0x530 [ 2956.600585] skcipher_recvmsg+0x774/0xd30 [ 2956.600603] ? skcipher_release+0x50/0x50 [ 2956.600612] ? selinux_socket_recvmsg+0x36/0x40 [ 2956.600624] ? security_socket_recvmsg+0x91/0xc0 [ 2956.609330] ? skcipher_release+0x50/0x50 [ 2956.609345] sock_recvmsg+0xc6/0x110 [ 2956.609357] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2956.609368] ___sys_recvmsg+0x21f/0x4d0 [ 2956.609383] ? ___sys_sendmsg+0x840/0x840 [ 2956.617511] ? __fget+0x210/0x370 [ 2956.617531] ? lock_downgrade+0x740/0x740 [ 2956.617548] ? __fget+0x237/0x370 [ 2956.617566] ? __fget_light+0x172/0x1f0 [ 2956.622821] kobject: 'veth31' (ffff888203be4f30): kobject_uevent_env [ 2956.625265] ? __fdget+0x1b/0x20 [ 2956.625278] ? sockfd_lookup_light+0xb4/0x160 [ 2956.625291] __sys_recvmsg+0xb6/0x140 [ 2956.625301] ? SyS_sendmmsg+0x60/0x60 [ 2956.625329] SyS_recvmsg+0x2d/0x50 [ 2956.628976] kobject: 'veth31' (ffff888203be4f30): fill_kobj_path: path = '/devices/virtual/net/veth31' [ 2956.632746] ? __sys_recvmsg+0x140/0x140 [ 2956.632760] do_syscall_64+0x1e8/0x640 [ 2956.632776] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2956.632795] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2956.632802] RIP: 0033:0x45a919 [ 2956.632807] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2956.632819] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2956.632824] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2956.632830] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2956.632836] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2956.632841] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2956.682504] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2956.689216] kobject: 'queues' (ffff88808ff34b48): kobject_add_internal: parent: 'veth31', set: '' [ 2956.709334] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2956.711438] kobject: 'queues' (ffff88808ff34b48): kobject_uevent_env [ 2956.983948] ttyprintk ttyprintk: tty_port_close_start: tty->count = 1 port count = 4 [ 2956.990490] kobject: 'queues' (ffff88808ff34b48): kobject_uevent_env: filter function caused the event to drop! [ 2956.995879] [ 2956.995883] ====================================================== [ 2956.995887] WARNING: possible circular locking dependency detected [ 2956.995889] 4.14.160-syzkaller #0 Not tainted [ 2956.995893] ------------------------------------------------------ [ 2956.995896] syz-executor.2/19270 is trying to acquire lock: [ 2956.995898] (console_owner){-.-.}, at: [] vprintk_emit+0x2f1/0x600 [ 2956.995911] [ 2956.995913] but task is already holding lock: [ 2956.995914] (&(&port->lock)->rlock){-.-.}, at: [] tty_port_close_start.part.0+0x2b/0x4e0 [ 2956.995926] [ 2956.995928] which lock already depends on the new lock. [ 2956.995929] [ 2956.995930] [ 2956.995933] the existing dependency chain (in reverse order) is: [ 2956.995934] [ 2956.995936] -> #2 (&(&port->lock)->rlock){-.-.}: [ 2956.995943] lock_acquire+0x16f/0x430 [ 2956.995946] _raw_spin_lock_irqsave+0x95/0xcd [ 2956.995948] tty_port_tty_get+0x22/0x90 [ 2956.995950] tty_port_default_wakeup+0x16/0x40 [ 2956.995953] tty_port_tty_wakeup+0x57/0x70 [ 2956.995955] uart_write_wakeup+0x46/0x70 [ 2956.995957] serial8250_tx_chars+0x40d/0xa10 [ 2956.995960] serial8250_handle_irq.part.0+0x206/0x250 [ 2956.995963] serial8250_default_handle_irq+0xa1/0x120 [ 2956.995965] serial8250_interrupt+0xe9/0x1a0 [ 2956.995968] __handle_irq_event_percpu+0x125/0x7f0 [ 2956.995970] handle_irq_event_percpu+0x65/0x130 [ 2956.995972] handle_irq_event+0xa7/0x134 [ 2956.995975] handle_edge_irq+0x22b/0x840 [ 2956.995977] handle_irq+0x39/0x50 [ 2956.995979] do_IRQ+0x99/0x1d0 [ 2956.995981] ret_from_intr+0x0/0x1e [ 2956.995984] _raw_spin_unlock_irqrestore+0x95/0xe0 [ 2956.995986] uart_write+0x29a/0x4f0 [ 2956.995988] n_tty_write+0x38b/0xf20 [ 2956.995990] tty_write+0x3f6/0x700 [ 2956.995993] redirected_tty_write+0xa3/0xb0 [ 2956.995996] __vfs_write+0x105/0x6b0 [ 2956.995998] vfs_write+0x198/0x500 [ 2956.996000] SyS_write+0xfd/0x230 [ 2956.996002] do_syscall_64+0x1e8/0x640 [ 2956.996005] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2956.996006] [ 2956.996007] -> #1 (&port_lock_key){-.-.}: [ 2956.996016] lock_acquire+0x16f/0x430 [ 2956.996018] _raw_spin_lock_irqsave+0x95/0xcd [ 2956.996021] serial8250_console_write+0x709/0x930 [ 2956.996023] univ8250_console_write+0x5f/0x70 [ 2956.996025] console_unlock+0x9ba/0xed0 [ 2956.996028] vprintk_emit+0x1f9/0x600 [ 2956.996030] vprintk_default+0x28/0x30 [ 2956.996032] vprintk_func+0x5d/0x159 [ 2956.996034] printk+0x9e/0xbc [ 2956.996036] register_console+0x614/0x9e0 [ 2956.996039] univ8250_console_init+0x33/0x3f [ 2956.996041] console_init+0x4d/0x5d [ 2956.996043] start_kernel+0x43c/0x6fd [ 2956.996045] x86_64_start_reservations+0x29/0x2b [ 2956.996047] x86_64_start_kernel+0x77/0x7b [ 2956.996050] secondary_startup_64+0xa5/0xb0 [ 2956.996051] [ 2956.996052] -> #0 (console_owner){-.-.}: [ 2956.996060] __lock_acquire+0x2cb3/0x4620 [ 2956.996062] lock_acquire+0x16f/0x430 [ 2956.996064] vprintk_emit+0x32e/0x600 [ 2956.996067] vprintk_default+0x28/0x30 [ 2956.996069] vprintk_func+0x5d/0x159 [ 2956.996070] printk+0x9e/0xbc [ 2956.996073] tty_port_close_start.part.0+0x491/0x4e0 [ 2956.996076] tty_port_close+0x41/0xc0 [ 2956.996078] tpk_close+0x7a/0x8c [ 2956.996080] tty_release+0x373/0xd60 [ 2956.996082] __fput+0x275/0x7a0 [ 2956.996084] ____fput+0x16/0x20 [ 2956.996086] task_work_run+0x114/0x190 [ 2956.996088] exit_to_usermode_loop+0x1da/0x220 [ 2956.996091] do_syscall_64+0x4bc/0x640 [ 2956.996093] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2956.996094] [ 2956.996097] other info that might help us debug this: [ 2956.996098] [ 2956.996100] Chain exists of: [ 2956.996101] console_owner --> &port_lock_key --> &(&port->lock)->rlock [ 2956.996111] [ 2956.996113] Possible unsafe locking scenario: [ 2956.996115] [ 2956.996117] CPU0 CPU1 [ 2956.996119] ---- ---- [ 2956.996121] lock(&(&port->lock)->rlock); [ 2956.996126] lock(&port_lock_key); [ 2956.996132] lock(&(&port->lock)->rlock); [ 2956.996137] lock(console_owner); [ 2956.996141] [ 2956.996143] *** DEADLOCK *** [ 2956.996144] [ 2956.996147] 2 locks held by syz-executor.2/19270: [ 2956.996148] #0: (&tty->legacy_mutex){+.+.}, at: [] tty_lock+0x68/0x80 [ 2956.996156] #1: (&(&port->lock)->rlock){-.-.}, at: [] tty_port_close_start.part.0+0x2b/0x4e0 [ 2956.996165] [ 2956.996167] stack backtrace: [ 2956.996170] CPU: 0 PID: 19270 Comm: syz-executor.2 Not tainted 4.14.160-syzkaller #0 [ 2956.996174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2956.996176] Call Trace: [ 2956.996178] dump_stack+0x142/0x197 [ 2956.996181] print_circular_bug.isra.0.cold+0x1cc/0x28f [ 2956.996183] __lock_acquire+0x2cb3/0x4620 [ 2956.996185] ? trace_hardirqs_on+0x10/0x10 [ 2956.996187] ? vprintk_emit+0x309/0x600 [ 2956.996190] lock_acquire+0x16f/0x430 [ 2956.996192] ? vprintk_emit+0x2f1/0x600 [ 2956.996194] vprintk_emit+0x32e/0x600 [ 2956.996196] ? vprintk_emit+0x2f1/0x600 [ 2956.996198] vprintk_default+0x28/0x30 [ 2956.996200] vprintk_func+0x5d/0x159 [ 2956.996202] ? tpk_close+0x50/0x8c [ 2956.996204] printk+0x9e/0xbc [ 2956.996206] ? show_regs_print_info+0x63/0x63 [ 2956.996209] ? tty_port_close_start.part.0+0x2b/0x4e0 [ 2956.996211] tty_port_close_start.part.0+0x491/0x4e0 [ 2956.996213] tty_port_close+0x41/0xc0 [ 2956.996215] tpk_close+0x7a/0x8c [ 2956.996218] ? tpk_write+0x2c0/0x2c0 [ 2956.996221] tty_release+0x373/0xd60 [ 2956.996223] ? tty_kref_put+0x2e/0x50 [ 2956.996225] ? ima_file_free+0xae/0x350 [ 2956.996228] ? tty_release_struct+0x50/0x50 [ 2956.996230] __fput+0x275/0x7a0 [ 2956.996232] ____fput+0x16/0x20 [ 2956.996234] task_work_run+0x114/0x190 [ 2956.996236] exit_to_usermode_loop+0x1da/0x220 [ 2956.996238] do_syscall_64+0x4bc/0x640 [ 2956.996241] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2956.996243] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2956.996245] RIP: 0033:0x4144b1 [ 2956.996248] RSP: 002b:00007ffee6eb3550 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 2956.996254] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00000000004144b1 [ 2956.996257] RDX: 0000000000000000 RSI: 0000000000000ab7 RDI: 0000000000000004 [ 2956.996260] RBP: 0000000000000001 R08: 000000007b792ab7 R09: 000000007b792abb [ 2956.996263] R10: 00007ffee6eb3630 R11: 0000000000000293 R12: 000000000075c9a0 [ 2956.996267] R13: 000000000075c9a0 R14: 0000000000760aa0 R15: 000000000075bfd4 [ 2957.784154] kobject: 'rx-0' (ffff888095a0c610): kobject_add_internal: parent: 'queues', set: 'queues' [ 2957.793896] kobject: 'rx-0' (ffff888095a0c610): kobject_uevent_env [ 2957.800344] kobject: 'rx-0' (ffff888095a0c610): fill_kobj_path: path = '/devices/virtual/net/veth31/queues/rx-0' 21:48:01 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0xfffffffffffffffe}, 0x44) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) [ 2957.810911] kobject: 'tx-0' (ffff8880a524ea18): kobject_add_internal: parent: 'queues', set: 'queues' [ 2957.820601] kobject: 'tx-0' (ffff8880a524ea18): kobject_uevent_env [ 2957.826962] kobject: 'tx-0' (ffff8880a524ea18): fill_kobj_path: path = '/devices/virtual/net/veth31/queues/tx-0' [ 2957.838138] kobject: 'batman_adv' (ffff88808e7ffa00): kobject_add_internal: parent: 'veth31', set: '' [ 2957.864656] kobject: '0:46' (ffff88804ea04150): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2957.874277] kobject: '0:46' (ffff88804ea04150): kobject_uevent_env [ 2957.880694] kobject: '0:46' (ffff88804ea04150): fill_kobj_path: path = '/devices/virtual/bdi/0:46' 21:48:01 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x80, 0x0, 0x0, 0x0, 0x41c0, 0xb0080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x400000, 0x100) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040)={{0x9, 0x422}, 0x8}, 0x10) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r4, 0x0, 0xffffffffffffffff, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x810000, 0x101) r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r6, &(0x7f00000017c0), 0x199, 0x0) r7 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/status\x00', 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r4, r1, 0x7, r5, &(0x7f0000000180)={r6, r7, 0xffff0000}) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) 21:48:01 executing program 1: 21:48:01 executing program 3 (fault-call:5 fault-nth:61): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2957.953208] kobject: 'loop4' (ffff8880a41f76e0): kobject_uevent_env [ 2957.970144] kobject: 'loop4' (ffff8880a41f76e0): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 2957.991962] FAULT_INJECTION: forcing a failure. [ 2957.991962] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2958.003952] CPU: 1 PID: 19294 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2958.011864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2958.021222] Call Trace: [ 2958.023833] dump_stack+0x142/0x197 [ 2958.027464] should_fail.cold+0x10f/0x159 [ 2958.031608] ? __might_sleep+0x93/0xb0 [ 2958.035489] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2958.040158] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2958.045185] ? debug_smp_processor_id+0x1c/0x20 [ 2958.049871] alloc_pages_vma+0xc9/0x4c0 [ 2958.053859] __handle_mm_fault+0x186c/0x33d0 [ 2958.058299] ? copy_page_range+0x1de0/0x1de0 [ 2958.062723] ? perf_trace_lock+0x500/0x500 [ 2958.067096] ? _raw_spin_unlock+0x2d/0x50 [ 2958.071244] ? follow_page_pte+0x2e4/0x1590 [ 2958.075591] handle_mm_fault+0x293/0x7c0 [ 2958.079664] __get_user_pages+0x465/0x12e0 [ 2958.083985] ? follow_page_mask+0x1630/0x1630 [ 2958.088471] ? lock_acquire+0x16f/0x430 [ 2958.092436] get_user_pages_unlocked+0x1f0/0x2f0 [ 2958.097180] ? get_user_pages_locked+0x3d0/0x3d0 [ 2958.101936] get_user_pages_fast+0x228/0x2d0 [ 2958.106341] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2958.111106] ? debug_smp_processor_id+0x1c/0x20 [ 2958.115783] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2958.120737] iov_iter_get_pages+0x20f/0xd10 [ 2958.125058] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2958.129976] ? kasan_kmalloc+0xce/0xf0 [ 2958.133850] af_alg_make_sg+0x85/0x400 [ 2958.137723] ? iov_iter_advance+0x218/0xc60 [ 2958.142042] ? af_alg_data_wakeup+0x80/0x80 [ 2958.146359] af_alg_get_rsgl+0x1d3/0x530 [ 2958.150412] skcipher_recvmsg+0x774/0xd30 [ 2958.154548] ? skcipher_release+0x50/0x50 [ 2958.158686] ? selinux_socket_recvmsg+0x36/0x40 [ 2958.163373] ? security_socket_recvmsg+0x91/0xc0 [ 2958.168116] ? skcipher_release+0x50/0x50 [ 2958.172252] sock_recvmsg+0xc6/0x110 [ 2958.175954] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2958.181052] ___sys_recvmsg+0x21f/0x4d0 [ 2958.185056] ? ___sys_sendmsg+0x840/0x840 [ 2958.189203] ? lock_downgrade+0x740/0x740 [ 2958.193343] ? __fget+0x237/0x370 [ 2958.196867] ? __fget_light+0x172/0x1f0 [ 2958.200972] ? __fdget+0x1b/0x20 [ 2958.204344] ? sockfd_lookup_light+0xb4/0x160 [ 2958.208837] __sys_recvmsg+0xb6/0x140 [ 2958.212628] ? SyS_sendmmsg+0x60/0x60 [ 2958.216427] ? SyS_read+0x230/0x230 [ 2958.220052] SyS_recvmsg+0x2d/0x50 [ 2958.223584] ? __sys_recvmsg+0x140/0x140 [ 2958.227748] do_syscall_64+0x1e8/0x640 [ 2958.231638] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2958.236497] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2958.241685] RIP: 0033:0x45a919 [ 2958.244866] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2958.252567] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2958.260013] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2958.267286] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2958.274543] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2958.281816] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2958.292411] kobject: 'loop4' (ffff8880a41f76e0): kobject_uevent_env 21:48:01 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000000), 0xffffffffffffff1f) 21:48:01 executing program 1: 21:48:01 executing program 2: r0 = getpgid(0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) r2 = getpgrp(r0) r3 = syz_open_procfs(r2, &(0x7f0000000580)='maps\x00') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f0000000140)=0x0) timer_create(0x0, &(0x7f0000066000)={0x0, 0xd, 0x0, @tid=r5}, &(0x7f00009b1ffc)) r6 = getpid() r7 = syz_open_procfs(r6, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r7, &(0x7f00000017c0), 0x199, 0x0) ioctl$EVIOCGUNIQ(r7, 0x80404508, &(0x7f00000002c0)=""/89) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r8 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) r11 = fcntl$dupfd(r10, 0x0, r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) r12 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r12, &(0x7f00000017c0), 0x199, 0x0) fsetxattr$trusted_overlay_redirect(r12, &(0x7f0000000100)='trusted.overlay.redirect\x00', &(0x7f0000000280)='./file0\x00', 0x8, 0x2) sendmsg$nl_generic(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00800010002d080000000000003cc664cf9f000003000000080001"], 0x1c}}, 0x0) r13 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r13, 0x1000000) sendfile(r8, r13, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r14, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) r15 = socket$nl_route(0x10, 0x3, 0x0) r16 = socket$netlink(0x10, 0x3, 0x0) r17 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r17, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r17, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r16, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r18, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="4000000400000000"], 0x48}}, 0x0) sendmsg$nl_route_sched(r15, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000000000a2a30005000000", @ANYRES32=r18, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0) sendmsg$nl_route_sched(r16, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9532091a3a53eab7f6157018e58adbcb023490cfad225a288ad762ede8e5c0a1c0a068acc58126f9374bf869", @ANYRES32=r18, @ANYBLOB="00000000ffffffff000000000c0080eb8600000075701000200002001c0002000500000000000800050062706600040002000400060000ff156569735843de8b4c1ef779b8d8f7bf7afb33e23753792ac1f351b2483d67b19c323679afde2698ebe5f83bc5b1d2c1df41944400193870e465324b63063fc06b6d0e583c75ba0a6d8da2ca131e39aeef0f"], 0x50}}, 0x0) sendmsg$can_raw(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x1d, r18}, 0x10, &(0x7f0000000500)={&(0x7f0000000480)=@canfd={{0x1, 0x1}, 0xe4, 0x2, 0x0, 0x0, "c9adcfe4c12f2d5010a9de854da4a68f791f01c3fa8e2a99ee1bd74258096050db9344ba6dd047aa05245dd307e3a1a8b43c354b449398feed7e85cb66ab3b45"}, 0x48}, 0x1, 0x0, 0x0, 0x20008000}, 0x80) 21:48:01 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000040)={0x0, 0x2, 0x4, 0x70000, 0x7f, {0x77359400}, {0x1, 0x0, 0x20, 0x3, 0x8, 0x81, "78056afa"}, 0x7fff, 0x1, @planes=&(0x7f0000000000)={0x7fffffff, 0x7, @userptr=0x1c, 0x9}, 0x3f, 0x0, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r3, 0xc0bc5351, &(0x7f0000000380)={0x2, 0x1, 'client0\x00', 0x4, "2ad2491cc60432f6", "7f0a76c93a008d0a111c130d4a5c914f36ebb36a2baf41f8f3c8f0d8239e5dfe", 0xdd1, 0x1}) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r3, 0x40a85321, &(0x7f0000000140)={{0x7f, 0x9}, 'port1\x00', 0xc9, 0x969df4020c0c9430, 0x38f042d3, 0x0, 0x1, 0x1, 0x6, 0x0, 0x6, 0x53}) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r4 = dup2(r1, r2) ioctl$SIOCAX25GETINFOOLD(r4, 0x89e9, &(0x7f0000000200)) fcntl$setown(r2, 0x8, r0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f0000000300)={0x5, 0x70, 0x9, 0x0, 0x5, 0x26, 0x0, 0x3c497f9a, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000240)}, 0x0, 0x3, 0x0, 0x8, 0x6, 0xffffff5a, 0x7ff}) tkill(r0, 0x16) 21:48:01 executing program 3 (fault-call:5 fault-nth:62): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2958.301503] kobject: 'loop4' (ffff8880a41f76e0): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 2958.323939] kobject: 'loop5' (ffff8880a424f760): kobject_uevent_env [ 2958.344467] kobject: 'loop5' (ffff8880a424f760): fill_kobj_path: path = '/devices/virtual/block/loop5' 21:48:01 executing program 1: [ 2958.363934] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2958.371880] FAULT_INJECTION: forcing a failure. [ 2958.371880] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2958.381449] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2958.393088] CPU: 0 PID: 19308 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2958.401079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2958.410475] Call Trace: 21:48:01 executing program 1: 21:48:01 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xfff}]}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) [ 2958.413074] dump_stack+0x142/0x197 [ 2958.416729] should_fail.cold+0x10f/0x159 [ 2958.420898] ? __might_sleep+0x93/0xb0 [ 2958.424804] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2958.429492] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2958.434517] ? debug_smp_processor_id+0x1c/0x20 [ 2958.439210] alloc_pages_vma+0xc9/0x4c0 [ 2958.443206] __handle_mm_fault+0x186c/0x33d0 [ 2958.447631] ? copy_page_range+0x1de0/0x1de0 [ 2958.452050] ? perf_trace_lock+0x500/0x500 [ 2958.456294] ? _raw_spin_unlock+0x2d/0x50 [ 2958.460454] ? follow_page_pte+0x2e4/0x1590 [ 2958.464798] handle_mm_fault+0x293/0x7c0 [ 2958.468877] __get_user_pages+0x465/0x12e0 [ 2958.473123] ? follow_page_mask+0x1630/0x1630 [ 2958.477636] ? lock_acquire+0x16f/0x430 [ 2958.481626] get_user_pages_unlocked+0x1f0/0x2f0 [ 2958.486381] ? get_user_pages_locked+0x3d0/0x3d0 [ 2958.491133] get_user_pages_fast+0x228/0x2d0 [ 2958.495530] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2958.500274] ? debug_smp_processor_id+0x1c/0x20 [ 2958.504925] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2958.509862] iov_iter_get_pages+0x20f/0xd10 [ 2958.514172] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2958.519088] ? kasan_kmalloc+0xce/0xf0 [ 2958.522963] af_alg_make_sg+0x85/0x400 [ 2958.526853] ? iov_iter_advance+0x218/0xc60 [ 2958.531160] ? af_alg_data_wakeup+0x80/0x80 [ 2958.535603] af_alg_get_rsgl+0x1d3/0x530 [ 2958.539682] skcipher_recvmsg+0x774/0xd30 [ 2958.543977] ? skcipher_release+0x50/0x50 [ 2958.548120] ? selinux_socket_recvmsg+0x36/0x40 [ 2958.552779] ? security_socket_recvmsg+0x91/0xc0 [ 2958.557523] ? skcipher_release+0x50/0x50 [ 2958.561677] sock_recvmsg+0xc6/0x110 [ 2958.565377] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2958.570398] ___sys_recvmsg+0x21f/0x4d0 [ 2958.574362] ? ___sys_sendmsg+0x840/0x840 [ 2958.578519] ? lock_downgrade+0x740/0x740 [ 2958.582674] ? __fget+0x237/0x370 [ 2958.586118] ? __fget_light+0x172/0x1f0 [ 2958.590078] ? __fdget+0x1b/0x20 [ 2958.593433] ? sockfd_lookup_light+0xb4/0x160 [ 2958.597915] __sys_recvmsg+0xb6/0x140 [ 2958.601701] ? SyS_sendmmsg+0x60/0x60 [ 2958.605491] ? SyS_read+0x230/0x230 [ 2958.609112] SyS_recvmsg+0x2d/0x50 [ 2958.612632] ? __sys_recvmsg+0x140/0x140 [ 2958.616677] do_syscall_64+0x1e8/0x640 [ 2958.620549] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2958.625378] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2958.630552] RIP: 0033:0x45a919 [ 2958.633728] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2958.641421] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2958.648674] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2958.655929] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2958.663184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2958.670437] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2958.680248] protocol 88fb is buggy, dev hsr_slave_0 [ 2958.692196] kobject: '0:47' (ffff888096232ed0): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2958.702166] kobject: '0:47' (ffff888096232ed0): kobject_uevent_env 21:48:02 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303034303030302e757365725f69a5638fec88643d", @ANYRESDEC=0x0, @ANYBLOB="2c69ff0f75040069643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:48:02 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x11}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r0 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r0, 0x1000000) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0xe63694688e488d3b) getdents(r1, &(0x7f0000000080), 0x0) 21:48:02 executing program 3 (fault-call:5 fault-nth:63): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2958.708696] kobject: '0:47' (ffff888096232ed0): fill_kobj_path: path = '/devices/virtual/bdi/0:47' [ 2958.718425] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2958.729750] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2958.782474] kobject: '0:47' (ffff888096232ed0): kobject_uevent_env [ 2958.788693] FAULT_INJECTION: forcing a failure. [ 2958.788693] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2958.788849] kobject: '0:47' (ffff888096232ed0): fill_kobj_path: path = '/devices/virtual/bdi/0:47' [ 2958.804083] CPU: 0 PID: 19327 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2958.817393] kobject: '0:47' (ffff888096232ed0): kobject_cleanup, parent (null) [ 2958.817816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2958.817822] Call Trace: [ 2958.817840] dump_stack+0x142/0x197 [ 2958.817855] should_fail.cold+0x10f/0x159 [ 2958.826239] kobject: '0:47' (ffff888096232ed0): calling ktype release [ 2958.835424] ? __might_sleep+0x93/0xb0 [ 2958.835437] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2958.835448] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2958.835457] ? debug_smp_processor_id+0x1c/0x20 [ 2958.835475] alloc_pages_vma+0xc9/0x4c0 [ 2958.838522] kobject: '0:47': free name [ 2958.841694] __handle_mm_fault+0x186c/0x33d0 [ 2958.841706] ? copy_page_range+0x1de0/0x1de0 [ 2958.841715] ? perf_trace_lock+0x500/0x500 [ 2958.841724] ? _raw_spin_unlock+0x2d/0x50 [ 2958.841733] ? follow_page_pte+0x2e4/0x1590 [ 2958.900100] handle_mm_fault+0x293/0x7c0 [ 2958.904245] __get_user_pages+0x465/0x12e0 [ 2958.908584] ? follow_page_mask+0x1630/0x1630 [ 2958.913212] ? lock_acquire+0x16f/0x430 [ 2958.917187] get_user_pages_unlocked+0x1f0/0x2f0 [ 2958.921943] ? get_user_pages_locked+0x3d0/0x3d0 [ 2958.926700] get_user_pages_fast+0x228/0x2d0 [ 2958.931099] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2958.935843] ? debug_smp_processor_id+0x1c/0x20 [ 2958.940507] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2958.945427] iov_iter_get_pages+0x20f/0xd10 [ 2958.949739] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2958.954656] ? kasan_kmalloc+0xce/0xf0 [ 2958.958678] af_alg_make_sg+0x85/0x400 [ 2958.962560] ? iov_iter_advance+0x218/0xc60 [ 2958.966875] ? af_alg_data_wakeup+0x80/0x80 [ 2958.971187] af_alg_get_rsgl+0x1d3/0x530 [ 2958.975241] skcipher_recvmsg+0x774/0xd30 [ 2958.979394] ? skcipher_release+0x50/0x50 [ 2958.983542] ? selinux_socket_recvmsg+0x36/0x40 [ 2958.988208] ? security_socket_recvmsg+0x91/0xc0 [ 2958.992960] ? skcipher_release+0x50/0x50 [ 2958.997107] sock_recvmsg+0xc6/0x110 [ 2959.000814] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2959.005910] ___sys_recvmsg+0x21f/0x4d0 [ 2959.009904] ? ___sys_sendmsg+0x840/0x840 [ 2959.014055] ? lock_downgrade+0x740/0x740 [ 2959.018217] ? __fget+0x237/0x370 [ 2959.021681] ? __fget_light+0x172/0x1f0 [ 2959.025655] ? __fdget+0x1b/0x20 [ 2959.029134] ? sockfd_lookup_light+0xb4/0x160 [ 2959.033626] __sys_recvmsg+0xb6/0x140 [ 2959.037419] ? SyS_sendmmsg+0x60/0x60 [ 2959.041231] ? SyS_read+0x230/0x230 [ 2959.044868] SyS_recvmsg+0x2d/0x50 [ 2959.048407] ? __sys_recvmsg+0x140/0x140 [ 2959.052460] do_syscall_64+0x1e8/0x640 [ 2959.056334] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2959.061168] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2959.066373] RIP: 0033:0x45a919 [ 2959.069546] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f 21:48:02 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f00000000c0)=0x3000) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r0, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x102000, 0x0) [ 2959.077294] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2959.084557] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2959.091822] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2959.099095] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2959.106356] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2959.120123] protocol 88fb is buggy, dev hsr_slave_0 [ 2959.125261] protocol 88fb is buggy, dev hsr_slave_1 [ 2959.130402] protocol 88fb is buggy, dev hsr_slave_0 [ 2959.135448] protocol 88fb is buggy, dev hsr_slave_1 [ 2959.140530] protocol 88fb is buggy, dev hsr_slave_0 [ 2959.145611] protocol 88fb is buggy, dev hsr_slave_1 [ 2959.153864] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2959.160382] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2959.172541] kobject: '0:46' (ffff88804ea04150): kobject_uevent_env [ 2959.179188] kobject: '0:46' (ffff88804ea04150): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2959.189136] kobject: '0:46' (ffff88804ea04150): kobject_cleanup, parent (null) [ 2959.198291] kobject: '0:46' (ffff88804ea04150): calling ktype release [ 2959.205148] kobject: '0:46': free name 21:48:04 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x9, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffffff}, 0x0, 0x9, 0x2, 0x0, 0xef8f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:48:04 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)=ANY=[]) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:48:04 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) prctl$PR_SET_TSC(0x1a, 0x6) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_RESERVED(r1, 0x5601, 0x0) r2 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r2, 0x1000000) sendfile(r0, r2, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r3, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:48:04 executing program 3 (fault-call:5 fault-nth:64): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:48:04 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xfff}]}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) 21:48:04 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) r3 = dup2(r1, r2) fcntl$setown(r2, 0x8, r0) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000000)=0x10000) tkill(r0, 0x16) [ 2961.328252] kobject: 'loop4' (ffff8880a41f76e0): kobject_uevent_env [ 2961.334746] kobject: 'loop4' (ffff8880a41f76e0): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 2961.357881] kobject: 'loop5' (ffff8880a424f760): kobject_uevent_env 21:48:04 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="000200415aae947d9bb8747555"]) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0xfffffffffffffc43}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="10000200000000000100000000009d4e"], 0x10) connect$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e21}, 0x6e) [ 2961.377872] FAULT_INJECTION: forcing a failure. [ 2961.377872] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2961.382510] kobject: 'loop5' (ffff8880a424f760): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 2961.419897] CPU: 1 PID: 19345 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2961.427944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2961.436653] kobject: '0:46' (ffff8880a1747450): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2961.437301] Call Trace: [ 2961.437318] dump_stack+0x142/0x197 [ 2961.437332] should_fail.cold+0x10f/0x159 [ 2961.449787] kobject: '0:46' (ffff8880a1747450): kobject_uevent_env [ 2961.453041] ? __might_sleep+0x93/0xb0 [ 2961.453055] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2961.453065] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2961.453073] ? debug_smp_processor_id+0x1c/0x20 [ 2961.453089] alloc_pages_vma+0xc9/0x4c0 [ 2961.453100] __handle_mm_fault+0x186c/0x33d0 [ 2961.453115] ? copy_page_range+0x1de0/0x1de0 [ 2961.462970] kobject: '0:46' (ffff8880a1747450): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2961.463608] ? perf_trace_lock+0x500/0x500 [ 2961.463623] ? _raw_spin_unlock+0x2d/0x50 [ 2961.510129] protocol 88fb is buggy, dev hsr_slave_0 [ 2961.512068] ? follow_page_pte+0x2e4/0x1590 [ 2961.517102] protocol 88fb is buggy, dev hsr_slave_1 [ 2961.521407] handle_mm_fault+0x293/0x7c0 [ 2961.521416] __get_user_pages+0x465/0x12e0 [ 2961.521428] ? follow_page_mask+0x1630/0x1630 [ 2961.521438] ? lock_acquire+0x16f/0x430 [ 2961.521452] get_user_pages_unlocked+0x1f0/0x2f0 [ 2961.548023] ? get_user_pages_locked+0x3d0/0x3d0 [ 2961.552768] get_user_pages_fast+0x228/0x2d0 [ 2961.557190] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2961.561945] ? debug_smp_processor_id+0x1c/0x20 [ 2961.566608] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2961.571525] iov_iter_get_pages+0x20f/0xd10 [ 2961.575834] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2961.580760] ? kasan_kmalloc+0xce/0xf0 [ 2961.584645] af_alg_make_sg+0x85/0x400 [ 2961.588521] ? iov_iter_advance+0x218/0xc60 [ 2961.592901] ? af_alg_data_wakeup+0x80/0x80 [ 2961.597211] af_alg_get_rsgl+0x1d3/0x530 [ 2961.601389] skcipher_recvmsg+0x774/0xd30 [ 2961.605543] ? skcipher_release+0x50/0x50 [ 2961.609711] ? selinux_socket_recvmsg+0x36/0x40 [ 2961.614375] ? security_socket_recvmsg+0x91/0xc0 [ 2961.619113] ? skcipher_release+0x50/0x50 [ 2961.623255] sock_recvmsg+0xc6/0x110 [ 2961.626960] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2961.631966] ___sys_recvmsg+0x21f/0x4d0 [ 2961.635926] ? ___sys_sendmsg+0x840/0x840 [ 2961.640073] ? lock_downgrade+0x740/0x740 [ 2961.644278] ? __fget+0x237/0x370 [ 2961.647718] ? __fget_light+0x172/0x1f0 [ 2961.651678] ? __fdget+0x1b/0x20 [ 2961.655030] ? sockfd_lookup_light+0xb4/0x160 [ 2961.659509] __sys_recvmsg+0xb6/0x140 [ 2961.663302] ? SyS_sendmmsg+0x60/0x60 [ 2961.667101] ? SyS_read+0x230/0x230 [ 2961.670716] SyS_recvmsg+0x2d/0x50 [ 2961.674237] ? __sys_recvmsg+0x140/0x140 [ 2961.678333] do_syscall_64+0x1e8/0x640 [ 2961.682238] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2961.687078] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2961.692260] RIP: 0033:0x45a919 [ 2961.695441] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2961.703135] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2961.710391] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:48:05 executing program 3 (fault-call:5 fault-nth:65): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2961.717646] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2961.724904] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2961.732167] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2961.754498] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env 21:48:05 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'security\x00'}, &(0x7f0000000080)=0x54) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x40}], 0x1, 0xf3319f61f95898ae, 0x0) openat$urandom(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x202800, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) tkill(r1, 0x16) write$P9_RMKNOD(r0, &(0x7f0000000140)={0x14, 0x13, 0x2, {0x0, 0x2, 0x7}}, 0x14) [ 2961.766430] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2961.779144] FAULT_INJECTION: forcing a failure. [ 2961.779144] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2961.784897] kobject: 'loop4' (ffff8880a41f76e0): kobject_uevent_env [ 2961.797016] CPU: 1 PID: 19366 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2961.798630] kobject: 'loop4' (ffff8880a41f76e0): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 2961.805773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2961.805777] Call Trace: [ 2961.805797] dump_stack+0x142/0x197 [ 2961.805815] should_fail.cold+0x10f/0x159 [ 2961.805826] ? __might_sleep+0x93/0xb0 [ 2961.805852] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2961.805865] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2961.805873] ? debug_smp_processor_id+0x1c/0x20 [ 2961.805888] alloc_pages_vma+0xc9/0x4c0 [ 2961.805899] __handle_mm_fault+0x186c/0x33d0 [ 2961.805910] ? copy_page_range+0x1de0/0x1de0 [ 2961.805919] ? perf_trace_lock+0x500/0x500 [ 2961.805928] ? _raw_spin_unlock+0x2d/0x50 [ 2961.805936] ? follow_page_pte+0x2e4/0x1590 [ 2961.805951] handle_mm_fault+0x293/0x7c0 [ 2961.805961] __get_user_pages+0x465/0x12e0 [ 2961.805980] ? follow_page_mask+0x1630/0x1630 [ 2961.805991] ? lock_acquire+0x16f/0x430 [ 2961.806006] get_user_pages_unlocked+0x1f0/0x2f0 [ 2961.900506] ? get_user_pages_locked+0x3d0/0x3d0 [ 2961.905246] get_user_pages_fast+0x228/0x2d0 [ 2961.909650] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2961.914392] ? debug_smp_processor_id+0x1c/0x20 [ 2961.919047] ? perf_trace_lock_acquire+0x10d/0x4f0 [ 2961.924047] iov_iter_get_pages+0x20f/0xd10 [ 2961.928352] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2961.933285] ? kasan_kmalloc+0xce/0xf0 [ 2961.937159] af_alg_make_sg+0x85/0x400 [ 2961.941031] ? iov_iter_advance+0x218/0xc60 [ 2961.945334] ? af_alg_data_wakeup+0x80/0x80 [ 2961.949638] af_alg_get_rsgl+0x1d3/0x530 [ 2961.953685] skcipher_recvmsg+0x774/0xd30 [ 2961.957820] ? skcipher_release+0x50/0x50 [ 2961.961949] ? selinux_socket_recvmsg+0x36/0x40 [ 2961.966625] ? security_socket_recvmsg+0x91/0xc0 [ 2961.971371] ? skcipher_release+0x50/0x50 [ 2961.975525] sock_recvmsg+0xc6/0x110 [ 2961.979222] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2961.984230] ___sys_recvmsg+0x21f/0x4d0 [ 2961.988187] ? ___sys_sendmsg+0x840/0x840 [ 2961.992329] ? lock_downgrade+0x740/0x740 [ 2961.996462] ? __fget+0x237/0x370 [ 2961.999897] ? __fget_light+0x172/0x1f0 [ 2962.003867] ? __fdget+0x1b/0x20 [ 2962.007215] ? sockfd_lookup_light+0xb4/0x160 [ 2962.011702] __sys_recvmsg+0xb6/0x140 [ 2962.015492] ? SyS_sendmmsg+0x60/0x60 [ 2962.019292] ? SyS_read+0x230/0x230 [ 2962.023065] SyS_recvmsg+0x2d/0x50 [ 2962.026641] ? __sys_recvmsg+0x140/0x140 [ 2962.030699] do_syscall_64+0x1e8/0x640 [ 2962.034688] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2962.039584] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2962.044766] RIP: 0033:0x45a919 [ 2962.047940] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2962.055688] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2962.062950] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 21:48:05 executing program 3 (fault-call:5 fault-nth:66): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2962.070210] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2962.077480] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2962.084736] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2962.092262] protocol 88fb is buggy, dev hsr_slave_0 [ 2962.106937] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2962.116492] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2962.117217] FAULT_INJECTION: forcing a failure. [ 2962.117217] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2962.138078] CPU: 1 PID: 19372 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2962.145977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2962.155496] Call Trace: [ 2962.158083] dump_stack+0x142/0x197 [ 2962.161703] should_fail.cold+0x10f/0x159 [ 2962.165838] ? __might_sleep+0x93/0xb0 21:48:05 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) bind$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x1, @empty}}, 0x1e) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) clock_gettime(0x0, &(0x7f0000000100)) timer_create(0xfd8d8dd6900347c4, &(0x7f0000000140)={0x0, 0x22, 0x0, @thr={&(0x7f0000000280)="1c253c36ea782dcbce58c8c439b5fc542fc09368c90c210c7ef4fb25e9602df138874967af966f9168b7f5388a3fca0f430e88e34a3e86c25c1c946b19156bdd0bac5e4559ececa10995b8ed9f873fdda3c834510f4436337714aa2469", &(0x7f0000000440)="81e558c1eead50328f5a6f603bd2173934f61ea8675bfa6dadae53d1ee0637abe83f8072bd7cfec689d570e05a48d18ddc16e92656989b019103b2def224f340864e3e891c51f3dacacc98bf4fc1c3ee4ce2ee8e12feb93fe67ede9875a9442f7a36f3bbed50c9ec7b77dc1128b58f70d00121014e7662c183e60eada6422454001f808f3271c0647c44d481644c009f4fb25a53e921e3b892034eea5a017dc7c9e5bce3c54b1d0dcf3eed97c8e7fc976cbd704cb79ecf0e83b2221310e8f30c02bf51981a72"}}, &(0x7f0000000300)=0x0) timer_settime(r1, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0) r2 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r3 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) ftruncate(r3, 0x1000000) sendfile(r2, r3, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) [ 2962.169725] __alloc_pages_nodemask+0x1d6/0x7a0 [ 2962.174410] ? __alloc_pages_slowpath+0x2930/0x2930 [ 2962.179445] ? debug_smp_processor_id+0x1c/0x20 [ 2962.184135] alloc_pages_vma+0xc9/0x4c0 [ 2962.188124] __handle_mm_fault+0x186c/0x33d0 [ 2962.192549] ? copy_page_range+0x1de0/0x1de0 [ 2962.196976] ? perf_trace_lock+0x500/0x500 [ 2962.201224] ? _raw_spin_unlock+0x2d/0x50 [ 2962.205383] ? follow_page_pte+0x2e4/0x1590 [ 2962.209727] handle_mm_fault+0x293/0x7c0 [ 2962.213800] __get_user_pages+0x465/0x12e0 [ 2962.218107] ? follow_page_mask+0x1630/0x1630 [ 2962.222605] ? lock_acquire+0x16f/0x430 [ 2962.226582] get_user_pages_unlocked+0x1f0/0x2f0 [ 2962.231347] ? get_user_pages_locked+0x3d0/0x3d0 [ 2962.235809] kobject: '0:47' (ffff888054590110): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2962.236106] get_user_pages_fast+0x228/0x2d0 [ 2962.246847] kobject: '0:47' (ffff888054590110): kobject_uevent_env [ 2962.249862] ? __get_user_pages_fast+0x2e0/0x2e0 [ 2962.249873] ? debug_smp_processor_id+0x1c/0x20 [ 2962.249885] ? perf_trace_lock_acquire+0x10d/0x4f0 21:48:05 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="66443dc1b662dd3060aa5460", @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) [ 2962.249895] iov_iter_get_pages+0x20f/0xd10 [ 2962.249905] ? csum_and_copy_from_iter+0xd50/0xd50 [ 2962.249921] ? kasan_kmalloc+0xce/0xf0 [ 2962.259912] kobject: '0:47' (ffff888054590110): fill_kobj_path: path = '/devices/virtual/bdi/0:47' [ 2962.261233] af_alg_make_sg+0x85/0x400 [ 2962.261246] ? iov_iter_advance+0x218/0xc60 [ 2962.261257] ? af_alg_data_wakeup+0x80/0x80 [ 2962.261271] af_alg_get_rsgl+0x1d3/0x530 [ 2962.261286] skcipher_recvmsg+0x774/0xd30 [ 2962.261300] ? skcipher_release+0x50/0x50 [ 2962.261309] ? selinux_socket_recvmsg+0x36/0x40 [ 2962.261319] ? security_socket_recvmsg+0x91/0xc0 [ 2962.261326] ? skcipher_release+0x50/0x50 [ 2962.261338] sock_recvmsg+0xc6/0x110 [ 2962.261347] ? __sock_recv_ts_and_drops+0x470/0x470 [ 2962.261357] ___sys_recvmsg+0x21f/0x4d0 [ 2962.261371] ? ___sys_sendmsg+0x840/0x840 [ 2962.349542] ? lock_downgrade+0x740/0x740 [ 2962.353687] ? __fget+0x237/0x370 [ 2962.357130] ? __fget_light+0x172/0x1f0 [ 2962.361110] ? __fdget+0x1b/0x20 [ 2962.364487] ? sockfd_lookup_light+0xb4/0x160 [ 2962.368992] __sys_recvmsg+0xb6/0x140 [ 2962.372806] ? SyS_sendmmsg+0x60/0x60 [ 2962.376614] ? SyS_read+0x230/0x230 [ 2962.380371] SyS_recvmsg+0x2d/0x50 [ 2962.383976] ? __sys_recvmsg+0x140/0x140 [ 2962.388031] do_syscall_64+0x1e8/0x640 [ 2962.391927] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2962.396779] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2962.401960] RIP: 0033:0x45a919 [ 2962.405136] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2962.412953] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 [ 2962.420327] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2962.427603] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2962.434871] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2962.442137] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2962.459672] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2962.466364] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2962.478373] kobject: '0:47' (ffff888054590110): kobject_uevent_env [ 2962.485450] kobject: '0:47' (ffff888054590110): fill_kobj_path: path = '/devices/virtual/bdi/0:47' [ 2962.503559] kobject: '0:47' (ffff888054590110): kobject_cleanup, parent (null) [ 2962.512069] kobject: '0:47' (ffff888054590110): calling ktype release [ 2962.518687] kobject: '0:47': free name [ 2962.550630] kobject: '0:46' (ffff8880a1747450): kobject_uevent_env [ 2962.557031] kobject: '0:46' (ffff8880a1747450): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2962.566444] kobject: '0:46' (ffff8880a1747450): kobject_cleanup, parent (null) [ 2962.574704] kobject: '0:46' (ffff8880a1747450): calling ktype release [ 2962.581598] kobject: '0:46': free name 21:48:07 executing program 3 (fault-call:5 fault-nth:67): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) 21:48:07 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xfff}]}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) 21:48:07 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205647, &(0x7f0000000100)={0x9d0000, 0x3, 0x7, r4, 0x0, &(0x7f0000000040)={0x98090f, 0x7f, [], @ptr=0xfffffffffffffff8}}) write$P9_RLERROR(r5, &(0x7f0000000280)={0x11, 0x7, 0x2, {0x8, 'group_id'}}, 0x11) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:48:07 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x3, r0, 0x2) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r2, 0xa, 0x12) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r2, r3) fcntl$setown(r3, 0x8, r1) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000040)) tkill(r1, 0x16) [ 2964.400691] kobject: 'loop5' (ffff8880a424f760): kobject_uevent_env [ 2964.407181] kobject: 'loop5' (ffff8880a424f760): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 2964.428829] FAULT_INJECTION: forcing a failure. [ 2964.428829] name failslab, interval 1, probability 0, space 0, times 0 [ 2964.432123] kobject: '0:46' (ffff8880a8083150): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2964.448011] CPU: 0 PID: 19387 Comm: syz-executor.3 Not tainted 4.14.160-syzkaller #0 [ 2964.452905] kobject: '0:46' (ffff8880a8083150): kobject_uevent_env [ 2964.457276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2964.457281] Call Trace: [ 2964.457301] dump_stack+0x142/0x197 [ 2964.457317] should_fail.cold+0x10f/0x159 [ 2964.457334] should_failslab+0xdb/0x130 [ 2964.464204] kobject: '0:46' (ffff8880a8083150): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2964.473009] __kmalloc+0x2f0/0x7a0 [ 2964.473023] ? af_alg_get_rsgl+0x3d1/0x530 [ 2964.473034] ? sock_kmalloc+0x7f/0xc0 [ 2964.473043] sock_kmalloc+0x7f/0xc0 [ 2964.473051] skcipher_recvmsg+0x217/0xd30 [ 2964.473064] ? skcipher_release+0x50/0x50 [ 2964.519902] ? selinux_socket_recvmsg+0x36/0x40 [ 2964.524589] ? security_socket_recvmsg+0x91/0xc0 [ 2964.529363] ? skcipher_release+0x50/0x50 [ 2964.533531] sock_recvmsg+0xc6/0x110 [ 2964.535061] kobject: '0:47' (ffff888053966a90): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2964.537253] ? __sock_recv_ts_and_drops+0x470/0x470 21:48:07 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000780)=""/188, 0xbc}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) [ 2964.537265] ___sys_recvmsg+0x21f/0x4d0 [ 2964.537280] ? ___sys_sendmsg+0x840/0x840 [ 2964.546913] kobject: '0:47' (ffff888053966a90): kobject_uevent_env [ 2964.551478] ? lock_downgrade+0x740/0x740 [ 2964.551494] ? __fget+0x237/0x370 [ 2964.551506] ? __fget_light+0x172/0x1f0 [ 2964.551514] ? __fdget+0x1b/0x20 [ 2964.551524] ? sockfd_lookup_light+0xb4/0x160 [ 2964.551535] __sys_recvmsg+0xb6/0x140 [ 2964.555744] kobject: '0:47' (ffff888053966a90): fill_kobj_path: path = '/devices/virtual/bdi/0:47' [ 2964.559639] ? SyS_sendmmsg+0x60/0x60 [ 2964.559658] ? SyS_read+0x230/0x230 [ 2964.559668] SyS_recvmsg+0x2d/0x50 [ 2964.559674] ? __sys_recvmsg+0x140/0x140 [ 2964.559687] do_syscall_64+0x1e8/0x640 [ 2964.617063] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2964.621899] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 2964.627071] RIP: 0033:0x45a919 [ 2964.630245] RSP: 002b:00007f61b925fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2964.637940] RAX: ffffffffffffffda RBX: 00007f61b925fc90 RCX: 000000000045a919 21:48:08 executing program 3 (fault-call:5 fault-nth:68): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2964.645197] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 2964.652506] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 2964.659764] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f61b92606d4 [ 2964.667021] R13: 00000000004c8fad R14: 00000000004e0a48 R15: 0000000000000005 [ 2964.686802] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env 21:48:08 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r1, &(0x7f00000017c0), 0x199, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000280)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x1}}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x0, 0xffff) ioctl$SOUND_MIXER_WRITE_RECSRC(r2, 0xc0044dff, &(0x7f0000000140)=0x7) r3 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) modify_ldt$write(0x1, &(0x7f00000001c0)={0x20, 0x20000000, 0x1000, 0x1, 0x1, 0x1, 0x1}, 0x10) recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)=""/126}, {&(0x7f0000001200)=""/237}, {&(0x7f0000001300)=""/222}, {&(0x7f0000002480)=""/210}, {&(0x7f0000000100)=""/42}], 0x1, 0x0, 0xffffffffffffff71}, 0x0) socket$bt_rfcomm(0x1f, 0x1, 0x3) [ 2964.693598] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' 21:48:08 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) r1 = dup3(0xffffffffffffffff, r0, 0x80000) ioctl$VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000000)=0x4) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r3, 0xa, 0x12) recvmmsg(r4, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r3, r4) fcntl$setown(r4, 0x8, r2) tkill(r2, 0x16) [ 2964.726037] kobject: '0:47' (ffff888053966a90): kobject_uevent_env [ 2964.732835] kobject: '0:47' (ffff888053966a90): fill_kobj_path: path = '/devices/virtual/bdi/0:47' [ 2964.753177] kobject: 'loop5' (ffff8880a424f760): kobject_uevent_env [ 2964.759688] kobject: 'loop5' (ffff8880a424f760): fill_kobj_path: path = '/devices/virtual/block/loop5' 21:48:08 executing program 4: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x12) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) 21:48:08 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) ioctl$EVIOCSKEYCODE(r3, 0x40084504, &(0x7f0000000a80)=[0x7fffffff, 0x1]) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$VIDIOC_G_DV_TIMINGS(r4, 0xc0845658, &(0x7f0000000ac0)={0x0, @bt={0x5, 0x9, 0x1, 0x9c74144413047f71, 0xffff, 0x9, 0xe13, 0x5, 0xfffffffa, 0x9, 0x81, 0x8, 0x2, 0x401, 0x12, 0xd, {0xffffffff, 0x6}, 0x3, 0x8}}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="3105000000000000000009000000300003001400020073797a6b61ec6c657231000000000000080001000000000008000300000000000800080002000000"], 0x44}}, 0x0) sendmsg$IPVS_CMD_GET_SERVICE(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x204000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x4c, r6, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xc80}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0xb}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x400}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc044840}, 0x40) ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000000400)=0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r8, &(0x7f00000017c0), 0x199, 0x0) statx(r8, &(0x7f0000000440)='./file0\x00', 0x1000, 0x6a3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000580)={{{@in6, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@initdev}}, &(0x7f0000000680)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000006c0)={{{@in=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@empty}}, &(0x7f00000007c0)=0xe8) r12 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r12, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_IP_XFRM_POLICY(r12, 0x0, 0x11, &(0x7f0000000800)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000900)=0xe8) syz_mount_image$jfs(&(0x7f0000000280)='jfs\x00', &(0x7f00000002c0)='./file0\x00', 0x9, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000300)="b96d329529e57d2731c993e25677c79db1fd09bce36cc479e48ae5490f9af75c5ec62b955e3113466272bb5b5e9b23b23799cf972b69778f84d4f54b70cbe5ee9c116f33610214d1d9f26985da91cf4f59e9aef2e1fa226ce92fec4bdb80da349c4fcec79edc863e68230e11989e46808bbcaf932e9adb28029f6c8f75da7f350eb0ef687bf3c3e6f16fa701b3e023794b", 0x91, 0xff}], 0x5414a44, &(0x7f0000000940)={[{@nointegrity='nointegrity'}, {@iocharset={'iocharset', 0x3d, 'cp932'}}], [{@euid_gt={'euid>', r7}}, {@euid_gt={'euid>', r9}}, {@fowner_lt={'fowner<', r10}}, {@obj_role={'obj_role', 0x3d, 'net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#'}}, {@fowner_lt={'fowner<', r11}}, {@smackfsdef={'smackfsdef', 0x3d, 'skcipher\x00'}}, {@euid_gt={'euid>', r13}}]}) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2964.769521] kobject: '0:47' (ffff888053966a90): kobject_cleanup, parent (null) [ 2964.778237] kobject: '0:47' (ffff888053966a90): calling ktype release [ 2964.786214] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2964.792753] kobject: '0:47': free name [ 2964.810843] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2964.825751] kobject: 'loop4' (ffff8880a41f76e0): kobject_uevent_env [ 2964.837925] kobject: 'loop4' (ffff8880a41f76e0): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 2964.844029] IPVS: Unknown mcast interface: syzkaìler1 [ 2964.854637] kobject: '0:46' (ffff8880a8083150): kobject_uevent_env [ 2964.876678] kobject: '0:46' (ffff8880a8083150): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2964.885999] net_ratelimit: 1 callbacks suppressed [ 2964.886004] protocol 88fb is buggy, dev hsr_slave_0 [ 2964.886749] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2964.892858] kobject: '0:46' (ffff8880a8083150): kobject_cleanup, parent (null) [ 2964.899390] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2964.903224] kobject: '0:46' (ffff8880a8083150): calling ktype release [ 2964.915816] jfs: Unrecognized mount option "euid>00000000000000000000" or missing value [ 2964.930886] kobject: '0:46': free name [ 2964.962076] kobject: '0:46' (ffff8880531bcd90): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2964.973621] kobject: 'loop5' (ffff8880a424f760): kobject_uevent_env [ 2964.977539] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2964.983230] kobject: 'loop5' (ffff8880a424f760): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 2964.986888] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2965.006061] kobject: '0:46' (ffff8880531bcd90): kobject_uevent_env [ 2965.012815] kobject: '0:46' (ffff8880531bcd90): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2965.032305] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2965.038799] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2965.051906] jfs: Unrecognized mount option "euid>00000000000000000000" or missing value [ 2965.071273] kobject: '0:46' (ffff8880531bcd90): kobject_uevent_env [ 2965.077845] kobject: '0:46' (ffff8880531bcd90): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2965.087650] kobject: '0:46' (ffff8880531bcd90): kobject_cleanup, parent (null) [ 2965.090159] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2965.096592] kobject: '0:46' (ffff8880531bcd90): calling ktype release [ 2965.105340] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2965.109077] kobject: '0:46': free name 21:48:08 executing program 2: timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) r0 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x1, 0x2) r1 = memfd_create(&(0x7f0000000340)='-vboxnet0\x00]\xea\xb0\xe2N\xc6c\x05\x8d\xb5\xc0\n\xad\x0f#+\x17\xd6A\xf4\xdf\x1b\xf9~\x8e\"\r\xff\xbb\xb0\xc3\x86\x97\xaf\xf8\x7f*\xfc\xfd\xe7\xcc\xbc\xddI.\xc3\x9aQ\xc8\x8e8U\xdaX\x06\x92\x1d\xbd\x10\xf9\xe8q\x00\xddr>\xd7\x9f\xf8r\xeeE\xa83K\xf60 \x7f\xcd\xac\x86\x9eT*\xf7\a^L,\x98\xa2(2,\x8c*\xff\x8aA\xa1\x153\x15\b\xcb\xf7\xefw\xa6\xc7c@\xb5\x9b\xdc$`3]\xf9.\xcf\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0xea, 0x2, 0x9, 0x2, 0x92, 0x3, 0x3e, 0x3, 0x36f, 0x40, 0x175, 0xeef7, 0x9765, 0x38, 0x1, 0x3, 0x83, 0x2}, [{0x7, 0xffffffff, 0x9, 0x5, 0x81, 0x1000, 0x3, 0xffffffff}, {0x0, 0x8, 0x3, 0x3f, 0x4, 0x1, 0x4, 0x5}], "fbe4c9baa504bd8e3f51047cfa0a4bcc26ea8c95fea87e941bd9f52da2cdb450a50e5f6ad75c6adc694b0ef946d35519a027a4cafa552335e185dd18a90dc031ab3f8db675ab298e33ebef570c74e420708dca4e4ba49f646d7f3ef0fd13065ee515058eb97f718652ca84bdeb", [[], [], [], [], [], [], []]}, 0x81d) ftruncate(r1, 0x1000000) sendfile(r0, r1, 0x0, 0xeefffdef) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=0x0) timer_settime(r2, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) 21:48:08 executing program 5: prctl$PR_SET_DUMPABLE(0x4, 0x0) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000002c0)=0xece) fcntl$setsig(r1, 0xa, 0x4) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x53, 0x0, 0x0, 0x0, 0xfffffffffffffde4}}], 0x8000000000001f0, 0x0, 0x0) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x16) 21:48:08 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1, {0x7, 0x1f, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x400}}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) 21:48:08 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xfff}]}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x30005, 0x0) 21:48:08 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$USBDEVFS_CLEAR_HALT(r1, 0x80045515, &(0x7f00000000c0)={0x6}) r2 = accept$alg(r0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r3, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f0000000100), &(0x7f00000001c0)=0x4) sendmmsg$alg(r2, &(0x7f0000004bc0)=[{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000280)="7ffd5c894b75c8e8398b3fbd11f17e77cd386679050c9f16cfd5adac51d5a851d7729d72dd4fdca119fed57e90da331bcd0af4a9ab209a605371ef8d02f6233f2573b090a348a2824b304a94ce63d408d95da5234828fa093850f9be185ed1ae2e26ebec4f1c4adf8e040778ffa89fdda123c2ad878a9fd0e5315cd45aee52b8812d829c7a2b02d1a0d5ace6e3d9ada65cc86d77ad54a1b8b2f33eae46fb5394b4fd9b1c8daef1d10d1184d81ec8c423d105548244594ec518c20353c1c1f792529726020966ab31c7628b85bad8caba86454648dcaac49e2610ca661df02465d00b3282a5d7345503a3e29c718655ba", 0xf0}, {&(0x7f0000000380)="4aa3ebddfb9b786ba8372c0b49c7ddb6a79b0a752549e7ef494fd595d679b22a6a228827dd538a8bdb46bca6631873502f5229ecef2941a54a57c44c4e5f38d72bcf88fb2c5f564336450ec1fba5309b1e8066a866442a6d9d81e8e6d8dcd6a7493c238940e734178fee6050f93150712dcddb41df4b7f301e38aaba4197d520fbd0c136301c7baa9dc38af8e589e6798826263930277003fbed4b1da38b349fadcea461aaef86ea04af7fca98382762f00f170eb1b18775c083b641d1138c32385899dc9903a6bae9eb77e84af9cf26e9fa7e601d4c0dc2", 0xd8}, {&(0x7f0000000480)="c7ac01c2fe9d592583b3032d69df22b7263f3176171a7e72519a4be9c961104e592fc9d5e79d5cfba784d7382f8206282687088bbbeb24f650fb133fd02817985172def47997c58b0a507dba6f96c1220882d39dec55d95fe501f6bf6a7a79d86dd8fb3aa309bc2bdbd6acd84152059789074934622597710402d3777692846237e3c68fbe542aaab9abcdc5d66503b4d866d53860f2be050cc2cb27f128816cd71d3298c977396df211b5f82b82f4e1fb91b43447fd4aad62502ff2f93a77f7a6c6f07e9024a9c0868da217fd05f2108b42163bc543f67127addb3a1bb9678388a3f6dd4baa180a214701aa458e1f54646ff8ff788255a3796b", 0xfa}, {&(0x7f0000000580)="ba918a558a6dbc7dad73994f464ea9e21c9442b248da835e78c95bf62489af", 0x1f}, {&(0x7f00000005c0)="cf5e82089fedc56f202a038d8a970f5d64e30e2c64f1754b4ecdb5955c104d4acb4bf78d5d0d004473bb68be179291e90f2ba40a05f782fd71bdd2b308402a6e8bdd8fc71ae6c9ff9dfd0b12c026876a9e3e3de32dbc48e0f081df798f74b2d95a52dea7227e0511746ca07a3e1fadbf90acffc17d37595f9fd00293bc0e253b998a511800a2827ae6e25f4d570237e527d0f09182c71ca0255d1b525a42834640305bca8b60168646d9c2a773283e4938f24bf78b9c108a", 0xb8}, {&(0x7f0000000680)="b710b57fedd9e96818be8501677fb10ee1f2c90919b87cb9f4680a19865ae96cc632c97e38da96fb4418fb49438cd495e747a7e2458a70de71e745a3d4adca77b652a5d068b1e63e7d79312d1d2a05e6aa73b3c3cc836896aa6a90fddc7dd1dc8a034b1bc69e36f69a5f9d4a0f28e7d15c4f45fbc5331645c7b347087fa590087680bd838cb0bb2d6708a250a88124c0ff1ce862e194cb0f05df34643c513749f4db2137d6c4cd0713cbca194487755918a9117bdbffe25a69630da3fc617080df4a66364611028bf43b14", 0xcb}, {&(0x7f0000000780)="f04dbd0253d048431b5def05557ce160e7d91fb8d17c0f52ffcb2a348b84477cfc0af493ad481acf48798f2cb1f8878b48ac391e05ada1811cb9dab5e0c6ba43fdf4908e76b833c53fbfa078b0440673427d36d21b4a76f0d6ae51bddf4486786c9f65f2b4be5f346b4a", 0x6a}, {&(0x7f0000000800)="46f6a6dd0387e0821fd9eb51605c010bee645b3b6c", 0x15}, {&(0x7f0000000840)="97e0f4f4fd7a42bc279e44d7e120c52c1b4655265e74f515a907fdc5d386d0916b702a0d2ef612e1f3ed899384db7b0ad6861abd84014561bba1ceebdfb2599d52c63ef995b0c6816cab9ea5ad6f1469a1323f17d4aef3a4", 0x58}, {&(0x7f00000008c0)="54c5d48cea7f9bb9d2fa6c04411567123d0ab528f75c4626f76fb877645116b7ca2f9772dc504572b50d90ebbd116ea23da356fe2cc25b26d2e377d5ce5519df6bf99946403c1a4d90e3f8e67d6c75c95c7699684686a36cadef9c0e31c26df42bc3eb58cbc5", 0x66}], 0xa, &(0x7f0000000a00)=[@assoc={0x18}, @iv={0xc8, 0x117, 0x2, 0xb1, "9fb3b151bd1757bf43fb2b2ae9d290d4380a007146e1673119d9806ae494befaa775fbfe8f8f35d691a29c8dd0688476b01fcb58cc3648ebf91196408b26f27c43334570ca5c0dbbff4323a75053b9d3e9cf45d3c30e1ac77e0f9b04f16a8b06504eca4507265246f15b247fc11f7acc835d4f61f6f82e6b46e835686b45a231572a0604ac7d760fe2f39e96b185502023d736249bd6c13e3ff181215742dfc91fa8b01dd1b06c590a4e503e4fe3995afa"}, @op={0x18, 0x117, 0x3, 0x2}], 0xf8, 0x1}, {0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000b00)}, {&(0x7f0000000b40)="15333c669292623dc03e600e572735d8c2ac3a0aa650295fd5bb7e1600", 0x1d}, {&(0x7f0000000b80)="afc2ffc2f4ea22741fabe4218685c71753a9b22e24dd740a0d518f12d640d975194a0ef4aa57d80493056ffcf46c1b075d14bfdd8b12c2f248a5b41a5371110b9cbd9d21fc66ee8852a7f090ca47091f6287892927d57da1a27c5ec14d748610fdccc0ccda3e80b680f3fb670bb089fd856c434a97e9cd898bef344636a97260d8a6c295147091cf7ebb0eaefeb15157de5c3852cb5dc4a75b4fa3373ab256552f7635", 0xa3}], 0x3, 0x0, 0x0, 0x4}, {0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000c80)="f9aaf7b8cb0992e36e92a6154d3e1d8b4af94ab754e8f87ee62ac9b05a8b18db2a00a67f3afd3cdad1d4bf1564d1aad64ce16d0484bb21b1e387729b4da8bca7f99650e3979fe705373fd25129df934e6efbe4cb6750bf71fb16fdecc03a1acfd3e2c2a8f0d867d531f4d79d16072a487df5808fb7fbc8e5ee0d0c7deaa1d4848c4d6961d65c7c96e7fa2f02bfc7ca22c75093dc2c69d8bdf70c5b3988e1cf68e3540af11a2913ea58dc88f1992e93fd7837a52d9449f61d539968fa6e419c0fce52bc220c0b265720ce325634a44d242308484081976e33697aa1c296efa58c1711a379b2262c7aa92f8b76f3b60d3e8de728e880f9c52233e2", 0xfa}, {&(0x7f0000000d80)="1afb0471fa424f400c76d9b79655178acf5fd5570665f7fcefb0e236276690e59311e19965c0c8c6f0eceae8723119ff24d11f027d4798da5f7dfdf94ca04373b432a0cf7a4cb4edba238df785b8c9c553ad682470a532d73536988a8760f5285f042e24303a23bce87216b4dbdf1d947157eb803f3cccf74117b6", 0x7b}, {&(0x7f0000000e00)="d2c1d29687b43c18800f9af270a62fbd617352a2d523a9639d9d3cee0ef824ba6e63ce1ff2589f134017370f29e657e117b79fe2b7bd8704cdf1dc1dfd0dcdfb33d5bab418c48f8a4fdfc26dd4925d", 0x4f}], 0x3, &(0x7f0000000ec0)=[@op={0x18, 0x117, 0x3, 0x1}, @iv={0x48, 0x117, 0x2, 0x30, "00b67d30256137c53199ba402b655c005f2380f55cc24776b042179e22ae6017d42393683282326684815448ac49af72"}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @iv={0x110, 0x117, 0x2, 0xf8, "0e0f0ce6b4596e174813f1db0f5e548bd13a46869ab0c0b355c42bcabb53fa3e678b5c045d7bb7f0ec28ad2382715a5ba3d12d2bdac2a1a8efe6aaeee4f725aac3e93a4bc765cbdd42b7d04ea6121c28713b6919a42b309dad3346eb4f286ee78e0cb56759417d8b3aa9ad4d82ec27be77ca331be98a78e0b4a36ca9e36821419c3b304cd6f718ca0a0a2ff99c6c748cfa3c8541264eca75e44ef61c8dee3d6b7a91d7a80a40e443a152d16fb59a7f30f4a659b14ef2e46a123b0002320d451f414ba8a75ce19edb905c5e06a42b52a54263ad969d785f2721fe9054610ad30891c6d91c1a8c51964b284619266ca814c8892abf7b6ff023"}, @iv={0x110, 0x117, 0x2, 0xf9, "81f98beddaddf968c7743408cff3f9534c36c346a4051a356407828bc44bec6016ff17a6950d69a87af01451824a456ab8e1cdf674f18eb8d6ad8c072ee4a335ebb0699943db9d96505ebcfdf9230ae2ae60df3a74ebd05f13025ebae2681217a5a5ac78132461eb4c50cc92c18341452785b4e937ae7ef9a04fcc72978a5f7acd500033c099d7473115352bbc5368d60c785eb5d52e565fbd435cb0e2905eb7971e0c12a66330721eccaeafc09e44522540be2860276204ee5ce61f01d812a9bdeff5d74c2735bd0f6a1a41b72ce4d287b76f25c52edb3e194e8c9e004ee3ff342a4d8eef427f52bc8fc233cd8bef1d82ac011e141fc8d503"}, @iv={0x88, 0x117, 0x2, 0x6e, "694deb0bfed6ae707606a4a728cc496b24f9d515124589163dba9f673d59d1dbc35975113034792f4ed506d0b3942de4c2897c861b572a7c03956c8c29704dd798f9fb888156047b578bc6b14b3fdf0e3a9569248a335db349b585be32f03442b5b060725339e2d84983f7b7136d"}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0x1000}, @iv={0x20, 0x117, 0x2, 0xa, "83561c07bd5fbf3882fc"}], 0x388, 0xc302f1916a6bf227}, {0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000001280)="1aa3fe57bb049e0879bf68a227220f39f39a60ac5eaa3a3584e2cd49174afd4b5df3e42fa14dafa6b76ddcca5d2fda7159aa85602ca916b34e165b51a69ae3faf55b988eb5f0d9b0c2005e2814116657a90a7ddd9ba09eda892bc8c1780a5a37171b820bab70e96c98a5f671e043e7b40fbb1f5ac09856df641c5f56f61ab1b37d5ff9d847208aa857886347c31ef7ac6b1fb77bb55b871e71b1829c6e2cf45505c119d0e7262b320dc96f88a7b5c1e323c13f14afeeff1943e0b6852dbb3003299b8fea1e16213890421e4c3266f80436ae03aca8167f86dd64b95cbf96", 0xde}, {&(0x7f0000001380)="ef5770ee3daa8f46b4f6e6d89a4e92ca2def67edce71f3e5df7be131e22336a202f5243366d8ed3774281761dff1b0022585adb79a3e12f3491e7ba485ddf2a105b105520a234e5ae6ce1a99e3dcbecf9e390cb55636e65435667d1929a272fcb82553b02dddd64d265d8c67dcc59f4e5e31a50714a6afde195f1c6b70c148e707c215fca7b3453eb99ee68e26ba1ad65b6ea74c69994a93fba9e4cec662e98d2265dd49b570a2079ad96fc0105c68e062328190b64550d633c77d9550bdf8fb", 0xc0}, {&(0x7f0000002480)="a502ea7661f1043e2c305fc1e0f5df9c7de8443f52d69f728b18232b310ecc3deb5e5e7520e888de51762754fdffb0a230a72c5ff230aa5ba60441bb5dabbf34e12245ce5be3356df0ec7abbbe3d7672c819b9ad24b24020562671e68bc5b571bdf14ac87fab90c72011f15dcc0b268058901922a3bd325a079521a6606397d8e699738896eb0032e915fadfe8fbf4d7094c436e9cc5ce5416a963c4447ea93a86344987a95fb9bc9921e70132343a22915a88b4681428807f1ebae0424db5eca9a51c1f6e47bb863f7ba9b4e247b420c036dc38270c03b5308b72170eba8b0ff5fb0f50b770c50714a838", 0xeb}, {&(0x7f0000001440)="8292876069bfb862ec800aa40a52c378f0e7", 0x12}, {&(0x7f0000002580)="0850355bdb8efca76602782cb98c44dd73a22ab27c49876876dd62008a0d6655dce449477fb573cd33e651688dd6413dc3927f3e7ef9022aa4b4f7d8f8c2bb5084e856776e7a9eb0addb142775906841b77fde80a399e4417f7dd80e5e99f34cc776943be8d518", 0x67}, {&(0x7f0000002600)="cbd9655fbd0b8ea83530bd8350141bf85bf5449679c8aa64c10a64c0ff995755641040ee662050ec5047c0c8e14abbcf406ce214b3db892293aba7ee653c2ef233e59609f7282f662541ea9fbc58890427586d886a48c028902b895f71cebc06c8fb6c87e8b810698dc3600c1c6d4aba934d062ae385361ef5269c990d4a41b547c640652ce264861deddf30b71a3574b96533bf6437b7e516ef535cd04359b0f51df7fc19184521", 0xa8}], 0x6, &(0x7f0000002740)=[@iv={0x60, 0x117, 0x2, 0x45, "8f6ec48d286140891b2d401040a204a13ed24b0a4df4a6b1e8d88e2e1546185c5a564b2eb24347e4445e6befff8e566b0a07e67968af080b27b7afd30dbe3796acfcf900cc"}, @iv={0xf8, 0x117, 0x2, 0xdf, "a2a8831dadd3f9a621745c748b46dd329e9e1506c600f9433ba37509c4c3be322b7630148234aaa5121aa9fe25ecc3d9bbda0e1db06802bbf7031598f16234347c3421be38ac429d09f845b234fbce60003b63b302cd604cc8f3a8a5a38853bfa7daf7ed61fb901924942ba7b1fea28ceb7d5bea321f81182f209da0e205fb704ffc69bfac7506fc5546af6b57536e5221fcec493d46fcd18ebf5f814d75afb38cc440da860118b94c69afdbf78d48199fcb0e966e7216b186a665e2c79c1838878cdd379142f50428d723e54e5f3e78b02830f641cc151baff95e5bff4904"}, @assoc={0x18}], 0x170, 0x8000}, {0x0, 0x0, &(0x7f0000002980)=[{&(0x7f00000028c0)="99a82f82f7ceebd116105c5d138a6109669e992429b38c1055ee81cc5b0067343c70848475e781f29cba17e7e595bc3ace2d298c0c03df060081c4abb5af0e855e4f5909f2a2c0e13d47c112527d974e19af960b2a8b295aa3ebb45ab5c5571dedc21ae207a34b274795d694774b891ad7f5f493cd0d056093e168dd0bb570b210ac1280896f3e2ac74df1ad87c0ab32b9d96d9330dd8f48254c5d9f442a888dc0c2cb", 0xa3}], 0x1, &(0x7f00000029c0)=[@iv={0x48, 0x117, 0x2, 0x2e, "f774b4a89338a2832ac3c2a4f58b459dde1ab2052a7a4359a1bd74c21d6462d5084230f798f6e040d3b74ea2d26a"}, @iv={0x40, 0x117, 0x2, 0x29, "a1154f3d44adaf3fbfbb242a1032e47597a54ecd8f4e1656d1f7c09fc12b2c697e86477dc6fad9b449"}, @iv={0x20, 0x117, 0x2, 0xc, "9c1a4b64ecb3969e48c9e7f2"}, @assoc={0x18, 0x117, 0x4, 0x10001}], 0xc0, 0x40}, {0x0, 0x0, &(0x7f0000002e40)=[{&(0x7f0000002a80)="711bc2dd9ca36bd57a42d08fc3db28a38592a516fbdbd596288475bbbe4626ea45df309ab43d64f0685640825a51c8ec64ff70e55f3bcfe5c5ac900cf603a33946943878629950c40f36775692ea2959e634ec9b3e4b835d1298699d91d0c393bf5899f28de91b5722c6bb7eaf5c0104822800ca3828adeeb0dc832c2140c37da1807f5d7cd6ca2bcabb1048e68d4d6a2e33d767aa6199ee4b", 0x99}, {&(0x7f0000002b40)="487ede0445b9129f67260b5c7e35e81b731b07efc1869d1a29b778f870f355ee84d76520a4250bd5fbb34aa905856e277b7d7e84067283ef8b138c20a51630790d1571dfb82dbe61ce7edeb3261ef985ca9ae434ea30fa4a05105f7a6d99bf07678ce33d71e90f", 0x67}, {&(0x7f0000002bc0)="cbb576cc304300b2534549994bb81e69b8868574a12b8f0ce0200cde30", 0x1d}, {&(0x7f0000002c00)="5ba986955d5271d2f42d87ec2a1c9358d60d1feb4d0e6e2c68d949c112fb4768a16e7eead64398075891bb12f038df96d5c04894ac5ed88486e370ce198157781ab0879ea56d7c98d144586a0d480012486ab12bb95d3f919948c5957a7d6287425c84bc060e557ce3af32fc3544b59ac48c45acc2b4940dd5e341c3ab22f0c4388ee3dfeb796ca812c06d22c4c7101936b76efebf58599ee355e06e0e5dc55c7151660324337ecdfdb17e4469355d89730d759b3700a686ab", 0xb9}, {&(0x7f0000002cc0)="1a17272e97b7e367bb260453b24ffa6a32e9db11d87f719ae116ea2d70ed761b279241e5513332bc3b917117e10cde86384d89eecd0b7532f15a533296c9dcefe718486c7f0e587c3440edba38499e9226ae01539310f330696aef8c1d58193b82c8645d3fc866448b3dd97216c40c5671edd1f8b7977bdc9d285965a1c9ad7ef08cdb4a6c4f0318246f3a01280b7516e4155d2d0e4234fc5963b3a38216248804c2856403b1c0f1ae14af077dfd48367ad9b9326c080915c8fd", 0xba}, {&(0x7f0000002d80)="29446a7498dd065ed4c3bc03549fbd67bb182e5ee96e73224a274d7c7d492f3bd119061451b12b71597e2a7d6fb55ba2667de1394686724a212dea304573424a9f31fda1e60c27b53ec886e41e8ef4f1daaad022c479c01ce3d54fce03a5e357f8090c0a9a0fe66e56b55ab65532f21c31731336514ab9ddc12787abc069d6388632ea5b3400d498d390e3596dd8d1b69c3b60de732cd48c242489f542565e9af1765df3f52ddf07b92eecb53304d4c00888138587d9", 0xb6}], 0x6, &(0x7f0000004dc0)=ANY=[@ANYBLOB="600000000000000017010000020000004c000000f3c9bcaf88ae1c9bb20b9cae2d63ac1f9ddaadab05c0eb63f8370ef594d1f1c3a544b37b1a2134eaa6513ecfb8d694d8924fcb36a7d10a024ea5981b5b71239d0e001c4018e1c7bf5b31c2425aa0f800eda11ac73d65882c000002000000df0000005961056a8a723c838b542eb2c7a6696f1bdcd925a1d88931afb6618824a9e9ccbaf9151b74933b274f1564f99522853788bc004ea468fbf75e9ccdc9cfcfdd34f885c256f27c9c674257819ab4faea8a3a792c63d8339d55f31389b14fffc2c0c93babb7a3c51bcdd41ab4469ddd5575b210f41547fda08171fbadbb0a44c54bba298d6687b6ca9c1fb9be74e10d6fc8e400f38348af57557806a1c38b708ce0aff99508ae945ba947cf06055f79530f02a06174c13623b0a6c66d2bf70a699db7bd0baac98e0fe66924a0d8a7245f550673d0717688da4a117f7b75a22a6e00000015834ffa87465a49ffed89f002fcd06289c08107ce696e50a930c38334f84b9850a4c7bc89337c12494c49e2b4894f3626c01caf2375f738aa76169e834c47c0a10e9253f37a9a76c7ed6951fa7a44aa507e9cd350d3f93f89f8403caec095dff57e965a31754195e8565d7916487b2162eda09a930e875999471c2ab37ad6db9d1d078e978a41e33ed09ac417f247856bad22"], 0x158, 0x30040010}, {0x0, 0x0, &(0x7f0000003180)=[{&(0x7f0000003040)="5a24d868284bd98e57dded1d304802bbf9f11bc78f08b2c7a63437f02cc17f9f9a02cbbf8ddf55dd023117ee6e470ce36fcb59a643306d9d9831981c40e9d47967ab5514334c38c47e4cec9e76d117ce39d1d8e4a6320a7e788036e710ff1f5ddfa578b7eedfd937931ef061fc3e6186acfc764c3f3e136be788bdcc301f854625a01b08d2e4676b967bc4ded9c8f86ef7dd382ef5912d6bd806b9b46c832ce173b2a99353e772f5e45ef27f791af1c6bea661c05be354dded01b7a1664457b5755c15d30a6535927da6354a5901f17f4aec1e91145d20934330fb786b1b6af939ac3807b9c2de45870eb1e9b9be3d54089ac7b3643a", 0xf6}, {&(0x7f0000003140)="a5da1dba06813299", 0x8}], 0x2, &(0x7f00000031c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x43964ae4}, @assoc={0x18, 0x117, 0x4, 0x3}, @iv={0xf8, 0x117, 0x2, 0xdf, "8b09b9e2549f6a2655c7e72de35f73919730273bb713708cc67004405a6fff361bbd3fac16c5ba04a4ebf50e66156fa334e7c1d90430eb8a4864144f8c50a5450c47d03813726e24c4b83d07377509ebbc6b8a652ed224860ee7d2cab9ffd86ba82210b2a0eaab56e5430639542ee07ac4e41b45837fdb482553908ee5b60fff76bc3d7695c13ec6ba6d277b53845e55a221f6c304fd956e9d34cecc13d5cd17fb48728ca4a316be692289968e0b80b21c847581f89e5352b18a861b594ad97b46b6bc55aeac8a8fb2694b3eeb871bfafb989824dadeda461b01ecb9b5628d"}, @iv={0x18}], 0x158, 0x4000100}, {0x0, 0x0, &(0x7f0000003900)=[{&(0x7f0000003340)="018365890c8792136f07b81bd676d44d7f39a4917a1cc5d97124b57127bf60cdee7273de832d478e86aace5afd54d5fb6ce241a6b72db69bfabf5636af0fd3bffd2c11923e788e84cae6e83466ba1559e8bafecbd05f55c3f271afeedee42e92633d90d3f30d648aec54c0f0cedda941dbe92c0a04c8d5ef469bc628a8bb30ef59166a1d9610b604fc297474d7ec5f799704cef0bfeb2b315c589fc952", 0x9d}, {&(0x7f0000003400)="9eec8d5544cf9317ab619f32facc04943cb3201621e3a20d268b13a804a6f4be78f786d413509f8d0ba9609d0275943e7e4ca3fbc71d3e6f5a836fed87f0c69e59207eb4c4a68ac3bda8fa79a9c38ed5ae671bc4054e9183da6ee85eae9ac07fb6df2254871fa7413a828ab73bbd46f53e67c7bc3f82e3a7e67a6cedae541c0998d93a9611c509e36b8681d5056bf05b46598eddd7bcd97f96406dad9f856387e526a07ffbc0c77d4e5ef993c6b7b4adddb83293c4d894863a455bea477d169f58b3c7ef999f67dbc1a68dc4851dc3b99c1d1fe4725d33ba51d381a34f416f40720324e41e75549c604adc2197a7f14cad99c380e251145af0f238db", 0xfc}, {&(0x7f0000003500)="946058ded321aa76739671a82c1af8aa0e436e25a1c7b2f458cfe868d7a704b7c1ffc7184ee8456ab0f5f955cca7dc119de189aa27bfbfa785d012e2b4cbe2f058229a92277ba36563c2eb1255a497ef3d5a97961476026c4531e4234dfd071830f6a52a1fc19bbc2eb7a83bfb347cb2bcc8296cc6f79ddd1163c41919c3bc6f637ab4e8c05a92d494326c95c53887", 0x8f}, {&(0x7f00000035c0)="542ee9439c54bb4cb7c46d5d2165ebf3df7e68bcb103f48182f923102cbcc98f47e60180db39ee25b1bcc9d80554b53142413f1a57eb038df26032601ccb96d8fd44410c5e78d9007618b583e5ebb22c0ffca311baecba65202e7ff8253ddc22b4a9db11d4104f5bb6818b306a66ef78be2b01f971d5de40d9269e959f9f784e5f24ae33766e68e445608610488a0e4bd44218ae2c3ce0ac90d836b5504693aa2cd21c17be35b14cbc21fd87d8cc6bb34ba6413775c3a3ae4487b9a12b5c875d", 0xc0}, {&(0x7f0000003680)="13a6d5c2bc62b465b9a6938e29e7ecdae40a1a17a6d1161e1a029c55e417bb4c0364a9e3b9cb5040a2283a2bb44ffe7f17972ae9bac4611b8f57faeeb01eafb0dd98012f18a15a1cb6fe2529843f09f38f", 0x51}, {&(0x7f0000003700)="6347306e30ebf614530ea483b64d35dd63", 0x11}, {&(0x7f0000003740)="bdd0ac73a8b19b6d20281c7471b068f8861ffa931df9fe80c1fdfed17efae00f877d25636f139355071541e460814c1d207441310cbaecd360ea3982fad2cdcd055cac2202c333a49cd9525eae544a4843e51843a7ab52f0d98df70f249cc36d1cac3ef72b154fbe4d9b52300f7209e5a4d402272b6bb8b576e2e68eb42e3428782491b896ce10f0916c5a95fc29deb9a57924790477cb89924cd0b495e720110031bfbce03bc4ab", 0xa8}, {&(0x7f0000003800)="6b33648ece5d63b5d7fc4f88b48dd862ea000ea8bd22d2c39c", 0x19}, {&(0x7f0000003840)="a4916e149edc0f97f71cb3c51cb45f76bd3ebe1cfbfb9d792cfe7fb01c8842462a5343fcc31a2af7feb3a53b7fc11a5480f5fb1291f687942e75491cecb97d2e661e737bed859f651525708d749c1578930afe3980388aca2cb4f682754706b959139692313e", 0x66}, {&(0x7f00000038c0)="9657e0e6b89dfcd6f15bd08e9b24eeaa3e865f35108a22a9", 0x18}], 0xa, &(0x7f00000039c0)=[@assoc={0x18, 0x117, 0x4, 0x5}], 0x18, 0x80082}, {0x0, 0x0, &(0x7f0000003ac0)=[{&(0x7f0000003a00)="9b4986e8ea6c47c491840285cf248ae74217f46f575b1cc67452a628288dca8f862e36270fca6f639c4baee2ae2c4db501b46c40aa21c4a1bcb54c7db40f240b689d383078c4fa672b118dbb85b6b0a0a90e1c04eaf7226bf2feb093eb9f16e87201ab3f6737e0c9b80f7ad9455d0e69656dc8ef197e62c71f615bfe0d1fd0e91f79675ba0ad330262cb4082561a585b070e0d139459d1", 0x97}], 0x1, &(0x7f0000003b00)=[@assoc={0x18, 0x117, 0x4, 0x58}, @iv={0x1018, 0x117, 0x2, 0x1000, "f5388b1013b8620ca6af30129e000474ca31cac75735b8d5df073d5f9b41c39b94902a35e7f4449aa65983aee53393f6b697f214c5aad2982f7617bc816426c2918ba3516d34d5cb921f95359ab243b40ed9f6bb404224e69db3aea734ceed0656e4dc9c4939287863a542482ab8438569ac6a46960f7ee39457a1b04bb12a88c55f705eaad4d4f34649010cc093e823fb6fb4a9e6971e7cb0b389fad804779fe546fa16006a0a96c5f8f43c4f0f498a205252f1774fad5129a162ef98d4236bc33892749b0170ba798f73190f9d6d63f4de19c6586c3daf01be829f21fb3cd9dfabeabd5d1b8a39b7b299f46224f032e432f903b6f7b26093574b1717e849d2be91e2ea94391db49ded145a1e30b4f0628310edfa14c70acac981f3aebbfd6a195b9fdf66344550cdfbbb037b50a03a59d34f4730e391bdc6a5d934ca6e76d9210adaeed8e0d5c997e31c523c437f7a428787b6e263bc6afa0868b1225430721a2d4d72a8c6e189fcc2233b1cd1e3659961e3161c82c3f2a4179cc5bd72bffdde7d42fc77d4233ffc2aae8296044f275eb7bb40ed45f9c39d85cf6141d11d0bcc81d29464eb8c145aaa75ae3642ed3b54651cc28e0fd529b9138f9086d6f833f76717e3767ad47d75b489a5078d447bc6dffe07c7422a9848441ff94746c57d2d6342b512074febdc4f7483538d3ce7fba44ca673a9993f49dbbe01929b5469f7df9a241544b3381644f7f52533ec34c9e0fcd4e844cd0853b4d5865cc96f1c27424dc9fc75ed0d67d832e66177ab16e87b23be40c23252709ee5da7ce3ab41e78cd6b1127066e8d71e00e042d8810b32f233e0a6feaf657a3c2a50b8a4f175b2cd979b6e457062192a1a07b226c8faa3e5f4a4a8619bc0903922bf7ce06d78f5c496ca0b601c694b28c581f851687594d09108a64a6d52b513e730e7bcc6e0b301082875c2118be233ba6a1385862be5c33c13d688d229c70951a97c23494420310166fbb68738cefb5bba48c95b62e061adaef3f55d68d41764d55732150ada363ea9dc9b3570e24950df8c2f69c1ece20c284d3083ff9f654a4c88cb2d212ef6ba4d107d405f373d170e11db2675bc49d11274c396ddda79348fc9499faf6c5c5597d659ff4698c7cde424ca2d64fb4009a5363a24efcbea7853e29d518ac1d33980dacbfce905099348ff6d159073e1908da9c5d0fa3f233617c98caa3f9c15ddc71ac4b34d528f9748816c9453f9c3bb92af364f3a2b9b1ec9c3af91e25643c45bd9edb169bc4c3d9e0f1d1ac64b440bc7ae9c1ee30e245c90ef6e2b8a806fbe6ae87c140436d1662373673708673ab7eb8c312d0b944be4dcbe44f7a1593235e5d9b812ceeceb446e7b6089e2a603471ee9bfa82b4f6ac0192d08c739df225d2482163459938399fad9a65973c196772befd55ed3f5b1aa91b1aa3b3642bf767014d944dea91413808f750682864ab9485ce6a6fa72c7ce9ee40a0f1dddd32d478c48400c91641e3b1c0ec5658f6a641cd900f2478bb7c1152ae9475bc73df61cac8526003f3f6dcce11e844c2e0e79ac2a730a45c4c30b25e353d70d6f0e06a6d15cfee73f36185c4bb5c0742098e9c60ce7cc07022815f311f189bc96468cb8079d43b7135e827f416ec57a5d7901041e0b3f2108a126ba81bb5e025321f61e371485f6020f059f68707a5e7cb350656898e18e4160221ec764dcead6ffd62631fd944736af539603873f9a864dd7de467578a3080eaac14ee8d87ea73dce527f0528f35415ecb86b957e5b0a702a046ef069ea6d7bb481b79f870c75cabfedee00614106af1cbe1637d620f97ed34df9e7030ce7fbbe90a4d8ba27b388b1b4ffe41f75f5ce821668406cef7e8a81203deab11523f539756e3118a09cce1440b80f71d491db974e4594ab343ed365444d3084c565898cf5970f3fb243e95b8a296bd24283dcd21c0009c9935740207a69683ad96073c6e2a5ea652dd07530bf1f0c2e65ced00c39be3f5584fda0ecc3f22b8d0ea18cb2641d92f9874d96fadcd01af4442b9bea2527964bd2e3e4ae9fe4080fc5193827ce2b13b01673597b6a2a1ce6341dd8a9a38b5cb8d6ad9191865c8038bfe255781646946995dd4aa9b0cbf7df35ef46acbadf68af24c3b3047def9de83718b0a5dc27961ffecac9db138183f59fbcd49e28e8efa8ef472db64b1e1b0cf58deb8cdb030dd82f532f64ac050cb6eff82c6939f02dbb602bfaa69a74a7106ee0b6e7af1f2f794b12dcaf043771444499bdf0131cc7a4d93614f9031616e266863c6d48f880caedf4b5447a1e920f2ed9790a1b6b9e92c6fdfc32b871d065440a517bb6261026a6668488adc2aa74cc3d7eafe2f06b50f598349209c01253ba1c8fe53723059a1cc2f3bc9948192ccc4d0f589483a2df2896c743254fdb60b90836c0cd79ffa4bbe0e98a80fce3ef4efb32957284ec87d0af5c1f8851f723e85c33ccba9415194e1c3a499823a0384b1e64d5ba850c0ec70fdf4fc8bc0b19e7d716002d753d6a0245b9d13b917593eb461e4f0e4da1f49cb21a2e44ab62113600def2668cc5d97eef1d53e749b26243a4e0818f6242a85f7d2a0daa227eafbffea2eeb822c9ac639dfa4d259f9c9b6484cc6f53459d8a84bc3de11ef4a05cb1bf4d3ea8b2a4d419a4f501e8047758e816a3fb8380cfa0c46cc7023e61219ef729970aaef426c6454eafb1319d90455a138c68e3f793ffa531e8a5c59774bf98c177f31d13090becc3ac754a1831e7e595b4dd2accce39d8f0283809caccde9256da05f0a3c2552311f2526c90211de396da53c1d74392fbfb0163f3e836bc4fc2c1143b5dea195846df1c3f94805cf2b9696d8afaea9916ee09fd3cc4b0aedad8d0c9f24d7e935c5e0abb1fe2b1504482c13c28c4c1104ee6f459b643a03aad246ded7b21fdb867f62e85596091972f0ea9827ec3459b871080a4b068817245981df7c724ccd886a927dbd9a201b49f05aa5dcd21d2ed6f16a1773dc388d4b41529a896e9659b554d975062a1e94018855e7627975b931b465a411f04106ce6d3a27efe9159fef3f3d074084a1711972493d1fadcb086f140f44925d9adff2610fa3c871271de1282e1ecdc37dbb85956b28a10e5b8e34100bdaf8b61fb986e2103fdd6ab96bc2d8d35a2569cd9fbb80b61f6718e3589531f44abc33df566283411917ad1fee9f87f84af269d5d02f9cd71a405a6ade0b18dd8e8dc52e73a79819fa1908f94075c0aaaa24656f07dfcea30644c952da72a23a12f0bfa426a587b428fb627687cf1377075559932ef36e0b9e07267a9ce67c415b6d650847af362da641694dc93b7c15a18c750a1cd90a96dd77cd33294e865f8ef97e4bbe98cb505d8d20b8bd53329e7dd08b256731bd36538f538de014e707cdbfcc5b31f40f678c503ec70d982399a418ad2675411c65532e14139b87c1e017b9687fad60f3a124cf4c4881324eb8e1ae9c2751283f27f4e82249df59b4f6400e17d938d78a7955a3cb4b9d2873601a6b302b9e3ae121c867ea54b5b28f4907404773bd12550150feb97547bd702d0754853834f79b49df4880dd1a31be12549469a5df5c471c18fb70eb19aa45d0223010e3acdd02d5fca6d5fc96df78442b46c123482d4d6f021080fea50b81c760ebf2c18250133ce0466f9b96377f29b645e8b5581b1f7f5f43e5d81011546e0554a57ac76345dcf645e012df381c1bf97dd78ff7ba560726025fb678ff2f22117d14834006b4df22d9c931bdabb27829e20a9ec049788c1e059f3f146f77cf5d53c8e5de22eea78f7894887f7ea03dd4baa0b45acec2fbe1d56ae19bf62a3fada1d983b9adcba97e06dc7b1f82ac662cbdd72962a27ad9b1637e7c0f242329fc7a1cbbdab13d71dbcf19848d418e27721aac46fa0b751901b18d7a43f4ef96998bf1c89d2f5b82210ec9b1e46bbcc4bf54ff652a96074f12407f9ebe326fccd02802253b64c76fbd1746ff2f29b610d8e84fca6a8eed32b3575041cf6fa2d279851460eed8e35cc61af3e983d6ffdc8394cb493405a12c548d664e3b2e3fba1c201bb8e4f4f239cfb9aeb3d328fee2fbda8329226f8d3fe60f4f3088afd2c6305edcef6fc66d6c5bef552a292b394222c1214b38d7baedda85505100c122c9dd737539823e55169334803c1580a0d32cc25c0085144094e8f8b66db3fb9441ca59c4bd8d6565a073af1894201255a9392bfd981c750e1926aecf99ce52211a36b7e34e5b2fd8ce5914f15e90e63bf0e9b8d55ebfea28c9d20a86272cb0eb32301f4111981660d84725c5190215d4f74ff1fb9f2980c070517d475af423249e734b8c508d59be0c27349a4ef86338bfcaf7f14b0cc5de1d038852e4179289d08c1913ee055bb0b5aa9dbc15f45eb8ba12b108c17333ea344b7f904b970404073108ccf040df5f7074d55a708fe930945e85c5fb153c110b253094c86e190921131cbe2ff6254589d6cbfbd60ff0e3fe1d0182251cad356f7cdcee0a25baf29a3e1592a3ab5c14ab243a20e6988ffad91fb638dd54a1ada45a790c905d79feb637c24d2373cae146ead91b9595d0079dbf91d9bc77e37c9bb2c36591935f4477265dbf4daec15420f2ffe07d3570ca4b0c4156b397d3bbe6d3f84405be18b59944a29ea3719e81b8426682f5a5cceebfece0d3abe05b0252ada217611f3c5582a91975a54ce53a3e872de866dd9099415c5a64eef308337f7fa5b099732b9d2529e7a3cbfc4a47a9dc2d0cd025a5ba0beb28501de97a64b2772817f00ae3e54236047995e0cec60b43153174b743c8b35c206df786581e61c0f47418b2ffa610bc60bb015fdc9bce127c3fb3e21439d20952d728bed367f8d1370dcb45b2d35d83216260fdfff9fb8a70b661e12587762ef96ec6a95c7869388a885c14d83a17092b6f2dd246db7d5e093cefb94c5cfa90caeb6f82f10ad7462a099435689637ec8c714972d54fc87b07fd9ebccca167385798e82569bf2eb64340e14e584a97ce718ae8e1ecfa4f2b543469966efbd25ba0b323b7c2236ab0f8c446e13a0ea919b19e6101460b7601b646378374d58eae96b1922a4b0e50ed46c7a6b8febad0093f98c00ecbc68c846104418fbf1c76ee0f3653a6250419b45244299110e7fa1b3c49e8245a52abe84c412a05efdb354431a3a326b14f17788a6035a7dbe24c0ed870fb41446445a65b337c8bebaf7108bdabb7d73de9af46755057567be4b5eb1d40ec746f9902969d4d021a0e6ce60e8bf2e594e834457b1acc5d65e52cb87efbe9bf9608ccfd4e930b0845556c989cdf168459e351f0adf2c19af8c26d60074eeae194c87ae193420009952966b3496ea19de6a844cc9569122359af56df8ccafb44443a04e368d739d96139315a5df75edf8a9f9144c837f481d3951533a498c426fea9090e33cc9e5a16e8c7ce4af36e06447dd1be496747d996c7ec0bdc5de450537e6c0140cdc3fd278349b7116ff330a3bab2aa84d876b26a354861298cb2b7f227dd46803747e9e67fd0d4dafed83a4336acf05dffad60565b72845ec9e6e09850ffc64560f14dd6312d3e9673c763f384c3d3eb56f4b6981910d958bc79a8021ed7b5dc535585fd0087dfee4b2b2a66e922002aae8d57e5ff5092ea8811e3b45ae3775abc9f73913ea888e8ece37017b46a9de1c2abbdf7eb6628f957d07650f5b1747cedb6b3af32a476c2ee77a9b4fcc15c18a10d45bc6876e9e4bbdfaf8dd0a3cf3d5bcaf348d11585d8eb91a490bc933d7de1335eb1ab4"}, @iv={0x70, 0x117, 0x2, 0x5c, "d253126560cef5df517bdde308fa5fe90085727f9705f383d50c3c2bd20b45acc3ce0eb94365cc636f5f496483f2463754609ba129d225491af0255722b08389c48d51d9e09de0eb9420d215607a401dcb06a8a15928e4f448e2923f"}], 0x10a0, 0x98}], 0x9, 0x0) recvmsg(r2, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) [ 2965.229867] kobject: '0:46' (ffff888056210990): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2965.239408] kobject: '0:46' (ffff888056210990): kobject_uevent_env [ 2965.246062] kobject: '0:46' (ffff888056210990): fill_kobj_path: path = '/devices/virtual/bdi/0:46' [ 2965.291724] kobject: 'loop3' (ffff88809df40120): kobject_uevent_env [ 2965.298222] kobject: 'loop3' (ffff88809df40120): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 2965.311772] kobject: '0:47' (ffff8880543751d0): kobject_add_internal: parent: 'bdi', set: 'devices' [ 2965.333914] kobject: '0:47' (ffff8880543751d0): kobject_uevent_env 21:48:08 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) ioctl$NBD_CLEAR_QUE(r0, 0xab05) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) chroot(&(0x7f0000000000)='./file0\x00') preadv(r1, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) write$FUSE_INIT(r1, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x8) write$FUSE_DIRENT(r1, &(0x7f00000000c0)={0x10, 0xfffffffffffffffe, 0x2}, 0x10) [ 2965.347867] kobject: '0:47' (ffff8880543751d0): fill_kobj_path: path = '/devices/virtual/bdi/0:47' [ 2965.357189] protocol 88fb is buggy, dev hsr_slave_0 [ 2965.357235] protocol 88fb is buggy, dev hsr_slave_1 [ 2965.357319] protocol 88fb is buggy, dev hsr_slave_0 [ 2965.357357] protocol 88fb is buggy, dev hsr_slave_1 [ 2965.357443] protocol 88fb is buggy, dev hsr_slave_0 [ 2965.357480] protocol 88fb is buggy, dev hsr_slave_1 21:48:08 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56e179a9b6c5820fae9d6dcd3292ea54c7beef915d604c", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x396}], 0x11e, 0x200600d0}], 0x1, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0xe7030000, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0xfffffdd7}], 0x1, 0x0, 0x2000000}, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r2, &(0x7f00000017c0), 0x199, 0x0) r3 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000580)='/dev/video35\x00', 0x2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r4, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r5, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r5, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000005c0)='skcipher\x00'}, 0x30) r7 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r9, @ANYRES32=r9, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r10, 0x0, 0xffffffffffffffff, 0x0) r11 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r11, &(0x7f00000017c0), 0x199, 0x0) ioctl$NS_GET_OWNER_UID(r11, 0xb704, &(0x7f0000000640)=0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r13, @ANYRES32=r13, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r14, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000680)={{{@in6=@loopback, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@local}}, &(0x7f0000000780)=0xe8) stat(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r17 = gettid() r18 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r18, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r19) getgroups(0x1, &(0x7f00000008c0)=[0xffffffffffffffff]) r21 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r21, &(0x7f00000017c0), 0x199, 0x0) r22 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r22, &(0x7f00000017c0), 0x199, 0x0) r23 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000d00)='/proc/self/attr/exec\x00', 0x2, 0x0) r24 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r24, &(0x7f00000017c0), 0x199, 0x0) r25 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r25, &(0x7f00000017c0), 0x199, 0x0) r26 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r26, &(0x7f00000017c0), 0x199, 0x0) r27 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r27, &(0x7f00000017c0), 0x199, 0x0) r28 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r28, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000d40)=0x0) r30 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r30, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r31) getresgid(&(0x7f0000000d80), &(0x7f0000000dc0)=0x0, &(0x7f0000000e00)) r33 = geteuid() r34 = getgid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r35, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000001080)=0x0, &(0x7f00000010c0), &(0x7f0000001100)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r37, @ANYRES32=r37, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) r38 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r38, &(0x7f00000017c0), 0x199, 0x0) ioctl$sock_FIOGETOWN(r38, 0x8903, &(0x7f0000001140)=0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000001180)='./file0\x00', &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000) r41 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r41, &(0x7f00000017c0), 0x199, 0x0) getsockopt$sock_cred(r41, 0x1, 0x11, &(0x7f0000001240)={0x0, 0x0, 0x0}, &(0x7f0000001280)=0xc) r43 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r43, &(0x7f00000017c0), 0x199, 0x0) r44 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r44, &(0x7f00000017c0), 0x199, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r45, 0x0, 0xffffffffffffffff, 0x0) r46 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r46, &(0x7f00000017c0), 0x199, 0x0) fstat(r46, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r48, @ANYRES32=r48, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, r49, 0x0, 0xffffffffffffffff, 0x0) r50 = syz_open_procfs(0x0, &(0x7f0000000200)='net/mcfilter\x00\x03\x03\x12M=\xff\xc4H\x87\x0e\x05\xdbIO\xf3\xff\xb9:\xbd/\xd1j\x18\x99AxM,B\x1d\x06\xe5iy\x92*\xa7{\xca\f\x9d\xd2n\xe7\x82\x94:\xbau\xfa\t8\x02\r\x9c\xf5\b\xd9\xb2\x00\x86cGt\x82\x85\xf5\xf5\x91d\xf2\x9f\xb1]\xfe\xa80Z\xf7\f\x94nEK\xa5\xf3\x9a\x9a_\r5\xc4n\xd3)Z\x01\xaf\xbd\xfd`\xe0\x1e\xaf\xed;C#\b\xf5\x91#') preadv(r50, &(0x7f00000017c0), 0x199, 0x0) getsockopt$inet_IP_XFRM_POLICY(r50, 0x0, 0x11, &(0x7f0000001340)={{{@in6=@empty, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@empty}}, &(0x7f0000001440)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=r52, @ANYRES32=r52, @ANYBLOB="100006000000000020000000000000"], 0x4, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000002480)=0x0) r54 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r54, 0x1, 0x11, &(0x7f0000000240)={0x0,