[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 43.187699][ T26] audit: type=1800 audit(1553461026.385:25): pid=7924 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 43.223118][ T26] audit: type=1800 audit(1553461026.395:26): pid=7924 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 43.243796][ T26] audit: type=1800 audit(1553461026.395:27): pid=7924 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.23' (ECDSA) to the list of known hosts. 2019/03/24 20:57:18 fuzzer started 2019/03/24 20:57:21 dialing manager at 10.128.0.26:39857 2019/03/24 20:57:21 syscalls: 1 2019/03/24 20:57:21 code coverage: enabled 2019/03/24 20:57:21 comparison tracing: enabled 2019/03/24 20:57:21 extra coverage: extra coverage is not supported by the kernel 2019/03/24 20:57:21 setuid sandbox: enabled 2019/03/24 20:57:21 namespace sandbox: enabled 2019/03/24 20:57:21 Android sandbox: /sys/fs/selinux/policy does not exist 2019/03/24 20:57:21 fault injection: enabled 2019/03/24 20:57:21 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/03/24 20:57:21 net packet injection: enabled 2019/03/24 20:57:21 net device setup: enabled 21:00:28 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x8901, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0x1e, &(0x7f0000000200)=""/19, &(0x7f0000000240)=0x13) r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x0) syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = geteuid() ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3) r4 = socket$inet_tcp(0x2, 0x1, 0x0) openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$md(0xffffffffffffff9c, &(0x7f0000000400)='/dev/md0\x00', 0x0, 0x0) fcntl$lock(r4, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setxattr$security_ima(&(0x7f0000000000)='.\x00', &(0x7f00000003c0)='security.ima\x00', &(0x7f0000000240)=@md5={0x1, "d3cce0f719456821301b2b983f6d12c9"}, 0x11, 0x2) quotactl(0x7, 0x0, r3, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0xfffffffffffffffe) ioctl$RTC_VL_READ(0xffffffffffffffff, 0x80047013, &(0x7f00000000c0)) ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) close(r1) syzkaller login: [ 245.900411][ T8086] IPVS: ftp: loaded support on port[0] = 21 21:00:29 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) close(r0) fchdir(0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000002ac0)) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000000)={'mangle\x00', 0x2, [{}, {}]}, 0x48) [ 246.006747][ T8086] chnl_net:caif_netlink_parms(): no params data found [ 246.100740][ T8086] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.110190][ T8086] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.128629][ T8086] device bridge_slave_0 entered promiscuous mode [ 246.149416][ T8086] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.156484][ T8086] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.177639][ T8086] device bridge_slave_1 entered promiscuous mode [ 246.194509][ T8089] IPVS: ftp: loaded support on port[0] = 21 21:00:29 executing program 2: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, 0x0, 0x0) bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc) [ 246.224539][ T8086] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 246.248221][ T8086] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 246.314667][ T8086] team0: Port device team_slave_0 added [ 246.363540][ T8086] team0: Port device team_slave_1 added [ 246.441270][ T8089] chnl_net:caif_netlink_parms(): no params data found 21:00:29 executing program 3: getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000200)=""/19, &(0x7f0000000240)=0x13) r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3) openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) quotactl(0x0, 0x0, 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) close(r0) [ 246.501514][ T8086] device hsr_slave_0 entered promiscuous mode [ 246.578839][ T8086] device hsr_slave_1 entered promiscuous mode [ 246.646967][ T8094] IPVS: ftp: loaded support on port[0] = 21 [ 246.647488][ T8086] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.660132][ T8086] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.667861][ T8086] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.675192][ T8086] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.700220][ T8092] IPVS: ftp: loaded support on port[0] = 21 [ 246.731375][ T8089] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.739084][ T8089] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.747020][ T8089] device bridge_slave_0 entered promiscuous mode [ 246.781224][ T8089] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.788286][ T8089] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.796927][ T8089] device bridge_slave_1 entered promiscuous mode 21:00:30 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000080)={0x9, {{0x2, 0x0, @multicast2}}}, 0x88) getsockopt$inet_buf(r0, 0x0, 0x0, 0x0, &(0x7f0000004000)) [ 246.845598][ T8089] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 246.875680][ T8089] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 247.022005][ T8089] team0: Port device team_slave_0 added [ 247.027878][ T8094] chnl_net:caif_netlink_parms(): no params data found [ 247.061888][ T8098] IPVS: ftp: loaded support on port[0] = 21 [ 247.072093][ T8089] team0: Port device team_slave_1 added [ 247.115232][ T17] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.138717][ T17] bridge0: port 2(bridge_slave_1) entered disabled state 21:00:30 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) [ 247.175587][ T8086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 247.232237][ T8089] device hsr_slave_0 entered promiscuous mode [ 247.298780][ T8089] device hsr_slave_1 entered promiscuous mode [ 247.401198][ T8092] chnl_net:caif_netlink_parms(): no params data found [ 247.459685][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 247.468132][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 247.476353][ T8092] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.483495][ T8092] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.491237][ T8092] device bridge_slave_0 entered promiscuous mode [ 247.499074][ T8092] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.506140][ T8092] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.514021][ T8092] device bridge_slave_1 entered promiscuous mode [ 247.528325][ T8094] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.535445][ T8094] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.544301][ T8094] device bridge_slave_0 entered promiscuous mode [ 247.553875][ T8086] 8021q: adding VLAN 0 to HW filter on device team0 [ 247.556698][ T8103] IPVS: ftp: loaded support on port[0] = 21 [ 247.583202][ T8094] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.590616][ T8094] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.609296][ T8094] device bridge_slave_1 entered promiscuous mode [ 247.623091][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 247.632387][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 247.642771][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.649865][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 247.670209][ T8092] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 247.683257][ T8092] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 247.713320][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 247.722059][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 247.732412][ T8095] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.739503][ T8095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.747560][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 247.756307][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 247.777026][ T8092] team0: Port device team_slave_0 added [ 247.785856][ T8094] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 247.797351][ T8094] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 247.812983][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 247.821885][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 247.830614][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 247.844828][ T8092] team0: Port device team_slave_1 added [ 247.856740][ T8094] team0: Port device team_slave_0 added [ 247.870193][ T8094] team0: Port device team_slave_1 added [ 247.961345][ T8094] device hsr_slave_0 entered promiscuous mode [ 248.028705][ T8094] device hsr_slave_1 entered promiscuous mode [ 248.114879][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 248.123502][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 248.170859][ T8092] device hsr_slave_0 entered promiscuous mode [ 248.218862][ T8092] device hsr_slave_1 entered promiscuous mode [ 248.262596][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 248.272089][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 248.324952][ T8089] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.334225][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 248.342710][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 248.352601][ T8086] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 248.390214][ T8089] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.398184][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 248.407475][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 248.451785][ T8086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.468088][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 248.477211][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 248.485930][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.493018][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 248.542447][ T8103] chnl_net:caif_netlink_parms(): no params data found [ 248.559130][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 248.566938][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 248.577330][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 248.585778][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.592828][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 248.604649][ T8098] chnl_net:caif_netlink_parms(): no params data found [ 248.673781][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 248.685986][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 248.702294][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 248.724855][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 248.734022][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 248.743589][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 248.752524][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 248.760947][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 248.771245][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 248.783859][ T8094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.806830][ T8092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.816108][ C0] hrtimer: interrupt took 26107 ns [ 248.825339][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 248.833821][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 248.849323][ T8089] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 248.863772][ T8103] bridge0: port 1(bridge_slave_0) entered blocking state 21:00:32 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x201, 0x0) pwrite64(r0, 0x0, 0xfdf4, 0x0) [ 248.874912][ T8103] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.897203][ T8103] device bridge_slave_0 entered promiscuous mode 21:00:32 executing program 0: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, 0x0, 0x0) eventfd(0xd69) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000340)) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200), 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 248.947747][ T8103] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.956275][ T8103] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.967774][ T8103] device bridge_slave_1 entered promiscuous mode [ 249.007183][ T8103] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 249.016931][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 249.027789][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 249.035819][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 249.044151][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 249.056320][ T8098] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.064724][ T8098] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.073038][ T8098] device bridge_slave_0 entered promiscuous mode [ 249.081142][ T8098] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.088255][ T8098] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.096169][ T8098] device bridge_slave_1 entered promiscuous mode [ 249.104814][ T8103] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 249.126314][ T8094] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.135327][ T8092] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.150488][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 249.160095][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 249.168651][ T2498] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.175726][ T2498] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.183868][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 249.200922][ T8089] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 249.226957][ T8103] team0: Port device team_slave_0 added [ 249.234285][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 249.243462][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 249.252149][ T2498] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.259262][ T2498] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.266944][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 249.275503][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 249.283875][ T2498] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.290979][ T2498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.299170][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 249.307546][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 249.316018][ T2498] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.323129][ T2498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.330661][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 249.340425][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 249.350708][ T8098] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 249.361788][ T8103] team0: Port device team_slave_1 added 21:00:32 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f319bc070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000001, 0x31, 0xffffffffffffffff, 0x0) ioctl$int_in(r1, 0x0, 0x0) sendfile(r0, r1, &(0x7f0000000000), 0x400) [ 249.394471][ T8098] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 249.422997][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 249.444158][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 249.462278][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 249.471955][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 249.480525][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 249.489312][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 249.497631][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 249.507045][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 21:00:32 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000440)={'ip6gretap0\x00', &(0x7f0000000340)=@ethtool_drvinfo={0x3, "f35d4b6d4f045388a239fbcb5a197ed227a0ff5d0e5ed754372b5f97c6a3e91d", "3bb97c75a2fcf0a2c061b6c9355b70672e97215a3bb38cdbea111fd08cf48d9c", "5d257f3b95ad29852c03d66c231fa62b1e236853fcf3520c8c925d4778237aaf", "de3fb4d9da1ba72d36428e938ab04a06a14aa3605949e5a8260e42f21b896dba", "0a153befb0210c5174280d9d6f1d71cafd286e073a78c96b64e05541efd20fca", "9b58febd64165fc832b3d717"}}) [ 249.539865][ T8098] team0: Port device team_slave_0 added [ 249.549504][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 249.557901][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 249.573426][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 249.597852][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 249.611418][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 249.620250][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 249.631141][ T8094] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 249.691698][ T8103] device hsr_slave_0 entered promiscuous mode [ 249.728859][ T8103] device hsr_slave_1 entered promiscuous mode [ 249.774301][ T8098] team0: Port device team_slave_1 added [ 249.781598][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 249.790875][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 249.799941][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 21:00:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000100)) 21:00:33 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x3, 0x31, 0xffffffffffffffff, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000200)) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet6(r1, &(0x7f00000002c0), 0xffffff3f, 0x0, 0x0, 0x0) [ 249.825913][ T8092] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 249.837880][ T8092] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 249.883301][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 249.893042][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 249.917012][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 21:00:33 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{}, 'syz0\x00', 0x2d}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) [ 249.927045][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 249.948849][ T8094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 249.985244][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 250.035296][ T8092] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.092085][ T8098] device hsr_slave_0 entered promiscuous mode [ 250.108076][ T8146] input: syz0 as /devices/virtual/input/input5 21:00:33 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000000380)) eventfd(0xd69) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 250.138907][ T8098] device hsr_slave_1 entered promiscuous mode [ 250.244373][ T8146] input: syz0 as /devices/virtual/input/input6 [ 250.381799][ T8103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.447040][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 250.473195][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 21:00:33 executing program 2: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) vmsplice(r1, &(0x7f0000000100)=[{&(0x7f0000000640)="33a6b677a0d32faecf5fed7387b1bc25763387e1f05b6098c669eba06c5e2a955d25dbc36f7ea6a1ed74588f4c08a5939d0e8d30b4adce73639fb374e6a2e4e913f7131c4e10c11c84afc77db6b69d309a0f10a78e401d7733bff9fa65e5b4c1421b5cac179368821284ed73fa5316cf20557cb1bcb34ceafc211316f6b43a40319d8ca08d13637da10c3346da70577b94f89a69ce981329261751007f9475df633bd614dc309f12fbc03a5c3cba6afeaa895272c458caf83c5134717d75fb81b3fecf5c1bf9609d39f1d7a56bbfa5a66166d1620968540600cff60cf8919f5e19eea3f96d18ffb11547f07ebb1bcf9327eb397ff56d139d92cc6c465913b208d2d64d8156e58611a82530e8259ae06679e44220a5cacb30c2fbc4c8ccef93bcaf8290e6b1bd34ff7098635eea71f102c79d6246b555c6f1f236dd5c76b246aff3f902282704cde541398b824f2e5bbd8ec2c8f00a815b603eec5fcb60347a16e4ef4560d5ce34263672baedcac9dec643660c2400f97bd216829a3855242047d67e2164063e8ca5f88d1b4d0d9a05015c74176d9a58fb9f973f6b077d59ba0e90cb8f083d62f47b47f4e180715dd4d3202670e4bbe3755ce5ca7d9335d573d69122f4015e4b388c88bbd1962f5ce2aa9b307eb58fb812ca15522a537d15cb44d7fcf523e79cafd480f1c69c302288d333895e623fa7b708bcb4cf68075def8f740b71b9973fe2f7b0cdf9ec3083582a6c58b5a27ffe701a53df36bdb6a61dbe59034b4db44edaf92e1d21a436434ff0b98725e2bd2f41748c69cb4dc5f7362c3816c6d4c9b16031be6fb8ced6222b6f9e41f57d8fae15d1f57ffdfd93ec7a8f64443a69c33a2f2bbf2c5fe67d1c59f04a6cd136bb3566fa902213264bf55e3cec1f297ca2a79b68466f11e641fbb8bd5663aed511d5b1f045ac0102f0f18319f96f91667e5b757f4f5fbc22bd1b8a551da0721e495ada283a41ee4665251f16ee7dd28777246687e1d23d78e74ca4932c0dd4b1b4ab3635ae9bd1c84a699d144827d00cc9f235b4d7499905c3d591603d7265c3bcfac5d6ecd2f14631a502eb0f099d3a92dfb9b2c9f6100c22715c9919c67e361162371f49e43f77612b040b283bb4d19ce09ca90b2b85a27c5c4d7e242b6554b50855dac824291a35d5a269df5d8092fbbce056bc7ce88669958a5e187195bb42dc4ff3fe2bb511e2882bfe45ebc24b6215c0bdf7266822987453f373a665df348e6bf12684f42cd610d80872da5282f3ef34d792f380fd983df725da4f65dfd169988e9f24cb889987aaabb6588cd6d9dfbaf32ad02f51304cae11dcc1609be7dabcb36cae2a1c5637316e44630047ec7d80109bf52eb91044eb627dfba1d381f3f67d097b0b929d07937a114e71dbef41502ec3c9e9de62506afa885f956b64c492cdf34250165e7ee3212bcc7ba226b1760ccacd5262a30578221180ed591e083b9f7c478a46e19548edbc0dc7dc814aefbfda1a7b6ed343d69f3ca7f04489afaab1fc367e03b748a1247a1a4e4df065ddd5cc8fc0593dbda9d5f33dbfbf3ab2c59c0b8be5efe45824fe698a2b2dfa24d3ffc0f718e5943ab29756fb8e424ad330139d2de31ec9b632adf7bef3192e0e88990f48292a6f2601929098bd10b13464c1405e4146f4ce6a303ca0232e91329a57fd57f2a1abc4f749ecacd61b84efb1b07227cec33eabdb1256162a23d617057cdfcc95a739b0287cdb1699bc7c53771032ae1c79ae6f81d781a678447a1d5c3dec1b614d8e55c5e9dec02483b0a13295dbc5cbd9cfe569646a19c514c6da44e12daf650e31e8d301c29deac4fd01d9b04eb913b887c21c67a0e407657d848f1c72bac07192862975fb90be7c88b8809d5bace3c5d871581ec70db3b937bf6381fb953b41d849a8de97e0de0b48b63bc9a8bed5f2ff3fa9b8df9078529ef3658f931b97076041f23dc5e7c03c9032441ce3ff6f79109946dbd20acd2b22e67d3b3e22cf5f7b163557d85d13a92283e950bd39625fff1290e0ef102ab8cc928b203e28e5aadb7f2c82a2d25c660ae0259883b369d42ad6c23d35aff7393145ada8d6da496637929f4eb9bcf55eb241092c01d3f86cb811b99b572e988dacb12a0a04b3acb4b7a6945b27e78649ad13abfb61b7a3fad538017c426a96fd626a945c660b16fc257ef74525cab5adee838db09058ccbc4662571865c2e5d7427d1274a57c7223fd7325996241b78958740199977d4d5d7826003bc36d6badbed8e64366458b4515426be07e5c78187ec98d57c44cab9abfbc6bd4ab128204bcbfc20596fb2179f77861bb39cde9965ada92e2d61e62799da82fae4b8cc442877ff11f375f6e43bde7388382c34e56dacc987972bc2687a71c3baf7126ab040e0059b6e07e929f1da8e8831eafcf646a912f96ab2318c903007d960dcd00578adee0e6909b98fe0fdc6e1838c4f2410c61584ad5baf9121d6a3f970dadd6246d3ada18752afe6892baa44933143e4ac110726b6846faa08221d7d1fc4a15187c476ba95354594fbfcc82ed2818861bed131b068434ce55a800914e5c50ed8bc4f4ff6d7c2600056c6edf322eff7f612ab98e4422c2f621927e4ba740da8532a6b4b1eeb4f9cbdbb33e10dffce7f01c4ef16ec208321e5b2b7fa6d5fa44703ff2c3abba06295adc8292bd2d7296d67f06956f11bfaab3a93b14df029f4133671beaf6059c978ff4ffc71d2a3f09094cfa071c4dcb1a2446b41505ff91357d86163e4d930eadfefed050fbd2904f31f4ba49c90174b57092dfc661c71396016e58d020c3b2432a780af53e427dcd0a9089cffac4e5ff15a99756b7412305ef1428899d976da419742952c217f52156f9a7578b9751d88afd7a239a94595ecc0add4c30b0944df0d61fafa479a358b120f9a2e0ef5cbc2983258109b79d1f51b7609abbf2e1cd9b06e7474f4b0b51af9fcdcd2100407593b816260a3660c68c2b1255c393f8ce76adc827da728ec724334551b013a558f4a014b4ba524993e55387e24dd5cd1f2f44d923c5cc9faff15ec37f733c12d3e5a03fdaab23f0576d18fd1809158d32cdb01c61ae424357ca8bdb1c838e83eaf4081a0002e197aab7c725e14a839256603a891ff6845b0a4dfc4fa49512dfb948bdba3b25a6e51254eeb37d4f5ffc962e680a41829a95fd2d5b48ebb2f7e114bdc72139a38acf4110910f7aee31235442d290cfda3904725cc9e1c0020f54932bc1916401333ea02565f9010d6b15e478a7a662a6b94329c3379c0ce2dcd4ac16f3d79d46b147a3af3cfed988708af4bb3960939a427b8f615e19b9e491acdae0b87026de5df8e1761cd9a7e6962b3edd2572bb6f3e4a9f114d3c85c02cd9f36ff9cf9ff9d6bda3dfa17ab0fa0368ffa7b36c96a2e26bd0afd267a2e9d2099c74d7456b72211d8c3bb553c2ecf06312d8520f1e0dd9226fb998d28c5d2cd88454602f6808ee1dc98a71408d0b38884ec6a8462adfffc888c705b894a453b6b1b18cba30f5f0c8", 0x9c1}], 0x1, 0x0) setsockopt$inet_udp_int(r2, 0x11, 0x67, &(0x7f0000000140)=0x202, 0x4) bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10) splice(r0, 0x0, r2, 0x0, 0x10005, 0x0) 21:00:33 executing program 1: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) fchmodat(0xffffffffffffffff, 0x0, 0x0) close(r0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)) socketpair$nbd(0x1, 0x1, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000000), 0x4) [ 250.498191][ T8098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.524039][ T8103] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.554265][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 250.567406][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 250.593166][ T8098] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.634817][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.651648][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.666416][ T2498] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.673575][ T2498] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.713580][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 250.739221][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 250.759369][ T2498] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.766449][ T2498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.785481][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 250.800217][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.809350][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.817862][ T2498] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.825003][ T2498] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.846514][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 250.854952][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 250.863516][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 250.885903][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 250.895428][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 250.905934][ T2498] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.913052][ T2498] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.921337][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 250.935412][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 250.944049][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 250.958909][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 250.990005][ T8103] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 251.000746][ T8103] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 251.020358][ T8098] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 251.031014][ T8098] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 251.042417][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 251.052030][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 251.060796][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 251.069378][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 251.077769][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 251.086156][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 251.094453][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 251.102693][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 251.111151][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 251.119587][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 251.127719][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 251.135981][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 251.145678][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 251.154284][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 251.162569][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 251.170987][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 251.179077][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 251.186508][ T8095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 251.211081][ T8098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 251.226422][ T8103] 8021q: adding VLAN 0 to HW filter on device batadv0 21:00:34 executing program 4: clone(0x200000041fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x4000000000014, &(0x7f00000000c0)) ptrace(0x10, r0) ptrace$getsig(0x5, r0, 0x7ffff9, 0x0) 21:00:35 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x19) write$binfmt_elf32(r0, 0x0, 0x0) 21:00:35 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="64f5d9f7", 0x4) fcntl$setstatus(r1, 0x4, 0x2000) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='pagemap\x00') sendfile(r1, r2, 0x0, 0x10000000000443) 21:00:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5418, 0x0) 21:00:35 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000000380)) eventfd(0xd69) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 21:00:35 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:35 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) accept4(r0, 0x0, 0x0, 0x80000) syz_genetlink_get_family_id$tipc(0xfffffffffffffffe) 21:00:35 executing program 1: syz_emit_ethernet(0x36, &(0x7f0000007000)={@local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}, 0x0) 21:00:35 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) poll(&(0x7f0000000000)=[{r0}], 0x1, 0x400) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[], 0x0) 21:00:35 executing program 0: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x4, 0x1c8, [0x20000340, 0x0, 0x0, 0x2000050c, 0x200005dc], 0x0, 0x0, &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x5, 0x4, 0x8906, 'ip\x00\x00\x00\x00\t\x00\x00\x00\x00L\x9f\x00', 'veth0_to_hsr\x00', 'veth0_to_hsr\x00', 'hwsim0\x00', @broadcast, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], @random="03b1f956051b", [0xff, 0xff, 0xff, 0xff, 0xff, 0x102], 0x70, 0x70, 0xa0}}, @snat={'snat\x00', 0xc, {{@empty, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}, {0x0, '\x00', 0x3, 0xfffffffffffffffe, 0x1, [{{{0xf, 0x0, 0x0, 'teql0\x00', '\x00', 'lapb0\x00', 'vxcan1\x00', @empty, [], @local, [], 0x70, 0x70, 0x98}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x4}}]}]}, 0x250) 21:00:35 executing program 0: r0 = socket(0x6000800000000010, 0x3, 0x0) write(r0, &(0x7f0000000100)="fc0000001a000700ab092500090007000aab12992980ff010052021b1f009321000100fd8ed69ad84e3d951e6a598514fe050000000020ba6da9edf27595057d0000030510fa2c1e998656aa0700000046fe0000020704020800004477260a632e217b19832fd18de372b35b00897f7874670000060000000000e79d13835a7634c527f00200000000000000aa000005de0d4c6ef01ec8a2abeb65da7acd3cf912ba1f2f483cb19d9ad9b4225b32c6436e7fbf6ab82088f8e1039fe480fc83ab82f605f30c9ddef2fe082099447c2ed5ec06b7c33b2d7a7f759e0700f50ab29d03ff463283170e5bbab2ccd243f295ed9460ad7f3e26ad7e25d42dd1", 0xfc) [ 252.661007][ T8240] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.0'. 21:00:36 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:36 executing program 0: mmap(&(0x7f00004c3000/0x1000)=nil, 0x1000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x2, 0x0) mmap(&(0x7f0000782000/0x3000)=nil, 0x3000, 0x0, 0x2000000011, r0, 0x0) mmap(&(0x7f0000187000/0x600000)=nil, 0x600000, 0x0, 0x71, 0xffffffffffffffff, 0x0) 21:00:36 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$sock_int(r0, 0x1, 0x4, 0x0, &(0x7f0000000000)) 21:00:36 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000000380)) eventfd(0xd69) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 21:00:36 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r0, 0x800000005452, &(0x7f0000000100)=0xc8) shutdown(r1, 0x2) 21:00:36 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)={0x5, 0x800000008, 0x7fff, 0x8000000001}, 0x2c) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x400000077fffb, 0x0, 0x820000, 0x0}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)="99", 0x0}, 0x20) 21:00:36 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:36 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:36 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:36 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = memfd_create(&(0x7f0000000700)='/7\x02\xe8\xa4\xef\x9e\xc8e\xd5n\x89\xeb[<\x18-\x14\x8d8\xbf\xfe\x83\x19\xf3(\xd7y\x14h\xcf(f\x06I:\xa4\xea\xcb\b\x81C\xdd\xcc\x00\x00\x00\x00\xf9\b1h\xbam\xa4x\xb1:\xcf\a\x94Z\x7f\xc8\vy\xf2F\xf4\x9d\n3\xd4\x9a[\xee\xaa\t\xbe\x90\xabU3\xd3[y\xd1d^We\xa9\xcb\x86a\"\xba\xb7\xcd\xcf\x88\x9eqO|\x9f\xcf\r\x86\xf4\x15@\x82w\xa8\\\x8c^a\xbe\x991l\\\x16\xd4\xd53\xdd\x9e\x00\x01:\xac\x14^\xf6\xb6\xb1^\xaa\xfa\x02x\x8aV\x87\xe3\xfb\xef\xd0\xb7({,\xf4\xa2cl`\xdc\xf7\xe2f\xad\xaa>\xd4Ts\x10\xb9V!\x91uGTy\xde$X\xff\xb1\xf3={\xb7\xe65\xb6\x1a\x99q^\xc2\xfc\xb0\xc09\x85\x03\xf1]\xc54;\x8d\x01\xec3#\x8f%5\xef\xfe\xc5\xdb\xd5\xb7\xe0\xdd\xec,rV\x82!\xa0', 0x0) keyctl$link(0x8, 0x0, 0x0) pwritev(r2, &(0x7f0000000200)=[{&(0x7f0000000280)=',', 0x1}], 0x1, 0x4081806) sendfile(r0, r2, 0x0, 0x20020102000007) pipe(&(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f00000001c0), 0xfffffef3) write$FUSE_DIRENT(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000480)='TIPCv2\x00') recvfrom$unix(r1, &(0x7f0000000040)=""/4, 0xebc3276d6d4b1cd2, 0x100100, &(0x7f0000000100)=@abs, 0x930212) 21:00:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_int(r0, 0x1, 0x29, 0x0, &(0x7f0000001080)) 21:00:36 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:36 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:36 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x20000000000003, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0}) recvmmsg(r0, &(0x7f0000001cc0), 0x4000000000002c0, 0x10102, &(0x7f0000001540)={r1}) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003080)=ANY=[@ANYBLOB="140000001a00010200002a790000000000000000"], 0x1}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000ec6fb0)) 21:00:36 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:36 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000000380)) eventfd(0xd69) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 21:00:36 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:37 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) writev(r0, &(0x7f0000000040), 0x146) 21:00:37 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) writev(r0, &(0x7f0000000040), 0x146) 21:00:37 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) writev(r0, &(0x7f0000000040), 0x146) 21:00:37 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:37 executing program 1: socket$inet(0x2, 0xa, 0x4) syz_emit_ethernet(0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004500001c0000000000009078ac1314bbac1414aa00009078ffffffffa62ca9effa92a5625d4c2aea3f33ab62079effbfde3de41cbaf5df26da2a514be80ffbce01f5981c55c1be55df256b0dc3b035223db1fff653a215951fd15141a405865b65c3814738389e6404ffbb7185469a180704477621230fd2b077738d6f928c7cdf905e93994b88c043"], 0x0) 21:00:37 executing program 2: ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:00:37 executing program 3: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8), &(0x7f000095dffc)=0x4) 21:00:37 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:37 executing program 0: openat$autofs(0xffffffffffffff9c, 0x0, 0x8901, 0x0) r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x0) syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ioctl$RTC_VL_READ(0xffffffffffffffff, 0x80047013, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) close(r0) 21:00:37 executing program 2: ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:00:37 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dc1f123c123f319bc070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000acbff8)=[{0x6}]}, 0x10) close(r1) [ 254.540804][ T8339] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) 21:00:37 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'bcsh0\x00', {0x2, 0x4e20, @remote}}) 21:00:37 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000000)={'mangle\x00', 0x4, "59cbd292"}, 0x0) 21:00:37 executing program 2: ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:00:38 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='lo\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080), 0x10) sendto$inet(r0, 0x0, 0x0, 0x4007ffa, 0x0, 0x0) 21:00:38 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) socket(0xa, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:38 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_int(r0, 0x1, 0x8000000000000006, 0x0, &(0x7f0000001080)) 21:00:38 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:38 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000040)=0x1e) 21:00:38 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:38 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000440)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000000380)) eventfd(0xd69) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 21:00:38 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:38 executing program 0: socket$packet(0x11, 0xa, 0x300) syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @link_local, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @rand_addr=0x80000000}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 21:00:38 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) write(r0, &(0x7f00000003c0)="fc0000004800071fab092504090007000aab6000000000000000e293210001c000000000000000000000ffff0000000000001ec28656aaa79bb94b46fe000000bc000200000300f12fbe780196370d1151ffd633d450000000e5d18064b1ed548d59c40a366c57c6a55e00000100d07302ade01720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70cce190a60aa47e988399ddef2fe082038f4f8b29d97f391064e763b6f380f5bd92c83170e5bba4a463a1e00566f91cfded815b2ccd243f295ed94e0ad91bd0734babc7c737d67013375743417e583df0200000000000000a6b567b4cf715587e6d8a1ad0a4f0108a8835d731d05b0", 0xfc) 21:00:38 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:38 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000000)={'filter\x00', 0x4, "679395fa"}, 0x0) 21:00:38 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:39 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:39 executing program 1: pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) tee(r1, r0, 0xe, 0x0) close(r1) socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$P9_RAUTH(r2, &(0x7f0000000400)={0x14}, 0x14) 21:00:39 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:39 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:39 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:39 executing program 3: r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40000) sendmmsg$alg(r0, &(0x7f0000000140), 0x492492492492805, 0x0) 21:00:39 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:39 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bc070") bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="287474dae6baff3af85f04000000d2eb", 0x10) r2 = accept(r0, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000001980)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="1c458765f391bf93f0248dbb5dc1566e5fe7971b2cd088da4f5960512e7f4bc51ee546cf84007100ded65ae7c7b75cb1c14d6efaecc23336c7ccef9b401ba07dfa8a35771f6421bf71b01420d938f376f6d0351a7c03acabe4ae85acc3084511e4e1f477fb3f9e073c9b2b931286d2951e10bf4397bfa27128f7e9bc3ce898a7a56ae06443105c25d5c3722152925ad17a", 0x91}], 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}], 0x2, 0x0) 21:00:39 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:39 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:39 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, 0x0) writev(r0, &(0x7f0000000040), 0x146) 21:00:39 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c12a41d88b070") timer_create(0x3, 0x0, &(0x7f0000000240)) timer_settime(0x0, 0x0, &(0x7f000004a000)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) timer_gettime(0x0, 0x0) 21:00:40 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:00:40 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, 0x0) writev(r0, &(0x7f0000000040), 0x146) 21:00:40 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:42 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:42 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) pread64(r0, 0x0, 0x0, 0x0) 21:00:42 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4000000000000002, 0x4, 0x338d, 0x7}, 0x2c) 21:00:42 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, 0x0) writev(r0, &(0x7f0000000040), 0x146) 21:00:42 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) close(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:42 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:00:42 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:42 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x0, @broadcast}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @initdev}, 'netdevsim0\x00'}) 21:00:42 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x9) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x9}, 0x1c) sendmmsg(r0, &(0x7f0000001d00)=[{{&(0x7f0000001480)=@tipc=@name, 0x80, 0x0}}], 0x1, 0x0) 21:00:42 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:42 executing program 3: r0 = socket$kcm(0xa, 0x3, 0x3a) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f00000001c0)=@nl=@unspec, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000480)="80de", 0x2}], 0x1}, 0x8000) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000002c0)=@nl=@unspec, 0x80, &(0x7f0000000040)=[{&(0x7f0000000140)="37301a84e871", 0x6}], 0x1}, 0x0) 21:00:42 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:45 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe) write$binfmt_elf32(r0, 0x0, 0x0) 21:00:45 executing program 3: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)) syz_open_procfs$namespace(0x0, &(0x7f0000000580)='ns/cgroup\x00') pipe(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) eventfd(0xd69) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 21:00:45 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:45 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) close(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:45 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:00:45 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:45 executing program 1: socket$netlink(0x10, 0x3, 0x13) 21:00:45 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:00:45 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:00:45 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:00:45 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:00:48 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:48 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:00:48 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x0, @broadcast}, {0x0, @broadcast}, 0x18, {0x2, 0x0, @initdev}, 'gretap0\x00'}) 21:00:48 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:48 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) close(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:48 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:00:48 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, 0x0, 0x0) 21:00:48 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:48 executing program 3: 21:00:48 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, 0x0, 0x0) 21:00:48 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:48 executing program 3: 21:00:51 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:51 executing program 3: 21:00:51 executing program 4: setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r0}, &(0x7f0000000140)=0x8) 21:00:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, 0x0, 0x0) 21:00:51 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:00:51 executing program 3: 21:00:51 executing program 4: setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r0}, &(0x7f0000000140)=0x8) 21:00:51 executing program 2: 21:00:51 executing program 2: 21:00:51 executing program 3: 21:00:51 executing program 4: setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r0}, &(0x7f0000000140)=0x8) 21:00:54 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:54 executing program 2: 21:00:54 executing program 3: 21:00:54 executing program 4: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:54 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:00:54 executing program 2: 21:00:54 executing program 3: 21:00:54 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:54 executing program 4: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:54 executing program 2: 21:00:54 executing program 3: 21:00:54 executing program 2: 21:00:54 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:54 executing program 3: 21:00:54 executing program 2: 21:00:55 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:55 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) 21:00:55 executing program 3: 21:00:55 executing program 2: 21:00:55 executing program 4: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:55 executing program 2: 21:00:55 executing program 3: 21:00:55 executing program 3: 21:00:55 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:57 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:00:57 executing program 2: 21:00:57 executing program 3: 21:00:57 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:57 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) 21:00:57 executing program 3: 21:00:58 executing program 2: 21:00:58 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:00:58 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:00:58 executing program 2: 21:00:58 executing program 3: 21:01:00 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:00 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:00 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:00 executing program 2: 21:01:00 executing program 3: 21:01:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) 21:01:01 executing program 3: 21:01:01 executing program 2: 21:01:01 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:01 executing program 5: setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r0}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:01 executing program 3: 21:01:01 executing program 2: 21:01:01 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:01 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:01 executing program 2: 21:01:01 executing program 3: 21:01:01 executing program 5: setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r0}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:01 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:01 executing program 3: 21:01:01 executing program 2: r0 = socket$inet(0x2, 0x80001, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000200)={&(0x7f0000000000)=@in={0x2, 0x0, @initdev}, 0x10, 0x0, 0x0, &(0x7f0000000300)=[@sndinfo={0x20, 0x84, 0x2, {0x200, 0x0, 0x6, 0x401}}, @prinfo={0x18, 0x84, 0x5, {0x10, 0x8}}], 0x38, 0x40841}, 0x4080) 21:01:01 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:01 executing program 5: setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r0}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:01 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:01 executing program 3: 21:01:04 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:04 executing program 2: 21:01:04 executing program 5: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:04 executing program 3: 21:01:04 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:04 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:04 executing program 2: 21:01:04 executing program 3: 21:01:04 executing program 2: 21:01:04 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:04 executing program 3: 21:01:04 executing program 5: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:07 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:07 executing program 2: 21:01:07 executing program 3: 21:01:07 executing program 5: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:07 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:07 executing program 3: 21:01:07 executing program 2: 21:01:07 executing program 3: 21:01:07 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:07 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syslog(0xa, 0x0, 0x0) 21:01:07 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0x3d, &(0x7f00000000c0), 0x4) 21:01:10 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:10 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) dup2(r1, r0) mmap(&(0x7f00000be000/0x3000)=nil, 0x3000, 0x0, 0x100132, 0xffffffffffffffff, 0x0) 21:01:10 executing program 3: mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x1, 0x400800000000031, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000a1aff7)={@mcast1}, 0x35) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f00000001c0)={@initdev}, 0x14) 21:01:10 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:10 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:10 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0xd) read(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:10 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0xd) read(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:10 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:10 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:10 executing program 3 (fault-call:2 fault-nth:0): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:10 executing program 1: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0xd) read(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) [ 287.372514][ T8915] FAULT_INJECTION: forcing a failure. [ 287.372514][ T8915] name failslab, interval 1, probability 0, space 0, times 1 [ 287.396389][ T8915] CPU: 1 PID: 8915 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #35 [ 287.404297][ T8915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.414370][ T8915] Call Trace: [ 287.417808][ T8915] dump_stack+0x172/0x1f0 21:01:10 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) [ 287.422243][ T8915] should_fail.cold+0xa/0x15 [ 287.426850][ T8915] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 287.432708][ T8915] ? ___might_sleep+0x163/0x280 [ 287.437600][ T8915] __should_failslab+0x121/0x190 [ 287.442604][ T8915] should_failslab+0x9/0x14 [ 287.447162][ T8915] __kmalloc+0x2dc/0x740 [ 287.451450][ T8915] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 287.457733][ T8915] ? _kstrtoull+0x14c/0x200 [ 287.462247][ T8915] ? _parse_integer+0x190/0x190 [ 287.467182][ T8915] ? rw_copy_check_uvector+0x28c/0x330 [ 287.472660][ T8915] rw_copy_check_uvector+0x28c/0x330 [ 287.478013][ T8915] import_iovec+0xbf/0x200 [ 287.482455][ T8915] ? dup_iter+0x260/0x260 [ 287.486805][ T8915] ? __fget+0x35a/0x550 [ 287.490980][ T8915] vfs_writev+0xcb/0x2f0 [ 287.495224][ T8915] ? vfs_iter_write+0xb0/0xb0 [ 287.499910][ T8915] ? kasan_check_read+0x11/0x20 [ 287.504770][ T8915] ? __fget+0x381/0x550 [ 287.508935][ T8915] ? ksys_dup3+0x3e0/0x3e0 [ 287.513384][ T8915] ? wait_for_completion+0x440/0x440 [ 287.518686][ T8915] ? __fget_light+0x1a9/0x230 [ 287.523378][ T8915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 287.529617][ T8915] do_writev+0xf6/0x290 [ 287.533759][ T8915] ? vfs_writev+0x2f0/0x2f0 [ 287.538297][ T8915] ? do_syscall_64+0x26/0x610 [ 287.543001][ T8915] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.549057][ T8915] ? do_syscall_64+0x26/0x610 [ 287.553731][ T8915] __x64_sys_writev+0x75/0xb0 [ 287.558392][ T8915] do_syscall_64+0x103/0x610 [ 287.562979][ T8915] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.568848][ T8915] RIP: 0033:0x458209 [ 287.572720][ T8915] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.592304][ T8915] RSP: 002b:00007fd9ce59ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 287.606815][ T8915] RAX: ffffffffffffffda RBX: 00007fd9ce59ac90 RCX: 0000000000458209 [ 287.614782][ T8915] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 287.622736][ T8915] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 287.630688][ T8915] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9ce59b6d4 [ 287.639231][ T8915] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:13 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:13 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:13 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:13 executing program 3 (fault-call:2 fault-nth:1): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:13 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) [ 290.259926][ T8937] FAULT_INJECTION: forcing a failure. [ 290.259926][ T8937] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 290.273175][ T8937] CPU: 0 PID: 8937 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #35 [ 290.281066][ T8937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.291125][ T8937] Call Trace: [ 290.294429][ T8937] dump_stack+0x172/0x1f0 [ 290.298787][ T8937] should_fail.cold+0xa/0x15 [ 290.303408][ T8937] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 290.309315][ T8937] ? __lock_acquire+0x548/0x3fb0 [ 290.314300][ T8937] ? is_bpf_text_address+0xac/0x170 [ 290.319558][ T8937] should_fail_alloc_page+0x50/0x60 [ 290.324779][ T8937] __alloc_pages_nodemask+0x1a1/0x7e0 [ 290.330181][ T8937] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 290.330196][ T8937] ? find_held_lock+0x35/0x130 [ 290.330218][ T8937] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 290.330238][ T8937] cache_grow_begin+0x9c/0x860 [ 290.330256][ T8937] ? rw_copy_check_uvector+0x28c/0x330 [ 290.330272][ T8937] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.330288][ T8937] __kmalloc+0x67f/0x740 [ 290.330301][ T8937] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 290.330314][ T8937] ? _kstrtoull+0x14c/0x200 [ 290.330333][ T8937] ? rw_copy_check_uvector+0x28c/0x330 [ 290.330353][ T8937] rw_copy_check_uvector+0x28c/0x330 [ 290.330378][ T8937] import_iovec+0xbf/0x200 [ 290.330403][ T8937] ? dup_iter+0x260/0x260 [ 290.330416][ T8937] ? __fget+0x35a/0x550 [ 290.330435][ T8937] vfs_writev+0xcb/0x2f0 [ 290.330448][ T8937] ? vfs_iter_write+0xb0/0xb0 [ 290.330460][ T8937] ? kasan_check_read+0x11/0x20 [ 290.330474][ T8937] ? __fget+0x381/0x550 [ 290.330490][ T8937] ? ksys_dup3+0x3e0/0x3e0 [ 290.330510][ T8937] ? wait_for_completion+0x440/0x440 [ 290.341146][ T8937] ? __fget_light+0x1a9/0x230 [ 290.341165][ T8937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.341183][ T8937] do_writev+0xf6/0x290 [ 290.341201][ T8937] ? vfs_writev+0x2f0/0x2f0 [ 290.341218][ T8937] ? do_syscall_64+0x26/0x610 [ 290.341232][ T8937] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 21:01:13 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:13 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:13 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) [ 290.341247][ T8937] ? do_syscall_64+0x26/0x610 [ 290.341277][ T8937] __x64_sys_writev+0x75/0xb0 [ 290.469245][ T8937] do_syscall_64+0x103/0x610 [ 290.473847][ T8937] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.479766][ T8937] RIP: 0033:0x458209 [ 290.483660][ T8937] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 21:01:13 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) [ 290.503261][ T8937] RSP: 002b:00007fd9ce59ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 290.503277][ T8937] RAX: ffffffffffffffda RBX: 00007fd9ce59ac90 RCX: 0000000000458209 [ 290.503286][ T8937] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 290.503295][ T8937] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 290.503304][ T8937] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9ce59b6d4 [ 290.503313][ T8937] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:13 executing program 3 (fault-call:2 fault-nth:2): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) [ 290.644130][ T8960] FAULT_INJECTION: forcing a failure. [ 290.644130][ T8960] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 290.674878][ T8960] CPU: 0 PID: 8960 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #35 [ 290.682807][ T8960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.692869][ T8960] Call Trace: [ 290.696177][ T8960] dump_stack+0x172/0x1f0 [ 290.700534][ T8960] should_fail.cold+0xa/0x15 [ 290.705135][ T8960] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 290.710952][ T8960] ? ___might_sleep+0x163/0x280 [ 290.715821][ T8960] should_fail_alloc_page+0x50/0x60 [ 290.721030][ T8960] __alloc_pages_nodemask+0x1a1/0x7e0 [ 290.726504][ T8960] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 290.732228][ T8960] ? is_dynamic_key+0x1c0/0x1c0 [ 290.737075][ T8960] ? __lock_acquire+0x548/0x3fb0 [ 290.741996][ T8960] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 290.748217][ T8960] alloc_pages_current+0x107/0x210 [ 290.753375][ T8960] pte_alloc_one+0x1b/0x1a0 [ 290.757865][ T8960] do_huge_pmd_anonymous_page+0x9f6/0x1730 [ 290.763826][ T8960] ? ima_match_policy+0x9ef/0x13c0 [ 290.768933][ T8960] ? __lock_acquire+0x521/0x3fb0 [ 290.773900][ T8960] ? __thp_get_unmapped_area+0x190/0x190 [ 290.779555][ T8960] ? pmd_val+0x100/0x100 [ 290.783844][ T8960] ? __lock_acquire+0x548/0x3fb0 [ 290.788777][ T8960] __handle_mm_fault+0x2d5e/0x3ec0 [ 290.793879][ T8960] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 290.799452][ T8960] ? find_held_lock+0x35/0x130 [ 290.804201][ T8960] ? handle_mm_fault+0x322/0xb30 [ 290.809131][ T8960] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.815402][ T8960] ? kasan_check_read+0x11/0x20 [ 290.820254][ T8960] handle_mm_fault+0x43f/0xb30 [ 290.825010][ T8960] __do_page_fault+0x5ef/0xda0 [ 290.829821][ T8960] do_page_fault+0x71/0x581 [ 290.834311][ T8960] page_fault+0x1e/0x30 [ 290.838462][ T8960] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 290.844772][ T8960] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 290.864589][ T8960] RSP: 0018:ffff88804e99f978 EFLAGS: 00010203 [ 290.870765][ T8960] RAX: 0000000000000004 RBX: ffff88809ead3500 RCX: 0000000000000004 [ 290.878739][ T8960] RDX: 0000000000000004 RSI: 0000000020ffd000 RDI: ffff88804e99f9e8 [ 290.886710][ T8960] RBP: ffff88804e99fbc0 R08: 1ffff11009d33f3d R09: ffffed1009d33f42 [ 290.894673][ T8960] R10: ffffed1009d33f41 R11: 0000000000000003 R12: 0000000020ffd000 [ 290.902623][ T8960] R13: ffff88809028b340 R14: ffff88804e99f9e8 R15: 000000000000080f [ 290.910655][ T8960] ? sg_write.part.0+0x312/0xeb0 [ 290.915582][ T8960] ? sg_ioctl+0x2a10/0x2a10 [ 290.920129][ T8960] ? find_held_lock+0x35/0x130 [ 290.924877][ T8960] ? __might_fault+0x12b/0x1e0 [ 290.929629][ T8960] ? lock_downgrade+0x880/0x880 [ 290.934467][ T8960] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.940785][ T8960] ? _copy_from_user+0xdd/0x150 [ 290.945620][ T8960] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 290.951318][ T8960] ? rw_copy_check_uvector+0x2a6/0x330 [ 290.956752][ T8960] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.963036][ T8960] ? security_file_permission+0x94/0x380 [ 290.968655][ T8960] sg_write+0x6e/0x93 [ 290.972688][ T8960] do_iter_write+0x4a5/0x610 [ 290.977270][ T8960] ? dup_iter+0x260/0x260 [ 290.981641][ T8960] vfs_writev+0x1b3/0x2f0 [ 290.985981][ T8960] ? vfs_iter_write+0xb0/0xb0 [ 290.990643][ T8960] ? kasan_check_read+0x11/0x20 [ 290.995595][ T8960] ? ksys_dup3+0x3e0/0x3e0 [ 290.999996][ T8960] ? wait_for_completion+0x440/0x440 [ 291.005265][ T8960] ? __fget_light+0x1a9/0x230 [ 291.010018][ T8960] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.016245][ T8960] do_writev+0xf6/0x290 [ 291.020390][ T8960] ? vfs_writev+0x2f0/0x2f0 [ 291.024874][ T8960] ? do_syscall_64+0x26/0x610 [ 291.029534][ T8960] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.035600][ T8960] ? do_syscall_64+0x26/0x610 [ 291.040335][ T8960] __x64_sys_writev+0x75/0xb0 21:01:14 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:14 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:14 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) writev(r0, &(0x7f0000000040), 0x146) 21:01:14 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:14 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) [ 291.045037][ T8960] do_syscall_64+0x103/0x610 [ 291.049618][ T8960] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.055551][ T8960] RIP: 0033:0x458209 [ 291.059486][ T8960] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.079088][ T8960] RSP: 002b:00007fd9ce59ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 291.079098][ T8960] RAX: ffffffffffffffda RBX: 00007fd9ce59ac90 RCX: 0000000000458209 21:01:14 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:14 executing program 3 (fault-call:2 fault-nth:3): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:14 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:14 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) writev(r0, &(0x7f0000000040), 0x146) [ 291.079103][ T8960] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 291.079107][ T8960] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 291.079112][ T8960] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9ce59b6d4 [ 291.079117][ T8960] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 [ 291.131121][ T8971] FAULT_INJECTION: forcing a failure. [ 291.131121][ T8971] name failslab, interval 1, probability 0, space 0, times 0 21:01:14 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:14 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 291.191842][ T8971] CPU: 0 PID: 8971 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #35 [ 291.199843][ T8971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.209975][ T8971] Call Trace: [ 291.209995][ T8971] dump_stack+0x172/0x1f0 [ 291.210008][ T8971] should_fail.cold+0xa/0x15 [ 291.210018][ T8971] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 291.210029][ T8971] ? ___might_sleep+0x163/0x280 [ 291.210040][ T8971] __should_failslab+0x121/0x190 [ 291.210051][ T8971] should_failslab+0x9/0x14 [ 291.210060][ T8971] kmem_cache_alloc+0x2b2/0x6f0 [ 291.210069][ T8971] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 291.210091][ T8971] ptlock_alloc+0x20/0x70 [ 291.247290][ T8971] pte_alloc_one+0x6d/0x1a0 [ 291.262450][ T8971] do_huge_pmd_anonymous_page+0x9f6/0x1730 [ 291.268240][ T8971] ? ima_match_policy+0x9ef/0x13c0 [ 291.268253][ T8971] ? __lock_acquire+0x521/0x3fb0 [ 291.268262][ T8971] ? __thp_get_unmapped_area+0x190/0x190 [ 291.268277][ T8971] ? pmd_val+0x100/0x100 21:01:14 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:14 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:14 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:14 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 291.288202][ T8971] ? __lock_acquire+0x548/0x3fb0 [ 291.293132][ T8971] __handle_mm_fault+0x2d5e/0x3ec0 [ 291.298229][ T8971] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 291.303917][ T8971] ? find_held_lock+0x35/0x130 [ 291.303928][ T8971] ? handle_mm_fault+0x322/0xb30 [ 291.303942][ T8971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.303958][ T8971] ? kasan_check_read+0x11/0x20 [ 291.324893][ T8971] handle_mm_fault+0x43f/0xb30 [ 291.329646][ T8971] __do_page_fault+0x5ef/0xda0 [ 291.334393][ T8971] do_page_fault+0x71/0x581 [ 291.334405][ T8971] page_fault+0x1e/0x30 [ 291.334415][ T8971] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 291.334431][ T8971] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 291.369200][ T8971] RSP: 0018:ffff88804eac7978 EFLAGS: 00010203 [ 291.375250][ T8971] RAX: 0000000000000004 RBX: ffff88809ead3500 RCX: 0000000000000004 [ 291.383209][ T8971] RDX: 0000000000000004 RSI: 0000000020ffd000 RDI: ffff88804eac79e8 [ 291.391182][ T8971] RBP: ffff88804eac7bc0 R08: 1ffff11009d58f3d R09: ffffed1009d58f42 [ 291.399370][ T8971] R10: ffffed1009d58f41 R11: 0000000000000003 R12: 0000000020ffd000 [ 291.407337][ T8971] R13: ffff88808659ea40 R14: ffff88804eac79e8 R15: 000000000000080f [ 291.415321][ T8971] ? sg_write.part.0+0x312/0xeb0 [ 291.420244][ T8971] ? sg_ioctl+0x2a10/0x2a10 [ 291.424727][ T8971] ? find_held_lock+0x35/0x130 [ 291.429494][ T8971] ? __might_fault+0x12b/0x1e0 [ 291.434370][ T8971] ? lock_downgrade+0x880/0x880 [ 291.439241][ T8971] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.445499][ T8971] ? _copy_from_user+0xdd/0x150 [ 291.450361][ T8971] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 291.456073][ T8971] ? rw_copy_check_uvector+0x2a6/0x330 [ 291.461533][ T8971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.467770][ T8971] ? security_file_permission+0x94/0x380 [ 291.473464][ T8971] sg_write+0x6e/0x93 [ 291.477438][ T8971] do_iter_write+0x4a5/0x610 [ 291.482013][ T8971] ? dup_iter+0x260/0x260 [ 291.486354][ T8971] vfs_writev+0x1b3/0x2f0 [ 291.490680][ T8971] ? vfs_iter_write+0xb0/0xb0 [ 291.495526][ T8971] ? kasan_check_read+0x11/0x20 [ 291.500371][ T8971] ? ksys_dup3+0x3e0/0x3e0 [ 291.504787][ T8971] ? wait_for_completion+0x440/0x440 [ 291.510202][ T8971] ? __fget_light+0x1a9/0x230 [ 291.514876][ T8971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.521103][ T8971] do_writev+0xf6/0x290 [ 291.525258][ T8971] ? vfs_writev+0x2f0/0x2f0 [ 291.529758][ T8971] ? do_syscall_64+0x26/0x610 [ 291.534428][ T8971] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.540474][ T8971] ? do_syscall_64+0x26/0x610 [ 291.545200][ T8971] __x64_sys_writev+0x75/0xb0 [ 291.549882][ T8971] do_syscall_64+0x103/0x610 [ 291.554477][ T8971] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.560432][ T8971] RIP: 0033:0x458209 [ 291.564315][ T8971] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.583901][ T8971] RSP: 002b:00007fd9ce59ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 291.592295][ T8971] RAX: ffffffffffffffda RBX: 00007fd9ce59ac90 RCX: 0000000000458209 [ 291.600265][ T8971] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 291.615345][ T8971] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 291.623302][ T8971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9ce59b6d4 [ 291.631273][ T8971] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:15 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:15 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:01:15 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 21:01:15 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) writev(r0, &(0x7f0000000040), 0x146) 21:01:15 executing program 3 (fault-call:2 fault-nth:4): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:15 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 292.036494][ T9021] FAULT_INJECTION: forcing a failure. [ 292.036494][ T9021] name failslab, interval 1, probability 0, space 0, times 0 21:01:15 executing program 2: ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) [ 292.078682][ T9021] CPU: 1 PID: 9021 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #35 [ 292.086624][ T9021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.096678][ T9021] Call Trace: [ 292.100073][ T9021] dump_stack+0x172/0x1f0 [ 292.100102][ T9021] should_fail.cold+0xa/0x15 [ 292.100129][ T9021] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 292.100151][ T9021] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 292.100171][ T9021] ? __sbitmap_get_word+0xee/0x100 21:01:15 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) [ 292.100208][ T9021] __should_failslab+0x121/0x190 [ 292.131175][ T9021] should_failslab+0x9/0x14 [ 292.135689][ T9021] __kmalloc+0x71/0x740 [ 292.139865][ T9021] ? __lock_acquire+0x548/0x3fb0 [ 292.144867][ T9021] ? bio_copy_user_iov+0xfc/0xf20 [ 292.149906][ T9021] bio_copy_user_iov+0xfc/0xf20 [ 292.154759][ T9021] ? mark_held_locks+0xf0/0xf0 [ 292.159551][ T9021] ? __debug_object_init+0x190/0xc30 [ 292.164909][ T9021] blk_rq_map_user_iov+0x239/0x6f0 [ 292.170128][ T9021] ? blk_rq_append_bio+0x350/0x350 [ 292.175240][ T9021] ? find_held_lock+0x35/0x130 [ 292.179992][ T9021] ? sg_common_write.isra.0+0xab7/0x22c0 [ 292.180007][ T9021] ? import_single_range+0x12b/0x170 [ 292.180018][ T9021] blk_rq_map_user+0x11a/0x190 [ 292.180029][ T9021] ? blk_rq_map_user_iov+0x6f0/0x6f0 [ 292.180040][ T9021] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 292.180054][ T9021] ? debug_object_init+0x16/0x20 [ 292.200943][ T9021] sg_common_write.isra.0+0x11d5/0x22c0 [ 292.200960][ T9021] ? sg_write.part.0+0x434/0xeb0 [ 292.200985][ T9021] ? sg_open+0x1820/0x1820 21:01:15 executing program 0: r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 292.201003][ T9021] ? __might_fault+0x12b/0x1e0 [ 292.201026][ T9021] ? lock_downgrade+0x880/0x880 [ 292.201048][ T9021] ? check_stack_object+0x114/0x160 [ 292.241210][ T9021] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 292.247131][ T9021] ? __check_object_size+0x3d/0x42f [ 292.252343][ T9021] sg_write.part.0+0x855/0xeb0 [ 292.257123][ T9021] ? sg_ioctl+0x2a10/0x2a10 [ 292.261637][ T9021] ? lockdep_hardirqs_on+0x418/0x5d0 [ 292.266946][ T9021] ? retint_kernel+0x2d/0x2d [ 292.271564][ T9021] ? rw_copy_check_uvector+0x222/0x330 21:01:15 executing program 2: ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) [ 292.277033][ T9021] ? rw_copy_check_uvector+0x230/0x330 [ 292.282497][ T9021] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 292.288059][ T9021] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 292.293790][ T9021] ? rw_copy_check_uvector+0x2a6/0x330 [ 292.299289][ T9021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.305562][ T9021] ? security_file_permission+0x94/0x380 [ 292.311211][ T9021] sg_write+0x6e/0x93 [ 292.315215][ T9021] do_iter_write+0x4a5/0x610 [ 292.319814][ T9021] ? dup_iter+0x260/0x260 [ 292.324163][ T9021] vfs_writev+0x1b3/0x2f0 [ 292.328508][ T9021] ? vfs_iter_write+0xb0/0xb0 [ 292.333208][ T9021] ? kasan_check_read+0x11/0x20 [ 292.338085][ T9021] ? ksys_dup3+0x3e0/0x3e0 [ 292.342539][ T9021] ? wait_for_completion+0x440/0x440 [ 292.348499][ T9021] ? __fget_light+0x1a9/0x230 [ 292.353201][ T9021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.359475][ T9021] do_writev+0xf6/0x290 [ 292.363652][ T9021] ? vfs_writev+0x2f0/0x2f0 [ 292.368163][ T9021] ? do_syscall_64+0x26/0x610 [ 292.372852][ T9021] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.378932][ T9021] ? do_syscall_64+0x26/0x610 [ 292.383621][ T9021] __x64_sys_writev+0x75/0xb0 [ 292.388309][ T9021] do_syscall_64+0x103/0x610 [ 292.392910][ T9021] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.398803][ T9021] RIP: 0033:0x458209 [ 292.402705][ T9021] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 21:01:15 executing program 2: ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:01:15 executing program 3 (fault-call:2 fault-nth:5): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) [ 292.422314][ T9021] RSP: 002b:00007fd9ce59ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 292.430727][ T9021] RAX: ffffffffffffffda RBX: 00007fd9ce59ac90 RCX: 0000000000458209 [ 292.438707][ T9021] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 292.446678][ T9021] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 292.446687][ T9021] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9ce59b6d4 [ 292.446697][ T9021] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 [ 292.543938][ T9050] FAULT_INJECTION: forcing a failure. [ 292.543938][ T9050] name failslab, interval 1, probability 0, space 0, times 0 [ 292.576002][ T9050] CPU: 1 PID: 9050 Comm: syz-executor.3 Not tainted 5.1.0-rc1+ #35 [ 292.583946][ T9050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.594023][ T9050] Call Trace: [ 292.597363][ T9050] dump_stack+0x172/0x1f0 [ 292.601715][ T9050] should_fail.cold+0xa/0x15 [ 292.606330][ T9050] ? page_fault+0x1e/0x30 [ 292.610645][ T9050] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 292.616472][ T9050] ? do_syscall_64+0x103/0x610 [ 292.621226][ T9050] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.627291][ T9050] __should_failslab+0x121/0x190 [ 292.632214][ T9050] should_failslab+0x9/0x14 [ 292.636701][ T9050] __kmalloc+0x71/0x740 [ 292.640852][ T9050] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 292.646688][ T9050] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 292.652944][ T9050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.659183][ T9050] ? bio_alloc_bioset+0x418/0x680 [ 292.664223][ T9050] bio_alloc_bioset+0x418/0x680 [ 292.669142][ T9050] ? rcu_read_lock_sched_held+0x110/0x130 [ 292.674901][ T9050] ? bvec_alloc+0x2f0/0x2f0 [ 292.679557][ T9050] bio_copy_user_iov+0x2c7/0xf20 [ 292.684504][ T9050] ? mark_held_locks+0xf0/0xf0 [ 292.689295][ T9050] ? __debug_object_init+0x190/0xc30 [ 292.694568][ T9050] blk_rq_map_user_iov+0x239/0x6f0 [ 292.699679][ T9050] ? blk_rq_append_bio+0x350/0x350 [ 292.704797][ T9050] ? find_held_lock+0x35/0x130 [ 292.709603][ T9050] ? sg_common_write.isra.0+0xab7/0x22c0 [ 292.715222][ T9050] ? import_single_range+0x12b/0x170 [ 292.720525][ T9050] blk_rq_map_user+0x11a/0x190 [ 292.725300][ T9050] ? blk_rq_map_user_iov+0x6f0/0x6f0 [ 292.730593][ T9050] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 292.736141][ T9050] ? debug_object_init+0x16/0x20 [ 292.741572][ T9050] sg_common_write.isra.0+0x11d5/0x22c0 [ 292.747112][ T9050] ? sg_write.part.0+0x434/0xeb0 [ 292.752066][ T9050] ? sg_open+0x1820/0x1820 [ 292.756464][ T9050] ? __might_fault+0x12b/0x1e0 [ 292.761234][ T9050] ? lock_downgrade+0x880/0x880 [ 292.766169][ T9050] ? check_stack_object+0x114/0x160 [ 292.771369][ T9050] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 292.777257][ T9050] ? __check_object_size+0x3d/0x42f [ 292.782467][ T9050] sg_write.part.0+0x855/0xeb0 [ 292.787227][ T9050] ? sg_ioctl+0x2a10/0x2a10 [ 292.791712][ T9050] ? find_held_lock+0x35/0x130 [ 292.796474][ T9050] ? lock_downgrade+0x880/0x880 [ 292.801357][ T9050] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 292.807602][ T9050] ? _copy_from_user+0xdd/0x150 [ 292.812458][ T9050] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 292.818186][ T9050] ? rw_copy_check_uvector+0x2a6/0x330 [ 292.823646][ T9050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.829893][ T9050] ? security_file_permission+0x94/0x380 [ 292.835550][ T9050] sg_write+0x6e/0x93 [ 292.839545][ T9050] do_iter_write+0x4a5/0x610 [ 292.839561][ T9050] ? dup_iter+0x260/0x260 [ 292.839585][ T9050] vfs_writev+0x1b3/0x2f0 [ 292.839602][ T9050] ? vfs_iter_write+0xb0/0xb0 [ 292.839618][ T9050] ? kasan_check_read+0x11/0x20 [ 292.839649][ T9050] ? ksys_dup3+0x3e0/0x3e0 [ 292.839674][ T9050] ? wait_for_completion+0x440/0x440 [ 292.872082][ T9050] ? __fget_light+0x1a9/0x230 [ 292.876768][ T9050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.883014][ T9050] do_writev+0xf6/0x290 [ 292.887185][ T9050] ? vfs_writev+0x2f0/0x2f0 [ 292.891695][ T9050] ? do_syscall_64+0x26/0x610 [ 292.896376][ T9050] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.902443][ T9050] ? do_syscall_64+0x26/0x610 [ 292.907125][ T9050] __x64_sys_writev+0x75/0xb0 [ 292.911810][ T9050] do_syscall_64+0x103/0x610 [ 292.916409][ T9050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.922302][ T9050] RIP: 0033:0x458209 [ 292.926280][ T9050] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 21:01:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:16 executing program 0: r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:16 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:16 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300), &(0x7f00000002c0)=0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) [ 292.945916][ T9050] RSP: 002b:00007fd9ce59ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 292.954335][ T9050] RAX: ffffffffffffffda RBX: 00007fd9ce59ac90 RCX: 0000000000458209 [ 292.962312][ T9050] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 292.970290][ T9050] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 292.978256][ T9050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd9ce59b6d4 [ 292.986218][ T9050] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:16 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:16 executing program 3 (fault-call:2 fault-nth:6): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:16 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:16 executing program 0: r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:16 executing program 2: r0 = syz_open_dev$sg(0x0, 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:16 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:16 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:16 executing program 0: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:16 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:16 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2) 21:01:16 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:17 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300), &(0x7f00000002c0)=0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:01:17 executing program 0: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3) 21:01:17 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f00000002c0)) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:17 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4) 21:01:17 executing program 0: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5) 21:01:17 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, 0x0) writev(r0, &(0x7f0000000040), 0x146) 21:01:17 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:17 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(0x0, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:17 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x6) 21:01:17 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300), &(0x7f00000002c0)=0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:01:17 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, 0x0) writev(r0, &(0x7f0000000040), 0x146) 21:01:17 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(0x0, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:18 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f00000002c0)) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:18 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x7) 21:01:18 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(0x0, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:18 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, 0x0) writev(r0, &(0x7f0000000040), 0x146) 21:01:18 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140), 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:18 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:18 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:18 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x8) 21:01:18 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140), 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:18 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:18 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:18 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x9) 21:01:19 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, 0x0, &(0x7f00000002c0)) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:19 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140), 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:19 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:19 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xa) 21:01:19 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:19 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xb) 21:01:19 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:19 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:19 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:01:19 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:19 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xc) 21:01:19 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:19 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300), &(0x7f00000002c0)=0x4) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:19 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:01:19 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:19 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xd) 21:01:19 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:19 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xe) 21:01:20 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:20 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(0xffffffffffffffff, &(0x7f0000000040), 0x146) 21:01:20 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xf) 21:01:20 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:20 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:20 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, 0x0, 0x0) 21:01:20 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300), &(0x7f00000002c0)=0x4) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:20 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x10) 21:01:20 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:20 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, 0x0, 0x0) 21:01:20 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, 0x0, 0x0) 21:01:20 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x11) 21:01:21 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:21 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:21 executing program 2 (fault-call:2 fault-nth:0): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) [ 298.045144][ T9321] FAULT_INJECTION: forcing a failure. [ 298.045144][ T9321] name failslab, interval 1, probability 0, space 0, times 0 [ 298.107949][ T9321] CPU: 1 PID: 9321 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #35 [ 298.115865][ T9321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.125921][ T9321] Call Trace: [ 298.129245][ T9321] dump_stack+0x172/0x1f0 [ 298.133593][ T9321] should_fail.cold+0xa/0x15 [ 298.138197][ T9321] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 298.144019][ T9321] ? ___might_sleep+0x163/0x280 [ 298.148885][ T9321] __should_failslab+0x121/0x190 [ 298.153838][ T9321] should_failslab+0x9/0x14 [ 298.158348][ T9321] __kmalloc+0x2dc/0x740 [ 298.162620][ T9321] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 298.168863][ T9321] ? _kstrtoull+0x14c/0x200 [ 298.173372][ T9321] ? _parse_integer+0x190/0x190 [ 298.178229][ T9321] ? rw_copy_check_uvector+0x28c/0x330 [ 298.183716][ T9321] rw_copy_check_uvector+0x28c/0x330 [ 298.189019][ T9321] import_iovec+0xbf/0x200 [ 298.193454][ T9321] ? dup_iter+0x260/0x260 [ 298.197790][ T9321] ? __fget+0x35a/0x550 [ 298.201961][ T9321] vfs_writev+0xcb/0x2f0 [ 298.206219][ T9321] ? vfs_iter_write+0xb0/0xb0 [ 298.210908][ T9321] ? kasan_check_read+0x11/0x20 [ 298.215773][ T9321] ? __fget+0x381/0x550 [ 298.219939][ T9321] ? ksys_dup3+0x3e0/0x3e0 [ 298.224374][ T9321] ? wait_for_completion+0x440/0x440 [ 298.229680][ T9321] ? __fget_light+0x1a9/0x230 [ 298.234380][ T9321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.240634][ T9321] do_writev+0xf6/0x290 [ 298.244801][ T9321] ? vfs_writev+0x2f0/0x2f0 [ 298.249351][ T9321] ? do_syscall_64+0x26/0x610 [ 298.254056][ T9321] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.260128][ T9321] ? do_syscall_64+0x26/0x610 [ 298.264819][ T9321] __x64_sys_writev+0x75/0xb0 [ 298.269506][ T9321] do_syscall_64+0x103/0x610 [ 298.274122][ T9321] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.280047][ T9321] RIP: 0033:0x458209 [ 298.283944][ T9321] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 21:01:21 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x12) 21:01:21 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 298.303554][ T9321] RSP: 002b:00007fd499900c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 298.311971][ T9321] RAX: ffffffffffffffda RBX: 00007fd499900c90 RCX: 0000000000458209 [ 298.319966][ T9321] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 298.327947][ T9321] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 298.335951][ T9321] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd4999016d4 [ 298.343941][ T9321] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:21 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300), &(0x7f00000002c0)=0x4) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x13) 21:01:21 executing program 2 (fault-call:2 fault-nth:1): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:21 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 298.535647][ T9348] FAULT_INJECTION: forcing a failure. [ 298.535647][ T9348] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 298.548883][ T9348] CPU: 1 PID: 9348 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #35 [ 298.556761][ T9348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.566818][ T9348] Call Trace: [ 298.570119][ T9348] dump_stack+0x172/0x1f0 [ 298.570153][ T9348] should_fail.cold+0xa/0x15 [ 298.579054][ T9348] ? fault_create_debugfs_attr+0x1e0/0x1e0 21:01:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x14) [ 298.579071][ T9348] ? __lock_acquire+0x548/0x3fb0 [ 298.579120][ T9348] ? is_bpf_text_address+0xac/0x170 [ 298.595056][ T9348] should_fail_alloc_page+0x50/0x60 [ 298.600267][ T9348] __alloc_pages_nodemask+0x1a1/0x7e0 [ 298.605653][ T9348] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 298.611388][ T9348] ? find_held_lock+0x35/0x130 [ 298.616169][ T9348] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 298.621987][ T9348] cache_grow_begin+0x9c/0x860 [ 298.626778][ T9348] ? rw_copy_check_uvector+0x28c/0x330 [ 298.632242][ T9348] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 298.632264][ T9348] __kmalloc+0x67f/0x740 [ 298.632278][ T9348] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 298.632299][ T9348] ? _kstrtoull+0x14c/0x200 [ 298.649420][ T9348] ? rw_copy_check_uvector+0x28c/0x330 [ 298.649443][ T9348] rw_copy_check_uvector+0x28c/0x330 [ 298.649470][ T9348] import_iovec+0xbf/0x200 [ 298.649487][ T9348] ? dup_iter+0x260/0x260 [ 298.649519][ T9348] ? __fget+0x35a/0x550 [ 298.677739][ T9348] vfs_writev+0xcb/0x2f0 21:01:21 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x15) [ 298.681995][ T9348] ? vfs_iter_write+0xb0/0xb0 [ 298.686685][ T9348] ? kasan_check_read+0x11/0x20 [ 298.691554][ T9348] ? __fget+0x381/0x550 [ 298.695730][ T9348] ? ksys_dup3+0x3e0/0x3e0 [ 298.700160][ T9348] ? wait_for_completion+0x440/0x440 [ 298.705458][ T9348] ? __fget_light+0x1a9/0x230 [ 298.710146][ T9348] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.716405][ T9348] do_writev+0xf6/0x290 [ 298.720603][ T9348] ? vfs_writev+0x2f0/0x2f0 [ 298.725126][ T9348] ? do_syscall_64+0x26/0x610 [ 298.729804][ T9348] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.735872][ T9348] ? do_syscall_64+0x26/0x610 [ 298.740557][ T9348] __x64_sys_writev+0x75/0xb0 [ 298.745322][ T9348] do_syscall_64+0x103/0x610 [ 298.749894][ T9348] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.755776][ T9348] RIP: 0033:0x458209 [ 298.759678][ T9348] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.779277][ T9348] RSP: 002b:00007fd499900c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 298.787665][ T9348] RAX: ffffffffffffffda RBX: 00007fd499900c90 RCX: 0000000000458209 [ 298.795621][ T9348] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 298.803584][ T9348] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 298.811540][ T9348] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd4999016d4 [ 298.819497][ T9348] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:22 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x16) 21:01:22 executing program 2 (fault-call:2 fault-nth:2): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) [ 298.915236][ T9368] FAULT_INJECTION: forcing a failure. [ 298.915236][ T9368] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 298.948879][ T9368] CPU: 1 PID: 9368 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #35 [ 298.956800][ T9368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.966859][ T9368] Call Trace: [ 298.970170][ T9368] dump_stack+0x172/0x1f0 [ 298.974529][ T9368] should_fail.cold+0xa/0x15 [ 298.979165][ T9368] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 298.984985][ T9368] ? ___might_sleep+0x163/0x280 [ 298.989855][ T9368] should_fail_alloc_page+0x50/0x60 [ 298.995067][ T9368] __alloc_pages_nodemask+0x1a1/0x7e0 [ 299.000456][ T9368] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 299.006184][ T9368] ? is_dynamic_key+0x1c0/0x1c0 [ 299.011054][ T9368] ? __lock_acquire+0x548/0x3fb0 [ 299.016005][ T9368] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 299.022262][ T9368] alloc_pages_current+0x107/0x210 [ 299.027415][ T9368] pte_alloc_one+0x1b/0x1a0 [ 299.031929][ T9368] do_huge_pmd_anonymous_page+0x9f6/0x1730 [ 299.037744][ T9368] ? ima_match_policy+0x9ef/0x13c0 [ 299.042868][ T9368] ? __lock_acquire+0x521/0x3fb0 [ 299.047817][ T9368] ? __thp_get_unmapped_area+0x190/0x190 [ 299.053456][ T9368] ? pmd_val+0x100/0x100 [ 299.057724][ T9368] ? __lock_acquire+0x548/0x3fb0 [ 299.062675][ T9368] __handle_mm_fault+0x2d5e/0x3ec0 [ 299.067800][ T9368] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 299.073350][ T9368] ? find_held_lock+0x35/0x130 [ 299.078130][ T9368] ? handle_mm_fault+0x322/0xb30 [ 299.083089][ T9368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.089339][ T9368] ? kasan_check_read+0x11/0x20 [ 299.094203][ T9368] handle_mm_fault+0x43f/0xb30 [ 299.098992][ T9368] __do_page_fault+0x5ef/0xda0 [ 299.103781][ T9368] do_page_fault+0x71/0x581 [ 299.108301][ T9368] page_fault+0x1e/0x30 [ 299.112463][ T9368] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 299.118797][ T9368] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 [ 299.138406][ T9368] RSP: 0018:ffff88805764f978 EFLAGS: 00010203 [ 299.144478][ T9368] RAX: 0000000000000004 RBX: ffff88809ead3500 RCX: 0000000000000004 [ 299.152462][ T9368] RDX: 0000000000000004 RSI: 0000000020ffd000 RDI: ffff88805764f9e8 [ 299.160437][ T9368] RBP: ffff88805764fbc0 R08: 1ffff1100aec9f3d R09: ffffed100aec9f42 [ 299.168413][ T9368] R10: ffffed100aec9f41 R11: 0000000000000003 R12: 0000000020ffd000 [ 299.176387][ T9368] R13: ffff88808943f800 R14: ffff88805764f9e8 R15: 000000000000080f [ 299.184389][ T9368] ? sg_write.part.0+0x312/0xeb0 [ 299.189339][ T9368] ? sg_ioctl+0x2a10/0x2a10 [ 299.193885][ T9368] ? find_held_lock+0x35/0x130 [ 299.198661][ T9368] ? __might_fault+0x12b/0x1e0 [ 299.203445][ T9368] ? lock_downgrade+0x880/0x880 [ 299.208317][ T9368] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 299.214589][ T9368] ? _copy_from_user+0xdd/0x150 [ 299.219450][ T9368] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 299.225177][ T9368] ? rw_copy_check_uvector+0x2a6/0x330 [ 299.230655][ T9368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.236925][ T9368] ? security_file_permission+0x94/0x380 [ 299.242569][ T9368] sg_write+0x6e/0x93 [ 299.246581][ T9368] do_iter_write+0x4a5/0x610 [ 299.251189][ T9368] ? dup_iter+0x260/0x260 [ 299.255545][ T9368] vfs_writev+0x1b3/0x2f0 [ 299.259887][ T9368] ? vfs_iter_write+0xb0/0xb0 [ 299.264572][ T9368] ? kasan_check_read+0x11/0x20 [ 299.269461][ T9368] ? ksys_dup3+0x3e0/0x3e0 [ 299.273891][ T9368] ? wait_for_completion+0x440/0x440 [ 299.279211][ T9368] ? __fget_light+0x1a9/0x230 [ 299.283902][ T9368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.290150][ T9368] do_writev+0xf6/0x290 [ 299.294318][ T9368] ? vfs_writev+0x2f0/0x2f0 [ 299.298831][ T9368] ? do_syscall_64+0x26/0x610 [ 299.303527][ T9368] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 299.309599][ T9368] ? do_syscall_64+0x26/0x610 [ 299.314287][ T9368] __x64_sys_writev+0x75/0xb0 [ 299.318975][ T9368] do_syscall_64+0x103/0x610 [ 299.318996][ T9368] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 299.319015][ T9368] RIP: 0033:0x458209 [ 299.329476][ T9368] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 299.329485][ T9368] RSP: 002b:00007fd499900c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 21:01:22 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:22 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, 0x0) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:22 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x17) [ 299.329499][ T9368] RAX: ffffffffffffffda RBX: 00007fd499900c90 RCX: 0000000000458209 [ 299.329519][ T9368] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 299.329536][ T9368] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 299.385409][ T9368] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd4999016d4 [ 299.393388][ T9368] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:22 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:22 executing program 2 (fault-call:2 fault-nth:3): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) [ 299.512501][ T9384] FAULT_INJECTION: forcing a failure. [ 299.512501][ T9384] name failslab, interval 1, probability 0, space 0, times 0 [ 299.526709][ T9384] CPU: 1 PID: 9384 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #35 [ 299.534616][ T9384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.544681][ T9384] Call Trace: [ 299.547992][ T9384] dump_stack+0x172/0x1f0 [ 299.552339][ T9384] should_fail.cold+0xa/0x15 [ 299.556941][ T9384] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 299.562760][ T9384] ? ___might_sleep+0x163/0x280 [ 299.567621][ T9384] __should_failslab+0x121/0x190 [ 299.572569][ T9384] should_failslab+0x9/0x14 [ 299.577086][ T9384] kmem_cache_alloc+0x2b2/0x6f0 [ 299.581952][ T9384] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 299.588228][ T9384] ptlock_alloc+0x20/0x70 [ 299.592566][ T9384] pte_alloc_one+0x6d/0x1a0 [ 299.597080][ T9384] do_huge_pmd_anonymous_page+0x9f6/0x1730 [ 299.602895][ T9384] ? ima_match_policy+0x9ef/0x13c0 [ 299.608018][ T9384] ? __lock_acquire+0x521/0x3fb0 [ 299.612981][ T9384] ? __thp_get_unmapped_area+0x190/0x190 [ 299.623002][ T9384] ? pmd_val+0x100/0x100 [ 299.627696][ T9384] ? __lock_acquire+0x548/0x3fb0 [ 299.632652][ T9384] __handle_mm_fault+0x2d5e/0x3ec0 [ 299.638404][ T9384] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 299.643958][ T9384] ? find_held_lock+0x35/0x130 [ 299.648731][ T9384] ? handle_mm_fault+0x322/0xb30 [ 299.653784][ T9384] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.660056][ T9384] ? kasan_check_read+0x11/0x20 [ 299.664925][ T9384] handle_mm_fault+0x43f/0xb30 [ 299.669708][ T9384] __do_page_fault+0x5ef/0xda0 [ 299.674489][ T9384] do_page_fault+0x71/0x581 [ 299.679011][ T9384] page_fault+0x1e/0x30 [ 299.683203][ T9384] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 299.689537][ T9384] Code: 4c 8b 5e 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 <4c> 8b 06 4c 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 21:01:22 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x18) 21:01:22 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) [ 299.689546][ T9384] RSP: 0018:ffff888057d3f978 EFLAGS: 00010203 [ 299.689558][ T9384] RAX: 0000000000000004 RBX: ffff88809ead3500 RCX: 0000000000000004 [ 299.689566][ T9384] RDX: 0000000000000004 RSI: 0000000020ffd000 RDI: ffff888057d3f9e8 [ 299.689583][ T9384] RBP: ffff888057d3fbc0 R08: 1ffff1100afa7f3d R09: ffffed100afa7f42 [ 299.715272][ T9384] R10: ffffed100afa7f41 R11: 0000000000000003 R12: 0000000020ffd000 [ 299.715282][ T9384] R13: ffff888080720000 R14: ffff888057d3f9e8 R15: 000000000000080f [ 299.715321][ T9384] ? sg_write.part.0+0x312/0xeb0 [ 299.715341][ T9384] ? sg_ioctl+0x2a10/0x2a10 [ 299.715362][ T9384] ? find_held_lock+0x35/0x130 [ 299.761065][ T9384] ? __might_fault+0x12b/0x1e0 [ 299.761092][ T9384] ? lock_downgrade+0x880/0x880 [ 299.761127][ T9384] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 299.770381][ T9384] ? _copy_from_user+0xdd/0x150 [ 299.770401][ T9384] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 299.770419][ T9384] ? rw_copy_check_uvector+0x2a6/0x330 [ 299.770435][ T9384] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.770453][ T9384] ? security_file_permission+0x94/0x380 [ 299.770479][ T9384] sg_write+0x6e/0x93 [ 299.818099][ T9384] do_iter_write+0x4a5/0x610 [ 299.822697][ T9384] ? dup_iter+0x260/0x260 [ 299.827058][ T9384] vfs_writev+0x1b3/0x2f0 [ 299.831410][ T9384] ? vfs_iter_write+0xb0/0xb0 [ 299.836106][ T9384] ? kasan_check_read+0x11/0x20 [ 299.840975][ T9384] ? ksys_dup3+0x3e0/0x3e0 [ 299.845403][ T9384] ? wait_for_completion+0x440/0x440 [ 299.850723][ T9384] ? __fget_light+0x1a9/0x230 [ 299.855412][ T9384] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.861660][ T9384] do_writev+0xf6/0x290 [ 299.866172][ T9384] ? vfs_writev+0x2f0/0x2f0 [ 299.870709][ T9384] ? do_syscall_64+0x26/0x610 [ 299.875392][ T9384] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 299.881465][ T9384] ? do_syscall_64+0x26/0x610 [ 299.886157][ T9384] __x64_sys_writev+0x75/0xb0 [ 299.890846][ T9384] do_syscall_64+0x103/0x610 [ 299.895462][ T9384] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 299.901356][ T9384] RIP: 0033:0x458209 [ 299.905281][ T9384] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 299.925124][ T9384] RSP: 002b:00007fd499900c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 299.933548][ T9384] RAX: ffffffffffffffda RBX: 00007fd499900c90 RCX: 0000000000458209 [ 299.941530][ T9384] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 299.949526][ T9384] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 299.957503][ T9384] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd4999016d4 [ 299.965573][ T9384] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:23 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x19) 21:01:23 executing program 2 (fault-call:2 fault-nth:4): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:23 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1a) [ 300.128997][ T9404] FAULT_INJECTION: forcing a failure. [ 300.128997][ T9404] name failslab, interval 1, probability 0, space 0, times 0 [ 300.162364][ T9404] CPU: 0 PID: 9404 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #35 [ 300.170277][ T9404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.180342][ T9404] Call Trace: [ 300.183655][ T9404] dump_stack+0x172/0x1f0 [ 300.188005][ T9404] should_fail.cold+0xa/0x15 [ 300.192610][ T9404] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 300.198441][ T9404] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 300.204698][ T9404] ? __sbitmap_get_word+0xee/0x100 [ 300.209822][ T9404] __should_failslab+0x121/0x190 [ 300.214768][ T9404] should_failslab+0x9/0x14 [ 300.219277][ T9404] __kmalloc+0x71/0x740 [ 300.223452][ T9404] ? __lock_acquire+0x548/0x3fb0 [ 300.228395][ T9404] ? bio_copy_user_iov+0xfc/0xf20 [ 300.233440][ T9404] bio_copy_user_iov+0xfc/0xf20 [ 300.238298][ T9404] ? mark_held_locks+0xf0/0xf0 [ 300.243075][ T9404] ? __debug_object_init+0x190/0xc30 [ 300.248385][ T9404] blk_rq_map_user_iov+0x239/0x6f0 [ 300.253518][ T9404] ? blk_rq_append_bio+0x350/0x350 [ 300.258657][ T9404] ? find_held_lock+0x35/0x130 [ 300.263444][ T9404] ? sg_common_write.isra.0+0xab7/0x22c0 [ 300.269090][ T9404] ? import_single_range+0x12b/0x170 [ 300.274401][ T9404] blk_rq_map_user+0x11a/0x190 [ 300.279172][ T9404] ? blk_rq_map_user_iov+0x6f0/0x6f0 [ 300.284462][ T9404] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 300.290021][ T9404] ? debug_object_init+0x16/0x20 [ 300.290046][ T9404] sg_common_write.isra.0+0x11d5/0x22c0 [ 300.290061][ T9404] ? sg_write.part.0+0x434/0xeb0 [ 300.290092][ T9404] ? sg_open+0x1820/0x1820 [ 300.300594][ T9404] ? __might_fault+0x12b/0x1e0 [ 300.300618][ T9404] ? lock_downgrade+0x880/0x880 [ 300.300633][ T9404] ? check_stack_object+0x114/0x160 [ 300.300650][ T9404] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 300.300665][ T9404] ? __check_object_size+0x3d/0x42f [ 300.300686][ T9404] sg_write.part.0+0x855/0xeb0 [ 300.300706][ T9404] ? sg_ioctl+0x2a10/0x2a10 [ 300.300720][ T9404] ? find_held_lock+0x35/0x130 [ 300.300742][ T9404] ? lock_downgrade+0x880/0x880 [ 300.300768][ T9404] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 300.349922][ T9404] ? _copy_from_user+0xdd/0x150 [ 300.349941][ T9404] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 300.349959][ T9404] ? rw_copy_check_uvector+0x2a6/0x330 [ 300.349974][ T9404] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.349992][ T9404] ? security_file_permission+0x94/0x380 [ 300.350012][ T9404] sg_write+0x6e/0x93 [ 300.350030][ T9404] do_iter_write+0x4a5/0x610 [ 300.350058][ T9404] ? dup_iter+0x260/0x260 [ 300.383332][ T9404] vfs_writev+0x1b3/0x2f0 [ 300.383352][ T9404] ? vfs_iter_write+0xb0/0xb0 [ 300.383367][ T9404] ? kasan_check_read+0x11/0x20 [ 300.383394][ T9404] ? ksys_dup3+0x3e0/0x3e0 [ 300.420172][ T9404] ? wait_for_completion+0x440/0x440 [ 300.425520][ T9404] ? __fget_light+0x1a9/0x230 21:01:23 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:23 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, 0x0) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) [ 300.430226][ T9404] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.436516][ T9404] do_writev+0xf6/0x290 [ 300.440688][ T9404] ? vfs_writev+0x2f0/0x2f0 [ 300.445228][ T9404] ? do_syscall_64+0x26/0x610 [ 300.449915][ T9404] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.455985][ T9404] ? do_syscall_64+0x26/0x610 [ 300.460677][ T9404] __x64_sys_writev+0x75/0xb0 [ 300.465357][ T9404] do_syscall_64+0x103/0x610 [ 300.469960][ T9404] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.475855][ T9404] RIP: 0033:0x458209 [ 300.479754][ T9404] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 300.499356][ T9404] RSP: 002b:00007fd499900c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 300.507763][ T9404] RAX: ffffffffffffffda RBX: 00007fd499900c90 RCX: 0000000000458209 [ 300.515735][ T9404] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 21:01:23 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1b) [ 300.523714][ T9404] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 300.531690][ T9404] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd4999016d4 [ 300.539676][ T9404] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:23 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:23 executing program 2 (fault-call:2 fault-nth:5): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) [ 300.686695][ T9426] FAULT_INJECTION: forcing a failure. [ 300.686695][ T9426] name failslab, interval 1, probability 0, space 0, times 0 [ 300.700297][ T9426] CPU: 0 PID: 9426 Comm: syz-executor.2 Not tainted 5.1.0-rc1+ #35 [ 300.708208][ T9426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.718263][ T9426] Call Trace: [ 300.721563][ T9426] dump_stack+0x172/0x1f0 [ 300.726153][ T9426] should_fail.cold+0xa/0x15 [ 300.730733][ T9426] ? page_fault+0x1e/0x30 [ 300.735058][ T9426] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 300.740859][ T9426] ? do_syscall_64+0x103/0x610 [ 300.745625][ T9426] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.751711][ T9426] __should_failslab+0x121/0x190 [ 300.756659][ T9426] should_failslab+0x9/0x14 [ 300.761186][ T9426] __kmalloc+0x71/0x740 [ 300.765344][ T9426] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 300.771163][ T9426] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 300.777407][ T9426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.783680][ T9426] ? bio_alloc_bioset+0x418/0x680 [ 300.788717][ T9426] bio_alloc_bioset+0x418/0x680 [ 300.793583][ T9426] ? rcu_read_lock_sched_held+0x110/0x130 [ 300.799310][ T9426] ? bvec_alloc+0x2f0/0x2f0 [ 300.803849][ T9426] bio_copy_user_iov+0x2c7/0xf20 [ 300.808813][ T9426] ? mark_held_locks+0xf0/0xf0 [ 300.813599][ T9426] ? __debug_object_init+0x190/0xc30 [ 300.818915][ T9426] blk_rq_map_user_iov+0x239/0x6f0 [ 300.824035][ T9426] ? blk_rq_append_bio+0x350/0x350 [ 300.829164][ T9426] ? find_held_lock+0x35/0x130 [ 300.833958][ T9426] ? sg_common_write.isra.0+0xab7/0x22c0 [ 300.839607][ T9426] ? import_single_range+0x12b/0x170 [ 300.844898][ T9426] blk_rq_map_user+0x11a/0x190 [ 300.849675][ T9426] ? blk_rq_map_user_iov+0x6f0/0x6f0 [ 300.854991][ T9426] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 300.860562][ T9426] ? debug_object_init+0x16/0x20 [ 300.865530][ T9426] sg_common_write.isra.0+0x11d5/0x22c0 [ 300.871090][ T9426] ? sg_write.part.0+0x434/0xeb0 [ 300.876043][ T9426] ? sg_open+0x1820/0x1820 [ 300.880469][ T9426] ? __might_fault+0x12b/0x1e0 [ 300.885252][ T9426] ? lock_downgrade+0x880/0x880 [ 300.890127][ T9426] ? check_stack_object+0x114/0x160 [ 300.895330][ T9426] ? __sanitizer_cov_trace_switch+0x49/0x80 [ 300.901229][ T9426] ? __check_object_size+0x3d/0x42f [ 300.906448][ T9426] sg_write.part.0+0x855/0xeb0 [ 300.911224][ T9426] ? sg_ioctl+0x2a10/0x2a10 [ 300.915727][ T9426] ? find_held_lock+0x35/0x130 [ 300.920519][ T9426] ? lock_downgrade+0x880/0x880 [ 300.925398][ T9426] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 300.931668][ T9426] ? _copy_from_user+0xdd/0x150 [ 300.936550][ T9426] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 300.942278][ T9426] ? rw_copy_check_uvector+0x2a6/0x330 [ 300.947855][ T9426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.954115][ T9426] ? security_file_permission+0x94/0x380 [ 300.959760][ T9426] sg_write+0x6e/0x93 [ 300.963753][ T9426] do_iter_write+0x4a5/0x610 [ 300.968349][ T9426] ? dup_iter+0x260/0x260 [ 300.972697][ T9426] vfs_writev+0x1b3/0x2f0 [ 300.977049][ T9426] ? vfs_iter_write+0xb0/0xb0 [ 300.981735][ T9426] ? kasan_check_read+0x11/0x20 [ 300.986614][ T9426] ? ksys_dup3+0x3e0/0x3e0 [ 300.991060][ T9426] ? wait_for_completion+0x440/0x440 [ 300.996356][ T9426] ? __fget_light+0x1a9/0x230 [ 301.001045][ T9426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 301.007404][ T9426] do_writev+0xf6/0x290 [ 301.011582][ T9426] ? vfs_writev+0x2f0/0x2f0 [ 301.016117][ T9426] ? do_syscall_64+0x26/0x610 [ 301.020802][ T9426] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 301.026871][ T9426] ? do_syscall_64+0x26/0x610 [ 301.031568][ T9426] __x64_sys_writev+0x75/0xb0 [ 301.036251][ T9426] do_syscall_64+0x103/0x610 [ 301.040852][ T9426] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 301.046748][ T9426] RIP: 0033:0x458209 [ 301.050648][ T9426] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 301.070249][ T9426] RSP: 002b:00007fd499900c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 301.078670][ T9426] RAX: ffffffffffffffda RBX: 00007fd499900c90 RCX: 0000000000458209 [ 301.086642][ T9426] RDX: 0000000000000146 RSI: 0000000020000040 RDI: 0000000000000003 [ 301.094615][ T9426] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 301.102589][ T9426] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd4999016d4 [ 301.110577][ T9426] R13: 00000000004c4cbb R14: 00000000004dd4e0 R15: 0000000000000004 21:01:25 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:25 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1c) 21:01:25 executing program 2 (fault-call:2 fault-nth:6): r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:25 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, &(0x7f0000000140)) 21:01:25 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, 0x0) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:25 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:25 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1d) 21:01:25 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x146) 21:01:25 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1e) 21:01:26 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2) 21:01:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x21) 21:01:26 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3) 21:01:26 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x22) 21:01:26 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4) 21:01:26 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:26 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0x0, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:26 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, &(0x7f0000000140)) 21:01:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x23) 21:01:26 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5) 21:01:26 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x6) 21:01:26 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x24) 21:01:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x25) 21:01:27 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x7) 21:01:27 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x8) 21:01:27 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:27 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0x0, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:27 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, &(0x7f0000000140)) 21:01:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x26) 21:01:27 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x27) 21:01:27 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x9) 21:01:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x28) 21:01:27 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xa) 21:01:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x29) 21:01:27 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xb) 21:01:27 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2a) 21:01:28 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b24823d754d6b45"], 0x39) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:28 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xc) 21:01:28 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2b) 21:01:28 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:01:28 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:28 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0x0, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:28 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xd) 21:01:28 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2c) 21:01:28 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xe) 21:01:28 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2d) 21:01:28 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0xf) 21:01:28 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x10) 21:01:31 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:31 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2e) 21:01:31 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x11) 21:01:31 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:31 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x0, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:31 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:01:31 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2f) 21:01:31 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x12) 21:01:31 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:31 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x13) 21:01:31 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x30) 21:01:31 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x14) 21:01:31 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x15) 21:01:31 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x31) 21:01:31 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x16) 21:01:32 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:32 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x32) 21:01:32 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x0, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:32 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) 21:01:32 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x17) 21:01:34 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:34 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x33) 21:01:34 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x18) 21:01:34 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, 0x0, 0x0) 21:01:34 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, 0x0) 21:01:34 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x0, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:34 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x34) 21:01:34 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x19) 21:01:34 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:35 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x35) 21:01:35 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1a) 21:01:35 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1b) 21:01:35 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x36) 21:01:35 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1c) 21:01:35 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x37) 21:01:35 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, 0x0, 0x0) 21:01:35 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1d) 21:01:35 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x38) 21:01:35 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, 0x0) 21:01:35 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:38 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:38 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x39) 21:01:38 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x1e) 21:01:38 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:38 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, 0x0) 21:01:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, 0x0, 0x0) 21:01:38 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3a) 21:01:38 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x21) 21:01:38 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:38 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x22) 21:01:38 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:38 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3b) 21:01:38 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x23) 21:01:38 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3c) 21:01:38 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:38 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x24) 21:01:38 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3d) 21:01:38 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x25) 21:01:38 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[], 0x0) 21:01:38 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r2, 0x0, r0, 0x0, 0x400000a77, 0x0) write$binfmt_elf64(r3, &(0x7f00000000c0)=ANY=[@ANYRESHEX=0x0], 0xe681f134) close(r1) 21:01:38 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3e) 21:01:38 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x26) 21:01:41 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:41 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x27) 21:01:41 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x41) 21:01:41 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:41 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[], 0x0) 21:01:41 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) 21:01:41 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x28) 21:01:41 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x42) 21:01:41 executing program 4: r0 = semget(0x1, 0x0, 0x0) semctl$GETVAL(r0, 0x2, 0x5, &(0x7f00000001c0)=""/113) 21:01:41 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x29) 21:01:41 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x43) 21:01:41 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2a) 21:01:44 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bc070") r1 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x400806e, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) sendto$inet6(r1, &(0x7f0000001440)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e5d37149eb0f4a333726cf6d5b7647306559155f1c69d6bfd145b83576f2df4d85f271fd4119db923e2412c66dd954eb59dddc7e1fd286a83971b2ba1c63b4f99702cf91f3d1ecffb8ae189c79b403805e83650c251a564942896f205640c23b0cf51fe9bd931f54a343794710a9cd53cef20938edddb2bfa3cac9597410be0aacbb8f9d314abd999ba396521b6c10bec7bc9d0745a80299342f5cf89eb9d94044258fbb18cec1cdbbc016a773d3ae41e3e30248e716fd0873d31454902cbe7dcf7d644dfadc255d99652b5ed5a5b1a75e3ad49cf80178678402e4fd99e3200119d3a755d009889b2e6138f81dc02eedcc353aceb2f7781aea08aa91be7e1e2416ba3d555b1f2237f68c5d7dcfcb1b917c292a35d6d7e7cf2cb1dd6dba5a50ce55c4638d7d38cb7afd8da02f281ab69392bc6531eb03eb97c1d075e3342c244861d04bcad8991b8f588e48ad7fe218d2f5e604bb31c59241245b485210fe418af3d6377b59d5ab128497efeced38cc5036b1f34cb89674b5179219f34b9e8e1849695d7c23cce77eb8f038ef9f2cd69d1c9e2d6b46610adbadbdad857a77f59d38cb5120709716b87c52a48de249b231d7e39985b8b58094c0d7b4c6d1671a8ff9d2daaca94df2adcff6420077df0ddbc66d00b141ffc6e28bed09a19056e52a905a72c99a04af56b22da83135808ba2bfe87a39753447e78500d16bdad52d97df73d4852a79e7ec6910701b712cfd58c62b3ade86cf6ff0cd78719fa1ae81640381cb33f4f6b03c913e820cf9eb9b5cf7df9c878596c9ac9444cad118673fe339b4b7287b310ecff4742bfea2612d79d418293f0dfe14bc819c466473438ad71ea3b1386d17a9038b1f5a9285481500f84f4c7eabbf2eb071a101c69cce8e7495bda4c28a4e88f6a258abf58579c290eeb742b2678daab3ecc8c2bf97d89e89472901e254dd63ca7d918f8a7523161e29b28f64b0df1a7bb4a17d0ad734c321623e246bb0b5aaa08e8e7ac42b74ba83c70a8ca80068400be6adc3f4b01ba1050b54e6e4cf72fb567fbd27b74b2bfa7b7cabc6938851c13c6df7d5aaca79afd89b5e925379b959c7929ddfa3399695343f435772d70e5cfa3550377d23f50011ad5657e94c464cd43eb85496fd3b03bcb2d9278ceb432194d9893ffa747dfe85309874737a2ff34bf8c89f15da7cc0853434117d744e30360b38ef1a063f9ee506f048e9980054e6c5c5688d04ece6067ac55bccc9a7773a2c4e21c039d153622130faff9fd675d64ad7284bd011b9b224713a721b4b731cf342357642a1a0bb846f5be443b7e72e9825b5f3a078c6ae09e4512dd93a5be1af13a49e6a33938509d3557aecf2356ac2329871b662a99cf3fd2486b064e7e6f90c1f8d632186a8bda338b02d45da4ea9041d42a23f40b93346dddc473a9f1a3d9f0285b7e48cbb87bc34d44b090a5e2aaf4764a10a44168f1719eff0b0d9bc1ce07750af4c21d0c67eae0799e91328c8b14869e4edd255a41735a2b1818aa9d3b271ba757af010ae6dbad89aa0d8f5b6f8ef3917adcedf247ebffcf9ade407dfb50948aa97077a195b5f6eeff443be20f383aa8ebbb4b0f2e888cb7cde9ec09177f4576576f088430e4a61d352607113ce7118f2d0000000000000000", 0x566, 0xc001, 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000240)="f11d9485945530b02c13b63ecca90bcd5e45aae6c27dcfb60d8f3b82d09721908ec5fd0cd4fc40b461afc79758bb2ebb7ba7e67fc49a3d4bb896b2", 0x3b, 0x10008000, 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000040)="c5cbdeda579d85f4a014ee69", 0xc, 0x0, 0x0, 0x0) 21:01:44 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x44) 21:01:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2b) 21:01:44 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:44 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[], 0x0) 21:01:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2c) 21:01:44 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x45) [ 321.182591][ T9948] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 21:01:44 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000000)={'IDLETIMER\x00'}, &(0x7f0000000080)=0x1e) 21:01:44 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2d) 21:01:44 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x46) 21:01:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2e) 21:01:44 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000140)={@initdev, @empty, @initdev, 0x0, 0x81}) 21:01:44 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x47) 21:01:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x2f) 21:01:45 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, &(0x7f0000000140)) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:45 executing program 4: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:45 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x48) 21:01:45 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x30) 21:01:45 executing program 1 (fault-call:2 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:47 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af4"], 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:47 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x49) 21:01:47 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x31) 21:01:47 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x0) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:47 executing program 4 (fault-call:3 fault-nth:0): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:47 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, &(0x7f0000000140)) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:47 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x32) 21:01:47 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4a) [ 324.460077][T10040] FAULT_INJECTION: forcing a failure. [ 324.460077][T10040] name failslab, interval 1, probability 0, space 0, times 0 [ 324.494298][T10040] CPU: 1 PID: 10040 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 324.502308][T10040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.512361][T10040] Call Trace: [ 324.515674][T10040] dump_stack+0x172/0x1f0 [ 324.520038][T10040] should_fail.cold+0xa/0x15 [ 324.524652][T10040] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 324.530476][T10040] ? ___might_sleep+0x163/0x280 [ 324.535361][T10040] __should_failslab+0x121/0x190 [ 324.540395][T10040] ? sock_destroy_inode+0x60/0x60 [ 324.545432][T10040] should_failslab+0x9/0x14 [ 324.549942][T10040] kmem_cache_alloc+0x2b2/0x6f0 [ 324.554883][T10040] ? sctp_id2assoc+0x203/0x2c0 [ 324.559672][T10040] ? sock_destroy_inode+0x60/0x60 [ 324.564705][T10040] sock_alloc_inode+0x1d/0x260 [ 324.569476][T10040] alloc_inode+0x66/0x190 [ 324.573829][T10040] new_inode_pseudo+0x19/0xf0 [ 324.578523][T10040] sock_alloc+0x41/0x270 [ 324.582824][T10040] __sock_create+0xc0/0x750 [ 324.587347][T10040] ? sctp_id2assoc+0x203/0x2c0 [ 324.592126][T10040] sock_create+0x7f/0xa0 [ 324.596376][T10040] sctp_do_peeloff+0x1a0/0x470 [ 324.601150][T10040] ? sctp_copy_sock+0xe50/0xe50 [ 324.606012][T10040] ? lock_downgrade+0x880/0x880 [ 324.610881][T10040] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 324.617477][T10040] ? sctp_do_peeloff+0x470/0x470 [ 324.622435][T10040] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.628688][T10040] ? _copy_from_user+0xdd/0x150 [ 324.633599][T10040] sctp_getsockopt+0x1ec1/0x673d [ 324.638609][T10040] ? __lock_acquire+0x548/0x3fb0 [ 324.643564][T10040] ? _parse_integer+0x190/0x190 [ 324.648429][T10040] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 324.655289][T10040] ? __fget+0x35a/0x550 [ 324.659505][T10040] ? find_held_lock+0x35/0x130 [ 324.664278][T10040] ? __fget+0x35a/0x550 [ 324.668460][T10040] ? lock_downgrade+0x880/0x880 [ 324.673329][T10040] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.679606][T10040] ? kasan_check_read+0x11/0x20 [ 324.684473][T10040] ? __fget+0x381/0x550 [ 324.688651][T10040] ? ksys_dup3+0x3e0/0x3e0 [ 324.693132][T10040] ? kasan_check_write+0x14/0x20 [ 324.698090][T10040] sock_common_getsockopt+0x9a/0xe0 [ 324.703294][T10040] ? sock_common_getsockopt+0x9a/0xe0 [ 324.708706][T10040] __sys_getsockopt+0x168/0x250 [ 324.713567][T10040] ? kernel_setsockopt+0x1e0/0x1e0 [ 324.718692][T10040] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.724161][T10040] ? do_syscall_64+0x26/0x610 [ 324.728962][T10040] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.735042][T10040] ? do_syscall_64+0x26/0x610 [ 324.740235][T10040] __x64_sys_getsockopt+0xbe/0x150 [ 324.745893][T10040] do_syscall_64+0x103/0x610 [ 324.750500][T10040] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.756407][T10040] RIP: 0033:0x458209 21:01:47 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4b) [ 324.760326][T10040] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 324.779986][T10040] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 324.788406][T10040] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 324.796383][T10040] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 21:01:48 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x33) 21:01:48 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4c) [ 324.804358][T10040] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 324.812345][T10040] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 324.820317][T10040] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 [ 324.829294][T10040] socket: no more sockets 21:01:48 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x34) 21:01:50 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af4"], 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:50 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4d) 21:01:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x35) 21:01:50 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0xa) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:50 executing program 4 (fault-call:3 fault-nth:1): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:50 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, 0x0, &(0x7f0000000140)) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:50 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4e) 21:01:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x36) [ 327.519940][T10087] FAULT_INJECTION: forcing a failure. [ 327.519940][T10087] name failslab, interval 1, probability 0, space 0, times 0 [ 327.559631][T10087] CPU: 0 PID: 10087 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 327.567634][T10087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.577690][T10087] Call Trace: [ 327.580997][T10087] dump_stack+0x172/0x1f0 [ 327.585344][T10087] should_fail.cold+0xa/0x15 [ 327.589947][T10087] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 327.603351][T10087] ? ___might_sleep+0x163/0x280 [ 327.608218][T10087] __should_failslab+0x121/0x190 [ 327.613163][T10087] ? sock_destroy_inode+0x60/0x60 [ 327.618193][T10087] should_failslab+0x9/0x14 [ 327.622703][T10087] kmem_cache_alloc_trace+0x2d1/0x760 [ 327.628089][T10087] ? kmem_cache_alloc+0x32e/0x6f0 [ 327.634577][T10087] ? sock_destroy_inode+0x60/0x60 [ 327.639623][T10087] sock_alloc_inode+0x63/0x260 [ 327.639640][T10087] alloc_inode+0x66/0x190 [ 327.639655][T10087] new_inode_pseudo+0x19/0xf0 [ 327.639670][T10087] sock_alloc+0x41/0x270 [ 327.639696][T10087] __sock_create+0xc0/0x750 [ 327.662173][T10087] ? sctp_id2assoc+0x203/0x2c0 [ 327.666968][T10087] sock_create+0x7f/0xa0 [ 327.671218][T10087] sctp_do_peeloff+0x1a0/0x470 [ 327.675988][T10087] ? sctp_copy_sock+0xe50/0xe50 [ 327.680842][T10087] ? lock_downgrade+0x880/0x880 [ 327.680864][T10087] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 327.680881][T10087] ? sctp_do_peeloff+0x470/0x470 [ 327.680903][T10087] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 327.703496][T10087] ? _copy_from_user+0xdd/0x150 [ 327.708371][T10087] sctp_getsockopt+0x1ec1/0x673d [ 327.713320][T10087] ? __lock_acquire+0x548/0x3fb0 [ 327.718257][T10087] ? _parse_integer+0x190/0x190 [ 327.723123][T10087] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 327.729981][T10087] ? __fget+0x35a/0x550 [ 327.734146][T10087] ? find_held_lock+0x35/0x130 [ 327.738915][T10087] ? __fget+0x35a/0x550 [ 327.743729][T10087] ? lock_downgrade+0x880/0x880 [ 327.748593][T10087] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 327.754851][T10087] ? kasan_check_read+0x11/0x20 [ 327.759713][T10087] ? __fget+0x381/0x550 [ 327.763890][T10087] ? ksys_dup3+0x3e0/0x3e0 21:01:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x37) 21:01:50 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4f) 21:01:50 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x50) 21:01:50 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x51) [ 327.768312][T10087] ? kasan_check_write+0x14/0x20 [ 327.773265][T10087] sock_common_getsockopt+0x9a/0xe0 [ 327.778466][T10087] ? sock_common_getsockopt+0x9a/0xe0 [ 327.783858][T10087] __sys_getsockopt+0x168/0x250 [ 327.788721][T10087] ? kernel_setsockopt+0x1e0/0x1e0 [ 327.793841][T10087] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 327.799309][T10087] ? do_syscall_64+0x26/0x610 [ 327.804004][T10087] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.810085][T10087] ? do_syscall_64+0x26/0x610 [ 327.814772][T10087] __x64_sys_getsockopt+0xbe/0x150 [ 327.819896][T10087] do_syscall_64+0x103/0x610 [ 327.824508][T10087] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.830413][T10087] RIP: 0033:0x458209 [ 327.834316][T10087] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 327.853921][T10087] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 327.862361][T10087] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 327.870333][T10087] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 [ 327.870343][T10087] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 327.870352][T10087] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 327.870361][T10087] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 [ 327.870966][T10087] socket: no more sockets 21:01:53 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af4"], 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:53 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x52) 21:01:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x38) 21:01:53 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:53 executing program 4 (fault-call:3 fault-nth:2): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x223) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:53 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x53) 21:01:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x39) [ 330.586621][T10131] FAULT_INJECTION: forcing a failure. [ 330.586621][T10131] name failslab, interval 1, probability 0, space 0, times 0 [ 330.619203][T10131] CPU: 0 PID: 10131 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 330.627277][T10131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.637815][T10131] Call Trace: [ 330.641134][T10131] dump_stack+0x172/0x1f0 [ 330.645501][T10131] should_fail.cold+0xa/0x15 [ 330.650124][T10131] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 330.655949][T10131] ? ___might_sleep+0x163/0x280 [ 330.660818][T10131] __should_failslab+0x121/0x190 [ 330.665773][T10131] should_failslab+0x9/0x14 [ 330.670284][T10131] kmem_cache_alloc+0x2b2/0x6f0 [ 330.675211][T10131] ? __put_user_ns+0x70/0x70 [ 330.679815][T10131] ? sock_alloc_inode+0x63/0x260 [ 330.684762][T10131] ? lockdep_init_map+0x1be/0x6d0 [ 330.689803][T10131] security_inode_alloc+0x39/0x160 [ 330.694925][T10131] inode_init_always+0x56e/0xb50 [ 330.699875][T10131] alloc_inode+0x83/0x190 [ 330.704216][T10131] new_inode_pseudo+0x19/0xf0 [ 330.708900][T10131] sock_alloc+0x41/0x270 [ 330.713342][T10131] __sock_create+0xc0/0x750 [ 330.717851][T10131] ? sctp_id2assoc+0x203/0x2c0 [ 330.722632][T10131] sock_create+0x7f/0xa0 [ 330.726888][T10131] sctp_do_peeloff+0x1a0/0x470 [ 330.731684][T10131] ? sctp_copy_sock+0xe50/0xe50 21:01:53 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x54) 21:01:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3a) [ 330.736557][T10131] ? lock_downgrade+0x880/0x880 [ 330.741442][T10131] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 330.748036][T10131] ? sctp_do_peeloff+0x470/0x470 [ 330.752984][T10131] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 330.759233][T10131] ? _copy_from_user+0xdd/0x150 [ 330.764096][T10131] sctp_getsockopt+0x1ec1/0x673d [ 330.769040][T10131] ? __lock_acquire+0x548/0x3fb0 [ 330.773981][T10131] ? _parse_integer+0x190/0x190 [ 330.778842][T10131] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 21:01:54 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x55) 21:01:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3b) [ 330.785706][T10131] ? __fget+0x35a/0x550 [ 330.789870][T10131] ? find_held_lock+0x35/0x130 [ 330.794641][T10131] ? __fget+0x35a/0x550 [ 330.798814][T10131] ? lock_downgrade+0x880/0x880 [ 330.803668][T10131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.809917][T10131] ? kasan_check_read+0x11/0x20 [ 330.814777][T10131] ? __fget+0x381/0x550 [ 330.818945][T10131] ? ksys_dup3+0x3e0/0x3e0 [ 330.823390][T10131] ? kasan_check_write+0x14/0x20 [ 330.828337][T10131] sock_common_getsockopt+0x9a/0xe0 [ 330.833540][T10131] ? sock_common_getsockopt+0x9a/0xe0 [ 330.838926][T10131] __sys_getsockopt+0x168/0x250 [ 330.843792][T10131] ? kernel_setsockopt+0x1e0/0x1e0 [ 330.848924][T10131] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 330.854390][T10131] ? do_syscall_64+0x26/0x610 [ 330.859074][T10131] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.865188][T10131] ? do_syscall_64+0x26/0x610 [ 330.869876][T10131] __x64_sys_getsockopt+0xbe/0x150 [ 330.875019][T10131] do_syscall_64+0x103/0x610 [ 330.879636][T10131] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.885533][T10131] RIP: 0033:0x458209 [ 330.889430][T10131] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 330.909061][T10131] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 330.917475][T10131] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 330.925460][T10131] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 21:01:54 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d42"], 0x2b) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:54 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x56) 21:01:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3c) [ 330.933427][T10131] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 330.941392][T10131] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 330.949366][T10131] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 [ 330.977166][T10131] socket: no more sockets 21:01:54 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:54 executing program 4 (fault-call:3 fault-nth:3): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3d) 21:01:54 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0xa00) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:54 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x57) [ 331.432128][T10179] FAULT_INJECTION: forcing a failure. [ 331.432128][T10179] name failslab, interval 1, probability 0, space 0, times 0 [ 331.468615][T10179] CPU: 1 PID: 10179 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 21:01:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x3e) [ 331.476641][T10179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.486707][T10179] Call Trace: [ 331.490024][T10179] dump_stack+0x172/0x1f0 [ 331.494387][T10179] should_fail.cold+0xa/0x15 [ 331.498998][T10179] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 331.504827][T10179] ? ___might_sleep+0x163/0x280 [ 331.509689][T10179] __should_failslab+0x121/0x190 [ 331.514632][T10179] should_failslab+0x9/0x14 [ 331.519137][T10179] kmem_cache_alloc+0x2b2/0x6f0 [ 331.524129][T10179] ? inet6_create+0x2ea/0xf90 21:01:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x41) [ 331.528827][T10179] sk_prot_alloc+0x67/0x2e0 [ 331.533331][T10179] ? lock_downgrade+0x880/0x880 [ 331.538186][T10179] sk_alloc+0x39/0xf70 [ 331.542267][T10179] inet6_create+0x360/0xf90 [ 331.546785][T10179] __sock_create+0x3e6/0x750 [ 331.551392][T10179] sock_create+0x7f/0xa0 [ 331.555646][T10179] sctp_do_peeloff+0x1a0/0x470 [ 331.560416][T10179] ? sctp_copy_sock+0xe50/0xe50 [ 331.565272][T10179] ? lock_downgrade+0x880/0x880 [ 331.570136][T10179] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 331.576735][T10179] ? sctp_do_peeloff+0x470/0x470 21:01:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x42) [ 331.581685][T10179] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.587932][T10179] ? _copy_from_user+0xdd/0x150 [ 331.592797][T10179] sctp_getsockopt+0x1ec1/0x673d [ 331.597743][T10179] ? __lock_acquire+0x548/0x3fb0 [ 331.602688][T10179] ? _parse_integer+0x190/0x190 [ 331.607560][T10179] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 331.614416][T10179] ? __fget+0x35a/0x550 [ 331.625700][T10179] ? find_held_lock+0x35/0x130 21:01:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x43) [ 331.630474][T10179] ? __fget+0x35a/0x550 [ 331.635228][T10179] ? lock_downgrade+0x880/0x880 [ 331.640094][T10179] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 331.646342][T10179] ? kasan_check_read+0x11/0x20 [ 331.651206][T10179] ? __fget+0x381/0x550 [ 331.655371][T10179] ? ksys_dup3+0x3e0/0x3e0 [ 331.659808][T10179] ? kasan_check_write+0x14/0x20 [ 331.664780][T10179] sock_common_getsockopt+0x9a/0xe0 [ 331.669981][T10179] ? sock_common_getsockopt+0x9a/0xe0 [ 331.675542][T10179] __sys_getsockopt+0x168/0x250 [ 331.680418][T10179] ? kernel_setsockopt+0x1e0/0x1e0 [ 331.685571][T10179] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 331.691061][T10179] ? do_syscall_64+0x26/0x610 [ 331.695741][T10179] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.701816][T10179] ? do_syscall_64+0x26/0x610 [ 331.706518][T10179] __x64_sys_getsockopt+0xbe/0x150 [ 331.711640][T10179] do_syscall_64+0x103/0x610 [ 331.716249][T10179] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.722144][T10179] RIP: 0033:0x458209 [ 331.726054][T10179] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.746595][T10179] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 331.755033][T10179] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 331.763005][T10179] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 [ 331.763021][T10179] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 331.763030][T10179] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 331.763039][T10179] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 21:01:57 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d42"], 0x2b) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:01:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x44) 21:01:57 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x58) 21:01:57 executing program 4 (fault-call:3 fault-nth:4): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:01:57 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r1 = socket(0xa, 0x1, 0x0) close(r1) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(r1, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:01:57 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x2302) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:01:57 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x59) 21:01:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x45) [ 334.125882][T10221] FAULT_INJECTION: forcing a failure. [ 334.125882][T10221] name failslab, interval 1, probability 0, space 0, times 0 [ 334.168734][T10221] CPU: 1 PID: 10221 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 334.176748][T10221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.186803][T10221] Call Trace: [ 334.190106][T10221] dump_stack+0x172/0x1f0 [ 334.194493][T10221] should_fail.cold+0xa/0x15 [ 334.199100][T10221] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 334.204916][T10221] ? ___might_sleep+0x163/0x280 [ 334.209779][T10221] __should_failslab+0x121/0x190 [ 334.214725][T10221] should_failslab+0x9/0x14 [ 334.219234][T10221] kmem_cache_alloc_trace+0x2d1/0x760 [ 334.224716][T10221] smack_sk_alloc_security+0x111/0x320 [ 334.230194][T10221] security_sk_alloc+0x7d/0xc0 [ 334.234966][T10221] sk_prot_alloc+0xa5/0x2e0 [ 334.239479][T10221] sk_alloc+0x39/0xf70 [ 334.243566][T10221] inet6_create+0x360/0xf90 [ 334.248087][T10221] __sock_create+0x3e6/0x750 [ 334.252702][T10221] sock_create+0x7f/0xa0 [ 334.256953][T10221] sctp_do_peeloff+0x1a0/0x470 [ 334.261725][T10221] ? sctp_copy_sock+0xe50/0xe50 [ 334.266593][T10221] ? lock_downgrade+0x880/0x880 [ 334.271453][T10221] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 334.278055][T10221] ? sctp_do_peeloff+0x470/0x470 [ 334.283002][T10221] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 334.289255][T10221] ? _copy_from_user+0xdd/0x150 [ 334.294112][T10221] sctp_getsockopt+0x1ec1/0x673d [ 334.299057][T10221] ? __lock_acquire+0x548/0x3fb0 [ 334.304019][T10221] ? _parse_integer+0x190/0x190 [ 334.308909][T10221] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 21:01:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x46) [ 334.315806][T10221] ? __fget+0x35a/0x550 [ 334.319974][T10221] ? find_held_lock+0x35/0x130 [ 334.324744][T10221] ? __fget+0x35a/0x550 [ 334.328912][T10221] ? lock_downgrade+0x880/0x880 [ 334.333794][T10221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 334.340055][T10221] ? kasan_check_read+0x11/0x20 [ 334.344920][T10221] ? __fget+0x381/0x550 [ 334.349091][T10221] ? ksys_dup3+0x3e0/0x3e0 [ 334.353533][T10221] ? kasan_check_write+0x14/0x20 [ 334.358529][T10221] sock_common_getsockopt+0x9a/0xe0 [ 334.363741][T10221] ? sock_common_getsockopt+0x9a/0xe0 21:01:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x47) [ 334.369122][T10221] __sys_getsockopt+0x168/0x250 [ 334.373983][T10221] ? kernel_setsockopt+0x1e0/0x1e0 [ 334.379112][T10221] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 334.384582][T10221] ? do_syscall_64+0x26/0x610 [ 334.389277][T10221] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.395350][T10221] ? do_syscall_64+0x26/0x610 [ 334.400060][T10221] __x64_sys_getsockopt+0xbe/0x150 [ 334.405180][T10221] do_syscall_64+0x103/0x610 [ 334.409779][T10221] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.415666][T10221] RIP: 0033:0x458209 [ 334.419562][T10221] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 334.439166][T10221] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 334.447577][T10221] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 334.455552][T10221] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 21:01:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x48) 21:01:57 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5a) [ 334.463528][T10221] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 334.471520][T10221] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 334.479508][T10221] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 21:02:00 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d42"], 0x2b) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:02:00 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x49) 21:02:00 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5b) 21:02:00 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, 0x0) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:02:00 executing program 4 (fault-call:3 fault-nth:5): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:02:00 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x1000000) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:02:00 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5c) 21:02:00 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4a) [ 337.155308][T10267] FAULT_INJECTION: forcing a failure. [ 337.155308][T10267] name failslab, interval 1, probability 0, space 0, times 0 [ 337.227496][T10267] CPU: 1 PID: 10267 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 337.235534][T10267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.245603][T10267] Call Trace: [ 337.248914][T10267] dump_stack+0x172/0x1f0 [ 337.253261][T10267] should_fail.cold+0xa/0x15 [ 337.257880][T10267] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 337.263711][T10267] ? ___might_sleep+0x163/0x280 [ 337.268575][T10267] __should_failslab+0x121/0x190 [ 337.273527][T10267] should_failslab+0x9/0x14 [ 337.278050][T10267] kmem_cache_alloc_trace+0x2d1/0x760 [ 337.283516][T10267] sctp_endpoint_new+0x79/0xed0 [ 337.288382][T10267] sctp_init_sock+0xc2e/0x1360 [ 337.293154][T10267] ? kasan_check_write+0x14/0x20 [ 337.298119][T10267] ? sock_init_data+0x8de/0xc70 [ 337.303073][T10267] ? sctp_destroy_sock+0x3e0/0x3e0 [ 337.308194][T10267] inet6_create+0x9cd/0xf90 [ 337.312722][T10267] __sock_create+0x3e6/0x750 [ 337.317323][T10267] sock_create+0x7f/0xa0 [ 337.321586][T10267] sctp_do_peeloff+0x1a0/0x470 [ 337.326364][T10267] ? sctp_copy_sock+0xe50/0xe50 [ 337.331229][T10267] ? lock_downgrade+0x880/0x880 [ 337.336092][T10267] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 337.342713][T10267] ? sctp_do_peeloff+0x470/0x470 [ 337.347676][T10267] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 337.353928][T10267] ? _copy_from_user+0xdd/0x150 [ 337.358788][T10267] sctp_getsockopt+0x1ec1/0x673d [ 337.363734][T10267] ? __lock_acquire+0x548/0x3fb0 [ 337.368697][T10267] ? _parse_integer+0x190/0x190 [ 337.373563][T10267] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 337.380600][T10267] ? __fget+0x35a/0x550 [ 337.385462][T10267] ? find_held_lock+0x35/0x130 [ 337.390243][T10267] ? __fget+0x35a/0x550 [ 337.394447][T10267] ? lock_downgrade+0x880/0x880 [ 337.399314][T10267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.405564][T10267] ? kasan_check_read+0x11/0x20 [ 337.410426][T10267] ? __fget+0x381/0x550 [ 337.414597][T10267] ? ksys_dup3+0x3e0/0x3e0 [ 337.419120][T10267] ? kasan_check_write+0x14/0x20 [ 337.424091][T10267] sock_common_getsockopt+0x9a/0xe0 [ 337.429303][T10267] ? sock_common_getsockopt+0x9a/0xe0 [ 337.434688][T10267] __sys_getsockopt+0x168/0x250 [ 337.439547][T10267] ? kernel_setsockopt+0x1e0/0x1e0 [ 337.444672][T10267] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 337.450140][T10267] ? do_syscall_64+0x26/0x610 [ 337.454819][T10267] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.460900][T10267] ? do_syscall_64+0x26/0x610 [ 337.465944][T10267] __x64_sys_getsockopt+0xbe/0x150 [ 337.471073][T10267] do_syscall_64+0x103/0x610 21:02:00 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5d) [ 337.475671][T10267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.481571][T10267] RIP: 0033:0x458209 [ 337.485471][T10267] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 337.505091][T10267] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 337.513514][T10267] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 21:02:00 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4b) 21:02:00 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5e) [ 337.513523][T10267] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 [ 337.513532][T10267] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 337.513541][T10267] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 337.513551][T10267] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 21:02:00 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4c) 21:02:03 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b"], 0x32) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:02:03 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4d) 21:02:03 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x5f) 21:02:03 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, 0x0) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:02:03 executing program 4 (fault-call:3 fault-nth:6): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:02:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0xa000000) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:02:03 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x60) 21:02:03 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4e) [ 340.237532][T10315] FAULT_INJECTION: forcing a failure. [ 340.237532][T10315] name failslab, interval 1, probability 0, space 0, times 0 [ 340.296657][T10315] CPU: 0 PID: 10315 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 340.304707][T10315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.314762][T10315] Call Trace: [ 340.318070][T10315] dump_stack+0x172/0x1f0 [ 340.322425][T10315] should_fail.cold+0xa/0x15 [ 340.327031][T10315] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 340.332855][T10315] ? ___might_sleep+0x163/0x280 [ 340.337714][T10315] __should_failslab+0x121/0x190 [ 340.342659][T10315] should_failslab+0x9/0x14 [ 340.347172][T10315] kmem_cache_alloc_trace+0x2d1/0x760 [ 340.352568][T10315] sctp_endpoint_new+0x100/0xed0 [ 340.357538][T10315] sctp_init_sock+0xc2e/0x1360 [ 340.363352][T10315] ? kasan_check_write+0x14/0x20 [ 340.368294][T10315] ? sock_init_data+0x8de/0xc70 [ 340.373147][T10315] ? sctp_destroy_sock+0x3e0/0x3e0 [ 340.378273][T10315] inet6_create+0x9cd/0xf90 [ 340.382799][T10315] __sock_create+0x3e6/0x750 [ 340.387406][T10315] sock_create+0x7f/0xa0 [ 340.391660][T10315] sctp_do_peeloff+0x1a0/0x470 [ 340.396428][T10315] ? sctp_copy_sock+0xe50/0xe50 [ 340.401291][T10315] ? lock_downgrade+0x880/0x880 [ 340.406158][T10315] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 340.412757][T10315] ? sctp_do_peeloff+0x470/0x470 [ 340.417705][T10315] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.423956][T10315] ? _copy_from_user+0xdd/0x150 [ 340.428818][T10315] sctp_getsockopt+0x1ec1/0x673d [ 340.433762][T10315] ? __lock_acquire+0x548/0x3fb0 [ 340.438701][T10315] ? _parse_integer+0x190/0x190 21:02:03 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x61) 21:02:03 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x4f) 21:02:03 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x62) 21:02:03 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x63) [ 340.443562][T10315] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 340.450428][T10315] ? __fget+0x35a/0x550 [ 340.454597][T10315] ? find_held_lock+0x35/0x130 [ 340.459371][T10315] ? __fget+0x35a/0x550 [ 340.463568][T10315] ? lock_downgrade+0x880/0x880 [ 340.468425][T10315] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.474673][T10315] ? kasan_check_read+0x11/0x20 [ 340.479541][T10315] ? __fget+0x381/0x550 [ 340.483713][T10315] ? ksys_dup3+0x3e0/0x3e0 [ 340.488139][T10315] ? kasan_check_write+0x14/0x20 [ 340.493097][T10315] sock_common_getsockopt+0x9a/0xe0 [ 340.498306][T10315] ? sock_common_getsockopt+0x9a/0xe0 [ 340.503692][T10315] __sys_getsockopt+0x168/0x250 [ 340.508559][T10315] ? kernel_setsockopt+0x1e0/0x1e0 [ 340.513683][T10315] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 340.519145][T10315] ? do_syscall_64+0x26/0x610 [ 340.523926][T10315] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.529992][T10315] ? do_syscall_64+0x26/0x610 [ 340.530014][T10315] __x64_sys_getsockopt+0xbe/0x150 [ 340.530033][T10315] do_syscall_64+0x103/0x610 [ 340.530054][T10315] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.539814][T10315] RIP: 0033:0x458209 [ 340.539830][T10315] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 340.539839][T10315] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 340.539854][T10315] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 340.539863][T10315] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 [ 340.539873][T10315] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 340.539882][T10315] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 340.539890][T10315] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 21:02:06 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b"], 0x32) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:02:06 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x64) 21:02:06 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x50) 21:02:06 executing program 4 (fault-call:3 fault-nth:7): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:02:06 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, 0x0) sendmmsg$inet_sctp(r2, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:02:06 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x23020000) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:02:06 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x65) 21:02:06 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x51) [ 343.317728][T10362] FAULT_INJECTION: forcing a failure. [ 343.317728][T10362] name failslab, interval 1, probability 0, space 0, times 0 [ 343.385228][T10362] CPU: 1 PID: 10362 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 343.393270][T10362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 343.403329][T10362] Call Trace: [ 343.406642][T10362] dump_stack+0x172/0x1f0 [ 343.410997][T10362] should_fail.cold+0xa/0x15 [ 343.415606][T10362] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 343.421424][T10362] ? ___might_sleep+0x163/0x280 [ 343.426286][T10362] __should_failslab+0x121/0x190 [ 343.431233][T10362] should_failslab+0x9/0x14 [ 343.435766][T10362] kmem_cache_alloc_trace+0x2d1/0x760 [ 343.441140][T10362] ? sctp_endpoint_lookup_assoc+0x290/0x290 [ 343.441230][T10362] sctp_auth_shkey_create+0x87/0x1b0 [ 343.441251][T10362] sctp_endpoint_new+0x518/0xed0 [ 343.457351][T10362] sctp_init_sock+0xc2e/0x1360 [ 343.462138][T10362] ? kasan_check_write+0x14/0x20 [ 343.467099][T10362] ? sock_init_data+0x8de/0xc70 [ 343.471975][T10362] ? sctp_destroy_sock+0x3e0/0x3e0 [ 343.477117][T10362] inet6_create+0x9cd/0xf90 21:02:06 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x66) 21:02:06 executing program 0: clone(0x4000003102041ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() futex(&(0x7f0000000140)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) write$P9_RREAD(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="052fc7548b70f0083caeaaad7fc8c84fcba677203eb276ab9101605af45ff9d418a6d07f618a47a59e7d422c303b5982815b"], 0x32) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f00000000c0)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 343.481635][T10362] __sock_create+0x3e6/0x750 [ 343.486249][T10362] sock_create+0x7f/0xa0 [ 343.490521][T10362] sctp_do_peeloff+0x1a0/0x470 [ 343.495298][T10362] ? sctp_copy_sock+0xe50/0xe50 [ 343.500163][T10362] ? lock_downgrade+0x880/0x880 [ 343.505030][T10362] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 343.511627][T10362] ? sctp_do_peeloff+0x470/0x470 [ 343.516575][T10362] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 343.522825][T10362] ? _copy_from_user+0xdd/0x150 [ 343.527711][T10362] sctp_getsockopt+0x1ec1/0x673d 21:02:06 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x67) [ 343.532676][T10362] ? __lock_acquire+0x548/0x3fb0 [ 343.537612][T10362] ? _parse_integer+0x190/0x190 [ 343.542495][T10362] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 343.549365][T10362] ? __fget+0x35a/0x550 [ 343.553544][T10362] ? find_held_lock+0x35/0x130 [ 343.558314][T10362] ? __fget+0x35a/0x550 [ 343.562498][T10362] ? lock_downgrade+0x880/0x880 [ 343.567352][T10362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 343.573600][T10362] ? kasan_check_read+0x11/0x20 [ 343.578462][T10362] ? __fget+0x381/0x550 [ 343.582649][T10362] ? ksys_dup3+0x3e0/0x3e0 [ 343.587078][T10362] ? kasan_check_write+0x14/0x20 [ 343.592061][T10362] sock_common_getsockopt+0x9a/0xe0 [ 343.597296][T10362] ? sock_common_getsockopt+0x9a/0xe0 [ 343.602687][T10362] __sys_getsockopt+0x168/0x250 [ 343.607548][T10362] ? kernel_setsockopt+0x1e0/0x1e0 [ 343.612674][T10362] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 343.618142][T10362] ? do_syscall_64+0x26/0x610 21:02:06 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x68) [ 343.630407][T10362] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.637109][T10362] ? do_syscall_64+0x26/0x610 [ 343.641814][T10362] __x64_sys_getsockopt+0xbe/0x150 [ 343.646935][T10362] do_syscall_64+0x103/0x610 [ 343.651536][T10362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 343.657430][T10362] RIP: 0033:0x458209 [ 343.661331][T10362] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 21:02:06 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x52) 21:02:06 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x53) [ 343.680930][T10362] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 343.680951][T10362] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 343.680961][T10362] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 [ 343.680970][T10362] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 343.680980][T10362] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 343.680990][T10362] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 21:02:07 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x69) 21:02:07 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x54) 21:02:07 executing program 4 (fault-call:3 fault-nth:8): r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) 21:02:07 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f00000002c0)=0x24f) r2 = socket(0xa, 0x1, 0x0) close(r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f0000000140)=0x8) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="3000000000000000840000000100000000000000040000000000000000000000000000000000000000000000", @ANYRES32=0x0], 0x30}], 0x1, 0x0) 21:02:07 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x7ffffe, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x6a) 21:02:07 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xd) read(r0, 0x0, 0x7ffffffff000) write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0xffffff4d) 21:02:07 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x8042) ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0186415, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, 0x80f, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) writev(r0, &(0x7f0000000040), 0x55) [ 344.194513][T10416] FAULT_INJECTION: forcing a failure. [ 344.194513][T10416] name failslab, interval 1, probability 0, space 0, times 0 [ 344.229277][T10416] CPU: 1 PID: 10416 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 344.237307][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.247445][T10416] Call Trace: [ 344.247494][T10416] dump_stack+0x172/0x1f0 [ 344.247520][T10416] should_fail.cold+0xa/0x15 [ 344.247543][T10416] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 344.247568][T10416] ? ___might_sleep+0x163/0x280 [ 344.255167][T10416] __should_failslab+0x121/0x190 [ 344.255188][T10416] should_failslab+0x9/0x14 [ 344.255207][T10416] kmem_cache_alloc_trace+0x2d1/0x760 [ 344.255225][T10416] ? mark_held_locks+0xa4/0xf0 [ 344.255246][T10416] sctp_add_bind_addr+0x9f/0x3a0 [ 344.294901][T10416] sctp_bind_addr_dup+0xdd/0x140 [ 344.299847][T10416] sctp_sock_migrate+0x525/0x14c0 [ 344.304855][T10416] ? kasan_check_read+0x11/0x20 [ 344.309688][T10416] sctp_do_peeloff+0x2f5/0x470 [ 344.314444][T10416] ? sctp_copy_sock+0xe50/0xe50 [ 344.319323][T10416] ? lock_downgrade+0x880/0x880 [ 344.324159][T10416] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 344.330735][T10416] ? sctp_do_peeloff+0x470/0x470 [ 344.335686][T10416] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.341917][T10416] ? _copy_from_user+0xdd/0x150 [ 344.346757][T10416] sctp_getsockopt+0x1ec1/0x673d [ 344.351688][T10416] ? __lock_acquire+0x548/0x3fb0 [ 344.356622][T10416] ? _parse_integer+0x190/0x190 [ 344.361453][T10416] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 344.368292][T10416] ? __fget+0x35a/0x550 [ 344.372428][T10416] ? find_held_lock+0x35/0x130 [ 344.377175][T10416] ? __fget+0x35a/0x550 [ 344.381316][T10416] ? lock_downgrade+0x880/0x880 [ 344.386145][T10416] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 344.392395][T10416] ? kasan_check_read+0x11/0x20 [ 344.397259][T10416] ? __fget+0x381/0x550 [ 344.401421][T10416] ? ksys_dup3+0x3e0/0x3e0 [ 344.405838][T10416] ? kasan_check_write+0x14/0x20 [ 344.410777][T10416] sock_common_getsockopt+0x9a/0xe0 [ 344.415968][T10416] ? sock_common_getsockopt+0x9a/0xe0 [ 344.421320][T10416] __sys_getsockopt+0x168/0x250 [ 344.426153][T10416] ? kernel_setsockopt+0x1e0/0x1e0 [ 344.431246][T10416] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 344.436769][T10416] ? do_syscall_64+0x26/0x610 [ 344.441441][T10416] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.447513][T10416] ? do_syscall_64+0x26/0x610 [ 344.452177][T10416] __x64_sys_getsockopt+0xbe/0x150 [ 344.457270][T10416] do_syscall_64+0x103/0x610 [ 344.461850][T10416] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.467719][T10416] RIP: 0033:0x458209 [ 344.471601][T10416] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 344.491215][T10416] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 344.499601][T10416] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 344.507555][T10416] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 [ 344.515506][T10416] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 344.523455][T10416] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 344.531410][T10416] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 [ 344.541801][T10416] kasan: CONFIG_KASAN_INLINE enabled [ 344.547495][T10416] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 344.566430][T10416] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 344.573387][T10416] CPU: 1 PID: 10416 Comm: syz-executor.4 Not tainted 5.1.0-rc1+ #35 [ 344.581383][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.591453][T10416] RIP: 0010:sctp_assoc_rwnd_increase+0x34/0x520 [ 344.597706][T10416] Code: 41 54 49 89 fc 53 89 f3 48 83 ec 10 e8 75 a2 ee fa 49 8d bc 24 60 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 2f 04 00 00 45 8b ac 24 60 06 [ 344.617405][T10416] RSP: 0018:ffff88804ac0f6f8 EFLAGS: 00010203 [ 344.623448][T10416] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000e860000 [ 344.631403][T10416] RDX: 00000000000000cb RSI: ffffffff8681cd1b RDI: 000000000000065f [ 344.639358][T10416] RBP: ffff88804ac0f730 R08: ffff88804fea6300 R09: ffff88804fea6bc8 [ 344.647321][T10416] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffffffffffff [ 344.655269][T10416] R13: 0000000000000000 R14: ffff88804b5b9a00 R15: 0000000000000000 [ 344.663218][T10416] FS: 00007fc8b0fc0700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 344.672152][T10416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 344.678719][T10416] CR2: 0000000000625208 CR3: 000000007e995000 CR4: 00000000001406e0 [ 344.686678][T10416] Call Trace: [ 344.689978][T10416] sctp_ulpevent_free+0x21f/0x4e0 [ 344.694993][T10416] sctp_queue_purge_ulpevents+0xc4/0x110 [ 344.700623][T10416] sctp_close+0x148/0x860 [ 344.704942][T10416] ? rcu_read_lock_sched_held+0x110/0x130 [ 344.710640][T10416] ? mark_held_locks+0xa4/0xf0 [ 344.715382][T10416] ? sctp_init_sock+0x1360/0x1360 [ 344.720390][T10416] ? sctp_add_bind_addr+0x2d3/0x3a0 [ 344.725630][T10416] ? ip_mc_drop_socket+0x211/0x270 [ 344.730745][T10416] ? sctp_bind_addr_dup+0xf3/0x140 [ 344.735851][T10416] inet_release+0x105/0x1f0 [ 344.740360][T10416] inet6_release+0x53/0x80 [ 344.744755][T10416] __sock_release+0x1fe/0x2b0 [ 344.749408][T10416] sock_release+0x18/0x20 [ 344.753730][T10416] sctp_do_peeloff+0x38a/0x470 [ 344.758497][T10416] ? sctp_copy_sock+0xe50/0xe50 [ 344.763339][T10416] ? lock_downgrade+0x880/0x880 [ 344.768167][T10416] sctp_getsockopt_peeloff_common.isra.0+0x8e/0x270 [ 344.774742][T10416] ? sctp_do_peeloff+0x470/0x470 [ 344.779658][T10416] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.785877][T10416] ? _copy_from_user+0xdd/0x150 [ 344.790729][T10416] sctp_getsockopt+0x1ec1/0x673d [ 344.795659][T10416] ? __lock_acquire+0x548/0x3fb0 [ 344.800574][T10416] ? _parse_integer+0x190/0x190 [ 344.805404][T10416] ? sctp_getsockopt_peeloff_common.isra.0+0x270/0x270 [ 344.812231][T10416] ? __fget+0x35a/0x550 [ 344.816389][T10416] ? find_held_lock+0x35/0x130 [ 344.821132][T10416] ? __fget+0x35a/0x550 [ 344.825266][T10416] ? lock_downgrade+0x880/0x880 [ 344.830099][T10416] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 344.836317][T10416] ? kasan_check_read+0x11/0x20 [ 344.841142][T10416] ? __fget+0x381/0x550 [ 344.845283][T10416] ? ksys_dup3+0x3e0/0x3e0 [ 344.849693][T10416] ? kasan_check_write+0x14/0x20 [ 344.854612][T10416] sock_common_getsockopt+0x9a/0xe0 [ 344.859786][T10416] ? sock_common_getsockopt+0x9a/0xe0 [ 344.865133][T10416] __sys_getsockopt+0x168/0x250 [ 344.869959][T10416] ? kernel_setsockopt+0x1e0/0x1e0 [ 344.875049][T10416] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 344.880520][T10416] ? do_syscall_64+0x26/0x610 [ 344.885191][T10416] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.891246][T10416] ? do_syscall_64+0x26/0x610 [ 344.895904][T10416] __x64_sys_getsockopt+0xbe/0x150 [ 344.900994][T10416] do_syscall_64+0x103/0x610 [ 344.905581][T10416] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.911448][T10416] RIP: 0033:0x458209 [ 344.915327][T10416] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 344.934910][T10416] RSP: 002b:00007fc8b0fbfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 344.943300][T10416] RAX: ffffffffffffffda RBX: 00007fc8b0fbfc90 RCX: 0000000000458209 [ 344.951265][T10416] RDX: 0000000000000066 RSI: 0000000000000084 RDI: 0000000000000003 [ 344.959210][T10416] RBP: 000000000073bfa0 R08: 0000000020000140 R09: 0000000000000000 [ 344.967168][T10416] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fc8b0fc06d4 [ 344.975138][T10416] R13: 00000000004c9ad8 R14: 00000000004d0538 R15: 0000000000000004 [ 344.980632][ T3876] kobject: 'loop5' (00000000b334dfc1): kobject_uevent_env [ 344.983108][T10416] Modules linked in: [ 344.986570][T10416] ---[ end trace 0a0747e196ad4446 ]--- [ 344.999704][T10416] RIP: 0010:sctp_assoc_rwnd_increase+0x34/0x520 [ 345.002142][ T3876] kobject: 'loop5' (00000000b334dfc1): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 345.006031][T10416] Code: 41 54 49 89 fc 53 89 f3 48 83 ec 10 e8 75 a2 ee fa 49 8d bc 24 60 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 2f 04 00 00 45 8b ac 24 60 06 [ 345.035880][T10416] RSP: 0018:ffff88804ac0f6f8 EFLAGS: 00010203 [ 345.041988][T10416] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000e860000 [ 345.050403][T10416] RDX: 00000000000000cb RSI: ffffffff8681cd1b RDI: 000000000000065f [ 345.058387][T10416] RBP: ffff88804ac0f730 R08: ffff88804fea6300 R09: ffff88804fea6bc8 [ 345.066406][T10416] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffffffffffff [ 345.074427][T10416] R13: 0000000000000000 R14: ffff88804b5b9a00 R15: 0000000000000000 [ 345.082436][T10416] FS: 00007fc8b0fc0700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 345.091397][T10416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 345.097996][T10416] CR2: 0000001b2dc23000 CR3: 000000007e995000 CR4: 00000000001406e0 [ 345.105986][T10416] Kernel panic - not syncing: Fatal exception [ 345.112850][T10416] Kernel Offset: disabled [ 345.117182][T10416] Rebooting in 86400 seconds..