INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts. 2018/04/21 05:28:59 fuzzer started 2018/04/21 05:29:00 dialing manager at 10.128.0.26:39431 syzkaller login: [ 57.815525] can: request_module (can-proto-0) failed. [ 57.825123] can: request_module (can-proto-0) failed. [ 58.346240] random: crng init done 2018/04/21 05:29:29 kcov=true, comps=true 2018/04/21 05:29:36 executing program 0: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00001c1000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000180)={{0x80000000000ff, 0x3}}) 2018/04/21 05:29:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0xfd7c) sendto$inet(r0, &(0x7f0000e75000), 0x0, 0x800000120000001, &(0x7f0000e45ff0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}, 0x10) sendto$inet(r0, &(0x7f00008b1000)="d4", 0x1, 0x0, &(0x7f0000000000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) r1 = dup2(r0, r0) recvfrom$packet(r1, &(0x7f00000000c0)=""/129, 0x81, 0x40000102, 0x0, 0x0) 2018/04/21 05:29:36 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000000c0)={{0x2}, {0x0, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}, 0xa, {0x2, 0x0, @multicast1=0xe0000001}, 'syzkaller0\x00'}) 2018/04/21 05:29:36 executing program 4: syz_emit_ethernet(0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000000aaaaaaaa000086dd60ea03e105b58000fe80000000000000000000000000001400000000000000000000ffffffffffff000500000000000001020000c91000000000000000000000ffffac1414aac910ff02000000000000000000000000000100000000", @ANYRES32=0x41424344, @ANYBLOB="500000009078000052abef86a0db24a4335ea00b564d4bf8614499f99ee1150373f1a0cccd5da62a01dcf09fd3684e020fa25e727c7a9645540d85f84c934c205f31d4b105f8a9ba95b8f132e411a1443150081978057ba359dfffec28f4297e3895116a68b1fdb150d7b99c380743ed7aeadab8d41292d668875e4b2883e1ae70e8621f38794718ede8c782ae9675bf528af828c6de8e7b374fe8facc6ee020f8193dec7e740772d064fb6e3713766ec3cadef7aca29c2ba99e11e780b9f96e06172c742337de8cbfdb97d0d4b0ec899af0c1e7163f18dbfb56308a682ae80b96768d54c70b39eb29a211a119fcd2f4d9b00e321742053370d57e79b822833a4b661cee4b15d534bf394b56d21dd41a80059da21402c41fafc60a3e26b982b15d28a3e8458a253c5907aee14a32c9e2b422bf6136b55a2a20b060f9e6c2408b2f6415734b11438ef2c40ffabb5f133e490ca72d5aa7fe0648fb5f4eaef4014bac18321bab4c88c113d16158ad80d546e30040387723e928790e9a9b3ba35276d6d7165708642a318242b4446f3cfb659ea92687f815a7c457ecad21edac7bd2611bbd3d4b5a67bc5da385349ffe61d1a12cd0888237f9cc37205db96767bb6172a5bd2ec66dbba2ab4c1bedff9e59f84ae44bf1025dfef601884e5ba3a673f82f4f963707c123c6c96c96e3593073746c895fb286f2c7c8fc1a607be8634c932a3aa9fdfe7aa2271d5c8a73cc1d9cb14e285f30a76156aeb76f8cdd353cd81cbd239a8b9c0a12e27f508192bb416b18e166491e96decff074298e36ba3e01cc2c24792dd151a81c77b2aabbfa828799167a141b6e3bfbca6166f09e102ab2cf559bf8aa66e04e50b237820029d39834a94c248968f644e905adcaff3ac284483784cd0d961e4eeb046aad6e048aa56219354a93d29eaa7e3f083b01d7bc5c5b97725a2c7fa2d03d7c481f91338ff0ad236a343643c6fec09c5d8fae28c87c9a67b29738397fe949a3f0bd95c0aa54354b4c5d9240584424290a984371e14dcae1ad03836b4976ecdfc80bfdf21965c68327785c16953d5b16b266635139506b8daa76de268e64982cf788978f5fd2105e083256a09aa54cc62f430b2dc68ba2c87b9d836885ed168a4e40618e21c5730c7f0bb0cbb4e60e38afdaeabca34c018e6eba102ad0c9f89386caa7328d32db7d3b56916fd68419f1f62c63de7dbcd20032695f30446fbb04acbdc3bbe44532d4f33d0dad2afffe16bc76a8baac84f65c4d3469148e339df1b38e143203a4386bf7e504c2f0496f9b646493314415d4c72fa895a4152d9d434f03f660ebfaa5673e9fb4d37da91838dc96cd8634da9cc55585e082cb881191fdb63c2efe0f609aa7eb0f5c23a863573e8bf83913212b0d62a365f66a8ac766de4e077f6c46eb730734fc99120ecdd88ceaf8a96decc7e14065c3b77d529afe9be60661b30bf2985d32f9161f5a9cb88ab0f0ff4ac044b51c36f8c35b3c5198e11c43a987bed686136ca0e1667cee9ed8a9e307011af4c2a3b61372ef7ab07acf92341a3018b98bee204103f298c613f401b30b7f205d162639540b12fea2757c6af8817a2e0bfb5f6211c187f3262b918af2ff940003566e7fda17c00d7e4e984e31e925c4655ca66ccb48e37ea7c67fea495333d0d15ce424b6556b0cc12146205e16b8de2b4fdb4a16d0a0e08e0333ed132112ba504160e9069422ce5b50baddc0a11f6984e9eadfeed7c6b48ebf5cfcf0ffb24646e468b4812daa0fadcd05ad9082df753a6057f57604a1e9c9cfa2df26c4dcc8de5ece33b39e694f8a16f71e1e879a1b0f311676a88ab63eeef78e4a0ecede4e72a52f966c79ff69fe8d7620719b53800b9013ae76510880665b31258d24f751a0838a97d7ea57535bb7aad69bfc6dc79d1c3a00cda9af4a9162e032e46d6b9ba56302cd46cf688ac5bd9c8b9012dd8f7f65487cd9efb15ec5d1"], &(0x7f0000ae3000)) 2018/04/21 05:29:36 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x1}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @local={0xac, 0x223, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14, 0x2b}}, @udp={0x0, 0x4e20, 0x8}}}}}, &(0x7f00000000c0)) 2018/04/21 05:29:36 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000001640)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {0x14, 0x0, @multicast2=0xe0000002}, {0x2, 0x0, @broadcast=0xffffffff}, 0x100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)='veth0_to_bond\x00'}) 2018/04/21 05:29:36 executing program 2: syz_emit_ethernet(0x2a, &(0x7f00003f3fd5)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1=0xe0000001}, @udp={0x0, 0x0, 0x8}}}}}, 0x0) 2018/04/21 05:29:36 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x396, 0x200007ff, &(0x7f0000003e00)={0x2, 0x4e23}, 0x10) sendto$inet(r0, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e399aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0201c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x51, &(0x7f0000e66000)={0x2, 0x0, @rand_addr}, 0x10) read(r0, &(0x7f0000000080)=""/218, 0xda) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x5}]}, 0x8) recvfrom$inet(r0, &(0x7f0000000200)=""/160, 0xa0, 0x0, 0x0, 0x0) writev(r0, &(0x7f0000df9000)=[{&(0x7f0000354ff8)='\'', 0x1}], 0x1) [ 67.056849] IPVS: ftp: loaded support on port[0] = 21 [ 67.061450] IPVS: ftp: loaded support on port[0] = 21 [ 67.067660] IPVS: ftp: loaded support on port[0] = 21 [ 67.072818] IPVS: ftp: loaded support on port[0] = 21 [ 67.110949] IPVS: ftp: loaded support on port[0] = 21 [ 67.116641] IPVS: ftp: loaded support on port[0] = 21 [ 67.138877] IPVS: ftp: loaded support on port[0] = 21 [ 67.146913] IPVS: ftp: loaded support on port[0] = 21 [ 69.215209] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.221805] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.252646] device bridge_slave_0 entered promiscuous mode [ 69.276948] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.283403] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.303893] device bridge_slave_0 entered promiscuous mode [ 69.350125] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.356592] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.389086] device bridge_slave_0 entered promiscuous mode [ 69.402189] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.408636] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.431458] device bridge_slave_1 entered promiscuous mode [ 69.442804] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.449235] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.461651] device bridge_slave_0 entered promiscuous mode [ 69.473324] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.479746] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.487141] device bridge_slave_0 entered promiscuous mode [ 69.494414] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.500918] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.516312] device bridge_slave_0 entered promiscuous mode [ 69.526484] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.536925] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.543341] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.562643] device bridge_slave_1 entered promiscuous mode [ 69.571281] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.577685] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.586724] device bridge_slave_0 entered promiscuous mode [ 69.593986] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.600397] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.621935] device bridge_slave_0 entered promiscuous mode [ 69.632009] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 69.639874] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.646258] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.656321] device bridge_slave_1 entered promiscuous mode [ 69.667623] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.674069] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.685590] device bridge_slave_1 entered promiscuous mode [ 69.698117] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.704511] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.727776] device bridge_slave_1 entered promiscuous mode [ 69.740175] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.747332] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.753737] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.761179] device bridge_slave_1 entered promiscuous mode [ 69.769948] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.776377] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.792404] device bridge_slave_1 entered promiscuous mode [ 69.809916] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.816330] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.827120] device bridge_slave_1 entered promiscuous mode [ 69.839781] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.848510] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.856143] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.869815] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.902775] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.924462] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 69.959331] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 69.968450] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 69.978799] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 69.988265] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 70.004889] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 70.045135] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 70.086380] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.112953] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 70.280673] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.297343] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.387052] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.401903] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.413257] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.430550] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.464983] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.474489] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 70.492760] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.526750] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.536196] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.559615] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.598981] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.633659] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.644887] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 70.707683] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 70.714685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.765436] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 70.772441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.790965] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 70.799689] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 70.806654] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.820091] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.840759] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 70.848558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.865944] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 70.876890] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 70.885525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.906943] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.927334] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 70.934659] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 70.942339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.969418] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.988262] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 71.003784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.032770] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.053860] team0: Port device team_slave_0 added [ 71.079900] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 71.096688] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.209139] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.225446] team0: Port device team_slave_0 added [ 71.245693] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.263731] team0: Port device team_slave_0 added [ 71.269863] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.285977] team0: Port device team_slave_1 added [ 71.334109] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.352940] team0: Port device team_slave_0 added [ 71.381844] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.395701] team0: Port device team_slave_1 added [ 71.401210] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.411157] team0: Port device team_slave_1 added [ 71.419635] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.434299] team0: Port device team_slave_0 added [ 71.446000] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.465586] team0: Port device team_slave_0 added [ 71.478618] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.496696] team0: Port device team_slave_0 added [ 71.509951] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 71.518172] team0: Port device team_slave_0 added [ 71.543416] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.559392] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.566682] team0: Port device team_slave_1 added [ 71.574862] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.582692] team0: Port device team_slave_1 added [ 71.590801] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.600158] team0: Port device team_slave_1 added [ 71.611986] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.626282] team0: Port device team_slave_1 added [ 71.643280] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 71.663380] team0: Port device team_slave_1 added [ 71.682949] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.692592] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.713162] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.726798] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 71.735950] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 71.745899] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 71.754659] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 71.762145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.770179] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.795760] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.818418] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.831796] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.839848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.847483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.855226] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.863260] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 71.870691] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.879774] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.889756] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 71.898371] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 71.905489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.922629] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.930414] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.938754] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.949362] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 71.958256] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 71.966066] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 71.973579] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.982205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.009625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.025649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.034743] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 72.043875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.053694] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 72.061082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 72.069285] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.077648] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.084797] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.100485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.109064] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 72.115926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 72.124327] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.141474] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 72.151828] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 72.163919] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.173337] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 72.180413] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 72.187548] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.197285] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.217478] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.233173] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.246111] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.254626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.269214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 72.276875] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.284449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.292477] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.300933] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 72.311835] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.322073] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.339810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.352451] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.361300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.371742] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.382535] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 72.393255] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.400604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.414827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.452792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 72.471752] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.479809] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.487589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.498179] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 72.506068] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.515263] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.530847] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 72.538147] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.556791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.574574] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.586080] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.606617] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.650789] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.671628] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.680117] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.704349] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 72.736345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.769979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 73.708861] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.715412] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.722456] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.728863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.767561] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.774565] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.791194] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.797598] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.804210] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.810567] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.818673] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.829738] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.836192] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.842848] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.849200] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.864682] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.875056] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.881455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.888162] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.894557] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.909984] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 74.047476] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.053901] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.060583] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.066968] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.092972] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 74.099479] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.105875] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.112502] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.118855] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.127406] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 74.139532] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.145916] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.152572] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.158986] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.185292] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 74.199080] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.205485] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.212167] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.218547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.226697] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 74.783138] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.794940] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.827370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.834901] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.842646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.850325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.857740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 79.004448] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.025223] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.038515] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.184768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.210124] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.240359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.292476] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.340654] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.475646] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.496695] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.527732] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.646904] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.672621] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.740613] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.752619] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.815908] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 79.958005] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 79.964340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 79.971649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.008423] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 80.014967] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.026171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.044707] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 80.050879] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.061859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.177700] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 80.188136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.196864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.231519] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 80.243095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.262580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.284105] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 80.292693] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.325118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.364836] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 80.372157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.387063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.412765] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 80.433494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.452394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.482107] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.505098] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.612230] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.662730] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.790117] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.847438] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.881927] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.936885] 8021q: adding VLAN 0 to HW filter on device team0 2018/04/21 05:29:53 executing program 2: r0 = getpgid(0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) fcntl$getflags(r1, 0x40a) ptrace$setopts(0x10, r0, 0x0, 0x0) io_setup(0x4, &(0x7f0000000080)) capget(&(0x7f0000000000)={0x200f1526, r0}, &(0x7f0000000040)={0x7ff, 0x6568, 0x766698ab, 0x8, 0x5, 0x3}) 2018/04/21 05:29:53 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000fdcff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = memfd_create(&(0x7f0000000100)='/dev/ptmx\x00', 0x3) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000140)=@pic={0xca5c, 0x6f824b9f, 0xfffffffffffffffd, 0x8, 0x9, 0xfffffffffffffffa, 0x3, 0x5, 0x9, 0x8000, 0x3d2bfd89, 0xfffffffffffffffd, 0x2, 0x80, 0x1, 0x20}) tee(r0, r0, 0x8, 0x2) write$binfmt_script(r0, &(0x7f0000000280)={'#! ', './file0', [{0x20, '/dev/ptmx\x00'}, {0x20, '/dev/ptmx\x00'}, {0x20, '/dev/ptmx\x00'}, {0x20, '/dev/ptmx\x00'}, {0x20, 'keyring--{em1bdev'}], 0xa, "ad47d12c9e7e52f1528a89493dfff103a978617b90938508b1572ad0ee6473c72fb9eac73aaa46b61e1e94f0dbb2918a7ff8b7490b25eb3f75a374024b37c1f5a1d3d801c11f2cdd4eccdae5dde40dff040b5cc8c299893ad09a046abfef7fa6cda27b02621437eb7ccd7e020ea53a0962abb967"}, 0xbd) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f00000004c0)={0x0, {0x2, 0x4e22, @rand_addr=0x3}, {0x2, 0x4e23}, {0x2, 0x4e22, @multicast1=0xe0000001}, 0x4, 0x2, 0x0, 0x0, 0x100, &(0x7f0000000340)='gre0\x00', 0xd5, 0xad, 0x1ff}) r2 = syz_open_pts(r0, 0x20201) ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0) ppoll(&(0x7f0000000040)=[{r0, 0x402e}, {r0, 0x2220}, {r0}], 0x3, &(0x7f0000000380), &(0x7f00000000c0)={0x8788}, 0x8) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000440)="0cbe78d7234c288ebe932323c6713464d621eb04386a7bb193f625e9c35905000000b5670f109dfff855b6a4162dd454be1ad17caab509752df1131a3c5f2db15bee24f8b525a988c3b8fd6047047594cf826a404e5d9f0d1708", 0x5a}], 0x1) sendmsg$inet_sctp(r1, &(0x7f0000000640)={&(0x7f0000000080)=@in6={0xa, 0x4e21, 0x0, @empty, 0x7}, 0x1c, &(0x7f00000005c0)=[{&(0x7f0000000540)="c48f474398d9354d6bbb646a026e213edd5367e7dd37e81e4e0169596464e0f2fff48ae63e9c04d3503537cc428d0ca0a51b60969f5b53875ea63a4788fd32e7d60a4326992f132f64ca1848550a5600868099a28eb7c2", 0x57}, {&(0x7f0000000400)}], 0x2, &(0x7f0000000600), 0x0, 0x20040080}, 0x1) set_tid_address(&(0x7f0000000000)) setsockopt$RDS_RECVERR(r1, 0x114, 0x5, &(0x7f0000000240)=0x1, 0x4) 2018/04/21 05:29:53 executing program 2: openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x410100) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2, 0x0, 0xffefffffffffffff}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000d97000)={0x0, 0x9}) 2018/04/21 05:29:53 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000940)=@nat={'nat\x00', 0x19, 0x3, 0x6c0, [0x20000280, 0x0, 0x0, 0x200005f8, 0x20000910], 0x0, &(0x7f0000000240), &(0x7f0000000280)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x0, 0x30, 0x0, 'syzkaller0\x00', 'team_slave_0\x00', 'veth0_to_bond\x00', 'team0\x00', @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], @empty, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x318, 0x318, 0x348, [@bpf0={'bpf\x00', 0x210, {{0x28, [{0x40, 0x1000, 0x9, 0x1}, {0x3, 0x1, 0xc2, 0xc1}, {0x3, 0x4, 0xe0, 0x4032a752}, {0x9327, 0x7, 0x10000, 0x9}, {0x9c9, 0xc6a, 0x8, 0x8}, {0xccc7, 0x2, 0x0, 0x4}, {0xfffffffffffffffe, 0x9, 0x6, 0x3}, {0x3, 0x4, 0x80, 0x5}, {0xffff, 0x3, 0x0, 0x7fffffff}, {0x62, 0x5, 0x9, 0x8}, {0x5, 0x5, 0x6, 0x7}, {0x1, 0x3, 0x3, 0x10001}, {0x100, 0x100000000, 0x7, 0x80}, {0x10001, 0x5ac, 0x100000000, 0x7f}, {0x4, 0x200, 0x1, 0xba5}, {0xff, 0x973, 0x0, 0x9}, {0xffffffff7fffffff, 0x0, 0xffffffffffffff1d, 0x80000001}, {0x172, 0x7, 0x4, 0x1}, {0x5, 0x200, 0x7f, 0x9}, {0x0, 0x2, 0x9, 0x4}, {0x80000001, 0x7, 0x3, 0xe4}, {0x0, 0x943, 0xc0, 0x3}, {0x8, 0x1, 0x218, 0x6}, {0x9, 0x6, 0x5, 0x6}, {0x9, 0x401, 0x1, 0x4}, {0x5, 0xffffffffffffff01, 0x1ff, 0x4}, {0x4, 0x40, 0xc7, 0x10001}, {0x5, 0x5, 0x101, 0x7fffffff}, {0x9, 0x3ff, 0x9, 0x401}, {0xa2cf, 0x81, 0xfffffffffffffffb, 0x1}, {0x2, 0x7f, 0x3, 0xf0ea}, {0x7, 0x2, 0x200000000}, {0x10001, 0x4, 0x5, 0x4}, {0x100000001, 0xffffffffffffd246, 0x9, 0x400}, {0x6, 0x4, 0x100, 0x1}, {0x4, 0x1, 0xb2c4}, {0x101, 0x8, 0xca, 0x81}, {0x5458, 0x2, 0x6, 0x8}, {0x80000001, 0x2, 0x5, 0x4}, {0x1000, 0x20, 0xffffffffffffffff, 0x5}, {0xffffffffffffffff, 0x5, 0x3, 0x5}, {0xb5, 0x0, 0xffff, 0x9}, {0x4, 0xa60, 0x78, 0x3}, {0x4ecf, 0x7fff, 0x1000, 0x2}, {0x1, 0x100, 0x7f, 0x80000001}, {0x7fff, 0xffff, 0x0, 0x7f68}, {0x1, 0xfffffffffffffffa, 0x0, 0x4}, {0x0, 0x9, 0x4}, {0x1b4, 0x4, 0xffffffffffffff7f, 0xdb2}, {0xba2, 0xc0dd, 0x0, 0x9}, {0x3, 0x7fff, 0x3, 0x4}, {0x3, 0xde3, 0x800, 0x8}, {0x4, 0x7, 0x68, 0x4}, {0x6, 0x3, 0xa2d6, 0x101}, {0xffffffffffffd040, 0x1, 0x6, 0x8}, {0x2, 0x8, 0x0, 0x8000}, {0x2, 0x9d5, 0x0, 0x3e73}, {0x9, 0x4, 0x5, 0x3}, {0x80000000, 0x3, 0x7000000000, 0x3ff}, {0xffffffff, 0x3, 0x8000, 0x1000}, {0xffff, 0x9, 0x7, 0x100000001}, {0x25a, 0x1ff, 0x401, 0x7}, {0x3, 0x80000000, 0x6, 0x2}, {0x1, 0x7, 0x8, 0x1}], 0xffffffffffffff28}}}, @rateest={'rateest\x00', 0x48, {{'team_slave_1\x00', 'syz_tun\x00', 0x4, 0x1, 0x6b4, 0x4, 0x8f8, 0x0, 0x2, 0xffffffff}}}]}}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffd}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x2, [{{{0x9, 0x58, 0x888e, 'veth0_to_team\x00', 'irlan0\x00', 'bcsf0\x00', 'veth1\x00', @random="069d604409b3", [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff, 0x0, 0x0, 0xff, 0xff], 0xd8, 0x148, 0x180, [@cluster={'cluster\x00', 0x10, {{0xd757, 0x10001, 0x7ff, 0x1}}}, @cgroup0={'cgroup\x00', 0x8, {{0x600000, 0x1}}}]}, [@arpreply={'arpreply\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0xfffffffffffffffe}}}, @arpreply={'arpreply\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 0xffffffffffffffff}}}]}, @snat={'snat\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 0xfffffffffffffffe}}}}, {{{0xb, 0x10, 0x88fb, 'syz_tun\x00', 'bond_slave_0\x00', 'ip_vti0\x00', 'veth0\x00', @empty, [0xff, 0x0, 0x0, 0x0, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], 0xc0, 0x130, 0x168, [@helper={'helper\x00', 0x28, {{0x0, 'irc-20000\x00'}}}]}, [@arpreply={'arpreply\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 0xffffffffffffffff}}}, @snat={'snat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xfffffffffffffffd}}}]}, @arpreply={'arpreply\x00', 0x10, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x12}, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe}]}, 0x738) r1 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x52000) fchdir(r1) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) modify_ldt$read(0x0, &(0x7f0000000140)=""/186, 0xba) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000001f88)={0x1, 0x70, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)) mmap(&(0x7f0000bf0000/0x2000)=nil, 0x2000, 0x0, 0x11, r3, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3) ustat(0x5, &(0x7f00000009c0)) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000a00)={{0x4, @remote={0xac, 0x14, 0x14, 0xbb}, 0x7, 0x2, 'lblc\x00', 0xd, 0xffffffffffff719b, 0x28}, {@dev={0xac, 0x14, 0x14, 0x11}, 0x4e20, 0x2006, 0x800, 0x80, 0x8}}, 0x44) mmap(&(0x7f0000941000/0x2000)=nil, 0x2000, 0x0, 0x4011, r2, 0x0) mremap(&(0x7f000079c000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f00007fb000/0x800000)=nil) 2018/04/21 05:29:53 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000001640)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {0x14, 0x0, @multicast2=0xe0000002}, {0x2, 0x0, @broadcast=0xffffffff}, 0x100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)='veth0_to_bond\x00'}) 2018/04/21 05:29:53 executing program 4: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setns(r0, 0x40000000) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f0000033ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) shutdown(r0, 0x100000000020000) sendto$inet(r0, &(0x7f0000000200)="6968e0a2949c285b3ec7f5708d122c612b6ea9ad7efd47784fac41f362d9e292a65057d1e6a711c6b0ffea52e07cd638aa1a06e96162b4421b5918c314ccfa39ca1f5d944a55897afdddb91a5ac36178d51e8f7126a89d873ced68b61acd837b85d2746ffe34096280daf5080cd255c177d1d8a86edf5e30c5a9bc2ec44c923374e5fd9f6a9db2144548fe7d08f9e00b5e91f8a5eadfdd5b45", 0x99, 0x44000, &(0x7f00000002c0)={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x73, 0x40) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000040)={0x80, 0x1f, 0x6, 0x81, 0x3}, 0x14) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/200, &(0x7f0000000180)=0xc8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000001c0)={0x0, 0xb825}, 0x14) 2018/04/21 05:29:53 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) socket$unix(0x1, 0x2, 0x0) getpeername$unix(r0, &(0x7f0000000040), &(0x7f00000000c0)=0x6e) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100), 0x4) 2018/04/21 05:29:53 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f00000002c0)={@reserved=0x1}) sendfile(r0, r0, &(0x7f0000000040)=0x2000, 0xb) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f00000003c0)={@empty, 0x0}, &(0x7f0000000400)=0x14) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000440)={@mcast2={0xff, 0x2, [], 0x1}, r1}, 0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000140)={{{@in=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@local}}, &(0x7f0000000240)=0xe8) ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000280)=r2) ioctl$EVIOCGID(r0, 0x80084502, &(0x7f0000000080)=""/133) fcntl$addseals(r0, 0x409, 0x7) 2018/04/21 05:29:54 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c8afd0)="d3ab2719", 0x4) sendmsg(r1, &(0x7f0000457000)={&(0x7f0000bb5000)=@pppoe={0x18, 0x0, {0x0, @dev={[0xaa, 0xaa, 0xaa, 0xaa]}}}, 0x80, &(0x7f0000000080)=[{&(0x7f00000dcf25)="8913cf5e026f17a4f53a3492b6e3e63ee1830a280f921d08ab6480144730b936395f3b5c70f96788944985382ea98b1480e089e838771917f29f6f899e9c37d2", 0xffffffffffffffcd}], 0x1, &(0x7f000009de38)}, 0x40000) sendmsg$alg(r1, &(0x7f0000cadfc8)={0x0, 0x0, &(0x7f00001cdfc0), 0x0, &(0x7f000013b000)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r1, &(0x7f0000d20000)={&(0x7f00002fffa0)=@nfc_llcp, 0x60, &(0x7f0000b9c000)=[{&(0x7f000080f000)=""/4096, 0x1000}], 0x1, &(0x7f0000da2000)}, 0x0) 2018/04/21 05:29:54 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000000400)={0x0, 0x0}, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) dup3(r4, r3, 0x0) r5 = dup3(r3, r2, 0x0) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) fstat(r3, &(0x7f0000000000)) ioctl$KVM_SMI(r4, 0xaeb7) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2018/04/21 05:29:54 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000940)=@nat={'nat\x00', 0x19, 0x3, 0x6c0, [0x20000280, 0x0, 0x0, 0x200005f8, 0x20000910], 0x0, &(0x7f0000000240), &(0x7f0000000280)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x0, 0x30, 0x0, 'syzkaller0\x00', 'team_slave_0\x00', 'veth0_to_bond\x00', 'team0\x00', @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], @empty, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x318, 0x318, 0x348, [@bpf0={'bpf\x00', 0x210, {{0x28, [{0x40, 0x1000, 0x9, 0x1}, {0x3, 0x1, 0xc2, 0xc1}, {0x3, 0x4, 0xe0, 0x4032a752}, {0x9327, 0x7, 0x10000, 0x9}, {0x9c9, 0xc6a, 0x8, 0x8}, {0xccc7, 0x2, 0x0, 0x4}, {0xfffffffffffffffe, 0x9, 0x6, 0x3}, {0x3, 0x4, 0x80, 0x5}, {0xffff, 0x3, 0x0, 0x7fffffff}, {0x62, 0x5, 0x9, 0x8}, {0x5, 0x5, 0x6, 0x7}, {0x1, 0x3, 0x3, 0x10001}, {0x100, 0x100000000, 0x7, 0x80}, {0x10001, 0x5ac, 0x100000000, 0x7f}, {0x4, 0x200, 0x1, 0xba5}, {0xff, 0x973, 0x0, 0x9}, {0xffffffff7fffffff, 0x0, 0xffffffffffffff1d, 0x80000001}, {0x172, 0x7, 0x4, 0x1}, {0x5, 0x200, 0x7f, 0x9}, {0x0, 0x2, 0x9, 0x4}, {0x80000001, 0x7, 0x3, 0xe4}, {0x0, 0x943, 0xc0, 0x3}, {0x8, 0x1, 0x218, 0x6}, {0x9, 0x6, 0x5, 0x6}, {0x9, 0x401, 0x1, 0x4}, {0x5, 0xffffffffffffff01, 0x1ff, 0x4}, {0x4, 0x40, 0xc7, 0x10001}, {0x5, 0x5, 0x101, 0x7fffffff}, {0x9, 0x3ff, 0x9, 0x401}, {0xa2cf, 0x81, 0xfffffffffffffffb, 0x1}, {0x2, 0x7f, 0x3, 0xf0ea}, {0x7, 0x2, 0x200000000}, {0x10001, 0x4, 0x5, 0x4}, {0x100000001, 0xffffffffffffd246, 0x9, 0x400}, {0x6, 0x4, 0x100, 0x1}, {0x4, 0x1, 0xb2c4}, {0x101, 0x8, 0xca, 0x81}, {0x5458, 0x2, 0x6, 0x8}, {0x80000001, 0x2, 0x5, 0x4}, {0x1000, 0x20, 0xffffffffffffffff, 0x5}, {0xffffffffffffffff, 0x5, 0x3, 0x5}, {0xb5, 0x0, 0xffff, 0x9}, {0x4, 0xa60, 0x78, 0x3}, {0x4ecf, 0x7fff, 0x1000, 0x2}, {0x1, 0x100, 0x7f, 0x80000001}, {0x7fff, 0xffff, 0x0, 0x7f68}, {0x1, 0xfffffffffffffffa, 0x0, 0x4}, {0x0, 0x9, 0x4}, {0x1b4, 0x4, 0xffffffffffffff7f, 0xdb2}, {0xba2, 0xc0dd, 0x0, 0x9}, {0x3, 0x7fff, 0x3, 0x4}, {0x3, 0xde3, 0x800, 0x8}, {0x4, 0x7, 0x68, 0x4}, {0x6, 0x3, 0xa2d6, 0x101}, {0xffffffffffffd040, 0x1, 0x6, 0x8}, {0x2, 0x8, 0x0, 0x8000}, {0x2, 0x9d5, 0x0, 0x3e73}, {0x9, 0x4, 0x5, 0x3}, {0x80000000, 0x3, 0x7000000000, 0x3ff}, {0xffffffff, 0x3, 0x8000, 0x1000}, {0xffff, 0x9, 0x7, 0x100000001}, {0x25a, 0x1ff, 0x401, 0x7}, {0x3, 0x80000000, 0x6, 0x2}, {0x1, 0x7, 0x8, 0x1}], 0xffffffffffffff28}}}, @rateest={'rateest\x00', 0x48, {{'team_slave_1\x00', 'syz_tun\x00', 0x4, 0x1, 0x6b4, 0x4, 0x8f8, 0x0, 0x2, 0xffffffff}}}]}}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffd}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x2, [{{{0x9, 0x58, 0x888e, 'veth0_to_team\x00', 'irlan0\x00', 'bcsf0\x00', 'veth1\x00', @random="069d604409b3", [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff, 0x0, 0x0, 0xff, 0xff], 0xd8, 0x148, 0x180, [@cluster={'cluster\x00', 0x10, {{0xd757, 0x10001, 0x7ff, 0x1}}}, @cgroup0={'cgroup\x00', 0x8, {{0x600000, 0x1}}}]}, [@arpreply={'arpreply\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0xfffffffffffffffe}}}, @arpreply={'arpreply\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 0xffffffffffffffff}}}]}, @snat={'snat\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 0xfffffffffffffffe}}}}, {{{0xb, 0x10, 0x88fb, 'syz_tun\x00', 'bond_slave_0\x00', 'ip_vti0\x00', 'veth0\x00', @empty, [0xff, 0x0, 0x0, 0x0, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], 0xc0, 0x130, 0x168, [@helper={'helper\x00', 0x28, {{0x0, 'irc-20000\x00'}}}]}, [@arpreply={'arpreply\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 0xffffffffffffffff}}}, @snat={'snat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xfffffffffffffffd}}}]}, @arpreply={'arpreply\x00', 0x10, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x12}, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe}]}, 0x738) r1 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x52000) fchdir(r1) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) modify_ldt$read(0x0, &(0x7f0000000140)=""/186, 0xba) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000001f88)={0x1, 0x70, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)) mmap(&(0x7f0000bf0000/0x2000)=nil, 0x2000, 0x0, 0x11, r3, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3) ustat(0x5, &(0x7f00000009c0)) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000a00)={{0x4, @remote={0xac, 0x14, 0x14, 0xbb}, 0x7, 0x2, 'lblc\x00', 0xd, 0xffffffffffff719b, 0x28}, {@dev={0xac, 0x14, 0x14, 0x11}, 0x4e20, 0x2006, 0x800, 0x80, 0x8}}, 0x44) mmap(&(0x7f0000941000/0x2000)=nil, 0x2000, 0x0, 0x4011, r2, 0x0) mremap(&(0x7f000079c000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f00007fb000/0x800000)=nil) 2018/04/21 05:29:54 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000000)=0xff, 0x1) sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000f8aff0)={&(0x7f0000333f88)={0x2, 0x4, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}, @sadb_sa={0x2, 0x1}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @rand_addr}}]}, 0x50}, 0x1}, 0x0) 2018/04/21 05:29:54 executing program 3: r0 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x100, 0x8000) ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000140)=""/164) syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb0800450000300000000000329078ac1414bbac1414000b009078007276a2926ffb4d4e660000004500000000000000000000"], &(0x7f0000000200)={0x0, 0xfffffffffffffffc, [0x0, 0xde]}) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x4400, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(r1, 0x4010ae94, &(0x7f00000000c0)={0x4, 0x20, 0x96}) ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f0000000080)={&(0x7f0000ffd000/0x2000)=nil, 0x101, 0x1, 0x44, &(0x7f0000ffd000/0x1000)=nil, 0x40}) 2018/04/21 05:29:54 executing program 1: r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r1, 0x4, 0x4000000000046800) io_setup(0x8, &(0x7f0000000080)=0x0) io_submit(r2, 0x1, &(0x7f0000000100)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000a00)="30bfff3c45f732fbd4a8b85478382238dc455864074c85e9a64e89d56db57f2ca5aec9bd93d5ba4f2e4545715d4740cb34dc4742c8a37d368395f31e3990320771e86ec357e24d4239063c60dba6ffd0488c074de1a8806590d36ed3c1b0514f958d79117ec174be838a214b3d493fc6b51511ff13961dc0a72dde3d92404b319a98c2c72b9bad03f6ff985dfa79cd49bd512b1b656876dc8c2cfeb8791dae605d2d37515534fd712e9595f5a7d51020bc5e08b55e2e9242b23bd846fe3412b406075e86914ee00a97da6bc732be9fc89ba4a75b0ae7e1cc21f2e2cb83d2bc4a09d445ed8fa05f4849afcc3fe84f1e6598e3f36a938386c114263747c5db325533a2288fb1c5a5ae46c30616a347466fd0da1732c871acd62464f3b09128143e244a8a0769882a321c64a72229c9d0b80a5ab185981ba598643438cc7071e48e73775c5f37b1d85b302e1489691a3b641c174b9727585054f7c6f31e3b188d96e58e4ad31019e7d269ac6d577bad905b691558525d8f69ae8266fa2a0b77aac91c837e167b669e13c513e0591fe854340f61dacb1f362a9edc611a6aed623f88e4aa102ea816548ed0f512835a3a66a64211df80fa57cc8aed54a2259e2b430eb6c8653af000eb1c5d23bb3b4f68afe5bc6f05000363c1afc262a99c794fbca1b79d87ce770266592cdf645c375d94bb9e6a0c2ab33f8394a09c7949c8243e5f", 0x200}]) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000000c0)={0x2bbb}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000140)={0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000300)={0x7c, 0x0, &(0x7f0000000200)=[@increfs={0x40046304, 0x4}, @free_buffer={0x40086303, r3}, @clear_death={0x400c630f, 0x4, 0x2}, @release={0x40046306, 0x1}, @enter_looper={0x630c}, @transaction_sg={0x40486311, {{0x0, 0x0, 0x1, 0x0, 0x10, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000180), &(0x7f00000001c0)=[0x18, 0x38]}, 0x3f}}], 0x59, 0x0, &(0x7f0000000280)="05d3c2f71eca2e03b99a607cd4d24d0aff307a7bef962aff3ef40763ec3d15d2de2c0f430d810286ee8718133ca3060461b5eed89c473bd447b1966e7f0e906d5a3ffdb022ae5fe92c1a72ad9009aeb0c7d96cf3af141ce1b1"}) 2018/04/21 05:29:54 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000001640)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {0x14, 0x0, @multicast2=0xe0000002}, {0x2, 0x0, @broadcast=0xffffffff}, 0x100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)='veth0_to_bond\x00'}) 2018/04/21 05:29:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="40765ad16b178cd8d545922a7f"]) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)) 2018/04/21 05:29:54 executing program 3: socket$packet(0x11, 0x0, 0x300) socket$packet(0x11, 0x3, 0x300) r0 = syz_open_procfs(0x0, &(0x7f0000000140)="6e65742f7061636b657400a4baf29787869bf007ac5842210afe30f15eaf47989c39d743afb76fa602e5e84c9cd7c218714dd598f7f9e0c254fc2746e202c50446f289bcee42ca54c8fe4118784d9716a826116b62238475b3a6") pread64(r0, &(0x7f0000000000)=""/163, 0xa3, 0x3a) 2018/04/21 05:29:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x200300) setsockopt$sock_void(r0, 0x1, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000040)={'syzkaller1\x00', 0x6}) timer_create(0x2, &(0x7f0000000080)={0x0, 0x27, 0x6}, &(0x7f00000000c0)=0x0) timer_gettime(r1, &(0x7f0000000bc0)) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000140)={0x0, @remote, @rand_addr}, &(0x7f0000000440)=0xc) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bond0\x00', r2}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0xffffffffffffffff}, &(0x7f0000000240)=0x8) clock_adjtime(0x7, &(0x7f0000000340)={0x1, 0x20, 0x6, 0x3f71, 0x8181, 0x0, 0x6, 0x2, 0x80, 0x5f, 0x7, 0x7, 0x7, 0x0, 0x5f71, 0x0, 0x5, 0x7, 0x0, 0xff, 0xc78, 0x40, 0x0, 0x7ff, 0x0, 0x401}) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(0xffffffffffffffff, 0x80045301, &(0x7f0000000140)) r3 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r3, 0x0) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0x8010aa01, &(0x7f0000000180)={&(0x7f0000ffa000/0x5000)=nil, 0x5000}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x28]}}], 0x0, 0x0, &(0x7f0000009000)}) ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000100)={0x5, 0x5, 0x7, 0xffffffffffffffff}) ioctl$int_out(0xffffffffffffffff, 0x5462, &(0x7f0000000480)) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 0x20}, 0x8, 0x5}) sysinfo(&(0x7f00000005c0)=""/23) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000600), &(0x7f0000000640)=0x4) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000680)={0x0, 0xfff}, 0x8) setsockopt$inet_udp_int(r0, 0x11, 0x0, &(0x7f00000006c0)=0x9f9, 0x4) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000700)={@mcast2={0xff, 0x2, [], 0x1}, @mcast2={0xff, 0x2, [], 0x1}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x5, 0x0, 0x400, 0x80000001, 0x1}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000900)='/dev/ppp\x00', 0x804, 0x0) r4 = shmat(0xffffffffffffffff, &(0x7f0000000000/0x3000)=nil, 0x5000) shmdt(r4) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000ec0)=@filter={'filter\x00', 0xe, 0x4, 0x0, [0x0, 0x20000800, 0x20000be0, 0x20000d70], 0x0, &(0x7f00000007c0), &(0x7f0000001340)=ANY=[]}, 0x78) gettid() [ 84.896532] binder: 6700:6701 got transaction with invalid offset (40, min 24 max 40) or object. [ 84.911193] binder: 6700:6701 transaction failed 29201/-22, size 40-16 line 3026 2018/04/21 05:29:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x200300) setsockopt$sock_void(r0, 0x1, 0x0, 0x0, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000040)={'syzkaller1\x00', 0x6}) timer_create(0x2, &(0x7f0000000080)={0x0, 0x27, 0x6}, &(0x7f00000000c0)=0x0) timer_gettime(r1, &(0x7f0000000bc0)) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000140)={0x0, @remote, @rand_addr}, &(0x7f0000000440)=0xc) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bond0\x00', r2}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0xffffffffffffffff}, &(0x7f0000000240)=0x8) clock_adjtime(0x7, &(0x7f0000000340)={0x1, 0x20, 0x6, 0x3f71, 0x8181, 0x0, 0x6, 0x2, 0x80, 0x5f, 0x7, 0x7, 0x7, 0x0, 0x5f71, 0x0, 0x5, 0x7, 0x0, 0xff, 0xc78, 0x40, 0x0, 0x7ff, 0x0, 0x401}) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(0xffffffffffffffff, 0x80045301, &(0x7f0000000140)) r3 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r3, 0x0) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0x8010aa01, &(0x7f0000000180)={&(0x7f0000ffa000/0x5000)=nil, 0x5000}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)) ioctl$BINDER_SET_CONTEXT_MGR(r3, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x28]}}], 0x0, 0x0, &(0x7f0000009000)}) ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000100)={0x5, 0x5, 0x7, 0xffffffffffffffff}) ioctl$int_out(0xffffffffffffffff, 0x5462, &(0x7f0000000480)) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 0x20}, 0x8, 0x5}) sysinfo(&(0x7f00000005c0)=""/23) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000600), &(0x7f0000000640)=0x4) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000680)={0x0, 0xfff}, 0x8) setsockopt$inet_udp_int(r0, 0x11, 0x0, &(0x7f00000006c0)=0x9f9, 0x4) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000700)={@mcast2={0xff, 0x2, [], 0x1}, @mcast2={0xff, 0x2, [], 0x1}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x5, 0x0, 0x400, 0x80000001, 0x1}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000900)='/dev/ppp\x00', 0x804, 0x0) r4 = shmat(0xffffffffffffffff, &(0x7f0000000000/0x3000)=nil, 0x5000) shmdt(r4) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000ec0)=@filter={'filter\x00', 0xe, 0x4, 0x0, [0x0, 0x20000800, 0x20000be0, 0x20000d70], 0x0, &(0x7f00000007c0), &(0x7f0000001340)=ANY=[]}, 0x78) gettid() 2018/04/21 05:29:54 executing program 6: perf_event_open(&(0x7f0000000100)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000001640)={0x0, {0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {0x14, 0x0, @multicast2=0xe0000002}, {0x2, 0x0, @broadcast=0xffffffff}, 0x100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)='veth0_to_bond\x00'}) 2018/04/21 05:29:54 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/arp\x00') openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x80000, 0x0) sync_file_range(r0, 0x0, 0x1, 0x1) 2018/04/21 05:29:54 executing program 5: r0 = socket(0x11, 0x0, 0x0) r1 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x2) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"69666230002aefff02000000ff4000", 0x4001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="00008864000006000000ba7a02bb72182652a772886dca00ed2c5072c0cc3c9082be549a42fcd2a5f202d2661f04c0dacf7b1733ffab35f2331b96a0bb3a9315ec8f3d28aa333719980a0ce97d9650a92e5c7550f7fab4390533b3f5be2589e55ebce4c37f0a4528286a6d9efaa9f5a3bc1ca89aa61cfb910b675d531ba6ef2561b30084a927fa9aa1e4dc2e3a3c05c28a065dbf042d597cb6f9b3fa976401862dc8ee5461bb3f6c01192b9cb0da79717ec3c87c12033e545aa6d3d974ea1ba5a5f279edbe0e59db95af4f16f81fd58e872819fd53d2e492ba18cd0046778b6001e29184417972bc290918d26fae70ced95da20fc735faa4f479a5487be7a214f0488f3c9ff12d5e12844d367b0ce257b19b37ff948ee0a65afeb1f429fd7fa1bd4a12a0bae813be3ea8d5e0f86410c3a93de42b0da33e4a5a392a54651e3053d4252076bdb2cc038512f6d953163f5ed71619b8331d36c67d21889cc5d5fc6d830e0bd1e84f897a94acfe4cd09f7a230b834b9a5c559c9c585dc42eb1b71b76646ffeca6d9561c943e3873c890663c08de38ef6c625a374449e2f09e4c73fdd349a20d214a00031fe103f0dda262ec5729b33f3ef3ca92635c144e452098cd65c996ba2e753b7d4840c6794c124f9e94c5cc805dbc69986d8a4db3fc078a1295a5af0cd2b054a35f574e9918df6cb2eeced43679ba65271d9c8751e0023c6ee157b7ea9ce1fcb0efe0152ae529fc3bf536a54bd10da2d31f2d6546fa113f71f313857a379445cc62718372f9f81a757bd3fad9ce3f5f66c36e0fefda1b24b349a59952d3a271ff8268a5eb46f5d621945b4f4ecec8e148d55ca971f5d39a2cac71c334ffd2475fe42389c8b5838ed22bf2b80943eb25077a6e51fbe190c30fde1601e8e972efb8f9f2bc4e4327192eaf27ba3fd75a38794e5da8442761d1b4f50ca0c3929fe3f3c7f5087ac9f34706d39a9ea18cdc8d90565b105fd32640b8c81575fb2fd3564d290a35f3f8d48ac49f2053411bee3e4c23ce260833ab14a5a9d4de0712cd5603b6ab5d2167cc63a2c2fb819f4fb8481002ea96e81f58e7df9f6db42a423db13548b056426f8799445b1ddf791ad0d7325b5d1dac7996e4468b1cc5813cb69b6c3e042ec4d8e76a17e474a35aa765dd716def5197ea62ae2a9394fc4ef1555b11f754eb26eac128125913c685c6335cc1371cbd2d99b11715261d5f094de19ec2711a300122c40915465ff1bc7deddcacffcf32dc589d7d9ab6dd2cc3b7d51718f1f7cc517232acfda3ac68c2b32d57955c8ca7f2a0363c4670f12f161b041a60ca7dcb3d859b67bf26669833f5660c4bc5e07ed4d829ca1f47c457bd32129789289adf5ce5cbd5135211cec756856436eb263fed69dad871710cdf1bb089ad2bd3055d110f7a8be11b9f0cfa2a71fad28a6c31ee98a9d72d73d2b43a797d049a5d99abeb7debca36fc64f8a2d94fcb57f116eb649a72454ef942acf32e1cc014815d0e9b72f8550f1de1d7fdfe464e1f8321c669ceb925891c479d133d965f08f67bb82adc5309ffcd8371761afc093cd8bc886a6747258cf967cb75f9668c78be8eb6cb391720097a010e6377b2e43ca15c37a25785fd0c5bdb692016f0c4adffd6613a225235fc28cbca2950c3aa3f2e83422cc47302f97eb1b6eaf3173bda8701d7967ca6f5e6933cff4c65351cd9fdf267fee88657c091b04ffddefc4cffcd73efc1111fc80430f99b98063cb5f07f5fa93458570bf6120fcdab986b8cde953d12218e2ceaa68782f5b89ea032972e8f53904818a93b18c5cee45452eb492032a069407a5edc2a249656da6d60cc8f561475eeb4e2add19b16857f66e021a31176ce9adb3b1d546f3dccd67459f92ec740f7700dc19af52e82e3ec2c8271dda92a0a14e36edf5dfa5ebfe083aa05a443ad2fe73005ccfb4f12c12e530c1c276fa497c35f26b4fabd921da3aa9bc52914d11652d26b7b27598a19344ef54f89cef8a1393bdc7829215ca5d6b25cf2b21e9b4a219c7a1a60cc16618f3e35181e701b2c8f62ad969e6af0a8405e39333f6228b25794c94efa69c2c57fb1f653f6bb2001b00fab8dedf0c99ddf6dcece1a0d7512852a350e6422a61985e2d9b5bfa22c01d1d5e1c2d33ec38580bf747ed6519e94542b2a8e42f045a8e5f6458f23c68203c6746f1a2c37ebd9e86ec3b5b6fb6025f4a8398532b2688bbcd6a936bd0e2aec9fa8d43a6239484d0ae39ddb47e2fed0a9734cac1a338afe5673903cfe7bd850720bfed8833c5b6d55e6ff1cde1f87c2a3fc00d2b21234c82ce52df79f502f1b0ba1770231f3f1fc10e9bb0d2302d43f1a089e2ff797a0b02a73cf1d2227a0440eb7d1796cff57885f825e78615028c76a6eb4f8cfb6349a3c25bb537e7a39779d2b8c37ade242216d986b0dc4a6da7273a4ff970e69d0fa0eccc6e7b1e63d61c9879e335008cd3a7863ee97a02e5d7797ad1bf7594710e08ea41bbe947b379774bb166dca3e5c06dd3021f83901dee084e4df50748a19c69ccc99fb70adf80b4b5a11cdcb423cbade02d033818bb57a8a2e3500da7c25bad6256e812996bc8145ccbc6a7ede5a7ec872c7188656428333abaee64a2fe4d0a897c233086a048d0d8419d43f0ffc29ae891abebc520c20691b3707ae5210afc041202f4f8e78d83d02c82af758690f259db1bd4db3c61dcffe5f489d58797163010b6e2e99d17f1a4515f29f35648724846cede4732f2051cbac00eaafd333a4e1f43c218b5a4daac93e12f31e66252de62b6f971b9a20a7a2f88786c0b3608479a4927d693e9dd19a59ea54a07784a49a91f00c82fc904424f4358cda1201796da3686698df86b374253518b5fce792eb96cddd3fb55803eed58729e0afeb3512484078442e6e53228b6dcb75325a14c5ffc96da9605f9004991c278e07bc6cd456c6feb19d657a25ac22f1a40a052894e3788eaeb931ab8acb109d24f7d051922886cab2581469256e82151db565802d16989496fe68a838026cd474b8d21fe4183e754e55d294d835633f8a3bf91e8406e71abfb47d8066880aed6fe415e5dec47ecb789065c6a428b181e5a58454f0dc43511d7a7ae266f120262a33bb0ab4b16b59bcc3912c40a43f3d460d392aa3fed24bb94e0e39ababf02527e6931a4bddcabfc62695d21ea52a7b78bcc45a4f76d7a551a858966fca5171f550a1f863b7b427acd70b5815ae5fb4d4526183c7e604c88f6049f5786cf4fb5d40291d4e3f054816a75274b02673796c020d73a0101ce742c6921342c989c79c7f4126ebbdb1afab1b39d73e37e914f4b870105b7bf6f54c293512962d057a028498a9445387f3c6462decc1e8954ef92bd500739a61889992ed093875e31c3ed442321a2897468ca239b2b9f5cdaf012f96d4e027a9ca3ab8dff0d9d91fef6545022e7d15208dd730fa3a3cd106e937deac98bcf74ac51e0bc411658a72e166b65e2c2733d4ad55aa87ff0c4b20301243d23415737dbd65ed3cbc534842914df5cd8a5ad33e60c4817b0101d6a3488e371c20dc092b7e85d3f68421674282f4fa1fd555ada57176c0c29dac525996d68c853665419c3756dd28d7041688ff9818074387f4178012cd0b03238b501351726e1f38add620d2475f057d47bd342cdc967728329d7615d0a83c6d3d1e3a3f2113ebb8dbba349c4b5f6ec9f3b4c326f621edb3c3d29fc4d2eca947cb45bb66fa1784401220b7b92f7a0cc2490275eed460e748b412a5b707f60f849631684e98e91821e38640a6dc323e5bd62d5ba6bd9c6b2ba7265b67a03305acfcdab3e97a7da711f5a3df3708ec75055d6e2bd108204eb143b20d2d3264e97ff7af8096dc467b32bfc87babce42b001691fa4f8f463c65c53e8cc13387204e1c687dccd4704518131fdee153211e1990cb4032ca42cfae54ac4a41efb9a9abcd2e92828894f10a1a90eb2ebe1b3299edc8873ca918749f7d09b58fae7f9697b3343cf0cc142bb425a4fc0de2106b6bf23b08809f48cb9fd036d9c4768197daaa7b325f0f126d5fdffe7ef2e6e7707f6cebf138ae11977937d03670ba793750d29a899259879f9d3b88c61f00ed855063cb6930b900765b3555a476f0b942a3335b27e87fc580107659b557c491b48c91e5dddd79fbfd4c5d383315be0b3706634eb220426ddf7e7229c72749cb2c932a266dd488223b1fa99e96a1554f5ae6d9aac6747a618a3e912dc5ba00a3b9d6f6303ee54d90e60a3da06451de5810cb5cf0820c48fd943fdf61e2374f3395bedf1a5fd11cf658166b1cfc52f1f7c5eb29ff5ebd1d93cd9e2300fe2afd30d00252fb45fee86a576448656546d63d0bf74bf1caac7acd5acbd658e013637945cb1cdc491b4da5b9d8e70bb04524922088d526c4ebf161558b31881e3703dfc4ad4ed2ab81000c68c8393715ebfe10c236a5055859010178eb93fa45a34347ea78b962930a12cebf1fdeb48af3f0b120be06640181569af401389762c8ebe011161e079ef5b1e63804394dbb13614858875e7489cfeeb7b78a080182f7cbb4f7d6429480218361481bbb9b261556135fa94785dddd7600663c42b5192898f61b7e760109b3ba89d6167fbc883539619b023a0cb52774df130543a1abd215013dcd2d32abeee60faf4fb144175c3b7f8d658b8b59f678f6687871a80f6de0b9481ac20bbd6f40217fe2da43d3d1504cc8cf7d4a05b2c3501d8360d020222a023d2188454059f2b6321f0a6219139b84c8613399a91e8c92bdcdf8c6ed036643abb15315598e2ec110a9387cc90ef0ad8a92dce1553316f11682582565d30731a9affe2c41027275a0f5f5498af323d9de9eadf652601e3e82e5c3dbc16c035b1c12f90ee4a0c92239c537125bd94a82bbbb925166ad071e461702b840a2fbd2c7c4724fad37e18531ef5a3f723c710204ca71cb42d9a923fe83a481ba2702db64c375b0b696dded5c9b92e62b0ae2db9a4fda9ee988793b994c7035144dc7eeed2de718e92e23712b713d76b769dd4c08a11ce053ee5bc58d2179786c60286713b78cf960e118b4161116074964bc3a9f21c5888038d1ca60110fa0fdd3740923be00bb305242aa5a5a23c521fe7a3bcd9a120a52895687f61181ec9a68473142a87b926ac615e5a928e9f518defb2c2fd4b0b2d37722fb5f34aa36a6c73ec1b0dd8e21df3d9d6d565fe8be6b3c111228f5a1c8d8bccfcd40774ed55dee6d68a4fa7bf7119f06d8176af17320e5fe23e4f239bdfad6021fad6b4d56495fb80e300a8e3ed367ba6fe77f4f17a43eb3bd086ccaada9ae395971c5eaa0e3b5835b7bbd2c05d655a76942dd372e75abd922996b2776310c30d1ee9532f5af17ebf3f2b85679939b6fb13fd29a2b4976961f764ba171e7d7e5dafc3472c06e821dd5234b519c01d650a3e149bda08ec27488115a3d69d6d7e27ef158c73030e15bd8b91623ce3c3ac1a7e1e0ce98d53735100c59cbb5e3a43255af9dfcce983700b809fbcdbef9399906d6a8559949d5e8d496ce34d488e3bc7d5d1bd0f962f9984346f1e06d221398a2de3a777e07f71407912d2893d3a28dbbf1b72f08e0963e4f34b03ae122cb7201ed4bda67e9f97236cad89424159e32c3a60f30de778729aad43707924c289712c9e6e717643a0d43a10cebe371ea59d0f23fa5b4ebab6f5c6c07990ccd1b23da4f670f7594068f62f928b47e66f5932a4f06b8f89a7806f534937a"], 0x1) 2018/04/21 05:29:54 executing program 1: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x4200, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000200)={0x1000, 0x9, 0x7}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = shmget(0x1, 0x2000, 0x100, &(0x7f0000ffd000/0x2000)=nil) shmctl$SHM_STAT(r2, 0xd, &(0x7f0000000100)=""/140) ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000240)={&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x3, 0x12, &(0x7f0000ffe000/0x1000)=nil, 0x400000}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) sendmsg$nl_generic(r1, &(0x7f0000018000)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f0000000080)={0x1c, 0x1d, 0xffffffffffffffff, 0x0, 0x0, {0x5}, [@typed={0x8, 0x6b, @pid=r3}]}, 0x1c}, 0x1}, 0x0) statfs(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=""/210) 2018/04/21 05:29:54 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) close(r0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001840)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes-asm)\x00'}, 0x58) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x2010, r0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7be", 0x10) r2 = accept$alg(r0, 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000000, 0x40010, r0, 0x1) sendmsg$alg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000002f80)="af92b02946cc7574aa8e5ab7acd3d6614713177f7e6614cd185033598267889107", 0x21}], 0x1}, 0x0) 2018/04/21 05:29:54 executing program 3: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ppp\x00', 0x200000, 0x0) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000001c0)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="180000000000000000000000000000007110000000000000000000002bc125a85368af5a5a83f981"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x400000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r1, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x23, 0xc, 0x0, &(0x7f0000000080)) 2018/04/21 05:29:54 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='memory.current\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000280)={0x10, @tick=0x8, 0x6, {0x8, 0x19ce}, 0x2, 0x2, 0x20}) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) prlimit64(r2, 0xb, 0x0, &(0x7f0000000240)) sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f00000003c0), 0xe2}}, {{&(0x7f00000004c0)=@in6={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x2e1, &(0x7f0000000040)=[{&(0x7f0000000500)}], 0x1, &(0x7f0000000000), 0x2d3}}], 0x2, 0x0) fallocate(r0, 0x2, 0x101, 0x8) r3 = memfd_create(&(0x7f0000000080)='GPL\x00', 0xe80337612b5c5cf7) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f00000001c0)={'syzkaller0\x00', {0x2, 0x4e23, @multicast2=0xe0000002}}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0xc04c5349, &(0x7f00000000c0)={0xfffffffffffffff8, 0x1, 0x80}) socket$key(0xf, 0x3, 0x2) [ 84.946641] binder: BINDER_SET_CONTEXT_MGR already set [ 84.954263] binder_alloc: 6700: binder_alloc_buf, no vma [ 84.961224] binder: 6700:6702 transaction failed 29189/-3, size 40-16 line 2963 [ 84.966570] binder: 6700:6701 ioctl 40046207 0 returned -16 [ 84.989091] binder: undelivered TRANSACTION_ERROR: 29189 [ 85.028240] binder: undelivered TRANSACTION_ERROR: 29201 2018/04/21 05:29:54 executing program 4: r0 = socket$inet(0x10, 0x3, 0x1) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000340)="4c0000001000ff20d938d90e6fc283b724a600800200000000000000000000402c00160003040280b598bc593ab68211030030de33a49868c62b2da654a6613b6aabf35d4c1cbc832b0790ed", 0x4c}], 0x1}, 0x0) 2018/04/21 05:29:54 executing program 6: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000bc0)='/dev/dmmidi#\x00', 0x80000000, 0x202000) sendmsg$nl_generic(r0, &(0x7f0000000dc0)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x200004}, 0xc, &(0x7f0000000d80)={&(0x7f0000000c40)={0x11c, 0x35, 0x0, 0x70bd2b, 0x25dfdbfe, {0x1d}, [@nested={0x108, 0x6e, [@generic="9b3505760f3e1435016d3d0f19493ebe5cba57802399d0cb40f0f9b6c08dcb787bb1374191aa6409431e30d2e69599b77228dfd1e77a705ff1ce8a6aa4e3398fee5318a410b12024993664bc6ebe", @typed={0x1c, 0xc, @str='nodev]GPLwlan0cgroup\x00'}, @generic="317bf6b2c478e273124b57e9ca0575c64ff2c0c5706d57fb6575c11a7d4228f0f80b5dfb141ec4a5bfe0638fef29d774235fc2", @generic="58078fa21f386a1c5ba25adb48271da91871c4e56afccb2d0fb263e38b726e5062009b6c9bc63757ce629d0d1268c21136a321198996b5b6ede691da438ef4027bc8b8c3e819385b9e2a5fca154e79caf1a4b9a7413fbe81dcde80c98ce631698c1ee830"]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x8000}, 0x4) socket$inet_smc(0x2b, 0x1, 0x0) lseek(r0, 0x0, 0x2) sendto$ax25(r0, &(0x7f0000000000)="dc9ed39f48076c0c91d34090ac3d7454445bf500ba8c68497982e527e53795e10b6f62e6dca7993ca9", 0x10, 0x8004, &(0x7f0000000080)={0x3, {"6c2368b6cc5b88"}, 0xff}, 0x1) uname(&(0x7f00000000c0)=""/185) 2018/04/21 05:29:54 executing program 7: r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f00006fe000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0) read(r0, &(0x7f0000000140)=""/99, 0x63) openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x602000, 0x0) ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, &(0x7f0000000080)) 2018/04/21 05:29:54 executing program 3: syz_read_part_table(0x1903000000000000, 0x2d0, &(0x7f00000001c0)=[{&(0x7f0000000000)="31931f4e44f7f00a823840ffeec7334f62c7763870d7266449a1539d12c75d55e38ded08830f826eb0a1b440cb44b6a49818eb8a84e82bcdb6756ef572a96bd9388c7d7bb51b27c4531bc345a314703802956c9560c27fbe38f1f2da393b8edcee53bbd47f394ff8960b8f312010d9fe0432ee0c9ae05cde8fd1b9390b15c67009171336de2b38c98ad3db637481d6", 0x0, 0x2}, {&(0x7f00000000c0)="8c614bdf5f9b2abfcce307b492efa2c0470a2e27282c19d20a78dc28d1107a6b08cc58ae12dec59bd947f02ca64ff669f7ef984e51b0e81b80d8881ed9debaedb0483e6fcd9e7fe6b45daae444fa25ad5961825cf7252d8292b8e5c494483a68a8248d1d463e65c642ea8c5490319b6710e68aa16d49a63cb976b5953896f8e6c1c4ecffc3d14733a0517c49085779f6c0a249e1bd1e123f967dac71718dc160ca7b5e10d5592db535de772aa03693e420a35c4e2f13f20037e36366f400feaccef060f0b11e84aa0ca75b10a979a631", 0x0, 0x73}]) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vcs\x00', 0x40000, 0x0) ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000440)={0x5, 0x8000}) syz_read_part_table(0x0, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000200)="b14024cd6e79fe7d0209d22156e936a39a53b79f9b484d89c6f8f9fff823eaee69811d60b4558219fe192ba83a792f709296425dad3af43c2abdaaa10fc138b183a15e7c10debba53ec86239fdd5fda53c659af16194278815b086ddbba6b436d53854ec8171ee43ab5ead7261c30f2f7a09efc1751915ce6ec7bff28d06342b2a844bb0efca908af316350d3da5b6c24c25e7a67eae594fba3a0c2d1fba974ce92cf573be2a", 0xa6, 0x5}, {&(0x7f00000002c0)="ab3cff6465823a1b69f6b2911878953818519ab63ada1741ddd9c824b3d919ecafcdf84d1966b8d924e052ea3a8ed6e5c714f7864344f69dd9729930b00c4bde5b0a2387e2e97d5820d69aeaf2979268122d066ee25a2b4fb43b8a8e1f443f626fea1638313528509b25ef6c7375b23d980975b31e506ede64ee6410cf690d6a38fbb85684ca439d1eec4674f33854b98528cdea4412cf92554345846d4acd839f14f426bd1e81bb5ba0af74df4add28aa06ec11db1a90d2bbec6802ec8a325c5ee7d7f199a6c5b63760d08a6e6b2b91", 0xd0, 0x4}]) [ 85.073319] binder: 6724:6730 got transaction with invalid offset (40, min 24 max 40) or object. [ 85.101121] binder: 6724:6730 transaction failed 29201/-22, size 40-16 line 3026 [ 85.192589] binder_alloc: binder_alloc_mmap_handler: 6743 20000000-20002000 already mapped failed -16 2018/04/21 05:29:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000001c0)='/dev/sg#\x00', 0x7, 0x10800) r0 = syz_open_dev$midi(&(0x7f0000000200)='/dev/midi#\x00', 0x100000000, 0x4001) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000080)=""/237, &(0x7f0000000180)=0xed) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, 0x4, 0x0, 0x6, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0xeffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0xd0, &(0x7f0000000000), 0x4) semctl$SETVAL(0x0, 0x0, 0x10, &(0x7f0000000040)) [ 85.290456] binder: undelivered TRANSACTION_ERROR: 29201 2018/04/21 05:29:55 executing program 5: r0 = socket(0xa, 0x2, 0x0) connect$inet(r0, &(0x7f0000d3c000)={0x2, 0x4e21}, 0x10) getsockopt$inet6_mreq(r0, 0x29, 0x1, &(0x7f0000000080)={@loopback}, &(0x7f00000000c0)=0x135) 2018/04/21 05:29:55 executing program 6: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0x0, 0x0}) socket$kcm(0x29, 0x2, 0x0) setsockopt$inet_tcp_TCP_ULP(0xffffffffffffff9c, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0x4) openat$vsock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vhost-vsock\x00', 0x2, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x1000000000000004, 0x202}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x16, 0xaf01, 0x0, &(0x7f0000000080)) 2018/04/21 05:29:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x460140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000180)={0x1, 0x0, [{0x20f, 0x0, 0x800}]}) 2018/04/21 05:29:55 executing program 2: r0 = socket(0x1000000000000001, 0x8000000802, 0x8000) fstat(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r1, r1, 0x0) sendmmsg$unix(r0, &(0x7f0000f72eb0)=[{&(0x7f0000f72000)=@file={0x0, './file0\x00'}, 0xa, &(0x7f00003ff000), 0x0, &(0x7f0000f72000)=[@cred={0x1c, 0x1, 0x2}], 0x20}], 0x1, 0x0) 2018/04/21 05:29:55 executing program 4: statx(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x3eb13d0ead364b73, &(0x7f0000000080)) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vcs\x00', 0x1, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vga_arbiter\x00', 0x0, 0x0) linkat(r0, &(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000340)='./file0\x00', 0x0) r2 = getpid() get_robust_list(r2, &(0x7f0000000200)=&(0x7f00000001c0)={&(0x7f0000000180)={&(0x7f0000000000)}}, &(0x7f0000000240)=0x18) 2018/04/21 05:29:55 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_BT_POWER(r0, 0x112, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x1) r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x800) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffff9c, 0xc018620b, &(0x7f00000000c0)={0x0}) r3 = mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000, 0x4030, 0xffffffffffffff9c, 0x0) r4 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x20010, 0xffffffffffffff9c, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000002c0)={0x8c, 0x0, &(0x7f00000001c0)=[@increfs={0x40046304, 0x1}, @free_buffer={0x40086303, r2}, @exit_looper={0x630d}, @free_buffer={0x40086303, r3}, @acquire_done={0x40106309, r4, 0x3}, @transaction_sg={0x40486311, {{0x4, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x30, 0x50, &(0x7f0000000100)=[@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}], &(0x7f0000000140)=[0x30, 0x48, 0x68, 0x30, 0x30, 0x38, 0x0, 0x38, 0x40, 0x38]}, 0x6}}, @decrefs={0x40046307}], 0x1a, 0x0, &(0x7f0000000280)="151f81edbaa567e2ebf034591eb27eb16c3311e1aa866493ba2b"}) 2018/04/21 05:29:55 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000080)={0x9, 0xc, 0x526, 0x3, 0x0}, &(0x7f00000000c0)=0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={r1, 0x1}, 0x8) sendmmsg(r0, &(0x7f0000001d80)=[{{&(0x7f0000000000)=@in6={0xa, 0x4e21, 0x0, @loopback={0x0, 0x1}}, 0x1c, &(0x7f00000003c0), 0x0, &(0x7f0000000040)}}, {{&(0x7f0000000a80)=@in={0x2, 0x0, @rand_addr}, 0x10, &(0x7f0000001bc0), 0x0, &(0x7f0000000040)}}], 0x2, 0x20008000) 2018/04/21 05:29:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup3(r2, r0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000040)=0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000005c0)=[@text64={0x40, &(0x7f0000000640)="653aba1f00000066450ff37a00b9900900000f32420f07c744240076000000c7442402180d0000ff1c24b9800000c00f3235008000000f30c4e235ba618266baf80cb8bc6e4283ef66bafc0cb856cbc4fdef0f01d62e42de8a00000000"}], 0xaaaaaaaaaaaaac0, 0x0, &(0x7f0000000600), 0x100000000000024d) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x48b}]}) accept4$alg(r3, 0x0, 0x0, 0x80800) 2018/04/21 05:29:55 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f000048b000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000040)={&(0x7f0000000000)=[0xfffffffffffffffd, 0x2, 0x8001, 0x6], 0x4, 0x0, 0x36c0a935, 0x100000001, 0x7, 0x3, {0xffff, 0x2, 0x3, 0x5, 0x6e, 0x1f0, 0x4, 0x80000000, 0x1, 0xfffffffffffffff8, 0x6bd74bc1, 0x8, 0x70f, 0x8a7, "6c70eac48d249ac124164ea8ad9821bb787f5561f4251bd459e15cee4ced1bf6"}}) 2018/04/21 05:29:55 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xa, 0xff, 0x6, 0xb, 0x2, 0xffffffffffffff9c}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001140)={r0, &(0x7f0000000040), &(0x7f0000000140)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000040), &(0x7f0000000100)='U'}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f00000003c0), &(0x7f0000000480)="bb"}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000380)="b1", &(0x7f0000000080)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000040), &(0x7f0000000200)="d1"}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000200), &(0x7f00000000c0)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000280), &(0x7f0000000300)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r0, &(0x7f0000000280), &(0x7f0000000080)=""/23}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r0, &(0x7f0000000180), &(0x7f0000000200)}, 0x20) 2018/04/21 05:29:55 executing program 2: r0 = perf_event_open(&(0x7f000002ef88)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0xff}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000100)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x6, 0xb34}, &(0x7f0000000200)=0x90) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000240)={r2, 0x3}, 0x8) pwrite64(r0, &(0x7f0000000000)="6e11596897abe8056133a48639da5c6f7fee2a1b490f48398a8ff01f879e4fbf876a257d3c02200a5751f90c438173386daed257af4e3075ddd6336e508cdce93f4175a3aaa0c2bb4998fdbf1e1fa0cfd2a4bab429abe667821d0046cb25d41e4b8a15e9a0557fd5909f062e001299f5266b9229b1a297fa9b067e601084c33f0bef3781ff14cfa9ad033ee4036e48f83611f82d7c5caaede7b360f1b87f3e15de7a07054d90700261c4ca9969156f4d0601b7cf8b1836f689f43d986128cbdeffcc0e6435ebbb3daabb7a9ebd96886f48eb26b9c35ac06073b57460b9", 0xdd, 0x0) [ 85.412898] binder: 6783:6784 IncRefs 0 refcount change on invalid ref 1 ret -22 2018/04/21 05:29:55 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) close(r0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000d36000)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-serpent-avx2\x00'}, 0x58) r2 = semget$private(0x0, 0x2, 0x10) semctl$GETNCNT(r2, 0x3, 0xe, &(0x7f0000000000)=""/13) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000001f3a), 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x80, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r4, 0x4068aea3, &(0x7f0000000080)={0x79, 0x0, [0x1, 0x4000000000, 0x8001, 0x4]}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1) ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = accept$alg(r0, 0x0, 0x0) keyctl$session_to_parent(0x12) sendmsg$alg(r6, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000003080)="26fe6bbd22e1c516390d2def920057d19b8834c5f714cf28a5f622f9a64db7c134e76f50cc0e0ee56f0defcca50b1193fb7047512fe18f51719fca6026c58c80ff0b0bc389779cc6dcff86353e65b9762dc50a5f44059df2e170abc6589ac48030b9e1b75ebefea6b5e9ee4dc386ee149e41b0d09f970e0f4862943c663255f686e860dffa32d20315d40570c301459473fbc5b51a8f81294c94bfb8142f1d40e28bc2ead49285427defa78fd181e573d6ed4202fc5d64ba092871b02d3fd198324b586be690d6d97febc26f9742ebc4a38a6db3ed3f9d08dcb82c25b4c853552e41a477ceedb0756d7a5b7c174bda723937d18953d7c0be4b603f111170b45cc9fbf22d8f0885fbf1a6f23a9adef5b8a3cf13e86b34807c2d9723487e3b8361717fcd07fd6aaf0edc2c8fa91eb9f3d36cbb1079e7c4dd66eb55ad7078b8e1275b01fd4f526beac1475e5f118f3333a2e6f1ff16904a5b76469ea494e36846e6c48f8da5a8367354004210709bc18c191eb17e3553709cde12fec70be55916bf", 0x180}], 0x1}, 0x0) r7 = semget$private(0x0, 0x6, 0x9) semctl$GETZCNT(r7, 0x5, 0xf, &(0x7f0000001740)=""/172) 2018/04/21 05:29:55 executing program 4: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x3ffd, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$fuse(r0, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out}, 0x30) [ 85.462323] binder: 6783:6784 BC_FREE_BUFFER u0000000000000000 no match 2018/04/21 05:29:55 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) sendmsg$rds(r0, &(0x7f0000002e80)={&(0x7f0000000080)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10, &(0x7f0000001680)=[{&(0x7f0000000200)=""/116, 0x74}, {&(0x7f0000000280)=""/126, 0x7e}, {&(0x7f0000000300)=""/205, 0xcd}, {&(0x7f0000000400)=""/209, 0xd1}, {&(0x7f0000000500)=""/91, 0x5b}, {&(0x7f0000000580)=""/88, 0x58}, {&(0x7f0000000600)=""/17, 0x11}, {&(0x7f0000000640)=""/5, 0x5}, {&(0x7f0000000680)=""/4096, 0x1000}], 0x9, &(0x7f0000002c40)=ANY=[@ANYBLOB="58000000000000001401000006000000fffffeff4b000000", @ANYPTR=&(0x7f0000001740)=ANY=[@ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00'], @ANYPTR=&(0x7f0000001780)=ANY=[@ANYBLOB="0080000000000000"], @ANYBLOB="0900000000000000b093000000000000090000000000000063020000000000002c00000000000000010000000000000030000000000000001401000003000000", @ANYPTR=&(0x7f00000017c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="0010000000000000", @ANYPTR=&(0x7f00000027c0)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000048000000000000001401000001000000ff0f000005000000", @ANYPTR=&(0x7f0000002800)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="e400000000000000", @ANYPTR=&(0x7f0000002a80)=ANY=[@ANYPTR=&(0x7f0000002900)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='|\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000002980)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='9\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f00000029c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="1100000000000000", @ANYPTR=&(0x7f0000002ec0)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000001fabed24fd3b179500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006b2abac00000000000000cb9f4a6475d0d00e0000000000f9a8812c6326340000e1000000000000000000000d444cb11728b86791688ec410b6d7ca880023725d0059d0a7a7f4701c3b132882dcbd2fd795c73c0d8fa32c440b26a9f2cb7bc20a769502b5d82485c7599e8bfb5e1f61d54ae4"], @ANYBLOB='v\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="04000000000000002e0000000000000000000000000000001800000000000000140100000200000009000000810000001800000000000000140100000200000001000100eb710040580000000000000014010000070000000500000003000000", @ANYPTR=&(0x7f0000002ac0)=ANY=[@ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00'], @ANYPTR=&(0x7f0000002b00)=ANY=[@ANYBLOB='\x00\b\x00\x00\x00\x00\x00\x00'], @ANYBLOB="0000000000000000f101000000000000010001000000000040000000000000000100000000000000020000000000000058000000000000001401000009000000f9ffffff00000100", @ANYPTR=&(0x7f0000002b40)=ANY=[@ANYBLOB="7f00000000000000"], @ANYPTR=&(0x7f0000002b80)=ANY=[@ANYBLOB="0400000000000000"], @ANYBLOB="01000000000000000200000000000000030000000000000009000000000000000800000000000000040000000000000058000000000000001401000006000000c10f000008000000", @ANYPTR=&(0x7f0000002bc0)=ANY=[@ANYBLOB="1465000000000000"], @ANYPTR=&(0x7f0000002c00)=ANY=[@ANYBLOB="0000000001000000"], @ANYBLOB="001000000000000003000000000000000200000000000000000000000000000000000000000000000400000000000000"], 0x208, 0x4040004}, 0x80) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f00000000c0)="0f017c0026f00fc78c0078360fea3826360f2212baf80c66b8f3baef8b66efbafc0cb0c1ee36672e260fc798ec000000bad10466ed660f091e66b9ff0200000f32", 0x41}], 0x1, 0x20, &(0x7f0000000140), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000140)={[0x1f]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 85.509647] binder: 6783:6784 BC_FREE_BUFFER u0000000000000000 no match [ 85.516593] binder: 6783:6784 BC_ACQUIRE_DONE u0000000000000000 no match [ 85.523545] binder: 6783:6784 got transaction to invalid handle [ 85.529833] binder: 6783:6784 transaction failed 29201/-22, size 48-80 line 2848 2018/04/21 05:29:55 executing program 2: socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) syncfs(r1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x4, 0x300) ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af04, &(0x7f00000000c0)=&(0x7f0000000080)) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f0000000100)={"4f1366ab96287c15ba3df746d4e4c8ac581078073f42ca394722a7e8a97eab2eba6ea86d90ec495363dd8c0a5fe9ff0a6ea71202cae72483a32cbddb933f972676e734b58dfd1373a4fa540f6d8e2bb7223159f9aff28c8807caf2aa60187059b1149baf3f3163233acc8508cd7244707efcafc90b01348be9078b585adaa58877943343b8b140cbf653944269fa56704f248028968ba22850fd93924de98523a3b64be54aa2ad64d631ebeba1483edd9e03f74605ef22f885bd290ed8528154b32e42449bd517b3add22bc14b7a6cd23db233724cc59d979f29dde63ee3f2836e9cdd2f45087e6f92401421cb95b4d832fe89b872b53d773416b933b82542e0990c98148ffd18fbc165fa1a205a3fcc780a1064f8d74e04c731d517e6282f184ea4ce7248b097963ab6e7bd18bab65188a2589e48e9337b677974edbc259f25b714090b54265c4067a13294da7ce199796e93c167b698729283277de7becfd8060b9be08007e6cf735a2b93c0f9d47ffe0ca62a55ccf3c1db469083173871bd8dcdeadbca5dcde7eed70ed3737dadbc1d350b41deb65aec7d3e7c155b289dcc07fc013fecd5562caa23c927888986af439fa3fad0812d804e6d89414cd11c5974e259a57991cbc2862a3b5050b3c87695733082500982346c86c6edd3229ff1e80fc417f8c6514f0ccb229af555c68617190cf9034f460ec0ddcf0ca9efb8c587acfb0e5cf8355bb7dc7a5090da4f0056eefe8b8972ca780fc5d7d74d141e47d82e2422f4939fe90cb363a9f45fe1167687f2778268bf26645eefc205e142d14b23f50c0b613161d947b8d08870cfe77e25ac8cb17c50738e485a7e0e9a6e30ace01a29eae4cb53af89c9fc61b06b27e87f13da234a402df21a42d5116c288feea67a37169e1f579e6751ef6d1743df64a0cfb5c2eee17013acb2a1130ba423a351ea993ef129fee6d14deaa486e0bffd61f6b132785e5df79cce2a3ff8e238c3df4fe22c33a4684dd37657b391429b5624ac65a6ae1db4c91183962af53b400ac8b6e83390d4798700c830e72a92ef1569375aa39befa14c9f5d70847a78693c62fe569cb1b41d3facc87155e8cc57c87ff200fd7ef1bb19e0eb53a2112e022f99339960a025784a3b872351b9e75cfa0ca170e8912b3f13ea99a18de7e24fb354b7377f00d851677880bb58bab974cfd5dc67c249d86677937a71f5ca5169f3163a3b8ac97811d989627ad94e67e63bbc44130038e8928485a1b02491c8b9ccb7f25b8abbe17be4dad75b8fc8bdb1324645c2214a1a86d013550d150c3cfaf46dac23dc1f2f491146408d1df4a41d923613514fd763bc810e4e35a9735ee6ca994276b81948d1b7222f8f241478e0446a09a4ae20f580aede578d8f254ecf68410076c274960b8bd8e5f614d8b25875160a959e8d7c52b70416245884f69a"}) setsockopt$RDS_RECVERR(r2, 0x114, 0x5, &(0x7f0000000500), 0x4) getsockname$netrom(r0, &(0x7f0000000e40), &(0x7f0000000ec0)=0x10) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000540)={{{@in=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@local}}, &(0x7f0000000640)=0xe8) ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000680)={0x1000, 0x0, 0x4, 0x8000, 0x0, 0x0, 0x59b5dab6000000, 0x0, 0x4, 0x80000000}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000006c0)={0x1000, 0xc000}) getsockopt$netrom_NETROM_IDLE(r2, 0x103, 0x7, &(0x7f0000000700)=0x401, &(0x7f0000000740)=0x4) inotify_add_watch(r2, &(0x7f0000000780)='./file0\x00', 0x80) setsockopt$inet_udp_int(r2, 0x11, 0x65, &(0x7f00000007c0)=0xb3ff, 0x4) getpid() io_setup(0x10001, &(0x7f0000000800)=0x0) io_cancel(r5, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x3, 0x0, r1, &(0x7f0000000840)="60fd351a2a13464b0aafe5149b4766dd7365c1f8473aecfaf741fb4ca46687bfa21f43ce7894e800cdc4a4d305b27037f6c365a4e5a9b83e79f802b8fb55aa5faf4886c88c632305efbaaa3844f4fce2c8da9c8f56be36934006dfdc43ed9b59c28a027c3380d50020a2a6850c9965e586cb1aaf7d0b8969eb5b3142aa928c2d484f13785c5c92c6411085d8e0c138a319c73427db2dd768a7090970bdab5c6716eb6c3be44e45f7a8da127868", 0xad, 0xd5, 0x0, 0x1, r2}, &(0x7f0000000940)) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r2, 0xc0305302, &(0x7f0000000980)={0xe9dc, 0x8, 0x7, 0x400, 0x100000001, 0x9}) ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f00000009c0)={0x9, 0x0, 0x7, 0x0, 0x4, 0x9}) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r2, 0xc0305302, &(0x7f0000000a00)={0x6, 0x3, 0x4, 0xe1, 0x7f, 0x84}) clock_gettime(0x0, &(0x7f0000000b00)={0x0, 0x0}) select(0x40, &(0x7f0000000a40)={0x4, 0x8, 0x0, 0x4, 0x0, 0x6, 0x401, 0x100000000}, &(0x7f0000000a80)={0xfffffffffffffff9, 0x401, 0x5, 0x9b2c, 0x3ff, 0x0, 0x2}, &(0x7f0000000ac0)={0x33, 0x7, 0x6, 0x3, 0x9, 0x1f, 0x3f, 0x2}, &(0x7f0000000b40)={r6, r7/1000+30000}) setsockopt$RDS_CONG_MONITOR(r2, 0x114, 0x6, &(0x7f0000000b80), 0x4) ioctl$TIOCCONS(r2, 0x541d) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000bc0)={{{@in6=@dev={0xfe, 0x80, [], 0xf}, @in=@remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0x40, 0x4e20, 0x9, 0xa, 0x20, 0x80, 0x2, r3, r4}, {0xd76, 0x4, 0xb0, 0x1, 0xc0000000000000, 0x800, 0x8001, 0x7}, {0xe3f, 0x0, 0x1, 0x200000}, 0x9, 0x6e6bb2, 0x1, 0x1, 0x2, 0x1}, {{@in6, 0x4d5, 0x33}, 0xa, @in=@remote={0xac, 0x14, 0x14, 0xbb}, 0x3507, 0x0, 0x3, 0x7, 0x0, 0xc5e, 0x3}}, 0xe8) ioctl$KVM_HAS_DEVICE_ATTR(r2, 0x4018aee3, &(0x7f0000000d00)={0x0, 0x1, 0x6, &(0x7f0000000cc0)}) ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f0000000d40)=r3) r8 = msgget$private(0x0, 0x400) msgctl$MSG_STAT(r8, 0xb, &(0x7f0000000d80)=""/40) sendmsg$nfc_llcp(r2, &(0x7f00000033c0)={&(0x7f0000000dc0)={0x27, 0x1, 0x0, 0x7, 0x100000001, 0x2, "81071fdc4196e54ba7a78ea739869e0ca1838e15b9a4ce37d76ccd64c35c16ac6e48779ea1143ee29b724951e68296730516fc4ef005c6f995b355ac61cf7b", 0x22}, 0x60, &(0x7f0000003280)=[{&(0x7f0000000e80)="c11251c7c7e207a40c58da1b4a6b", 0xe}, {&(0x7f0000000fc0)}, {&(0x7f0000002040)="14b464e75adb4dcf74490e55a292e5843c5d9391ed4cf30d6d5320d724dca1ca80edeea3d0d155431add0c3fa0ff893e9e22f4faa039ac9003232c325f2776fd3ed52ae458572c7edc1f408a46423e789b086199e534f19c4f4dbc216aacbb32983ffa776179a79ed3fd791a4c1bac63d9d758ce9e20026d05e208b8934abb71e038260aaa4bc494cd896dc17be91e8c423764e9f32b285af2477fb89e0e7d1e39e43a244cc822d4b22822e6ad811acd2bbeb5d3af484a427f59ab1d9ff45f4322800d7f3ace3b9958b5b2f18a0971fa989918936dfe52d4647191506874bc982881cec522a814ea66068f640b001a1f4201fe8d0b66ec9aee037e4ff4105adb494cf79881e47a851872fe827fe17890d5dd1855d435b22cc9be7a8cf2c970323042e04653fc8d7d27fbe5a348d7604193654fab962ec929b8eb796e744d9049e26d557f8ecec68d90b5f4bb575ad93f633b1e0093d991a433d049680cba7d713e2207f5762f9eab0e5f4416e8e06155579eaab70faf7bd99d984740e4822890c5c94804d80c80fd0885975ff6bd0e920e72de39ce60128620c9b4ca337facbabdb470acd54d55a22a2e92f8b90ba766d014117ea2f5f012b31b58937863166c59678df6473ab9b7766852183b493d41c1209ac0b845407d3e0162efcc9bde85eb1f74e52fa436c45ecef44cbe9013d652d551cf4889eab5cd8e7507fef19d5fce9625ea169b3b5bcf6c0cabf9bc4354e8175f6bc8de8ad67de121d566e357d0b40b211fc98858c55e008aa5fdcb7ff6b2e2e04bfc19ed1006e0629cf6bc7f5d6bc7d5d761bff62c7ae9376593c4924df095fd15695d9c832cf2f25b471d86edf3c82278dbe1a905ee4226ecfaf23eb9ced2b4f4416a3c0cfe2f3769f38aaae24246417b8965f295b6aad7e8406ec0c6b3b9c3e93d859d832134b7f7876dba4c6839563690fadeefa56053fa0c72f747c21e4e55e1c6e9a5f0e64ffca4753e40a6ca8b72f84a94c40f2c35a4af24c6ef43b1352c164aa7be997f21e663f7bb1d7ae72b440b7cda0d07abc3ded8ea2721bc4f08671158fe280bdd87925a3caf4cba8df99e976a5d9dddef74238919bfc81e8469d53260debbb47a8aac9f59ff66d4f5979a390478e38c2fd3acded8def069cc9f8e1d1c5dbc37f050f319ba63a77880a702f31003531695456d9d11dcc25f6955e13d4d5ae530f9382c76ed9fdb9ae82e7efae3e2b4f62a75713dc0ae5ccb0c1df7ae8e0d72c469ce19b66a246ffcaf1807f1cfe86408e3d27f4053cc3d4892f1d8a9528eaa812f184c35d0b7a234083851b803122e3915f00f5161ad1e878639ea10219f12bfefc960b48ae33669c914c4847f71f80434fd38dd06ca95de50829b227323325c576d1927d7b58bb88cb60e399648b04431df18a3718ac98f5821f9a51e02fad6bb76f75d85a4e4d52cfcdeb566fb29579ed5409e02a28060cc0c9c94887c11b93683ed869f851930ab7ab110ec1755240793c6f5dd9ac0866fb64fdf7981b6e4ee1f9f47bc5dc90fdeb2cf3253e1bb8b2b3c0e842d90b67dca4ff08bdec5d1e18c9d435e3a71aa5885546b7d79a929513da432e8ba4287f3f953f75d84ba5f9517ffdc5595906268ed2ce77f06546c724e0ecbe43561d651dcfa1420dedfee446a80c93cc0b138051d6953979f7f0994b994ab10c81ea838311ea2af54873f212b71382cd84fa1e6a9fe14cbb9278e54e6dbc352f344b2081ebe552fc08c70273b9ef0c387e80ddb20cb0b001409d9dc343fad88e89e68447c76f493d61a69e5fc2966855ebef202e68eb1f4840da85b2ab5836955cc67032382dda59f0beb10a79b7ab5dc42484aec3f04e6284d8c3eeeda32114c8fc9ca65d891fbb8aab1d445eef6beb1fb14a8b2b4c1ccb9878862a8ccf88a6ede1a191846c328317cec9912bd974b347a4b437769e75ae97ca3c056af275d1d038f2fc15b86cb5b345ea4dce9448be820167d8a938dfbd567468f69c3ddb53385fa2f077b4a04dcc28b5cc342288547ddd957f9deee252431f68489d71ddb188211a25affa7a0f184b002cde50b99afa3b89066af188691087d69969daef8db341aad03a1aca3d82cecf723ff912e776240612126af2417249453fabbde448fc5319fcdf8755d8fbf8a08f480757e3f8bd2707dce2ef8a505537fd50b7ac7337c45783bd09fd39396cd97248b690d4d8b363117e8065d17970f200ddf788180722199cc876178095baae3ab080209c7d74756817411284468efe2b35d9168497b8b6cc9ab59e0cfb45e43d8a02a7d2f53b34715f7fc29235bd48b6f535b99eeb4db175014fd70d7fb35d9444335c6e236333baa736b73e3b0596537a3df2225a9a78633da73067d8c4c34ae090a9a13fc95d9e2d6ae9ee5984db799d2c65516fe5ba4a6ea6acdeaf5138222cd36584cc3da97f6c67c214a1bd6eda7ffcec5db3796b1e45e0c9d40f19e946972f243893d9c08daeb20b3f7459f3a05efe3c78f4db41c5c36478e040669ffd3c4f79ef6c7ca4f09208f14dd9854439da0903d9ce7c3038e207d837fe4267ff00e375317d462ef77509b59fb22ebb373e7dd5c52009454ef6d18c7e987bf4bbefda3ff6a8d4e4165d8887681e237de235890eaa82f1cc4cc7507e842ad4deb0c1ae3f0263b7d71fb7b9fdded770f88f95b0a7f4a9657d7c9f29c9b340f6b7b26ea0938dc37fec75754fb26bd633924b476558255ac0199133b6e231d94859e542e61901d3a51593af5a62d8e05eef501a79379782d16ae20a5ffdf1bd2326074301dfad06241d20d8e45544a8eb66932492a545cdcf29cf27d91d856a8bfb2d7eb8ab7e6f2b521457159e20486810858472726c9836da48324effd7582a2627c2d752ba469a4aefb4a5b6bc0fa8af3d7f19f1020076a254eb1c181998d9b2229a83940e155782ab3a7a60f8cfc4ebc1c9f0613883282669024f37485e7190fb2051555bf9261b57a9f922fec7edab9069d4232c49b2c1b39da3617360ceb2c5f98d6d0757a9f9a93fa6daced962d23f687e1166c6cb4b9429a4e3374ba0f33146269570b80c76ec0cf4fb3334430785b9e6b89aafdd0cb4eb8cd05816747e42cb6801c5a9d02830d2563b28c0c7738fbe597aa0ba8a71b0593d575e1ec49c7952b24c2cd2c742ba51ccf223bef5da1b3d0ca0baeab7a92e70afe1c4f7f67faad68100d8b8f189c0f5df07488af0ef655b60eb0618e78e8fbb978d66f51bb301163e23b235f5d4f7b31c2d596c33a3c3443838c29ff0d4b9866184660d47dacc00d49ecd3fb9f60ebcad20b9d6f7b4221f86e157878075c88c044e6012a91b82f0fe38f50253a5c52b1d7eaba25221fff96cca5a274afbdecc12e9635557eae7dfe3b38fa8fea363cc9ef13b08a5088ccf0d673b7397e2eba117eed9114151e312edaf8ebcf5c2c0adef34a55606d821bf2bfbb589fd5b7dbd897393bf290ee76fe9ed516f83f36a4d62e4fe8b9466a3dbda0284b7762cef8150da660d9f88352dfd6bde6891aa296a471c2ecf0754223a0ab6f5924043e1d41b80432a66a838cbd09a642ad72d1e6e231bb8089a41c7002ea66b98c292bd87e810e090d4d6225b7472beab2e8b3dda2e606dc5d47bcd7a5dc5b68390d7df57a11dda7c823af6c523d53ee6bd21ad9ddba62d4173daff6ea62a5c8c69891dd7da328b45c21522eacb055072d9a4ccee2a2496d8233e9005736ad13bec9bd8141af4d6d5c879f4d75c1710e4722aa08472dee90c048559f1d0e5c4064b538e7fe4b88a14bac7a310630b7c8306431d661200ae9e0d132bd3741632a6e36ed51fd5279316f70208830477e4db95550576d0783b715ac978bb831627143147811daee655bd3e5a502148e16a2eb11f5c966c1fb3c8dfdee0a34f6422a9b435c3de5d8e57dfc2489a58cf8b6f02192c40e6cf5eb48621fc522f746b3a41379c189b4e7b223c76dd1d2f01e4503bb1037503b310d1b80464948bc6253d491cded46b217c8f22625dde8fc68a988dd64b29ac49d4ccd056ad77f365decff68fdb925d7fa0ae23c11ea1706f7ed35e063a8eecdf22cd7c25377083c5d11e38015960646b9119b28b2444de292590c710d44ee44174510a798bce2d101ea711c92bb10208d8ec20d6d0963e909e258dfc5a103b909e8f71c8ece729f1ba92fcf8cecf11b4821357b980142a1c7928865ca889e28e80d9e538e6fb654d6e9f3fc77411285043dd936c42a95c7f12cf25b79504100ee9ef0ac5bb295d887464f211acc074853531052ac2e1ce52de11287c74d3b312f2d45ea7e3f7b65485055c5d86e9da5a530ded85195c4c0cd5dabe3491d98b803cf6b6931ab8e73186abc668a094c5ee192e7130398291e7a48ddef346492b87504b96869487d936bc1ce8c1b81f452c8cff33788f69488dda09a7239e49c56937a93865882ed026cb17a5f0c3b2670dcfb392525782f506847c4cb33f338ec4d966fe2e589e9293efb921aee02bf0022be0e3456050e2024ef5643366b99ca8361a500bd63f3c58fd2a9f070a21ea6e2be45196ebc7a23f422d6c91c5acf9464b5a468659959794edb5052224cca4e75566926f2dbe478c6e43015a780883f7395fd228b6347a4243191a794614f8d898fea9c268cb8c6905076b452f02d27523d33e1856a665e48584f4874184b8daa609db60b0670c2e4960aab152fdca5295d468a70dd4ef5233ea0c05b5bf8861d5fa2510e34bf1d8abb55cd5c546f0e5a1e1fe4020ecd1f61a4e3204c72496a9df200def10fd475495be260512aeeea3e113212fdabeeda3c81b31333c3988309b74101572b730c47706c8a965d77587ef77b806f6e3491a33dd992b97aa550b53fbc94bfce8652d3c6d9f7cc89c75c4defc3790bd63c6c0c245753fd5b4393d5659eb6ebd46aebb2c4b30c985f7010d2ba81999177f9d834d7a3ec5f22a188a600de56adb27bebd25b4c5e971190e19386fd02e3d4ace5633700c2d1b7a116cd36a26b2bef4d51877c115649971b587680ab786b992cd36fc01f02a0440b754987b9cce2c80b2ef0d1bd1ad01341339a49b42b25c15b46acd79381ec27b5e1e202930ab406a53f2115991a119d5be6250d0bfe03a40c4763dadc6f9a639cc3616a71cc131ef4fa01732cab6e87a37997e3dd7f1d6d741dc59f20bbcfeecf941b1cea84a8c26bbb37e864fd31cc7c9b53752073ace69f8c7603d6f793e2bb59ea650b7f19988caed9802c0ef64b321b546fa826dd3d62f113a152f579c1dc8f2c40274c6f9f5f190ca69691389ab2d70e68ebf639d8d6d69c2d23c048bfd04c0b0ce0a611c0c7621ff8a3d6df980fee1e16e2c4e097dcb9e765753a615611b29fa2ba5408f1f4d1d5b97b372e6a82247773365fce1fb4dc24306d81f9673efd17bb9a1a35e6bc20f6468a3c5d70d9702aedf01f653b415a094123df669a61b789046fa6070a39212bddec3a0275672876e0251f6efbaac971b3bd2e7b602ae5760faa328bbb6a9d97d98e2f60c78bee01954bf6367a7d3d5351bca0c3b9154ed93499e8868e3058b3cf4a36ebac93f8f261a65a61f7b88ef9d8a8bf58295399fbf6c62fa76c032947cbd1334b03f015780a4a0d8ee6b8ee53bda1788040b5d00d554d9936b2b2ac4cf602a31f67ab1aa05e5325f85e7a9b9abfbac954d01ebb8e506a4222ace41e4709b7ba1dbf174e44878d4f1446516b9ff98a5c5185e8c42edbaba29266e9b080c05c42c428b35fa2631bc52b455e01f52d0d799372fe588916292134390b67a1", 0xffc}, {&(0x7f00000030c0)="93f2b95db41078a706f5c9d3b4b36603243b6b97e8c75280e9d65e2b82e1b9627f680fff24b94db3ead46a07aacf784b6db2d292eefcc6368ae2fbe76319b284ffbceb96d06c7131aec31629c1385a211e004b9cd91901b44f06a6e8a1f52bebcb0880a883a13c34d60288dff458fd52d3b6d503a0b7dfa0c9b08b", 0x7b}], 0x4, &(0x7f0000003340)={0x60, 0x10d, 0x1f, "7eb645ddfffb0babe754ad3ec430d773f9c1986a331bf341f5608b1e5e1bd0d56e5429c4624c7fb3bd0755a3717cf2634df74026cd511ad2b6ad537b2b3849a0bae56ce6154c68b12cceedba"}, 0x60, 0x1}, 0x4) ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f0000003400)=""/225) 2018/04/21 05:29:55 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x8000, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e22, @broadcast=0xffffffff}, 0x10) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000100)=r0) r3 = fcntl$getown(r1, 0x9) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x1, 0x9, 0x200, 0x3, 0x0, 0x9, 0x8, 0x2, 0x80000001, 0xffff, 0xfff, 0x3ff, 0x9, 0x0, 0xff, 0xef3, 0x1000, 0x623e, 0x62d5, 0x1, 0x5, 0x10000, 0x5, 0x101, 0x7, 0x6, 0x3, 0x100000000, 0xffff, 0xad, 0x81, 0x626, 0xb4, 0x800, 0x8, 0x60, 0x0, 0x1000, 0x5, @perf_config_ext={0x5, 0xa79}, 0x4220, 0x3, 0x2, 0x4, 0x8001, 0x4}, r3, 0xa, r0, 0x8) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={r2, 0x0, 0x1, 0x0, &(0x7f0000000200)}, 0x20) getsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000001c0)=0xfffffffffffffffb, &(0x7f0000000200)=0x4) [ 85.663995] kvm: emulating exchange as write [ 85.670684] binder: 6783:6820 IncRefs 0 refcount change on invalid ref 1 ret -22 [ 85.716388] binder: 6783:6820 BC_FREE_BUFFER u0000000000000000 no match [ 85.782368] binder: 6783:6820 BC_FREE_BUFFER u0000000000000000 no match [ 85.789251] binder: 6783:6820 BC_ACQUIRE_DONE u0000000000000000 no match [ 85.796167] binder: 6783:6820 got transaction to invalid handle [ 85.802818] binder: 6783:6820 transaction failed 29201/-22, size 48-80 line 2848 2018/04/21 05:29:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000000)={0x79}, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, &(0x7f00000001c0)={0x0, 0x0, 0x200}) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="0000000000000000a7d8c648d9690f3ae0934ce1378aba2bc3826687d435ac0a8d43ca85e72900ddc00070db59ca0b11387c51b3d97ee5eb76cdd4ae406597117cfa11ddf7e68e3649"]) 2018/04/21 05:29:55 executing program 4: openat$mixer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer\x00', 0x1fff, 0x0) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @reserved=0x1}, 0x10) r0 = memfd_create(&(0x7f00000001c0)="0608000008847f00", 0x3) write(r0, &(0x7f0000ffdffb)='#!', 0x2) perf_event_open(&(0x7f0000220000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mq_notify(r0, &(0x7f0000000040)={0x0, 0xf, 0x2, @thr={&(0x7f00000000c0)="49fbe0179dd1f8661f7c78952b555e99b3faeb929af29bcd6960ae2668c70ac998a6fe7a56a5bbcdf924e0559170564738cbfa472cd5ff415cfe867032ce92f01e8d7c657b89b855e9211390b9648709ad5dbfc7e8a577cdaac3524acb3cc593ea8fe4db95578cf88c8d29be7250e18bfa81a43d3341c2acda915287c2daf116873933e8932d4ec70607f8a89967298b65498447823371f67fbbc987a8859b7ac95cd0049ce24c38a8fc89be7169e0e5ce1e00a89ec1adae14ec30d43e52caba040a23e37e08d5096b2ee2ee3843b6414f34db03d9c78583faee1c1444bbe95ba7d6b1841f6fcbf359b9ef4632623b520837", &(0x7f0000000240)="8fc0f1a0191aaffb401e5d3073a5c87d186cb8c7732fb0d823902813dcab5d955ab82a112a344973cef674bc2efd50740d97cf54e7c4240f9e3de5993bbe4e9c029393248414f263d01742cab737ff03a9acb0f54a69d1db32a99f6a998c6cda9641327484ad6da5c42d4984a917fb71db2eed754ab3bc33562acebd39d46fc136dae295182850424f2a416aed68792dd2ba385631dca2e13b5f9197b5b5cc9e52e7ac157632e06a"}}) execveat(r0, &(0x7f0000ff7000)='./file0\x00', &(0x7f0000d0e000), &(0x7f000034bff8)=[&(0x7f0000ff7000)="00000000000000060804002000fffc0c6565643b799365005f1b76"], 0x1000) 2018/04/21 05:29:55 executing program 0: r0 = perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x1e, 0x1, 0x0) getsockopt(r1, 0x800000010f, 0x87, &(0x7f0000000000), &(0x7f0000000000)=0xfffffff2) r2 = fcntl$dupfd(r0, 0x406, r1) ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000080)) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 2018/04/21 05:29:55 executing program 7: r0 = perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setsig(r0, 0xa, 0x15) r1 = socket(0x1e, 0x1, 0x0) getsockopt(r1, 0x800000010f, 0x87, &(0x7f0000000000), &(0x7f0000000000)=0xfffffff2) ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f0000000040)={'ip6tnl0\x00', 0x715}) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3, 0x0) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000100)=@add_del={0x2, &(0x7f00000000c0)='ipddp0\x00', 0x3}) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xfff) 2018/04/21 05:29:55 executing program 3: r0 = fcntl$getown(0xffffffffffffffff, 0x9) getpgrp(r0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioprio_get$pid(0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f000000bfc8)={&(0x7f0000000000)=@nl=@proc={0x10}, 0x80, &(0x7f0000009000), 0x0, &(0x7f0000004000)}, 0x0) 2018/04/21 05:29:55 executing program 6: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x10000001, &(0x7f0000000140)=0x5, 0x7ff, 0x2000000000000007) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x541040, 0x0) times(&(0x7f0000000180)) setsockopt$inet_dccp_buf(r1, 0x21, 0x8d, &(0x7f00000000c0)="43c7e0823a83b5bfcd7aafca1feb33bd61f32b977ee012100e54271c69de59554be0acc8448e2e22db54c78924dc09426a3925c782f876531bef03c2f638052bd0d33a6ec0c6a399f2490357e336513fa8830e9d5065b622b53e8292", 0x5c) mbind(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000040)=0x80000000, 0x3ff, 0x4) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x2c) 2018/04/21 05:29:55 executing program 1: syz_mount_image$f2fs(&(0x7f00000000c0)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000022000000020000000200000002000000020000001a000000000400000004000000080000000c0000000b000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f00000001c0)=ANY=[]) r0 = request_key(&(0x7f0000000340)='encrypted\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000003c0)='vmnet0wlan1*-vmnet0bdevGPL\x00', 0xffffffffffffffff) request_key(&(0x7f0000000280)='rxrpc_s\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000300)='keyring\x00', r0) r1 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffff8) request_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)='f2fs\x00', r1) pipe2(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000480)={@rand_addr=0x7fff, @broadcast=0xffffffff, 0x0, 0x3, [@local={0xac, 0x14, 0x14, 0xaa}, @multicast1=0xe0000001, @loopback=0x7f000001]}, 0x1c) setsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f0000000440)=0x1, 0x1) socket$pppoe(0x18, 0x1, 0x0) 2018/04/21 05:29:55 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB]) ioctl(r0, 0x8b16, &(0x7f00000000c0)="c00cbf41117f120cf049145b439b50d2b8df81ca5fa469e123d8381136e49903537b2469505644d6b1fefd19c7fd0f5e2fef46987eaacd0a9655cead605c32a6cfecd7c646e8ab8ab2b2eeaf83a0c1a8") ioctl(r0, 0x8936, &(0x7f0000000000)) [ 85.886300] binder: undelivered TRANSACTION_ERROR: 29201 [ 85.895185] binder: undelivered TRANSACTION_ERROR: 29201 [ 85.947910] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 85.955258] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock 2018/04/21 05:29:55 executing program 3: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x101005, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[{0x3}, {0x0, 0xe7}, {0x0, 0x10000}, {0x2, 0x1}, {0x7, 0x7}], 0x5) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f000082ef0a)=""/246) pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)="80fd02002000", 0x6}], 0x1, 0x0) 2018/04/21 05:29:55 executing program 5: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000832ff3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x200040, 0x0) getsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f00000000c0)=0x3, &(0x7f0000000100)=0x4) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f00000002c0)) r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x80000000, 0x103002) ioctl$PIO_FONTRESET(r2, 0x4b6d, 0x0) [ 86.004654] F2FS-fs (loop1): Wrong NAT boundary, start(3072) end(2816) blocks(1024) [ 86.012655] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock 2018/04/21 05:29:55 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000942000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='ip_vti0\x00', 0x10) sendto$inet(r0, &(0x7f0000001280)="e1c183d975621c09b0d6a3cf0e2eab9ccba7aa3ee3e069de6faaff36331805e8c6d65b42e651760b2fb4937e9dc9535978319420832c31296a901faea1d015cc4614cdf7af138dab67ceb6dcc3056b24355967723b6c1b5298aa9bd2f944222919ce6356af0f747429a9d2aa04af202655a7cc9bec8ff2a256fb1dfacb3b73acbeed01a62bbd8368e7f22db9af84cf6782a61ad7f07d812a01fc62821c3d153ea9975e7432c6023578dfc792310342d44f7ef4af8263c5fa11b3f23f0dbcdff8f2d31f480e0779e331024b226a911249235fba81486417741d8f07f72821e3b1887c3f19a3f601358b0ebd2d4d3bdc9507d7ed9604f0d8b3a889f8c17490f223796c7d821ecd3c29ce3780d3173f7ac17911ee217039d1baefeff2ab7599112d2712109467fc07774e55f108b7812daa1f7db363448bced27b1a237fe8e70001196597402a7270231f7863c59bae586f2f524a40859eeb26ecff6729fa95f77051bba76b760c7d6d24e6d3b1f748b0d4be4b964996cde85489a0fd2d20c210751edc2b632701fc4964b7c36806442668d19806dbb02ae620064159754a40cc7c68b2d9215eb2b52543ddfa6a130d87cd8662852abe413145aa31337f9e4cd005e68ade5c93545fd566d854074db10a50eb83d04db48ded582cf07b0592b2730bf6f7fae7ba8770bd15d04e25d65e91679a8bfd86e712666764d8eb3ec01b11665e378883b8f65139556fa1148886b6beb87454ec50772e3248c9ce015ceabbfbf311775ae1ec049e6a9016754b8abc1e510f033124f07ecd8b76b88f15ac57595e76734962a344e3050e16d2f9df2b5ed767ad3eb65921c0ed67b9dca16afc3a31b32cc0a2a2a89bfd8fce7658a532c217fcfa8a4bdfebec18231d06cafc3077aa198d7c9b0cd918091d1f9bf6731c89a7b2fdaf90582a66da846565381c10637d9e8fb6ef3dd54eeebc1d1d7bb56501d5cf24148e79054ecfdfb0f4af3536a19beab8353a33b65bee7cdc382ebf7325acb226cbeb86f7b6d184d21f43c15dc83ded2afb0a38f6d54a5aaa2b8a6219f5b110ceea643bb171b977536a62ec9c3afef8ff2f4ce948df462c6b1d4202ef61e553e60be77df062ed48aeafd0687ea991d7bc63f4c95a5f3494eb39936f34df5aad93c0bef860212d72883f962f3b459a9028a628252609db48a406cbf2415f304c0d77393b56ed6dfdd08b63eb02a4cb55eacc0cf283f0f76d3ad11b1b2c754c1fd49df9745d978bf03b440f69d359d528916286535739420a2bd487f7a750f55d7dd10769df54332d9d0782f67536ef3ef32821017c4adf3d4a0113908b40b6c8df1554da64c14d56e617b37226b6bd7d3b9b210ce72935a391a83c600af4ec32334f03238740fbeca9fcfb3f359102d7164dcce7cf5c6e94edd964602a2e6144c8db25f158fc16a4cff46b57de81a78a322d9d1a60f54fb4e26677eab9239c8423be717e2ef3117aab09691207d6ebc3af79604653573b414ffc60dbb86a2d612571f0e2228650b0997eeb067a2bd654954d472eb575f27c985e9d2896d6d0981710b98e8d8be1c6876421dc589f97b9d0c56e8b75ac5c0e1259111aaabb181f413a433a25cbb9c66f97bcd7161f87c379b68afe13c728a16586cecb882468d859b5530520e3affb994180df5106c769a7df754c4ce463490096e6ae554d9d9d7ca98143c169b19819eb6c0fcbbcf3e38882b7fc7662511ccc3ebde5353db2b807877b0cf8004d52aa5ba46dd8b40e7aaece5bdc3b915d1a889f7017c8dc44ff86a7a5f74ea9e0d3fa25f675c4a8cdf1fab819fb4047b934c24baad158b451cc9ec1a7a26930d400a9929cae8b550d55ba5ef128d91d6fedb3d9c9dc37b489118e9aff58fd24db0e0afebdbda3f657575d30a9e7b76ce1fadb24e104fc2b3ca53ffa88f8a06fed45e7fb4a396395ced0c863f9026dd4b74ce3ca67113d3df37dc5b7435eed62f40bbee3c290c43b92d58235039d9a5a5fa5000307f0b670cd1a8338af", 0x5bf, 0x4000080, &(0x7f0000001240)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000000080)='\x00', 0x1, 0x0, &(0x7f00004daff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 2018/04/21 05:29:55 executing program 0: r0 = perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x1e, 0x1, 0x0) getsockopt(r1, 0x800000010f, 0x87, &(0x7f0000000000), &(0x7f0000000000)=0xfffffff2) r2 = fcntl$dupfd(r0, 0x406, r1) ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000080)) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x0, 0x0) 2018/04/21 05:29:55 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'ip_vti0\x00', {0x2, 0x4e23, @broadcast=0xffffffff}}) getsockopt$bt_hci(r0, 0x0, 0x53, &(0x7f0000000140)=""/152, &(0x7f0000000200)=0x98) 2018/04/21 05:29:55 executing program 7: pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000bc8000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r1, &(0x7f0000000040)=[{0x0, 0x0, 0xe9a, 0x0, @time, {}, {0xfffffffffffffffe}, @time=@time={0x77359400}}], 0x30) fcntl$setpipe(r0, 0x407, 0x0) write$eventfd(r1, &(0x7f0000000000), 0x8) dup2(r0, r2) [ 86.046581] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 86.053738] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock 2018/04/21 05:29:55 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)="64637663702d72656f00875f1b093d4a22e5694f336e5436588405ab7bc335f32af5841733d7a80e4433207c50ed7578", 0x30) r2 = syz_open_dev$midi(&(0x7f0000000440)='/dev/midi#\x00', 0x80000001, 0x1000100040) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r2, 0x54a3) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000480)={'vcan0\x00', 0x0}) socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000100)) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000040)) fcntl$notify(r0, 0x402, 0x20) sendmsg$can_raw(r2, &(0x7f00000005c0)={&(0x7f00000004c0)={0x1d, r3}, 0x10, &(0x7f0000000580)={&(0x7f0000000500)=@canfd={{0x3, 0xc1c8, 0x0, 0x8001}, 0xa, 0x1, 0x0, 0x0, "db763dd5089473f3af890f1ac97ab4fb587fdad3f36c51e2816a0c8a0bc5de0f3564c8ed3b23854c848e941cafb4ac53c03b844b1917bfeea4f5f26cea260d6e"}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x40) [ 86.095876] F2FS-fs (loop1): Wrong NAT boundary, start(3072) end(2816) blocks(1024) [ 86.103820] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock 2018/04/21 05:29:55 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c20000000180c200000086dd6006f515c123f29be8effa05d4652600063a00fe8000001000000000000000000000ffff0200000000008bf924989fe5460f01800090780000fffd"], &(0x7f0000a95fe8)) [ 86.226524] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 86.233803] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock 2018/04/21 05:29:56 executing program 0: syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaa0008a80600015697eb4d16ccab4517294c8f83750800060400030180c200000f7f000001000000000000000074fa93637015984e5edf377f494c00004454786b68580679699d9061f8da976a6ad3ef74d5acd4b6f4e6b8fd1437850812d0afdc56afd983578725dad62bdd99c22f01c5d04bb03a5651128f4c8c34bbda40b0b85d24c2737bc64c1a889458561b3f1c7f07894e07f5938b41c0382069d674a61fc4b8bdd3643bf55100268b9f39abc2f6fd4ebe8309100988284724a6e1f7f771b3265460c2f30210d740155a2bfcf5e6c9705071ba9c36c47a5baf0cf3900d5dda0f8b"], &(0x7f0000000100)) 2018/04/21 05:29:56 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) memfd_create(&(0x7f0000000140)='/dev/hwrng\x00', 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x236, 0x0, &(0x7f0000000100), 0x1b5) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000240)={[0x0, 0x0, 0x0, 0x5004], 0x0, 0x62}) syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00') r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 05:29:56 executing program 7: ioctl$sock_ifreq(0xffffffffffffffff, 0x0, &(0x7f0000000000)={'gre0\x00', @ifru_addrs=@in={0x2, 0x0, @rand_addr}}) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x20000000000001cf, &(0x7f00000000c0)}, 0x10) r0 = socket(0x1c, 0x2000000000000005, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x4, 0x200) ioctl$sock_netrom_SIOCGSTAMP(r1, 0x8906, &(0x7f00000000c0)) r2 = getpgrp(0x0) ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f0000000080)=r2) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000002800)={"6272696467653000000000000000a300", &(0x7f0000000000)=ANY=[]}) 2018/04/21 05:29:56 executing program 3: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x1a9, 0x80000) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f00000001c0)={0xd3bf, 0x3, 'client0\x00', 0x4, "61af3bd96e488402", "c4bed5c128ebd2e7a5b385ef7aadffd39091355974aa988541b9a868f8d0d885", 0x9b84, 0xaf}) r1 = memfd_create(&(0x7f000001cffb)='.\x00', 0x0) r2 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000300), &(0x7f0000000140)=0x3ce) dup2(r2, r1) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r1, 0xc0605345, &(0x7f0000000000)={0x0, 0x3, 'client0\x00', 0x0, "143fcad4b40ac70e", "e5e82287010ddad0bf1e90f7ae67623f8b223c044f736242bca4c2d090a0f4ee", 0x4e7f}) ioctl$VT_WAITACTIVE(r0, 0x5607) 2018/04/21 05:29:56 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x8040ae69, &(0x7f0000005fec)={0x0, 0x0, 0x400}) pkey_mprotect(&(0x7f0000005000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000005fe0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000008000/0x2000)=nil}) 2018/04/21 05:29:56 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x7, 0x4, 0x40, 0x6}, 0x2c) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000000)="4b57415a348897e61f301dd3ebebee1a34dbd5cfabc0c658456c92e197a6868b4c0285af85bbc15e0f43d5b27f4181e446f49ddaf7104b21"}, 0x10) open(&(0x7f0000000040)='./file0\x00', 0x24040, 0x10) 2018/04/21 05:29:56 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x80000000010, 0x803, 0x0) write(r0, &(0x7f00000000c0)="260000002a0029d10701c1eb448974000000040001000000000000000002000000000000e9ff", 0xffffffffffffffcf) syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x0, 0x0) 2018/04/21 05:29:56 executing program 5: bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f00000000c0)="b82283392dc50ff1fb635a5849d2f5916ae2fdc24e95e12aa8daccf7393e72be9cc66f"}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4, 0x20e}, 0xfffffffffffffed4) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1000001, 0x5, &(0x7f0000000080)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00000002c0)=""/251, 0x41f00}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r0, 0x50, &(0x7f00000000c0)}, 0x10) socketpair$inet(0x2, 0x0, 0x6f2000, &(0x7f0000000180)) [ 86.458520] syz-executor6: vmalloc: allocation failure: 8589934592 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 86.470515] syz-executor6 cpuset=syz6 mems_allowed=0 [ 86.476125] CPU: 1 PID: 6935 Comm: syz-executor6 Not tainted 4.17.0-rc1+ #10 [ 86.483322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.492685] Call Trace: [ 86.495373] dump_stack+0x1b9/0x294 [ 86.499022] ? dump_stack_print_info.cold.2+0x52/0x52 [ 86.504236] ? perf_trace_lock_acquire+0xe3/0x980 2018/04/21 05:29:56 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f00000b5ff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2, 0x0, 0xffefffffffffffff}}) [ 86.509100] warn_alloc.cold.118+0xb2/0x1b8 [ 86.513442] ? zone_watermark_ok_safe+0x3b0/0x3b0 [ 86.518311] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 86.524403] ? graph_lock+0x170/0x170 [ 86.528225] __vmalloc_node_range+0x45e/0x750 [ 86.532743] ? graph_lock+0x170/0x170 [ 86.536539] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 86.541374] __vmalloc_node_flags_caller+0x75/0x90 [ 86.546293] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 86.551776] kvmalloc_node+0xde/0x100 [ 86.555575] kvm_arch_create_memslot+0xa3/0x4e0 [ 86.560248] __kvm_set_memory_region+0x1d1b/0x2e50 [ 86.565192] ? kvm_vcpu_block+0x1050/0x1050 [ 86.569502] ? print_usage_bug+0xc0/0xc0 [ 86.573558] ? perf_trace_lock+0x900/0x900 [ 86.577787] ? graph_lock+0x170/0x170 [ 86.581576] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 86.586154] ? __lock_acquire+0x7f5/0x5140 [ 86.590396] ? trace_hardirqs_on+0xd/0x10 [ 86.594546] ? find_held_lock+0x36/0x1c0 [ 86.598608] ? lock_downgrade+0x8e0/0x8e0 [ 86.602779] kvm_set_memory_region+0x2e/0x50 [ 86.607194] kvm_vm_ioctl+0x668/0x1d90 [ 86.611103] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 86.616655] ? __perf_event_task_sched_in+0x247/0xb80 [ 86.621857] ? kvm_set_memory_region+0x50/0x50 [ 86.626443] ? find_held_lock+0x36/0x1c0 [ 86.630502] ? perf_trace_lock_acquire+0xe3/0x980 [ 86.635349] ? perf_trace_lock+0x900/0x900 [ 86.639592] ? kasan_check_read+0x11/0x20 [ 86.643734] ? graph_lock+0x170/0x170 [ 86.647528] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 86.652105] ? compat_start_thread+0x80/0x80 [ 86.656509] ? _raw_spin_unlock_irq+0x27/0x70 [ 86.660997] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 86.666011] ? trace_hardirqs_on+0xd/0x10 [ 86.670166] ? _raw_spin_unlock_irq+0x27/0x70 [ 86.674664] ? find_held_lock+0x36/0x1c0 [ 86.678730] ? lock_downgrade+0x8e0/0x8e0 [ 86.682875] ? kasan_check_read+0x11/0x20 [ 86.687027] ? rcu_is_watching+0x85/0x140 [ 86.691166] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 86.696364] ? __fget+0x40c/0x650 [ 86.699820] ? expand_files.part.8+0x9a0/0x9a0 [ 86.704407] ? lock_downgrade+0x8e0/0x8e0 [ 86.708565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 86.714110] ? kvm_set_memory_region+0x50/0x50 [ 86.718704] do_vfs_ioctl+0x1cf/0x16a0 [ 86.722595] ? ioctl_preallocate+0x2e0/0x2e0 [ 86.726996] ? fget_raw+0x20/0x20 [ 86.730458] ? exit_to_usermode_loop+0x87/0x310 [ 86.735126] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 86.741003] ? security_file_ioctl+0x94/0xc0 [ 86.745414] ksys_ioctl+0xa9/0xd0 [ 86.748867] __x64_sys_ioctl+0x73/0xb0 [ 86.752751] do_syscall_64+0x1b1/0x800 [ 86.756629] ? finish_task_switch+0x1ca/0x810 [ 86.761128] ? syscall_return_slowpath+0x5c0/0x5c0 [ 86.766054] ? syscall_return_slowpath+0x30f/0x5c0 [ 86.770980] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 86.776346] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 86.781186] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 86.786371] RIP: 0033:0x455389 [ 86.789552] RSP: 002b:00007f77ff0f4c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.798043] RAX: ffffffffffffffda RBX: 00007f77ff0f56d4 RCX: 0000000000455389 [ 86.805305] RDX: 0000000020005fe0 RSI: 000000004020ae46 RDI: 0000000000000014 [ 86.812565] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 86.819833] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 86.827101] R13: 0000000000000276 R14: 00000000006f6bb0 R15: 0000000000000000 [ 86.834677] Mem-Info: [ 86.837165] active_anon:128498 inactive_anon:74 isolated_anon:0 [ 86.837165] active_file:3495 inactive_file:8440 isolated_file:0 [ 86.837165] unevictable:0 dirty:143 writeback:0 unstable:0 [ 86.837165] slab_reclaimable:8829 slab_unreclaimable:105231 2018/04/21 05:29:56 executing program 2: futex(&(0x7f000000cffc), 0x80000000000b, 0x0, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0) r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0xc3f0, 0x80c2) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000240)={r1, 0xb0, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x9, @loopback={0x0, 0x1}, 0x80}, @in={0x2, 0x4e21, @broadcast=0xffffffff}, @in={0x2, 0x4e24, @rand_addr=0x3}, @in={0x2, 0x4e24, @multicast2=0xe0000002}, @in6={0xa, 0x4e23, 0x7, @local={0xfe, 0x80, [], 0xaa}}, @in={0x2, 0x4e24, @rand_addr=0x4}, @in6={0xa, 0x4e20, 0x6afe, @loopback={0x0, 0x1}, 0x2}, @in6={0xa, 0x4e22, 0x99ef, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0xffffffff}]}, &(0x7f0000000280)=0x10) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000fd7ff0)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, &(0x7f0000000000)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f000000d000)={0x0, 0x7f}, &(0x7f0000048000)=0x1c0000000, 0x0) [ 86.837165] mapped:73885 shmem:86 pagetables:1135 bounce:0 [ 86.837165] free:1280071 free_pcp:441 free_cma:0 [ 86.870876] Node 0 active_anon:511920kB inactive_anon:312kB active_file:14048kB inactive_file:33760kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:295488kB dirty:580kB writeback:0kB shmem:336kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 239616kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 86.899775] Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 86.926526] lowmem_reserve[]: 0 2830 6335 6335 [ 86.931638] Node 0 DMA32 free:2900300kB min:30116kB low:37644kB high:45172kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2901152kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:848kB local_pcp:112kB free_cma:0kB 2018/04/21 05:29:56 executing program 5: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)) r0 = memfd_create(&(0x7f00000001c0)='/dev/kvm\x00', 0x1) mmap(&(0x7f0000002000/0x10000)=nil, 0x10000, 0x0, 0x4100000032, r0, 0x8000000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x90800, 0x0) pipe2(&(0x7f0000e3eff8)={0x0, 0x0}, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) dup3(r4, r3, 0x0) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000240)={0x101ff, 0x0, &(0x7f0000001000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="baf80c66b8f987f38a66efbafc0cb000ee66b9800000c00f326635010000000f300fc759170f231fbaf80c66b81697338766efbafc0cedd8a90380f3c4092ece0f00d290", 0x44}], 0x1, 0x0, &(0x7f0000000180)=[@flags={0x3}], 0x1) [ 86.959402] lowmem_reserve[]: 0 0 3505 3505 [ 86.963839] Node 0 Normal free:2210240kB min:37300kB low:46624kB high:55948kB active_anon:507692kB inactive_anon:312kB active_file:14048kB inactive_file:33760kB unevictable:0kB writepending:580kB present:4718592kB managed:3589432kB mlocked:0kB kernel_stack:5408kB pagetables:4420kB bounce:0kB free_pcp:844kB local_pcp:200kB free_cma:0kB [ 86.993685] lowmem_reserve[]: 0 0 0 0 [ 86.997590] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 87.011868] Node 0 DMA32: 7*4kB (UM) 4*8kB (M) 1*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (UM) 5*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 705*4096kB (M) = 2900300kB [ 87.027740] Node 0 Normal: 610*4kB (UM) 14*8kB (ME) 794*16kB (UE) 842*32kB (UME) 70*64kB (UE) 8*128kB (UE) 5*256kB (E) 8*512kB (UME) 3*1024kB (U) 7*2048kB (UM) 521*4096kB (UM) = 2204504kB [ 87.044792] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 87.053403] 12035 total pagecache pages [ 87.057445] 0 pages in swap cache 2018/04/21 05:29:56 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000001000)={{0x100000001}}) r1 = syz_open_dev$sndtimer(&(0x7f0000f37000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000001000)={{0x100000001}}) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000080)={'veth1\x00', {0x2, 0x4e21, @rand_addr=0x3}}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) close(r1) 2018/04/21 05:29:56 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) r1 = syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x3ff, 0x80) ioctl$sock_ipx_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000200)={'team_slave_0\x00', {0x4, 0x9, 0x3, "0e96b14ff3dd", 0x401}}) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000240)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x1, 0x400100) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x7, 0xffffffffffffffe1, 0x7, "7175657565300002000000000000000028b00306fce41ead00", 0xf}) mkdirat$cgroup(r1, &(0x7f0000000380)='syz1\x00', 0x1ff) r3 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r3, &(0x7f0000f74fc8)={0x0, 0x0, &(0x7f00007e0ff0), 0x0, &(0x7f00005e2fd0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) socketpair(0x17, 0x80804, 0x2dd, &(0x7f0000000180)) readv(r3, &(0x7f0000000340)=[{&(0x7f0000000300)=""/34, 0x22}], 0x1) r4 = semget$private(0x0, 0x3, 0x0) semctl$GETZCNT(r4, 0x3, 0xf, &(0x7f0000000280)=""/102) [ 87.060931] Swap cache stats: add 0, delete 0, find 0/0 [ 87.066357] Free swap = 0kB [ 87.069412] Total swap = 0kB [ 87.072497] 1965969 pages RAM [ 87.075656] 0 pages HighMem/MovableOnly [ 87.079669] 339346 pages reserved 2018/04/21 05:29:56 executing program 7: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000002800000720a00ffffffff007401"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000400)='/dev/rtc\x00', 0x40440, 0x0) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1d, &(0x7f0000002100)={@mcast1, 0x0}, &(0x7f0000002140)=0x14) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002180)={0x0, 0x0}, &(0x7f00000021c0)=0xc) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000002200)={{{@in=@rand_addr=0x4, @in=@multicast2=0xe0000002, 0x4e23, 0x7fffffff, 0x4e22, 0x0, 0x0, 0xa0, 0x80, 0x3c, r1, r2}, {0x7, 0x8001, 0x3, 0x4, 0x10001, 0x5, 0x2, 0x1}, {0x84, 0x3, 0x2f4c000000000, 0xffffffffffffff01}, 0x9, 0x6e6bb9, 0x0, 0x1, 0x3, 0x2}, {{@in=@multicast2=0xe0000002, 0x4d3, 0xff}, 0x0, @in=@broadcast=0xffffffff, 0x3504, 0x1, 0x1, 0x5, 0x1, 0x10001, 0x81}}, 0xe8) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000050000000000000000140000000000009500000000000000"], &(0x7f00000003c0)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187, 0x0, 0xfffffffffffffffe}, 0x48) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x40, 0x0) openat$cgroup_procs(r3, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) 2018/04/21 05:29:56 executing program 0: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x0, 0x0) symlinkat(&(0x7f0000000100)='./control\x00', r0, &(0x7f00000001c0)='./control\x00') perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000180)='./control\x00', 0x0) r1 = open(&(0x7f0000000040)='./control\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000044ff6)='./control\x00', 0x0) r2 = fanotify_init(0x0, 0x0) fanotify_mark(r2, 0xa, 0x10, r1, &(0x7f00000000c0)='./control\x00') [ 87.197365] syz-executor6: vmalloc: allocation failure: 8589934592 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 87.209353] syz-executor6 cpuset=syz6 mems_allowed=0 [ 87.214577] CPU: 0 PID: 6969 Comm: syz-executor6 Not tainted 4.17.0-rc1+ #10 [ 87.221780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.231149] Call Trace: [ 87.233761] dump_stack+0x1b9/0x294 [ 87.237411] ? dump_stack_print_info.cold.2+0x52/0x52 [ 87.242622] ? kasan_check_read+0x11/0x20 [ 87.246809] warn_alloc.cold.118+0xb2/0x1b8 [ 87.251151] ? zone_watermark_ok_safe+0x3b0/0x3b0 [ 87.256009] ? trace_hardirqs_on+0xd/0x10 [ 87.260193] ? _raw_spin_unlock_irq+0x27/0x70 [ 87.264704] ? finish_task_switch+0x1ca/0x810 [ 87.269218] ? lock_repin_lock+0x410/0x410 [ 87.273471] __vmalloc_node_range+0x45e/0x750 [ 87.277981] ? graph_lock+0x170/0x170 [ 87.281797] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 87.286649] __vmalloc_node_flags_caller+0x75/0x90 [ 87.292795] ? kvm_arch_create_memslot+0xa3/0x4e0 [ 87.297627] kvmalloc_node+0xde/0x100 [ 87.301417] kvm_arch_create_memslot+0xa3/0x4e0 [ 87.306083] __kvm_set_memory_region+0x1d1b/0x2e50 [ 87.311013] ? kvm_vcpu_block+0x1050/0x1050 [ 87.315364] ? check_same_owner+0x320/0x320 [ 87.319763] ? do_raw_spin_unlock+0x9e/0x2e0 [ 87.324160] ? rcu_note_context_switch+0x710/0x710 [ 87.329424] ? lock_acquire+0x1dc/0x520 [ 87.333388] ? graph_lock+0x170/0x170 [ 87.337184] ? __might_sleep+0x95/0x190 [ 87.341148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 87.346673] ? futex_wait_queue_me+0x550/0x820 [ 87.351253] ? refill_pi_state_cache.part.7+0x300/0x300 [ 87.356606] ? find_held_lock+0x36/0x1c0 [ 87.360659] ? lock_downgrade+0x8e0/0x8e0 [ 87.364812] kvm_set_memory_region+0x2e/0x50 [ 87.369213] kvm_vm_ioctl+0x668/0x1d90 [ 87.373098] ? drop_futex_key_refs.isra.13+0x6d/0xe0 [ 87.378206] ? futex_wake+0x2f6/0x750 [ 87.381995] ? kvm_set_memory_region+0x50/0x50 [ 87.386569] ? get_futex_key+0x1e90/0x1e90 [ 87.390793] ? do_wp_page+0x42d/0x1990 [ 87.394676] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 87.399854] ? do_futex+0x249/0x27d0 [ 87.403643] ? graph_lock+0x170/0x170 [ 87.407441] ? exit_robust_list+0x290/0x290 [ 87.411755] ? find_held_lock+0x36/0x1c0 [ 87.415809] ? lock_downgrade+0x8e0/0x8e0 [ 87.419947] ? kasan_check_read+0x11/0x20 [ 87.424083] ? rcu_is_watching+0x85/0x140 [ 87.428219] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 87.433405] ? __fget+0x40c/0x650 [ 87.436852] ? expand_files.part.8+0x9a0/0x9a0 [ 87.441428] ? lock_downgrade+0x8e0/0x8e0 [ 87.445569] ? kvm_set_memory_region+0x50/0x50 [ 87.450139] do_vfs_ioctl+0x1cf/0x16a0 [ 87.454017] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 87.459550] ? ioctl_preallocate+0x2e0/0x2e0 [ 87.463947] ? fget_raw+0x20/0x20 [ 87.467395] ? __x64_sys_futex+0x477/0x680 [ 87.471618] ? do_futex+0x27d0/0x27d0 [ 87.475410] ? security_file_ioctl+0x94/0xc0 [ 87.479809] ksys_ioctl+0xa9/0xd0 [ 87.483252] __x64_sys_ioctl+0x73/0xb0 [ 87.487127] do_syscall_64+0x1b1/0x800 [ 87.491006] ? finish_task_switch+0x1ca/0x810 [ 87.495497] ? syscall_return_slowpath+0x5c0/0x5c0 [ 87.500414] ? syscall_return_slowpath+0x30f/0x5c0 [ 87.505350] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 87.510702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 87.515536] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 87.520715] RIP: 0033:0x455389 [ 87.523891] RSP: 002b:00007f77ff0d3c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.531604] RAX: ffffffffffffffda RBX: 00007f77ff0d46d4 RCX: 0000000000455389 [ 87.538860] RDX: 0000000020005fe0 RSI: 000000004020ae46 RDI: 0000000000000016 2018/04/21 05:29:57 executing program 7: mmap(&(0x7f0000cc4000/0x4000)=nil, 0x4000, 0x1, 0x32, 0xffffffffffffffff, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x40, 0x0) mlock2(&(0x7f00009bf000/0x400000)=nil, 0x400000, 0x0) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000000)) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) [ 87.546115] RBP: 000000000072bf58 R08: 0000000000000000 R09: 0000000000000000 [ 87.553459] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 87.560714] R13: 0000000000000276 R14: 00000000006f6bb0 R15: 0000000000000001 2018/04/21 05:29:57 executing program 1: r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x4, 0x0) ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000000c0)={@local={0xfe, 0x80, [], 0xaa}, @remote={0xfe, 0x80, [], 0xbb}, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x0, 0x0, 0x1ff}) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000040)=0x8000, 0x4) 2018/04/21 05:29:57 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x20003, 0x0) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x80000, 0x0) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000080)={0x1, r3}) sendmsg$alg(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000100)}, 0x0) 2018/04/21 05:29:57 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000040)="ba2100b00deef4ba610066b8fcffffff66ef64660f3833d2660f183a66b9f30200000f32baf80c66b8fab5bf8066efbafc0cb87000ef2e65662e0f00d8ba400066ed0f01c8"}], 0x1, 0x1a, &(0x7f0000000040), 0x108e) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='7']) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/21 05:29:57 executing program 0: r0 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f000079df88)) msgsnd(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="01000000000000004fa84d0aac79b3d73656184917e347e3cc178627e9578225f0b006929c3dbb97219f4ce0cd2997f068053c92e088b6c5122920"], 0x8, 0x0) clone(0x0, &(0x7f0000000400), &(0x7f0000000000), &(0x7f0000000480), &(0x7f0000000000)) r1 = syz_open_dev$usbmon(&(0x7f0000000340)='/dev/usbmon#\x00', 0x100000000, 0x40200000) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000380)) semop(r0, &(0x7f0000000040)=[{0x4, 0x800}, {0x0, 0x5, 0x1000}, {0x1, 0x9, 0x1800}, {0x4, 0xffffffff}, {0x0, 0x80000001, 0x1000}, {0x1, 0x100000001}, {0x3, 0x4, 0x1800}], 0x7) msgctl$IPC_RMID(r0, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000580)={0x0, 0x100000001, 0x9, 0x100000001, 0x1ff, 0x4, 0x7fff, 0x6, {0x0, @in6={{0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0xffffffff}}, 0xfc, 0x0, 0xfff, 0x644b, 0xfffffffffffffffc}}, &(0x7f0000000640)=0xb0) setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000680)={r2, 0x6}, 0x8) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='net/connector\x00') ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000004c0)={0x8, 0x0, 0x80000001, 'queue1\x00', 0x1}) ioctl$sock_inet_SIOCDARP(r3, 0x8953, &(0x7f00000003c0)={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xa}}, {0x307}, 0x7e, {0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, 'ip6_vti0\x00'}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e20, @multicast2=0xe0000002}}, 0x100, 0x40, 0x72, 0x800, 0x2}, &(0x7f0000000200)=0x98) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000240)={r4, @in={{0x2, 0x4e20}}, 0x200, 0x1000, 0x44c7d3e1, 0x0, 0x9}, &(0x7f0000000300)=0x98) msgrcv(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000810000000000010000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b57b7a328c240000000000000000000000000000000000000000000000000000"], 0x1, 0x2, 0x1000) 2018/04/21 05:29:57 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$netlink(0x10, 0x3, 0x4) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000000)={@local, 0x0}, &(0x7f0000000040)=0x14) bind$can_raw(r1, &(0x7f0000000100)={0x1d, r2}, 0x10) writev(r1, &(0x7f0000312ff0)=[{&(0x7f0000000080)="480000001400190d090043eafd068c560affffffffe00600003a984fb2bff49a3326a6ffffffff00000000bc5603ca00000fff890000000309ff5bff87c3e4cb6b716c0123b261a2", 0x48}], 0x1) 2018/04/21 05:29:57 executing program 5: rt_sigprocmask(0x1, &(0x7f0000000000)={0x7}, &(0x7f0000000040), 0x8) r0 = getpgrp(0x0) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xffffffffffffff7f}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x1f, &(0x7f0000b1eff0)={0x0, 0x0, 0x1}) rt_sigtimedwait(&(0x7f00009a4000)={0xffffffffffff0001}, &(0x7f00005d8000), &(0x7f0000645000), 0x8) 2018/04/21 05:29:57 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x20, 0x40) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000836000)='/dev/dsp#\x00', 0x1, 0x20000800001) ioctl$int_in(r1, 0x80000040045010, &(0x7f000000bff8)) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x1ef, 0x400) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000140)=0x3, 0x4) init_module(&(0x7f0000000040)='\x00', 0x1, &(0x7f0000000080)='\x00') write$cgroup_subtree(r1, &(0x7f0000000200)={[{0x2d, 'pids', 0x20}, {0x2f, 'cpu', 0x20}, {0x2d, 'io', 0x20}, {0x2b, 'memory', 0x20}, {0x2b, 'pids', 0x20}]}, 0x1d) 2018/04/21 05:29:57 executing program 7: r0 = mq_open(&(0x7f0000000080)='bdev\x00', 0x41, 0xc8, &(0x7f00000000c0)={0x3f, 0x6, 0x94, 0xffffffff, 0x3, 0x5d6e0193, 0x1}) mq_timedsend(r0, &(0x7f0000000000)="e1bd6cd0afde34321df09a6d21a196923c8789fbec2ea693ba8964b3fe243e2d42cdc1b9eef3721daa36ba559839d6", 0x2f, 0x3, &(0x7f000002eff0)={0x1000000000, 0x989680}) 2018/04/21 05:29:57 executing program 3: unshare(0x8000000) epoll_create1(0x0) r0 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x7, 0x2}) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/self/net/pfkey\x00', 0x4000, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000500)={0x2, 0xffffffffffffff01, 0x5776}) r2 = mq_open(&(0x7f0000a04000)='-$\x00', 0x0, 0x2, &(0x7f0000513fc0)) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f0000000100)={0x0, 0x10001, 0x9, 0x0, 0x4}) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000240)) mq_timedsend(r0, &(0x7f000066c000), 0x0, 0x0, &(0x7f000066cff0)) syz_mount_image$xfs(&(0x7f00000000c0)='xfs\x00', &(0x7f0000000180)='./file0\x00', 0x6, 0x3, &(0x7f00000003c0)=[{&(0x7f00000001c0)="4ecd782216dd7355c21ea8d052a8a7c762f50f7d51b163b6877db2b8924c2153fd04896bf98d83d17da2d206ea15cb1862820b93090dc318", 0x38, 0x1537}, {&(0x7f00000005c0)="c057221bbaa757580c5e2a8b456d5ec9d1d4d635dc2b57fa6acf638bb183b29b32c733826af1f54ba14d1f721156057100ac4188277b2fdf7908844804be3252d8ea93570e7e4c620b54dab1043de71c30d1d7432ac7433cefab255884ba6c43fbb72e5b5e497129897cb6f0feee028afa0b918e171d382e1a7cdd8040d00560bf16757bcd3c5e5527daa83ca6de52f52f949c70253aeb6e188cee81e7c3d68574ea679c45f07d42c2832600000000000000", 0xb2, 0xa87}, {&(0x7f0000000300)="84173b546fe3a456c5cbbca4b7081fbd834fbe93220f0e19c225ff46a091db00e57225d1f25a76631964dfeccc91bb209ef96855e9325a036e26a5676f1e2511ca21ccb3df19448f709220f2f4443a8fac802219813beafb398930256174d9fdeebf2c746e7f5a55a86e4ef577a07055b74ab3e2c0d8a4e4048107e621cf2d3e762a5778263e3e3aba701a7bb26211d73be2e5b3b42f912e59125bfb8abdf4bf2e74fe23f8022cab822715d11326", 0xae, 0x2}], 0x1, &(0x7f0000000540)=ANY=[@ANYBLOB="6e6f757569642c646973636172642c6771756f74612c6c6f676465762f5164acb30007989d400c0117fd8d510fcd34a4fb105243dbf85af770e6aee269041a4366696c65302c6ee3653e67ec2d6f6c61726765696f2c7571"]) mq_timedreceive(r0, &(0x7f0000000040)=""/5, 0x5, 0x0, &(0x7f0000000080)) [ 87.829887] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 87.910939] EXT4-fs (loop6): VFS: Can't find ext4 filesystem [ 87.949833] XFS (loop3): unknown mount option [logdev/Qd¬³]. [ 88.003831] XFS (loop3): unknown mount option [logdev/Qd¬³]. 2018/04/21 05:29:58 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x400000, 0x0) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000240), &(0x7f0000000280)=0x4) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, &(0x7f0000d8d000)={0x77359400}, &(0x7f0000048000), 0x0) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000080)=0x14) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000000c0)={@loopback={0x0, 0x1}, @remote={0xfe, 0x80, [], 0xbb}, @loopback={0x0, 0x1}, 0x1, 0x7a, 0x1ff, 0x0, 0x2, 0x80140000, r3}) r4 = shmget(0x2, 0x4000, 0x1088, &(0x7f00006e6000/0x4000)=nil) shmctl$SHM_INFO(r4, 0xe, &(0x7f0000000180)=""/34) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f0000edfff0)={0x77359400}, &(0x7f0000048000), 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) eventfd2(0x40, 0x80801) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f00000001c0)={r5, r6+10000000}, &(0x7f0000048000), 0x0) mmap(&(0x7f0000000000/0xddf000)=nil, 0xddf000, 0x0, 0x32, 0xffffffffffffffff, 0x0) fcntl$getown(r2, 0x9) exit(0x0) prctl$void(0x15) 2018/04/21 05:29:58 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000300)='/dev/dsp#\x00', 0x0, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000340)={0x36, "ca80b0ae12393514d0766ed101950bcccfdb18ae05ef5008523d720d28ef90c82e8efae08585ae05e776c8306c5fafba22dfa9e86261"}) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000100), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000200)={0x9, 0x579b, 0x80, 0x4, 0x8, 0x600000000000, 0x6, 0x6, 0x4, 0xff5c, 0x8000}, 0xb) ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000140)={[0x1, 0x0, 0x2000], 0x5922, 0x1, 0x9}) ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f0000000240)={[0x10000, 0x112000, 0x2000, 0x5004], 0x4, 0x62}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) getsockname$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, @multicast1}, &(0x7f0000000100)=0x10) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f00000002c0)={r3, 0x1}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2018/04/21 05:29:58 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x20040, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x4e24, @loopback=0x7f000001}], 0x10) connect$inet6(r0, &(0x7f0000000000)={0xa}, 0x1c) openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x2, 0x0) sendmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f00000003c0)}}, {{&(0x7f00000004c0)=@in6={0x2, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000000080)}}], 0x2, 0x0) 2018/04/21 05:29:58 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) fcntl$notify(r0, 0x402, 0x10) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000040)=ANY=[@ANYBLOB="73656375726902a50000000000000000000000000000000000000000000000d55c009b88206f503b0000c9a7c011"], &(0x7f0000000000)=0x28) 2018/04/21 05:29:58 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000001f8d)="390000001300090468fe00008100000007fb004003000000450001070000001419001a00040002000700005d20b412020000080001010000f4", 0x39}], 0x1) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r0) 2018/04/21 05:29:58 executing program 4: syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f00000001c0)='./file0//ile0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)={[{@nfs='nfs', 0x2c}]}) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x101000, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e24, @loopback=0x7f000001}}, 0x7, 0x8, 0x1, "48989ed29cd5c0e060b94bfa9cc16a6fa9b902eb2388bbbd85cdff294c53b7e93f9ce86679a409ac8fa852f0fc4298fa23c7fc7f95aa956476fb56d5f9d925fa60f46664384fc567f2a8dcbaf97de2b3"}, 0xd8) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) mkdir(&(0x7f0000000180)='./file0//Ile0\x00', 0x4000000007) 2018/04/21 05:29:58 executing program 5: pipe2(&(0x7f0000989000)={0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x1000)=nil, 0x1000, 0x1, 0x80000000031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000bc8000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) mount(&(0x7f0000434ff8)='./file0\x00', &(0x7f0000abf000)='./file0\x00', &(0x7f0000f4c000)='jfs\x00', 0x1023402, 0x0) unlink(&(0x7f00003b3000)='./file0\x00') lsetxattr(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000700)="65d82c9876f836fac4a2cd5f637468316c6ede", 0x13, 0x0) setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000000), 0x4) dup2(r0, r1) 2018/04/21 05:29:58 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000ffefa8)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(md4-generic)\x00'}, 0x58) perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r1, 0x40046104, &(0x7f00000000c0)) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="162c917311f3c931c5eb12f4cdb3911a93d45501afae9c8005ac05166d590a61098b4fc065d691dacc280ab8506fe9a718f86489902410e1f44f1d98409f450cdb2b23454ac879b3bdadcfff663f3a5086db6fb1441e5c8ca2b3365540884a65e2e6a4df19f3182192b64f4e98a27469a77d97730bd38a8c", 0x78) 2018/04/21 05:29:58 executing program 7: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0x2, 0x4, 0x4, 0x8}, 0x2c) openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f0000000440), &(0x7f0000001440), 0x3}, 0x20) 2018/04/21 05:29:58 executing program 3: r0 = socket$inet6(0xa, 0x1001000000080001, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x800, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f00000001c0)={0x6, 0x7}) getsockopt$inet6_buf(r1, 0x29, 0xdf, &(0x7f0000000280)=""/128, &(0x7f0000000300)=0x80) r2 = getpid() r3 = syz_open_procfs(r2, &(0x7f0000000240)='fdinfo\x00') sched_setattr(r2, &(0x7f0000000380)={0x0, 0x1, 0x1, 0x3c73, 0x546, 0xd7c7, 0x1, 0x2}, 0x0) ioctl$EVIOCSCLOCKID(r3, 0x400445a0, &(0x7f0000000340)=0x9) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000540)={0xc74, 0x55f, 0x0, 0xfff}, 0xffffff24) ioctl$TIOCMSET(r3, 0x5418, &(0x7f0000000500)=0x3e000000000000) ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f00000003c0)) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/loop-control\x00', 0x0, 0x0) fcntl$getownex(r4, 0x10, &(0x7f0000000240)={0x0, 0x0}) ptrace$peekuser(0x3, r5, 0x542ca047) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) r6 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r6) ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) connect$ax25(0xffffffffffffffff, &(0x7f00000002c0)={0x3, {"20ada8787a1d43"}, 0x7fff}, 0x10) ioctl$TIOCMSET(0xffffffffffffffff, 0x5418, &(0x7f0000000280)) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x2c, &(0x7f0000000080)=[@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e23, 0xfc3, @ipv4={[], [0xff, 0xff]}}]}, &(0x7f0000000140)=0xc) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f00000001c0), 0x4) ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000380)) creat(&(0x7f0000000180)='./file0\x00', 0x141) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000400)={'mangle\x00'}, &(0x7f0000000480)=0x54) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000580)=0x4, 0x4) pwrite64(r0, &(0x7f0000000000)="a81cbe49008bf17441560cf6707d674ddb6f932dde0acf6cca6189da3ad9", 0x1e, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f00000005c0)=ANY=[@ANYBLOB="6d616e676c6500000000afbb783a1b94da0e91df59ba100000000000000000050000000000000000000000000000000000000000000000000000000001000000ec000000c9980000000000000000adad00004000000000000000000000000000000000000000492afb09fe565c8601fa1ac395fb29c27200620daf639084ac886e2c279c6773e6321e924adaeffef21f78d1db26b7e9d8fedb52fea73ecf9d47a08ec8638215e13dc4f749b15526c9d71d75fee925351e6b6021366f90b2cf80679e587fef660b0e32ec3355a9adffdfa61f"], 0x1) mmap(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x40, &(0x7f0000000080)=""/84, &(0x7f000000cffc)=0xfffffffffffffe4c) 2018/04/21 05:29:58 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x0, 0x840) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000040)={0x100000000, 0x7, 0x20f, 0x10001, 0x0, 0x594f, 0x5, 0x101, 0x0}, &(0x7f0000000080)=0x20) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r1, 0x8001}, &(0x7f0000000100)=0x8) r2 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x53, r2, 0x0) [ 89.160417] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000650) [ 89.167818] FAT-fs (loop4): Filesystem has been set read-only 2018/04/21 05:29:58 executing program 6: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_LOG_BASE(r0, 0xaf01, &(0x7f00002d7000)=&(0x7f0000989fff)) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140)=ANY=[@ANYBLOB="010000007627d9240913f81e9187a49ce6c605ca83a1ffffffff00000000000000008d37c75861d55c667fec9ea202bffeaf6236723ac06a3c60ef640a65dd964b264a52aade75b181cad38cffa581ea622727570b27b659414216e22db4fc9858db7cb0793e5e067607d5721d086029f31521a742cf2446c683416a2399d441d1a7a8470012aa71e9101d9a6c862edb01d24d5d0c6041c44416c5196adaedc35279", @ANYPTR=&(0x7f00005f8000)=ANY=[], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000080)=0xc) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000df5fd8)={0x0, 0x0, &(0x7f00003acf97)=""/105, &(0x7f0000bf6000)=""/228, &(0x7f000017d000)=""/199}) getpeername$ipx(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x10) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000cef000)={0x1, 0x0, &(0x7f000062a000)=""/167, &(0x7f0000aac000)=""/21, &(0x7f00002fdf52)=""/174}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000f82ffc)=0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f00007a3000)=0x4000000) 2018/04/21 05:29:59 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fafff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000000000002480000000000000000000000000000020ba44395e35a392c4145a11cb0b78eedc8605f3784f340950ce840821e91c15e0832c4b9558f7d78a140d0c5dd04db7ec2fb1d703fa07761fc208132ba52d99112dbec322e16dd20c0e046eb2cca274c39fc1c3ce76ad593e3fb0f1dee9185a42b2a2ba48e1628f383c2908233ccceaa1dabd88690bfa6a56ec3090c0e522721cae4a1e4ee79544d111462cff4af3263a16fda0ddbe3470c2109a605d10716861da697f7fd165bab55d1451e"]) epoll_create1(0x80000) 2018/04/21 05:29:59 executing program 1: r0 = socket$inet(0xa, 0x801, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000700)=@broute={'broute\x00', 0x20, 0x1, 0x258, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, &(0x7f0000000440), &(0x7f0000000480)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x13, 0x0, 0x8035, 'gretap0\x00', 'ipddp0\x00', 'ip6gretap0\x00', 'bond0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @link_local={0x1, 0x80, 0xc2}, [], 0x108, 0x190, 0x1c8, [@arp={'arp\x00', 0x38, {{0x0, 0x0, 0x0, @rand_addr, 0x0, @multicast1=0xe0000001, 0x0, @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}}}, @mac={'mac\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2}}}}]}, [@common=@dnat={'dnat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2}, 0xffffffffffffffff}}}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x6df, 'syz1\x00'}}}]}, @common=@mark={'mark\x00', 0x10, {{0x0, 0xfffffffffffffffd}}}}]}]}, 0x2d0) socket$nl_route(0x10, 0x3, 0x0) [ 89.275148] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000650) 2018/04/21 05:29:59 executing program 4: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$KVM_S390_UCAS_MAP(r0, 0x4018ae50, &(0x7f0000000080)={0xffff, 0xffffffffffffff95, 0x101}) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000d81ff8)=0x101) mkdir(&(0x7f00000001c0)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) fchmod(r2, 0x2c) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000340)) write$sndseq(r3, &(0x7f0000011fd2)=[{0x1000000000, 0x0, 0x0, 0x0, @time, {}, {}, @addr}], 0x30) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x9) rename(&(0x7f0000000140)='./control/file0\x00', &(0x7f0000000180)='./file0\x00') move_pages(r1, 0x4, &(0x7f0000000100)=[&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil], &(0x7f0000000240)=[0x80000001, 0x5], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], 0x6) unlink(&(0x7f00000000c0)='./control/file0\x00') setsockopt$inet6_int(r3, 0x29, 0xdf, &(0x7f0000000300)=0x8, 0x4) close(r2) 2018/04/21 05:29:59 executing program 0: time(&(0x7f0000000080)) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) gettid() timer_create(0x9, &(0x7f0000044000)={0x0, 0x1000000000000017}, &(0x7f00008ec000)) timer_settime(0x0, 0x0, &(0x7f000004a000)={{0x0, 0x1}, {0x0, 0xe4c}}, &(0x7f0000040000)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{}, {0x77359400}}, &(0x7f0000000040)) acct(&(0x7f00000000c0)='./file0\x00') [ 89.481069] hrtimer: interrupt took 187928 ns 2018/04/21 05:30:00 executing program 2: get_mempolicy(&(0x7f0000000100), &(0x7f0000000140), 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x5) r0 = socket$inet6(0xa, 0x40000080806, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000000)=""/161, &(0x7f00000000c0)=0xffffffffffffff97) 2018/04/21 05:30:00 executing program 3: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) accept4$ax25(r0, &(0x7f0000000000), &(0x7f0000000140)=0x10, 0x800) socketpair(0xf, 0xb, 0x59, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x400000001, 0xffffffff00000005, 0x7, 0x4, 0x1, r1, 0x3}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000013c0)={r2, &(0x7f00000002c0), &(0x7f00000012c0)}, 0x20) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e21, @loopback=0x7f000001}, @in6={0xa, 0x4e20, 0x1, @loopback={0x0, 0x1}}, @in6={0xa, 0x4e20, 0x3, @mcast2={0xff, 0x2, [], 0x1}, 0xfffffffffffffffd}, @in6={0xa, 0x4e22, 0x0, @empty, 0x7}], 0x64) 2018/04/21 05:30:00 executing program 6: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setpipe(r0, 0x407, 0x5) semop(0x0, &(0x7f0000000100)=[{0x5}], 0x1) 2018/04/21 05:30:00 executing program 1: io_setup(0xbc, &(0x7f0000000000)=0x0) r1 = socket(0x7, 0x8000a, 0x4) io_submit(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000100)}]) 2018/04/21 05:30:00 executing program 7: r0 = perf_event_open(&(0x7f000002ef88)={0x1, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x2000, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) pkey_alloc(0x0, 0x3) 2018/04/21 05:30:00 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000240)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000019fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = memfd_create(&(0x7f0000006fd0)='/dev/urandom\x00', 0x2) pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000012000)="ca", 0x1}], 0x1, 0x0) fcntl$addseals(r1, 0x409, 0x0) write$eventfd(r1, &(0x7f0000000180), 0x8) close(r1) 2018/04/21 05:30:00 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}], 0x10) 2018/04/21 05:30:00 executing program 4: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x181502, 0x0) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f0000000140)="d92da7b3a0a128764c402fd924764711537994c30fffc2d6a0d3863a6f118e6fdff5facf09b72d33cbe31bf9097862dffa2f24b3d55258fa162cf0ac5c4ef9f66f29b035ec5952b3c746fd26937f7e4f38e93b900cb289597ec143a43088c7173b6150f93d3345e75a3104e98ddc706e29eece92655a0dda5400ea714675da84156c8437c2eb2d8c1d5e3b2bde537977c89f7d66326f55354fcdd235ff8ae65ae07de896195b7c6afa8f1fb9a0b0158b3581f2e5ab9aba5970d5c58a512d9766b77cd20114f093227e3c78b894") perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0x8000000000003, 0x33) syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="6b02f8ee593d", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x33, 0x0, @rand_addr, @broadcast=0xffffffff}, @icmp=@parameter_prob={0x21, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @multicast2=0xe0000002}}}}}}, &(0x7f0000000000)) [ 90.466421] ================================================================== [ 90.474035] BUG: KASAN: slab-out-of-bounds in __sctp_v6_cmp_addr+0x4c7/0x530 [ 90.481375] Read of size 8 at addr ffff8801d65a9210 by task syz-executor0/7148 [ 90.488747] [ 90.490389] CPU: 1 PID: 7148 Comm: syz-executor0 Not tainted 4.17.0-rc1+ #10 [ 90.497762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 90.507126] Call Trace: [ 90.509741] dump_stack+0x1b9/0x294 [ 90.513423] ? dump_stack_print_info.cold.2+0x52/0x52 [ 90.518636] ? printk+0x9e/0xba [ 90.521935] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 90.526716] ? kasan_check_write+0x14/0x20 [ 90.530981] print_address_description+0x6c/0x20b [ 90.535843] ? __sctp_v6_cmp_addr+0x4c7/0x530 [ 90.540354] kasan_report.cold.7+0x242/0x2fe [ 90.544786] __asan_report_load8_noabort+0x14/0x20 [ 90.550415] __sctp_v6_cmp_addr+0x4c7/0x530 [ 90.554760] sctp_inet6_cmp_addr+0x169/0x1a0 [ 90.559192] sctp_bind_addr_match+0x20b/0x400 [ 90.563731] ? sctp_bind_addrs_to_raw+0x370/0x370 [ 90.568594] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 90.574144] ? sctp_v4_available+0x1b1/0x200 [ 90.578574] ? sctp_inet6_bind_verify+0xb2/0x500 [ 90.583351] sctp_do_bind+0x1c0/0x5f0 [ 90.587182] sctp_bindx_add+0x90/0x1a0 [ 90.591101] sctp_setsockopt_bindx+0x2ad/0x320 [ 90.595709] sctp_setsockopt+0x12c4/0x7000 [ 90.599973] ? __lock_acquire+0x7f5/0x5140 [ 90.604230] ? sctp_setsockopt_paddr_thresholds+0x560/0x560 [ 90.609981] ? debug_check_no_locks_freed+0x310/0x310 [ 90.615194] ? print_usage_bug+0xc0/0xc0 [ 90.619303] ? __lock_acquire+0x7f5/0x5140 [ 90.623566] ? perf_trace_lock+0xd6/0x900 [ 90.627730] ? __lock_acquire+0x7f5/0x5140 [ 90.631970] ? zap_class+0x720/0x720 [ 90.635694] ? graph_lock+0x170/0x170 [ 90.639497] ? debug_check_no_locks_freed+0x310/0x310 [ 90.644705] ? perf_trace_lock+0xd6/0x900 [ 90.648864] ? zap_class+0x720/0x720 [ 90.652573] ? find_held_lock+0x36/0x1c0 [ 90.656638] ? lock_downgrade+0x8e0/0x8e0 [ 90.660783] ? zap_class+0x720/0x720 [ 90.664498] ? rcu_is_watching+0x85/0x140 [ 90.668640] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 90.673836] ? __fget+0x40c/0x650 [ 90.677417] ? expand_files.part.8+0x9a0/0x9a0 [ 90.681998] ? lock_downgrade+0x8e0/0x8e0 [ 90.686150] ? kasan_check_read+0x11/0x20 [ 90.690294] ? __fget_light+0x2ef/0x430 [ 90.694285] ? fget_raw+0x20/0x20 [ 90.697741] ? _raw_spin_unlock+0x22/0x30 [ 90.701883] ? kcov_ioctl+0x56/0x1b0 [ 90.705593] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 90.711138] ? do_vfs_ioctl+0x1f2/0x16a0 [ 90.715387] sock_common_setsockopt+0x9a/0xe0 [ 90.719982] __sys_setsockopt+0x1bd/0x390 [ 90.724139] ? kernel_accept+0x310/0x310 [ 90.728200] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 90.733736] ? fput+0x130/0x1a0 [ 90.737019] __x64_sys_setsockopt+0xbe/0x150 [ 90.741423] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 90.746432] do_syscall_64+0x1b1/0x800 [ 90.750309] ? finish_task_switch+0x1ca/0x810 [ 90.754796] ? syscall_return_slowpath+0x5c0/0x5c0 [ 90.759717] ? syscall_return_slowpath+0x30f/0x5c0 [ 90.764645] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 90.770023] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 90.774872] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 90.780660] RIP: 0033:0x455389 [ 90.783844] RSP: 002b:00007f00a6b7bc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 90.791548] RAX: ffffffffffffffda RBX: 00007f00a6b7c6d4 RCX: 0000000000455389 [ 90.798811] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000014 [ 90.806098] RBP: 000000000072bf58 R08: 0000000000000010 R09: 0000000000000000 [ 90.813380] R10: 0000000020000040 R11: 0000000000000246 R12: 00000000ffffffff [ 90.820641] R13: 00000000000005a3 R14: 00000000006fb7e8 R15: 0000000000000001 [ 90.827935] [ 90.829557] Allocated by task 7148: [ 90.833182] save_stack+0x43/0xd0 [ 90.836627] kasan_kmalloc+0xc4/0xe0 [ 90.840330] __kmalloc_node+0x47/0x70 [ 90.844121] kvmalloc_node+0x6b/0x100 [ 90.847910] vmemdup_user+0x2d/0xa0 [ 90.851527] sctp_setsockopt_bindx+0x5d/0x320 [ 90.856030] sctp_setsockopt+0x12c4/0x7000 [ 90.860610] sock_common_setsockopt+0x9a/0xe0 [ 90.865116] __sys_setsockopt+0x1bd/0x390 [ 90.869257] __x64_sys_setsockopt+0xbe/0x150 [ 90.873680] do_syscall_64+0x1b1/0x800 [ 90.877563] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 90.882743] [ 90.884365] Freed by task 1: [ 90.887386] save_stack+0x43/0xd0 [ 90.890831] __kasan_slab_free+0x11a/0x170 [ 90.895058] kasan_slab_free+0xe/0x10 [ 90.898848] kfree+0xd9/0x260 [ 90.902291] acpi_add_single_object+0xb55/0x1e70 [ 90.907042] acpi_scan_init+0x716/0x8df [ 90.911008] acpi_init+0x936/0x9fa [ 90.914543] do_one_initcall+0x127/0x913 [ 90.918595] kernel_init_freeable+0x49b/0x58e [ 90.923098] kernel_init+0x11/0x1b3 [ 90.926726] ret_from_fork+0x3a/0x50 [ 90.930437] [ 90.932056] The buggy address belongs to the object at ffff8801d65a9200 [ 90.932056] which belongs to the cache kmalloc-32 of size 32 [ 90.944532] The buggy address is located 16 bytes inside of [ 90.944532] 32-byte region [ffff8801d65a9200, ffff8801d65a9220) [ 90.956826] The buggy address belongs to the page: [ 90.961746] page:ffffea0007596a40 count:1 mapcount:0 mapping:ffff8801d65a9000 index:0xffff8801d65a9fc1 [ 90.971184] flags: 0x2fffc0000000100(slab) [ 90.975444] raw: 02fffc0000000100 ffff8801d65a9000 ffff8801d65a9fc1 000000010000003f [ 90.983321] raw: ffffea00075ba320 ffffea00075967e0 ffff8801da8001c0 0000000000000000 [ 90.991187] page dumped because: kasan: bad access detected [ 90.996881] [ 90.998512] Memory state around the buggy address: [ 91.003428] ffff8801d65a9100: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc [ 91.010784] ffff8801d65a9180: 03 fc fc fc fc fc fc fc 03 fc fc fc fc fc fc fc [ 91.018134] >ffff8801d65a9200: 00 00 fc fc fc fc fc fc 00 04 fc fc fc fc fc fc [ 91.025481] ^ [ 91.029358] ffff8801d65a9280: 00 04 fc fc fc fc fc fc 00 04 fc fc fc fc fc fc [ 91.036708] ffff8801d65a9300: 00 00 00 fc fc fc fc fc 00 04 fc fc fc fc fc fc [ 91.044084] ================================================================== [ 91.051433] Disabling lock debugging due to kernel taint [ 91.056938] Kernel panic - not syncing: panic_on_warn set ... [ 91.056938] [ 91.064313] CPU: 1 PID: 7148 Comm: syz-executor0 Tainted: G B 4.17.0-rc1+ #10 [ 91.072892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 91.082251] Call Trace: [ 91.084851] dump_stack+0x1b9/0x294 [ 91.088497] ? dump_stack_print_info.cold.2+0x52/0x52 [ 91.093707] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 91.098495] ? __sctp_v6_cmp_addr+0x4a0/0x530 [ 91.103014] panic+0x22f/0x4de [ 91.106217] ? add_taint.cold.5+0x16/0x16 [ 91.110375] ? do_raw_spin_unlock+0x9e/0x2e0 [ 91.114799] ? do_raw_spin_unlock+0x9e/0x2e0 [ 91.119214] ? __sctp_v6_cmp_addr+0x4c7/0x530 [ 91.123803] kasan_end_report+0x47/0x4f [ 91.127771] kasan_report.cold.7+0x76/0x2fe [ 91.132089] __asan_report_load8_noabort+0x14/0x20 [ 91.137010] __sctp_v6_cmp_addr+0x4c7/0x530 [ 91.141336] sctp_inet6_cmp_addr+0x169/0x1a0 [ 91.145745] sctp_bind_addr_match+0x20b/0x400 [ 91.150235] ? sctp_bind_addrs_to_raw+0x370/0x370 [ 91.155073] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 91.160595] ? sctp_v4_available+0x1b1/0x200 [ 91.164996] ? sctp_inet6_bind_verify+0xb2/0x500 [ 91.169748] sctp_do_bind+0x1c0/0x5f0 [ 91.173543] sctp_bindx_add+0x90/0x1a0 [ 91.177423] sctp_setsockopt_bindx+0x2ad/0x320 [ 91.182000] sctp_setsockopt+0x12c4/0x7000 [ 91.186243] ? __lock_acquire+0x7f5/0x5140 [ 91.190470] ? sctp_setsockopt_paddr_thresholds+0x560/0x560 [ 91.196186] ? debug_check_no_locks_freed+0x310/0x310 [ 91.201373] ? print_usage_bug+0xc0/0xc0 [ 91.205423] ? __lock_acquire+0x7f5/0x5140 [ 91.209655] ? perf_trace_lock+0xd6/0x900 [ 91.213792] ? __lock_acquire+0x7f5/0x5140 [ 91.218020] ? zap_class+0x720/0x720 [ 91.221883] ? graph_lock+0x170/0x170 [ 91.225677] ? debug_check_no_locks_freed+0x310/0x310 [ 91.230859] ? perf_trace_lock+0xd6/0x900 [ 91.235024] ? zap_class+0x720/0x720 [ 91.238736] ? find_held_lock+0x36/0x1c0 [ 91.242804] ? lock_downgrade+0x8e0/0x8e0 [ 91.246940] ? zap_class+0x720/0x720 [ 91.250647] ? rcu_is_watching+0x85/0x140 [ 91.254795] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 91.259993] ? __fget+0x40c/0x650 [ 91.263446] ? expand_files.part.8+0x9a0/0x9a0 [ 91.268038] ? lock_downgrade+0x8e0/0x8e0 [ 91.272184] ? kasan_check_read+0x11/0x20 [ 91.276326] ? __fget_light+0x2ef/0x430 [ 91.280305] ? fget_raw+0x20/0x20 [ 91.283754] ? _raw_spin_unlock+0x22/0x30 [ 91.287895] ? kcov_ioctl+0x56/0x1b0 [ 91.291610] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 91.297138] ? do_vfs_ioctl+0x1f2/0x16a0 [ 91.301196] sock_common_setsockopt+0x9a/0xe0 [ 91.305696] __sys_setsockopt+0x1bd/0x390 [ 91.309843] ? kernel_accept+0x310/0x310 [ 91.313902] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 91.319431] ? fput+0x130/0x1a0 [ 91.322713] __x64_sys_setsockopt+0xbe/0x150 [ 91.327117] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 91.332132] do_syscall_64+0x1b1/0x800 [ 91.336027] ? finish_task_switch+0x1ca/0x810 [ 91.340533] ? syscall_return_slowpath+0x5c0/0x5c0 [ 91.345461] ? syscall_return_slowpath+0x30f/0x5c0 [ 91.350385] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 91.355742] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 91.360579] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 91.365759] RIP: 0033:0x455389 [ 91.368955] RSP: 002b:00007f00a6b7bc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 91.376753] RAX: ffffffffffffffda RBX: 00007f00a6b7c6d4 RCX: 0000000000455389 [ 91.384026] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000014 [ 91.391284] RBP: 000000000072bf58 R08: 0000000000000010 R09: 0000000000000000 [ 91.398541] R10: 0000000020000040 R11: 0000000000000246 R12: 00000000ffffffff [ 91.405798] R13: 00000000000005a3 R14: 00000000006fb7e8 R15: 0000000000000001 [ 91.413714] Dumping ftrace buffer: [ 91.417243] (ftrace buffer empty) [ 91.420956] Kernel Offset: disabled [ 91.424572] Rebooting in 86400 seconds..