461f5f5db771928488d2d0eb1e594bb94a43887a227ba236cc1d1fa1cc3322ef97eef55d03c4634ab9565cb02319935704ed30320579f9ab64280d60e47fd6f83ed6f7daae791cf6f81cff0467602da195e6c1e3fab3c38aa8e94b7f92908a7ac80ebd228722735736846080f0ba64b55bdd444e475009516d7608b8a110c313e84a0d4d3c89cc480c070788a5e8d5ce4ab03173cda0dd1f4fb43180546cf6842dd193f6328a6fd43c750fd4e0d5ece1b150036cc34468130b9c3c88e1cdce16089dde89d82456940f7ad90db092fb700fb52f35277bb4f95aebbc5b38a1daec9f7192f9ee4199a0227458ea7") inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000040), &(0x7f0000000080)=0x4) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x101440, 0x0) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x4a000, 0x0) renameat2(r2, &(0x7f0000000140)='./file0\x00', r3, &(0x7f00000001c0)='\x00', 0x1) setsockopt$sock_void(r1, 0x1, 0x3f, 0x0, 0x0) socket$l2tp(0x18, 0x1, 0x1) r4 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) mknodat(r4, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) 23:39:09 executing program 2 (fault-call:5 fault-nth:3): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:09 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0x50, &(0x7f0000000080)={0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140)=r2, 0x4) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) connect$netlink(r1, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x10008}, 0xc) 23:39:09 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x0) 23:39:09 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) syz_open_dev$dmmidi(&(0x7f0000000400)='/dev/dmmidi#\x00', 0x4, 0x20140) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="0f05a8b16fad87b7e69e000000000000"], 0xfffffffffffffeaf}, 0x1}, 0x40) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x101000, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x40, r3, 0x314, 0x70bd29, 0x25dfdbff, {0x9}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x9d}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x800) renameat2(r2, &(0x7f0000000000)='./file0\x00', r2, &(0x7f00000003c0)='./file0\x00', 0x1) [ 222.260677] FAULT_INJECTION: forcing a failure. [ 222.260677] name failslab, interval 1, probability 0, space 0, times 0 [ 222.272116] CPU: 0 PID: 13790 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 222.279349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 222.288753] Call Trace: [ 222.291411] dump_stack+0x185/0x1d0 [ 222.295102] should_fail+0x87b/0xab0 [ 222.298886] __should_failslab+0x278/0x2a0 [ 222.303228] should_failslab+0x29/0x70 [ 222.307188] __kmalloc_node_track_caller+0x24b/0x11b0 [ 222.312428] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 222.317855] ? alloc_skb_with_frags+0x1e6/0xb80 [ 222.322615] __alloc_skb+0x2cb/0x9e0 [ 222.326428] ? alloc_skb_with_frags+0x1e6/0xb80 [ 222.331192] alloc_skb_with_frags+0x1e6/0xb80 [ 222.335793] ? kmsan_set_origin_inline+0x6b/0x120 [ 222.340711] ? __msan_poison_alloca+0x15c/0x1d0 [ 222.345462] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 222.350302] ? packet_sendmsg+0x6594/0x8ad0 [ 222.354877] sock_alloc_send_pskb+0xb56/0x11a0 23:39:09 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x200c02, 0x0) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, &(0x7f0000000040)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f000000afdf)={0x28, 0x6, 0x4, @fuse_notify_inval_inode_out}, 0x28) [ 222.359564] ? kmsan_set_origin+0x9e/0x160 [ 222.363898] packet_sendmsg+0x6594/0x8ad0 [ 222.368112] ? __fsnotify_parent+0x132/0x560 [ 222.372609] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 222.378121] ? rw_copy_check_uvector+0x643/0x6c0 [ 222.382934] ? __msan_poison_alloca+0x15c/0x1d0 [ 222.387687] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 222.393216] ? import_iovec+0x3c7/0x600 [ 222.397263] ? copy_msghdr_from_user+0x72c/0x830 [ 222.402126] ? compat_packet_setsockopt+0x360/0x360 [ 222.407210] ___sys_sendmsg+0xec8/0x1320 23:39:09 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x8, 0x9, 0x2, 0x1}, 0x154) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 222.411340] ? kstrtoull+0x766/0x7e0 [ 222.415167] ? kmsan_set_origin_inline+0x6b/0x120 [ 222.420094] ? __msan_poison_alloca+0x15c/0x1d0 [ 222.424856] ? _cond_resched+0x3c/0xd0 [ 222.428837] ? rcu_all_qs+0x32/0x1f0 [ 222.432627] ? _cond_resched+0x3c/0xd0 [ 222.436625] ? rcu_all_qs+0x32/0x1f0 [ 222.440469] ? __sys_sendmmsg+0x61d/0x850 [ 222.444713] __sys_sendmmsg+0x490/0x850 [ 222.448767] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 222.453768] ? syscall_return_slowpath+0xe9/0x710 [ 222.458716] __x64_sys_sendmmsg+0x11c/0x170 [ 222.463107] ? __sys_sendmmsg+0x850/0x850 [ 222.467299] do_syscall_64+0x15b/0x230 [ 222.471240] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 222.476464] RIP: 0033:0x455a09 [ 222.479680] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 222.487439] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 222.494750] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 222.502059] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 222.509397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 222.516719] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000003 23:39:09 executing program 3: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:09 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = inotify_init1(0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffffff, 0x0) sendmmsg$alg(r2, &(0x7f0000001040)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)="e46c8ec3706c18aec82a7360ca16d4c24f93048da115e1b07cdb1c9cf05e862a8411b6b4b1b75bc93ab748f1d6cecfdd10d2d14a9f6c0909fca196166834a7b2ebbf5e0a74a3b05f872e2cef97cfd73962048810e52098ffb151dec36acf052734bda8ddbb854bbe170d6f4a019b36ac6ec092900fceee8a4c7e166cd9882dab870494d818d7cb9bec24bae2f3459a79b0cbe6e53f35dc51b7fbe8a0074c88de8727a1b2158368d077347ae70100abb6bbec8b634450d94840143dd45a5cf50bb55acee35103e3ee6c0ccda43eaa317b6b846a5c10e019194dada5ede230b6a33480c1d7c7cbbe2f23b67ca0be41b0612e40675ce15fdf6590bb4bb91d69ae", 0xff}, {&(0x7f0000000280)="1187a89a1e533ff82733422e733532c873896aa5d1f6f59765adb8ca0a0e81532a9c3344a21033a4ce53d7eb850d42f0389cd4627aaf74f9d89c628cd8", 0x3d}], 0x2, &(0x7f0000000300)=[@assoc={0x18, 0x117, 0x4, 0x5}, @assoc={0x18, 0x117, 0x4, 0xff}, @assoc={0x18, 0x117, 0x4, 0xb85e}, @iv={0x78, 0x117, 0x2, 0x5e, "220d4a781da154a8c357dbe5ed5ef944884125b95bf545a420135324ccb3f2fc5520579c9cb117b9be38433b505fc66a82c28419fbd76bb33a8e3ad65a464d8373ed64418b43f75fdb1eab921c49f153b9613d6e19017394a1cf2791599b"}], 0xc0, 0x4000}, {0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000003c0)="5cdd744f851ace60d3df46862267b91a6ba019f66df43d356019ece750af655cfc3784ef1a53551c4cf21a6a1a5ce582f5f1c697cee4bc2be12c24b3fece80d2bee045a4c389dc0ab53ececc313de03445e215f97c7a1835ceb4467c979cd0c79c48522f8b18522aff1e49d0d3e7835daefdc604e59e95834770ad8ad537bba08c099b48637db1b9d5aecb07970cf8c249f518b88fb684dcba3b342c1de84f63d92bfeedf6d85a087dcd", 0xaa}, {&(0x7f0000000480)="89966e148ff164a33cc8e47dfacf0f7620a4dd1618e120cab6d7c704db277d2cb39e122e6a6b8e278b8f82e2a75a69c20c18d8ed4ea38957729998af7a0ba5d4b19fdcfb11637c5963632f90b3b448a3a59825a73d1f28a7514aade316a45a2ae088531546928ae20f17aade2fc269930439d393a2994ba1fa02cd550c2cb5d90b0b9159a296b035bb003895522844d16503fdedcf7ecf4ebf6f96d1ae4afd9ce879b681d2699601914eec205b8e870ee06f113a913aedca534b5e", 0xbb}, {&(0x7f0000000540)="b2a2b38865410e72cec3beb3f575630a1838967d78d5658d64a1fb85a7765d4f06a0d04151d87ae23d6bc988cada9319b5145cc2e3c5152bf8", 0x39}, {&(0x7f0000000580)="ca175e1ffb0e7b2d54502a7dd70f5ec6607f43ffda73c3b821374e381f9d73b7ced8fc291f0a02b445737bc99c2523100252ab2a7f8b9c76054f019e066080fae0650b7f54787855662c7594ec562cd4ed0aa94d216d", 0x56}], 0x4, &(0x7f0000000640)=[@assoc={0x18, 0x117, 0x4, 0x6}, @iv={0x58, 0x117, 0x2, 0x40, "b03f491ceeadf9d0e4cb52809d83c449baa56e799708a1b04a3825efc65d4b481b5352fb3df52deb558952cf6a0e4c862f35d9289b59af28c6704c1d9d99f58b"}, @iv={0xa8, 0x117, 0x2, 0x93, "54de437cfe32a27217ef4212711ee601ef6dc11d16a5fc24125e46b91c1c60afc0ffa215aa769a897ddbaa315bbf9080bf832599f362eec23d46f7bddd110811c156248253f363fbcb5754fc70df41d2578974b99f9fc123965b28e22e5265d590d2e7814699a3170bf841f12cd1e34c2dd3428a13c92418c7c62a3ee9dfb3a9421e234496a0a595fc36e6a25955635c439acd"}], 0x118, 0x4001}, {0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000780)="6e868eb40c80d94b923382fe124a941f180fb06542c5ba88a4953db6904fc0eb4422ad4813271a4229f45e5011a7eb0109480895bc43eb", 0x37}, {&(0x7f00000007c0)="1975c2e16a61bd4e7a2082aa4aa11435544e5d66905b5585d7d79d35fa56a6b839042d", 0x23}, {&(0x7f0000000800)="72f465bf1fc7e55333412e61c7a26b5e801af258ef82f6470827e72296584ab03617ea64bccbca1894c8ebfe9ef8116aa4e929c833c73edf8369351ae3492d2c16264b2c5d8ce58dec38fea5fef44864d3f62c78de499d64ea9bf6e856f051cb4926a2bbe0761381a28710a2185543f600f12a747d3f86301e5af661b5abdda846e50c4478304c85df76f513780b338a9589e8f1de5517b35b57b9c10f750b2261", 0xa1}], 0x3, &(0x7f0000000900)=[@iv={0xe0, 0x117, 0x2, 0xcc, "c1ab493a9ed629c47af6463e00f75168482535eea7551748133e434375e3260f853ed435b5f9e56733675e1eb2a4a1f047ee9bdefb4b2cad8830455fb9d72004bfdc4eeeb2688cf08c7d9085cd51cdcbad29d53d8a3aa44ffb6cf0dc50663ce21c8973cefb1e6679c263f79ec853cac91507c19e0a105ddf9d09c48c5aa397389fe5f402f8ccede8d8e833fb61a5092a45612135783636c3e8d7c8f031441b86c27bd4b0548aa33618983a63ac7a6236b481e79b60c4154b11e5fec88280df729e7ca86799288bc807400e5b"}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x1}], 0x110, 0x40}, {0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000a40)}, {&(0x7f0000000a80)="34046cfc3f29b9537740cbd5f9f0d0ab796a58023b4879815367fafaf0176dd8deaaac240a4162775e48c16ad3234a1f03d93e984c5ad51f286d535c26f81a0db73441f82e530b7f347047c6733d58805f487f1dfd2ef9919d0891584b336611df749bf0c1aabf16e7b80f3a7d4759aae4c59d69a0f960b4fe0c5c05da4c867568710d38b79a8f8c09ec01cb7fa8d712186338d4f6c8834e3bc1769bdef02f4aea9269606e87890acdd46238547c8be3181b6d8ecf533aa582768127b374e676578ac7939d53442d4dc708e2518118228cea", 0xd2}, {&(0x7f0000000b80)="1ad78b8ca023cb42488ae8c316fd286781a992fff0217102d5b9a7a38f8a2f80d6783e58f8c0548c6cfafa4a2ebd3bafb0a70d8a6682410d120c83ef074ee7b6296b3fdf9ea49d58bb86dc09aa1f694c4aa01b70adcc464497540109cec6019d75d58a891a1928387e54c6d230a6f293db435bc7499cea92e25717740418e9edd6d799f18b79e87713f91dcf7572c18a5188c4837a8fe7e770ff8ebdcba08311fbe40b97f810b9dbfc28919448bbee61e497409eb5f55dc4", 0xb8}, {&(0x7f0000000c40)="82741cbd88554cf5ddd301ec121050bd7d0dc71149a0085e27a200e06367e3cc8b0e4535bf16e99fcce8c4a4f566f730ca799580a85e1b4ce3bf73d3444cd4dd4a2401922e178f0a44207db304ebfedbf4e71eab50d27b7dcf2955f3ed94574f4b87cd265a08048a6d1e5a93b9a9a2baaea99c5b781859beac3ab99dc97fd1ce1b2fc265f4ff97876ffdbcaa9ec8d08ee0344391f11ecfc2a6a38c1907d40c3c6e77696e34b55e309ee4f22eabb8e213fd69a2f751caa5b6e4e521dbbc0a9eff97856fe6452ffc7d8014d69071189268294b79711529168f2a1131574fe267e3a4973acd74fdd2cb0918eb7489d7feded76c6878c58e525d5b6adfba7a8cff", 0xff}, {&(0x7f0000000d40)="946d87533bbcbab6690c095284bd680d39a85eb6b7a95875124449b3864ea93ddc56462f47cf02f0c4aa9139ae9a49de6a82e02580c0a8b6b4a1d3df72ae51dbae3f33e948577b01", 0x48}, {&(0x7f0000000dc0)="cfd81e995b52b2960ecbe6b11f964d0c7e7f8394d6ed0c4b5780479afecb0aebcc8fcc85879935193687c98f8e953bf3bccc0d252d9ec6c509ea476b93642eb03ac57df4b74472b98af99253dcb5bcc5c58cef49e9b16d1e9c4a0bf55a4f46c6585b4f5ef5ff847492d6b65ef1308f066431817289b68cf3d2782843e40edca6766728049949c643ab96f5d60908e797179e83241657309a60283f95556fc9b6cfaf0a6843ec4eb6a31abf9dee3cb7e431b8202c00e7a63369153b64dce6758408f2f8e1c519783a601b2e7e", 0xcc}, {&(0x7f0000000ec0)="0006f69b35dbd5dd1152924b8c8e434a018c2dc0c67f6b79b34e18d180cf94856b549179a9ad2907a90b06f12164cc3fafc45aafdb9b3fe524692e95cee0981ab7d72994261e1bd06f6f1f6418db8ff398391f8fd04011e3b41d95f888a5c2a0cbeb4e3372991095df6bd84c70695b7659dfe823c43ef0a633476d6705944e53d7", 0x81}], 0x7, &(0x7f0000001000)=[@op={0x18, 0x117, 0x3}, @iv={0x20, 0x117, 0x2, 0x5, "e8a1899c97"}], 0x38}], 0x4, 0x4000001) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r3 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) setsockopt$inet6_MRT6_DEL_MFC(r3, 0x29, 0xcd, &(0x7f0000000040)={{0xa, 0x4e23, 0x6, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x7}, {0xa, 0x4e23, 0x10000, @loopback={0x0, 0x1}, 0x6}, 0x1, [0x8, 0xff, 0xdc60d0b, 0x80000000, 0x200, 0xf786, 0x8, 0x3]}, 0x5c) write$tun(r2, &(0x7f0000001140)={@void, @val={0x3, 0x84, 0x773fe48c, 0x8, 0x6, 0x4}, @llc={@snap={0x1, 0x1, "e06f", "9bc28b", 0x6007, "fbe2bda3bc47d7bb56bdea5879f03cd22fe58fea9b332969899e8533bbf148c20851401291f8784b885f808f17abff2c5790770e2e9e0421568367bb611cb9557b58dc0f28aa2302b380c315a34cd9ac70dfdd69778785966f22d095447ec0361f693ee7ae22e3d453abbd695188960126c02aad528f2b5479ce26d60e7051a238e1eda5dd7a7eed3afb4cdcc78a96874a5d25fdcebc777a18c091590d191f0f182dbf5bd115199fe66731b6bf8096301fa7da1321f5aef07254d0ce53a833e509b1f04d4562b84a1c2698b50ac354cf7071ca81723a38df960332992a69d5070347efcd3401dae8f85cd1b256654a1ece023eeeeaf13c9382"}}}, 0x10c) mknodat(r3, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) 23:39:10 executing program 2 (fault-call:5 fault-nth:4): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:10 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f00000000c0)={0x9c, 0x1, 0x1, @random="8ad158d718e3ada5fbe8cf33042de78e18809d6815426a5d62b6e21e4060555bb8d08a6fb4ff7effab85c7d724391b97ba2dada77d6ae23b678d33c74a71f19e46f894aef3766e1ca856d2d11a0bbfa1a9f585d1c3f2815df2ef63d12b6210192b976ccdb7c777f9c19a95bfd1a7c58bee1a34a004db0cc6be4cd5b79f5be68804985678aa0775d34cec8f84"}, 0x9c) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) bind$ax25(r0, &(0x7f0000000000)={0x3, {"045c9103e2cbbc"}, 0x6}, 0x10) 23:39:10 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x808, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:10 executing program 0: socket$key(0xf, 0x3, 0x2) r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") pipe(&(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, [], 0x16}, 0x7}}, 0x9, 0xfff, 0x0, 0x1, 0x24}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000000c0)={r2, 0x1ff, 0x40, 0x7, 0x3, 0x1}, &(0x7f0000000380)=0x14) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="02070000020000000000000000000000"], 0x10}, 0x1}, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:10 executing program 4: r0 = socket(0x1e, 0x805, 0x8000) open_by_handle_at(r0, &(0x7f0000000080)={0xc6, 0x2, "8632580618936a9e291623f3911721b7fe8152d733e3ebb3f9c9e0813ec73b9f8ab2044c8c16acdf96354a48c0d83b359d20429c9b306cdd3e07854a25b29d5453fc13241386635ae7e06b1ec5dbc5918e8b56fee989e0e6aeb4f8e52da7c14efd0ee03f682f751aff64e629fdad06e56ac801565200fc118a8827c26f94bcf47b3ad1309c655c2c64f014ca9f15519c198f4644960dc18b2716c8f6ee1e0f20a85239e2023e18bfce50db14c62e50c560d12feda7a6488957b39b45bd34"}, 0x400) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0x1c) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:10 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000040)="ae", 0x1) vmsplice(r3, &(0x7f0000cf7fe0)=[{&(0x7f00002a7000)}], 0x1, 0x0) readv(r2, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000080)=""/214) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000180)=0x2) fcntl$dupfd(r1, 0x406, r1) 23:39:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(r0, 0x802c542a, 0x800) 23:39:10 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = accept4(0xffffffffffffffff, &(0x7f0000000140)=@ethernet={0x0, @local}, &(0x7f00000001c0)=0x80, 0x800) write$binfmt_elf32(r0, &(0x7f0000000280)={{0x7f, 0x45, 0x4c, 0x46, 0x18, 0x159, 0x80, 0xe7f, 0xffffffff, 0x3, 0x3e, 0x3, 0x2b1, 0x38, 0x4, 0x1, 0x8, 0x20, 0x1, 0xcc70, 0x40, 0x7}, [{0xcb61683b99fae022, 0xad, 0x2a3f, 0x4, 0x0, 0x0, 0x3, 0x1}], "ac5b0f01dbdcd6ceabf7c321851eb1b2bed959ced473dc9af611fb3e0914fcff96579b4d07493b01313cc51e6091b9e8aae39ccb1f2940c08e57466d67b11e205bcc631fbbbea43d1a83cf184a6f50a30286e02fe7eb6ab40b25a80e3066c4d647a4b92220c38ad84928cd81986b38ae6796076473953aaaef6829928ad7a8d22038d7f5bd7541f1abac2e140800846fe1847aabee98a1ea4d7e593d9dc847e89466bdc79ed875f26037f24f6ac7de24f2ac277878f8509e0c389091f84736a3a78cb08665c9eec42e5027ee2f", [[], [], [], []]}, 0x525) r1 = inotify_init1(0x0) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") inotify_add_watch(r1, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r3 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) mknodat(r3, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) [ 223.330245] FAULT_INJECTION: forcing a failure. [ 223.330245] name failslab, interval 1, probability 0, space 0, times 0 [ 223.341700] CPU: 1 PID: 13841 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 223.348932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.358392] Call Trace: [ 223.361039] dump_stack+0x185/0x1d0 [ 223.364735] should_fail+0x87b/0xab0 [ 223.368524] __should_failslab+0x278/0x2a0 [ 223.372839] should_failslab+0x29/0x70 [ 223.376811] kmem_cache_alloc_node+0x157/0xc80 [ 223.381481] ? validate_xmit_skb+0xfea/0x1320 [ 223.386056] ? __alloc_skb+0x202/0x9e0 [ 223.390047] __alloc_skb+0x202/0x9e0 [ 223.393836] alloc_skb_with_frags+0x1e6/0xb80 [ 223.398428] ? kmsan_set_origin_inline+0x6b/0x120 [ 223.403353] ? __msan_poison_alloca+0x15c/0x1d0 [ 223.408107] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 223.412958] ? packet_sendmsg+0x6594/0x8ad0 [ 223.417362] sock_alloc_send_pskb+0xb56/0x11a0 [ 223.422039] ? kmsan_set_origin+0x9e/0x160 [ 223.426375] packet_sendmsg+0x6594/0x8ad0 [ 223.430586] ? __fsnotify_parent+0x132/0x560 [ 223.435075] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 223.440586] ? rw_copy_check_uvector+0x643/0x6c0 [ 223.445399] ? __msan_poison_alloca+0x15c/0x1d0 [ 223.450148] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 223.455677] ? import_iovec+0x3c7/0x600 [ 223.459731] ? copy_msghdr_from_user+0x72c/0x830 [ 223.464594] ? compat_packet_setsockopt+0x360/0x360 [ 223.469680] ___sys_sendmsg+0xec8/0x1320 [ 223.473797] ? kstrtoull+0x766/0x7e0 [ 223.477596] ? kmsan_set_origin_inline+0x6b/0x120 [ 223.482515] ? __msan_poison_alloca+0x15c/0x1d0 [ 223.487267] ? _cond_resched+0x3c/0xd0 [ 223.491248] ? rcu_all_qs+0x32/0x1f0 [ 223.495040] ? _cond_resched+0x3c/0xd0 [ 223.499015] ? rcu_all_qs+0x32/0x1f0 [ 223.502907] ? __sys_sendmmsg+0x61d/0x850 [ 223.507130] __sys_sendmmsg+0x490/0x850 [ 223.511177] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 223.516175] ? syscall_return_slowpath+0xe9/0x710 [ 223.521123] __x64_sys_sendmmsg+0x11c/0x170 [ 223.525509] ? __sys_sendmmsg+0x850/0x850 23:39:10 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x20000, &(0x7f0000000140)="3bed3042bfc4bc8f43dd97e79661277e2c8bfd8d49c3c10dc77bce1fa736ab0b75ca5e494ca7b200687019850880e1b8454e56308d324356b4f5317e107938125a8bbddae64ee9c67d4e872d58c10e31f68e905c913eec8668c758fc85d4ad0cce1e3a0c458068b48ee6abf253ae7ce0bc72f992fee8d8dcc85ebd2296f85da6463cca25c48e75611c8357ddd4d8cafbd7abcef81940d668398b579a7b101663e37f0ca7b245b9238db2957407476687f6b32be48bc5183b99afd8b78c7df3de65d6eb276751996e7b9d4ede858ccaddc65fe39ccb75e69092dd2e24aff202971d7af6cfaaf9ca05deaaf6f80f71dba3d5f07675ac57d7c34468") r0 = inotify_init1(0x0) socket$alg(0x26, 0x5, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r2 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) mknodat(r2, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f0000000280)={0x1, 0x0, [0x0]}) 23:39:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_tcp_int(r1, 0x6, 0x4000000000014, &(0x7f0000000040)=0x80000000001, 0x4) connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) write$binfmt_elf32(r1, &(0x7f00000075c0)=ANY=[@ANYBLOB="7f"], 0x1) sendmmsg(r1, &(0x7f0000007540)=[{{0x0, 0x0, &(0x7f00000065c0)=[{&(0x7f0000006240)="03", 0x1}], 0x1}}], 0x1, 0x0) 23:39:10 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="da03e0e601fd78060000d07500000000000000000000000000000000d93fa1af423b303b389f5a9d000100000000020000000000"], 0x28) membarrier(0x20, 0x0) 23:39:10 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x7, 0x4, [0x100, 0x3, 0x7, 0x2]}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={r2, 0x167}, 0x8) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:10 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x800, 0x400009) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f00000000c0)={0x0, 0x9}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=r2, 0x4) write$binfmt_elf64(r1, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x1, 0xfb56, 0x2, 0x6, 0x2, 0x3f, 0xf2, 0x16a, 0x40, 0x399, 0x6, 0x3, 0x38, 0x1, 0x3, 0x7fff, 0x4}, [{0x3, 0xaab6, 0xa7, 0x7, 0x3d0, 0x8ead, 0xe52, 0x8}, {0x7, 0xfffffffffffffff7, 0x8, 0x6, 0xfffffffffffffe00, 0x7fff, 0x1, 0x7}], "a2430dce39165e1c77318ef7f191810c93f25bfa44158c4081801f02906faa015f018c53bfaeda45fd77db6eebf7f11836889576bba9db4998dd48c9adb6c527ce48212a722a52ff722b643f81ad380ec79d582046989848802c72d29c6f3c403e35cb09110e9cdbe3e4df700142f51626c140b2f7f6e5755746055c60666c828d120680cc72139595a30b0833d1ce3f817f614d74df9443a68aadad50a19fc4933b110382a5503d3942f93deed7f082e91de623fb7929781a9b6bca7ee992f5acc37818bf8eb2e3d033c057471d720f30442cf8dace2e9accb2d7e555cb686d6a18dad25a13b71615adb35a47bae780e7c39540049942f51e6cededc487ccb7a614e25f78140686661eadf378060af0fcdbb38cff8ddaf8135ec50090bce7e80a0396653fb2daf234a1db19670a4868ad166cfa94be9771a8a263c29f5ff33edd64c983b0d1217ab22a3a3e6055db9e0c805f84553e8c743b3955e4aa91e72ee7dde7440eae9d686e7c09332190f8f08f4dcce5566dddbd3da82e3b933043e9801d56f89cca86adebd34f243656d9227af8fefe7bc5cdab9035fca21c4e065476e9c77892e52cddc9c52d530910a10d53fdc16d9c11fc1e71cbac06e9bb3dd9876677bcc6d3353f1099bdcab2b651f25ed83dee183010d08b7e80b1ba69d916abeb2b80351f8a2f679355c38c3431fcbd209e724259e4ca9b399c26649fa65760255446682662dd64d8604e57f7c4fc74ca5937402c48d4ea9002da51bc963acb579df27555c37f0d6e8c7aa00738e1b3bbb557e273c5498dcf194525d22bdeac29ba330c9c355d160c0f37f41148d450f7f939e32860869e9420a0c11d277de2194f989bb35b04a5c93046762c9d7a2043d72c5a9bee1fe88e7e99a2cc9257f11ba18c9331b2da351817193384487972169312a278131f8b349cfddafb7ea76a9b227128cdc43fd7f4757d50545ccef1cf090d112b2dac093b98cac34651df421f06d27c38ece003503cae48dfd2639ac7196fb3ab488d8516f61e311e39de0464580a612bc5a6749686b38289a85b960c38a05fca6230ba1440a6652cf9c437cf24201892961d0c94778afe5521907546494fbf919e7c78cfa2de38e9ed70c0ede318c5f30f1907aae84af8c3cbc67ef84f78c0a4f09032e454e1460875a3fa8e8d0f6a9a8adbf7402a60ff0d5312a14269becc4e9254ca04f9d3bfc1c8efe93356724de9afc6a54b8898a6cc0e235995a64e2575ab6e626bc9c1035d15a87eb6a816de348d23c1c4a8e5a4ea34406e5e16354b2ba25a7d98dbb67826c325de3b9944e3c4f2c649c572fc52b59a8a28c92077b0b54200782cd9200f388344abd91417bcae939b28126eba5bbc37e12d0f045c4059f62a88318ccfdf8cc85381f1c0b6393a593460d53a2d750a41b3d70362d4cf2fd655dc7039a30189dd1f445d84cb858ca82cf6e8684ab606394dc1f93dc03115b107e9b99b60463c2ea8f6ed031022f4d1af16369a54958adc4b48fddcfb48d6c39a97875ca3b3d2d977b2aa7885984ad3582387a8e116780532c39800d0684f64251493678fffa664b337f588d2e42f2bf62c2a5351ca83bd3db9426a979e96bd9a57a826d9543c06d97bf6871ca4e8f5b9ddeee669c83b3fc864330d8b8aa47e1af2da09ceb8cfc8e169289122d28089b8678cd0cfc7c1fa131dd7747d6d434b905a696534197a337ca47762bc2b0bbae7c9a973504cacb3a38783066eb2abce7c2aa7ac1186ed1329fdce9b978ef2342b43a04bc05327063a691503632e4d5ae468fcd31528f3b1ab4ff9758ba1946ead4a51ee8af75e57cfef4d6b95f7b238b1678eb22c9108e57b6cc8ccb9f91ef5b5582567e33f18a0c970105cb7bb6b8256c50d55cb73ce69e0b0a1083e270e7c37311e3bdf2c5c2d7084ea4ad850fa7b8d6d632e0d0d103c3c02e8b91862ff6d71ba8b1e65e42136dafa8145476483aca4c6ce098b3bb8f47d2a9c5b308baeafc5443ff21e9c200385d2cb6f47c09578279d31d02d723ede3a57f1437825147f755b1d3b08db0ce16a23d3e75e7164d453bc605f8f9190b0e4477349c2661c0af0dbe2010c00279e8d114ac68731d77a1c53926a76ad615432592f99e5a340ce9041d28d51fcbb2e82871303e7c3304db1c41e56c4e7174de4760259e6272014a3aadbf925cbc27eda7570712541e394e7da2471fdc27aa203a8036428448b4e61c4d6480de8c8e9138b70250c12ef497ee7e5f4476f076b21bb30c696f115a0e22bff3acad5b48240e41375d76dfe6459a86ac13d690a7b71ce09b6cf65f8277176d5aee413475dfe363fa9ea2d1407562a55eb64a213c92dc7fd91683c3532c2db60239e1617043d7b0798a4074e49474da1e2a5f17698b52f4b50079294ed9caf4612e6a57771a2d257c2acc88a399309c2ac3baf40bf1960aba5cc8d9c5b017e0fb22a134ecd6a26b20be85824b6629801bc56490701198398676b702690570b39fc33b2ed2ab86667bb2489215ac16b4aa04520c59d97aa1935d6684ce8b43e95ee1d86e22a6abbea7fc62a72b16f0d100f12a0fe3f2351d82d9d30fccb5e904e74bea9761e2986af7217d31307780971e7cffbfcf2e6e12608b3fe461b8c1e32a5486e7542d537bf94f4e44cfa09dfff1463be8760d239599f176cdbacaeaa96f4b99bc0d96abf399fad829daa8e0028013fedf9c3cac602f9a20922c95f7b92382b7d42dd393d24b54dd3be8bf7d0302c976d7ff8b4df8345bfb284867a6589800f011fe61ca07a24a1010d225a00de5420f7e1b4738a8b6f25ab35fbf31f2728915de51aba9aa5f3094f3a4121d0879bede307ccf80781e2969608eafba18b2058774c8cd3e4f2e02700e84e2e88db666f72902781aaa9e0e0380997b5dfa6537b51022fc06a9177a73a3da0a5149d247fae36c672de05ade6e334638c520f1c103a3e8b506e185f5e74aa181ef1fbc52220fea9785920941557a2a3494b96c3e48a297e79f9e50dcce34bf8e0ab74f78c5fbc5ab8d791a5bb15f8efa5e4d825df253d62d643ab7ee0fb01c286d31c93b7343dc4826e2461e438d1ff6f654936ea08d70c4e3beb0e0c9252a0b14470d9a833e964996a03baa76274a1b7f70afb024befc0dcc7555bb2bd16dd2ee426c6e9197d91b52556498999287f9830aec3686755dfeab333769d39b38b26480b8bcaa52612e2b82c0d2f3e81fc1c82f326b104e74548ff9f25eae5df50389c843012cf1002bc1f35f972bbee85fe759bc10be7e333fad96c55a86b719da0788be202bc111b906c105e0544963e1fb4c7c838ce7ba1ec24e9ee060b9996fc8e0e6665183c580fe9d583cf8505012357ed2f77104ab70fe015441e37b2640e93ebdce3a927c129922fbb7619ccff367599927d6e8a2715a35757d02ec668fcb5f4ebc5de6460b4ae7048afddc76053d548da3d2e52674a32e03c35f7404908e04d1831e6fabdee74449e0d52aedfbfe3eab8481e75be9c58fef89ef35d7d80b70b6db98aabc1f936666cc88e69c587c4d9df61aaf3e850eec403cc2644b77fc032edb0622a1fa6edacd680bf031207b88136090d826050066d79e1eeca79cd4caf8b9431fd9c24cb455fd76e6c59b5c21c933231b62ca33643d7fb80dd4985dcc9bbb9ed9c56bd86489101de6665bcc7a01d3fe7d6ccb6365f19ad3f85b70ea74fb4ab3f9a74a86d0780850ff6953887af67ddb2a40f3d02c9fc84b8d3338affbe5da10837cc61b8c0f57c27ce6843b5e6672ee6d9e82cbb0ad7f6b3b97114d49a1940b434fd051b503e3b059153ba0bd20526046ab5cecc0dcebc59f5e5514f9a6bfa3bd7cac16ac6f593d79b89959ea431a25b6474b7d3821082594b8e8a33db761804782d962dfeba0d97e2026259dceb93f6ec8105a5b54768ca51f099a35890149f6e76567550a93c9d26b31dc8f61cf6876e785b91fcb868d360b45777912a69f2721bcb53c014dc558f8271d747b1d683f1da637927f71cee4b9a3edc8806adafc26b52fa80cc7124ff7579339f31230ecd8709f1fde5cbb46a8caec7536ac266fab884e2448f582f3ca13a02cd01b99385e2734793f165645f2f31bdb8c136eeb5612e73fc3bb8723dd2a926c0ca44843b31a5ce0e6961eec46fe0cf98e923400269553c19101b8cf1d825db9cd2e8bc552121ef0a564ad49b8ee2c872381d625c7a9ea450dc54c25b193d3f7f127b45f2e6aad6aee42d463caa1c807b87daca1c8d06e78ef9294e58810324c558e5a22c8ed1ee84cee8d3ffdfb85644a1caf857a13075ed64252f2aa5c6e17e95bf6607b8a837b186a07ce72e946ae12802f0455ded9f30090b17b21f984230da49deb00e73ca4b5f073ad310397d45013c8245eb10cae6f08686b4d35f17bceab0a198135a17fe4cf3b5dc7f36ac2150934d2d7374b5c77da5cec7714530fe5c7744c64abef15c267d23a909eee98d6232b62faaaeb8a66b60d1be15f14e50eaf3ec1b5997714af8bc95bbc2af72e17ab7e1dbf9b7ee601047c854813780ecd7d0fa0cb8a0b456c64fa144ff7f759048128230fd8f296f8f65416ad415912f4febc271997d67a0d49528f6e518fb9c211ab211549f6bcc2b0cfcae7f5f03e8a96eb3b3494811be84ace3bf6d569e3e060d1aa031aa212cc0d37a27baeb8a5c6ba534ad266d3d44aabe1a147bf4614c78d09631c8236f2d455e3c057ccd389b84846764fd3070afb36256a53c5373b948dfc20c473b728459f7ea3c35691568d8f828044a90c6124fbad7774d77b7a8d08a1e18ee89aac03aea1969fa482dc817d702c68805706d305106831fe9d75a674fea60929e7f06397c0da61ae1369b64e523909324d6b0c35aab6cfdf27a54fe9ab6576e53173ebb1dbb0b35f64ea305888468e4eab4d42cc4b25402498aebaf3dcbb2909be444aef68c437e024d7749db9765a345221bd5f4c5709b91cd52653ea123a00c79a35847d2fa9f0cd9c6e1a656e3b723add42d19d06b8e4ff8ec0ce9701d08856221da119ebbe549f27026c2633bc121b47877946f0809825dc37acd02ae4ccabe1a986c193452ba7473c7bec37ddc9fd1535a8b9ae622fd48c0764ea1f56be5bf69d901bbd8a96119cc9eeb0b50dd35c0406d2df6caf48caeb732d14fc934c07d2b377ee47c3e2ef54c683791d7c1253a3061b6d147fd642956cb081d5fb428357a794703261c6119b1a34600f8d45ceade0e734f1de0972637d7e62b0fa15e0ac6364a0e7ecb15ae6405a032c9b18551643171fa3b42e1179e3753b6f8dc9ab2327afa8c239a3247e763f404167182f70bc1d19f9631688fafa9000b41145cec8d7ba7b2da61eae2b8465259fabb1257725fee0295a911ed537dc3814f9ba683bd1cf56d52a20f3bcfbd07f628bebddb28717b559e3b5ad93b82a9f260caeb9044deb8ff431e9ab2adae3c3e9c2bb46b92afc062ff4d4e57958e7ad0171c476bfc5f56391a4625e6f22e2a01ea3e7da34416bcc1292e479f1fdab88b3cfbff628013e754b0b67fe8195c677f7637720428e9529360719f7b6e1dff685afa30527f8f9dbc4e153600adda336d1a9024d8e8dccfed40798f1a62906652473346e144d5f9b08587f500ff3000ea769f68705a800dc25bf583be7fee23b821525c468c4e4adaf4836faa2f7639193efd4d07e383807eac0d718daf364d5497b5f0883187ce78b9786804f395cd919e65ea0dafe72713b0ccdb3fe152fca9c74dd250128f1bfa378bf8b5f3dc022b653a507aaf82ce4a709c2dfaeb0d88ba87c4a2", [[], [], [], [], [], [], [], [], [], []]}, 0x1ab0) r3 = dup2(r0, r1) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000000)={'bond_slave_0\x00', 0x100}) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000001c40)={r2, 0x3}, 0x8) ioctl$sock_inet_SIOCGIFDSTADDR(r1, 0x8917, &(0x7f0000001c80)={'bcsh0\x00', {0x2, 0x4e24, @rand_addr=0x1}}) ioctl$VT_ACTIVATE(r3, 0x5606, 0x7) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x4}, 0x1c) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 223.529714] do_syscall_64+0x15b/0x230 [ 223.533675] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 223.538911] RIP: 0033:0x455a09 [ 223.542135] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 223.549912] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 223.557319] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 223.564634] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 223.571950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 223.579266] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000004 23:39:11 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = inotify_init1(0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r2 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) recvfrom(r1, &(0x7f0000000100)=""/180, 0xb4, 0x2000, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e23, @multicast2=0xe0000002}, 0x3, 0x2, 0x3, 0x3}}, 0x80) mknodat(r2, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) 23:39:11 executing program 3: r0 = socket$inet6(0xa, 0x100000002, 0x0) perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x24, &(0x7f00000003c0), &(0x7f0000000400)=0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0xd}, 0x1c) sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) 23:39:11 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x2, 0x809, 0x40000000008) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:11 executing program 6: r0 = dup(0xffffffffffffffff) mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0xa2, 0x8077}, &(0x7f0000000240)=0x90) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e20, @multicast2=0xe0000002}}, 0x4, 0x8, 0x2, 0x100, 0x2}, &(0x7f0000000000)=0x98) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=r2, @ANYBLOB="0500030000000100016e"], 0xe) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r3, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:11 executing program 2 (fault-call:5 fault-nth:5): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:11 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000000)={0x4, [0x4, 0x6, 0x421, 0x7]}, 0xc) 23:39:11 executing program 0: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00') 23:39:11 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000040)="ae", 0x1) vmsplice(r3, &(0x7f0000cf7fe0)=[{&(0x7f00002a7000)}], 0x1, 0x0) readv(r2, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000080)=""/214) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000180)=0x2) [ 224.397800] FAULT_INJECTION: forcing a failure. [ 224.397800] name failslab, interval 1, probability 0, space 0, times 0 [ 224.409219] CPU: 1 PID: 13964 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 224.416444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.425858] Call Trace: [ 224.428516] dump_stack+0x185/0x1d0 [ 224.432211] should_fail+0x87b/0xab0 [ 224.435995] __should_failslab+0x278/0x2a0 [ 224.440311] should_failslab+0x29/0x70 23:39:11 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = inotify_init1(0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) fsetxattr(r2, &(0x7f0000000100)=@random={'os2.', '^\x00'}, &(0x7f0000000140)='ppp1\x00', 0x5, 0x2) ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000080)=0x100000001) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") setsockopt$netrom_NETROM_N2(r3, 0x103, 0x3, &(0x7f0000000180)=0x6, 0x4) inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r4 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) mknodat(r4, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) ioctl$sock_SIOCGIFCONF(r2, 0x8910, &(0x7f0000000200)=@buf={0x16, &(0x7f00000001c0)="79d29050e46ef3659a39572471d652141af7d744e97e"}) [ 224.444266] __kmalloc_node_track_caller+0x24b/0x11b0 [ 224.449507] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 224.454938] ? alloc_skb_with_frags+0x1e6/0xb80 [ 224.459699] __alloc_skb+0x2cb/0x9e0 [ 224.463468] ? alloc_skb_with_frags+0x1e6/0xb80 [ 224.468201] alloc_skb_with_frags+0x1e6/0xb80 [ 224.472770] ? kmsan_set_origin_inline+0x6b/0x120 [ 224.477692] ? __msan_poison_alloca+0x15c/0x1d0 [ 224.482438] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 224.487298] ? packet_sendmsg+0x6594/0x8ad0 [ 224.491702] sock_alloc_send_pskb+0xb56/0x11a0 23:39:11 executing program 6: write$fuse(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="2800000006000000df3720c0dd6e4a7d62a9eeff27b57d000000002e05665b0000000000000000000000000000000000005f0500000000224194864ac19057666537662839b0208ccb15f464191a0b50fd1911b6fcd5f0cf47270cecd628bf7f7316ad88508138eb3b1c74c536add8871c4c229caa5b9e69d9bbb5f8ec3fe62b97513f2b474dc1f9e96a13eee1d98e6db73b7f9404e2950e30c75997222d1f6f6ccdd814dafd8d0bc4a9fd8bced29c26c9cecc8aaaea394569d5ae1b97962e94743857e2d33453d31252160f9d649077858ccf6cd76138eb6b32f04944014432b3c84e94ebf368802750b810465d0038e6ad51cb08f57a8b1d3f252d9ba20944b0e08607a21d62c8ce86bb432c9bfd3a373a98036253a969a3eb0d136f7bed301225a83610f4b5e3735e62cc035e676c4298008e3dafc56deaf86f10f36cf79664ed28c3341cfede21fb4bb54b9cbcb9ef07343ff001f51d7dba21c687e782f374dac115f81e1d225c9c6dc86f1220ea74980a2078083e08646446"], 0x28) r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x10001, 0x0) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000080)=0x100000001) [ 224.496387] ? kmsan_set_origin+0x9e/0x160 [ 224.500715] packet_sendmsg+0x6594/0x8ad0 [ 224.504925] ? __fsnotify_parent+0x132/0x560 [ 224.509406] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 224.514919] ? rw_copy_check_uvector+0x643/0x6c0 [ 224.519728] ? __msan_poison_alloca+0x15c/0x1d0 [ 224.524487] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 224.530109] ? import_iovec+0x3c7/0x600 [ 224.534149] ? copy_msghdr_from_user+0x72c/0x830 [ 224.539001] ? compat_packet_setsockopt+0x360/0x360 [ 224.544085] ___sys_sendmsg+0xec8/0x1320 [ 224.548216] ? kstrtoull+0x766/0x7e0 [ 224.552031] ? kmsan_set_origin_inline+0x6b/0x120 [ 224.556969] ? __msan_poison_alloca+0x15c/0x1d0 [ 224.561730] ? _cond_resched+0x3c/0xd0 [ 224.565703] ? rcu_all_qs+0x32/0x1f0 [ 224.569506] ? _cond_resched+0x3c/0xd0 [ 224.573484] ? rcu_all_qs+0x32/0x1f0 [ 224.577272] ? __sys_sendmmsg+0x61d/0x850 [ 224.581514] __sys_sendmmsg+0x490/0x850 [ 224.585588] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 224.590581] ? syscall_return_slowpath+0xe9/0x710 [ 224.595610] __x64_sys_sendmmsg+0x11c/0x170 [ 224.599989] ? __sys_sendmmsg+0x850/0x850 [ 224.604187] do_syscall_64+0x15b/0x230 [ 224.608171] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 224.613429] RIP: 0033:0x455a09 [ 224.616684] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 224.624536] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 224.631859] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 224.639170] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 224.646477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 224.653789] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000005 23:39:11 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f00000001c0)=0xe8) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=@deltfilter={0x34, 0x2d, 0x300, 0x70bd28, 0x25dfdbfb, {0x0, r2, {0xf, 0x9}, {0xf, 0xf}, {0x2, 0x17}}, [@TCA_RATE={0x8, 0x5, {0xc0ac, 0x4}}, @TCA_CHAIN={0x8, 0xb, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000340)={0x0, 0x78, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xd}}, @in6={0xa, 0x4e23, 0x80000001, @dev={0xfe, 0x80, [], 0x16}, 0x9}, @in={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e22, @multicast1=0xe0000001}, @in6={0xa, 0x4e22, 0xff, @loopback={0x0, 0x1}, 0x7}]}, &(0x7f0000000380)=0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000003c0)={r3, 0x3}, 0x8) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x101000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xe, 0x5, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x4}, [@generic={0x7ff, 0x7, 0x7, 0x4}], {0x95}}, &(0x7f0000000440)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x1, [], r2}, 0x48) ioctl$TCFLSH(r4, 0x540b, 0xcb) 23:39:11 executing program 0: r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x0, 0x200000) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x8, 0x40) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f0000001300)={@sco={0x1f, {0x0, 0xa0f4, 0x2, 0xffff, 0x3, 0xfffffffffffffff7}}, {&(0x7f00000002c0)=""/4096, 0x1000}, &(0x7f00000012c0), 0x1}, 0xa0) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f00000000c0)=r1) r2 = socket$kcm(0x29, 0x5, 0x0) mlockall(0x1) r3 = msgget(0x1, 0x80) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000013c0)={{{@in6=@ipv4={[], [], @rand_addr}, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@multicast1}}, &(0x7f0000000000)=0xe8) getresgid(&(0x7f0000000180)=0x0, &(0x7f00000014c0), &(0x7f0000001500)) r7 = getuid() stat(&(0x7f0000001540)='./file0\x00', &(0x7f0000001780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000001580)=0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001800)={0x0}, &(0x7f0000001840)=0xc) msgctl$IPC_SET(r3, 0x1, &(0x7f0000001880)={{0xe4, r5, r6, r7, r8, 0x2, 0x3}, 0x81, 0x6, 0x5cf6, 0x1, 0x4, 0x1f, r9, r10}) ioctl(r2, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r11 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r11, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001600)={0x2, 0x11, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x25dfdbfc, [@sadb_sa={0x2, 0x1, 0x4d5, 0x7, 0x4, 0xcd, 0x4, 0x20000000}, @sadb_spirange={0x2, 0x10, 0x4d6, 0x4d5}, @sadb_key={0x1c, 0x9, 0x690, 0x0, "d26d99110e84b3e8c1e0bedcb8f2f066ff675285bca64ebf97e0214243d03aa98a145c9aa5ea5df51448b48a036df447f4cfc40127610a23bf1474eaa018f4a605fe9ba42d5b359f40151de9bf30ad41031fac61321f47e535293eebe7ba8160f24ca278fa9add0526d1613627bb78961498e93556099a8c13042bc5bd31f22a25f2965a7801e8e843b7271307ace46335cac0ed2f059cfdf68f590a17d80ca08f79db3bcec9bc9bc7c47da80aec03b90b6a449ef184067e1d6d1666a1dde40299c10807d77e3d879c7aaf06d7afde2d439f"}, @sadb_lifetime={0x4, 0x2, 0x80000001, 0x2, 0x81, 0x6437}, @sadb_lifetime={0x4, 0x4, 0x1000, 0x7, 0x8, 0x23}]}, 0x150}, 0x1}, 0x20000800) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001900)={'syzkaller1\x00', r4}) recvmmsg(r11, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:11 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = inotify_init1(0x80000) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") recvfrom(r1, &(0x7f0000000040)=""/69, 0x45, 0x40, 0x0, 0x0) inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r2 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) fchdir(r0) ioctl$GIO_UNIMAP(r2, 0x4b66, &(0x7f0000000140)={0x7, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}, {}]}) mknodat(r2, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) 23:39:11 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x0, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:11 executing program 7: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000001c0)={0x5ab, r6, 0x3, 0x5}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000200)={r7, 0xaf}) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) connect$rds(r4, &(0x7f0000000340)={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) 23:39:11 executing program 2 (fault-call:5 fault-nth:6): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:11 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa}, 0x1c) shutdown(r0, 0x0) 23:39:11 executing program 4: r0 = socket(0x1e, 0x805, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000080)=0xc) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 224.958830] FAULT_INJECTION: forcing a failure. [ 224.958830] name failslab, interval 1, probability 0, space 0, times 0 [ 224.970308] CPU: 1 PID: 14009 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 224.977593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.987148] Call Trace: [ 224.989799] dump_stack+0x185/0x1d0 [ 224.993492] should_fail+0x87b/0xab0 [ 224.997284] __should_failslab+0x278/0x2a0 [ 225.001597] should_failslab+0x29/0x70 [ 225.005559] kmem_cache_alloc_node+0x157/0xc80 [ 225.010231] ? validate_xmit_skb+0xfea/0x1320 [ 225.014804] ? __alloc_skb+0x202/0x9e0 [ 225.018791] __alloc_skb+0x202/0x9e0 [ 225.022572] alloc_skb_with_frags+0x1e6/0xb80 [ 225.027239] ? kmsan_set_origin_inline+0x6b/0x120 [ 225.032155] ? __msan_poison_alloca+0x15c/0x1d0 [ 225.036911] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 225.041745] ? packet_sendmsg+0x6594/0x8ad0 [ 225.046166] sock_alloc_send_pskb+0xb56/0x11a0 [ 225.050867] ? kmsan_set_origin+0x9e/0x160 [ 225.055205] packet_sendmsg+0x6594/0x8ad0 [ 225.059427] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 225.064865] ? update_cfs_rq_load_avg+0x66e/0x1aa0 [ 225.069882] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 225.075405] ? rw_copy_check_uvector+0x643/0x6c0 [ 225.080237] ? __msan_poison_alloca+0x15c/0x1d0 [ 225.085010] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 225.090549] ? import_iovec+0x3c7/0x600 [ 225.094605] ? copy_msghdr_from_user+0x72c/0x830 [ 225.099476] ? compat_packet_setsockopt+0x360/0x360 [ 225.104560] ___sys_sendmsg+0xec8/0x1320 [ 225.108718] ? kmsan_set_origin_inline+0x6b/0x120 [ 225.113655] ? __msan_poison_alloca+0x15c/0x1d0 [ 225.118421] ? _cond_resched+0x3c/0xd0 [ 225.122408] ? rcu_all_qs+0x32/0x1f0 [ 225.126210] ? _cond_resched+0x3c/0xd0 [ 225.130185] ? rcu_all_qs+0x32/0x1f0 [ 225.133954] ? __sys_sendmmsg+0x61d/0x850 [ 225.138175] __sys_sendmmsg+0x490/0x850 [ 225.142249] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 225.147707] __x64_sys_sendmmsg+0x11c/0x170 [ 225.152093] ? __sys_sendmmsg+0x850/0x850 [ 225.156294] do_syscall_64+0x15b/0x230 [ 225.160241] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 225.165467] RIP: 0033:0x455a09 [ 225.168688] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 225.176455] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 225.183777] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 225.191091] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 225.198410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:12 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x80000000}, 0x1c) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:12 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x2) write$evdev(r0, &(0x7f0000b5df88), 0x0) 23:39:12 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) r2 = gettid() ptrace$peekuser(0x3, r2, 0x2) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4) getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000180)={@local, 0x0}, &(0x7f00000001c0)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', r3}) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000080), 0x1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r1, 0x800442d3, &(0x7f0000000000)={0x6, 0x3d0c, 0x4, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 'irlan0\x00'}) 23:39:12 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$TCXONC(r0, 0x540a, 0x2d2) [ 225.205732] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000006 23:39:12 executing program 0: r0 = socket$kcm(0x29, 0x4, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = shmget$private(0x0, 0x1000, 0x78000100, &(0x7f0000ffd000/0x1000)=nil) shmctl$SHM_LOCK(r1, 0xb) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:12 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000040)="ae", 0x1) vmsplice(r3, &(0x7f0000cf7fe0)=[{&(0x7f00002a7000)}], 0x1, 0x0) readv(r2, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000080)=""/214) socket$inet_icmp_raw(0x2, 0x3, 0x1) 23:39:12 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) alarm(0x7) r0 = inotify_init1(0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x9, 0x200400000) r2 = socket$unix(0x1, 0x7, 0x0) getpeername$unix(r2, &(0x7f00000001c0)=@abs, &(0x7f00000000c0)=0x6e) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x800, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x2, &(0x7f0000000100), &(0x7f0000000140)=0x6) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) mknodat(r3, &(0x7f0000000180)='./file0\x00', 0x1009, 0x0) 23:39:12 executing program 4: r0 = socket(0x1e, 0x4, 0x20000000000) r1 = socket(0x1e, 0x805, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x10000, 0x0) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000340)={0x0, 0x401, 0x0, 0x7}, &(0x7f0000000380)=0x10) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000003c0)=r3, 0x4) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000200)={0xffffffff, 0x1, 0x8, 0x0, 0x0, [], [], [], 0x8, 0x2554b7da}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r1, 0x800442d2, &(0x7f0000000000)={0x9, &(0x7f0000000080)=[{0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @random}, {}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @remote}, {}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @random}]}) 23:39:12 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3f) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x4}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000680)='net/raw6\x00') sendfile(r0, r1, &(0x7f0000000300), 0x8001) 23:39:12 executing program 2 (fault-call:5 fault-nth:7): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:12 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000000)={0x4, 0x8, 0x2a3, 0x10000, 0xa22, 0x1}) 23:39:12 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) socket(0xa, 0x1, 0x80) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) sendmsg(r0, &(0x7f0000001380)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x0, 0x3, 0x4, {0xa, 0x4e23, 0x5, @dev={0xfe, 0x80, [], 0x17}, 0x9}}}, 0x80, &(0x7f0000001240)=[{&(0x7f0000000100)="7159bf91d5e47ecc8a4c00137995f3b9e19a7d6fe2f3e0679676264cf1f935bdf6a6e39c9a8b0286f7f8837dbeb07a5ccae2549f88fd362e1f288b1cfe4cb4b736e2abc55472128fc67a73", 0x4b}, {&(0x7f0000000180)="c0da15793f7363f331fb3535ed67a8654a0aec3e1a9af088784b0e163a2a3ae848c346c938cd50b5017a1f767a211ea98312f1b1e17072555b46576dcc42eb1c060a6dcf5b17f67137a3e311b229281d12cfb206648e56e00f1f072fa293ca456e17391acaf9ed2f412bafce605bf3cd7c207fcc91eee56922f095066d8256fbbd5c785453aa", 0x86}, {&(0x7f0000000240)="579831d47aaaa85f0ff8fea5eec5b3fcc7a9afa502718101d8c901efd65369444069d9b1bca3285cd8a5b70aff0ab85fe7895171817a5e7b297219453e59fa01c210b174f20e921c96e47175e2f3e26979704d7301bc7aee17b6ce0dff0185bbd009aa27a56fc8d45f95ad045438e7cba0e8becb5fe144ef1ab25856a8b9cc5322913021b0e0fa246b8349394a793aa6b77f18d55feba9bcfedd93794ae1a8e01822ba192de9676d72885daad32f293dafc7fbe7289a3cfeb797bc5a044a68772b1cde11820614c57d993794e2a5ce29e979969023a78dfe976b5fdd1f7e2adbb56734e82605243fdcef3088e411a1532b96d8c7a8569aba722cbb00535df028b60ce16be7624b176ab2b29c783147f1aee1589739010edc6e167f0143cd967f4d42d388d8a3778ac6339ee4483d43a9a5d2e07aafa9e8723d9dc0f1cd722f1a4ab4bd394d6c7b277946ac8111a7f5ac7a9725411e23957fa992ed57590d5cffba729560bb23d3a374ab24a6468d2a6cfdfde253b84fb98abbcc8cf106298517943d902ffe06b03f7b6524b1163a8fb0d1ef1c7d22c4598f182565e4b6ba5c2d861f168efcacdca3f1bbd43a5ce67c34e29f19b39caaa818e8cf533ffe72b72674dee62473449988b26ece9e05c99eda8abbe358845e8cd5a093127607469900251eae83f8cc0dd80984a979781006a227c47e6f1361ed6d0322b9685635c7a2cd4a0d53e8c7ff1dcd64de9d71c5b24c6e0e7aadaed37e5122d8820eb46fa37f9592f30ac0611e21ac201de38f99ada59e5572761ca3e8e5a2ff4e68de356c85d554a040d5a3776592bc6a51e0b3dc520ae0bb2bbca4673984f19bff2b2e434c45ab6ca0ecc782a577a837dc1c0d0a24a86a1897d13c24ab6d769bfaf9afd26ad6d6af9ff6e0ac912f73d78cfbbe896da1e5ae12a95c81d9b194ab630b113b52c182630e8bb4e0ef74899a47d79824d69ed493174b769af45ac0c9d33be1a24c3d8cc6bf22657f07ad96d3a778e53d580e32a94605b734b43b0bc57758d11dc16bbadc93387e83f858eacc5df041ec517f3df30e6ea2880cb59cfdf35a21f01fc5e1ddab587bce60f560cd8c978072766ac93235ed25c5b7b589bee3e7d93dde694d1ffcb4c299fceb596d65b382988cf82b2217b24e60b68c0bfe3c62ba75630dd33e987c41e2c5d4d28832797f89981cad1c49976f5eea914ebdbeaed0db925eec4ca28d07bcd2ec378d1331731ff12e9d42a5a2fba4f1bbf7a97aa9b38c58667cf2f13b49c7eadf0b5be3373d58783cb6515f49de52ea2ff065a5fe2bd8d3215e1ffc7e2584fa205e15bd0a00bdb5eae7c4823121348a8262e1f4553498de4833344e3a1e1a0f9f7e670f61654ea04920df7f0fdcef3bd43a87dad0fefdd2959f61a84cb5f6af1a60bcdbb1e782efb08838fe58920d9b1dbece83174d6f737196ccefba4b457ac789d65adad655d3bede9579560093b73048a0cbfe4fa6e75550eda57a86ae78268328c4ad86b4c7994ca5a35b4197398ffecf74ab4d82beaaa7af1ae3c026693a3584764d695d9c278b4251f969aee5e88e3ade67412257e329000510968d2c4e70eb2f83611c4aa1d89afa760c59deaa6e454182d4f3b58321a80307c01c5012d9db391456592baed8f20f94242e69ea2d733919a4c32eccddf72703c043e5a699424558db7de3b4dd89dba0e55e09ebbb5e41eb4e4d03615687b149b4c6ac32b93efe015f58414961cb068b5fca87863a7961be34d02476f9bfd55fbb6d1eaeabc68298596b9eb844b20b05cd8fa844c5c3c8ecec3943721497c3b338828225b805a61c3b230d4704ad1766553f9f3b905d123b7c23925f859eb8ded508404d03ef18b13ca7b519fe97f35cae3be983ebfb8096ca48208275e0de21de3af0245c5bc0b6979e02fc9db61ebc6cccdc063829df973d88227e05379bccc8caa346b51ad25edab88c20155eee2ad64e43b60d53d309c13f8697c0d54ebc0f08453817d3f9c41b60ebe1a6385b516877a85b10163df489ba66feec716f5077e9033b7260edb9a33cdfdce9268e9761abd5336457f116346ddccf007f17e35cb74b4079ce8fb50a3f7ba0a3fc29adeea582a3dc34e7b18eb8bfbd3b53064f524aa992e11db09e17ac0cdbc85808b4b2a69c0f1350c5ad712d8dfcd740303089c8af065982cec8aaa2232a3797c8e4e7c204e407ac5adbb41a6c407c53e8368165de1ea2a0be788a1c6db33f04ad94cd11dd7ad4dec017af0f3d557ba7e4a9535e554a40c7ac6718b9f9a8ba7438702f7a58aef3df720d250a0f98c88d716902e79466dd9203b6ed104701137e8d9c5f7ffaece681192205c10ddd0ebbd975d84e74c7ded1005abd89d8d23d64309054499843078c7e4647d90a9390c11c1b78d1b1dee08763a65125e1f2413e6ad8ff5dd1917651c72edbfa2008dcee3725258ef9461f93db52337e0eb469faf6233c3b62b986bb5163a8c0c39d49a704eac93eb85b7f16493e0bb96698b04be72a7ebc34d7061a3755624578ead2ef5bc9f8974c355159a9a02a54e26a86b3e0168f93b36a649b6d1c15ad0379b1e8e17dab93f5bd2305aeba34f563ce0b82df470008eb1897035ef248ae93667215646901ecc0894157761a824dc7810786acb138fca21a0d08b399a15b2c0e3f7e2770f2b29f10b499fbae3032521446e0f4c6a8a22324c3efce7fd97f70cd9fcb5d63a5a0cdfedcfe3355cabbdb0c75011887b0c2d25fc25f67cba2dd0b4eb21b860eca456df49ec84216e549d6a849ae7e89e755d8ea07bf1fa12f73a4e629dc0a33a3a3a386ab49afa2e6681b3667cb190e736844079af39c9c92b916cf8ab8b7052b81737a8d807f6dc494a16ad6a4f96c61729ac872bc0ad2f871b852091f9c5f1481f8a637f3d3da91412262116086bd74cdcbb18d436fdd0e0624e2ea9e963dcddad42d39f450785c914ea776db95cf232d37d1f20ab73d72f3b39f2112d23292aa9bcd3648a2769e55895bbe7bc9160f9efcd3da0604e848104a9fc138b7367ae802fb9ddbd15e3bc48563a508630e33f697a7bd0f74afc89d73ce672e16752c87c0c5c58168589c4733afd14c5f2b74821aa2dc9c15e264071156b359aa6ce6050c12276fc77f859b86c6c3eb8cb68922f360d411d56721f4e29e35ba1880717bbbb57c0a750cb27774b765b6786ab39d8f8908c46bb563f34629f14040f15de72f22d89a4d5a266b8b5433ba480c4ec4c57b060bc6c647ce27322bf2c0723e13517a50d5635bf8da64f99174f89bbce5126ff8ff21afd5b24afe514885ac4b6e13ea456895a25c1dbb8edde0c2d27830945ae88b58f8391f2e974e7ac55f0ddb88b6e83b49c2f7d88c63ea093c50eec782a1e76d9d04bc173f5c4b1945c1ae5cd44e2d83a72f3d2a7ad152a24e46c92e5367960af7e70c3f3e374b87860ea228b4baac6bcaa8a52c6b7e504676177e179f58c92474b0072fada6c435b56118350b5bf953b7982f2c8819dd5f0be368881f1a1bdb0868dbb1a9c545ea5c7e682932a8facfbf069a7309287f2a81c02294a07ea54a8a4f8c22441483c31a1d0a809c6c883b1a35713effbb2b0ac8f0b42f47f2813f66ef3732ba3e70b9c91251bcb863434922ab101d7670e1aa7ca7c716fd58396f7793cf9dc18dd69ba89b3e606cbeb9a7a10818f0e8b1ca6a57f9148f75addde205285b72ec454695e6ee54ecaa21da67f91c8cda8a043c47e727d2a8a4fb72f20e4234af2b9583876851d2e76eba94bb482f46de7a50bcd2d7ba8f790d61919c60b636610d646fe8df1c209d5b8d5ce78353785ae6b512e156a93cd9faa6c564a83c9c58cb8c91237808c219e4d6a16b9a1205918b6c218e4cc5ff1508e562fe3bffa879cc4951949585cc6a84bdf5ec39442d61144fcea9f98f75ffd0efb86f7f88a40d417156969fad47e35a66000da22696bfd21561e2ef8f9f252378099e1d7f3d8295b315d676aff5c0416e6149bfeb8bbdf97d29fc6f5235451d8c7419b043a0f3bcac2bf92aee2383cb7963af7b290a445426444e065b39ceea7583245d05fc5e1adaf20a5cb4e044b24e482a3c2b93e7c71f008fa134b21967b12da12e40ebb40db6f7fcba253a2322f4d1d64e071d98a9bc0a7b222536e55666b9b66b1de190ddcb99427e2229a36452c9273fbcd3f2f0ea4531bb584cb4f84319b4dfbc73a6f2352fd8416485c48fe2e20e279f1528bbb696ce7467cf44bacc443e70562a45edd786674ffb21d36336690a2d7929234a1feca0da5fb320d21ac8edd345836b9860d654b89cb829b97d5b821824b40f8c92b7cdad1dc4e73c238a75bda9564465964b174308c4ab811cccc0374cabc59b721220bade3715db5c496ab19a9d35833e67867ad77b68ed185c34204ab6aa1b3bd7acba4c82c40271c4edfe084c4e58d7ea5e6c11dcd53a72b09d5ace44fc1a45e4bbfa10e32737348eaf1a735d4d2637d8caa2f2f16a7dabfa4f4d3f5e6125ee6074a4813c387c5c63486a1da4de267f58b2176085a3a30f0d5bbe830eca41a735f03b93b19e514134cf4f9b2fbf38377f2b1f1044f7d5d2ab12d16c97feab2f7d17ff130c29c002d4f0515c4f41be3f3dff1f464e3dfe4f888d6eb634a495aaa95d21df742e34f4d2c9c064db3787ba08cbbcfbfd0fad2e024b414ba06920ab422dfef475b2cf7ee104bfb47d7f9c1db530d57037a9bedd8f2488c33be2b0872498dc431dcd91e41a08bfdfc6770fed06a8a58649bbd2d04982aedefcb28551e86115efd74c58a587dcbdc457f81b72d2765a0230dd2a037e661495c71e64babad9ee0c37ff4e4311cd1c9850d9af2f1c5b6af0d12595987d4d9aa63056cb5033471dd7370ef7f2c4ab93ed321b0e50e88a62c80508b2df0cdf727461f9056ace5f0d502e6f1827346b60bae228a434b191a41cd763ed996c70fae382f7de39c62060d22aaca90373da53bc21a4b4a22b373d3a372f1e91d923f86ef4f8fec8ba5f24562ba5a3b806f3aa5046116f2eec277f4a82d881fe1c11869356cb21cdecc32409aff553c6e3e208b4f2929f5083839284b90595b18d09a3d4dd393532eb2a98a5b4f275031c007ab20828b936ee7493fd168103faee4881e9031196fb8de00859a61cd69abe1cc8314a94125ba6a0fdce1990c9b3279f0071d4e48ad33f80941eea6c01b4783c106ad92db5b0d1fee1b3b7b81b1b034819c85dec4cc150d639a106ac82df022ee838dbb49532d6ae1f993f24265327e5f649974d56e5fda2d7e58c077976cd0ae7bec3bad0efc93a71ea2669e2c9c58f39a4b6fd6e88efaca287440e977b4987e45831a82eb7036813513ca757a352c119b21e46931416cfb97972b38c82d943409c4c1a78567bd2c0aaf9cfb5b113c577b91a88b8a51e28bb30e9d31ab6cd6bacb6538e02a1f80cd4690185c8fed9b44e9fb39dc11c6883979fad79076aa2de65f2169b7873320a70e7e3b342fe908bb6af569ed262941053072c4b75d6c3afac5c208acb9ec74adc0569544bd8e6ff68689b6b405589a4947281e80fabb7e6547df17001400415f0cbc8a84990d800004c4c89b4d948ae41ff80499c3623c328e0406dda526af55d835dd97dcb61b10ce4ea60057d94ec9ef6e597caae2fe4a94e42b3c0295c57a408c2b70af8dde19fafdd27758bc9b846a8e974acf396e2278a7e662c8be35a9c74acdaa714c9e32d15aefcf962ff213f4a60349a1c4fe5af4ccd2c977b9f7897be81249398624cb8a295518546b68922ef1a12f6ea1d748059e1bebc", 0x1000}, {}], 0x4, &(0x7f0000001280)=[{0xd8, 0x119, 0x9, "c258defe15aa883cd92d7070446740ed53a5bdcecfcc0ae08d9a4c5aeb146433d357609c8c876b48f13adbfdc0c6ccbf8a135bd6e0ad4a92e84a4202284258b862ec548cfabc1b2ebaefb45afb3abbc4d81b294e77169a9cb45bbb31b727a3ec6a9cbba5be3eab669053b2097405c0a34edbab588084438a7ea5ad2bf1d7696733724f049f33733be82ae25779fcbcac1d91bab787af4bf24e30557d32cc86ffa9f1768f74c36b8235ee4b79dd92d74689aa6bfe60058faf3cb0aa8577ca277c611dfba3202eb9aa"}, {0x18, 0x119, 0x1ff, 'E'}], 0xf0, 0x8000}, 0x40000) [ 225.559852] FAULT_INJECTION: forcing a failure. [ 225.559852] name failslab, interval 1, probability 0, space 0, times 0 [ 225.571289] CPU: 1 PID: 14053 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 225.578518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.588611] Call Trace: [ 225.591268] dump_stack+0x185/0x1d0 [ 225.594956] should_fail+0x87b/0xab0 [ 225.598731] __should_failslab+0x278/0x2a0 [ 225.603044] should_failslab+0x29/0x70 [ 225.606991] __kmalloc_node_track_caller+0x24b/0x11b0 [ 225.612244] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 225.617680] ? alloc_skb_with_frags+0x1e6/0xb80 [ 225.624329] __alloc_skb+0x2cb/0x9e0 [ 225.628097] ? alloc_skb_with_frags+0x1e6/0xb80 [ 225.632830] alloc_skb_with_frags+0x1e6/0xb80 [ 225.637401] ? kmsan_set_origin_inline+0x6b/0x120 [ 225.642317] ? __msan_poison_alloca+0x15c/0x1d0 [ 225.647065] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 225.651907] ? packet_sendmsg+0x6594/0x8ad0 [ 225.656311] sock_alloc_send_pskb+0xb56/0x11a0 [ 225.660986] ? kmsan_set_origin+0x9e/0x160 [ 225.665335] packet_sendmsg+0x6594/0x8ad0 [ 225.669545] ? __fsnotify_parent+0x132/0x560 [ 225.674047] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 225.679571] ? rw_copy_check_uvector+0x643/0x6c0 [ 225.684387] ? __msan_poison_alloca+0x15c/0x1d0 [ 225.689146] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 225.694687] ? import_iovec+0x3c7/0x600 [ 225.698728] ? copy_msghdr_from_user+0x72c/0x830 [ 225.703587] ? compat_packet_setsockopt+0x360/0x360 23:39:12 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000000)=@req={0xfffffffffffffff9, 0x982c, 0x3, 0x7ef6}, 0xfffffffffffffe40) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f00000001c0)=@req3={0x2, 0x7, 0x3ff, 0x3, 0x6, 0xc2, 0x4}, 0x2d1) setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f0000000080)={{0xa, 0x4e22, 0xa408, @mcast1={0xff, 0x1, [], 0x1}, 0x9}, {0xa, 0x4e20, 0x5, @mcast1={0xff, 0x1, [], 0x1}}, 0x7f, [0x9, 0x9, 0xfffffffffffff800, 0x80, 0x200, 0x6, 0x3, 0x4]}, 0x5c) 23:39:12 executing program 3: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f00000004c0)=""/148, 0x94}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000740)='comm\x00') perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000480)=[{&(0x7f0000000280)=""/209}, {&(0x7f0000000380)=""/242}], 0x10000000000002a1, 0x10400003) [ 225.708688] ___sys_sendmsg+0xec8/0x1320 [ 225.712810] ? kstrtoull+0x766/0x7e0 [ 225.716611] ? kmsan_set_origin_inline+0x6b/0x120 [ 225.721524] ? __msan_poison_alloca+0x15c/0x1d0 [ 225.726273] ? _cond_resched+0x3c/0xd0 [ 225.730242] ? rcu_all_qs+0x32/0x1f0 [ 225.734030] ? _cond_resched+0x3c/0xd0 [ 225.738001] ? rcu_all_qs+0x32/0x1f0 [ 225.741775] ? __sys_sendmmsg+0x61d/0x850 [ 225.746029] __sys_sendmmsg+0x490/0x850 [ 225.750082] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 225.755080] ? syscall_return_slowpath+0xe9/0x710 [ 225.760021] __x64_sys_sendmmsg+0x11c/0x170 [ 225.764410] ? __sys_sendmmsg+0x850/0x850 [ 225.768616] do_syscall_64+0x15b/0x230 [ 225.772586] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 225.777867] RIP: 0033:0x455a09 [ 225.781092] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 225.788864] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 225.796179] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 225.803489] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 225.810801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 225.818118] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000007 23:39:13 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) syz_open_procfs(r1, &(0x7f00000000c0)='net/igmp\x00') write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:13 executing program 7: r0 = socket(0xb032932bbfbbeafa, 0x200000000000805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1, 0x808, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0xfe49) umount2(&(0x7f00000000c0)='./file0\x00', 0x1) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000080)=0x4) 23:39:13 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000080)={{0x2, 0x4e20, @rand_addr=0x4}, {0x306, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x62, {0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 'sit0\x00'}) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="02000000000000000000000000000000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:13 executing program 3: r0 = mq_open(&(0x7f0000000040)='-$\x00', 0x800, 0x0, &(0x7f0000000080)) unshare(0x20000400) mq_timedreceive(r0, &(0x7f0000000100)=""/131, 0x259, 0x0, 0x0) 23:39:13 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}], 0x20) 23:39:13 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000040)="ae", 0x1) vmsplice(r3, &(0x7f0000cf7fe0)=[{&(0x7f00002a7000)}], 0x1, 0x0) readv(r2, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000080)=""/214) 23:39:13 executing program 2 (fault-call:5 fault-nth:8): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:13 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x100000000) r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x200000000000011, 0x4000000000080002, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000180)=0x110, 0x9a) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000000a40), 0x0, &(0x7f0000dda000)}], 0x1, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000), 0x4) recvfrom$llc(r1, &(0x7f0000000140)=""/31, 0x1f, 0x2020, &(0x7f0000000100)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10) ioctl$sock_netrom_SIOCGSTAMP(r1, 0x8906, &(0x7f0000000200)) ioctl$int_out(r1, 0x2, &(0x7f0000000040)) r2 = inotify_init1(0x0) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") inotify_add_watch(r2, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r4 = open(&(0x7f00000001c0)='./file1\x00', 0x0, 0x10) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0x4, @mcast1={0xff, 0x1, [], 0x1}, 0x1}, @in={0x2, 0x4e21, @broadcast=0xffffffff}, @in6={0xa, 0x4e21, 0x697, @empty, 0x1e37}, @in6={0xa, 0x4e21, 0x3, @mcast2={0xff, 0x2, [], 0x1}, 0x7fffffff}, @in={0x2, 0x4e24}, @in6={0xa, 0x4e21, 0x4, @dev={0xfe, 0x80, [], 0x1a}, 0xb1df}, @in6={0xa, 0x4e21, 0x100, @local={0xfe, 0x80, [], 0xaa}, 0xa538}], 0xac) getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000080)={'ipvs\x00'}, &(0x7f0000000280)=0x1e) mknodat(r4, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) [ 226.537254] FAULT_INJECTION: forcing a failure. [ 226.537254] name failslab, interval 1, probability 0, space 0, times 0 [ 226.548630] CPU: 1 PID: 14093 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 226.555871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.565264] Call Trace: [ 226.567944] dump_stack+0x185/0x1d0 [ 226.571628] should_fail+0x87b/0xab0 [ 226.575416] __should_failslab+0x278/0x2a0 [ 226.579721] should_failslab+0x29/0x70 23:39:13 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req3={0x80000000}, 0x1c) r1 = socket(0x1e, 0x805, 0x0) getresuid(&(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100)) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:13 executing program 3: r0 = memfd_create(&(0x7f0000000080)="726168b71f1b", 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x0, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffefffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r1, r0) [ 226.583673] kmem_cache_alloc_node+0x157/0xc80 [ 226.588338] ? validate_xmit_skb+0xfea/0x1320 [ 226.592915] ? __alloc_skb+0x202/0x9e0 [ 226.596904] __alloc_skb+0x202/0x9e0 [ 226.600683] alloc_skb_with_frags+0x1e6/0xb80 [ 226.605251] ? kmsan_set_origin_inline+0x6b/0x120 [ 226.610163] ? __msan_poison_alloca+0x15c/0x1d0 [ 226.614922] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 226.619756] ? packet_sendmsg+0x6594/0x8ad0 [ 226.624154] sock_alloc_send_pskb+0xb56/0x11a0 [ 226.628836] ? kmsan_set_origin+0x9e/0x160 [ 226.633169] packet_sendmsg+0x6594/0x8ad0 [ 226.637377] ? __fsnotify_parent+0x132/0x560 [ 226.641876] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 226.647385] ? rw_copy_check_uvector+0x643/0x6c0 [ 226.652197] ? __msan_poison_alloca+0x15c/0x1d0 [ 226.656965] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 226.662495] ? import_iovec+0x3c7/0x600 [ 226.666545] ? copy_msghdr_from_user+0x72c/0x830 [ 226.671407] ? compat_packet_setsockopt+0x360/0x360 [ 226.676516] ___sys_sendmsg+0xec8/0x1320 [ 226.680640] ? kstrtoull+0x766/0x7e0 23:39:13 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) ioctl$PPPIOCGFLAGS(r1, 0x8004745a, &(0x7f0000000000)) [ 226.684438] ? kmsan_set_origin_inline+0x6b/0x120 [ 226.689357] ? __msan_poison_alloca+0x15c/0x1d0 [ 226.694119] ? _cond_resched+0x3c/0xd0 [ 226.698094] ? rcu_all_qs+0x32/0x1f0 [ 226.701897] ? _cond_resched+0x3c/0xd0 [ 226.705868] ? rcu_all_qs+0x32/0x1f0 [ 226.709650] ? __sys_sendmmsg+0x61d/0x850 [ 226.713874] __sys_sendmmsg+0x490/0x850 [ 226.717928] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 226.722923] ? syscall_return_slowpath+0xe9/0x710 [ 226.727865] __x64_sys_sendmmsg+0x11c/0x170 [ 226.732294] ? __sys_sendmmsg+0x850/0x850 [ 226.736490] do_syscall_64+0x15b/0x230 [ 226.740438] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 226.745659] RIP: 0033:0x455a09 [ 226.748875] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 226.756633] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 226.763945] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 226.771255] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 226.778565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 226.785887] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000008 23:39:13 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x1ff, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x8, &(0x7f00000001c0)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@mcast1, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@multicast2}}, &(0x7f00000004c0)=0xe8) add_key(&(0x7f0000000280)='trusted\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000300), 0x0, 0x0) 23:39:13 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = inotify_init1(0xfffffffffffffffd) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r2 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) mknodat(r2, &(0x7f00000000c0)='./file0\x00', 0x1009, 0x0) 23:39:13 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6, 0x20000) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r2, &(0x7f0000000180)="c897f2dba3d64bfcf5358c1c051db000fc46459947", &(0x7f0000000200)=""/115}, 0x18) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0x1c) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000000c0)=ANY=[@ANYBLOB="09000000f1eae18d64962be55217e61eff8ceecf20cf061b95ab9b538054d176691264f29be2815b35d2855786535b550682c63af0398a104b5c89350400002b71538237d5520e265fb1fece8dab65be54b02800a7dae091591bf0cd1d68fa051ebe46a975aadfac110f5cd65ce2df20d0d18a585e87b261816e15054530e012e1af50e9217747c1d914553ceef2af2df9d1ff69cc71d892b9e869f17a1a49", @ANYRES32=0x0], &(0x7f0000000080)=0x8) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000001c0)=0x5, 0x43a42c934e2c05c9) 23:39:13 executing program 7: r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x80000000}, 0x37) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000180)={'broute\x00'}, &(0x7f0000000040)=0x78) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req={0x0, 0xffffffff, 0x7, 0x7}, 0xf) ioctl$int_in(r1, 0x5421, &(0x7f0000000080)) r2 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x7fff, 0x2000) ioctl$DRM_IOCTL_AUTH_MAGIC(r2, 0x40046411, &(0x7f0000000100)=0x3ff) 23:39:14 executing program 6: r0 = open(&(0x7f0000000000)='./file0\x00', 0x301000, 0x1) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f000000afdf)={0x28, 0x4000006, 0x0, @fuse_notify_inval_inode_out}, 0x28) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in={{0x2, 0x4e22}}, 0x6, 0x7, 0x8, "3d7038e0c65e6fa3dc3475d2b9e2c11f4ce12091267debd9149d50c2796b3c3c2446c20a7e7769799d5d615241c65b61a3173cc2546c75d32e56ceb2241db30ef57d05f6f264954488118787a4c6cb7f"}, 0xd8) 23:39:14 executing program 2 (fault-call:5 fault-nth:9): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:14 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x2) ioctl(r0, 0x4000000002283, &(0x7f0000139000)='4') write$evdev(r0, &(0x7f0000b5df88)=[{}, {{0x77359400}}], 0x30) 23:39:14 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x80000000}, 0x1c) r1 = socket(0x1e, 0x805, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x8, 0x6}, &(0x7f0000000080)=0xc) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={r2, 0xfb}, 0x8) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:14 executing program 4: r0 = socket(0x1e, 0x805, 0x0) shutdown(r0, 0x1) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:14 executing program 3: r0 = memfd_create(&(0x7f0000000080)="726168b71f1b", 0x80000000005) ioctl$TCSETA(r0, 0x4030582a, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40001000000000d8}) 23:39:14 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000040)="ae", 0x1) vmsplice(r3, &(0x7f0000cf7fe0)=[{&(0x7f00002a7000)}], 0x1, 0x0) readv(r2, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1) 23:39:14 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") ioctl(r0, 0x2, &(0x7f0000000040)="023943f540c7a4773d99286e6b5fc7") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0211e0ee9a7e8527d47b9f574458c7da6b7aca9fd165c93ee2264fa68a352f2ad75957277e3e12dec1224e26430e7a690b000000000000000000f25ee8dae0fb32e666523ca1905711da4b774e8affeb2779a75d00000000000000000000000000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 227.556404] FAULT_INJECTION: forcing a failure. [ 227.556404] name failslab, interval 1, probability 0, space 0, times 0 [ 227.567878] CPU: 0 PID: 14156 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 227.575102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.584497] Call Trace: [ 227.587138] dump_stack+0x185/0x1d0 [ 227.590823] should_fail+0x87b/0xab0 [ 227.594589] __should_failslab+0x278/0x2a0 [ 227.598901] should_failslab+0x29/0x70 23:39:14 executing program 3: r0 = syz_open_dev$random(&(0x7f0000000080)='/dev/random\x00', 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000240)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f00000002c0)) preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/177, 0xb1}], 0x1, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x32, 0xffffffffffffffff, 0x0) tkill(r1, 0x1000000000016) 23:39:14 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x44000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) [ 227.602845] __kmalloc_node_track_caller+0x24b/0x11b0 [ 227.608086] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 227.613520] ? alloc_skb_with_frags+0x1e6/0xb80 [ 227.618262] __alloc_skb+0x2cb/0x9e0 [ 227.622028] ? alloc_skb_with_frags+0x1e6/0xb80 [ 227.626763] alloc_skb_with_frags+0x1e6/0xb80 [ 227.631334] ? kmsan_set_origin_inline+0x6b/0x120 [ 227.636263] ? __msan_poison_alloca+0x15c/0x1d0 [ 227.641024] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 227.645860] ? packet_sendmsg+0x6594/0x8ad0 [ 227.650266] sock_alloc_send_pskb+0xb56/0x11a0 [ 227.654958] ? kmsan_set_origin+0x9e/0x160 [ 227.659312] packet_sendmsg+0x6594/0x8ad0 [ 227.663555] ? __fsnotify_parent+0x132/0x560 [ 227.668056] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 227.673569] ? rw_copy_check_uvector+0x643/0x6c0 [ 227.678388] ? __msan_poison_alloca+0x15c/0x1d0 [ 227.683133] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 227.688736] ? import_iovec+0x3c7/0x600 [ 227.692771] ? copy_msghdr_from_user+0x72c/0x830 [ 227.697626] ? compat_packet_setsockopt+0x360/0x360 [ 227.702696] ___sys_sendmsg+0xec8/0x1320 23:39:14 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000005940)=@getqdisc={0x24, 0x26, 0x201}, 0x24}, 0x1}, 0x0) [ 227.706807] ? kstrtoull+0x766/0x7e0 [ 227.710604] ? kmsan_set_origin_inline+0x6b/0x120 [ 227.715605] ? __msan_poison_alloca+0x15c/0x1d0 [ 227.720363] ? _cond_resched+0x3c/0xd0 [ 227.724330] ? rcu_all_qs+0x32/0x1f0 [ 227.728118] ? _cond_resched+0x3c/0xd0 [ 227.732079] ? rcu_all_qs+0x32/0x1f0 [ 227.735845] ? __sys_sendmmsg+0x61d/0x850 [ 227.740064] __sys_sendmmsg+0x490/0x850 [ 227.744108] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 227.749106] ? syscall_return_slowpath+0xe9/0x710 [ 227.754044] __x64_sys_sendmmsg+0x11c/0x170 [ 227.758419] ? __sys_sendmmsg+0x850/0x850 [ 227.762615] do_syscall_64+0x15b/0x230 [ 227.766573] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 227.771802] RIP: 0033:0x455a09 [ 227.775021] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 227.782787] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 227.790102] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 227.797420] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:14 executing program 7: r0 = socket$inet6(0xa, 0x2100000000000002, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0xde}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}, 0x1c) r1 = socket(0x1e, 0x805, 0x0) recvmsg(r1, &(0x7f00000005c0)={&(0x7f0000000180)=@un=@abs, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)=""/42, 0x2a}, {&(0x7f0000000200)=""/179, 0xb3}, {&(0x7f00000002c0)=""/247, 0xf7}, {&(0x7f00000003c0)=""/73, 0x49}, {&(0x7f0000000440)=""/27, 0x1b}, {&(0x7f0000000480)=""/60, 0x3c}], 0x6, &(0x7f0000000540)=""/125, 0x7d, 0x81}, 0x10000) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000080), &(0x7f00000000c0)=0x4) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) getsockname$packet(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000640)=0x14) connect$can_bcm(r2, &(0x7f0000000680)={0x1d, r3}, 0x10) 23:39:14 executing program 4: r0 = socket(0xd, 0xa, 0x401) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 227.804821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 227.812153] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000009 23:39:14 executing program 3: 23:39:14 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0xfffffffffffffffe, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:14 executing program 2 (fault-call:5 fault-nth:10): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 228.088603] FAULT_INJECTION: forcing a failure. [ 228.088603] name failslab, interval 1, probability 0, space 0, times 0 [ 228.100168] CPU: 1 PID: 14201 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 228.107420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.116813] Call Trace: [ 228.119465] dump_stack+0x185/0x1d0 [ 228.123159] should_fail+0x87b/0xab0 [ 228.126950] __should_failslab+0x278/0x2a0 [ 228.131266] should_failslab+0x29/0x70 [ 228.135233] kmem_cache_alloc_node+0x157/0xc80 [ 228.139904] ? validate_xmit_skb+0xfea/0x1320 [ 228.144574] ? __alloc_skb+0x202/0x9e0 [ 228.148563] __alloc_skb+0x202/0x9e0 [ 228.152350] alloc_skb_with_frags+0x1e6/0xb80 [ 228.156927] ? kmsan_set_origin_inline+0x6b/0x120 [ 228.161849] ? __msan_poison_alloca+0x15c/0x1d0 [ 228.166608] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 228.171447] ? packet_sendmsg+0x6594/0x8ad0 [ 228.175865] sock_alloc_send_pskb+0xb56/0x11a0 [ 228.180546] ? kmsan_set_origin+0x9e/0x160 [ 228.184878] packet_sendmsg+0x6594/0x8ad0 [ 228.189100] ? __fsnotify_parent+0x132/0x560 [ 228.193589] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 228.199094] ? rw_copy_check_uvector+0x643/0x6c0 [ 228.203904] ? __msan_poison_alloca+0x15c/0x1d0 [ 228.208650] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 228.214162] ? import_iovec+0x3c7/0x600 [ 228.218180] ? copy_msghdr_from_user+0x72c/0x830 [ 228.222977] ? compat_packet_setsockopt+0x360/0x360 [ 228.228042] ___sys_sendmsg+0xec8/0x1320 [ 228.232144] ? kstrtoull+0x766/0x7e0 [ 228.235907] ? kmsan_set_origin_inline+0x6b/0x120 [ 228.240790] ? __msan_poison_alloca+0x15c/0x1d0 [ 228.245527] ? _cond_resched+0x3c/0xd0 [ 228.249503] ? rcu_all_qs+0x32/0x1f0 [ 228.253242] ? _cond_resched+0x3c/0xd0 [ 228.257169] ? rcu_all_qs+0x32/0x1f0 [ 228.260921] ? __sys_sendmmsg+0x61d/0x850 [ 228.265192] __sys_sendmmsg+0x490/0x850 [ 228.269207] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 228.274183] ? syscall_return_slowpath+0xe9/0x710 [ 228.279107] __x64_sys_sendmmsg+0x11c/0x170 [ 228.283461] ? __sys_sendmmsg+0x850/0x850 [ 228.287618] do_syscall_64+0x15b/0x230 [ 228.291523] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 228.296738] RIP: 0033:0x455a09 [ 228.299927] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 228.307668] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 228.314962] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 228.322281] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 228.329770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 228.337082] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000000a 23:39:15 executing program 7: r0 = socket(0x1e, 0x1008000005, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:15 executing program 1: 23:39:15 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x111100, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="28002000060000000000000000000001000000000000000000000000000000000000000000000000"], 0x28) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040)=0x400007f, 0xfffffffffffffeb4) ioctl$SG_SET_COMMAND_Q(r0, 0x2271, &(0x7f0000000000)=0x1) 23:39:15 executing program 3: 23:39:15 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0x1c) recvfrom$inet(r0, &(0x7f0000000080)=""/115, 0x73, 0x10000, &(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x3}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:15 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x40, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f0000000140)={0x7fffffff, 0x2, 'client0\x00', 0xffffffff80000005, "98beca1da32aab5a", "7ba2889de4c5f7cff3af480167e22bf92c7be218903a4d17812c327c468c4677", 0x0, 0x1}) r2 = socket$key(0xf, 0x3, 0x2) socket$unix(0x1, 0x3, 0x0) sendmsg$key(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}, 0x10}, 0x1}, 0x0) 23:39:15 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000040)="ae", 0x1) vmsplice(r2, &(0x7f0000cf7fe0)=[{&(0x7f00002a7000)}], 0x1, 0x0) 23:39:15 executing program 2 (fault-call:5 fault-nth:11): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:15 executing program 3: 23:39:15 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x14, 0x6, 0xfffffffffffffffc, @fuse_poll_out={0x65}}, 0x14) [ 228.566471] FAULT_INJECTION: forcing a failure. [ 228.566471] name failslab, interval 1, probability 0, space 0, times 0 [ 228.577953] CPU: 1 PID: 14213 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 228.585177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.594580] Call Trace: [ 228.597223] dump_stack+0x185/0x1d0 [ 228.600911] should_fail+0x87b/0xab0 [ 228.604687] __should_failslab+0x278/0x2a0 [ 228.608998] should_failslab+0x29/0x70 [ 228.612941] __kmalloc_node_track_caller+0x24b/0x11b0 [ 228.618185] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 228.623625] ? alloc_skb_with_frags+0x1e6/0xb80 [ 228.628399] __alloc_skb+0x2cb/0x9e0 [ 228.632178] ? alloc_skb_with_frags+0x1e6/0xb80 [ 228.636924] alloc_skb_with_frags+0x1e6/0xb80 [ 228.641505] ? kmsan_set_origin_inline+0x6b/0x120 [ 228.646428] ? __msan_poison_alloca+0x15c/0x1d0 [ 228.651175] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 228.656012] ? packet_sendmsg+0x6594/0x8ad0 [ 228.660415] sock_alloc_send_pskb+0xb56/0x11a0 23:39:15 executing program 3: 23:39:15 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) get_robust_list(r1, &(0x7f0000000180)=&(0x7f0000000140)={&(0x7f0000000040), 0x0, &(0x7f0000000280)={&(0x7f0000000240)}}, &(0x7f00000001c0)=0xfffffffffffffd33) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 228.665091] ? kmsan_set_origin+0x9e/0x160 [ 228.669415] packet_sendmsg+0x6594/0x8ad0 [ 228.673617] ? __fsnotify_parent+0x132/0x560 [ 228.678118] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 228.683624] ? rw_copy_check_uvector+0x643/0x6c0 [ 228.688431] ? __msan_poison_alloca+0x15c/0x1d0 [ 228.693183] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 228.698704] ? import_iovec+0x3c7/0x600 [ 228.702788] ? copy_msghdr_from_user+0x72c/0x830 [ 228.707643] ? compat_packet_setsockopt+0x360/0x360 [ 228.712750] ___sys_sendmsg+0xec8/0x1320 [ 228.716878] ? kstrtoull+0x766/0x7e0 [ 228.720681] ? kmsan_set_origin_inline+0x6b/0x120 [ 228.725598] ? __msan_poison_alloca+0x15c/0x1d0 [ 228.730353] ? _cond_resched+0x3c/0xd0 [ 228.734331] ? rcu_all_qs+0x32/0x1f0 [ 228.738940] ? _cond_resched+0x3c/0xd0 [ 228.742930] ? rcu_all_qs+0x32/0x1f0 [ 228.746712] ? __sys_sendmmsg+0x61d/0x850 [ 228.750936] __sys_sendmmsg+0x490/0x850 [ 228.754980] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 228.759971] ? syscall_return_slowpath+0xe9/0x710 23:39:15 executing program 3: [ 228.764911] __x64_sys_sendmmsg+0x11c/0x170 [ 228.769295] ? __sys_sendmmsg+0x850/0x850 [ 228.773495] do_syscall_64+0x15b/0x230 [ 228.777448] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 228.782674] RIP: 0033:0x455a09 [ 228.785895] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 228.793830] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 228.801147] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 228.808457] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:15 executing program 1: [ 228.815796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 228.823130] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000000b 23:39:16 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_netrom_SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000001180)) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffa) remap_file_pages(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000001, 0x7f, 0x80000) request_key(&(0x7f0000001100)='trusted\x00', &(0x7f0000001140)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000011c0)="2f6465762f6375736500a073a5560e8fd0d4398c31734a64f3573534e8f04d2e7a9efe725b70cc85c633aa", 0xfffffffffffffff8) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:16 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000180)=@req={0x1, 0x1, 0xbb, 0x9}, 0x13d) futex(&(0x7f0000000000), 0x0, 0x2, &(0x7f0000000080)={0x0, 0x1c9c380}, &(0x7f00000000c0), 0x1) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) r2 = dup(r1) ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000140)=0x92b) 23:39:16 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x5, 0x7, 0x8c2d, 0x10001}, 0x10) getsockname$llc(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000080)=0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0xff, 0x85, 0x1}, 0x10) ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f00000000c0)) 23:39:16 executing program 3: 23:39:16 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970735435851265666caa635fc8ae64e04ee7c3de6d5832d227d4d7ceb8f8f644b8e4b25117077a05015c14256fe5281b68dfedc53549fda125c5b591d9dd30d563226172027ede2e39471cc185c0653ca759fa155a8debf314e67739b1e829e53e40797aa914e998b0c51cbfa2e959b911be61819a7049bba3ab7f36e2b7943c0aa7452f4a87f9ee7693aed9a5ceb8e0bd7bf66d34ce3d3341d7f740f8d1fd4c0297aaaae227dc") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:16 executing program 1: 23:39:16 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000040)="ae", 0x1) 23:39:16 executing program 2 (fault-call:5 fault-nth:12): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:16 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x80, 0x400402) ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000180)={r3, 0x1}) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={r2, 0x4ee75748a050fefc, 0x1, 0xfff, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}, 0x20) ioctl$IOC_PR_RELEASE(r4, 0x401070ca, &(0x7f00000000c0)={0x7, 0x10000, 0x1}) ioctl$BLKRESETZONE(r2, 0x40101283, &(0x7f00000001c0)={0x5, 0x4}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 229.458256] FAULT_INJECTION: forcing a failure. [ 229.458256] name failslab, interval 1, probability 0, space 0, times 0 [ 229.469634] CPU: 0 PID: 14268 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 229.476926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.486318] Call Trace: [ 229.488964] dump_stack+0x185/0x1d0 [ 229.492653] should_fail+0x87b/0xab0 [ 229.496450] __should_failslab+0x278/0x2a0 [ 229.500767] should_failslab+0x29/0x70 23:39:16 executing program 4: r0 = socket(0x1e, 0x805, 0x0) socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xffffffffffffff03) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:16 executing program 1: 23:39:16 executing program 3: [ 229.504733] kmem_cache_alloc_node+0x157/0xc80 [ 229.509415] ? validate_xmit_skb+0xfea/0x1320 [ 229.513986] ? __alloc_skb+0x202/0x9e0 [ 229.517989] __alloc_skb+0x202/0x9e0 [ 229.521773] alloc_skb_with_frags+0x1e6/0xb80 [ 229.526345] ? kmsan_set_origin_inline+0x6b/0x120 [ 229.531241] ? __msan_poison_alloca+0x15c/0x1d0 [ 229.535985] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 229.540821] ? packet_sendmsg+0x6594/0x8ad0 [ 229.545232] sock_alloc_send_pskb+0xb56/0x11a0 [ 229.549918] ? kmsan_set_origin+0x9e/0x160 [ 229.554218] packet_sendmsg+0x6594/0x8ad0 [ 229.558430] ? __fsnotify_parent+0x132/0x560 [ 229.562927] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 229.568445] ? rw_copy_check_uvector+0x643/0x6c0 [ 229.573264] ? __msan_poison_alloca+0x15c/0x1d0 [ 229.578017] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 229.583548] ? import_iovec+0x3c7/0x600 [ 229.587597] ? copy_msghdr_from_user+0x72c/0x830 [ 229.592466] ? compat_packet_setsockopt+0x360/0x360 [ 229.597571] ___sys_sendmsg+0xec8/0x1320 [ 229.601682] ? kstrtoull+0x766/0x7e0 [ 229.605478] ? kmsan_set_origin_inline+0x6b/0x120 [ 229.610399] ? __msan_poison_alloca+0x15c/0x1d0 [ 229.615148] ? _cond_resched+0x3c/0xd0 [ 229.619110] ? rcu_all_qs+0x32/0x1f0 [ 229.622886] ? _cond_resched+0x3c/0xd0 [ 229.626854] ? rcu_all_qs+0x32/0x1f0 [ 229.630618] ? __sys_sendmmsg+0x61d/0x850 [ 229.634829] __sys_sendmmsg+0x490/0x850 [ 229.638868] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 229.643862] ? syscall_return_slowpath+0xe9/0x710 [ 229.648794] __x64_sys_sendmmsg+0x11c/0x170 [ 229.653170] ? __sys_sendmmsg+0x850/0x850 [ 229.657371] do_syscall_64+0x15b/0x230 [ 229.661360] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 229.666585] RIP: 0033:0x455a09 [ 229.669797] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 229.677557] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 229.684873] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 229.692205] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 229.699517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:16 executing program 6: pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000040)={0xb0, 0x13, "d75ef5ef4c9254411679c1de993d7f16cbb592"}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:16 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40103, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x6) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 229.706830] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000000c 23:39:16 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) ioctl$sock_netdev_private(r1, 0x89f4, &(0x7f0000000180)="012eb2e3525f4256976bc3c93c3c5ff039ad5421bae91d86d75213bd54f35f3a10735cad363068fdd0d957a44c0fa2c69a1c51c9fcd377ad29ac66a1950868177846ac117bba1f162c9a8498628718e95cdf78c721cb92c2e55aee463e388e6b607d7b1b2b984a15") 23:39:16 executing program 3: 23:39:16 executing program 1: 23:39:16 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) 23:39:16 executing program 4: r0 = socket(0x22, 0x804, 0x0) r1 = socket(0x1e, 0x805, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x1, 0x40000) ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000280)) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$inet_dccp_buf(r0, 0x21, 0xc2, &(0x7f0000000180)="e791126532e7b4ad2698a49c1a2630e131b96075718ab0ea045171c9c700fda0506c55332837a648f1d5b755ef49f5daff40957bbd775f4b1ce11c5e52b0e547116951b76146112c689666ccaa4066f670b66c190acff685e369fa658b3cb66af490d1bd24f17435cde5187bd7b0038bacffa6c114079d62b23ea361374c89a5eafc49297260314c1245bada914288925071d4d267be6f8586e1b5fd0abce4e03cbb5258c4f63780afb1957b3e2b796a7bcc06950fcbb54b4790457ccd63512cf67ac4616579ee42209463806646776aa4af959417781ac595124b7d652d2871fa086dea2001da95e0c26d", 0xeb) rt_sigreturn() inotify_init() openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x1, 0x0) r3 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x4e70, 0x2) ioctl$DRM_IOCTL_GET_MAP(r3, 0xc0286404, &(0x7f0000000080)={0x0, 0x5, 0x0, 0xc4, &(0x7f0000ffc000/0x1000)=nil, 0x850}) ioctl$TUNSETOFFLOAD(r3, 0x400454d0, 0x4) 23:39:16 executing program 3: 23:39:16 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x8000, 0x0) write$fuse(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="2800000006000000000000000000000000000000000000000000000000000000000000100000000065b8c90f725770521fab3cbc2c5439e7c25c740b27685d0294b82a3c6b1a0000000000000000000000000000a47689be38286851d5b58cf5f8de9bc25659a83ca57ba5f4669eb4a3e58a883c5a808fda3ab9aa8648e0bdb6dc41f92099f90a17272ae67ff9f207aaaf2077e1f320627bd1c665c7f6665769f743186369b5499dc606d2eb843485a28110df01c9c2bfaa9a01"], 0xb4dc265e2c842d41) 23:39:16 executing program 1: 23:39:16 executing program 7: r0 = socket(0x1e, 0x802, 0x3aa) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in=@local, @in=@multicast1}}, {{@in6=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0xe8) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x30500, 0x0) ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000380)=""/254) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:17 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) ustat(0x562, &(0x7f00000000c0)) ioctl$SG_NEXT_CMD_LEN(r1, 0x2283, &(0x7f0000000040)=0xb8) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:17 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) ioperm(0x0, 0x800, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) 23:39:17 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000000)=r0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:17 executing program 3: 23:39:17 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x804, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:17 executing program 1: openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0) socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000340)) setsockopt$inet_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, &(0x7f0000000300), 0x4) close(0xffffffffffffffff) 23:39:17 executing program 2 (fault-call:5 fault-nth:13): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:17 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 230.317287] FAULT_INJECTION: forcing a failure. [ 230.317287] name failslab, interval 1, probability 0, space 0, times 0 [ 230.328683] CPU: 1 PID: 14333 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 230.336776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.346175] Call Trace: [ 230.348825] dump_stack+0x185/0x1d0 [ 230.352526] should_fail+0x87b/0xab0 [ 230.356302] __should_failslab+0x278/0x2a0 [ 230.360609] should_failslab+0x29/0x70 23:39:17 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:17 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000400)) recvmsg$kcm(r0, &(0x7f00000003c0)={&(0x7f00000000c0)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000140)=""/222, 0xde}, {&(0x7f0000000240)=""/223, 0xdf}], 0x2, &(0x7f0000000380)=""/53, 0x35, 0x8df7}, 0x41) r1 = socket(0x1e, 0x805, 0x0) getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000000), &(0x7f0000000080)=0xc) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000440)={0x1, [0x58]}, &(0x7f0000000480)=0x6) 23:39:17 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="2800000006ab9564c000000400000000000000000000000000002000000000000000007dc8000000002000000000060020000000000000"], 0x28) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={0x0, 0xa041}, &(0x7f0000000040)=0x8) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000001c0)={{0xffffffffffffffff, 0x1, 0x2fa, 0x1, 0x1f}, 0xfd3, 0x1f0, 0xb7}) ioctl$BLKRAGET(r0, 0x1263, &(0x7f0000000280)) vmsplice(r0, &(0x7f0000000680)=[{&(0x7f00000002c0)="8158a7336c617134927e121d20702dab48476ba55838fa8879e0095948dbc5ff45d6eba8", 0x24}, {&(0x7f0000000300)="8aa6fe1a87faa01eb91afe7412569fc9caf387f93ea9f30812a34d810496f537b3148f4511ef4da73eb810ebcdcac92c0ced5145c88128ce75053d97adf15d3a05b91e2998c1dbb6ab5a5dabdc509874960e8c13537e166aa43e11090ce93b5260a01e477364e7ce7c14dbd93ce129ffc9165ee5f1b16fecfc2ecd155c24e3718a2eba5158a2f7dc14bc47", 0x8b}, {&(0x7f00000003c0)="878754fde5b36ba0ffd970040cd39bd511d2b85107631e07f2570e53182d65220a1581a68c29cbff434334974eb57a08a80b14301422effedab9ac684d9552b1f6de0f5f11f7b80da1a35a7c0de80987dce71303ef5469c67a7b2edb9f5906fa28444c623bf75129ac1fcbf6f0f788", 0x6f}, {&(0x7f0000000440)="fdbae4d8524916f032881cf1dc761fbde11eeba0b65d3f26dce1951ee3b09e1048089e9cea5be2886d09fa9a7648613394df643ecf7730992babc10a85b8d2aa54852026c400456cd3fb8eb78ed5a6461dafd9574093eb3e617fe0531db477aa3925a3f70672f5a9d32c02762afde25ea03acf74eda5d283364a9ac6e5177b0715373d3781ea1d73941fe77d62fd95fcec1d79e911ea12ac5eb5e93a33dec0d4ac3f701650cf2389764f91d8ba4f6ac04220b6ee3e0bd981358427d0e10367baddea8c5c532a8d0ae16f6df4809ef15feb29e73acf11a39c10a50dfc12704db9cc1f4c41f4be691554d9788bed02", 0xee}, {&(0x7f0000000540)="6b981d79bba14630d92ebd8c1e7e91f49276f59f5f00dbb2bd25a0b342c253adfe78e3c9be04d8dcda872b67f82335b73b00f54132863935dcf363463cc85499afcfa6bec59ed03e78882e7bf21d7bce940614f7bde195500a59570a52f05e2ae34e0e9907ce598e4798fad48e797e63d2a755d871c88e8b5c1a99dfc7300a177304182af0451ce9b2e5cf4ff82e94d895534e5fbaff941f2b7403abb1b2e2443322258e", 0xa4}, {&(0x7f0000000600)="6b45420925241410eff337f1d79712a9abee620a0f46e6102e5949434dfc2aa44e3af31b8ea3e2c638a612a3c1d436b170c050b29802a91ee490b9a601ea4144dbfcf6dd9e3b0adcc3d5", 0x4a}], 0x6, 0x6) socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1f}}}, 0x80000001, 0x8}, &(0x7f0000000180)=0x90) 23:39:17 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000002c0)=0x5, 0x4) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) [ 230.364547] __kmalloc_node_track_caller+0x24b/0x11b0 [ 230.369789] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 230.375217] ? alloc_skb_with_frags+0x1e6/0xb80 [ 230.379980] __alloc_skb+0x2cb/0x9e0 [ 230.383742] ? alloc_skb_with_frags+0x1e6/0xb80 [ 230.388473] alloc_skb_with_frags+0x1e6/0xb80 [ 230.393042] ? kmsan_set_origin_inline+0x6b/0x120 [ 230.397951] ? __msan_poison_alloca+0x15c/0x1d0 [ 230.402697] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 230.407533] ? packet_sendmsg+0x6594/0x8ad0 [ 230.411932] sock_alloc_send_pskb+0xb56/0x11a0 [ 230.416603] ? kmsan_set_origin+0x9e/0x160 [ 230.420932] packet_sendmsg+0x6594/0x8ad0 [ 230.425148] ? __fsnotify_parent+0x132/0x560 [ 230.429636] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 230.435144] ? rw_copy_check_uvector+0x643/0x6c0 [ 230.439967] ? __msan_poison_alloca+0x15c/0x1d0 [ 230.444729] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 230.450353] ? import_iovec+0x3c7/0x600 [ 230.454446] ? copy_msghdr_from_user+0x72c/0x830 [ 230.459326] ? compat_packet_setsockopt+0x360/0x360 [ 230.464445] ___sys_sendmsg+0xec8/0x1320 [ 230.468573] ? kstrtoull+0x766/0x7e0 [ 230.472384] ? kmsan_set_origin_inline+0x6b/0x120 [ 230.477304] ? __msan_poison_alloca+0x15c/0x1d0 [ 230.482065] ? _cond_resched+0x3c/0xd0 [ 230.486047] ? rcu_all_qs+0x32/0x1f0 [ 230.489896] ? _cond_resched+0x3c/0xd0 [ 230.493886] ? rcu_all_qs+0x32/0x1f0 [ 230.497673] ? __sys_sendmmsg+0x61d/0x850 [ 230.501916] __sys_sendmmsg+0x490/0x850 [ 230.505977] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 230.510979] ? syscall_return_slowpath+0xe9/0x710 23:39:17 executing program 4: r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x7f, 0x2) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000080), 0x4) r1 = socket(0x1e, 0x805, 0x0) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 230.515929] __x64_sys_sendmmsg+0x11c/0x170 [ 230.520324] ? __sys_sendmmsg+0x850/0x850 [ 230.524527] do_syscall_64+0x15b/0x230 [ 230.528483] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 230.533708] RIP: 0033:0x455a09 [ 230.536924] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 230.544779] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 230.552181] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 230.559493] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000280)={0x0, 0x9f}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000340)={0x0, 0x20, "3a3806b4ef5aaeb63bed77b5f126884d4bfb1c9c3b33def37363745ca0921b03"}, &(0x7f0000000400)=0x28) r1 = syz_open_pts(r0, 0x20201) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f00000000c0)) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000100)={0xffffffffffffff48, 0x0, 0x0, 0x9}) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) timerfd_create(0xfffffffffffffffc, 0x0) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) read(r2, &(0x7f0000000580)=""/4096, 0x1000) write(r1, &(0x7f0000000140), 0x28d) [ 230.566798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 230.574146] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000000d 23:39:17 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000040)=ANY=[@ANYRES64=r0, @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYPTR64=&(0x7f0000000000)=ANY=[@ANYBLOB="60e31dbf8b17648ad64aad375f81be470c35b1ef6a6df1397d8f6640531f11a00286d3ce8af2"], @ANYBLOB="97596129b8fa921dd6ea99c0cbed7f8963835c36ca5348e98ec3b63e40d0c0b3fabb570ca21148182bfee80d6e435d2dfb5eba687eec3a546f204d2166f591b8a0c425d8e0e2", @ANYRES32=r0], @ANYRES64=r0, @ANYPTR64=&(0x7f0000000280)=ANY=[@ANYRES16=r0, @ANYBLOB="56ef13abde8c7045c82266fd28ee59fb669202955549f868258f544af4f31fa95687a9695c175b59ef37953fe6310762e63313dd06ab63567cb508e4ef4e4d6810d5cb2c7a9c6dbcf37a2ae0460614e1d9360fe692ddd3c790e46491f9991242cb82fa7f65735f77fa7a936ee6cc5ed0387546e3ffef22c60000000000000000000000b7e851fed73aa44e2d781e29b4f7e9bae1b98a4528082225", @ANYPTR=&(0x7f0000000180)=ANY=[@ANYRES64=r0], @ANYRES64=r0]], 0x20) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000140)) 23:39:17 executing program 5: r0 = socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) 23:39:17 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000000040)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000002c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)) 23:39:17 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000000040)="0684cee07002a81bddaaf2d0cb8a7040f606fca11f8d7e20e9152ae9dc0fc3a01054ca3c68cfb9430435f6e4b4a8b81dc201ccdc6f342727073b0de32fc2186da13da6386b6a7dcfcf", 0x49, 0xc0, &(0x7f0000000140)={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) 23:39:17 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x8000, 0x2) 23:39:17 executing program 2 (fault-call:5 fault-nth:14): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:17 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x44000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:17 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) r2 = perf_event_open(&(0x7f0000014f88)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r2, 0x0) r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$VT_SETMODE(r3, 0x5602, &(0x7f0000000100)={0x1ef5, 0x0, 0xb, 0x1, 0x3}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x8, 0x1000, 0x77f, 0x4}, 0xc) write$binfmt_aout(r0, &(0x7f0000001280)=ANY=[@ANYBLOB="0901010511000000510100000100ffff4e0200000400000000000000000000006f0c917b4680e392db27229e5edab5aed59f647f44eaa9010f17818dbdb0466a40007d6e8b2c826d0e1d589af578038061382993dd5d38c28302cbe672cc90f6abbf98d05e15d85d5fc674e64a6bcefbc9f1b732995c88e967b44a7cce71a365479a4f94b159f301f828743bc04a1578d24dc00ac58d4a531b2b5ff1c04b55b396f5cfe49322a1dd71880af32840f3b669c8a438dfddab2ed5ebb079ca9792d64a8976ea272bfbcf32e8065e38aadc8ba599d33a96de7b68e0f1370ef763e315117f37a154f872ef5be4816a49b3abc1468b668a46299924e4cee05dc954be4fc63b11a01b6241d1f9b41287c89e5981a309eb918057a4d8c0ee6130282df8a801465a4f9a4961fd50e2b09e8d90e1b32d44c3e66b9075be911cbc9e5bd63901cab7bbc2d1f5cff012796938ee03c273d3d7674919cb9278dec58972a5c46e8863cb328e1f1a14a3b714d3880a6441c6c391d813a70e1864095f6c35fb520931ad0895186ae6e52dd364fe73ef2ea2f0778d542925f4e1865169fd47a37eb99bfeb302be1482722a8fd67db7b5b683d562488b4a22bf9c0b583e8e9f03f4f53ffdf90e2006432fd72550b011de4486d5f6deedf6506ea26673e17e9b76b0c5a221b8e551a0c307ec62e85f222ef93d78f6d3edfd89b6993aa9d889638669ea46701d8ca6ca297dae08429b88cf88449aebaded19aa20bb8b0faf4437ca1c8c07cc63dafa51ace80c58edb74397f413ffd1d10bc497a84d9264c5020004709ee75f6dace5ebda190bf314238389e82716ee7b1b9150b807f3f0340e20ddc28032b9c83d98bd1059c77a997c2cba63c26371e99d7bf27c1a8afe22792cc375a0b0d2540d1e948ba0f48b2cfdcb10b100ded01187da0213e7f54554f1bc243699e3f1f4fce055a862f0a3aa04f2bfa6ff1ad32747e01c4c45f52c5abcf08446ac2f95fb18e95ffb1cfcd1cc25d90ad2efbe31b52ba87d8e2c978c6fcd7e8282a9cd6f46729e50446f9a8fe81c3ee58c2997efe1c2aadeea162218c1d91f6d84acd46ec5b780202a930bc3b3ccb1a3791f530f14566c847558539ab9bb6620615f8e2361981544a6efed74160e7de1a7a832a09f9e71d9cd14c8fe90fbafa67a0a247f097360bc0a97a876e52f4cb3af32e572c6f7f30e84fffedad472edd84737ed51001c37f4928a01a702bbd6bf3744233ca559bef061e81ab5dbcaa459b20bc4aacb3938c5537a6b6daec107bca429cdf4963b78af0949311048ca59a14ab2cb958cd459d0d204f96eae8ddfc0e6a96cbb583e15ace82040b52d1caab72d2f62e506b666fb30f0fd0a00e3c655c50c70c16d0ec0f7785f255c3e02202b13039cc6c7cd958e62bcfffb8be3bcad2572205bc46f989231cac0048c2fbfbd9e27274af2a0d62d5015a6f996798ed5f15a0f1dfa0fd93fbd36ec495152d0a598b91d4d1d355cafb34d7ea44acb99aaa637556d1058e883e70d63cff2b1852da649c9ea85f13e34e0ba77b05db22aa8e4f200f76c07fd1656454081ff48b5b59ef6a302ff6dc11d8c330840755c41761de2239b3f19c658b01d9ab1ec3986f34b3e118617a0ab6bd86e41076d1f61996db2dc95b68fd1e012e5df3070aec5775b8b883aa17b2653c9143d4634cb5342c860a146b01d2411d8c6f42d7dce6ba240196335f8f1fb2605af9bd9315ad60d7991a04c8382a8e315baee1f832da63cf575dec4ce8ca24b986cea515a0913d12cf2d4ae4ea1d0a975580154ec4707f24608631457a5c540f4216e6a097fee66bcb8fa4f91d3bc2372464101b587fdd58220ef0a36e36fd45bb907b96e2b5da29557ead278c6b2eadb4ad9ed71c94d1c5374a79ce0afa82df3829c4ceb319611573e39abac30cf284b02d239897c20af55b961c5aeed2727aa6108f44eb1ec2fd4f205b7596cf13675e0cec2fbdc7ca3d5ac058433555e6d479d92b0c06a1b2d9b7edfb02488797880a06cd1031dc6dba39131e509164cdc78bb5cc560bc6175aa40fe4e32948aab52c7ef11b822a49b7ab6b2a162e812b79bda6ef6e9548ea2e76356088eb7e15d0e1f6576a3d6b388183e3b6b85bb47fb5e80289de08be94b65c36a74ff463cac94c97d331bb3aa5e84f7876082a872a3ad6fc6b0e2cc07ee9bb3c3bc536d51ae6135d79c87b3361c951f9e0105f8ceec136f5142e47cdcc2e1f2e15d19f6dbe834811646bb8e5771a6311eb1a00e5415a7db4565d12d76738e73cf6c0b7842daf7b487287babef34387e882b4b835d203df1fb69b21852110964d75bd5882de55e96ab5a471e5784e8f13f23edb51ba584f384198d958623da2b1916dd1cd9467aab6d84614598c177646864a262bc5932f751c9842ec6aacda4899eec062da221b93d5c0e1672006c4d43febcf3b216df5b08656df998c17d9d51f2bb2940c2d5358b5a306f47dae1f8ea6da93a22bacb4f27d296046f213af4d3f2fb579c5ae13db1984ba60345d7edfd0cf0269905c1d210b2ff6ff673be253d387ea7b94a69a19d447e4d6f4807fee8bcae4f93575efc0e08f65dc0b0ad366c2183aedbe3a7028ed56f8bb8d238c0b7afeabc4174541fd2704fcf6083637ae06c5370b8ca6da83032acd81fbd7bf2882711d1b937fc661f90a86a12abed33ce1aff07a6cf677ff2b1f0b0eed432f86f0d3f455d889f664f1986a4c1ecdcd3c4b7e9a0a0f7ef5de1f5e2dab2d99781c7f9c5854accc916f758b6f857ef00b1101595728b085c0530db46a4dd1b642e69388b142ed7042aad8b0dfa4646f271059c6aad2a27f6ad1d0441ea9d6e6d832285471a97876067e54cc44b9de358c1a90ff622b3a25a38202af05ce013b36cdadc08473314163e031255ad1cad86d53c2fa17ad1ecccb0e3c9d4a30b702971c7a020905f5524d79886980df056ab5d0777748fada177c373b2dea9e5d9eee8a2f1ddcba93a64d09f6f6059d71e95a335b6f62668d63ed252ee24fa2de47aebdb6315c5146539345812feb4c6bb703fafdb94627f1b6cd302a644de86a8cb8b35d413cdf4ba3eb8c2d72dcd72cfc6145689031b2d910ab5ac0ba8dd15671efa8564c63eb647d335c2b222584d404d67edd37207604180503f7304a52c906e88dd5b99f293c9f9586ee3f498b6e6803b8a3fc1b8f98c6daf85f4aa657f2f383195f3528652ae1b7ac6aa9ac70d7799879a00a221601133cdec47915d0d1548c1264b72b37ce59aac01a558b607aeb83c0ac7e236ea55cd539a1128c7ad88fac9d4f8235390b147d51550c36c64890e7b6382c96053348bb032c8f6dfe7d24f96cab0b2964a79f19e960ab74ecb20cec2db9e497a268b781569eb15639eae0c93af25dd8f2b29a84e84515e1a6eec09b8235a0acf107e07d678d7606dfcceba59fc5d2b28badd177adcf803048f33de37adb982efb09cbccd8d3163e69fab8f7dc34045458f82b1dd25fbda086079e2fe67d8d57e0824f004676f8b4216c933d58fffa52b3e5ca89fe1e7dd16511ac43ca3dc633fc2fa49ec095f93e26ce8deef49c9841e4198f2bdc80b996c515b02fce87e93f37e420cfc6fa9854ca0a5f961806086eced2a282b26a23fe84c0dc658d7bbbdfdbbd8ebca88484935d16bdd227596db110dee807bdfa80c6e0e9ffa00663ea64e7b875f65d9563a60dad20c3101ab9d60e8b39b71fcf71393c23f93f8a5c0d36539a5b112c9866697627e8ca89fe4e57c8f3cca7b27be983110248448c2509faf7bf8da8b1758f4698b985dd15844ea692435569f5d10e450c3a82bc2d170edd8ca31a18b2dbba2e9dd7d1c81298b842c29146c5c3dee8a3b04354ec534ba66ae1ccd5403cb49f608eddb64bd617c9ee9e342584916652351fd8609e3b124622546ab30aa4625c664bf1ca5f911b6a958f901b30bc4372c06b233fc35784ce432b04c4e9ec870e9afd36f568761afbc4b3a5178cfaf9202d38ded0de735f367e62e6e7b679e2b476c78ba96a3b370ad50c7cb3059ad7ce0ff1b51a76761364fd59d7b9d056f8a0e8b9d47d18ff3b8c5f9fd96022510731d48d77459a731a3ccfe721c8188b88e5421a80a00b94417734f4bd351b3b7213c6d451abb9770821ad0d15d90658c4f8646ba0bee5841e5a43060c3cdefdcdac459f39914c15422a53e9eafe5896853f0cb22133ef67283073851bbd03795e4096d09ac40f71f7205abb8a129d547535129e910c8fdea124992d8c41cd8542a6364f5f69388176c4bae68eb19d12077d31f1fb8e00541dc4c1c035e260ca3492a55979d5353b294a559f4b6cf413c281dccb142b1c075be9173346129739aa3794928b56dbd60362dc56e2b56df3e3ad4189cc0c39ce6da1ea643d60e5c4f7c4298863cf7397f17b0704b10a23ab9415f4de8fa41f030e655916e8f39661109f65fe7a044b90e86ab433c099372ce95bfbeedd0d5da07b790ba289a47a72af876a12e6f62d87402152f27369ed9fb00570ed9223c302d4b9328be51d86f0e99be94e6b40b5497e8341fb7bf28a646173a9f2c00ca156df1838ef13a21e1807be7a73a98040942b156ce86175a8e7b604eb30bb60be3b746e841dd03cd99befc7b6cec9654dfdc05ee94e7821c5194e085624d6d598b4e89c1c58ab25033314994eefd53c8ebcd02d670e3be8a76e205c797c74b7ab1762fb5174ea4ea53c8453308d3b41e7cde37c0cf6e60130c2fc7632201ff07e67adc6cae418965f4bd91ac66248d73ce3afe201107c6746d45628cd29fa6a475c048ff65527381548215e001b52c3609f0296fa971ff1c6771e5471180e52fba3d159906ddbc2e02d7fab8c9ce3d28a569cbd0e695b4d94304d1684cacfbb80acd6f9ebe28a302e6d37265ef5bc41216482253dce458904c56dc007360808a9e677d2130a45c5748f91c255cdbb743ff0d5ce131b6b9e53819645f121386a7fcb939eff5aa73c2d96fd59d8fbd0b6f4ffa2b9534142eb684bbfb69c187a72dc461f6d5c0f277e7a9a11a273f6e3cc69b70f2ba218858a22d0ef6a3878811141c0e72407420c947f3c9d3d0eaaa0641ed357d6707d21edc8037d1b33cb413ac3deee4e2787098765a5f81f04d33cafdf1f8c46e44725d62ba1f20f6a15db8168b3b86ad88fd209894e41982ac8a7fabe5520d6503c37880249eac6b789e0880e89d968264604040588f8fb2f85332a5a579cf89cd680630c9a55044e07f3cfb88db97903e12eb94187dd9e9050d70979ee5ec15e19437005262150bec2c53fe922ef8929eed8692498db529e86da271bb85bc0e90c0ddc26951f07b0cfc1f715286b99f1d3a492bb4ced9224de3e960aeb449f31890f21bedd2e677cbff20e3e451105abd6ab208b285120942e4c4d75b10f41e9412cae7f5425fae0df37a905d83a51271e1b1ffe8444996cf875326810d910032af41aac86fb086dba0b6e9f9331dbe440aa0b79a7cb33e9fd309f28842dd79cafb8de9ca3be4e33ebb8d554b7bb989f9f6c3919303b30ff3f425a3e38d11f6910c3429e7fbe6c2e5a0b3d364d18d744787977b99abb04af7043021140724b3a7adcb486ad1b53e2cbd845f205d65f1c5734d7020f3b2b4f75a182082e57dca56cdfbed5a52b7696ef20b3687fca898058658da7a0aab88abb1e557e7e5516855168c82674216c019625ceebb9ea2049e09ed042fd4c6aacd9d5daed01ec2ec4ceedf996409ba494a24c5da1d57a034d2148d30853725cf489bf42e1d52071cbb93d8ee5f37d6d39012372c07a5ec3f16fafe5e8e858569c36e623fd83224c2f06912e11167bb8ac537799eb965"], 0x1020) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000080)=@req3={0x80000000, 0x0, 0x2}, 0x1db) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000001200)) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001100)={{{@in6=@mcast1, @in=@broadcast}}, {{@in6}, 0x0, @in6=@local}}, &(0x7f0000000000)=0xe8) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000001240)=0x2, 0x4) ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000140)=@buf={0x7f, &(0x7f0000000200)="86bc867b73aa859f28598a1e5cde489dacb03629d87aea937017cc0bdfac6b50a7bcc3508135e92076c1eb2b8a5043570135590557ea11d4463610393225835dc019978a1faab659bde17344623e51bdccd16473c60991d54ffc73d340c7ca6dea20b3b84c8bcd1e44e83ac5680b57b3c6cb2d5019b5e8a347ae3b3879ab3f"}) 23:39:17 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x484903, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast1}}, &(0x7f0000000000)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000280)=0xe8) fstat(r0, &(0x7f00000002c0)) setresuid(r1, r1, r2) 23:39:17 executing program 5: socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) 23:39:17 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) r2 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x9, 0x101000) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f0000000080)=0x1, 0x8) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="c4cb00ff285f9fbd00000000e6ff0000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:17 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000001c0)={0x5ab, r6, 0x3, 0x5}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000200)={r7, 0xaf}) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) connect$rds(r4, &(0x7f0000000340)={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) 23:39:17 executing program 7: r0 = socket(0x1f, 0x80f, 0x2) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) r2 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x8000, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000140)={{{@in=@dev, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6}}, &(0x7f0000000240)=0xe8) fstat(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r2, &(0x7f0000000100)='./file0\x00', r3, r4, 0x1100) listen(r2, 0x5) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000080)=0x40) [ 231.076793] FAULT_INJECTION: forcing a failure. [ 231.076793] name failslab, interval 1, probability 0, space 0, times 0 [ 231.088278] CPU: 0 PID: 14399 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 231.095504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.104895] Call Trace: [ 231.107545] dump_stack+0x185/0x1d0 [ 231.111237] should_fail+0x87b/0xab0 [ 231.115013] __should_failslab+0x278/0x2a0 [ 231.119328] should_failslab+0x29/0x70 [ 231.123292] kmem_cache_alloc_node+0x157/0xc80 [ 231.127947] ? validate_xmit_skb+0xfea/0x1320 [ 231.132538] ? __alloc_skb+0x202/0x9e0 [ 231.136523] __alloc_skb+0x202/0x9e0 [ 231.140322] alloc_skb_with_frags+0x1e6/0xb80 [ 231.144899] ? kmsan_set_origin_inline+0x6b/0x120 [ 231.149819] ? __msan_poison_alloca+0x15c/0x1d0 [ 231.154572] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 231.159437] ? packet_sendmsg+0x6594/0x8ad0 [ 231.163847] sock_alloc_send_pskb+0xb56/0x11a0 [ 231.168601] ? kmsan_set_origin+0x9e/0x160 [ 231.172927] packet_sendmsg+0x6594/0x8ad0 [ 231.177134] ? __fsnotify_parent+0x132/0x560 [ 231.181638] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 231.187175] ? rw_copy_check_uvector+0x643/0x6c0 [ 231.191994] ? __msan_poison_alloca+0x15c/0x1d0 [ 231.196756] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 231.202275] ? import_iovec+0x3c7/0x600 [ 231.206443] ? copy_msghdr_from_user+0x72c/0x830 [ 231.211342] ? compat_packet_setsockopt+0x360/0x360 [ 231.216461] ___sys_sendmsg+0xec8/0x1320 [ 231.220591] ? kstrtoull+0x766/0x7e0 [ 231.224395] ? kmsan_set_origin_inline+0x6b/0x120 [ 231.229310] ? __msan_poison_alloca+0x15c/0x1d0 [ 231.234064] ? _cond_resched+0x3c/0xd0 [ 231.238037] ? rcu_all_qs+0x32/0x1f0 [ 231.241823] ? _cond_resched+0x3c/0xd0 [ 231.245790] ? rcu_all_qs+0x32/0x1f0 [ 231.249565] ? __sys_sendmmsg+0x61d/0x850 [ 231.253792] __sys_sendmmsg+0x490/0x850 [ 231.257846] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 231.262849] ? syscall_return_slowpath+0xe9/0x710 [ 231.267793] __x64_sys_sendmmsg+0x11c/0x170 [ 231.272219] ? __sys_sendmmsg+0x850/0x850 23:39:18 executing program 5: socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) socket(0x1e, 0x805, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:18 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x80806, 0x1) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 231.276424] do_syscall_64+0x15b/0x230 [ 231.280382] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 231.285609] RIP: 0033:0x455a09 [ 231.288829] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 231.296608] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 231.303927] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 231.311273] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 231.318588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 231.325913] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000000e 23:39:18 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0xffffffffffffffff, 0x0) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) syz_open_procfs(r1, &(0x7f0000000100)='net/ip6_tables_targets\x00') ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000080)={0x0, 0x7}) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) r2 = semget(0x0, 0x4, 0x20) semctl$SETVAL(r2, 0x3, 0x10, &(0x7f0000000000)=0x1) r3 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x80, 0x404200) ioctl$SNDRV_TIMER_IOCTL_STOP(r3, 0x54a1) syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x3ff, 0x302) 23:39:18 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x44000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:18 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x4, &(0x7f0000000380)="0047fc2f07d82cb92409e267082a8ac5459c034e0000488f9d4e70") r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0xc000, 0x0) getsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f00000002c0)=""/171, &(0x7f0000000100)=0xab) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) ioctl$EVIOCSABS2F(r2, 0x401845ef, &(0x7f0000000080)={0x6, 0xff, 0x9, 0x6, 0x400040000000, 0x3}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f00000003c0)={0x0, @in={{0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x7, 0x9, 0x1, 0x5, 0x3}, &(0x7f0000000040)=0x98) getsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f00000004c0), 0x15f) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000480)={r3, 0x3}, 0x8) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000500)={@local={0xfe, 0x80, [], 0xaa}, 0x1, 0x0, 0x0, 0x1, 0x8001, 0x7, 0x8001}, &(0x7f0000000540)=0x20) ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000580)=""/215) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:18 executing program 4: r0 = socket(0x1e, 0x805, 0x5ff5ee72) r1 = socket(0x1e, 0x805, 0x0) clock_gettime(0x0, &(0x7f0000003980)={0x0, 0x0}) recvmmsg(r1, &(0x7f0000003780)=[{{&(0x7f0000000080)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @remote}}}, 0x80, &(0x7f00000012c0)=[{&(0x7f0000000100)=""/69, 0x45}, {&(0x7f0000000180)=""/196, 0xc4}, {&(0x7f0000000280)}, {&(0x7f00000002c0)=""/4096, 0x1000}], 0x4, 0x0, 0x0, 0x80000001}, 0x8}, {{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000001300)=""/124, 0x7c}, {&(0x7f0000001380)=""/156, 0x9c}, {&(0x7f0000001440)=""/70, 0x46}, {&(0x7f00000014c0)=""/56, 0x38}, {&(0x7f0000001500)=""/64, 0x40}, {&(0x7f0000001540)=""/21, 0x15}], 0x6, 0x0, 0x0, 0x6}}, {{&(0x7f0000001600)=@nfc_llcp, 0x80, &(0x7f0000001700)=[{&(0x7f0000001680)=""/25, 0x19}, {&(0x7f00000016c0)}], 0x2, 0x0, 0x0, 0x3fff8000000000}, 0x9}, {{&(0x7f0000001740)=@rc, 0x80, &(0x7f0000001a00)=[{&(0x7f00000017c0)=""/105, 0x69}, {&(0x7f0000001840)=""/250, 0xfa}, {&(0x7f0000001940)=""/190, 0xbe}], 0x3, &(0x7f0000001a40)=""/212, 0xd4, 0x601ea414}, 0x7}, {{&(0x7f0000001b40)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000002bc0)=[{&(0x7f0000001bc0)=""/4096, 0x1000}], 0x1, &(0x7f0000002c00)=""/23, 0x17, 0x5}, 0x2}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000002c40)=""/118, 0x76}, {&(0x7f0000002cc0)=""/191, 0xbf}, {&(0x7f0000002d80)=""/215, 0xd7}, {&(0x7f0000002e80)=""/103, 0x67}], 0x4, &(0x7f0000002f40)=""/248, 0xf8, 0x8001}, 0x7}, {{&(0x7f0000003040)=@nl=@unspec, 0x80, &(0x7f0000003240)=[{&(0x7f00000030c0)=""/93, 0x5d}, {&(0x7f0000003140)=""/17, 0x11}, {&(0x7f0000003180)=""/96, 0x60}, {&(0x7f0000003200)=""/25, 0x19}], 0x4, 0x0, 0x0, 0x1000}, 0xb54}, {{&(0x7f0000003280)=@ethernet, 0x80, &(0x7f0000003640)=[{&(0x7f0000003300)=""/69, 0x45}, {&(0x7f0000003380)=""/204, 0xcc}, {&(0x7f0000003480)=""/59, 0x3b}, {&(0x7f00000034c0)=""/70, 0x46}, {&(0x7f0000003540)=""/202, 0xca}], 0x5, &(0x7f00000036c0)=""/166, 0xa6, 0x66ca}, 0x40}], 0x8, 0x2000, &(0x7f00000039c0)={r2, r3+10000000}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x80000000}, 0x1c) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) getsockopt$inet_buf(r4, 0x0, 0x11, &(0x7f0000003a00)=""/4096, &(0x7f0000000280)=0x1000) 23:39:18 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000001c0)={0x5ab, r6, 0x3, 0x5}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000200)={r7, 0xaf}) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) connect$rds(r4, &(0x7f0000000340)={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) 23:39:18 executing program 7: r0 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000000)) read(r0, &(0x7f0000000080)=""/5, 0x5) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:18 executing program 5: socket(0x1e, 0x805, 0xfffffffffffffffe) syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x2, 0x0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:18 executing program 2 (fault-call:5 fault-nth:15): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:19 executing program 5: socket(0x1e, 0x805, 0xfffffffffffffffe) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) [ 232.081407] FAULT_INJECTION: forcing a failure. [ 232.081407] name failslab, interval 1, probability 0, space 0, times 0 [ 232.092883] CPU: 1 PID: 14432 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 232.100472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.109875] Call Trace: [ 232.112531] dump_stack+0x185/0x1d0 [ 232.116226] should_fail+0x87b/0xab0 [ 232.120000] __should_failslab+0x278/0x2a0 [ 232.124317] should_failslab+0x29/0x70 [ 232.128271] __kmalloc_node_track_caller+0x24b/0x11b0 [ 232.133546] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 232.138975] ? alloc_skb_with_frags+0x1e6/0xb80 [ 232.143713] __alloc_skb+0x2cb/0x9e0 [ 232.147473] ? alloc_skb_with_frags+0x1e6/0xb80 [ 232.152217] alloc_skb_with_frags+0x1e6/0xb80 [ 232.156783] ? kmsan_set_origin_inline+0x6b/0x120 [ 232.161691] ? __msan_poison_alloca+0x15c/0x1d0 [ 232.166437] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 232.171277] ? packet_sendmsg+0x6594/0x8ad0 [ 232.175672] sock_alloc_send_pskb+0xb56/0x11a0 [ 232.180409] ? kmsan_set_origin+0x9e/0x160 [ 232.184752] packet_sendmsg+0x6594/0x8ad0 [ 232.188953] ? __fsnotify_parent+0x132/0x560 [ 232.193445] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 232.198964] ? rw_copy_check_uvector+0x643/0x6c0 [ 232.203783] ? __msan_poison_alloca+0x15c/0x1d0 [ 232.208624] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 232.214158] ? import_iovec+0x3c7/0x600 [ 232.218210] ? copy_msghdr_from_user+0x72c/0x830 [ 232.223097] ? compat_packet_setsockopt+0x360/0x360 [ 232.228203] ___sys_sendmsg+0xec8/0x1320 [ 232.232326] ? kstrtoull+0x766/0x7e0 [ 232.236126] ? kmsan_set_origin_inline+0x6b/0x120 [ 232.241048] ? __msan_poison_alloca+0x15c/0x1d0 [ 232.245807] ? _cond_resched+0x3c/0xd0 [ 232.249788] ? rcu_all_qs+0x32/0x1f0 [ 232.253606] ? _cond_resched+0x3c/0xd0 [ 232.257585] ? rcu_all_qs+0x32/0x1f0 [ 232.261364] ? __sys_sendmmsg+0x61d/0x850 [ 232.265588] __sys_sendmmsg+0x490/0x850 [ 232.269636] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 232.274635] ? syscall_return_slowpath+0xe9/0x710 [ 232.279568] __x64_sys_sendmmsg+0x11c/0x170 [ 232.283945] ? __sys_sendmmsg+0x850/0x850 [ 232.288141] do_syscall_64+0x15b/0x230 [ 232.292087] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 232.297313] RIP: 0033:0x455a09 [ 232.300531] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 232.308290] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 232.315604] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 232.322925] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:19 executing program 7: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001280)='/dev/urandom\x00', 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000012c0)={0x303, 0x33}, 0x4) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = getpgrp(0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)=0x0) r4 = geteuid() sendmsg$nl_generic(r0, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000540)={&(0x7f0000000100)={0x43c, 0x24, 0x10, 0x70bd2c, 0x25dfdbfc, {0x2}, [@generic="dcad6713da8dee48be4b8347cb9a88fc75282fab9c2b", @typed={0x4, 0x57}, @generic, @typed={0x8, 0x4e, @pid=r2}, @nested={0x24c, 0x6, [@typed={0x8, 0x89, @u32=0x2}, @typed={0x10, 0x26, @str='mime_type\x00'}, @generic="7f123c5851d947356e079bbddac25bb6686e16be008ef4bb75c822488989d29eab2ea20bdb8d73b2e5044d9245b3bc32ad7e66d19130416f24206bf2e30c13699beecb2af5ee4fd0686da0c4b6eea855274901b0bcab3f1a99f5da1239d3f756d8cc1ef2da8b70658839410b37216acc0e60f0fb0e41f48baad1ffdb421e46bb2cc70c44", @generic="a55da30483382de7208bbdcd68fe2af25de58093791a845eaa40f5daf3918cf82fbb078780574b6f8a2da6a0e196", @generic="c324d1b91c5bde45c51b81d01927e554ab0fb6523835bd2940b3422dcca2699adfa20212bcc2ca8a931247d9f68dad51ff94946e0c951d51afa93a7654f37c90854d96b4c330d9d222a6784dd4f2602994d606eac92e02f754dd49fb81399c2e37eb95143399988f692e427b779af9ea08ed6b80862af75fb44a5f27110c2b276bb64ae55de12977d199411f192dacd7a60425dbdae734b3a90ae4d1640a250698c18bb26598e7b86dc80088dbaf915f076a1d76b1b94156c5d25a5604fe07bdd7265bfa2745989740c8b7f25c73aa58af0d11a851aa93", @generic="cde0d0409b34786a8aa7bcc5ba208ca01b698ab6d6b08f300cc8f272f6cb0ab147db8d1d724a1079645c06dce754eba46ac28fa4365ef2432677f4b6a79733f849cec67c0fa184914608231127711862d210d7f3c360dd0e105f946f485499aefddf35c9666663e205930a9f4c2f82c585e8dd68cd0a7ece0be1380bfb745b1e1ca07d7f8e8ba0d48a3c52", @typed={0x8, 0x26, @pid=r3}, @typed={0x14, 0x57, @ipv6=@loopback={0x0, 0x1}}]}, @generic="156f5b5a063336ca7654b18229b63c91633940b6e364e68d6828956f975e656d6cb4c5e56236aaac3f930e337e6574c14e4f2684870116cf6a062729b2a6ff8457ed8567de35e477b1ecc224b8a1aee4784615a69948229ee2cf791bfff4b565132e2ea2b5c2cf1f1004a1182e4196641be1698e50d715c9d170a66942469ce9c9cf9828a32267fe82fb8452859c7d70a9f5b4dca07903842fe12ff11f69963a72d45f403dfe8bf5226d4589147f350a32b32fe5cbd13bca51a8e17188", @generic="19884973a18f6c2df8226eeb635dde7a2a7ad523a71c2a9f40902f5087283d1650c08fdcef36c762d4399a5627c2710f679ebc09b2849d4072994d2d7ffda3c2fe41efd888445894b5de5d79ea09e5120ec51996d15a27b35bfba14837ece7166486e0b803b85646b7fdfe9b59608c6864c0910fe0e46f46db777fa348b2fe0d50b87e69ffff9b0fba73f392aa38d0f6e40b37e58fef420f9f1ca30d0a1582d75b49df57c5b375ce7689d39ef6d9dce918bc3913741acdf426a8c52dca94da7d1d88aa6a162b86a629d8dac3e0f4ffde408ea1f27ea8206ebb5922e04cace11608e9be6ccefdecaddcdfee409a7113297b4960", @typed={0x8, 0x1a, @uid=r4}]}, 0x43c}, 0x1, 0x0, 0x0, 0x1}, 0x800) r5 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x40000, 0x0) 23:39:19 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:19 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x6, @loopback={0x0, 0x1}, 0xfffffffffffffffb}, @in={0x2, 0x4e22, @loopback=0x7f000001}, @in6={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x7}, @in6={0xa, 0x4e22, 0x5, @local={0xfe, 0x80, [], 0xaa}, 0x26}, @in={0x2, 0x4e22, @broadcast=0xffffffff}, @in={0x2, 0x4e21, @multicast1=0xe0000001}, @in={0x2, 0x4e22}, @in={0x2, 0x4e24, @rand_addr=0x3}, @in6={0xa, 0x4e24, 0x7, @dev={0xfe, 0x80, [], 0x16}}, @in6={0xa, 0x4e22, 0x2, @empty, 0x9}], 0xdc) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='/dev/cuse\x00') write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:19 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000001c0)={0x5ab, r6, 0x3, 0x5}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000200)={r7, 0xaf}) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) connect$rds(r4, &(0x7f0000000340)={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) 23:39:19 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x44000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) [ 232.330245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 232.337561] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000000f 23:39:19 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) 23:39:19 executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x7, 0x800) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000240)=0x7, &(0x7f0000000280)=0x4) r1 = socket(0x1e, 0x805, 0x0) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r3 = semget(0x2, 0x4, 0x2) semctl$GETALL(r3, 0x0, 0xd, &(0x7f0000000140)=""/177) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x8, 0x52}, &(0x7f0000000080)=0x18) ioctl$sock_inet_sctp_SIOCINQ(r1, 0x541b, &(0x7f0000000100)) setsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000340)={r4, 0x101}, 0xfffffffffffffeef) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f00000002c0)=0xaa8b) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:19 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="021100000200000000000000000000004b76d7ad8e59103c914b85981e9c6fbaa38ada4068c7d1a49a342f25b6248a05296b8db3e7e5189b6a0439bab177"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:19 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:19 executing program 7: r0 = socket(0x17, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:19 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000001c0)={0x5ab, r6, 0x3, 0x5}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000200)={r7, 0xaf}) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:19 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) getuid() 23:39:19 executing program 5: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f00000001c0)=0xe8) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=@deltfilter={0x34, 0x2d, 0x300, 0x70bd28, 0x25dfdbfb, {0x0, r2, {0xf, 0x9}, {0xf, 0xf}, {0x2, 0x17}}, [@TCA_RATE={0x8, 0x5, {0xc0ac, 0x4}}, @TCA_CHAIN={0x8, 0xb, 0x7ff}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000340)={0x0, 0x78, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xd}}, @in6={0xa, 0x4e23, 0x80000001, @dev={0xfe, 0x80, [], 0x16}, 0x9}, @in={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e22, @multicast1=0xe0000001}, @in6={0xa, 0x4e22, 0xff, @loopback={0x0, 0x1}, 0x7}]}, &(0x7f0000000380)=0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000003c0)={r3, 0x3}, 0x8) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x101000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xe, 0x5, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x4}, [@generic={0x7ff, 0x7, 0x7, 0x4}], {0x95}}, &(0x7f0000000440)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x1, [], r2}, 0x48) ioctl$TCFLSH(r4, 0x540b, 0xcb) 23:39:19 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:19 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000000)=0x1e, 0x4) 23:39:19 executing program 2 (fault-call:5 fault-nth:16): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:19 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000440)={0x2}) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000480)={'ipddp0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) ioctl$TIOCLINUX2(r7, 0x541c, &(0x7f00000000c0)={0x2, 0x1, 0x6, 0x0, 0x4, 0x8}) [ 232.855816] FAULT_INJECTION: forcing a failure. [ 232.855816] name failslab, interval 1, probability 0, space 0, times 0 [ 232.867341] CPU: 0 PID: 14501 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 232.874568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.883958] Call Trace: [ 232.886605] dump_stack+0x185/0x1d0 [ 232.890290] should_fail+0x87b/0xab0 [ 232.894083] __should_failslab+0x278/0x2a0 [ 232.898401] should_failslab+0x29/0x70 [ 232.902365] kmem_cache_alloc_node+0x157/0xc80 [ 232.907024] ? validate_xmit_skb+0xfea/0x1320 [ 232.911595] ? __alloc_skb+0x202/0x9e0 [ 232.915568] __alloc_skb+0x202/0x9e0 [ 232.919353] alloc_skb_with_frags+0x1e6/0xb80 [ 232.923914] ? kmsan_set_origin_inline+0x6b/0x120 [ 232.928824] ? __msan_poison_alloca+0x15c/0x1d0 [ 232.933580] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 232.938441] ? packet_sendmsg+0x6594/0x8ad0 [ 232.942836] sock_alloc_send_pskb+0xb56/0x11a0 [ 232.947506] ? kmsan_set_origin+0x9e/0x160 [ 232.951821] packet_sendmsg+0x6594/0x8ad0 23:39:19 executing program 4: r0 = socket(0x1e, 0x805, 0x0) socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) acct(&(0x7f0000000080)='./file0\x00') ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000000)='bcsh0\x00') 23:39:20 executing program 3: write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:20 executing program 6: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x80000000002, 0x7fd) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="280000000a000000000001000000000000000000"], 0x1a122d46ce62de36) 23:39:20 executing program 5 (fault-call:1 fault-nth:0): pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) [ 232.956047] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 232.961559] ? rw_copy_check_uvector+0x643/0x6c0 [ 232.966392] ? __msan_poison_alloca+0x15c/0x1d0 [ 232.971149] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 232.976852] ? import_iovec+0x3c7/0x600 [ 232.980904] ? copy_msghdr_from_user+0x72c/0x830 [ 232.985747] ? compat_packet_setsockopt+0x360/0x360 [ 232.990824] ___sys_sendmsg+0xec8/0x1320 [ 232.994979] ? kmsan_set_origin_inline+0x6b/0x120 [ 232.999893] ? __msan_poison_alloca+0x15c/0x1d0 [ 233.004642] ? _cond_resched+0x3c/0xd0 [ 233.008603] ? rcu_all_qs+0x32/0x1f0 [ 233.012394] ? _cond_resched+0x3c/0xd0 [ 233.016463] ? rcu_all_qs+0x32/0x1f0 [ 233.020241] ? __sys_sendmmsg+0x61d/0x850 [ 233.024458] __sys_sendmmsg+0x490/0x850 [ 233.028511] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 233.033511] ? syscall_return_slowpath+0xe9/0x710 [ 233.038447] __x64_sys_sendmmsg+0x11c/0x170 [ 233.042829] ? __sys_sendmmsg+0x850/0x850 [ 233.047027] do_syscall_64+0x15b/0x230 [ 233.050975] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 233.056199] RIP: 0033:0x455a09 [ 233.059416] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 233.067169] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 233.074479] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 233.081788] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 233.089102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 233.096414] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000010 [ 233.101379] FAULT_INJECTION: forcing a failure. [ 233.101379] name failslab, interval 1, probability 0, space 0, times 0 [ 233.115201] CPU: 1 PID: 14515 Comm: syz-executor5 Not tainted 4.17.0-rc5+ #1 [ 233.122446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.131846] Call Trace: [ 233.134484] dump_stack+0x185/0x1d0 [ 233.138164] should_fail+0x87b/0xab0 [ 233.141939] __should_failslab+0x278/0x2a0 [ 233.146248] should_failslab+0x29/0x70 [ 233.150202] __kmalloc+0xc5/0x350 [ 233.153710] ? _cond_resched+0x3c/0xd0 [ 233.157655] ? pipe_fcntl+0x805/0xda0 [ 233.161514] pipe_fcntl+0x805/0xda0 [ 233.165179] ? __msan_poison_alloca+0x15c/0x1d0 [ 233.169893] ? __se_sys_fcntl+0x27b/0x390 [ 233.174081] ? __se_sys_fcntl+0x27b/0x390 [ 233.178262] do_fcntl+0x2e0/0x2320 [ 233.181861] ? security_file_fcntl+0x5e/0x200 [ 233.186426] __se_sys_fcntl+0x27b/0x390 [ 233.190461] __x64_sys_fcntl+0xd8/0x110 [ 233.194477] ? f_getown+0x190/0x190 [ 233.198137] do_syscall_64+0x15b/0x230 [ 233.202071] entry_SYSCALL_64_after_hwframe+0x44/0xa9 23:39:20 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000001c0)={0x5ab, r6, 0x3, 0x5}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:20 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x56b1e567, 0x4, 0x8, 0xe0}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x80000000, 0x0, 0x2}, 0x1c) 23:39:20 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) ioctl$sock_inet_SIOCSIFBRDADDR(r1, 0x891a, &(0x7f0000000000)={'irlan0\x00', {0x2, 0x4e23, @rand_addr=0x75}}) [ 233.207293] RIP: 0033:0x455a09 [ 233.210517] RSP: 002b:00007fda721e5c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 233.218285] RAX: ffffffffffffffda RBX: 00007fda721e66d4 RCX: 0000000000455a09 [ 233.225590] RDX: 0000000000000000 RSI: 0000000000000407 RDI: 0000000000000014 [ 233.232906] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 233.240217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 233.247540] R13: 0000000000000095 R14: 00000000006f5e98 R15: 0000000000000000 23:39:20 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x40000, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x2d, &(0x7f0000000340)={@multicast2=0xe0000002, @broadcast=0xffffffff, @multicast2=0xe0000002}, 0xc) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0214a500002000040000000000000000"], 0x10}, 0x1}, 0x0) getsockopt$inet_udp_int(r1, 0x11, 0x64, &(0x7f00000002c0), &(0x7f0000000300)=0x4) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000080), 0x4) ioctl$IOC_PR_RESERVE(r1, 0x401070c9, &(0x7f00000000c0)={0x6, 0x7, 0x1}) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:20 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:20 executing program 2 (fault-call:5 fault-nth:17): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:20 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000001c0)={0x5ab, r6, 0x3, 0x5}) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:20 executing program 5 (fault-call:1 fault-nth:1): pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:20 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) fcntl$setstatus(r1, 0x4, 0x0) 23:39:20 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x561902, 0x0) ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000080)={0x3, 0xfff}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) connect$ipx(r1, &(0x7f00000000c0)={0x4, 0xc4e, 0x7, "bc2af106e4c0", 0x5}, 0x10) 23:39:20 executing program 3: write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:20 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x400842, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000000)={'team_slave_0\x00', 0x2}) mq_timedsend(r0, &(0x7f0000000080)="af9bcc471e014b375f69feab005476127903ed0d9cd31501cef266c86ac4929a8f70a9cedfbf4e073f7a97944280841133a3537a482639c6feb79e425129e130", 0x40, 0x0, 0x0) ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000040)={0x5, 0x2, 0xfffffffffffffff9, 0x81, 0x6}) [ 233.531457] FAULT_INJECTION: forcing a failure. [ 233.531457] name failslab, interval 1, probability 0, space 0, times 0 [ 233.542886] CPU: 1 PID: 14539 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 233.550118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.559515] Call Trace: [ 233.562162] dump_stack+0x185/0x1d0 [ 233.565859] should_fail+0x87b/0xab0 [ 233.569670] __should_failslab+0x278/0x2a0 [ 233.573988] should_failslab+0x29/0x70 23:39:20 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x7, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 233.577937] __kmalloc_node_track_caller+0x24b/0x11b0 [ 233.583191] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 233.588638] ? alloc_skb_with_frags+0x1e6/0xb80 [ 233.593428] __alloc_skb+0x2cb/0x9e0 [ 233.597223] ? alloc_skb_with_frags+0x1e6/0xb80 [ 233.601968] alloc_skb_with_frags+0x1e6/0xb80 [ 233.606547] ? kmsan_set_origin_inline+0x6b/0x120 [ 233.611478] ? __msan_poison_alloca+0x15c/0x1d0 [ 233.616246] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 233.621089] ? packet_sendmsg+0x6594/0x8ad0 [ 233.625492] sock_alloc_send_pskb+0xb56/0x11a0 [ 233.630180] ? kmsan_set_origin+0x9e/0x160 [ 233.634521] packet_sendmsg+0x6594/0x8ad0 [ 233.638737] ? __fsnotify_parent+0x132/0x560 [ 233.643235] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 233.648750] ? rw_copy_check_uvector+0x643/0x6c0 [ 233.653576] ? __msan_poison_alloca+0x15c/0x1d0 [ 233.658336] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 233.663864] ? import_iovec+0x3c7/0x600 [ 233.667916] ? copy_msghdr_from_user+0x72c/0x830 [ 233.672874] ? compat_packet_setsockopt+0x360/0x360 [ 233.677958] ___sys_sendmsg+0xec8/0x1320 [ 233.682088] ? kstrtoull+0x766/0x7e0 [ 233.685913] ? kmsan_set_origin_inline+0x6b/0x120 [ 233.690839] ? __msan_poison_alloca+0x15c/0x1d0 [ 233.695592] ? _cond_resched+0x3c/0xd0 [ 233.699561] ? rcu_all_qs+0x32/0x1f0 [ 233.703357] ? _cond_resched+0x3c/0xd0 [ 233.707324] ? rcu_all_qs+0x32/0x1f0 [ 233.711089] ? __sys_sendmmsg+0x61d/0x850 [ 233.715311] __sys_sendmmsg+0x490/0x850 [ 233.719361] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 233.724363] ? syscall_return_slowpath+0xe9/0x710 [ 233.729312] __x64_sys_sendmmsg+0x11c/0x170 [ 233.733691] ? __sys_sendmmsg+0x850/0x850 [ 233.737898] do_syscall_64+0x15b/0x230 [ 233.741857] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 233.747085] RIP: 0033:0x455a09 [ 233.750304] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 233.758061] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 233.765376] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 233.772686] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 233.779999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 233.787315] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000011 23:39:21 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000000)={{0x8000000, 0x7}, 0x87}, 0x10) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:21 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x0, 0xfffffffffffffffc, 0x4c}, 0x10) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x7, &(0x7f0000000000)=[{0x9, 0x4, 0x7}, {0x1, 0x0, 0x9, 0x6}, {0x100, 0x1ff, 0x7f, 0xfff}, {0x0, 0x8, 0x0, 0xd33f}, {0x1, 0xb2e, 0x9, 0x10000}, {0xffff, 0x7, 0x52, 0x9}, {0x7fff, 0x1, 0xffffffff, 0x3}]}, 0x10) 23:39:21 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f00000002c0)={0x101, 0x0, 0x0, 0xf2}) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:21 executing program 3: write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:21 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x200041, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x80, 0x488100) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f00000000c0)=r3) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:21 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0xfffffffffffffffc) fcntl$setpipe(r1, 0x407, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000000)={0x0, 0x81}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)={r2, 0x100, 0xca, "eabdffed2d667020cc56db84d5d8d3defbf24fbaea4ea17d139375e1daf186901a0c37d158e24aff8b08f1b93f2e91cd5b79d9aa96e4ad6c6cd2b6a0ff2a495b673d235a1b5b882d186be04f38c51e6b94beabc727a3d3232537d57d46950ea21b2c2692f9032c762b6d46eafac0ac7b84807345afadfd5f8c8e4f54deb4b84f108d6e81aa92f2d4df59f3885cd84b4c2997ac43c9728ebc705bb00e41f3e19f8112b033e0f19b02da8ebb13a35f949f2629c5960eef84159c26288f8f817bfc6b3b985592b1540dc364"}, 0xd2) setsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000180)=0x4, 0x4) 23:39:21 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000080)=@add_del={0x2, &(0x7f0000000040)='team0\x00', 0x2}) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:21 executing program 2 (fault-call:5 fault-nth:18): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:21 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) recvmsg$kcm(r5, &(0x7f0000000840)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f0000000780)=[{&(0x7f0000000440)=""/182, 0xb6}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f00000006c0)=""/43, 0x2b}, {&(0x7f0000000700)=""/90, 0x5a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x7, &(0x7f0000000800), 0x0, 0x7ff}, 0x40000040) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 234.407703] FAULT_INJECTION: forcing a failure. [ 234.407703] name failslab, interval 1, probability 0, space 0, times 0 [ 234.419176] CPU: 0 PID: 14588 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 234.426406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.435799] Call Trace: [ 234.438445] dump_stack+0x185/0x1d0 [ 234.442142] should_fail+0x87b/0xab0 [ 234.445940] __should_failslab+0x278/0x2a0 [ 234.450259] should_failslab+0x29/0x70 23:39:21 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x0, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) [ 234.454227] kmem_cache_alloc_node+0x157/0xc80 [ 234.458896] ? validate_xmit_skb+0xfea/0x1320 [ 234.463474] ? __alloc_skb+0x202/0x9e0 [ 234.467478] __alloc_skb+0x202/0x9e0 [ 234.471267] alloc_skb_with_frags+0x1e6/0xb80 [ 234.475837] ? kmsan_set_origin_inline+0x6b/0x120 [ 234.480750] ? __msan_poison_alloca+0x15c/0x1d0 [ 234.485528] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 234.490394] ? packet_sendmsg+0x6594/0x8ad0 [ 234.494789] sock_alloc_send_pskb+0xb56/0x11a0 [ 234.499456] ? kmsan_set_origin+0x9e/0x160 [ 234.503780] packet_sendmsg+0x6594/0x8ad0 [ 234.507988] ? __fsnotify_parent+0x132/0x560 [ 234.512469] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 234.517975] ? rw_copy_check_uvector+0x643/0x6c0 [ 234.522785] ? __msan_poison_alloca+0x15c/0x1d0 [ 234.527597] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 234.533101] ? import_iovec+0x3c7/0x600 [ 234.537140] ? copy_msghdr_from_user+0x72c/0x830 [ 234.542020] ? compat_packet_setsockopt+0x360/0x360 [ 234.547096] ___sys_sendmsg+0xec8/0x1320 [ 234.551214] ? kstrtoull+0x766/0x7e0 23:39:21 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) r5 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:21 executing program 5: pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) fstat(r0, &(0x7f00000000c0)) stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setfsgid(r1) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000300)={{0x5, 0x5, 0x1, 0x100, 'syz0\x00', 0x401}, 0x1, [0xb43, 0x77, 0x2, 0x10001, 0x0, 0x7, 0x0, 0x7fffffff, 0x7, 0x6, 0x4, 0x5, 0x5f43, 0x100000000, 0x2, 0x3, 0x6, 0x7fffffff, 0x7, 0x7, 0x7, 0x5, 0x10000, 0x8000, 0x4, 0x800, 0xeac, 0x9, 0x1ff, 0x1ff, 0x1, 0x8, 0x100, 0x3, 0x5, 0x6a08e7aa, 0x8e1c, 0x8, 0x1000, 0x0, 0x3, 0x80000001, 0x1379a268, 0xdd52, 0x3, 0x4, 0x5a653fb4, 0x52, 0x81, 0x2, 0x5, 0x3ff000, 0x6, 0x8, 0x6, 0x7ff, 0x4, 0x9, 0x4, 0x571, 0x400, 0x163a, 0x1, 0xfb79, 0xc00000000000000, 0x9c0c, 0x9, 0x2, 0x3, 0x9, 0xffffffffffff8001, 0x0, 0x1000, 0x2, 0xfffffffffffffffc, 0x6, 0x4, 0x81, 0x8, 0x4, 0x100, 0xffff, 0x5, 0x9, 0x4, 0x6, 0x0, 0x4, 0x101, 0xffffffffffffffff, 0xc2, 0x80000000, 0x8b3, 0x0, 0x9, 0x2, 0x5, 0x0, 0x6, 0x8, 0x5, 0x4, 0x401, 0x7, 0x4, 0x6, 0x9, 0xffffffffffffffff, 0x3, 0x8, 0x100000000, 0x6, 0x1, 0x1000, 0x6b, 0x9, 0x2, 0x800, 0x3, 0x80000000, 0x7ff, 0x20, 0x1, 0x8000, 0xa48d, 0x4, 0xf4, 0x6], {0x0, 0x989680}}) fcntl$setpipe(r0, 0x407, 0x0) [ 234.555012] ? kmsan_set_origin_inline+0x6b/0x120 [ 234.559925] ? __msan_poison_alloca+0x15c/0x1d0 [ 234.564672] ? _cond_resched+0x3c/0xd0 [ 234.568640] ? rcu_all_qs+0x32/0x1f0 [ 234.572421] ? _cond_resched+0x3c/0xd0 [ 234.576393] ? rcu_all_qs+0x32/0x1f0 [ 234.580161] ? __sys_sendmmsg+0x61d/0x850 [ 234.584380] __sys_sendmmsg+0x490/0x850 [ 234.588437] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 234.593425] ? syscall_return_slowpath+0xe9/0x710 [ 234.598367] __x64_sys_sendmmsg+0x11c/0x170 [ 234.602751] ? __sys_sendmmsg+0x850/0x850 [ 234.606947] do_syscall_64+0x15b/0x230 [ 234.610888] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 234.616112] RIP: 0033:0x455a09 [ 234.619327] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 234.627089] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 234.634401] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 234.641713] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 234.649028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:21 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000080)={{0x0, 0x2}, 'port0\x00', 0x21, 0x1008, 0x0, 0x6d8, 0x8, 0x8, 0x2, 0x0, 0x0, 0xfffffffffffffffe}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:21 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000000)) 23:39:21 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x40000, 0x0) recvmmsg(r0, &(0x7f0000002680)=[{{&(0x7f0000000080)=@alg, 0x80, &(0x7f0000000500)=[{&(0x7f00000002c0)=""/151, 0x97}, {&(0x7f0000000380)=""/1, 0x1}, {&(0x7f00000003c0)=""/163, 0xa3}, {&(0x7f0000000480)=""/105, 0x69}], 0x4, &(0x7f0000000540)=""/61, 0x3d, 0x81}, 0x5d0}, {{&(0x7f0000000580)=@in6={0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000600)=""/180, 0xb4}, {&(0x7f00000006c0)=""/229, 0xe5}, {&(0x7f00000007c0)=""/8, 0x8}], 0x3, &(0x7f0000000840)=""/60, 0x3c, 0x80}, 0x4}, {{&(0x7f0000000880)=@alg, 0x80, &(0x7f0000001b80)=[{&(0x7f0000000900)=""/22, 0x16}, {&(0x7f0000000940)=""/35, 0x23}, {&(0x7f0000000980)=""/159, 0x9f}, {&(0x7f0000000a40)=""/190, 0xbe}, {&(0x7f0000000b00)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/47, 0x2f}, {&(0x7f0000001b40)}], 0x7, &(0x7f00000031c0)=""/4096, 0x1000, 0x3}, 0x4}, {{&(0x7f0000001c00)=@nl=@unspec, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001c80)=""/211, 0xd3}, {&(0x7f0000001d80)=""/76, 0x4c}], 0x2, &(0x7f0000001e40)=""/64, 0x40, 0x9}, 0x3}, {{&(0x7f0000001e80)=@generic, 0x80, &(0x7f00000023c0)=[{&(0x7f0000001f00)=""/205, 0xcd}, {&(0x7f0000002000)=""/229, 0xe5}, {&(0x7f00000041c0)=""/4096, 0x1000}, {&(0x7f0000002100)=""/163, 0xa3}, {&(0x7f00000021c0)=""/64, 0x40}, {&(0x7f0000002200)=""/95, 0x5f}, {&(0x7f0000002280)=""/2, 0x2}, {&(0x7f00000022c0)=""/33, 0x21}, {&(0x7f0000002300)=""/175, 0xaf}, {&(0x7f00000051c0)=""/4096, 0x1000}], 0xa, &(0x7f0000002480)=""/236, 0xec, 0x40}, 0x7ff}, {{&(0x7f0000002580)=@pptp={0x0, 0x0, {0x0, @multicast2}}, 0x80, &(0x7f0000002600)=[{&(0x7f00000061c0)=""/4096, 0x1000}], 0x1, &(0x7f0000002640)=""/24, 0x18, 0x939a}, 0x9}], 0x6, 0x1, &(0x7f0000002800)={0x77359400}) r1 = socket$kcm(0x29, 0x5, 0x0) ioctl(r1, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") syz_open_dev$vcsn(&(0x7f0000001b40)='/dev/vcs#\x00', 0x0, 0x202000) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002840)=ANY=[@ANYBLOB="0291000002040000ce630000000100000b002da6bbd8c3021a4d5f91347bd02a59c13b0f49305333cba756f66ce6adb7dea5fdb462bcc8ae41a4ac5d33bb4c8aa173a6aec4c79c9ef549244624c16371fdabb081c83651aa3fb4ae7c560de9cdc3bc2cc84e904095d8b952df09cc059c8f0298902d3f64498c25d8e4440d4665ccb019d80b9d4588593f5a2cac081781f88ecad05af8dea0168ef910cd0769ca963941764e175c2a9d08fdcfef2384c1cded82cccdbc8593fa8186f1c678830d604928e1cff1ed6e2809bbf8a75ff10597ccada6240c916d83a5d45f76603deea146d1e599d55926"], 0x10}, 0x1}, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000002940)=@filter={'filter\x00', 0xe, 0x7, 0x8f0, [0x0, 0x200071c0, 0x20007470, 0x20007630], 0x0, &(0x7f0000000000), &(0x7f00000071c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x2, [{{{0x9, 0x1, 0x13, 'veth0_to_team\x00', 'bridge_slave_1\x00', 'veth0_to_team\x00', 'ipddp0\x00', @empty, [0xff, 0x0, 0xff, 0xff], @random="be96249b0f7b", [0x0, 0xff, 0x0, 0xff, 0x0, 0xff], 0x70, 0xe8, 0x138}, [@common=@nflog={'nflog\x00', 0x50, {{0x3, 0x3ff, 0x8, 0x0, 0x0, "ec41b91e1caa5eaed52829d5a0bd74a0c973086442729087cc57fe08486ecfaa032bb0253307478095c96a068b97a4aa211d57d857a698f57e530afa87cb274b"}}}]}, @common=@LED={'LED\x00', 0x28, {{'syz0\x00', 0x1, 0x3ff, 0x8}}}}, {{{0x3, 0x60, 0x6002, 'sit0\x00', 'irlan0\x00', 'ifb0\x00', 'syzkaller1\x00', @random="93bef6e65b24", [0x0, 0xff, 0x0, 0x0, 0x0, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0x0, 0xff, 0x0, 0xff, 0xff, 0xff], 0xd0, 0x118, 0x148, [@arp={'arp\x00', 0x38, {{0x1b, 0x8137, 0x9, @dev={0xac, 0x14, 0x14, 0xa}, 0xff, @loopback=0x7f000001, 0x0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0x0, 0xff, 0x0, 0x0, 0xff], @random="f98afebdd924", [0xff, 0xff, 0xff, 0x0, 0x0, 0xff], 0x8, 0x2ff1030d557c170a}}}]}, [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00', 0x80, 0xffffffffffff5fe8}}}]}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffe}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffc, 0x2, [{{{0x3, 0x5a, 0x8f17, 'bpq0\x00', 'ip6tnl0\x00', '\x00', 'team0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, [0xff, 0xff, 0x0, 0xff], @random="f92d6469a67a", [0x0, 0x0, 0xff, 0x0, 0x0, 0xff], 0x70, 0x70, 0xc0}}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x5, 'syz0\x00'}}}}, {{{0x13, 0x21, 0xe037, 'yam0\x00', 'bridge0\x00', 'gretap0\x00', 'teql0\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x18}, [0x0, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x70, 0xa0, 0xd0}, [@common=@STANDARD={'\x00', 0x8}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x1}}}}]}, {0x0, '\x00', 0x4, 0xffffffffffffffff, 0x1, [{{{0x3, 0x40, 0x8974, 'teql0\x00', 'ip6gretap0\x00', 'ip6tnl0\x00', 'veth0\x00', @empty, [0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0x0, 0xff, 0x0, 0xff, 0xff, 0xff], 0xb0, 0x130, 0x180, [@mark_m={'mark_m\x00', 0x18, {{0x1, 0x4, 0x3, 0x1}}}]}, [@common=@log={'log\x00', 0x28, {{0x0, "dda99dd88586fd521e36174aea472bb2a6c56733124a6162fad3559b9114", 0x1}}}, @common=@redirect={'redirect\x00', 0x8}]}, @common=@LED={'LED\x00', 0x28, {{'syz0\x00', 0x0, 0x1000, 0x8}}}}]}, {0x0, '\x00', 0x5, 0xfffffffffffffffc, 0x2, [{{{0x7, 0x1b, 0x9, 'vlan0\x00', 'team0\x00', 'bcsh0\x00', 'dummy0\x00', @random="8dc7ee3ee29a", [0x0, 0xff, 0x0, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0x0, 0xff, 0xff, 0x0, 0xff], 0x100, 0x100, 0x150, [@ipvs={'ipvs\x00', 0x28, {{@ipv6, [0xffffffff, 0xff000000, 0x0, 0xffffffff], 0x4e22, 0xb7, 0x2, 0x4e23, 0xa, 0x10}}}, @mark_m={'mark_m\x00', 0x18, {{0x400, 0x80000000, 0x1, 0x3}}}]}}, @common=@LED={'LED\x00', 0x28, {{'syz0\x00', 0x1, 0x0, 0x4}}}}, {{{0x9, 0x9, 0x60, 'syz_tun\x00', 'bond_slave_1\x00', 'vlan0\x00', 'lo\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, [0xff, 0xff, 0xff, 0x0, 0x0, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0x0, 0x0, 0xff, 0xff, 0xff], 0x70, 0x108, 0x150}, [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00', 0x80000001, 0x8000, 0x6}}}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x8f9, 'syz0\x00'}}}]}, @common=@ERROR={'ERROR\x00', 0x20, {"db250cfb9e16f45d6487190fd841dc517d79d46e14eaff5a2d38e0277331"}}}]}]}, 0x968) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 234.656358] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000012 23:39:21 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x80000000}, 0x830f) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) ioperm(0x1, 0x4, 0x1ff) 23:39:21 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x400000000001b, 0x2000801, 0x7d927f42) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:21 executing program 5: pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x20) fstatfs(r0, &(0x7f0000000080)=""/109) 23:39:21 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x0, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:21 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) syz_open_dev$adsp(&(0x7f0000000800)='/dev/adsp#\x00', 0xffffffffffffffc1, 0x8000) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:21 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000000)={'icmp6\x00'}, &(0x7f0000000040)=0x1e) 23:39:22 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)=0x1, 0x4) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:22 executing program 4: socket(0x1e, 0x805, 0x0) r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) 23:39:22 executing program 2 (fault-call:5 fault-nth:19): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:22 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendmmsg(r1, &(0x7f0000000280)=[{{&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, 0x2, 0x4, 0x1}}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000080)="3fa6a5c7104ab1d39d7f258f441f244a163f2da26cb0352b4cbf3764c36122edc766fe0825892b8afbbdaef14beb06be25ca4911aa890af35c9a3c9692f5a25ef51bc58b731029d8a29c8932192e74005e7a8a3d5995ccdfbd3945ebaf8047e1da809247c805436a5e5a863fbca45441a2512ea645c3ec82fb40a36bc48ed250c026738046c883435e302a2c9cdf35d61353dddde9a661f5e4d37d5c173940c70e0e9195fe21e63a8d85c613437ee8e9f6c1942635b7601c82990c693b627a86352939ecb6b8cdd5b892b4dd438f80e04d951740eb22038f692612919d33c753bc88b42e", 0xe4}, {&(0x7f0000000180)="c134c5735208527afdb6340f90db272d717790f96aca662a9aaf173e8bad933e9ce4e49b31275582de3eebcc96d026082be7ecdc85d1501ec1abfd6b47665f1f497d1f28c4e36561768c8cff6832c0598a8c0c", 0x53}], 0x2, &(0x7f0000000240)=[{0x20, 0x110, 0xfffffffffffffe00, "be06c3501c80ff2ad3d5"}], 0x20, 0x800}, 0x1}], 0x1, 0x4000000) bind(r1, &(0x7f00000002c0)=@nfc={0x27, 0x0, 0x1}, 0x80) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000001600)={0x0, 0x7fffffff, 0x3, [0x2, 0x57b81b5f, 0x8f]}, &(0x7f0000001640)=0xe) fcntl$getownex(r1, 0x10, &(0x7f0000001840)={0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001880)={0x0, 0x0}, &(0x7f00000018c0)=0xc) ioctl$EVIOCGID(r0, 0x80084502, &(0x7f00000020c0)=""/176) lstat(&(0x7f0000001900)='./file0\x00', &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = fcntl$getown(r1, 0x9) r7 = getuid() fstat(r1, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000001a40)=0x0) lstat(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, 0x0}) sched_getparam(r9, &(0x7f0000001d40)) getresgid(&(0x7f0000001b40), &(0x7f0000001b80), &(0x7f0000001bc0)=0x0) r12 = fcntl$getown(r0, 0x9) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001c00)={0x0, 0x0}, &(0x7f0000001c40)=0xc) getresgid(&(0x7f0000001c80)=0x0, &(0x7f0000001cc0), &(0x7f0000001d00)) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000002080)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001d80)={{{@in=@loopback, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6}}, &(0x7f0000001e80)=0xe8) getgroups(0x8, &(0x7f0000001ec0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0]) sendmsg$unix(r1, &(0x7f0000002040)={&(0x7f00000016c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001800)=[{&(0x7f0000001740)="4194379176089b2c54284030d3e16c04fe74ffff1d74165c0682c714eaec5898afc981f864983ccef676ccd077f0fcbecf75e83942ed38718afeb698a767ff5931dc64659356da741017bbea23c736a98db6769604408656e03aa90e98f96e762d3eca0e24b116829c5f5de328fad98c4b5ec7206e9853d8674ee46a797a9080100c96bf7683c3afa58f162f5e4a5569c4e85b6d98fc79b05d3dafcbc149d8b1701771", 0xa3}], 0x1, &(0x7f0000001f00)=[@rights={0x20, 0x1, 0x1, [r1, r0, r1]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}, @cred={0x20, 0x1, 0x2, r9, r10, r11}, @cred={0x20, 0x1, 0x2, r12, r13, r14}, @rights={0x20, 0x1, 0x1, [r0, r1, r0, r0]}, @cred={0x20, 0x1, 0x2, r15, r16, r17}, @rights={0x30, 0x1, 0x1, [r1, r0, r0, r0, r1, r1, r1]}], 0x110, 0x4000}, 0x40090) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000001680)={r2, 0x1}, 0x8) fcntl$setpipe(r1, 0x407, 0x0) sendfile(r0, r1, 0x0, 0x100000001) readv(r1, &(0x7f0000001580)=[{&(0x7f0000000340)=""/169, 0xa9}, {&(0x7f0000000400)=""/175, 0xaf}, {&(0x7f00000004c0)=""/5, 0x5}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/125, 0x7d}], 0x5) 23:39:22 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f00000000c0)={0x0, 0x70, 0x800, 0x3ff, 0x3, 0xffffffff, 0x0, 0x4, 0x8040, 0x0, 0x7ff, 0x8, 0x1, 0x727f, 0x8, 0x200, 0x6, 0x3, 0x7, 0x80000001, 0x9, 0x1, 0x8b, 0x68f, 0x101, 0xffff, 0x1, 0x0, 0x3, 0x1, 0x800, 0x697f44bb, 0xc2f, 0x10001, 0x1, 0x3, 0x0, 0x7e4, 0x0, 0x4b83, 0x1, @perf_bp={&(0x7f0000000000), 0xc}, 0x400, 0xfffffffffffffff8, 0x0, 0x7, 0xa4, 0x0, 0x5f}) 23:39:22 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x0, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:22 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f0000000240)) r5 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:22 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x6) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 235.296796] FAULT_INJECTION: forcing a failure. [ 235.296796] name failslab, interval 1, probability 0, space 0, times 0 [ 235.308307] CPU: 1 PID: 14662 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 235.315535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.325023] Call Trace: [ 235.327676] dump_stack+0x185/0x1d0 [ 235.331364] should_fail+0x87b/0xab0 [ 235.335139] __should_failslab+0x278/0x2a0 [ 235.339459] should_failslab+0x29/0x70 [ 235.343409] __kmalloc_node_track_caller+0x24b/0x11b0 [ 235.348657] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 235.354098] ? alloc_skb_with_frags+0x1e6/0xb80 [ 235.358850] __alloc_skb+0x2cb/0x9e0 [ 235.362614] ? alloc_skb_with_frags+0x1e6/0xb80 [ 235.367341] alloc_skb_with_frags+0x1e6/0xb80 [ 235.371911] ? kmsan_set_origin_inline+0x6b/0x120 [ 235.376834] ? __msan_poison_alloca+0x15c/0x1d0 [ 235.381582] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 235.386419] ? packet_sendmsg+0x6594/0x8ad0 [ 235.390818] sock_alloc_send_pskb+0xb56/0x11a0 23:39:22 executing program 4: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x200, 0xab, 0x80000000, 0x6}, 0xffffffffffffff70) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x6, 0x2}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x75, 0x1, 0x7, 0x0, r1}, 0x10) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) sendmsg$rds(r0, &(0x7f00000004c0)={&(0x7f0000000100)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/69, 0x45}], 0x1, &(0x7f0000000380)=[@cswp={0x58, 0x114, 0x7, {{0x40, 0x8}, &(0x7f0000000200)=0x7ff, &(0x7f0000000240)=0xb5, 0x4, 0x4, 0x401, 0x2, 0x71, 0x7}}, @cswp={0x58, 0x114, 0x7, {{0xd1, 0x3f}, &(0x7f0000000280)=0x4, &(0x7f00000002c0)=0x7, 0x5, 0x9, 0xffffffffffffa29f, 0x10000, 0x9, 0x2}}, @mask_fadd={0x58, 0x114, 0x8, {{0xf1, 0x3}, &(0x7f0000000300)=0x9, &(0x7f0000000340)=0x4, 0x4, 0x9, 0x5, 0x11, 0x8, 0x9b6}}], 0x108, 0x4000000}, 0x0) [ 235.395606] ? kmsan_set_origin+0x9e/0x160 [ 235.399934] packet_sendmsg+0x6594/0x8ad0 [ 235.404138] ? __fsnotify_parent+0x132/0x560 [ 235.408616] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 235.414186] ? rw_copy_check_uvector+0x643/0x6c0 [ 235.418994] ? __msan_poison_alloca+0x15c/0x1d0 [ 235.423735] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 235.429249] ? import_iovec+0x3c7/0x600 [ 235.433286] ? copy_msghdr_from_user+0x72c/0x830 [ 235.438141] ? compat_packet_setsockopt+0x360/0x360 [ 235.443214] ___sys_sendmsg+0xec8/0x1320 [ 235.447367] ? kmsan_set_origin_inline+0x6b/0x120 [ 235.452641] ? __msan_poison_alloca+0x15c/0x1d0 [ 235.457397] ? _cond_resched+0x3c/0xd0 [ 235.461373] ? rcu_all_qs+0x32/0x1f0 [ 235.465171] ? _cond_resched+0x3c/0xd0 [ 235.469143] ? rcu_all_qs+0x32/0x1f0 [ 235.472922] ? __sys_sendmmsg+0x61d/0x850 [ 235.477146] __sys_sendmmsg+0x490/0x850 [ 235.481198] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 235.486202] ? syscall_return_slowpath+0xe9/0x710 [ 235.491141] __x64_sys_sendmmsg+0x11c/0x170 [ 235.495520] ? __sys_sendmmsg+0x850/0x850 [ 235.499719] do_syscall_64+0x15b/0x230 [ 235.503668] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 235.508903] RIP: 0033:0x455a09 [ 235.512123] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 235.519888] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 235.527197] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 235.534519] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 235.541838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 235.549157] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000013 23:39:22 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f00000002c0)) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000840)={0x0, 0x3, 0x8, 0x7ff, 0x9, 0x5, 0x5, 0x100, {0x0, @in={{0x2, 0x4e21, @rand_addr=0x80000001}}, 0x99a, 0x7f, 0x101000, 0x7, 0x401}}, &(0x7f00000000c0)=0xb0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000900)={r3, @in6={{0xa, 0x4e23, 0x7, @ipv4={[], [0xff, 0xff]}, 0x7}}, 0x1, 0x1}, &(0x7f00000009c0)=0x90) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) write$binfmt_script(r2, &(0x7f0000000700)={'#! ', './file0', [{0x20, 'nodev'}, {0x20, '$lo@-('}, {0x20, '$trusted'}, {0x20, 'systemuser,system'}, {0x20}, {0x20, 'user'}, {0x20}, {0x20}, {0x20, ']'}, {0x20, "707070307070703112"}], 0xa, "b0b05b9efb6d3ad0da56fdbcc210711cf80bf60c6240469fc301144f0410ca96386b77c6486b1b7ad2ffa25c2e2372a7ed17ef1ae3d4c61893a946fee8c9698446ba407f68d41639cbbb20e4f52b336ea460aed85d46627d6763505628bcad8de5006625f6cc1220adcda8c4cea81fe337db5892ceefb90a262a0125b3cb3b2c8cde22e2fd1d09e23e777fd5850c33f0cbd83add2803bae160150b69cd27ee645f2bdbf1bd30d4b0e424329b99274cb8a218c81fb402cd6728ad64b7"}, 0x103) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000040)=0x0) syz_open_procfs(r4, &(0x7f0000000080)='net/ip_tables_names\x00') socket$pppoe(0x18, 0x1, 0x0) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f00000003c0)={0x100000001, {{0x2, 0x4e23, @loopback=0x7f000001}}, 0x1, 0x5, [{{0x2, 0x4e21}}, {{0x2, 0x4e23, @loopback=0x7f000001}}, {{0x2, 0x4e20, @loopback=0x7f000001}}, {{0x2, 0x4e22, @broadcast=0xffffffff}}, {{0x2, 0x4e24, @loopback=0x7f000001}}]}, 0x310) 23:39:22 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) write$cgroup_subtree(r0, &(0x7f0000000180)={[{0x2d, 'pids', 0x20}, {0x2d, 'rdma', 0x20}, {0x2f, 'pids', 0x20}, {0x2f, 'pids', 0x20}]}, 0x18) r5 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:22 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x1) fcntl$setpipe(r0, 0x407, 0x0) 23:39:22 executing program 4: r0 = socket(0x3, 0x80000000807, 0x7) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000080)={0x9, 0x5, 0x100, 0x7cd, 0x9, 0x8, 0xfff, 0x401, 0x0, 0x400, 0x7fffffff, 0x5}) 23:39:22 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:22 executing program 6: socket$inet6_icmp(0xa, 0x2, 0x3a) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:22 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0x1c) r1 = socket(0x1e, 0x805, 0x0) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f0000000000)={0x18, 0x0, {0x0, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1e}}}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:22 executing program 2 (fault-call:5 fault-nth:20): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 235.781930] FAULT_INJECTION: forcing a failure. [ 235.781930] name failslab, interval 1, probability 0, space 0, times 0 [ 235.793365] CPU: 0 PID: 14681 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 235.800772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.810173] Call Trace: [ 235.812822] dump_stack+0x185/0x1d0 [ 235.816508] should_fail+0x87b/0xab0 [ 235.820283] __should_failslab+0x278/0x2a0 [ 235.824607] should_failslab+0x29/0x70 23:39:22 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000) 23:39:22 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) [ 235.828571] kmem_cache_alloc_node+0x157/0xc80 [ 235.833234] ? validate_xmit_skb+0xfea/0x1320 [ 235.837809] ? __alloc_skb+0x202/0x9e0 [ 235.841793] __alloc_skb+0x202/0x9e0 [ 235.845581] alloc_skb_with_frags+0x1e6/0xb80 [ 235.850152] ? kmsan_set_origin_inline+0x6b/0x120 [ 235.855068] ? __msan_poison_alloca+0x15c/0x1d0 [ 235.859820] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 235.864828] ? packet_sendmsg+0x6594/0x8ad0 [ 235.869232] sock_alloc_send_pskb+0xb56/0x11a0 [ 235.873908] ? kmsan_set_origin+0x9e/0x160 [ 235.878233] packet_sendmsg+0x6594/0x8ad0 [ 235.882440] ? __fsnotify_parent+0x132/0x560 [ 235.886942] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 235.892441] ? rw_copy_check_uvector+0x643/0x6c0 [ 235.897248] ? __msan_poison_alloca+0x15c/0x1d0 [ 235.901989] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 235.907494] ? import_iovec+0x3c7/0x600 [ 235.911546] ? copy_msghdr_from_user+0x72c/0x830 [ 235.916413] ? compat_packet_setsockopt+0x360/0x360 [ 235.921512] ___sys_sendmsg+0xec8/0x1320 [ 235.925624] ? kstrtoull+0x766/0x7e0 [ 235.929423] ? kmsan_set_origin_inline+0x6b/0x120 [ 235.934339] ? __msan_poison_alloca+0x15c/0x1d0 [ 235.939115] ? _cond_resched+0x3c/0xd0 [ 235.943088] ? rcu_all_qs+0x32/0x1f0 [ 235.946885] ? _cond_resched+0x3c/0xd0 [ 235.950853] ? rcu_all_qs+0x32/0x1f0 [ 235.954617] ? __sys_sendmmsg+0x61d/0x850 [ 235.958826] __sys_sendmmsg+0x490/0x850 [ 235.962867] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 235.967863] ? syscall_return_slowpath+0xe9/0x710 [ 235.972800] __x64_sys_sendmmsg+0x11c/0x170 [ 235.977180] ? __sys_sendmmsg+0x850/0x850 23:39:23 executing program 7: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x2000, 0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0xa246e507f44642a7, 0x1, &(0x7f0000000080)=""/173, &(0x7f0000000140)=""/49, &(0x7f0000000180)=""/60, 0x4000}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 235.981383] do_syscall_64+0x15b/0x230 [ 235.985343] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 235.990570] RIP: 0033:0x455a09 [ 235.993899] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 236.001659] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 236.008976] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 236.016288] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 236.023599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 236.030914] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000014 23:39:23 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0xfffffec8, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:23 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:23 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) write$rdma_cm(r4, &(0x7f0000000b40)=ANY=[], 0x0) r5 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:23 executing program 5: r0 = socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e20, @rand_addr=0x6}}, 0x7, 0x7, 0x0, 0x9, 0x5}, &(0x7f00000000c0)=0x98) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000280)={r1, 0x1}, 0x8) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000100)={r1, 0x8, 0x2, 0xb50}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000180)={r1, 0x3, 0x7fff, 0xee, 0x6, 0xa4, 0x7fffffff, 0x10000, {r2, @in={{0x2, 0x4e21, @loopback=0x7f000001}}, 0xe793, 0x0, 0x401, 0x6, 0x49de}}, &(0x7f0000000240)=0xb0) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000140)=0x80000001, 0x4) fcntl$setpipe(r3, 0x407, 0x0) 23:39:23 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000000)='team_slave_0\x00') 23:39:23 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) fcntl$setlease(r0, 0x400, 0x1) 23:39:23 executing program 2 (fault-call:5 fault-nth:21): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:23 executing program 7: r0 = socket(0x1e, 0x805, 0x0) accept4$packet(r0, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000001540)=0x14, 0x800) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000001580)={r1, @loopback=0x7f000001, @loopback=0x7f000001}, 0xc) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 236.397730] FAULT_INJECTION: forcing a failure. [ 236.397730] name failslab, interval 1, probability 0, space 0, times 0 [ 236.409232] CPU: 1 PID: 14739 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 236.416461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.425860] Call Trace: [ 236.428509] dump_stack+0x185/0x1d0 [ 236.432228] should_fail+0x87b/0xab0 [ 236.436008] __should_failslab+0x278/0x2a0 [ 236.440327] should_failslab+0x29/0x70 [ 236.444282] __kmalloc_node_track_caller+0x24b/0x11b0 [ 236.449537] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 236.454987] ? alloc_skb_with_frags+0x1e6/0xb80 [ 236.459751] __alloc_skb+0x2cb/0x9e0 [ 236.463594] ? alloc_skb_with_frags+0x1e6/0xb80 [ 236.468332] alloc_skb_with_frags+0x1e6/0xb80 [ 236.472898] ? kmsan_set_origin_inline+0x6b/0x120 [ 236.477799] ? __msan_poison_alloca+0x15c/0x1d0 [ 236.482562] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 236.487404] ? packet_sendmsg+0x6594/0x8ad0 [ 236.491825] sock_alloc_send_pskb+0xb56/0x11a0 [ 236.496603] ? kmsan_set_origin+0x9e/0x160 [ 236.500921] packet_sendmsg+0x6594/0x8ad0 [ 236.505162] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 236.510698] ? rw_copy_check_uvector+0x643/0x6c0 [ 236.515505] ? __msan_poison_alloca+0x15c/0x1d0 [ 236.520257] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 236.525787] ? import_iovec+0x3c7/0x600 [ 236.529890] ? copy_msghdr_from_user+0x72c/0x830 [ 236.534721] ? compat_packet_setsockopt+0x360/0x360 [ 236.539794] ___sys_sendmsg+0xec8/0x1320 [ 236.543951] ? kmsan_set_origin_inline+0x6b/0x120 [ 236.548866] ? __msan_poison_alloca+0x15c/0x1d0 [ 236.553644] ? _cond_resched+0x3c/0xd0 [ 236.557616] ? rcu_all_qs+0x32/0x1f0 [ 236.561404] ? _cond_resched+0x3c/0xd0 [ 236.565386] ? rcu_all_qs+0x32/0x1f0 [ 236.569166] ? __sys_sendmmsg+0x61d/0x850 [ 236.573394] __sys_sendmmsg+0x490/0x850 [ 236.577458] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 236.582457] ? syscall_return_slowpath+0xe9/0x710 [ 236.587390] __x64_sys_sendmmsg+0x11c/0x170 [ 236.591764] ? __sys_sendmmsg+0x850/0x850 [ 236.595962] do_syscall_64+0x15b/0x230 [ 236.599911] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 236.605126] RIP: 0033:0x455a09 [ 236.608320] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 236.616064] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 236.623389] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 236.630685] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 236.637981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 236.645260] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000015 23:39:23 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) r1 = add_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="426d75c96a49f9a7c0d95c0b0dff3c260828e54b05f718ca217e6b7304870559591cff1e7d0ead4edd9469a8bf56bcd4105972947bc8605fbc8d76ec8222dbe01ab19cbb59969373b9594bda81a89d2884d44ddc31740fa41a0948779b441b500b82cca7696ec37ef2b068be459d4596aa502d8d832575fb9088b899aa49238cc8c00b6e9d53b3b8b3d35b056e6701bda56fae24ad33e7284cbc3e50882f1a54e6", 0xa1, 0xffffffffffffffff) keyctl$update(0x2, r1, 0x0, 0x0) ioctl$DRM_IOCTL_INFO_BUFS(r0, 0xc0106418, &(0x7f0000000040)={0x1000, 0x1, 0x3, 0x10000, 0x11, 0x8001}) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="04feffff010000db1da846cd17fcb6000000ff000000000000000000000000000000000000000000"], 0x382) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x4e23, 0x101, @remote={0xfe, 0x80, [], 0xbb}, 0x32fc}, {0xa, 0x4e20, 0x8b9, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, 0x4, [0x58f, 0xffffffffffffff81, 0x7, 0x8, 0x7, 0x8, 0x4, 0x9]}, 0x1b) 23:39:23 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:23 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$rdma_cm(r0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0000deff000000000000", @ANYPTR=&(0x7f0000000ac0)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="0601f30000000000"], 0x20) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:23 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x7, 0x2) ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000080)=""/221) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:23 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) timerfd_create(0x7, 0x80800) 23:39:23 executing program 5: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) write$binfmt_misc(r0, &(0x7f0000000100)={'syz1', "78662a56b9cee03bc35ac5a28d97c35c0ffed3d96ce53090c3d6b90f1e98b2489b0b2ebe8d3d034822b75ccf1275836e160dfc970ed7bbe9cf35d1d43271aff9f39362920cb3a410b495a54815a2ac8b08d02ad7"}, 0x58) ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000040)) pipe2(&(0x7f0000000000), 0x84800) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0xe62000)=nil, 0xe62000, 0x1000004, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_tcp_buf(r2, 0x6, 0x6, &(0x7f0000000000)=""/213, &(0x7f0000000100)=0xd5) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x0, 0x6, 0xe24, 0x899d, 0x36, r1, 0x5}, 0x2c) r3 = semget$private(0x0, 0x4, 0x22) semctl$SETVAL(r3, 0x1, 0x10, &(0x7f00000000c0)=0x4) 23:39:23 executing program 2 (fault-call:5 fault-nth:22): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:23 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0xfe1e, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}, 0xfffffffffffffffc}], 0x0, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 236.811707] FAULT_INJECTION: forcing a failure. [ 236.811707] name failslab, interval 1, probability 0, space 0, times 0 [ 236.823271] CPU: 0 PID: 14773 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 236.830524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.840092] Call Trace: [ 236.842737] dump_stack+0x185/0x1d0 [ 236.846420] should_fail+0x87b/0xab0 [ 236.850224] __should_failslab+0x278/0x2a0 [ 236.854553] should_failslab+0x29/0x70 [ 236.858588] kmem_cache_alloc_node+0x157/0xc80 [ 236.863263] ? validate_xmit_skb+0xfea/0x1320 [ 236.867842] ? __alloc_skb+0x202/0x9e0 [ 236.871833] __alloc_skb+0x202/0x9e0 [ 236.875611] alloc_skb_with_frags+0x1e6/0xb80 [ 236.880182] ? kmsan_set_origin_inline+0x6b/0x120 [ 236.885118] ? __msan_poison_alloca+0x15c/0x1d0 [ 236.889881] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 236.894727] ? packet_sendmsg+0x6594/0x8ad0 [ 236.899133] sock_alloc_send_pskb+0xb56/0x11a0 [ 236.903811] ? kmsan_set_origin+0x9e/0x160 [ 236.908145] packet_sendmsg+0x6594/0x8ad0 [ 236.912383] ? __fsnotify_parent+0x132/0x560 [ 236.916876] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 236.922402] ? rw_copy_check_uvector+0x643/0x6c0 [ 236.927221] ? __msan_poison_alloca+0x15c/0x1d0 [ 236.931989] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 236.937522] ? import_iovec+0x3c7/0x600 [ 236.941577] ? copy_msghdr_from_user+0x72c/0x830 [ 236.946446] ? compat_packet_setsockopt+0x360/0x360 [ 236.951534] ___sys_sendmsg+0xec8/0x1320 [ 236.955661] ? kstrtoull+0x766/0x7e0 23:39:23 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x48a00, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:23 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:23 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x20000, 0x0) ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000080)) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:23 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:23 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000080)={0x0, 0xb2c}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={r1, 0x3000000000000}, 0x8) r2 = socket(0x1e, 0x805, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) io_setup(0x4eca000000000000, &(0x7f0000000000)) [ 236.959464] ? kmsan_set_origin_inline+0x6b/0x120 [ 236.964388] ? __msan_poison_alloca+0x15c/0x1d0 [ 236.969143] ? _cond_resched+0x3c/0xd0 [ 236.973122] ? rcu_all_qs+0x32/0x1f0 [ 236.976922] ? _cond_resched+0x3c/0xd0 [ 236.980890] ? rcu_all_qs+0x32/0x1f0 [ 236.984666] ? __sys_sendmmsg+0x61d/0x850 [ 236.988890] __sys_sendmmsg+0x490/0x850 [ 236.992947] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 236.997946] ? syscall_return_slowpath+0xe9/0x710 [ 237.002885] __x64_sys_sendmmsg+0x11c/0x170 [ 237.007271] ? __sys_sendmmsg+0x850/0x850 [ 237.011474] do_syscall_64+0x15b/0x230 [ 237.015420] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 237.020648] RIP: 0033:0x455a09 [ 237.023873] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 237.031639] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 237.038963] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 237.046278] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 237.053598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:24 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) fcntl$setpipe(r0, 0x407, 0x0) 23:39:24 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = shmget(0x2, 0x4000, 0x600, &(0x7f0000ff9000/0x4000)=nil) shmctl$SHM_LOCK(r1, 0xb) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x200, 0x0) getsockopt$ax25_int(r2, 0x101, 0xf, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) r4 = fcntl$getown(r3, 0x9) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000400)={{0x4, 0x1, 0x3ff, 0x2, '\x00', 0x800}, 0x1, 0x1, 0x4, r4, 0x1, 0x7, 'syz0\x00', &(0x7f00000003c0)=['/dev/cuse\x00'], 0xa, [], [0x9, 0x2, 0xd7, 0x3]}) ioctl(r0, 0x4, &(0x7f00000002c0)="206711e2b08a7f2d032c670d77342cf943ca8488fdd36e8320e509e9af26b96b8e8b0046362a0a4e00f30c55ee5f90974a68d13ca98ee3b58eb8dff09e98912bbc3be0c6ed906b2da4cbd7e0b35952697dc60ea030372d9caea77765785d1ba985662f676b02c7c1c4b72c2762ffce0cb20e95ed4dab85af6dcb6d5f079cf855fa599ffbc681c34d78b886632c1eb32d181b006da3d0ff274727ca1e419062d85e2256ebb54655a37735aad37113b154a56cb489d40b7b1e1fde7ca52053a517183cd393b9de9b94622eeeaaa3fe7851c785f434b1b38155fbcb1f9e379ee5c40ad41bdacb") recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:24 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x10000000002002, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 237.060920] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000016 23:39:24 executing program 4: r0 = accept4(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x80000) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000080)={{0x1ff}, 0x8}, 0x10) r1 = socket(0x1e, 0x805, 0x0) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:24 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x40, 0x0) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:24 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0xffffffff, 0x9, 0x8e, 0x2, 0x5, 0x8b, 0x8}, 0x1c) ptrace$getsig(0x4202, r1, 0x9, &(0x7f0000000040)) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="28020000060000000000000000000000000000000000000000000000000000000000000000000000"], 0x28) 23:39:24 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, @fuse_bmap_out={0x200}}, 0x18) 23:39:24 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x78480) fcntl$getflags(r0, 0x401) 23:39:24 executing program 0: r0 = socket$kcm(0x29, 0xfffffffffffffffe, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:24 executing program 7: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x3, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x180, 0x0) renameat2(r0, &(0x7f0000000180)='./file0/file0\x00', r1, &(0x7f0000000200)='./file0\x00', 0x7) r2 = socket(0x1a, 0x805, 0x2) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r3 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x84000) preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/153, 0x99}], 0x1, 0x0) ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f00000000c0)={&(0x7f0000ff9000/0x2000)=nil, 0x2000}) ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000380)) setsockopt$IP_VS_SO_SET_DEL(r2, 0x0, 0x484, &(0x7f0000000000)={0x62, @multicast1=0xe0000001, 0x4e22, 0x1, 'fo\x00', 0x1, 0x800000, 0x30}, 0x2c) inotify_add_watch(r3, &(0x7f0000000100)='./file0\x00', 0x80000000) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:24 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x3, 0x1, 0x3ff, 0x0, 0x8000}, 0xc) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:24 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x804, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfffffffffffffe52) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000300)=@req3={0x2, 0x100000000, 0x0, 0x0, 0x2, 0x6, 0x4}, 0xffffffffffffff8f) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='rdma.current\x00', 0x0, 0x0) ioctl$KDGKBTYPE(r2, 0x4b33, &(0x7f0000000080)) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000000c0)=0x0) r4 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$read(0xb, r4, &(0x7f00000001c0)=""/241, 0xf1) ptrace$peekuser(0x3, r3, 0x103) 23:39:24 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2800000006d0410000000000000000000000000000000000000000000000000000000000000000004fdf6d4122291468afd2a98fb397b6ae5ee0025a2d191b5ad4ec116ee1028a694f9420cdbc2a1ea0223737398dbd810e92836029d48779249249"], 0x28) getsockname$ipx(r0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 23:39:24 executing program 2 (fault-call:5 fault-nth:23): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:24 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) [ 237.580430] FAULT_INJECTION: forcing a failure. [ 237.580430] name failslab, interval 1, probability 0, space 0, times 0 [ 237.591847] CPU: 0 PID: 14825 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 237.599162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.608559] Call Trace: [ 237.611208] dump_stack+0x185/0x1d0 [ 237.614891] should_fail+0x87b/0xab0 [ 237.618665] __should_failslab+0x278/0x2a0 [ 237.623001] should_failslab+0x29/0x70 23:39:24 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) r1 = add_key(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="426d75c96a49f9a7c0d95c0b0dff3c260828e54b05f718ca217e6b7304870559591cff1e7d0ead4edd9469a8bf56bcd4105972947bc8605fbc8d76ec8222dbe01ab19cbb59969373b9594bda81a89d2884d44ddc31740fa41a0948779b441b500b82cca7696ec37ef2b068be459d4596aa502d8d832575fb9088b899aa49238cc8c00b6e9d53b3b8b3d35b056e6701bda56fae24ad33e7284cbc3e50882f1a54e6", 0xa1, 0xffffffffffffffff) keyctl$update(0x2, r1, 0x0, 0x0) ioctl$DRM_IOCTL_INFO_BUFS(r0, 0xc0106418, &(0x7f0000000040)={0x1000, 0x1, 0x3, 0x10000, 0x11, 0x8001}) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="04feffff010000db1da846cd17fcb6000000ff000000000000000000000000000000000000000000"], 0x382) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x4e23, 0x101, @remote={0xfe, 0x80, [], 0xbb}, 0x32fc}, {0xa, 0x4e20, 0x8b9, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, 0x4, [0x58f, 0xffffffffffffff81, 0x7, 0x8, 0x7, 0x8, 0x4, 0x9]}, 0x1b) [ 237.626961] __kmalloc_node_track_caller+0x24b/0x11b0 [ 237.632202] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 237.637635] ? alloc_skb_with_frags+0x1e6/0xb80 [ 237.642401] __alloc_skb+0x2cb/0x9e0 [ 237.646167] ? alloc_skb_with_frags+0x1e6/0xb80 [ 237.650898] alloc_skb_with_frags+0x1e6/0xb80 [ 237.655465] ? kmsan_set_origin_inline+0x6b/0x120 [ 237.660397] ? __msan_poison_alloca+0x15c/0x1d0 [ 237.665230] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 237.670080] ? packet_sendmsg+0x6594/0x8ad0 [ 237.674507] sock_alloc_send_pskb+0xb56/0x11a0 23:39:24 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 237.679215] ? kmsan_set_origin+0x9e/0x160 [ 237.683552] packet_sendmsg+0x6594/0x8ad0 [ 237.687766] ? __fsnotify_parent+0x132/0x560 [ 237.692257] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 237.697767] ? rw_copy_check_uvector+0x643/0x6c0 [ 237.702585] ? __msan_poison_alloca+0x15c/0x1d0 [ 237.707353] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 237.712884] ? import_iovec+0x3c7/0x600 [ 237.717200] ? copy_msghdr_from_user+0x72c/0x830 [ 237.722064] ? compat_packet_setsockopt+0x360/0x360 [ 237.727146] ___sys_sendmsg+0xec8/0x1320 23:39:24 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x10001, 0xfffffffffffff8df, 0x8, 0x1, 0x81, 0x40, 0x100000001}, 0x144) socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0xff, 0xfffffffffffffffd, 0x2, 0x1}, 0x10) 23:39:24 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) r1 = getpid() setpriority(0x0, r1, 0x6) [ 237.731278] ? kstrtoull+0x766/0x7e0 [ 237.735080] ? kmsan_set_origin_inline+0x6b/0x120 [ 237.740004] ? __msan_poison_alloca+0x15c/0x1d0 [ 237.744769] ? _cond_resched+0x3c/0xd0 [ 237.748755] ? rcu_all_qs+0x32/0x1f0 [ 237.752561] ? _cond_resched+0x3c/0xd0 [ 237.756544] ? rcu_all_qs+0x32/0x1f0 [ 237.760339] ? __sys_sendmmsg+0x61d/0x850 [ 237.764564] __sys_sendmmsg+0x490/0x850 [ 237.768624] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 237.773635] ? syscall_return_slowpath+0xe9/0x710 [ 237.778582] __x64_sys_sendmmsg+0x11c/0x170 [ 237.782963] ? __sys_sendmmsg+0x850/0x850 [ 237.787169] do_syscall_64+0x15b/0x230 [ 237.791129] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 237.796362] RIP: 0033:0x455a09 [ 237.799583] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 237.807357] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 237.814673] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 237.821991] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 237.829310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 237.836637] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000017 23:39:24 executing program 3: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x2, 0x78480) fcntl$getflags(r0, 0x401) 23:39:24 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000880)='/dev/zero\x00', 0xa000, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x2, 0x11, 0x1000000000000, 0x0, 0x48, 0x0, 0x70bd2c, 0x0, [@sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e20}, @in6={0xa, 0x4e20, 0xffffffffffff9745, @empty, 0x400}}, @sadb_x_sec_ctx={0x14, 0x18, 0x4, 0x5826, 0x92, "e8334f1888dd190bfc51b9f243b83087004738e7dfa157910a4e64b0eeb156a9b798e3e953c4b1aed341982d79265d54e3591c088bb48ca821c31d06de42e15137cb0b2bc1b06b8515b328991aa81d810cab261ccc2880d6bbae60e8891f27dfdc255012e7fc2d36d88a59734be11833d29eb351ba3b5376557b49dda6129893b0ca1225f1682d1eb5273ba7d7d3354cdee2"}, @sadb_ident={0x2, 0xb, 0x401, 0x0, 0x200}, @sadb_address={0x3, 0x17, 0x32, 0xa0, 0x0, @in={0x2, 0x4e22, @broadcast=0xffffffff}}, @sadb_x_sec_ctx={0x1a, 0x18, 0x6d37c7d5, 0x0, 0xc6, "5b6a682fa95a46b9f6ae5906cf37a62657f56b863dc2e6978974939df4c91dc95dcabf925136c57cac6ad9e41269389d9d6e9162c8de05c9bd115744a0225267b4612ab2876beefe4ce7ed27d71d71a4d0ee0cb56ff83df911403ba74e8ce8bf7fc4ae072eb7e04aa6fead3b064d79ce76603ec8d5ee715388487ab8f77576b141a6c0d532a77219f8d0d951bfeff2a9b5b81c8af992f44b68d386e1907ba3478339ff0dc6a3422b5af38ca913942af093f6d2c7a34d82bdfb4a33e3d1da5ebbcae25527a75f"}, @sadb_x_filter={0x5, 0x1a, @in=@local={0xac, 0x14, 0x14, 0xaa}, @in6, 0x14, 0x14}, @sadb_lifetime={0x4, 0x3, 0xffffffffeb97f67f, 0x2, 0x3, 0x90}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in6={0xa, 0x4e21, 0x1, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x3a692c73}, @in={0x2, 0x4e23, @broadcast=0xffffffff}}, @sadb_x_sec_ctx={0x1b, 0x18, 0x10000, 0x3, 0xce, "7f2898834bc26d9c01cd0417ff1ce8be324886c5210d31b5a3dbd0ef82855c589fac7f675675a819ed4368dd883d35fdcb7086a7d0f0daac585d88552c0c20fbab31b99ccb93a09571c479044c31e7b77d5d9508568531ea7e7ace265abc24d8b4eb58ddd4dc10d48ff4254a30503304cc2b0bb133aada3db863c2e07195a3faded5454069559d2df098f1aff606dd08c7ce42410e504de8d92be4acd8374aa46cf701d8b9a09c1b1a2033d32078b7310f0b7115ee08c2f4e3a3eaf1c1f93940373940f8708c0fb9fdc584732313"}, @sadb_x_policy={0x8, 0x12, 0x2, 0x0, 0x0, 0x6e6bbb, 0x7, {0x6, 0x32, 0x8, 0x600000000000, 0x0, 0x7, 0x0, @in6, @in=@remote={0xac, 0x14, 0x14, 0xbb}}}]}, 0x2e4}, 0x1}, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x6, 0x140) ioctl$DRM_IOCTL_MODESET_CTL(r3, 0x40086408, &(0x7f0000000080)={0x1, 0x7}) accept4$ipx(r3, &(0x7f00000000c0), &(0x7f00000002c0)=0x10, 0x80800) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000680)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r3, &(0x7f0000000840)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10804}, 0xc, &(0x7f0000000800)={&(0x7f00000006c0)=ANY=[@ANYBLOB="01004000", @ANYRES16=r4, @ANYBLOB="000128bd7000fcdbdf250600000008000400090000004400030014000600ff01000000000000000000000000000114000600ff010000000000000000000000000001080007004e2200000800010002000000080001000000000028000200080002004e240000080002004e2400001400010000000000000000000000ffffac1414aa44000100080004004e220000080004004e210000080002005e000000080006006e710000080009001d000000080002008400000008000b007369700008000500000000003c00030014000600fe80000000000000000000000000001f1400020073797a6b616c6c657231000000000000080001000300000008000100010000001800010008000800060000000c00070010000000200000000800050005000000"], 0x128}, 0x1, 0x0, 0x0, 0x1}, 0x4000004) ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f00000008c0)={0x2, 0xfff}) 23:39:24 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cuse\x00', 0x20003fff, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x2, 0x70bd25, 0x25dfdbff, {0x1}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x27}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000010}, 0x236fd5cda97c429a) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000011000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000004ff0)={&(0x7f0000001000)={0x14, 0x1a, 0x301, 0x0, 0x0, {0x1d}}, 0x14}, 0x1}, 0x0) ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x8) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="28000000060000000000000000000000000000000000000000000000000000000800000000000000"], 0x28) 23:39:25 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:25 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x494000, 0x0) syz_open_dev$urandom(&(0x7f0000000040)='/dev/urandom\x00', 0x0, 0x40400) fcntl$setpipe(r0, 0x407, 0x0) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000080)={0x9, 0x3}) 23:39:25 executing program 0: r0 = socket$kcm(0x29, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) fremovexattr(r0, &(0x7f0000000040)=@known='trusted.syz\x00') prctl$getreaper(0x0, &(0x7f0000000080)) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:25 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0x1011e) socket(0x1e, 0x808, 0x6) 23:39:25 executing program 4: r0 = socket(0x1e, 0x805, 0x0) getpeername(r0, &(0x7f0000000080)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast1}}}, &(0x7f0000000000)=0x80) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) 23:39:25 executing program 2 (fault-call:5 fault-nth:24): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:25 executing program 3: r0 = socket(0x1e, 0x805, 0x0) accept4$packet(r0, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000001540)=0x14, 0x800) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000001580)={r1, @loopback=0x7f000001, @loopback=0x7f000001}, 0xc) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:25 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000000)=0x6, 0x2) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 239.062980] FAULT_INJECTION: forcing a failure. [ 239.062980] name failslab, interval 1, probability 0, space 0, times 0 [ 239.074450] CPU: 1 PID: 14880 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 239.081682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.091081] Call Trace: [ 239.093737] dump_stack+0x185/0x1d0 [ 239.097424] should_fail+0x87b/0xab0 [ 239.101216] __should_failslab+0x278/0x2a0 [ 239.105528] should_failslab+0x29/0x70 23:39:26 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000440)={0x2}) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000480)={'ipddp0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) ioctl$TIOCLINUX2(r7, 0x541c, &(0x7f00000000c0)={0x2, 0x1, 0x6, 0x0, 0x4, 0x8}) 23:39:26 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2640, 0x0) [ 239.109499] kmem_cache_alloc_node+0x157/0xc80 [ 239.114159] ? validate_xmit_skb+0xfea/0x1320 [ 239.118747] ? __alloc_skb+0x202/0x9e0 [ 239.122724] __alloc_skb+0x202/0x9e0 [ 239.126495] alloc_skb_with_frags+0x1e6/0xb80 [ 239.131056] ? kmsan_set_origin_inline+0x6b/0x120 [ 239.135946] ? __msan_poison_alloca+0x15c/0x1d0 [ 239.140692] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 239.145525] ? packet_sendmsg+0x6594/0x8ad0 [ 239.149917] sock_alloc_send_pskb+0xb56/0x11a0 [ 239.154592] ? kmsan_set_origin+0x9e/0x160 [ 239.158939] packet_sendmsg+0x6594/0x8ad0 [ 239.163159] ? __fsnotify_parent+0x132/0x560 [ 239.167658] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 239.173170] ? rw_copy_check_uvector+0x643/0x6c0 [ 239.177984] ? __msan_poison_alloca+0x15c/0x1d0 [ 239.182740] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 239.188273] ? import_iovec+0x3c7/0x600 [ 239.192322] ? copy_msghdr_from_user+0x72c/0x830 [ 239.197164] ? compat_packet_setsockopt+0x360/0x360 [ 239.202244] ___sys_sendmsg+0xec8/0x1320 [ 239.206378] ? kstrtoull+0x766/0x7e0 [ 239.210189] ? kmsan_set_origin_inline+0x6b/0x120 [ 239.215109] ? __msan_poison_alloca+0x15c/0x1d0 [ 239.219877] ? _cond_resched+0x3c/0xd0 [ 239.223869] ? rcu_all_qs+0x32/0x1f0 [ 239.227662] ? _cond_resched+0x3c/0xd0 [ 239.231635] ? rcu_all_qs+0x32/0x1f0 [ 239.235403] ? __sys_sendmmsg+0x61d/0x850 [ 239.239620] __sys_sendmmsg+0x490/0x850 [ 239.243672] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 239.248760] ? syscall_return_slowpath+0xe9/0x710 [ 239.253693] __x64_sys_sendmmsg+0x11c/0x170 [ 239.258068] ? __sys_sendmmsg+0x850/0x850 23:39:26 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x400500, 0x0) write$fuse(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="280000003b000000000000000000000000000000000000000000b982b81b202bf80020000000000000"], 0x28) [ 239.262272] do_syscall_64+0x15b/0x230 [ 239.266221] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 239.271449] RIP: 0033:0x455a09 [ 239.274664] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 239.282428] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 239.289746] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 239.297063] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 239.304404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:26 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000000), 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f00000000c0)=@req={0x4, 0x7, 0x4, 0x100000000}, 0x10) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0x1c) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000080)) 23:39:26 executing program 7: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x3ff, 0x0) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000080)=0x9, 0x4) r1 = socket(0x21, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) socket$inet_icmp_raw(0x2, 0x3, 0x1) memfd_create(&(0x7f00000000c0)='\x00', 0x2) r2 = socket(0x1e, 0x805, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000001c0)={{0xffffffffffffffff, 0x1, 0x5, 0x3}}) getsockopt$sock_buf(r0, 0x1, 0x1a, &(0x7f0000000100)=""/104, &(0x7f0000000180)=0x68) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 239.311720] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000018 23:39:26 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:26 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000440)={0x2}) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000480)={'ipddp0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) ioctl$TIOCLINUX2(r7, 0x541c, &(0x7f00000000c0)={0x2, 0x1, 0x6, 0x0, 0x4, 0x8}) 23:39:26 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x2) eventfd(0x7ff) fcntl$setpipe(r0, 0x407, 0x0) pselect6(0x40, &(0x7f0000000040)={0x4, 0x3, 0x4, 0x6, 0x7, 0x1, 0x9, 0x100000000}, &(0x7f0000000080)={0x1f055f82, 0xfffffffffffffff9, 0xffffffffffff9622, 0x4, 0x1, 0x4, 0x1, 0xffffffff80000000}, &(0x7f00000000c0)={0x100000000, 0xffffffffffff7fff, 0x7, 0x5, 0xffffffffffff7fff, 0x9, 0x3, 0x4}, &(0x7f0000000100)={0x77359400}, &(0x7f0000000180)={&(0x7f0000000140), 0x8}) 23:39:26 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x4, 0x40, 0x6, 0xffffffff, 0x8}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000001c0)={r1, 0x24, "028d4c2675e88d1a01dfe4b36ced6534a0b04cedfd8f8645b97690caa643e236ef2f4ed2"}, &(0x7f0000000200)=0x2c) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e0000000600c7283a32d765a435a3ffdd7115c9b3000000000000000000000000000000000000000000000000000000000000000000001b831cf444c54026af651c599abb42360d1e933f3967be12a282951f9ec46aef60dd217c11bfe8a1c6084add3486"], 0x22) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000240)={r2, 0x5b03}, &(0x7f0000000280)=0x8) 23:39:26 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000005640)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0) sendmsg$nfc_llcp(r2, &(0x7f0000006b00)={&(0x7f0000005680)={0x27, 0x0, 0x1, 0x6, 0x6, 0x4, "7ae76fbdc46cb10ff61140b018ca1827c389cb8f0f3656fdd2ef7bff2f77576308cd25ea1600feebc11d9f8b673d0e7d9d38e01a405277e38865e9683f8dae", 0x36}, 0x60, &(0x7f0000006980)=[{&(0x7f0000005700)="4f0aeda3969ea3f011afa87c653404bc765f53c58cdfa15689c06085ca92d556edb02ae0752d4049b9040bd632a77fd2a09d41972a49bfc6d7f7950808542856d5f8886efcd206ca9c6fb0f669d7fbda7061c448e67285777d91cd1d11b2907b77edd2f79b462688b5c86d7dab1df763999644a3aaaf1299ad7fc1b05fe38d3ef8508ff972a0a10410da9db9c7f1d47637a056db451adf92565108e003d87145ccf36c2c6f7bc4", 0xa7}, {&(0x7f00000057c0)="9d0e05aeaf9fcc894d155b48f12af878aacebe32b983646c00f61fc67fd602935401dfe5670014bf4d1cf97fc93fe994b523890915c780bd44b614fafbb51c6149a040828ac613ce062d312afed827462da5bf2840ea7a8690eff680c48e8a484652c9041c7e2cd329044a0c4e6dad12669884550ecaa2daac3bac12fc4cc9f3462580736cbd5446e1987c5fef31d1fc051d7807e299c44c1c264d92a9cad020a12455a887df3804f8958b515054eea472e1f138d906015946d6d66d20a6362cbed321b7e089e2930ee6c817b95be31736f67b168c9539a4563db883ce5aa700b59efb8d809a35f56caf5c75f96ff5f9f7bfc328f0b11ce57f25499b5f3304e7ea6774138d039672d67569c1756291eb60a56b1e926c0032efcdf7adbfd6f5d5e916ec3caaed6a2dc7f58f3c17e9d9ca2bdb0b97d103f4af261d8aacbd653427dd4aecf655aa5a660ce05b1744f539d611077721d39f5640111770cb86fe886496a2282148c618eb820f970c63f10872b8031635b62c743e14da1c1424763036ddf6a8bbab0c9d9255ac6b246960549618303b8171587f72e56c00ba6d6dce0adc1f5dca7ec52229368565db41c1ecdb51d17b74a82e2e43f29b2b2af440669e4def47253d957d61ad0c62b60e7630f68c439db48d377692beef5bf6580214e8220c2923955e36d7e6ee68014394329e95bea64fb6d66f2d7edbac2e7cc30b65aaed299b23cb227eaac80bbb20d6b195b4077826a4097a8344ce10b0e8fe185a59de518815f50597769277a6bf588375979975d0cae8e5bbbcc06830de1cf9b368e4a2fc6c483a94060262a58b50bb8530bd4dc4689b764ed3394fd7dc2798d7e417b627c19f28a3556c6061f57e77323355d5e1a4ac3218e2a2d516e266855c7397e97e36caecc25b0e59e6530e0be55a67ffbd832cc9e2496aa767da86c19e3759b3c647852785a01796fe9295b3fcaf9c489eb4f94cb2182c052a69cb0a332e1bd597f2d40258483ca87a97a153cc36d14455f0df70299d5a1e5e02d869771b0db70971e27e572b3a4f4b272aff1a059a130bbd59ab52fd348012cb14b5d4c3eb662d2fefda68c3092cfc836a677e479c2502a12524685481352b6257026f68d5bf58b0869c896a0ce5c90bcb164e50d5f4dd1e4e9a5cd52e164601675939139327f66affde516a1935619fd415f0722c0d93ae882dbab94f9dc2d98f37a6eca4d1dac8fe0d4dc43cfac5396e13f97d4f354893c1d217714c1a1f38eb5460491f9280ce0fd9f90e72deedffbb30b1387f2fbb812a7a12e0e5ba174c8835e82f465e5567dd92d6c2a481ec5d135cd2a6ae7a87659ec6389d10e31dfd1af94a9fd7bd9064cde5cec2b038691c723ec23744508bc3671317326451ccf0c7d731c3df8cf0628d72c6d6087e88be576f82a8578e2962f15464c42bf5bcb8f534db39636592d1df83e1d8630fc1d3b8ef07a53e600e5c5e32cd04ee34203de908b46d8ec162981f87d275b63744a2924d8fb3068a4c9026185a79c6023dcc20b3385a79f88a3c5425814a3e3059db3305eff8b9e2deccda2d5c2d1648b225aa3abfde9bc7305ed106d882c50bbe988a25ebad64cb75e44382521bd4ece3c452c86cd7cfd84a3e995949aae9f3d978bc60ecfabeef5c68b3ca95ba77a2bc09f86e9996da7b9b03bbbe8115438a4667080d66a67d0bc6f0dd2c660f127b5d13f5eb40e95cd53c278d411ca5fd72d99b754d2da074b8623c97e5c77098c61acfa2cfb25a20c38656af2a6e258c4ba5dbfbad3199c29c101c2b6fbb307d70580e80f5a6db5c1dd6ae8977f47c5b2a88516cf2e37881011a8b1e929b0ddd8d798dddeb1d227bd652e35fb77a0aac69cbc291b63f86b2e4b2420848242c9315391d0c0a699c6a0ffb2f0e7e4495c8112a67cc3ab9d26e85b6e4e7a723b5cb50fc6d9108c9db5fe612cda742f0665913cb1c8d29815b049d6956833a5a59b8f16d159bf98ec16dbd7cfb80cdec5f009ef8aedaa11841cbacf799d9f62e78c02ff440d2f6737f22b55a5c470535aff0d942911fe9e1c5a36e2a24317577d0b30563d59eaefa0b7758d3c4fe2af0a20ad7b5cb26ee69901ea569fdf9a5b369bf1dabc4f0d6974c32f487721591f43a4f85c5d6005307318adc44b0d1c20a54dfa4982d10e4dc78f81804edaf01325fb269cd6c6a529c5556e3837475c214055f7828a24bb791ba351165e770ed544c4647a9eccca0236273079abaf676eadf5b795a9399c2791e13a24640b5cf1f2daa1bd4908c8fb2c02b9372ed8373436f8a85ca1f9ba7741c3800579667c87f86c58d24b45d98ad083b6d4370007446df9a7a50b5254296101d673588dd55af1191fd94ff632aac944bba4ea214db46b2623e6b186213fb923a56e84bbe5a416ca81a0b2846c1ee2d6200813489a3324cf7a2feedcbdfc77c8dd4ccfb2b09f83ddc719deefb8a5c5fd6ed3c16465045c58fed9c079492c5386969e30357424f9c5c99966725ddd0563c8e5d3a3dab4b6bdd0c8fbe449ae9e2ad26df006f52d74dde260ba03b778b5a83be09e11a151044db107cc258ab3cf92b920b11b69168127738149df078570573984efccd385dec1261164cbb7efb4426fa5e4ae4649b762b01545640cb5c3cbb23bf71b070009d9d03295486336b0ede0142fc6477ef9e9912d736117f1ff51e528c752803d65d133e1b02a07bbb29de8e51a2287b7ff249663ce16b65c848f4d0a93ed102814226cb1aa009ccc716a447e95c2158710ec48ca537531be66a18f03ad0f3e1100cbda4879c30109d4d1474ce28767a0a8c5fc2be8b164d3bcb1af72a4f358663b02e498739e7894cc91d52e8bde333af4663889b77a8add491e46002bcfa85ba10cc51da685e995cf30b96eaa440725a3b441f9daea826608d50d74a1076e6238a5242fcaa4e368203b25783070c0bb81b1c90dca3b1c13c5b9e959005b669fb283022fd057388c589fafa0a638dc173ad72d837179fc3af85206aab2f0ceeb97b1ac32f653b1d445455bf116e73e2d0b2066b7094a72388c1f26176b7be797d4e17c1b523eda23a55078339fc627d4f1da4bd2be7a2c3de2e3078494818125adb6ca3fad6a4e583dceb3a105f0ef0302c5dfa5ba72fbc8cf2aa16346ccf64c8fc948eab41dfc7381e6a7086a1987268d59ae259e534de18d8bb57e5cf9dbc5aa506b078e4cdac5d5832507f08a4e497f4adc249ea63931d97846bf5fd992ae51284cea1fe8aa43f0ee7cdabc1173bf2632ad77a212a4cc6bef48ccb744873bf51dd420c688e6fa2ed611cd3751a6e23fffcf030f735ab9658f0ee6eca5852d04808b897703576faa5c48298e748060658c2c78a22e244de02175735470fd92c50b902967cb189a55dacff6b1a82e43c97a126646bdcc677c8135ea12c848426abc3832dc83fe31cb354fd732c49278cf4872c5fa69c44a8aded55800635c06a617ebb0ae6659e0804288ec22dadb38986dcc0f93ba201223f00aaacc1d00e8dcd2f874fe2da9bca6af4ec1399e4bf03610e6bc4bdc1febd5670f6e5afa46fcf7c14b5e4f960f008f6670df90d4a1cafa30c4391e44996f55229dc8f510b2627bec0c86352b62baac2df6dc716560a39aa9e2a05f419700e58fe219d9ea32748b007b174aa31c799da33c2b541ee53ff1e149cce22b5c93bbde58c6c08fb7d1f5248832918818175b3abd9ab51fd089934d0a430401d0908df05c73f926d0216d2a99c2fe8bb3e37e99901fc75ba6a14706f56b13fa21216f634f610e200a56f8fda9dd0b3a15ec9291f9766ae373c9f423c9f26de8a7c3ebb49e5022a96454fbc178431d22e61cea2a8f8b90ec7a86ddd39b5d3a9a91524286fd3becf1c662fa44a0b263458e65577fe11191fa3a0c094389f1bf605625dbdcc6aa4d212610d1a23c48eb260fb54c4daaaf3482df38c74393f9d87bd3e1e386fb0551120a5f71b47061936c9cd72e18c3a3b9d423b5284b91c6f930f421e54d914da977b1e06cd384a6ce4bb518f79c885c336110bfde2926097a88949a05531189153fe49f806ce8c809bcf13226d0d649511ed9372cc14916e8dac9e19f91ea1d6447ce31a1d0271a2bae55d18f0acb18956ce606640aa23be5a3581fd2b76647545e979bbf2b37cbf3fae45ff7813086c2a5124a56c7f0b94065e37b7b9188d61bf000784a7fbd4105c558421033de1cd4a309c9d1183a2a613160d64e5fadd40c9e7f4f926dfd03185334f72d028daee40b359fed0caae7702fbd0ae69d5a03d9da4ca4c831866685bd92216b1ba3f97eef99f569546836b2af708a9421a5bb0290997550b3043260225c54247c731de02c5a92bd4dc4041bb37eb0c728c39fb0babcf09820c08fe492ed9ad1241ecadbf567e801538fd072de378a8ff70ae3467a6e1871198765af799914008622b26dc6fadec04496070ca31c5654b499cb6a0371451329478e424b85661f867e6b82c4fb58db9470865bb2bf4b516114a502c7e16106df21eceef22ce5c31ee2ba66498e898d08f819f7508e902e4047f1168a87077eeefa8231587d3eb6392c4df5fc7993b544b2b142d665e6327ca7c743a4d476f47aeb38b62524ef7fee7f753fa33fc64697d910fd4974a45a7c738bcefe623e8d96e9b611861c4facd003c4e75d9430c88233e45f2d818dd5f97bd6a2e33485c6e197855998cc5ab513ad46978d177758fc003edd0184aeeb11b8600fb69f54d75e002759aa28d620b84a5599fac6b64422128ff04ab8b977a7de6bec0206499a3d9c7af6728383d82aa64f7615b3355c15135fd1836b7caafb9b73d478167c9340b62973a97a4a6f2868539f8dc8a990b4e030bf367d6ab3a0d427e334a5582c603b3ed210dba6d7e9bd48061387bf8a2ce89c75839c3248d4a807fa4ae91ee675d0f1d6f882a5710499a91fefc1b3d8c805e36cfb4a1cd090469095b43e2b73ec5eee6f98b7e4e10d853d3429bb388196b6c0ec0e34f796d625d3c3c74efee18e53cd0be1996c258af34630e138b8f67e403a1c050187e135b62fb4f7c5eeb085c339b9b77f91b1b4164079acad159df10c08b6ca7f1aaa52e7a9d516ccb9e5560f288211f8a1a168c09c6b45467c518245705716b50f738abc242fd69f9ef7ca88a84d827c23d51ba15d4b75f77f9df2644f2a670d17a57dd5a8d00f9b03e8505773823dd79ff91e097ba03f1ad3ca6744c1ecf26a316322b8190e5c8e50ca5144d4d39cd14e9ed26ba01d5b1cb6bbbc30be0d19ab5bade2ccf3c2743bf8d9119298160e979cb86b8705cef529a9638c8ced94e34ee76a0adff3ac9134d4ed1046482ee26169935f0bc965810d19bff472baa12ed4194605a29805159ab217a373a5c308f4081689909c2d5240cbf7d9985b1d8a71c7bc7d8c19c0b7e8b797f10081929943b7c11d73ac2c3e9b8b23733716101f9da21e597b59f55e2391807939b22ddba9eef929d8175d04dd1341be670c61f6b6532e24e49f8acd73c4034b386706735651ef874fa371c41768113bbee7d5cf10421d40e24430800bbe513577cde7e6c1c22b52b47d35f776e40ff89f347506dcc2b1b18e19223f83f231ca9eae7c05d88ae9bd884203d512c272ece1352f8c4658e66d3e57b22394a6e448273730909d73864422331975a9881dec61741b818b329843df5b8de561bcea19a5f0871f3dbe0fc26e7f81653ad599dd50f58e9c5d150a7776ef0e1ad93989fb2354cb7cc5bbf3034db8ab8cc514ef004fe9295f3b3cdcbe818ad706713741c8db6f43a03fe2c", 0x1000}, {&(0x7f00000067c0)="69c09827bb17f9dd47d8ceca6145807be09606a5a0f778251a6bec7f47ebf9396bf83a096a538474a15b062d340b52efdabde9bf3cea1a58b62ee0b62ebee216b2570c3766a424375546c07fb3787a5a6f49b47a2c7ede465689f4560c1f623916", 0x61}, {&(0x7f0000006840)="da599bf6d3e3e9866f17c1512f", 0xd}, {&(0x7f0000006880)="3f2a15c4a0f1111467db88e2b824de95e78abe574773af5b521154c15a5d1a828a3640a9d0b852ec79ba01b6487ba89cda99332a9589741ae3db842f15bfd0242a48981e8656fe3a1f3217450a1cf7f8a98b93c243eeb92f2e140a0e0c7db7ccc0fc60526dea224826feaebf77627843a2ac194e5baa9307e76d8739ec007102ce7859e36719865e7c0fbf39863b4507000bfd4b3cea6705", 0x98}, {&(0x7f0000006940)="799fdac59c33d3e6758d1c5e5f35fee46496353d1138a6d7419f3fa4cf2c582d14a74522b9bc51e52b", 0x29}], 0x6, &(0x7f0000006a00)={0xf8, 0x0, 0x74f3ee7, "f67fb9839f0a8fd6fc32f597a3b3bdd697b1e5b52d507edafcfcc54fb51d32336d2d64b250a85882cf77f2b718d86ca147f3612f91f6c1a3245ea95fd2a59ae5115e31aa10b8317fcd0d6b31021d8a6d23caf20acde41691b7304c35549437c300b85464be36afdd7edcd6c56cbfb19c967f46821268f386fffe395b5d922f9b998897a77a9e4ea8eb5d335debae1af1e8aeaf6b2ed57a8cb7c3a5e6919ef41dec248e21803d1b0d8b8d15925cdd9b7dec1b5ed1cf1d9d11bea5ec7c0f31085d66f938a97e5a3e762f3843777cf4235e1cda9fe69cf2d8f9040975c6c1bdb3868040"}, 0xf8, 0x20008000}, 0x50) setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000000040)={0x0, 'sit0\x00', 0x2}, 0x18) fcntl$addseals(r0, 0x409, 0x2) 23:39:26 executing program 4: r0 = socket(0x1e, 0x805, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000016c0)=0x1, 0x4) r1 = socket(0x1e, 0x805, 0x0) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000080)={0x5, 0x1}, 0x2) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000001700)=ANY=[@ANYRES32=0x0, @ANYBLOB="420000fc032625bef04f20391cfc11adc8f963c481e653692552d677f4c9407def3423900a64e4ab82080000000000000005da2a3d7ee640a8b109000066bc3d8500fcffffff388e500e4e882c61dd0fcf5a676cc2789b611bf06cf75400acd573455cf5b35518ec259f99ce5f325595ba5d2b73ba20289a3bc77c9e661c770c078d712c8d33714394ade00be09ef85e5f5d56df7b2ac11346f3a8ae571e1757168a8d7eef6f7e2a36dfb6e4db06fe62f5778675ed187aed341fdec29332c9a7b86e8d2242fa5de79ae2ba384b8d38210339c4ceec7e898addba64a0caf714d109cbcabbc4cd33962b8c33d98e"], &(0x7f0000000000)=0x4a) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001800)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000001900)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f00000018c0)={&(0x7f0000001840)={0x6c, r3, 0x200, 0x70bd2a, 0x25dfdbfb, {0x7}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x800}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x16}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x6c}, 0x1}, 0x20000000) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r2, 0x7, 0x20, 0xfffffffffffffffe}, &(0x7f0000000140)=0x10) ioctl$int_out(r0, 0x5460, &(0x7f0000000400)) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000380)={r4, 0xfffffffffffff911, 0x10}, &(0x7f00000003c0)=0xc) getsockopt$netlink(r1, 0x10e, 0x7, &(0x7f0000001940)=""/69, &(0x7f00000019c0)=0x45) sendmmsg$alg(r1, &(0x7f0000001680)=[{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000180)="24f02b186d7a67ee1d13d49bbccb4711c407d2831d709ba9b7b5a9ef1ba38c2328c871621f92a8a4fc0cfd3d02168e67bbb041", 0x33}, {&(0x7f00000001c0)="9627813d7bf34b64cda915151d0d011cc7a1f88f42d8a521c9f269e683b85131d005fed79d7d2b93879e7814d4a2f3bc309eb619820fb9dd1ef381fb96080a31709f3e19604de977059f3d446c4044365dde16ec0413", 0x56}, {&(0x7f0000000240)="b33e978fd9c4416e40e6bda1fc194694a70eea7ff77b0feb0d786f213ef9add89dc484141d2ecfa7d73a5914a56a07ec333e48e995f1f68c6940c46f6ca27fe2d0dbce502d9842f4073c5d300a250a643e5f2c", 0x53}, {&(0x7f00000002c0)="69a8cf5cf0545ea68439e1b96a3db9fc2fc549d682c035bd6e6db0427c2582fe429ab520a8718a386d04e9eadf2b9cce2e7ee7f8c7fff2964418c19120504ee0b98de2761a60adc3886920ed064de262b3070185e6d16dfeb51d2bcb16ea9a4d6844e46bbe5321572d2308de4508189bbc8ab04c2fb3eac29a528b8497d51dd004a6f63717a91f71175b822bdacffcd67d87388870740274f72551ac93", 0x9d}, {&(0x7f0000001a00)="a53773d18557cba4937b66d348f1a93054bddfffff6f3928315e3c38805899135e365c5d278408222bf1adae27eb3cbd3646f55b1e715161f988ac49880a18921cfbf2cf0233cf306eee12d4d362c48ed3c0db20283da0cd7f31f2a17e1ffc9ceed7910627269a554ee2749ab8dd3fc64a27e8f64770a18fce8d4c407498c3804a8e8163a07e5e1619b3fbd597acb237ad2d31b0491209a67f6062065c723bf04faf952292555c1484c223057ed8d6ecc99851ad073688e6455c5be2027cf8dabe51aca83033856ead5752be3f4b0b7e9055bc5652763fc5c2dced047f6c3c6c001d0931dad3eaa93a73", 0xb1}, {&(0x7f0000000440)="9b35761be100b97169c9c7f414fa39ab6d3c014df66c6c503e2b204bcaab6f4e546fe3a957b1ffd3fed21169f943b42905173a4cc7bf5e561dd2965cdcf0", 0x3e}, {&(0x7f0000000480)="1792e1cf5fc86032fe0e4f02976e389d1ae12d6c8000b1fa3ce0134efbf3e4a504", 0x21}, {&(0x7f00000004c0)="eac6d95ee0347c5e07c73e55daa64134fe7c01d7bbdd50a043e1e0d53af230f0844ba417cf45d5be0930c1650e92983ec6cc97c4f6b10f7ced660b3d00a00e2d2b", 0x41}, {&(0x7f0000000540)="4c3b9472fd208d6982d62a5e47dfa691fb50502d6e21dfeb670896359f1597d223d36e581168eec3808c9d47fc6d7e6e459b1e0f139581ce4d06ed540c0f7a01b49e6bec751b463a099510bf25d173fff21dc02a7de6502a98501bc01f530fa3e23b2a29a89abd1fb4ec9b8b89d4c1653a9a2ad40681f143bf8281effd370b65da1c92ba51a2490c45256efce16de2c5b6e8bdddfeae3728c29b21cd172ce30bd71fe73d23e43c967e359832f28f92e831801f055c31654b763a2200b29a6b361ddcc553caae9c6438c910c28b6341f4fd67bf798476a283c90526d5f51fc11653623f7525be13e587cb720ada0ff563ff99fa1fa4bbe0ad489e97020c413ac3bd16a2445a2e92b4794ec14c59133eb1871f84861c2e744b482213999770113fa45987ac8b95a5e80d92fa43e3c601d3905a1963b430da40257a144a9084789700629611df16c950ffbcf4ff29df723f90885f470d9e59e60788c60360a3f1709be0f55231a40ceb80e733905bd8304f6a2d621320f00b5faf8279e8ccfe6c84e68529ac38a7ff505ad9357dc594e4bd9c874ac46b9ab552b3c486d0023de01db5059753009004933c465d45d29605baf7a19a545ed9ef5ad5196a0e4dd4904b599b4ae7fa702b9ef6e477244ea806d7865c08e59e95590cb28c38f46ce21541c7fb3ad1e27db956adce1c6022bcdf1f6c7135d5d102af66079e5e54d939d75695fea84a223c2a194a627fc46f8d41ecbdf9f6b5935522775a7e87033620ec9d91bb9be28de46dc925ee6448981371e8fa82aa28f06c757a23ffc3eac72e6a18a2d52fd86de4f13f4eb71253105c1b3d8db27213fe452207519fca212b5e00be7b24fb5c679a07dbbd32e70ee30634ecc0eb0e6373108f74f4161cd2a5f2ab5422d885747b0eb38beb4dc976564b6cb22005953d42b9754c56472d428d3f96985c0874bfdfb1d5bee8c484aba2763cd33b7530153951ba9de458077d98e23ae7f621cb42ee1cf9a34770a5f4e20f3acbe6846f5168ebb4eb2178d4745b590de0f418165987e7a19e3120881a624fa7cb2985d9387f19a57bf1cf9b338d06c7b63f54af58ba0d982d9b9fd151e46b2109d6b503047b8787a0536d62315edac35fc9824cc16430b95a406a4112677815ea0550351f582f6736ce4bc45a685929c54b3af7cfe60351fc46950a9df9bd916ab29df5d4934d9139dde5b91e954b20d9532ff6cc4291f99c5612ec24346a0f88deffab188bdce64ffed0cc7e7ff445d946489899f818f99d07ee59ff99a7c53bae3c3c39a4554ed80500975afacee26d15b71674530b0974084a475622ff7f2620bb4f815d3898dc47afc8e54e93e6d8b430c861b9463c3a8417e86256c931a4155834eb32fa7ba826c05971f24f9420501030a7f8683b0ec556f699093f17aa683edc82f43d3a5563b7f18b57426d5dd1c1d8dac884ade1c24f146eca92c0bf58d9a80d32aa686d4606ad1e2574b77ba4219cfd75a6267e85cb91b1d965b249bbd168ea56bd3c6be6795eaef57cb9dde53f21179d12851504ebace617477996378110c8d2956a599ba4eae3d6d11327685be71710bd67dc9c5ca929abd737ddd24ae589216408531add1523442107a04479e238fcf8a50b3e63186492f0dd405bf07088056e931c9dcad8212e04c06811de14a91e96959d901854a8b7160b701f87cb15b976125a14d36c73b423befa4b1b18b71c6514550e2ebeabec8380a7c4c2933b7149bb3051a1ea8e54021d547d9acdb0fae68666f6ef37afbc5f02b426e64d72616eb59256f29983d99fd874b3dcfebc34c9fb2319e86294029416a8d201d6112c8321913ac9cdac51047ab6e0231c97292b4eafdeebfb902e5f409dff137205e82a9247f6593fed0ae746a762d22befd2f85c6d8c6f93c0fd9d48e362bf77a031428e77e4a01f39ecdefeb8ebe6d9cad66ac206f86cf5ce4ef8daeadc6c5f629f975ebb4aff8d07036f3601601e0c49b9dbbf49be5cf07c9b5a0b0df079993b67642f745602bd81bebcb6287a52c0578c576bd9b2a767d2dec06f720506b2a8f7b0d073824a36eaf3d7ef5fa016530da6b312686d00f7a1ddc4ab9cfaf633a49402b41226daad3da0325cc7ef5c5b8c546be6c21eaaa183351a3dcc91b9d4720549bf8b678d49317d9fcd176c3c5aa17e6ae3bedc9e49bc8358c6f830025e5cf5cca643d2e2cdb128e86dcad99b62905868bea6a9222c237583a98f0f150e4f91a5d47470375deee0c28090ae30bb6a6d2439579eedf2482c2292afe53f541f2d0d4ec0247dfbeb036bfa19a43b9a4025df2450c7f80ee9ccad9e569294f40c743ed8090ca58b1b4305737f0b7969d509c515e386dcb0676db5b8f1d2c8096307f646a6c31d0be5f95537f14c1191364ded79335f03e8d4c83853eda98a1b92ecf6b0067e9d8a3ea4f1e7d8cded1ec2655e8c6ccf2b73e2c12bb5c2a986a07571ae072d4682243cc3e564ef16dc2f309d3a0df3763f3f3f2e7d72b7b860e461fbe788838df7cbcf88f5824faaa563f2089be650a3bc3601488910ec9e3752141790c5f7914912fedf4152121448ba7ac10922b471908db934a88f318c6dd6d4d913990f4793b0812693d7262addc50936170bca63a7e6194de276a676fba21cd823b6904a3770cbe80497458be4fb89e9283068a88711fd801a13cd1b7a4cc6c346715e1a94a55fed47647e7aaf2c1e38c3eeb6f50836b97a83a373927d7f52ff9c0c0c3cc6c9bb4fb35c1bc3feb8dc5c6363d21557de098341389ab1c4b2c279db645dd37f3cd5b3c6f03ed48354f1fdaffca873736bd9377fdbc4442d4fbd59c419d76c5d337651f82c16e1b5cf5a5030f7c68a36ffc096cff25569af179694ccae64f533c0fefbe4a6ec0a79b771b966c03a2bf5caa990f76888565c4d5aa3d90e699adaa62ad838e8b003f244f8c82af932f888ebefc28bde4d0948ed4e7c761c488f1ecd2eeb90707e8de8f92a40c0d5b7b9e917e69b635f68e0ff4fcb52f6a37358add964b91af9e2e3d19d2087bbe1932e93f3f423aefdc748ea40f1558f6b024a753839e6ede4ed687e0ba52e82ec1a8047b81be296d6749489febec30d375eee52f6167bfb1451a34ee8ed7739f3aaf92e0ef6dee162425a181ee5e9aa2488501142e2747d5bddd54b04d7a19d2c2b56e2680982511d83d3c990c930d6b9094eff8fafdeabfee63eae0359836ea89fb31dc5a12c0ae9ffdeea19d75097d6bae4951cf915cec03f67fae665840dff0e67de0888364ed25076250ca467696d3ed7b5336f9b78cf3675741eb3b93045de940dbd68568dfa9236a367b6a6cf573fb51cc5aed5277bf42a38788a888a699287cf5efcab5d4828de724af511c84463af85b89fdb1eb30a0e44f25867394647308fae22eec907981a35e6b5b14cb372dd4092d33676c0120f026402fb7844dd93d82e6ce2751e715a3f52e5b8c79134ae31c8deaebabd01515a9235d5cfd89b06d46c44f8f2a18b4d466ac0102ec93de26afaf7fa7526ee2756a1070e1a12cc10610fc3fc884b77582211c81e12fb47c0fc415650e6d09732ffe8c88c1e8cae1184b80932821e9164bd0103f58f7ae4667dd814548925adfe97c7753bb46aec11c29e9f3a4e6871031abc5f41e86bd38da4b3bc4f278da7d3cb1709546412e1b2438e6bee773d1364c5327878d207b23cc8840f6082a4dc4806fdb8e69e96e176b4dc5b7dc87de4a441ce0d5637ef5ec648cd5ae1524a53a296e3035bd2026f587a2e499744a709665c9e953175a2e022d7b9875ad77a0a8b5e2daedfab7eabfbc830555e14c4ca5afd51e17817c0d4fc61061afd53f4ac5a546992a58e7f4b1dc61764420e239d00a126e52b79433048df39265ff2d5855ceb67f17cf1c2f7d1d65e1ea6f83c6ed86847f7977a1d5d41489bf5b0e175b4f563c7404a0b2d7c8f781724ec275b652130bdabd5c47d7a01089b340547d3c2df4cab783ce93a73137573b6f5b7cc80c61c7db11f5f3dbafe54a5131d962b3dbd07f15efc6d14c2b5f6ae350e6daa6170649548df0d6d61e041f26d16ed5e7bc2671fb5e62072bbcf0169b11a4a8283c761de4e4fbd597a7792aef22a3e07e4de8aa7521a5646573ccfd104a9b3a2c078ae3a4b6cc911da258ce9cac1667a1c7d851058c5775437eedf3f0f155569b1aef314d47d37eb33c8c077057dda09ee02d387da6ce1aa48a35a5db278457bd21ea4497b5beaf12fd0d665f383f51832e2f2fa8d1e71c173c0f70128ef668befba42a0183e2f639f3864a99495670a4c713d6a436fdb57b03570b57e6bcf52cff348487f07dc3fdbad5757c6dfaa29acbfb465937bad5f844f6d4c9327a6d221084a0dbba705271cde0d6c6e2c1ca5f3d668248ccb322b4d1c0e17a29b680d835fced01071f8b5d5bef74cfe1cdf05dc60582c22676cbc7fe6994b25ef347ec239c36a14446104d838a716be3b3ff8811a8ed61902baaa6a3d1631e94092b00afe9be9e83b8629d4fcef8c202b365a768c90b88eaf7faac41eb4f7d841ff7adfe1b0fd882acd29900073efa092b931b2b8ababfb72131961e8a51bf5cefabead30d1e0dd115b3f719071b43e04c2981d6902a7a54e5d5949a9ff1ffd372aff7f8e80872c03c052e34a797f5cff6a71164ee8f080c4bcdb5e6869b908a959316549c21fe25a30af53123c8bb2d15f7bac245cdbee0d87285da2c4bc99d40248294ee599910cbedea8648993ac86fd2c2f0c6f3c89ac69fdf8f23c2c1266688a7e5c1e60bc06e88f6d96b703c883101d03e7270e1a1b9f74444dd61b39267744260d1e0401e6e4e7bd8881ce506cc3f65e0fe43ca6fe7ed5184dac5e0c7508c0bf9e983ff6783f74a9bfe2294e7f6bd06d12f0fae6565048dfcaaa259a8dd598cbda21d8979c1de08a0611210dc59f7a3c460065e4a99d88f992692509eb153cf81396fafbb9cb8e91f396974633d5de9c38d723fb3357b27c4061755df2a78211cca34d146e5f387fd593c9e163b2467d049fd94da357f740c38a8994b1691b1f0962bd6eb8aff0a41edf6f37e2b2473338d09c8bc3057853ae6fee03f84d329a516dd836d8ffb6f83308b8408fed342a1c4873b702cd329e9f66b1831311ede771ac887ab91009365d9cd1c17971b5fbbcc661cf975e99c5de4b356e97d6e0104b2fa616f75b7b219ca59cfae34f2404da73b27faf4569362bd515f5f73fe5ffa81ca0e3ac259bb326ba1b8a281bfb9727c2240b28a38d91b7d785c5b78def303ce2006cde0c2507d617a9427a92b1f82306433f04599dc623513611424461b400b015aa45ad76c1a0a9286049e3965786eaaffcb56336cba7257fd7d8e3e0dd3722bf5f825d2baf6ccd82a0944d1d0ea28432fd9318235633cc6c0be1de91282d0228031acde8f7b4b22a1c4de31bd4cbb55d2f82d110d8493ad43d31a160770419aeaee7037609c463aef3c5916b9b9cf8132694314860f85305ef6a8e6cc3aba374767854b17d181fc2b0ee84283bd0622d4c36956f719f17a57a1aaad6febedba8bcff47b2ab0169fe07ce1283056d261db49e1fb81de6593e71fd2b7972ea7304bf3e8dedcdbfbf819bf2246ef16fe4a64c4da91e8df052cc81f3b29a57b5877e2bf3b8112348bb9f09d6d490d6574bfd1c0b535073def251d0babeb9be1728082924eb172548f1a2a3d539a271983d5713291bc6c46effb59e6809a234efc6e0273c2a0df6aed174ff43a951f2cd320916afcb3cf659926710762c18f8307a1ccf1a74a32a6754da32aa5b1bd8", 0x28a}], 0x9, &(0x7f0000001600)=[@assoc={0x18, 0x117, 0x4, 0x6a0}, @assoc={0x18, 0x117, 0x4, 0x80}, @assoc={0x18, 0x117, 0x4}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}], 0x78, 0x44000}], 0x1, 0x4800) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:26 executing program 7: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x4000, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000080)) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:26 executing program 5: pipe2(&(0x7f00008df000), 0x0) socket$nl_generic(0x10, 0x3, 0x10) 23:39:26 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) r2 = mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) r3 = getpgid(0xffffffffffffffff) mq_notify(r2, &(0x7f0000000100)={0x0, 0x3b, 0xfffffffffffffffe, @tid=r3}) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:26 executing program 2 (fault-call:5 fault-nth:25): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:26 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000440)={0x2}) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000480)={'ipddp0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) ioctl$TIOCLINUX2(r7, 0x541c, &(0x7f00000000c0)={0x2, 0x1, 0x6, 0x0, 0x4, 0x8}) 23:39:26 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xc235) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 239.844621] FAULT_INJECTION: forcing a failure. [ 239.844621] name failslab, interval 1, probability 0, space 0, times 0 [ 239.856116] CPU: 1 PID: 14955 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 239.863344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.872774] Call Trace: [ 239.875442] dump_stack+0x185/0x1d0 [ 239.879129] should_fail+0x87b/0xab0 [ 239.882906] __should_failslab+0x278/0x2a0 [ 239.887220] should_failslab+0x29/0x70 23:39:26 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) getpgid(0xffffffffffffffff) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 239.891160] __kmalloc_node_track_caller+0x24b/0x11b0 [ 239.896434] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 239.901924] ? alloc_skb_with_frags+0x1e6/0xb80 [ 239.906694] __alloc_skb+0x2cb/0x9e0 [ 239.910472] ? alloc_skb_with_frags+0x1e6/0xb80 [ 239.915256] alloc_skb_with_frags+0x1e6/0xb80 [ 239.919877] ? kmsan_set_origin_inline+0x6b/0x120 [ 239.924798] ? __msan_poison_alloca+0x15c/0x1d0 [ 239.929561] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 239.934416] ? packet_sendmsg+0x6594/0x8ad0 [ 239.938845] sock_alloc_send_pskb+0xb56/0x11a0 23:39:26 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000040)) [ 239.943558] ? kmsan_set_origin+0x9e/0x160 [ 239.947910] packet_sendmsg+0x6594/0x8ad0 [ 239.952131] ? __fsnotify_parent+0x132/0x560 [ 239.956618] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 239.962136] ? rw_copy_check_uvector+0x643/0x6c0 [ 239.966945] ? __msan_poison_alloca+0x15c/0x1d0 [ 239.971696] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 239.977229] ? import_iovec+0x3c7/0x600 [ 239.981270] ? copy_msghdr_from_user+0x72c/0x830 [ 239.986130] ? compat_packet_setsockopt+0x360/0x360 [ 239.991211] ___sys_sendmsg+0xec8/0x1320 [ 239.995331] ? kstrtoull+0x766/0x7e0 [ 239.999137] ? kmsan_set_origin_inline+0x6b/0x120 [ 240.004056] ? __msan_poison_alloca+0x15c/0x1d0 [ 240.008809] ? _cond_resched+0x3c/0xd0 [ 240.012810] ? rcu_all_qs+0x32/0x1f0 [ 240.016606] ? _cond_resched+0x3c/0xd0 [ 240.020576] ? rcu_all_qs+0x32/0x1f0 [ 240.024353] ? __sys_sendmmsg+0x61d/0x850 [ 240.028569] __sys_sendmmsg+0x490/0x850 [ 240.032616] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 240.037612] ? syscall_return_slowpath+0xe9/0x710 23:39:27 executing program 7: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0x1c) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000080)=@req3={0x3, 0x10000, 0x3, 0x4b, 0xff, 0x5}, 0x1c) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:27 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) mq_open(&(0x7f0000000080)='$-md5sumeth1.posix_acl_access}em1\x00', 0x803, 0x20, &(0x7f00000000c0)={0x100000000, 0x1, 0x2, 0xffff, 0x2, 0x2, 0x5, 0x23}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 240.042552] __x64_sys_sendmmsg+0x11c/0x170 [ 240.046930] ? __sys_sendmmsg+0x850/0x850 [ 240.052042] do_syscall_64+0x15b/0x230 [ 240.056003] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 240.061251] RIP: 0033:0x455a09 [ 240.064481] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 240.072247] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 240.079565] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 240.086885] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:27 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)) 23:39:27 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000440)={0x2}) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000480)={'ipddp0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:27 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) fremovexattr(r0, &(0x7f0000000040)=@random={'security.', '\x00'}) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) getrusage(0x1, &(0x7f00000002c0)) [ 240.094210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 240.101526] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000019 23:39:27 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x80000) ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000080)) 23:39:27 executing program 6: ioctl$SG_SET_FORCE_PACK_ID(0xffffffffffffffff, 0x227b, &(0x7f00000000c0)) write$fuse(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRES32], 0x2b0) 23:39:27 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1b, 0x809, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:27 executing program 1: r0 = socket(0x1e, 0x805, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000300)={0x3ff, 0x328d, 0x1}) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:27 executing program 5: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) fcntl$setpipe(r1, 0x407, 0x7fffffff) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0x36, 0x71, &(0x7f0000000000)="25274d6a96bc48092b3154cda75ad713c7c31a4abe77929926fd24fb2390b391731ace657df12edcf588f4f4b536570b3333811ef0ec", &(0x7f0000000080)=""/113, 0x4}, 0x28) 23:39:27 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="02110021020000000000ccbbb4d7caba71000000010000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:27 executing program 2 (fault-call:5 fault-nth:26): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:27 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000440)={0x2}) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000480)={'ipddp0\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:27 executing program 4: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2002, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000080)={'nat\x00'}, &(0x7f0000000100)=0x78) r1 = socket(0x1e, 0x805, 0x0) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:27 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x401, 0x400) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) connect$ipx(r0, &(0x7f0000000140)={0x4, 0x800, 0x2, "217593092f19", 0x3}, 0x10) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000000)=0x0) syz_open_procfs$namespace(r3, &(0x7f0000000040)='ns/user\x00') bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x4, 0xfff, 0x8, 0xdb, 0x1, r1, 0x7}, 0x2c) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x0, 0x4) [ 240.537401] FAULT_INJECTION: forcing a failure. [ 240.537401] name failslab, interval 1, probability 0, space 0, times 0 [ 240.548842] CPU: 0 PID: 15008 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 240.556064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.565482] Call Trace: [ 240.568123] dump_stack+0x185/0x1d0 [ 240.571803] should_fail+0x87b/0xab0 [ 240.575588] __should_failslab+0x278/0x2a0 [ 240.579895] should_failslab+0x29/0x70 [ 240.583843] kmem_cache_alloc_node+0x157/0xc80 [ 240.588492] ? validate_xmit_skb+0xfea/0x1320 [ 240.594619] ? __alloc_skb+0x202/0x9e0 [ 240.598597] __alloc_skb+0x202/0x9e0 [ 240.602379] alloc_skb_with_frags+0x1e6/0xb80 [ 240.606942] ? kmsan_set_origin_inline+0x6b/0x120 [ 240.611846] ? __msan_poison_alloca+0x15c/0x1d0 [ 240.616592] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 240.621434] ? packet_sendmsg+0x6594/0x8ad0 [ 240.625839] sock_alloc_send_pskb+0xb56/0x11a0 [ 240.630569] ? kmsan_set_origin+0x9e/0x160 23:39:27 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xffffffffffffff9d) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) [ 240.634885] packet_sendmsg+0x6594/0x8ad0 [ 240.639096] ? __fsnotify_parent+0x132/0x560 [ 240.643590] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 240.649104] ? rw_copy_check_uvector+0x643/0x6c0 [ 240.653933] ? __msan_poison_alloca+0x15c/0x1d0 [ 240.658689] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 240.664207] ? import_iovec+0x3c7/0x600 [ 240.668254] ? copy_msghdr_from_user+0x72c/0x830 [ 240.673094] ? compat_packet_setsockopt+0x360/0x360 [ 240.678173] ___sys_sendmsg+0xec8/0x1320 [ 240.682342] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 240.687781] ? balance_callback+0x48/0x260 [ 240.692087] ? finish_lock_switch+0x25/0x50 [ 240.696490] ? finish_task_switch+0xde/0x270 [ 240.700983] ? __schedule+0x69b/0x730 [ 240.704864] ? _cond_resched+0x5e/0xd0 [ 240.708829] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 240.714262] __sys_sendmmsg+0x490/0x850 [ 240.718309] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 240.723310] ? syscall_return_slowpath+0xe9/0x710 [ 240.728256] __x64_sys_sendmmsg+0x11c/0x170 [ 240.732633] ? __sys_sendmmsg+0x850/0x850 23:39:27 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000040)) fcntl$setpipe(r1, 0x407, 0x0) 23:39:27 executing program 6: r0 = syz_open_dev$dmmidi(&(0x7f0000000300)='/dev/dmmidi#\x00', 0xfffffffffffffff9, 0x111000) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000340)={0xffffffffffffffff, 0x3, 0xe, 0x3, 0x8b}) r1 = creat(&(0x7f0000000100)='./file0\x00', 0x14) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000140)=0x6, 0xffffffffffffff12) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x2}, &(0x7f00000000c0)=0x8) syz_open_dev$sndmidi(&(0x7f0000000180)='/dev/snd/midiC#D#\x00', 0x80000001, 0x80) write$fuse(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="44000000060000000000000000001ba7de3f507dcc7e6c7ad24255094c0000000000000000000900a8663c1139239072e98f4fffb59f83133c01f950b5be69fc3bbc87e63fe1af4ecd86d8373adaf7321264fdcaaf50b57f7cdb3f911cecf1aa558cb2c6837276294f3c589fc6581336f30cc1d8e722eb5028149e925671b69b54dbad5eb07cc9ed38536502e0fb0ed5e2f25f3e6e896da503621b88dd39c6ae906a61fb3225bd511520d59a7cab74975a7e20090eb04e11f523d7458d23dc334c7008b699d29d0af10705fa079109294eb5f0f94f2d9051ee3f5800e7fe410e47c6fe599c2a86b33ec53cb231"], 0x28) setsockopt$netlink_NETLINK_CAP_ACK(r2, 0x10e, 0xa, &(0x7f0000000000)=0x2, 0xff35f9b4bdd37834) seccomp(0x2, 0x0, &(0x7f0000028ff0)={0xc5, &(0x7f0000d97ff8)}) ioctl$void(r2, 0xc0045858) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000001c0)={r3, 0x2, 0x8, [0x444, 0x9, 0x46b8, 0x6, 0x0, 0x0, 0x5, 0x5]}, 0x18) [ 240.736826] do_syscall_64+0x15b/0x230 [ 240.740766] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 240.745985] RIP: 0033:0x455a09 [ 240.749197] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 240.756953] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 240.764264] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 240.771572] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 240.778884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:27 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000440)={0x2}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:27 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000000000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 240.786198] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000001a 23:39:27 executing program 1: r0 = socket(0x1e, 0x805, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) accept$alg(r0, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:27 executing program 7: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) getsockopt$inet_dccp_int(r0, 0x21, 0xf, &(0x7f0000000000), &(0x7f0000000080)=0x4) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:27 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x40, 0x0) mkdirat$cgroup(r0, &(0x7f0000000040)='syz1\x00', 0x1ff) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) memfd_create(&(0x7f0000000080)='&vboxnet1keyringposix_acl_access/ppp0\x00', 0x1) 23:39:28 executing program 4: r0 = accept4$llc(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x800) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000080)=@generic={0x2, 0x10001}) r1 = socket(0x1e, 0x805, 0x0) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) 23:39:28 executing program 1: r0 = socket(0x1e, 0x805, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x100, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:28 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x501000, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6}}, &(0x7f0000000080)=0xe8) setsockopt$inet6_mreq(r1, 0x29, 0x8cd27c2a04dc5d21, &(0x7f00000000c0)={@loopback={0x0, 0x1}, r2}, 0x14) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:28 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0xffffffffffffffff, 0x0) prctl$void(0x3f) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000040)={'icmp6\x00'}, &(0x7f0000000080)=0x1e) 23:39:28 executing program 7 (fault-call:1 fault-nth:0): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:28 executing program 5: sysinfo(&(0x7f0000000000)=""/26) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e) 23:39:28 executing program 2 (fault-call:5 fault-nth:27): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:28 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f000019ffe9)={0xc1, @time={r5, r6+30000000}, 0x0, {0x1, 0x1}}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 241.223756] FAULT_INJECTION: forcing a failure. [ 241.223756] name failslab, interval 1, probability 0, space 0, times 0 [ 241.235172] CPU: 0 PID: 15073 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #1 [ 241.242409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.251808] Call Trace: [ 241.254462] dump_stack+0x185/0x1d0 [ 241.258152] should_fail+0x87b/0xab0 [ 241.261550] FAULT_INJECTION: forcing a failure. [ 241.261550] name failslab, interval 1, probability 0, space 0, times 0 [ 241.261953] __should_failslab+0x278/0x2a0 [ 241.277391] should_failslab+0x29/0x70 [ 241.281309] __kmalloc+0xc5/0x350 [ 241.284784] ? fuse_dev_do_write+0x13a1/0xbda0 [ 241.289383] fuse_dev_do_write+0x13a1/0xbda0 [ 241.293809] ? alloc_set_pte+0x8ed/0x1d80 [ 241.298020] fuse_dev_write+0x1b4/0x210 [ 241.302028] ? fuse_dev_read+0x270/0x270 [ 241.306108] __vfs_write+0x808/0x9f0 [ 241.309865] vfs_write+0x467/0x8c0 [ 241.313442] __x64_sys_write+0x1bf/0x3e0 [ 241.317548] ? ksys_write+0x360/0x360 [ 241.321363] do_syscall_64+0x15b/0x230 [ 241.325267] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 241.330461] RIP: 0033:0x455a09 [ 241.333665] RSP: 002b:00007f9017691c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 241.341390] RAX: ffffffffffffffda RBX: 00007f90176926d4 RCX: 0000000000455a09 [ 241.348668] RDX: 0000000000000018 RSI: 0000000020000000 RDI: 0000000000000013 [ 241.355941] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 241.363365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 241.370644] R13: 00000000000007b4 R14: 0000000000700980 R15: 0000000000000000 [ 241.377964] CPU: 1 PID: 15074 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 241.385191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.394585] Call Trace: [ 241.397228] dump_stack+0x185/0x1d0 [ 241.400908] should_fail+0x87b/0xab0 [ 241.404688] __should_failslab+0x278/0x2a0 [ 241.409005] should_failslab+0x29/0x70 [ 241.412945] __kmalloc_node_track_caller+0x24b/0x11b0 [ 241.418188] ? __msan_metadata_ptr_for_load_4+0x10/0x20 23:39:28 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 241.423622] ? alloc_skb_with_frags+0x1e6/0xb80 [ 241.428369] __alloc_skb+0x2cb/0x9e0 [ 241.432123] ? alloc_skb_with_frags+0x1e6/0xb80 [ 241.436858] alloc_skb_with_frags+0x1e6/0xb80 [ 241.441424] ? kmsan_set_origin_inline+0x6b/0x120 [ 241.446335] ? __msan_poison_alloca+0x15c/0x1d0 [ 241.451084] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 241.455914] ? packet_sendmsg+0x6594/0x8ad0 [ 241.460315] sock_alloc_send_pskb+0xb56/0x11a0 [ 241.464983] ? kmsan_set_origin+0x9e/0x160 [ 241.469305] packet_sendmsg+0x6594/0x8ad0 [ 241.473528] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 241.479034] ? rw_copy_check_uvector+0x643/0x6c0 [ 241.483927] ? __msan_poison_alloca+0x15c/0x1d0 [ 241.488677] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 241.494203] ? import_iovec+0x3c7/0x600 [ 241.498243] ? copy_msghdr_from_user+0x72c/0x830 [ 241.503100] ? compat_packet_setsockopt+0x360/0x360 [ 241.508171] ___sys_sendmsg+0xec8/0x1320 [ 241.512308] ? kmsan_set_origin_inline+0x6b/0x120 [ 241.517208] ? __msan_poison_alloca+0x15c/0x1d0 23:39:28 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[], 0x0) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') [ 241.521952] ? _cond_resched+0x3c/0xd0 [ 241.525911] ? rcu_all_qs+0x32/0x1f0 [ 241.529685] ? _cond_resched+0x3c/0xd0 [ 241.533644] ? rcu_all_qs+0x32/0x1f0 [ 241.537410] ? __sys_sendmmsg+0x61d/0x850 [ 241.541631] __sys_sendmmsg+0x490/0x850 [ 241.545669] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 241.550655] ? syscall_return_slowpath+0xe9/0x710 [ 241.555608] __x64_sys_sendmmsg+0x11c/0x170 [ 241.559975] ? __sys_sendmmsg+0x850/0x850 [ 241.564175] do_syscall_64+0x15b/0x230 [ 241.568129] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 241.573352] RIP: 0033:0x455a09 [ 241.576562] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 241.584317] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 241.591631] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 241.598941] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 241.606254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 241.613563] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000001b 23:39:28 executing program 1: setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:28 executing program 4: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000000)=0x29, 0x4) 23:39:28 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) clock_gettime(0x0, &(0x7f0000000680)) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:28 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) r2 = openat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x100, 0xe0) io_setup(0x9, &(0x7f0000000480)=0x0) r4 = socket$netlink(0x10, 0x3, 0x16) io_submit(r3, 0x6, &(0x7f0000000900)=[&(0x7f0000000500)={0x0, 0x0, 0x0, 0x6, 0x100000000000, r1, &(0x7f00000004c0)="10279f12c24720", 0x7, 0x7, 0x0, 0x0, r2}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0xcf9b, r0, &(0x7f0000000540)="e3b2fbb37d224a35b2e4084350ec954eb4f79ac45039710077cf49183e7ccff5da8e2dfa2df66165cec1", 0x2a, 0x29, 0x0, 0x1, r2}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x42162f64, r4, &(0x7f00000005c0)="bdbb5d599ba8848e979a6c6ae9765680e2e31b2f1a90ae5efcaec94e16aaec232407b42844788739c178813bc47ba6bbb8736d82f7c06b2dd438b8e01be9454f2b6afac61a3ce1f1c8af304e20415668062cbcdbad870c69775718f992156d0069f17422ba", 0x65, 0xddf, 0x0, 0x1, r2}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x9, 0x1ae, r1, &(0x7f0000000680)="94b5ee077869fabed9aff62e31f50c17774273e05ab39e18fcdf316c6978dad1bb5e271de3729f89c38160cbabd8acc6611067d45312e0ebc8a97a4db7fba82834d3f2f3e46e1d788b7f2a1100bf3f9c0fc2c7396e0d11d681530317e68932209233e51910b0a42f15c753c464d78ca63852cfabfabbbb9d0901c8bc689bf17890acaa515d01025616d46c459f85a9fd24855618b71dd2a8766863aad7d30a1fed72f129bd8b489b14032542c8109a743dd48e75b952f956a18c206b096b9eb3d764e4256603b9e44eb33686ad9714d672b688759b44bd404b8dc8f14b955381ef4ff1cec2571e9a15ab99", 0xeb, 0x7, 0x0, 0x1, r2}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x2, 0x9, r0, &(0x7f00000007c0)="c0d039f6b79bd706b682ec58ccf35fcbd42dd4d5ce50b5ec18", 0x19, 0x0, 0x0, 0x1, r2}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x1, r0, &(0x7f0000000840)="91c8992be397ca1dda6191cac6a3a510294adb2d3c32f7e4e03222285f525f56e3e9482ce8f58f635b3d59d19706572e33fd8fd79f5e9fb61217cc95f36c63640042433392e580bbfc7c3a8be5272b74b4eea24a96500b0e6e3096d9f6aa74f3ce6f5733edc88204965ed7ce", 0x6c, 0x7, 0x0, 0x0, r2}]) getsockopt$inet_buf(r2, 0x0, 0x2f, &(0x7f0000000400)=""/53, &(0x7f0000000440)=0x35) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="ebfdffffffd25ab15d290002000000288ce0781e02"], 0x10}, 0x1}, 0x0) r5 = add_key(&(0x7f00000002c0)='user\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000340)="95eebbab4c345c51f685808ea7b97a708e7543606e759eaef1de1e8ea0cb21ed031216f37d8d7eafe6d3adfd8674de47aa8fac6d86e7d09fff88cb8be67dd8f580eed9454d237be9e3869b3570e7cc7585d79ab5c9c4082d1542a785ae40bd6e0b7503bdf33437335a1fcb0922320403acd277ba5168f1fb", 0x78, 0xfffffffffffffff9) request_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000000c0)='\x00', r5) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:28 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x1ffc, 0x0) setsockopt$inet6_dccp_int(r0, 0x21, 0x5, &(0x7f0000000080)=0xef7e, 0x4) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) openat(r1, &(0x7f0000000040)='./file0\x00', 0x40, 0x8) 23:39:28 executing program 7 (fault-call:1 fault-nth:1): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:28 executing program 2 (fault-call:5 fault-nth:28): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:28 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="28000000060000000000000000000000000011832300000000000000000000000000000000000000000000"], 0x28) [ 241.880634] FAULT_INJECTION: forcing a failure. [ 241.880634] name failslab, interval 1, probability 0, space 0, times 0 [ 241.892131] CPU: 1 PID: 15109 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 241.899374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.908770] Call Trace: [ 241.911414] dump_stack+0x185/0x1d0 [ 241.915101] should_fail+0x87b/0xab0 [ 241.918897] __should_failslab+0x278/0x2a0 [ 241.923215] should_failslab+0x29/0x70 [ 241.927179] kmem_cache_alloc_node+0x157/0xc80 [ 241.931840] ? validate_xmit_skb+0xfea/0x1320 [ 241.936407] ? __alloc_skb+0x202/0x9e0 [ 241.940379] __alloc_skb+0x202/0x9e0 [ 241.944154] alloc_skb_with_frags+0x1e6/0xb80 [ 241.948701] ? kmsan_set_origin_inline+0x6b/0x120 [ 241.953610] ? __msan_poison_alloca+0x15c/0x1d0 [ 241.958361] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 241.963197] ? packet_sendmsg+0x6594/0x8ad0 [ 241.967596] sock_alloc_send_pskb+0xb56/0x11a0 [ 241.972271] ? kmsan_set_origin+0x9e/0x160 [ 241.976594] packet_sendmsg+0x6594/0x8ad0 [ 241.980802] ? __fsnotify_parent+0x132/0x560 [ 241.985301] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 241.990969] ? rw_copy_check_uvector+0x643/0x6c0 [ 241.995788] ? __msan_poison_alloca+0x15c/0x1d0 [ 242.000575] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 242.006109] ? import_iovec+0x3c7/0x600 [ 242.010165] ? copy_msghdr_from_user+0x72c/0x830 [ 242.015019] ? compat_packet_setsockopt+0x360/0x360 [ 242.020111] ___sys_sendmsg+0xec8/0x1320 [ 242.024244] ? kstrtoull+0x766/0x7e0 [ 242.028053] ? kmsan_set_origin_inline+0x6b/0x120 [ 242.032969] ? __msan_poison_alloca+0x15c/0x1d0 [ 242.037741] ? _cond_resched+0x3c/0xd0 [ 242.041722] ? rcu_all_qs+0x32/0x1f0 [ 242.045517] ? _cond_resched+0x3c/0xd0 [ 242.049506] ? rcu_all_qs+0x32/0x1f0 [ 242.053280] ? __sys_sendmmsg+0x61d/0x850 [ 242.057509] __sys_sendmmsg+0x490/0x850 [ 242.061561] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 242.066564] ? syscall_return_slowpath+0xe9/0x710 [ 242.071505] __x64_sys_sendmmsg+0x11c/0x170 [ 242.075895] ? __sys_sendmmsg+0x850/0x850 [ 242.080091] do_syscall_64+0x15b/0x230 [ 242.084042] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 242.089262] RIP: 0033:0x455a09 [ 242.092474] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 242.100228] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 242.107541] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 242.114854] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 242.122167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:28 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$KDSKBLED(r0, 0x4b65, 0x1) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="28000000060000000000000000000000000000000000000000000000000000000000000000000000308e8043f73af16569ee5f0f769454d1ef665daa25cf8661920f730daadddccfcfdbe9f07240b0d6081bbded0b538fe3d62d00817bef929c4688c4760800a4fe3e9a7c336a328ced2c38cf7dd358651af5c97ec1547cda1b6db05e507676ac1782040a6a81cdc93eb07a68f12b8d19859d233d239afedce4734ab721491f71ee97d0abf5d32362afd60403e2f48820463018040e059ad25c6059460e18e92910c56ff73fcf86401cd7212491bb6d314dcc63814d08efdc47a295e7ff5609a168ce8c58a4fa016337660a2695e75f7205d60bfa714dcf3cc5fefd000000000000000000"], 0x28) 23:39:28 executing program 4: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000080)=0x7, 0x4) r0 = socket$inet_tcp(0x2, 0x1, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$BLKTRACESTOP(r1, 0x1275, 0x0) ioctl$sock_ifreq(r0, 0x8992, &(0x7f00000001c0)={'syz_tun\x00', @ifru_names='ip6_vti0\x00'}) io_setup(0x6, &(0x7f00000000c0)=0x0) io_cancel(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x7664, r2, &(0x7f0000000100)="baca314ba08f93e3c58cd27c7f5391fe263eacda6da98dca5240cc5d83a9a31c23e5f80f2f3cc86130af60612bf393f26d63ef19070cbf0b6d2f83d8e0a0b925f78f650be27ae48c2a16325b5cf1b7e307ae66f4e5fa040cc94d4cf4bd72c97b2fdcccbb8845ab470c359036a551cea079a843aefa7bf86aba51044f289fe20a85827f95420886db42141454545ee740b76c968062f8ff8de93f253b5e1ba319517bdde03691", 0xa6, 0x6, 0x0, 0x1, r1}, &(0x7f0000000240)) 23:39:29 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="18bcbafbcd00000000000000feffff49b71cbc3e7fe51908000000a0207e7658e5d8c92b594c5e7c55241aefd1eb9e780909a600000000000000000000000000"], 0x18) 23:39:29 executing program 6: syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3ff, 0x40) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:29 executing program 1: setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:29 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 242.129479] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000001c 23:39:29 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x2000000000000000) 23:39:29 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)="2e2f6367726f757000361a6f74a1b774b8642f3dfdd313d92946ff0167415d8dc22791dcd496520c1c99f4b07d3b2a11090000000229210b73abdcd2986fc290ac9b6ace278586d39949a54fb276eb1fd3964b0cad27e417b33abb8d3b00e64e75e4dff47de27536dccdde5fc746b04faafcec347560a31b3a35a5f20bc949d75cbb763987", 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xfffffffffffffff7, 0x0) dup2(r0, r1) 23:39:29 executing program 2 (fault-call:5 fault-nth:29): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:29 executing program 7: io_setup(0x3, &(0x7f0000000040)=0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r2 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x460000, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = syz_open_dev$adsp(&(0x7f00000003c0)='/dev/adsp#\x00', 0x9, 0x440000) r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vhost-net\x00', 0x2, 0x0) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dsp\x00', 0x2000, 0x0) r9 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f00000005c0), 0x800) r10 = syz_open_dev$vcsa(&(0x7f0000000700)='/dev/vcsa#\x00', 0x114, 0x9beb34807c4220af) r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000780)='/dev/ptmx\x00', 0x115001, 0x0) r12 = syz_open_dev$mouse(&(0x7f00000008c0)='/dev/input/mouse#\x00', 0x0, 0x0) r13 = socket$unix(0x1, 0x3, 0x0) r14 = syz_open_dev$audion(&(0x7f00000009c0)='/dev/audio#\x00', 0x8, 0x40) r15 = accept4$ax25(0xffffffffffffffff, &(0x7f0000000a40), &(0x7f0000000a80)=0x10, 0x80000) r16 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/mixer\x00', 0x40000, 0x0) io_submit(r0, 0x8, &(0x7f0000000c40)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x7, r1, &(0x7f0000000100)="ca8ea6cbe914309e43af9b840109d7b2e54ab9e3e0f3e694fe2c8cf05603ddc8e73639fc31568d6ead3389146f69c1882a303cb693922b43a4f0ef4b90b180b142e9a33a41b63ebf5f495b401c407726f472f2e4d853e6442d", 0x59, 0x0, 0x0, 0x1, r2}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000200)="34ab235dac2d33d2e47b7e0be361da23", 0x10, 0x81, 0x0, 0x1, r4}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x3, 0x2, r5, &(0x7f0000000300)="4c8a4c5f684e7c783a645b782f041706b7b94cf297adee310a59dd776851c316361cc5775e9f49c595342f323e3d02746af5c756f6f1656b5d22437e4956e3c42ae4c3018171cd2fac8412dde6dfde45fba19eb6e728b155d2c3602500ca761b487e71e7c2163140a53da435fca06bb9c61b96f4224c2716997b2cbc16d70ee35592f254e79139f50c5f5fedb29bf9c75074544bce1e82c346c88d87505d78a2946220cd30468270", 0xa8, 0x826, 0x0, 0x0, r6}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x36, r7, &(0x7f0000000480)="722ed6406742249216e658efda666031a08ddfae0b7d518b37e249bc8f1fb93a327679002717f19cc3b29826c010fc978bc8863c701daf2a290eaf8e0712abd600ee39905b9f4a47437e2ecdda43c1376dccfc09900e63bad313d5926ff3a6519db1b5bf8280d71bf0da4c2b87b106d6db0b1b4236d8e39ec7cd3ca903aeee5bcdcf4a85d09e01aecf7d564e054858a87362faa3520bba5c70eea588e17b", 0x9e, 0x5, 0x0, 0x0, r8}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x7, 0x4, r9, &(0x7f0000000600)="55f73f3d5fffbdc673e24d8e9027105eed4e4600c017da809d601c847cbbbfa0d9187cd82ede913702c89e720eec36c22329590050ff926a963e6b4023a763af35028531b2dc328d209ba75f64093ddbcbe2be3eb417e4bb4c592b010952129dafbc0497dd8575d4d84e7eeae2136c62c2ffe79b1db75fd47c4a901514c8c875053c3022e081234ce6bd8f712ec2c189122fb5676c6691f5936c962fd4c8b2028eb628338e033b658164a9cddad64729f058b95b107463330e13ef690aef701ac7f662", 0xc3, 0x1, 0x0, 0x0, r10}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x6, 0x7ff, r11, &(0x7f00000007c0)="482fd2b0e3ae1c628b249648a8f3953e33531ef065f4ad266510558f8ad3084e59074359dc5e350817f2577fbd41961825e87585bb6f0d9f2455f52bb22e84b54a1ccf8c54157e41928af49ec9f62c1edc1c6fb423894e545034a07956ae22f7bdddacd23eebafef843688b9e67ad209f9c2f4f01e569555ba6753b45fdbf3a898790558052fbdbceae35eaef42cbbb8c7821327bff538cf940e5863b329e22188151bb0647890e607fa46400011be2167b7126e91ad706365047c3b8c995646908d6f6ee9015450e7", 0xc9, 0x1, 0x0, 0x1, r12}, &(0x7f0000000a00)={0x0, 0x995a58542988faf0, 0x0, 0x0, 0x9, r13, &(0x7f0000000940)="f89062b2b19cb6e91dfafe77e5e1fb6c298c39edc17a2e91166c7cb4919d782f5b6f1b1947f5440db1a96df6ae4c569ac80af8e1958e65be48accc3b5806c7e6b1efece877464178ab258754559c182a7e1b493c331fd1c2d01bbaa63530d5a82eaed557214aa1f7d1e0c5ab62c7ad530dfa135ca33cb2", 0x77, 0x4, 0x0, 0x0, r14}, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x7, 0xfffffffffffffffe, r15, &(0x7f0000000ac0)="ecb5929a2b12c7747955c22b96454ee8dbd955890b833859fcf0326dd19c720847ad77ea3540d7e15b8ea43a52fb82bb3b77f893f5bf5953d20e08d3c5bbc996dec8261b9491b84df92183d0bde783aeb35d12c65c7e768d3146ea573040f270cf5c9a4cdc2b851e0231337217a9da4f74661dfc6214fb0be4e6ba08ee8e53ed3f355d79ab099a85456d6d1a94324da288e021b0847089ef4b9b58627ae5ba89223503e0ccfd68009581fe68c398bcfa3f7757c8ed5f7ef415c146b959882dbea89c84e664f195b9622718f8568d03625edf7466b01b2336393e1f3d163a53182976518400b2981e645b903f01a0c197b01b18ec197f49fbcfdf54d27898", 0xfe, 0x2, 0x0, 0x1, r16}]) r17 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r17, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000600000000000000070000000000000080000000"], 0x18) 23:39:29 executing program 1: setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 242.460958] FAULT_INJECTION: forcing a failure. [ 242.460958] name failslab, interval 1, probability 0, space 0, times 0 [ 242.472606] CPU: 0 PID: 15144 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 242.479837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.489259] Call Trace: [ 242.491911] dump_stack+0x185/0x1d0 [ 242.495602] should_fail+0x87b/0xab0 [ 242.499378] __should_failslab+0x278/0x2a0 [ 242.503690] should_failslab+0x29/0x70 [ 242.507632] __kmalloc_node_track_caller+0x24b/0x11b0 [ 242.512878] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 242.518325] ? alloc_skb_with_frags+0x1e6/0xb80 [ 242.523098] __alloc_skb+0x2cb/0x9e0 [ 242.526866] ? alloc_skb_with_frags+0x1e6/0xb80 [ 242.531618] alloc_skb_with_frags+0x1e6/0xb80 [ 242.536189] ? kmsan_set_origin_inline+0x6b/0x120 [ 242.541113] ? __msan_poison_alloca+0x15c/0x1d0 [ 242.545869] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 242.550716] ? packet_sendmsg+0x6594/0x8ad0 [ 242.555127] sock_alloc_send_pskb+0xb56/0x11a0 [ 242.559806] ? kmsan_set_origin+0x9e/0x160 [ 242.564137] packet_sendmsg+0x6594/0x8ad0 [ 242.568358] ? __fsnotify_parent+0x132/0x560 [ 242.572854] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 242.578407] ? rw_copy_check_uvector+0x643/0x6c0 [ 242.583232] ? __msan_poison_alloca+0x15c/0x1d0 [ 242.587991] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 242.593524] ? import_iovec+0x3c7/0x600 [ 242.597578] ? copy_msghdr_from_user+0x72c/0x830 [ 242.602444] ? compat_packet_setsockopt+0x360/0x360 [ 242.607555] ___sys_sendmsg+0xec8/0x1320 [ 242.611686] ? kstrtoull+0x766/0x7e0 [ 242.615494] ? kmsan_set_origin_inline+0x6b/0x120 [ 242.620416] ? __msan_poison_alloca+0x15c/0x1d0 [ 242.625172] ? _cond_resched+0x3c/0xd0 [ 242.629145] ? rcu_all_qs+0x32/0x1f0 [ 242.632942] ? _cond_resched+0x3c/0xd0 [ 242.636915] ? rcu_all_qs+0x32/0x1f0 [ 242.640694] ? __sys_sendmmsg+0x61d/0x850 [ 242.644918] __sys_sendmmsg+0x490/0x850 [ 242.648976] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 242.653992] ? syscall_return_slowpath+0xe9/0x710 [ 242.658931] __x64_sys_sendmmsg+0x11c/0x170 [ 242.663310] ? __sys_sendmmsg+0x850/0x850 [ 242.667517] do_syscall_64+0x15b/0x230 [ 242.671495] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 242.676738] RIP: 0033:0x455a09 [ 242.679960] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 242.687722] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 242.695036] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 242.702353] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 242.709667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 242.716979] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000001d 23:39:29 executing program 5: semget(0x2, 0x0, 0x20) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000)={0x0, 0x8, 0x4, 0xd734, 0x81, 0xffffffffffff7fff, 0x80000000, 0x100000000, 0x0}, &(0x7f0000000040)=0x20) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={r2, 0x9}, &(0x7f00000000c0)=0x8) 23:39:29 executing program 4: syz_emit_ethernet(0xffffffffffffff95, &(0x7f0000000040)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, [{[{0x9100, 0x2, 0x0, 0x4}], {0x8100, 0x5, 0x200, 0x2}}], {@generic={0x8864, "42a703000000"}}}, &(0x7f0000000000)) 23:39:29 executing program 1: r0 = socket(0x0, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:29 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:29 executing program 7: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10080, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x1) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:29 executing program 2 (fault-call:5 fault-nth:30): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:29 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/4\x00') ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r2, 0xc0505510, &(0x7f0000000080)={0x2, 0x4, 0x4, 0x6, &(0x7f00000002c0)=[{}, {}, {}, {}]}) 23:39:29 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4) fcntl$getown(r0, 0x9) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 242.911224] FAULT_INJECTION: forcing a failure. [ 242.911224] name failslab, interval 1, probability 0, space 0, times 0 [ 242.922655] CPU: 0 PID: 15172 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 242.929880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.939275] Call Trace: [ 242.941921] dump_stack+0x185/0x1d0 [ 242.945605] should_fail+0x87b/0xab0 [ 242.949389] __should_failslab+0x278/0x2a0 [ 242.953709] should_failslab+0x29/0x70 23:39:29 executing program 4: io_setup(0x3, &(0x7f0000000040)=0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r2 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x460000, 0x0) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = syz_open_dev$adsp(&(0x7f00000003c0)='/dev/adsp#\x00', 0x9, 0x440000) r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vhost-net\x00', 0x2, 0x0) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dsp\x00', 0x2000, 0x0) r9 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f00000005c0), 0x800) r10 = syz_open_dev$vcsa(&(0x7f0000000700)='/dev/vcsa#\x00', 0x114, 0x9beb34807c4220af) r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000780)='/dev/ptmx\x00', 0x115001, 0x0) r12 = syz_open_dev$mouse(&(0x7f00000008c0)='/dev/input/mouse#\x00', 0x0, 0x0) r13 = socket$unix(0x1, 0x3, 0x0) r14 = syz_open_dev$audion(&(0x7f00000009c0)='/dev/audio#\x00', 0x8, 0x40) r15 = accept4$ax25(0xffffffffffffffff, &(0x7f0000000a40), &(0x7f0000000a80)=0x10, 0x80000) r16 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/mixer\x00', 0x40000, 0x0) io_submit(r0, 0x8, &(0x7f0000000c40)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x7, r1, &(0x7f0000000100)="ca8ea6cbe914309e43af9b840109d7b2e54ab9e3e0f3e694fe2c8cf05603ddc8e73639fc31568d6ead3389146f69c1882a303cb693922b43a4f0ef4b90b180b142e9a33a41b63ebf5f495b401c407726f472f2e4d853e6442d", 0x59, 0x0, 0x0, 0x1, r2}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000200)="34ab235dac2d33d2e47b7e0be361da23", 0x10, 0x81, 0x0, 0x1, r4}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x3, 0x2, r5, &(0x7f0000000300)="4c8a4c5f684e7c783a645b782f041706b7b94cf297adee310a59dd776851c316361cc5775e9f49c595342f323e3d02746af5c756f6f1656b5d22437e4956e3c42ae4c3018171cd2fac8412dde6dfde45fba19eb6e728b155d2c3602500ca761b487e71e7c2163140a53da435fca06bb9c61b96f4224c2716997b2cbc16d70ee35592f254e79139f50c5f5fedb29bf9c75074544bce1e82c346c88d87505d78a2946220cd30468270", 0xa8, 0x826, 0x0, 0x0, r6}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x36, r7, &(0x7f0000000480)="722ed6406742249216e658efda666031a08ddfae0b7d518b37e249bc8f1fb93a327679002717f19cc3b29826c010fc978bc8863c701daf2a290eaf8e0712abd600ee39905b9f4a47437e2ecdda43c1376dccfc09900e63bad313d5926ff3a6519db1b5bf8280d71bf0da4c2b87b106d6db0b1b4236d8e39ec7cd3ca903aeee5bcdcf4a85d09e01aecf7d564e054858a87362faa3520bba5c70eea588e17b", 0x9e, 0x5, 0x0, 0x0, r8}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x7, 0x4, r9, &(0x7f0000000600)="55f73f3d5fffbdc673e24d8e9027105eed4e4600c017da809d601c847cbbbfa0d9187cd82ede913702c89e720eec36c22329590050ff926a963e6b4023a763af35028531b2dc328d209ba75f64093ddbcbe2be3eb417e4bb4c592b010952129dafbc0497dd8575d4d84e7eeae2136c62c2ffe79b1db75fd47c4a901514c8c875053c3022e081234ce6bd8f712ec2c189122fb5676c6691f5936c962fd4c8b2028eb628338e033b658164a9cddad64729f058b95b107463330e13ef690aef701ac7f662", 0xc3, 0x1, 0x0, 0x0, r10}, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x6, 0x7ff, r11, &(0x7f00000007c0)="482fd2b0e3ae1c628b249648a8f3953e33531ef065f4ad266510558f8ad3084e59074359dc5e350817f2577fbd41961825e87585bb6f0d9f2455f52bb22e84b54a1ccf8c54157e41928af49ec9f62c1edc1c6fb423894e545034a07956ae22f7bdddacd23eebafef843688b9e67ad209f9c2f4f01e569555ba6753b45fdbf3a898790558052fbdbceae35eaef42cbbb8c7821327bff538cf940e5863b329e22188151bb0647890e607fa46400011be2167b7126e91ad706365047c3b8c995646908d6f6ee9015450e7", 0xc9, 0x1, 0x0, 0x1, r12}, &(0x7f0000000a00)={0x0, 0x995a58542988faf0, 0x0, 0x0, 0x9, r13, &(0x7f0000000940)="f89062b2b19cb6e91dfafe77e5e1fb6c298c39edc17a2e91166c7cb4919d782f5b6f1b1947f5440db1a96df6ae4c569ac80af8e1958e65be48accc3b5806c7e6b1efece877464178ab258754559c182a7e1b493c331fd1c2d01bbaa63530d5a82eaed557214aa1f7d1e0c5ab62c7ad530dfa135ca33cb2", 0x77, 0x4, 0x0, 0x0, r14}, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x7, 0xfffffffffffffffe, r15, &(0x7f0000000ac0)="ecb5929a2b12c7747955c22b96454ee8dbd955890b833859fcf0326dd19c720847ad77ea3540d7e15b8ea43a52fb82bb3b77f893f5bf5953d20e08d3c5bbc996dec8261b9491b84df92183d0bde783aeb35d12c65c7e768d3146ea573040f270cf5c9a4cdc2b851e0231337217a9da4f74661dfc6214fb0be4e6ba08ee8e53ed3f355d79ab099a85456d6d1a94324da288e021b0847089ef4b9b58627ae5ba89223503e0ccfd68009581fe68c398bcfa3f7757c8ed5f7ef415c146b959882dbea89c84e664f195b9622718f8568d03625edf7466b01b2336393e1f3d163a53182976518400b2981e645b903f01a0c197b01b18ec197f49fbcfdf54d27898", 0xfe, 0x2, 0x0, 0x1, r16}]) r17 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r17, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000600000000000000070000000000000080000000"], 0x18) 23:39:29 executing program 1: r0 = socket(0x0, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 242.957675] kmem_cache_alloc_node+0x157/0xc80 [ 242.962339] ? validate_xmit_skb+0xfea/0x1320 [ 242.966907] ? __alloc_skb+0x202/0x9e0 [ 242.970882] __alloc_skb+0x202/0x9e0 [ 242.974662] alloc_skb_with_frags+0x1e6/0xb80 [ 242.979230] ? kmsan_set_origin_inline+0x6b/0x120 [ 242.984217] ? __msan_poison_alloca+0x15c/0x1d0 [ 242.989083] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 242.993937] ? packet_sendmsg+0x6594/0x8ad0 [ 242.998351] sock_alloc_send_pskb+0xb56/0x11a0 [ 243.003030] ? kmsan_set_origin+0x9e/0x160 [ 243.007372] packet_sendmsg+0x6594/0x8ad0 23:39:30 executing program 5: pipe2(&(0x7f00008df000), 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x4000, 0x0) [ 243.011583] ? __fsnotify_parent+0x132/0x560 [ 243.016081] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 243.021608] ? rw_copy_check_uvector+0x643/0x6c0 [ 243.026544] ? __msan_poison_alloca+0x15c/0x1d0 [ 243.031313] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 243.036858] ? import_iovec+0x3c7/0x600 [ 243.040912] ? copy_msghdr_from_user+0x72c/0x830 [ 243.045784] ? compat_packet_setsockopt+0x360/0x360 [ 243.050906] ___sys_sendmsg+0xec8/0x1320 [ 243.055069] ? kmsan_set_origin_inline+0x6b/0x120 [ 243.059994] ? __msan_poison_alloca+0x15c/0x1d0 [ 243.064750] ? _cond_resched+0x3c/0xd0 [ 243.068726] ? rcu_all_qs+0x32/0x1f0 [ 243.072516] ? _cond_resched+0x3c/0xd0 [ 243.076518] ? rcu_all_qs+0x32/0x1f0 [ 243.080293] ? __sys_sendmmsg+0x61d/0x850 [ 243.084518] __sys_sendmmsg+0x490/0x850 [ 243.088571] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 243.093576] ? syscall_return_slowpath+0xe9/0x710 [ 243.098525] __x64_sys_sendmmsg+0x11c/0x170 [ 243.102911] ? __sys_sendmmsg+0x850/0x850 [ 243.107112] do_syscall_64+0x15b/0x230 23:39:30 executing program 1: r0 = socket(0x0, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:30 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x420c0, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) [ 243.111067] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 243.116307] RIP: 0033:0x455a09 [ 243.119930] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 243.127694] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 243.135011] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 243.142334] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 243.149663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:30 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 243.156978] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000001e 23:39:30 executing program 6: r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x91, 0x0) write$fuse(r0, &(0x7f0000000040)={0x20, 0x0, 0x9, @fuse_notify_inval_entry_out={0x3, 0x9c6}}, 0x20) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000140)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)=0x0) rt_sigqueueinfo(r1, 0x20, &(0x7f0000000100)={0xd, 0x8, 0x9, 0x7f}) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000180)={0x4, 0xc2, 0x9}) 23:39:30 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047fc2f07d82c99240970") fchdir(r0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:30 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x10000) 23:39:30 executing program 4: r0 = socket$unix(0x1, 0x3, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000a00)='/dev/amidi#\x00', 0xfffffffffffffff8, 0x400004) ioctl$BLKDISCARD(r1, 0x1277, &(0x7f0000000980)=0x70) getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000900)=0x5, &(0x7f0000000940)=0x4) r2 = fcntl$dupfd(r0, 0x406, r0) recvmmsg(r0, &(0x7f00000019c0)=[{{&(0x7f0000000340)=@can, 0x80, &(0x7f0000000540), 0x0, &(0x7f0000000580)=""/55, 0x37}}], 0x1, 0x0, &(0x7f0000000780)={0x77359400}) sendmmsg$nfc_llcp(r2, &(0x7f0000003c40)=[{&(0x7f0000000000)={0x27, 0x0, 0x0, 0x5, 0x9, 0xbfb4, "c8977c418e0c33c8281e410ac35f4a5043c6b9b0faa622ca1928e40cb65833192cf540bbbf011ec05d337ddbdb66f928cb20f25b638c6e605c60c506b6a90d", 0x26}, 0x60, &(0x7f0000000280)=[{&(0x7f0000000080)="537fc8731afda4ba9ffd2d9b4b20492dc4b6c7", 0x13}, {&(0x7f00000000c0)="6abf23722c527e0be3c4dc0ecce89c30ebd25c6bcf1c3537180a8a50e84e195ca585c701aa5ef55901dcb64bef190b6192a5576f5c31570fe2222d90bb3d3343f90011c1ebba938592ddafca7068c1a6499e2f9e3eb4058532209cfce85794e42f1f27ca2aaa942c97bf2bf16f6acc4a6ed74e5404700f8d5ee497bb6e2ee4e85abba2d41cd3b7c39871a0cc85c16c8f7900b44dfe012e90c2e76ed4571fc3fd6c8e1e2ab0aba7da1736e9bed5b921058b71fe3906556787360820585ccbe0467c9d1c04b9158b67da5845234e43138cd9f649cb", 0xd4}, {&(0x7f00000001c0)="9dacd530b810a8658c70c46d487160b999c0a58469b1f885c5938328cf7136625560705a2648138ad45005defdd59cc480f75877d471c2485e5eb9cb72614d894a4d8d60a8c24befb274b30c7238b9b2950f4477aef07319ee206acc76a2a60a6e1560993c363e4020c74b466e9711e3385828e58819d440cf3aac954c26c0768de8cba4c42ecd296ea335d927f6a9f41b359f50845d4fe10388b519eb875f6492fc2fca1137d5ecfad2e2d86653cf1f7d", 0xb1}, {&(0x7f00000003c0)="aabe2e54f5b297fe71062be45b857de1d48a70b713c943e9c8f6be6ddbd75b88c4c92f3c8cd7443c41ac74b8e36bbea2eac2f9609344bfda08ca371162d8f4ae75992f8570d13eee3b999df5060c98301b9cae095b51aa61373ff40c18f242a0b216dba2be3f7f66bf7dd6811ebf7cda818f573baf52a15c1aa4110042951d898f9c300c73d52594cc98add042e64b11805be1271b7b788baf0c2d204ea80babc0dd849eb1e9da40d4fece9c4621f56ca43cb5a61d27d227ae479f0445f1233373ecbcffb15a1e6b06e56cc4ac2f59a156aa3ee1a6", 0xd5}], 0x4}, {&(0x7f00000002c0)={0x27, 0x0, 0x2, 0x7, 0x342b, 0x7, "4d8d773948c385272e5f3f023a7a6b8739ab970f33f2e577e0175b909efbd879ba13e2196635727361097c24c1b286d0700664640bd61e4c10027dcedc3264", 0x22}, 0x60, &(0x7f0000000540)=[{&(0x7f00000004c0)="f037d94630085e6a592bfa9110b571adc9a509d1e8227076ebcbaa16843ef53b", 0x20}, {&(0x7f00000005c0)="290f876efa66bbac0d85e92d8129f9d7b3c33f65105cb5de125a54ab6667cacb26a9e8f8fbecba51c2b0d052c25baac1a456a4a9253ba7546ed47bb2dfbefb7d3c63d185ea2a22ae4888465f873506c67ad556353a6cb0abfbf71f7e0159a5617d5abc0047d30260fc69db813145a487d076c76d864005ce066c325501c38c0fd25569fe80c9de0e66e7cbfea9a7ee6fabee1a14869a88a875831fc0a1546a1e2d151c534171a899d3e6d159a7be7f5744c71c0e", 0xb4}, {&(0x7f0000000500)="c1e640e336f3687360abbc1fbf6b24461cefed0a0f0f298ea8005a008110948a59251f4feb6b3bb1483fcc8f05b21e5ffec08afd7c2cee263dc6e1", 0x3b}, {&(0x7f0000000680)="85fe1001579d01bcf410f62aaa7994419f3539bad493a1d4f219cd973179f33ec3fbd1aaf8edb9faa211ece79cc275bd9ff8551c8fe6dd92660e3f5b7940c0d96d68cd2ba98d5c4ec558cff4dbdc4005ad0577e5088caec887cbd1009c2f523e734429a9896dc55ec77e47b2e0480a2c91e48d0d", 0x74}], 0x4, &(0x7f00000017c0)={0xa0, 0x88, 0x10000, "c8731cf9962c9516acc41891b5082c57ef8802b8907e129a52a4a9ce37cfafd907b069a41ee264b56744ca9d5a14e7a3c032ae6db056bc22230593789e9219d21c059b90139fb9539605d61721aeee05fdb5d076bcb6495caf31e9e50c536fb0d7d57fa09182320122ee55c2e82afb6d2c79d23367a23ae6d2c0f9452125e29056936cec75fad3c101531d"}, 0xa0, 0x20000080}, {&(0x7f0000000700)={0x27, 0x1, 0x2, 0x1, 0x6, 0x7, "13563aa6c5946bd70e5cf99018ef22ee656a9fa722ccd707b3b842ac3b87fe7634c071c837d7c1f9263a9d12bf722174fdacc4627523f042901f11ecbec375", 0x3f}, 0x60, &(0x7f0000002c00)=[{&(0x7f0000001a00)="b70f56f3e0f0781f65a4876f3dee9a6b20681a4b6f878b629dd8d91287b52e6ebc47fce7d9086fd9350cacd67c2a2f572764f9c47911a0260a9ba135c332d217eca728c43d9d4b91182f6a1dde2de35968a8763a247cabf4f5f84e1a19f008fc8c7c7b3a84dbaa5ee897765c8c3dba9f7c28e89f5e72bef8b761bd6d30a0b48d06794d30aacaddc56dd64410f4c7017aa8eac1fb88262b1773374236d1c83b05c05ccb2c69c0d375ca43e52acd1cce1dfc7b9cc35c15cd9dcaa4fa83b46134df3aa6fe0a00d50d7b3214d74a3a50ed91f75e4864ccc93861bbf47051c681ca9892b1346f9a61c4c557cc34f6c747d8199727f69223b59cccee91ee6398afddc5d632f303068b5aa6ff1eea79bc0a83f7c37109f905ccd814e1db612767920a2952fdfa8059aee304a35eb1477b54e1d7fb1895c23fa9fc4bb576115adbf31038e3d52c81904b113c565dd91479ecdc5b84b206f04285502bd9225cfc026c3af01f07b196fbbbf4d9e60f84178e35e99f29229328ff9d6d5f6615ef66e48ef54b1d8ec23b430741f6c8673ac51e9945d2706b2fb575756838d9557a0542a234b2d1640de4001b9fcaa98d095e3b6d584fa579af623240d8f523b949e3df9e928ad445d84bf545fbd9f03954d1593301c6626da820f95597f5a52d8104c30d83543331441a25c50f59869d84c6e4326e4092657236c3b8e7408e73df1503fe02717f681b98ff14c321070520087c88fc7ab3d0083a6881636efd39c4b00d28e29154bd0121e827bb3d7f818284f33f9abee195a93607572517c51526e81f3d4e0712992a5534601efaf87ad8877dcc36a157f4c1eb4405d13ce80c1f13ee79c3936adba5e6e1baa5b5d0609199eb9cd75b583a52201d871e92b2bf210bccbca4a5e625096c306f77a26b13eb6b9114e51daf17533b4ce32e4b916a9dfef7f0b1327a99306d52c00680684472583226fb9c5b479f3261ac1094c3f8a7224e4469e5cb21b4343edc9ec18c9a15d6219a3d0fb3bde436beb43eb23baea784720dc00840af9d52ead61a05ccea3e75cbc5872b3ff52dcc4151dd8291c8d3558f1f382e9c5e92dcf6962db184749dac31d21cffed1c2c77aeccb28dc60289d56ab1683721b1db090f76fd9582d484fe01fab9d9f09c21ceeb20887632efd24805bdd72c6f16044497cc1c7de4f90cee30f856e62f092b4e0ad12d0c8ce6de70365b920dd34bf7c8779facd05ad386db1d7271870473d5abb2bacf87903287f92bf6c6295853bbaccf008cc1f063069c60ae949fbe7ce748162dba2d187d6dc75fa14cc8f2dc98e3875e2085a96b7e17ebd44c36e4808972f3a3ecdfa2c44174c46d161ba40cdd9bed5586f6a4470f355838e392075f49b3d1ab3c05d67b00f96417e65a9d75f8283effaa071a7673c51eb7df3174706513c7530ff45a46ef8118007859904dda2ee8e01b870f9a270fc3e76edea74cc0c41ccf8c506bce577d4ac45df044c56722bda9a6a3c71ad4e2086b77caa4c9d2d45ea76ca3c304d8480c844fed0b34b74793fb7a0f14b6b6b77b73fe6992e24cc7fc7e0dabf0c30f0fec3369d54e4aa22b63cdf33412acef5af933d546dedc855f4ada0da90a1e8494040004c5440695bdd26ef74f0813b67b38c5b4a8bf0289c304f41851d6174c25d9aeb5a738e9d11ca93427b2a7f104ea939543a4bdb4c8dde9589b0992c87e6d90ae68b6128a666b2d9858bd3f335d2c109cc86f56f72dfb220be738b6c652dcf2fddecab810cc7a23494ea818c1e7910e4a349671f1b1450c6c4b3b71b8746bb6d0e95acaa4deb8d4cdd37739cc9e22a7149dd4a0307f3bdaf875de7fb7bd76532dcd3aff5b80fea1bb9018ea81a4791888d311ad29fb25d6fc5ce2516e9f46efc974b87a421bbdaa79ac388d0179a40e93b08ee33901f898717d0bd8e70c46d7b3a19ac824be435e2930911f8e7041e2093256f17bc150f7155bb9379b815a0b616af6f8b9e595d54770907e8f1d858fbed9f46265d481de5ae42a3fdb5cbc380ff223bec346218f2072fd4be2057c1e3095e4b06437dcedd640b39985623b4626a216efb47c3f7d9629f5dc18a49bdf01356d2ae7351925fd1fe9efc72c8922d6c621c311a3fcfbafcdd89cbc63b28b869c9c46a059e2a7dd766725858946335a1326720ad538a42df2f4a6f0cf5f3f0206ceda5417d15bc0ad753c7b41638fbd2f42e07ecc6c9160ee19258fec16ae37bfd49a490f52aaddc06694eb7b0890fee27186a652392581037759c434befecffae828df56e310b96e067f7d8292a486ed41dbbd67e9d8b3f98da6fff7d02d469249e688e9da12ea7a9c5f760cbb0540f9761b599d7ffa9eb822d40b7d8ac6832c0fbfca8d443c41ea339456d7290adeabe52819ad687c596af8e0f693d72f367885060a8b42a09ccb62c15af2f2af8705e42f528f9aaae00b526089df5b6e1c6c80f37514c6198a3f341460ada89be3c77973c0a507871d4d28fda642644fd77e85234cd4a7f11400a3efe8e23d61402dd58518bc0216cf901d582a701ddc76ffd0db3ae8be903f3684bc245d600ea7b9195841bf456ab47deca999a851ff582d86390d79ef777998a4e0786cdf138c0178e566c3329cf886d8287c7c8953c494546237ec5ea670bc752fce2fea8fe829c58c06972ab1e331a8d31e9f29a6425b8d725af841e24d92784564754afdfb8191a467878b95a303651d03ef2443d951a7a0177f747b5680099174516c533a3ba651db8738bee87a77340efbe5bdbb6c8e1e2a1145dafa6542e0ed3c6a8bd1d141a9c44ee96cd12eebf1319bd5fbe2def75ff0a387af059942ede2e3ebbcd912643ad80ae90d891abdc332e63c6675d729df484184626c478c0359627b7442fa3d486a6e64c863114b86f465006df725de3abdf4a9d956822aa3bb65b6437f8def84577a6555ba35139d60c03c614314e3008d5be5428a9e6db4d523cb28c679f098dd0a759e45513461432bf765b02848183e496b101260ab5eb2c3afe466eb075f3870908b98646365ff2d6fec96b60419a4d8f3eb5e596d2414812fe7d6843b0c3ec78aa2d067b808327a2482bccf1bdab4ba3169560a9850990c8023264ad84df250a4f57ecdd9cec5334f3c4e236486a7bf98f12ceff9f4b7a0a06caafc484c8614e9f9d3880c42d7bd69b11d1ab8c9939f61d3e66d8e61fdeda116f458f950fc709d2568286e4d6b6ca96ee8e8d22ec71c472bf8bdae149a5cf01b125b00428cb0bdddcc642882963191b2edc70048d3ad0e0194c6d2a679e7158872db5431ca579f89e4a9e3b38216d3d2af008064981e93f094ee4a744a095c2029bc88a3a595e2038fb29b13f73a73a2a74b9d3d6c85fc899ee8401d44808d389386ae60d4415f3aa02fb8d6cecf9f26e337c64247f601d0c21c2188c35f3c17a6af0e46d9e942a7684b0207cc658187145cbd49852d3f033b75473075118eb08335b5829ee7562aef2f3314cc226045b87aad0f3951f614b1f4fda7fdb0c2386613b06b1ed2717b23d5c21894e046e2c7386fa344c7f6378b4ccd70b722bb6532afbf20501f3505d74b8b915122307a679cf911d071ebf3a671bae29fd8c0e4aa8f3aaeb6ffda30a670f1bd108019ac88a17a2a54d18bb8420f4516be01bd63832e71c596bd19df2f80b804414fe2f7666a3a45d45207a4232796c5976dd3ace5143a596f822c1d0a52b27c5a8770d2f7529bd0e529f74e4a1cb6f57572afb59de49407abd14e609bea6f358345ed845d72c06b557d1ab6bccad2733b85121eb3d3bb1ebcad4bbb05d5ba824800c17f2b89af9ca1be2ccc45d6ffd82a978e470105f49b54fbcb84546fd78a5c6c763ed9cb4df4cb09f7698a9b8de5d77c06c631c0d9e580cadd8f791559fcd56d9d58ee6a2d544411bdcfd590f9d799c3c81c660344ad6acf69c79e4354ffebdba478344d8a74db82888b0f6f9b249ed24556c43fe9eb6174666ac17f3f8015ef140f070e16e16e4ef10720a065a95db0edc4a8d0ed003f3dca5e404e511cd428b2db7d3cf70464f891004dbde2b5f1e365d75060bb37b571776fcd9174023240dcbc95b8430176b7ae24dab9674cd84ba2822df8942881a307c4b3739e4d2707249c7c9e2c68b4bad2e3276e90e91d98cd605fb2a38bc3f407ff5fa07e558a0f58c21f3437543c509de0aa4f49048ba520ea3cb42d553283c1bc7fe1e9f6139e3a35939f43612150856a6d958d1b0be9a50ac5872c21352a43989842715cb477a2eafdf80221dc819a9fac9a9d1c5c11844307fdb1063d86b9261ad797c63d1b4bdd78244dcadba9d2a43de674c910798c28adead0285b32ac77ba42836847fe18fed1724f233c5889185ebf273d30d8277a23b77a34b4dfca14dde2b8f98aa393b5fd187332c8357556aa0dbf093f8f8de48b3d5c482499fd684cd84f34d7225dcc7349718ba8a1651de1887314daf325864bcf67f90150e75594cc7677cdf2f72b24a823e8f90c5b4ad3f8895d4ee46aa8caed63c325ce990263df72d238ff9034cb9af877ddca992a26f66515c35dbc3ed6598da7d7696da8335ccca48cfb77183cd885127f2ad20cd835d65f69c253d71a27a6ef326fb02054dccb1060f96d027c86f3819f4fe100626bb6ade2c69556bdb916bfce283ca075661ce61c1d91b0cdb69a52c56953fefc1ab0c25ecb624de26dc0a1c5a72d27141471d03687b866f4fade9b32529b361248275be44dc549beab57cfed19e7032db8bbfcabce3015e5500bbe4671ae9fa5d6b952bd52bffab842c6de0132fd1499fe0daae5e407c23215b138cbac250cd7e8fded061d78220c5d35d3ff0f0b279d20088903ee032c9562b1d648f25807f5f975d428bbb7a0fc11a96226c46a9b9925155e8501c0e8e5c2f2c8bbb6cee7bf459464b59ed7e09486d2ade9553a67bb9bf898569f1951f7195b035e858d48629aa9a5f02f7ea510d10006b686ee857f7682fd668e5ed075468f5ba90553d88ee4c6e8a92e5acdb52011b675a64f40a0e1c141bc3b89b58af50e530f6c08e7f0bf6ba88b3d07cd64fa0cccd68625d2dfe611c3619801f5ec25cee1f14a119abca2307cb9db927ded201c13c675eb337984a5dbd28738c341c1cd335088b9939ecad4180e2f11371396564945ff97c9773d9df76d092f381f050da187d3d73afa0ec81e23710cb4ac023e0c6a7724df4f5b5044ec1e1b4a945b80722b89276ae6c45e39612a6926e40f9665b5130735eaaef30077bb70b5b8704472989c1a15a9582e54ed13e64b26410b1661b81f1abf0f796c86136b4a2a06117b4f4e731bef2fafd28c7b2565205f135c5445da2215d9127798e75aa24e33bafa1311d0c27e09d4d1e2d13729bed90ab5294307b6b701b6ffe839622568ad97ef800fd0763606f6849e797a5f0e179ce5bc7d153c43bc63f7a3035544a5e90d8bf6a893fd07b6457b85b56f1b1d93140151a26b667788b2917627de0f03e1a2bb63a7764d9f303187a268ddf57d57809c5b8d282ef9bbb1f1359fe0deeeade91bb298fd94e42700fbc2d05612a6dfa6d349b5fbec4e6cdeffa5dbd700af8b9e705f05ae362876b63592b267d9f6eb2b6e8c128c5522a2c1090792404f76efceddd664b3ad0ca400b05237b529f77f4e46a495b0b414b6021338f5d51961d779d6c386c5f602bcfd7f8aff3577a75fd9118a5a76113cf8b9b3c18fa8bbc7d1355c4fac4dd01c8aad3a324f8756b3f796e1be7eac6ae7936759d2a3ba1cebb1a1c56cf72ac7fb4c656c9dbf19f7ac3a5b", 0x1000}, {&(0x7f0000001880)="bb768c122e9f4d23b7ca71796a1afa6b4ac677d7ec62532721a96616a6f0c312e52d13748ab4ac09e485e562aceebe06a47afa4a3e705bbfd1f5942f15971861b2e7172e", 0x44}, {&(0x7f0000001900)="eec22c1d68ea8bab9008647418ed64633c2e3d6c44d9fb7abfa2d86bdd7af6ea6193c3c5433774c1981d5b50b78e7ee998db3859c521cb9e64e64a3927bbcd5288bdca75a99ac31f7bf645a52a20f7bacf3919ca54e5cc3914dc6e2e2aeaa99b6db98170d42e0521d61a7cd0abc2dcd526", 0x71}, {&(0x7f0000002a00)="a9821c9fe4e44ee76614515301e99ea649c9d228d2049ab2c45cd59b311add2ab58cca5d36ea7057e2377e0f8b24f5a20540c7f8692f7dd99356c216e8546db8eee05ef7c8", 0x45}, {&(0x7f0000002a80)="8b12ead675b8eb7f080943febdb5aacfb8d765bcc1012bc9491debd18dc76e40466cdb50e964fa3b81c4f79ad0a003d5e2a8ac1c495b967e400d44be6c6118010e5a32fb013d599422f65d41c604182732291e1d25e50f673d8c2c7f8771670e1da1b8d5515c07408481122ee786706735d67393c071701603dfe2d64c76", 0x7e}, {&(0x7f0000001980)="89c1c83f410f5fc0b9475ca6c387020b5c98d858ed54f5f09ac0f2011b5f7a091f749fe6d1e8ef6e19f8b901cee8ecadda021252eaa55e3d109316", 0x3b}, {&(0x7f0000002b00)="d86a8b15681f17a1dc7a025c46590eba1044e9fc1e8e8b0788939b067f3fb5fe975e162707e7fe97a539ac1e7a2b7c993b0d4f2304efdb7ebfdd5caacbfdbf153e0ec52e8ea70dc529214a42d14fb7d8ce8b89438114a7d3f543eab480b1a3d7ce3f0445c9135d7574c2bb7104e4bd06ea171b8d168866fe24964ac3d878ef31b15f82824d903f83a22e3a385df9f55f31ce102cd5567e616edb18ae1aa3979c4749d39dbf3b4dbd7209c732ae05969a82dcb1d49578a537a58329e9eb97b81fab985695484bfd476c7a549ce8418fc50b7db6b683", 0xd5}], 0x7, 0x0, 0x0, 0x4800}, {&(0x7f0000002c80)={0x27, 0x0, 0x2, 0x6, 0x7, 0x1, "db5ed1b47c8e8ac418b77c093d4c38220353cb8b756ef6c5dcccf69e013ab7b25b226724ac1ef68f2324d95bdd90455e11af1a02d5798da4bc5227deb966de", 0x2f}, 0x60, &(0x7f0000002e00)=[{&(0x7f0000002d00)="9977ec795fcc7ffa02e0eb588a95da5184e2ecae66f4c5edef9cbc1c73f058d367a8bd93e9347e53d975dc69f2c9a29faf8f8f52ed70fdcf42f3f15a6efec59597f12319384f039f7059602f3915d80fa628d810e62918bbf0be62af592216accb374dede422f118604c461601aa037bfc4ee93b52e41d80935d09c2221eb0e6620932e005ede185685923807bfe41659459deeabb62e0a6aef1de0d8b11e97f0e440932f227138f3d7656031bde1191ed1ed94354ad398232ef14ba8680360db361514e9cafee8cb93becf5c09b8b4b3d7aad623c01e62a180187aa7f87a40c38ae60fa71fab8c92babaf2a5328fc", 0xef}], 0x1, &(0x7f00000007c0)=ANY=[@ANYBLOB="c00000000000000013010000a4000000185c38f8c6a9d5f74a30742ee0a15bf17d90a0da3ed52a89f3e233d0da4b776df2b4f2f3615dee0bac4dd3a8ffe1a619917fe3dbf03c589a6974345170d3f390f9b0a03654c83c70679c79697d01407e73eda11457cf7fc4044cc3b5ae67255ec7bde5d5cf492252b878d094be4aecf3db37bd7fc17a38a264d395f02f8c4b5ccbbe61f07111a4ad57c9da867d74245039a616e4869f7ca3de65d0b61ab8a502c88e81e937871823195bd606e0000000924aa3e8"], 0xc0, 0x4004000}, {&(0x7f0000002f00)={0x27, 0x1, 0x1, 0x4, 0x5b2f, 0x7ff, "58e57a388746a7ac65d4438b09e68992a9f502fe244375ef237e3e610393aabdd57d91b0bf702a070794641dc7ef3546a2c7f48ee3c9825de2cb2f01e57a60", 0x24}, 0x60, &(0x7f00000035c0)=[{&(0x7f0000002f80)="6673a9fa99dd2677f72dddbf6da83fd110533ae952f32d18104a2d137280c6f670c93e6bdac16b369a6a49837709cbfe77afe2218e599c331ab3e2c7942f17947cbdcc63861800d12e4c44ff4fa4a007f2ba381941c7c17db01618a6686d50dbbddd4bae9e663d54646c21", 0x6b}, {&(0x7f0000003000)="0acc987f15fe6a6ef080c4ff14aa270bce77d7e32316ce3e0807a0d8cca77ed5291649f1badbd834a9c2476e413cd44c9469901810500d349f2e690444d2252bf7739bc1d5a55616ad389b7b869383462e2677eee43f025be57639ea67190caf01cfe64f41cd6f7ae27094b064decbf167cd300a504a83a1eec70770b9c34eaea05e0bb0432f59dc5420e51ca2c865fc71729c51b037f22ec2d3557a85a0e3d51fddb22c01fff437138b88b3f8", 0xad}, {&(0x7f00000030c0)="d76f2fe95097f7", 0x7}, {&(0x7f0000003100)="0053288a0a02f73f1d30f14998c5bb328a94ec16b86efabad9594eac900c1a1955", 0x21}, {&(0x7f0000003140)="2b65e356f675d07286fa4d6d3dc4ee2a5a212e77cf2aef1874e56f2a0ca225af885c64ec4e674ef6f54f5c2e898fa295eecde055091edebf2978c69fa0c2b9bc3567b0249188cfb8555710b8e296d78764dd196a3384913ca7b977c1ad04f3e59a26ba0c680bde5583f4470e8df519670c69", 0x72}, {&(0x7f00000031c0)="155a84bff88c93064688bfdc48d24f6e0ac3a34bc8278b56e7e185f3ddc9cde9c3c9b974e818d04f58b26a89b8c9c0b5d1d127bc6a6bb8b1641d0ee9e77d836e7b326088ac8b5c8ea83c7cc15b1f559882b13d382b6da9133787a74d8d02cc478f3bf3203e35e7", 0x67}, {&(0x7f0000003240)="e1088d87d73c89f7fbed6e4a542ba204f77ee5d8497b2cff46b2940f1188fb01d552897afa82f0589ca4894f910a6c9d2133d9238181c847b3e136e630f4e64b633be55838e09c1f0efbff6bafcfc21d3abb35f9b670d66c155ebec033bb36eff5c53d003851575fd41d556f0b9955f93df5d370172e4554a81d4c7522ba96d1e36705d3a8dc68", 0x87}, {&(0x7f0000003300)="8c84f7dfd2b9896f82a3fcb3cd2279b9e69b32cfa2e674ca4a7dd32d21c572e1f303d4f6f601f7c74cbef0f3fa5b3d829b876edff5ca5eee815dbf8447a313da13ab2fc4f104f91af9d8cbf49e0d493a6240ccba79ec509387132ebaa2af65eece215d51e1723ce1d8f748efa39cc7a8282b1d6b7004f9adc091b5a60e7b485e2143620ca4626cf876b9f266a32ef1c52bf8be95d7cc90ccfeee9e9c9829cd5e5163d73e6b654f22ba6e2b42607e61ca38f6398784382e7076ae5ec46457e724660d38e6242cfad6ecefde6c3fb80c4ff84b9762", 0xd4}, {&(0x7f0000003400)="c37162453ffcaeaff49c06a75785efedc184e1dcf56e330b31b922c9e57b26b3aafcaf2038536e25bb251ba446c390f75bbf0ec1270220ac92fdec0169660adf5cae1e0b00609f1b8ac8b0dceb8efd2c761760394bb4822ae350a11c7c9a9697c4b0838125a1188be40d3af1de7e97d8603676e63bd8ee7a27a416ba64a7859e09ecff93ff850007182790e53414c907e16afa937c4521b809eaadc6aef15828fbfbbd21ca985ead606af4f152a9c157e67ea09d5b8290d24502d20a5c325bfd14d6812e83b31b74001881966377463bea9fb5e66b220a135c2de6feee34cd13a2cce4168e81dbe22f9e036463e39abbbf", 0xf1}, {&(0x7f0000003500)="04b02b0bf392db45a4431f6fab0d026474c71bf637b3f9be43a0c204fbe841573b8eba28aef6a73115b9e080f1c2140d5bd6775e8ca7d642715bf0e8c3d4ded5d3a1ba1bb6d89c5b01d43aaadb5b97a567f9089f3fbb8efd57b03829271917e318c270360c30e886700fa6c5ed213b5460719c0ce2ff01a6102816f08fd4b984f49954e76c340159b013991568bcc73c498f1841fd4fb3280d9a37600e0e8b90fb46cca87ac0ffc3c3b4d6fb3ed22ce8cdc09e0b939afded81bda5f350ef", 0xbe}], 0xa, &(0x7f0000003680)={0xe8, 0x10e, 0x1ff, "4873204668dc6022a225a3ac58ad01ce4d3754170eaf4c2222c165af62584e51dd6397ce71b3e3a00ed26f012b4f4450d0a709f57ac42c06321ea28b58ca20cfd3e89368806873aabfa75451b31ea7b0e782dba383bc57da6a49e8fcdff17cd8778f95c7e730f5d727e4f60c470a09542445d0137d82399e36f5c056e0cc7bf8df2916344b8c3497061103da3ea993e7f866a4b2488683d439c1ab8fb3da95baa729ec997c5d221470202ba93790def5ff93877203184acfa5a73e9b21ca8c8b4ec99a8b84dabd480879a2914fa59f74a3"}, 0xe8, 0x800}, {&(0x7f0000003780)={0x27, 0x1, 0x0, 0x4, 0x3, 0x0, "553265338243c9efe43b19691c533cb80173c9de4f2d50d7a96bedcfe06921d457bc4e1739101d4d48c21312a954ec404117a2aed22229d98c3f478c631ae4", 0x3}, 0x60, &(0x7f0000003b80)=[{&(0x7f0000003800)="59aff1fe36a9f9a204b29b8ec465e07e0d7f4a1cca912ace12091dc3f63b91ec5724bd7ad90ce496b225b1400bf6de49007e7555f41eb279357dcd9c18e23b4023f346f93d2138e79cf79411bb7a19255f5a44305f939ae8ecf24f3d5fa3f9a4de1fe2ecb357a474a717bc4d9eca7074a54df67a58bfa2122ef0b7ecdd3d1e16d2da4d49be76f0569b805eeec12d314f14dd93257c73129e7861577c7764be513eed5079da1e7fec08cd32836cebef7f62f89265cb9ccc30d59f45580093f2191bc9e1eb5517a024adaa93d6d08f25c8f08a4b417f0ce21171866763", 0xdc}, {&(0x7f0000003900)="9985d9031b0069f6d2dd9c9306de2f7a0e6c0171d0ad4a0962faccd113e97b7b9dead95002fc635e58b671eb96c5ce355661d94730af", 0x36}, {&(0x7f0000003940)="f9e9eabd61b054b801107afee21b653eb27137ee6a3f661cde3e4405268cc71160fca56172d362cc5b8e", 0x2a}, {&(0x7f0000003980)="ccc73357b681ebe9616eaaea513c6b733796cae42b2d6260239a43d91da57d297b1404472703685566fafd06f84a57fdc793d4353248f7636e97b7e8b26c5497cacef1e75469f95ee68f13c2332b5edce4a26d044603d31eb9", 0x59}, {&(0x7f0000003a00)="b7ed882fe0598c05a58a47ea0595ee828967998fe781387241c232358e5006bd2d967e333c", 0x25}, {&(0x7f0000003a40)="0cf48966ad32c25ac920be9b50aba8d7eae89f1227c5f4627c78cdc1eaba16d79049a76e954c43b06cabd82bd47ea38fa4fa67faa926f7528df44f09a7b603435261c71f2762616fcf63aee0", 0x4c}, {&(0x7f0000003ac0)="ff55ae66cfade9d61e190897243a9cf3b14d03e0e2fb5db49cb1dda58fab7b67cec38486120a2d8505a350836926015718cfe0b452a214471044f68ca6e8cdf3e52fe1179db949ef198b3071c6abeb5d726e3fc3872fe0feefe8ff23582a25c74645a62e16390c86185c358ff24f6f1578a09fb9cce46da8a37a8d9631b3ebc9ecbeeda4618ae6c6faff714e03571ea4d621c4a6ece3fb682f75773edd4de37411b9209f8e77393943f5927b2d46b972d4358f17b5", 0xb5}], 0x7, &(0x7f0000003c00)={0x20, 0x11f, 0x7, "ae07b756651ea098e7379076"}, 0x20, 0x800}], 0x6, 0x0) 23:39:31 executing program 1: r0 = socket(0x1e, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:31 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x2, 0x8000) 23:39:31 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYPTR=&(0x7f0000000040)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="6841abd52cb904"], @ANYRES16=r0], 0xa) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 23:39:31 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = getpgrp(0x0) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140)='tls\x00', 0x4) sched_getscheduler(r2) sendto$ipx(r0, &(0x7f0000000000)="23cc61b7e675354f94b0c5128adf166a88614c08a57904e19b617289e044695b5e6cd0b9534be82abf0123aea4a4f4eab86b7cf60f52444ef0a4c205482354f3ff46d5e5b09fc325572b97cc65c6e01de1c4782107874066b7fd44c09b54d3e379b017763b863ce0f2c1f0c78692bcf83c824c9f68579cc668825f63b3fdb6f412729bda9d07523abac499bd4c43c26dd170e393c4cc4dd7d3425d3b029dd02135a9541acfd99605696e37cf07802dcb75a5391e61e6b8f28ceedd44e132a7e1629edcaecbeb0e46c99deab48b", 0xcd, 0x0, &(0x7f0000000100)={0x4, 0x80000001, 0x8, "eaf2ce903d83", 0xcef7}, 0x10) fcntl$setpipe(r1, 0x407, 0x8001691) 23:39:31 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000540)={r2, 0x3}, &(0x7f0000000640)=0x8) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:31 executing program 2 (fault-call:5 fault-nth:31): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:31 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) ioctl$BLKTRACESTART(r3, 0x1274, 0x0) 23:39:31 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) getgroups(0x4, &(0x7f0000000000)=[0xffffffffffffffff, 0x0, 0x0, 0x0]) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IPT_SO_GET_REVISION_MATCH(r3, 0x0, 0x42, &(0x7f00000002c0)={'IDLETIMER\x00'}, &(0x7f0000000140)=0xfffffffffffffe77) setgid(r2) fcntl$getownex(r3, 0x10, &(0x7f0000000180)) openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x100, 0x0) [ 244.509995] FAULT_INJECTION: forcing a failure. [ 244.509995] name failslab, interval 1, probability 0, space 0, times 0 [ 244.521529] CPU: 0 PID: 15244 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 244.528761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 244.538159] Call Trace: [ 244.540814] dump_stack+0x185/0x1d0 [ 244.544505] should_fail+0x87b/0xab0 [ 244.548281] __should_failslab+0x278/0x2a0 [ 244.552595] should_failslab+0x29/0x70 [ 244.556625] __kmalloc_node_track_caller+0x24b/0x11b0 [ 244.561869] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 244.567302] ? alloc_skb_with_frags+0x1e6/0xb80 [ 244.572063] __alloc_skb+0x2cb/0x9e0 [ 244.575831] ? alloc_skb_with_frags+0x1e6/0xb80 [ 244.580564] alloc_skb_with_frags+0x1e6/0xb80 [ 244.585129] ? kmsan_set_origin_inline+0x6b/0x120 [ 244.590114] ? __msan_poison_alloca+0x15c/0x1d0 [ 244.594863] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 244.599693] ? packet_sendmsg+0x6594/0x8ad0 [ 244.604090] sock_alloc_send_pskb+0xb56/0x11a0 [ 244.608779] ? kmsan_set_origin+0x9e/0x160 [ 244.613115] packet_sendmsg+0x6594/0x8ad0 [ 244.617359] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 244.622894] ? rw_copy_check_uvector+0x643/0x6c0 [ 244.627712] ? __msan_poison_alloca+0x15c/0x1d0 [ 244.632468] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 244.637996] ? import_iovec+0x3c7/0x600 [ 244.642040] ? copy_msghdr_from_user+0x72c/0x830 [ 244.646899] ? compat_packet_setsockopt+0x360/0x360 [ 244.651974] ___sys_sendmsg+0xec8/0x1320 [ 244.656123] ? kmsan_set_origin_inline+0x6b/0x120 [ 244.661041] ? __msan_poison_alloca+0x15c/0x1d0 [ 244.665793] ? _cond_resched+0x3c/0xd0 [ 244.669771] ? rcu_all_qs+0x32/0x1f0 [ 244.673567] ? _cond_resched+0x3c/0xd0 [ 244.677546] ? rcu_all_qs+0x32/0x1f0 [ 244.681324] ? __sys_sendmmsg+0x61d/0x850 [ 244.685550] __sys_sendmmsg+0x490/0x850 [ 244.689601] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 244.695067] __x64_sys_sendmmsg+0x11c/0x170 [ 244.699451] ? __sys_sendmmsg+0x850/0x850 [ 244.703650] do_syscall_64+0x15b/0x230 23:39:31 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000100)) 23:39:31 executing program 7: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='limits\x00') ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$KDDELIO(r0, 0x4b35, 0xfff) 23:39:31 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000000)=""/55, 0x37}, {&(0x7f00000000c0)=""/79, 0x4f}], 0x2) setitimer(0x0, &(0x7f0000000140)={{}, {0x77359400}}, 0x0) 23:39:31 executing program 1: r0 = socket(0x1e, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 244.707633] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 244.712873] RIP: 0033:0x455a09 [ 244.716125] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 244.723880] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 244.731195] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 244.738511] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 244.745826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 244.753166] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000001f 23:39:31 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r1, &(0x7f0000001780)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001740)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r1, &(0x7f00000017c0)=@bind_ip={0x2, 0x28, 0xfa00, {0x0, {0xa, 0xfc, 0x0, @loopback={0x0, 0x1}}, r2}}, 0x30) write$rdma_cm(r1, &(0x7f0000000000)=@listen={0x7, 0x8, 0xfa00, {r2}}, 0x10) write$fuse(r0, &(0x7f0000000000)={0x28, 0x1, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:31 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) read(r1, &(0x7f0000fb6000)=""/28, 0xfffffd74) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:31 executing program 1: r0 = socket(0x1e, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:31 executing program 2 (fault-call:5 fault-nth:32): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:31 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) ioctl$BLKTRACESTART(r3, 0x1274, 0x0) 23:39:31 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000000c0)={'broute\x00', 0x0, 0x4, 0x1c, [], 0x5, &(0x7f0000000000)=[{}, {}, {}, {}, {}], &(0x7f0000000080)=""/28}, &(0x7f0000000140)=0x43) write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="73797a310c0266a615d55444cf97c4b01b4b74ced89df5b1c982abee1833c343a3bc526659ce15ab345d4f5869a06b414714a7cdab6a7a6770c04db974e2be77d07e395511ad77418ec2f0c7a5bdc4efb97fd2726e613d2255f4411374f66a50d99b4aea2427fc283cee761910ac4e0b366ef0dc7f8bc9157357085737137efd527f6a369d522fa54450854dcf71e9a6f8f96f625fd8915a6d168101878044fee913b1d430a9da79ba274af9dcd834aedb1517b3e1613950218661323cf6f221b5b0a01d461e71913caba95934b2151a91ecea714a5fd2ca309a53e6efc891573023326bd38e681cac71e50046b055f909a57b98b40d9386"], 0x96) [ 245.101889] FAULT_INJECTION: forcing a failure. [ 245.101889] name failslab, interval 1, probability 0, space 0, times 0 [ 245.113417] CPU: 1 PID: 15290 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 245.120654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.130050] Call Trace: [ 245.132710] dump_stack+0x185/0x1d0 [ 245.136429] should_fail+0x87b/0xab0 [ 245.140227] __should_failslab+0x278/0x2a0 [ 245.144539] should_failslab+0x29/0x70 [ 245.148503] kmem_cache_alloc_node+0x157/0xc80 [ 245.153160] ? validate_xmit_skb+0xfea/0x1320 [ 245.157721] ? __alloc_skb+0x202/0x9e0 [ 245.161696] __alloc_skb+0x202/0x9e0 [ 245.165480] alloc_skb_with_frags+0x1e6/0xb80 [ 245.170033] ? kmsan_set_origin_inline+0x6b/0x120 [ 245.174974] ? __msan_poison_alloca+0x15c/0x1d0 [ 245.179746] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 245.184582] ? packet_sendmsg+0x6594/0x8ad0 [ 245.188981] sock_alloc_send_pskb+0xb56/0x11a0 [ 245.193654] ? kmsan_set_origin+0x9e/0x160 [ 245.197951] packet_sendmsg+0x6594/0x8ad0 [ 245.202182] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 245.207687] ? rw_copy_check_uvector+0x643/0x6c0 [ 245.212493] ? __msan_poison_alloca+0x15c/0x1d0 [ 245.217415] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 245.222946] ? import_iovec+0x3c7/0x600 [ 245.226996] ? copy_msghdr_from_user+0x72c/0x830 [ 245.231868] ? compat_packet_setsockopt+0x360/0x360 [ 245.236979] ___sys_sendmsg+0xec8/0x1320 [ 245.241127] ? kmsan_set_origin_inline+0x6b/0x120 [ 245.246046] ? __msan_poison_alloca+0x15c/0x1d0 [ 245.250810] ? _cond_resched+0x3c/0xd0 [ 245.254796] ? rcu_all_qs+0x32/0x1f0 [ 245.258599] ? _cond_resched+0x3c/0xd0 [ 245.262581] ? rcu_all_qs+0x32/0x1f0 [ 245.266368] ? __sys_sendmmsg+0x61d/0x850 [ 245.270591] __sys_sendmmsg+0x490/0x850 [ 245.274645] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 245.279655] ? syscall_return_slowpath+0xe9/0x710 [ 245.284602] __x64_sys_sendmmsg+0x11c/0x170 [ 245.288984] ? __sys_sendmmsg+0x850/0x850 [ 245.293188] do_syscall_64+0x15b/0x230 [ 245.297141] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 245.302371] RIP: 0033:0x455a09 [ 245.305593] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 245.313358] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 245.320676] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 245.328004] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 245.335324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 245.342639] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000020 23:39:32 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="02110700000000000000000000001211"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:32 executing program 7: write$fuse(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="13feee4a78f9000004020000000000000900"], 0xffffffffffffff4a) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000040)={0xffffffffffffffff}) getsockname$inet(r0, &(0x7f0000000080)={0x0, 0x0, @multicast2}, &(0x7f00000000c0)=0x10) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0xffffffffffffff9c, 0x3, 0x1, 0x7, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) sendto$ipx(r1, &(0x7f0000000180)="a17e1a75c9b0de662e6270fe1e73b4524ac8ebacf293cf5cc19374d92e65d13372b285a4d17569391e02c56fd749f04585723a37ba761bdc948ab79926ec831a5f9b9664d472136071b8b3beb2199b32acbf9e0bbbf9c5ee36740e4783204a54920b357f7e49ebed89d85590384903a55de20211844d328b3dac93c05ecd562e8d9e85a9bd420d6056169537a8abb0796eb9f44ba12a73c522924a768e0929618078f62f55fc0cf42f0d01881e896f78e25a3706e7d7192c613ba507960cfc7d59dcc12a8147f88d09", 0xfffffffffffffed3, 0x0, 0x0, 0x0) 23:39:32 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) accept4$unix(r1, &(0x7f00000006c0), &(0x7f0000000740)=0x6e, 0x800) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:32 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) ioctl$BLKTRACESTART(r3, 0x1274, 0x0) 23:39:32 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:32 executing program 2 (fault-call:5 fault-nth:33): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:32 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x200) 23:39:32 executing program 6: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000040)=0x0) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000280)={[], 0x5, 0x1, 0x1, 0x8, 0x0, r1}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) pipe2(&(0x7f0000000300), 0x4800) write$fuse(r0, &(0x7f0000000340)=ANY=[@ANYRES16=r0], 0x2) [ 245.521600] FAULT_INJECTION: forcing a failure. [ 245.521600] name failslab, interval 1, probability 0, space 0, times 0 [ 245.533050] CPU: 1 PID: 15309 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 245.540280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 245.549672] Call Trace: [ 245.552333] dump_stack+0x185/0x1d0 [ 245.556021] should_fail+0x87b/0xab0 [ 245.559801] __should_failslab+0x278/0x2a0 [ 245.564119] should_failslab+0x29/0x70 23:39:32 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x4) [ 245.568144] __kmalloc_node_track_caller+0x24b/0x11b0 [ 245.573386] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 245.578836] ? alloc_skb_with_frags+0x1e6/0xb80 [ 245.583651] __alloc_skb+0x2cb/0x9e0 [ 245.587421] ? alloc_skb_with_frags+0x1e6/0xb80 [ 245.592158] alloc_skb_with_frags+0x1e6/0xb80 [ 245.596705] ? kmsan_set_origin_inline+0x6b/0x120 [ 245.601601] ? __msan_poison_alloca+0x15c/0x1d0 [ 245.606349] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 245.611194] ? packet_sendmsg+0x6594/0x8ad0 [ 245.615601] sock_alloc_send_pskb+0xb56/0x11a0 23:39:32 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f00000001c0)=""/254) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 245.620292] ? kmsan_set_origin+0x9e/0x160 [ 245.624628] packet_sendmsg+0x6594/0x8ad0 [ 245.628854] ? __fsnotify_parent+0x132/0x560 [ 245.633356] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 245.638879] ? rw_copy_check_uvector+0x643/0x6c0 [ 245.643697] ? __msan_poison_alloca+0x15c/0x1d0 [ 245.648459] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 245.653998] ? import_iovec+0x3c7/0x600 [ 245.658057] ? copy_msghdr_from_user+0x72c/0x830 [ 245.662939] ? compat_packet_setsockopt+0x360/0x360 [ 245.668052] ___sys_sendmsg+0xec8/0x1320 23:39:32 executing program 7: write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) [ 245.672203] ? kstrtoull+0x766/0x7e0 [ 245.676007] ? kmsan_set_origin_inline+0x6b/0x120 [ 245.681014] ? __msan_poison_alloca+0x15c/0x1d0 [ 245.685774] ? _cond_resched+0x3c/0xd0 [ 245.689755] ? rcu_all_qs+0x32/0x1f0 [ 245.693549] ? _cond_resched+0x3c/0xd0 [ 245.697519] ? rcu_all_qs+0x32/0x1f0 [ 245.701294] ? __sys_sendmmsg+0x61d/0x850 [ 245.705519] __sys_sendmmsg+0x490/0x850 [ 245.709580] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 245.714603] ? syscall_return_slowpath+0xe9/0x710 [ 245.719550] __x64_sys_sendmmsg+0x11c/0x170 [ 245.723937] ? __sys_sendmmsg+0x850/0x850 [ 245.728143] do_syscall_64+0x15b/0x230 [ 245.732093] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 245.737325] RIP: 0033:0x455a09 [ 245.740548] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 245.748311] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 245.755626] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 245.762941] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:32 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) r4 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r4, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 245.770257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 245.777568] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000021 23:39:32 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:32 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) ioctl$BLKTRACESTART(r3, 0x1274, 0x0) 23:39:32 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) 23:39:32 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000040)={0x6}) 23:39:33 executing program 2 (fault-call:5 fault-nth:34): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:33 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000040)={'bridge_slave_1\x00', 0x10000}) write$fuse(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="28000000060000000000000000000000000000020000000000000000004000000000000000000000dca01e85ee98af3e9d872686d0fe40b6ee15eb4e45772c5b6179e31e55b0dd53d4d96b2ccfcf1ad5b2d470b3b4b37de9180c806165c5cf5bbe7454c9d1d6a526d31f1c6b17dc0d6225f957fc26aed2007c10f38dbac5a52bcc9775ed8c4120f6a0a8d9eaac49f6de42affa91520d7ca4eb3f6d966bb54e532b799782d808cb6775ae2d6cc1510208c108b980d33d9df77b2fcc38"], 0x28) setsockopt$inet_buf(r0, 0x0, 0x3f, &(0x7f00000000c0)="603b3f8f67fb1362c727c623003571b1e71bd4cb09d87b89d19b7444151de698b10b4399e95dcf06cf8d64b839b3d226ec116e23547cfe7e41cd5bfbc6170663662d399846d5f437a7e8e9af59bff7c6cbf221909d1bd7d99ed1bdea1ee41291806a85ee7a35017d05ad4200072b176afcb3cc1b6274e41c84f523e2640b3170337c74922ed5507e7eb8ab406cf80bde01a23544247de1ad51bd859c38e4355b765d79d06436cd90efa2f5646792c588c38b3640f824540d6cf8e32a59482a18711ae5000f417781dbd7", 0xca) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xb7b7, 0x440000) 23:39:33 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:33 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:33 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) 23:39:33 executing program 5: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, @multicast2}, &(0x7f0000000040)=0x10) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000080)={0x753c5f6, 0x4, 0x7, 0x9, 0x2, [{0x8, 0x1, 0x7ef7, 0x0, 0x0, 0x1002}, {0xfff, 0x401, 0x5, 0x0, 0x0, 0x1800}]}) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) pread64(r0, &(0x7f0000000140)=""/18, 0x12, 0x0) 23:39:33 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x4, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:33 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="02110100020000faff02000000000000"], 0x10}, 0x1}, 0x1) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xfffffffffffffe2d}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 246.531213] FAULT_INJECTION: forcing a failure. [ 246.531213] name failslab, interval 1, probability 0, space 0, times 0 [ 246.542725] CPU: 1 PID: 15376 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 246.549951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.559344] Call Trace: [ 246.561991] dump_stack+0x185/0x1d0 [ 246.565686] should_fail+0x87b/0xab0 [ 246.569484] __should_failslab+0x278/0x2a0 [ 246.573792] should_failslab+0x29/0x70 [ 246.577760] kmem_cache_alloc_node+0x157/0xc80 [ 246.582425] ? validate_xmit_skb+0xfea/0x1320 [ 246.586990] ? __alloc_skb+0x202/0x9e0 [ 246.590948] __alloc_skb+0x202/0x9e0 [ 246.594723] alloc_skb_with_frags+0x1e6/0xb80 [ 246.599291] ? kmsan_set_origin_inline+0x6b/0x120 [ 246.604202] ? __msan_poison_alloca+0x15c/0x1d0 [ 246.608959] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 246.613801] ? packet_sendmsg+0x6594/0x8ad0 [ 246.618211] sock_alloc_send_pskb+0xb56/0x11a0 [ 246.622892] ? kmsan_set_origin+0x9e/0x160 [ 246.627216] packet_sendmsg+0x6594/0x8ad0 [ 246.631422] ? __fsnotify_parent+0x132/0x560 [ 246.635908] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 246.641410] ? rw_copy_check_uvector+0x643/0x6c0 [ 246.646212] ? __msan_poison_alloca+0x15c/0x1d0 [ 246.650969] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 246.656671] ? import_iovec+0x3c7/0x600 [ 246.660721] ? copy_msghdr_from_user+0x72c/0x830 [ 246.665556] ? compat_packet_setsockopt+0x360/0x360 [ 246.670639] ___sys_sendmsg+0xec8/0x1320 [ 246.674800] ? kmsan_set_origin_inline+0x6b/0x120 [ 246.679721] ? __msan_poison_alloca+0x15c/0x1d0 [ 246.684569] ? _cond_resched+0x3c/0xd0 [ 246.688540] ? rcu_all_qs+0x32/0x1f0 [ 246.692327] ? _cond_resched+0x3c/0xd0 [ 246.696297] ? rcu_all_qs+0x32/0x1f0 [ 246.700069] ? __sys_sendmmsg+0x61d/0x850 [ 246.704284] __sys_sendmmsg+0x490/0x850 [ 246.708330] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 246.713327] ? syscall_return_slowpath+0xe9/0x710 [ 246.718262] __x64_sys_sendmmsg+0x11c/0x170 [ 246.722642] ? __sys_sendmmsg+0x850/0x850 [ 246.726852] do_syscall_64+0x15b/0x230 [ 246.730808] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 246.736133] RIP: 0033:0x455a09 [ 246.739357] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 246.747127] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 246.754442] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 246.761761] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 246.769082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:33 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) 23:39:33 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0xb8986fd69ad48d03, 0x0) write$fuse(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="280000000600000000000000000000000000000000fbff00000000b3547100000000000000000000000000"], 0x28) fanotify_mark(r0, 0x80, 0x40020001, r0, &(0x7f0000000000)='./file0\x00') 23:39:33 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:33 executing program 5: pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0xfffffffffffffffc) fcntl$setpipe(r0, 0x407, 0x0) 23:39:33 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$SG_NEXT_CMD_LEN(r0, 0x2283, &(0x7f0000000040)=0x31) 23:39:33 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 246.776400] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000022 23:39:33 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000000)={'nat\x00'}, &(0x7f0000000080)=0x78) fcntl$setpipe(r1, 0x407, 0x0) 23:39:33 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:34 executing program 2 (fault-call:5 fault-nth:35): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:34 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f0000000000)=0x3) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0x8001, 0x3ff}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={r1, @in6={{0xa, 0x4e24, 0x7c8, @remote={0xfe, 0x80, [], 0xbb}, 0x3}}}, 0x84) 23:39:34 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) fcntl$setstatus(r0, 0x4, 0x44400) 23:39:34 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:34 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:34 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0211000002000000000000ff87c40000"], 0x10}, 0x1}, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 247.149372] FAULT_INJECTION: forcing a failure. [ 247.149372] name failslab, interval 1, probability 0, space 0, times 0 [ 247.160754] CPU: 1 PID: 15420 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 247.167992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.177385] Call Trace: [ 247.180036] dump_stack+0x185/0x1d0 [ 247.183725] should_fail+0x87b/0xab0 [ 247.187505] __should_failslab+0x278/0x2a0 [ 247.191828] should_failslab+0x29/0x70 [ 247.195774] __kmalloc_node_track_caller+0x24b/0x11b0 [ 247.201039] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 247.206511] ? alloc_skb_with_frags+0x1e6/0xb80 [ 247.211295] __alloc_skb+0x2cb/0x9e0 [ 247.215074] ? alloc_skb_with_frags+0x1e6/0xb80 [ 247.219819] alloc_skb_with_frags+0x1e6/0xb80 [ 247.224410] ? kmsan_set_origin_inline+0x6b/0x120 [ 247.229328] ? __msan_poison_alloca+0x15c/0x1d0 [ 247.234081] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 247.238920] ? packet_sendmsg+0x6594/0x8ad0 [ 247.243320] sock_alloc_send_pskb+0xb56/0x11a0 [ 247.247994] ? kmsan_set_origin+0x9e/0x160 [ 247.252335] packet_sendmsg+0x6594/0x8ad0 [ 247.256542] ? __fsnotify_parent+0x132/0x560 [ 247.261026] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 247.266536] ? rw_copy_check_uvector+0x643/0x6c0 [ 247.271343] ? __msan_poison_alloca+0x15c/0x1d0 [ 247.276096] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 247.281618] ? import_iovec+0x3c7/0x600 [ 247.285656] ? copy_msghdr_from_user+0x72c/0x830 [ 247.290515] ? compat_packet_setsockopt+0x360/0x360 [ 247.295608] ___sys_sendmsg+0xec8/0x1320 23:39:34 executing program 7: r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) [ 247.299717] ? kstrtoull+0x766/0x7e0 [ 247.303509] ? kmsan_set_origin_inline+0x6b/0x120 [ 247.308422] ? __msan_poison_alloca+0x15c/0x1d0 [ 247.313172] ? _cond_resched+0x3c/0xd0 [ 247.317136] ? rcu_all_qs+0x32/0x1f0 [ 247.320924] ? _cond_resched+0x3c/0xd0 [ 247.324897] ? rcu_all_qs+0x32/0x1f0 [ 247.328667] ? __sys_sendmmsg+0x61d/0x850 [ 247.332889] __sys_sendmmsg+0x490/0x850 [ 247.336935] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 247.341929] ? syscall_return_slowpath+0xe9/0x710 [ 247.346864] __x64_sys_sendmmsg+0x11c/0x170 [ 247.351238] ? __sys_sendmmsg+0x850/0x850 [ 247.355431] do_syscall_64+0x15b/0x230 [ 247.359383] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 247.364611] RIP: 0033:0x455a09 [ 247.367835] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 247.375600] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 247.383004] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 247.390325] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 247.397672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 247.404990] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000023 23:39:34 executing program 0: sysfs$2(0x2, 0xa30e, &(0x7f0000000380)=""/231) r0 = socket$kcm(0x29, 0x7, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0211000002000000000000000000000007964d7ab24a33899fc6f592c9f1c3c80666f2d3eae997237cb533e9e4ee73df7f4a0cf2ac57d82e4a31c8f7d88fbf9a3a09871294b58c1ae0c321e25b94c14b8f46c80c9dee0dcd72004d8554d945eab47448ba6d9f87bdb160bbb1437a6cc6b77c854b8d7321f15936d37ef01b81830c60e80ef21708612e95999ca801b333"], 0x10}, 0x1}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x3}, &(0x7f0000000480)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000004c0)={r3, 0xff}, &(0x7f0000000500)=0x8) ioctl$void(r1, 0xc0045878) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000540)={0x8000, 0x8, 0x9, 0x1, 0xffff}, 0x14) ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000040)) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:34 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001}, &(0x7f00000000c0)=0x20) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:34 executing program 2 (fault-call:5 fault-nth:36): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:34 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getsockopt$sock_buf(r0, 0x1, 0x3b, &(0x7f0000000000)=""/85, &(0x7f0000000080)=0x55) fcntl$setpipe(r1, 0x407, 0x0) socket$bt_bnep(0x1f, 0x3, 0x4) 23:39:34 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$EVIOCGPROP(r0, 0x80404509, &(0x7f00000000c0)=""/92) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x100, 0x0) ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f0000000040)=0x3) 23:39:34 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x0, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:34 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) renameat2(r1, &(0x7f0000000380)='./file0\x00', r1, &(0x7f00000003c0)='./file0\x00', 0x4) r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:34 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) munlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000) [ 247.635748] FAULT_INJECTION: forcing a failure. [ 247.635748] name failslab, interval 1, probability 0, space 0, times 0 [ 247.647214] CPU: 0 PID: 15445 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 247.654441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.663926] Call Trace: [ 247.666575] dump_stack+0x185/0x1d0 [ 247.670286] should_fail+0x87b/0xab0 [ 247.674062] __should_failslab+0x278/0x2a0 [ 247.678363] should_failslab+0x29/0x70 [ 247.682327] kmem_cache_alloc_node+0x157/0xc80 [ 247.686979] ? validate_xmit_skb+0xfea/0x1320 [ 247.691542] ? __alloc_skb+0x202/0x9e0 [ 247.695516] __alloc_skb+0x202/0x9e0 [ 247.699294] alloc_skb_with_frags+0x1e6/0xb80 [ 247.703874] ? kmsan_set_origin_inline+0x6b/0x120 [ 247.708811] ? __msan_poison_alloca+0x15c/0x1d0 [ 247.713563] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 247.718430] ? packet_sendmsg+0x6594/0x8ad0 [ 247.722834] sock_alloc_send_pskb+0xb56/0x11a0 [ 247.727502] ? kmsan_set_origin+0x9e/0x160 [ 247.731823] packet_sendmsg+0x6594/0x8ad0 23:39:34 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) pwrite64(r0, &(0x7f0000000000)="8d1978ed58b99414fd68473708d613b6432d616bc8f297e6b8388c97e64c73c621bfeb3baa02428ee7a8b9f5d024c4f3dd931789259ef3611cd92f9bba6f7df44555d041ed975bfa8b223a75b3c2c8b097d8918cbc177a74631eb5cf89ac5c8553def5e67b8b9caef614271b95bf4bc28b330aed92b87d1248aac8357fb7cca11a13e92bf9fe030bdaef8a563b49a8ec51e8bf88e35331309c9e002dde166040544808ac372430c7431671bb0c5947c834459cb6099752189c2538738750af99128c69b6fd2d900442e700106d0bb8590225ef19c055dcddbf527e8781b18643", 0xe0, 0x0) 23:39:34 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) bind(r0, &(0x7f00000000c0)=@ipx={0x4, 0x0, 0x10000, "252c367e1996", 0x9}, 0x80) write$fuse(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000006000000694540c115a653a71270ba2f0000000029572c93de393b5336764445b999b1f5aa4c075c61ea90378f0f75f0651a8600240e41cc9c7bfbafc69828209ca87a52d872f0b77cff8abe698df290d9b6dfe37d4b85ddb28e306fe1571a184c8ff2ce9a61c7c52b1dc04dc4a60052914177b7f6ae5ee637f4e53a40775a75c8c9544ef559354e7ed69203ac989dfae5ec8549f37fe8d9383fd90d66f0c4297df26885ac76cee32afcaf7a128b3f1c20c88c0125433be3f83b0b9307e54c0f9416549262bcad369fb9bbc939d8f4049de9682db47568c34293bf634efe4ef497824db9ae6dd0bc732bbade5d81d5cb494337b03f43158091f780b5f8765cb09c97a94b18ba987832b8b486e1221c1bca524783d757c098d819954b03428b5d42e60cc2"], 0x18) 23:39:34 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x5, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="280000000600000000ecff001e91d81d5ce107f1000000e2ffffffffff0300000000000000000000"], 0x28) 23:39:34 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x0, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) [ 247.736056] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 247.741565] ? rw_copy_check_uvector+0x643/0x6c0 [ 247.746389] ? __msan_poison_alloca+0x15c/0x1d0 [ 247.751144] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 247.756671] ? import_iovec+0x3c7/0x600 [ 247.760712] ? copy_msghdr_from_user+0x72c/0x830 [ 247.765589] ? compat_packet_setsockopt+0x360/0x360 [ 247.770686] ___sys_sendmsg+0xec8/0x1320 [ 247.774837] ? kmsan_set_origin_inline+0x6b/0x120 [ 247.779730] ? __msan_poison_alloca+0x15c/0x1d0 [ 247.784437] ? _cond_resched+0x3c/0xd0 [ 247.788362] ? rcu_all_qs+0x32/0x1f0 [ 247.792135] ? _cond_resched+0x3c/0xd0 [ 247.796082] ? rcu_all_qs+0x32/0x1f0 [ 247.799853] ? __sys_sendmmsg+0x61d/0x850 [ 247.804057] __sys_sendmmsg+0x490/0x850 [ 247.808100] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 247.813074] ? syscall_return_slowpath+0xe9/0x710 [ 247.817991] __x64_sys_sendmmsg+0x11c/0x170 [ 247.822339] ? __sys_sendmmsg+0x850/0x850 [ 247.826508] do_syscall_64+0x15b/0x230 [ 247.830436] entry_SYSCALL_64_after_hwframe+0x44/0xa9 23:39:34 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0) r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 247.835671] RIP: 0033:0x455a09 [ 247.838889] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 247.846643] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 247.853950] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 247.861241] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 247.868694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 247.875986] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000024 23:39:35 executing program 0: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="02110000020000000000000000000000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) r2 = open(&(0x7f0000000040)='./file0\x00', 0x80080, 0x80) ioctl$KDDELIO(r2, 0x4b35, 0x45b) 23:39:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:35 executing program 2 (fault-call:5 fault-nth:37): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:35 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) fcntl$getown(r0, 0x9) 23:39:35 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x66, 0x2, 0x6}, 0x10) 23:39:35 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) r1 = dup2(r0, r0) write$fuse(r1, &(0x7f0000000000)={0x18, 0x6, 0x4, @fuse_bmap_out}, 0x18) fanotify_init(0x8, 0x8801) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000040)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) 23:39:35 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) socket$key(0xf, 0x3, 0x2) acct(&(0x7f0000000400)='./file0\x00') r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:35 executing program 5: mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x810, 0xffffffffffffffff, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) splice(0xffffffffffffffff, &(0x7f0000000000)=0x31, 0xffffffffffffffff, &(0x7f0000000040), 0x9, 0x4) [ 248.248712] FAULT_INJECTION: forcing a failure. [ 248.248712] name failslab, interval 1, probability 0, space 0, times 0 [ 248.260213] CPU: 0 PID: 15498 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 248.267449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.276859] Call Trace: [ 248.279506] dump_stack+0x185/0x1d0 [ 248.283201] should_fail+0x87b/0xab0 [ 248.286987] __should_failslab+0x278/0x2a0 [ 248.291315] should_failslab+0x29/0x70 23:39:35 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000060000000035ca30000000000000000000000000"], 0x18) [ 248.295259] __kmalloc_node_track_caller+0x24b/0x11b0 [ 248.300509] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 248.305948] ? alloc_skb_with_frags+0x1e6/0xb80 [ 248.310715] __alloc_skb+0x2cb/0x9e0 [ 248.314477] ? alloc_skb_with_frags+0x1e6/0xb80 [ 248.319204] alloc_skb_with_frags+0x1e6/0xb80 [ 248.323770] ? kmsan_set_origin_inline+0x6b/0x120 [ 248.328682] ? __msan_poison_alloca+0x15c/0x1d0 [ 248.333428] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 248.338266] ? packet_sendmsg+0x6594/0x8ad0 [ 248.342670] sock_alloc_send_pskb+0xb56/0x11a0 [ 248.347355] ? kmsan_set_origin+0x9e/0x160 [ 248.351763] packet_sendmsg+0x6594/0x8ad0 [ 248.356008] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 248.361520] ? rw_copy_check_uvector+0x643/0x6c0 [ 248.366340] ? __msan_poison_alloca+0x15c/0x1d0 [ 248.371109] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 248.376647] ? import_iovec+0x3c7/0x600 [ 248.380704] ? copy_msghdr_from_user+0x72c/0x830 [ 248.385536] ? compat_packet_setsockopt+0x360/0x360 [ 248.390625] ___sys_sendmsg+0xec8/0x1320 [ 248.394777] ? kmsan_set_origin_inline+0x6b/0x120 [ 248.399692] ? __msan_poison_alloca+0x15c/0x1d0 [ 248.404451] ? _cond_resched+0x3c/0xd0 [ 248.408438] ? rcu_all_qs+0x32/0x1f0 [ 248.412202] ? _cond_resched+0x3c/0xd0 [ 248.416127] ? rcu_all_qs+0x32/0x1f0 [ 248.419897] ? __sys_sendmmsg+0x61d/0x850 [ 248.424088] __sys_sendmmsg+0x490/0x850 [ 248.428200] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 248.433166] ? syscall_return_slowpath+0xe9/0x710 [ 248.438072] __x64_sys_sendmmsg+0x11c/0x170 [ 248.442429] ? __sys_sendmmsg+0x850/0x850 [ 248.446608] do_syscall_64+0x15b/0x230 [ 248.450694] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 248.455910] RIP: 0033:0x455a09 [ 248.459125] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 248.466883] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 248.474175] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 248.481451] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 248.488747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 248.496050] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000025 23:39:35 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYRES16=r0], 0xff4f) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000040)) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000000)={'veth1_to_bridge\x00'}) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_GET(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2002}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, r1, 0x201, 0x70bd26, 0x25dfdbfb, {0x3}, [@FOU_ATTR_IPPROTO={0x8, 0x3}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e23}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x7e}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8010}, 0x40) 23:39:35 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2000, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={r0, 0x1, 0x1, 0x2, &(0x7f0000000040)=[0x0, 0x0], 0x2}, 0x20) pipe2(&(0x7f00008df000), 0x0) 23:39:35 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x0, 0x66, 0x2, 0x6}, 0x10) 23:39:35 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) socket$key(0xf, 0x3, 0x2) r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:35 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) 23:39:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:35 executing program 2 (fault-call:5 fault-nth:38): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:35 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="a0cb18edc9ff050000000000000000000000000000040000"], 0x18) [ 248.740035] FAULT_INJECTION: forcing a failure. [ 248.740035] name failslab, interval 1, probability 0, space 0, times 0 [ 248.751713] CPU: 0 PID: 15534 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 248.758939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.768343] Call Trace: [ 248.770982] dump_stack+0x185/0x1d0 [ 248.774661] should_fail+0x87b/0xab0 [ 248.778437] __should_failslab+0x278/0x2a0 [ 248.782746] should_failslab+0x29/0x70 [ 248.786697] kmem_cache_alloc_node+0x157/0xc80 [ 248.791363] ? validate_xmit_skb+0xfea/0x1320 [ 248.795927] ? __alloc_skb+0x202/0x9e0 [ 248.799898] __alloc_skb+0x202/0x9e0 [ 248.803677] alloc_skb_with_frags+0x1e6/0xb80 [ 248.808239] ? kmsan_set_origin_inline+0x6b/0x120 [ 248.813145] ? __msan_poison_alloca+0x15c/0x1d0 [ 248.817896] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 248.822731] ? packet_sendmsg+0x6594/0x8ad0 [ 248.827121] sock_alloc_send_pskb+0xb56/0x11a0 [ 248.831787] ? kmsan_set_origin+0x9e/0x160 [ 248.836112] packet_sendmsg+0x6594/0x8ad0 23:39:35 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="2800000006000000000000000000000000000000000000000000f7ffffffffffffff000000000000"], 0x28) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x7, 0x7f, @loopback={0x0, 0x1}, 0xd0b8000000000}}, 0x78, 0x4, 0x10000, 0x0, 0x2b}, &(0x7f0000000000)=0x98) r2 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$update(0x2, r2, &(0x7f0000000240)="d376af7510598534a34b7360bf02fe67f69950332b919558", 0x18) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={r1, 0x20, 0x20}, &(0x7f0000000180)=0xc) syncfs(r0) 23:39:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:35 executing program 5: semget(0x0, 0x3, 0x18) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = semget(0x2, 0x3, 0x0) semctl$SEM_STAT(r1, 0x0, 0x12, &(0x7f0000000000)=""/107) semctl$IPC_RMID(r1, 0x0, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:35 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x0, 0x2, 0x6}, 0x10) 23:39:35 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) [ 248.840321] ? __fsnotify_parent+0x132/0x560 [ 248.844815] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 248.850337] ? rw_copy_check_uvector+0x643/0x6c0 [ 248.855152] ? __msan_poison_alloca+0x15c/0x1d0 [ 248.859918] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 248.865445] ? import_iovec+0x3c7/0x600 [ 248.869498] ? copy_msghdr_from_user+0x72c/0x830 [ 248.874362] ? compat_packet_setsockopt+0x360/0x360 [ 248.879471] ___sys_sendmsg+0xec8/0x1320 [ 248.883586] ? kstrtoull+0x766/0x7e0 [ 248.887393] ? kmsan_set_origin_inline+0x6b/0x120 [ 248.892326] ? __msan_poison_alloca+0x15c/0x1d0 [ 248.897078] ? _cond_resched+0x3c/0xd0 [ 248.901059] ? rcu_all_qs+0x32/0x1f0 [ 248.904850] ? _cond_resched+0x3c/0xd0 [ 248.908829] ? rcu_all_qs+0x32/0x1f0 [ 248.912611] ? __sys_sendmmsg+0x61d/0x850 [ 248.916835] __sys_sendmmsg+0x490/0x850 [ 248.920887] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 248.925889] ? syscall_return_slowpath+0xe9/0x710 [ 248.930825] __x64_sys_sendmmsg+0x11c/0x170 [ 248.935212] ? __sys_sendmmsg+0x850/0x850 [ 248.939418] do_syscall_64+0x15b/0x230 [ 248.943380] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 248.948616] RIP: 0033:0x455a09 [ 248.951832] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 248.959594] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 248.966905] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 248.974227] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 248.981549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:36 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)={0x0, 0xffffffffffffffff, 0x5, [0x4800, 0x8001, 0x1f, 0x400, 0x0]}, 0x12) r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:36 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8913, &(0x7f0000000040)='$\tp') r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 248.988873] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000026 23:39:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:36 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cuse\x00', 0x101081, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f00000000c0)=""/155, &(0x7f0000000040)=0x9b) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000006000000000000000000e8000000000000000000"], 0x18) 23:39:36 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000, 0x0, 0x0, 0x6}, 0x10) 23:39:36 executing program 2 (fault-call:5 fault-nth:39): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:36 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="32000000060000000000000000000000000000000000000000000000000000000000000000000000"], 0x28) [ 249.343858] FAULT_INJECTION: forcing a failure. [ 249.343858] name failslab, interval 1, probability 0, space 0, times 0 [ 249.355290] CPU: 1 PID: 15574 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 249.362521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.371921] Call Trace: [ 249.374573] dump_stack+0x185/0x1d0 [ 249.378262] should_fail+0x87b/0xab0 [ 249.382038] __should_failslab+0x278/0x2a0 [ 249.386364] should_failslab+0x29/0x70 [ 249.390340] __kmalloc_node_track_caller+0x24b/0x11b0 [ 249.395591] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 249.401018] ? alloc_skb_with_frags+0x1e6/0xb80 [ 249.405789] __alloc_skb+0x2cb/0x9e0 [ 249.409561] ? alloc_skb_with_frags+0x1e6/0xb80 [ 249.414293] alloc_skb_with_frags+0x1e6/0xb80 [ 249.418873] ? kmsan_set_origin_inline+0x6b/0x120 [ 249.423772] ? __msan_poison_alloca+0x15c/0x1d0 [ 249.428525] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 249.433359] ? packet_sendmsg+0x6594/0x8ad0 [ 249.437762] sock_alloc_send_pskb+0xb56/0x11a0 [ 249.442444] ? kmsan_set_origin+0x9e/0x160 [ 249.446777] packet_sendmsg+0x6594/0x8ad0 [ 249.451036] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 249.456560] ? rw_copy_check_uvector+0x643/0x6c0 [ 249.461375] ? __msan_poison_alloca+0x15c/0x1d0 [ 249.466138] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 249.471676] ? import_iovec+0x3c7/0x600 [ 249.475737] ? copy_msghdr_from_user+0x72c/0x830 [ 249.480601] ? compat_packet_setsockopt+0x360/0x360 [ 249.485715] ___sys_sendmsg+0xec8/0x1320 [ 249.489878] ? kmsan_set_origin_inline+0x6b/0x120 [ 249.494800] ? __msan_poison_alloca+0x15c/0x1d0 [ 249.499558] ? _cond_resched+0x3c/0xd0 [ 249.503541] ? rcu_all_qs+0x32/0x1f0 [ 249.507343] ? _cond_resched+0x3c/0xd0 [ 249.511295] ? rcu_all_qs+0x32/0x1f0 [ 249.515046] ? __sys_sendmmsg+0x61d/0x850 [ 249.519277] __sys_sendmmsg+0x490/0x850 [ 249.523278] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 249.528250] ? syscall_return_slowpath+0xe9/0x710 [ 249.533142] __x64_sys_sendmmsg+0x11c/0x170 [ 249.537487] ? __sys_sendmmsg+0x850/0x850 [ 249.541647] do_syscall_64+0x15b/0x230 [ 249.545553] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 249.550759] RIP: 0033:0x455a09 [ 249.553965] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 249.561688] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 249.568967] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 249.576258] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 249.583563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:36 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x1, 0x1) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f00000001c0)={0x9, 0x0, {0x0, 0x2, 0x5, 0x2, 0x3}}) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x7f, @loopback={0x0, 0x1}, 0x7}, @in6={0xa, 0x4e20, 0x1, @empty, 0x2}, @in6={0xa, 0x4e23, 0x8, @empty, 0x2}, @in={0x2, 0x4e24, @broadcast=0xffffffff}, @in={0x2, 0x4e21, @multicast2=0xe0000002}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, @in={0x2, 0x4e23}], 0x19) sendfile(r0, r2, &(0x7f0000000040), 0x8) sendmsg$inet_sctp(r1, &(0x7f0000000380)={&(0x7f0000000140)=@in6={0xa, 0x4e23, 0x6, @mcast1={0xff, 0x1, [], 0x1}, 0x6}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000240)="22ab375c64aebad84c74dacc79098d9292db48e3b76bd70a2faff340d3e6c8e752a75a3477c5e447a2a4fca1c8ef03eef638496c896c5442ac5692619426861401dffa7bcbccc74c44f218f9d5ee3b1e9f09d704510fe087096233087398278effc7a5066f7212d7ed9d6d338d73b371bc38701012d63bd0fba04e584b395b280e1cfb45122ffec9cab10bcfd935d0d08ddda66da67a7abdb8ea92a19b042ea72d4c369ad0d5fccd70b965bf0083cc5c1f88211d19498a6972848ba87990b42de3b89798a32df47917e7bf8b0e37128db725355d51ca0ec77fcd093cbf08dba9429dcdf039ccc9c820a6c0", 0xeb}, {&(0x7f0000000180)="c778e232b884fd5b77c54e43b9aaf65f4a573c0355423033d6", 0x19}], 0x2, 0x0, 0x0, 0x10}, 0x44) 23:39:36 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:36 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x1, 0x5, 0x80000001}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)=0x0) sendmsg$nl_netfilter(r0, &(0x7f0000000100)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="08008d00ac14141114008d00100000002f6465762f6375736500000008002500ac1414bb7adf2b0df9bb01090cbaff735a47da8979ed4848a7318d37e7419df02b925dcbcf0e72be6e676fdf96ee14d20fcb8dd09664eda0b429509d6bfc8cda17990dfe9a876a7ac4e2b900"], 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x40) 23:39:36 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x401, 0x20000) r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:36 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) write$evdev(r0, &(0x7f0000000100)=[{{r1, r2/1000+10000}, 0x3, 0x200}, {{}, 0x8000, 0x40840737, 0x10001}, {{}, 0x100000000, 0x4, 0x8}, {{0x77359400}, 0x8001, 0xa56, 0x5}, {{}, 0x0, 0x6, 0x80000001}, {{r3, r4/1000+30000}, 0xffff, 0x400, 0x20}, {{}, 0x8, 0x6, 0x8}, {{0x0, 0x2710}, 0x7fffffff, 0x1, 0xed}, {{0x0, 0x2710}, 0x0, 0x7, 0x16f62e6e}], 0xd8) 23:39:36 executing program 2 (fault-call:5 fault-nth:40): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:36 executing program 4: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:36 executing program 1: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) [ 249.590844] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000027 [ 249.700246] FAULT_INJECTION: forcing a failure. [ 249.700246] name failslab, interval 1, probability 0, space 0, times 0 [ 249.711678] CPU: 1 PID: 15596 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 249.718907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.728297] Call Trace: [ 249.730944] dump_stack+0x185/0x1d0 [ 249.734628] should_fail+0x87b/0xab0 [ 249.738413] __should_failslab+0x278/0x2a0 [ 249.742707] should_failslab+0x29/0x70 [ 249.746661] kmem_cache_alloc_node+0x157/0xc80 [ 249.751314] ? validate_xmit_skb+0xfea/0x1320 [ 249.755879] ? __alloc_skb+0x202/0x9e0 [ 249.759848] __alloc_skb+0x202/0x9e0 [ 249.763619] alloc_skb_with_frags+0x1e6/0xb80 [ 249.768174] ? kmsan_set_origin_inline+0x6b/0x120 [ 249.773078] ? __msan_poison_alloca+0x15c/0x1d0 [ 249.777821] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 249.782644] ? packet_sendmsg+0x6594/0x8ad0 [ 249.787039] sock_alloc_send_pskb+0xb56/0x11a0 [ 249.791709] ? kmsan_set_origin+0x9e/0x160 [ 249.796034] packet_sendmsg+0x6594/0x8ad0 [ 249.800239] ? __fsnotify_parent+0x132/0x560 [ 249.804729] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 249.810238] ? rw_copy_check_uvector+0x643/0x6c0 [ 249.815056] ? __msan_poison_alloca+0x15c/0x1d0 [ 249.819824] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 249.825349] ? import_iovec+0x3c7/0x600 [ 249.829393] ? copy_msghdr_from_user+0x72c/0x830 [ 249.834282] ? compat_packet_setsockopt+0x360/0x360 [ 249.839364] ___sys_sendmsg+0xec8/0x1320 [ 249.843487] ? kstrtoull+0x766/0x7e0 [ 249.847294] ? kmsan_set_origin_inline+0x6b/0x120 [ 249.852211] ? __msan_poison_alloca+0x15c/0x1d0 [ 249.856973] ? _cond_resched+0x3c/0xd0 [ 249.860948] ? rcu_all_qs+0x32/0x1f0 [ 249.864744] ? _cond_resched+0x3c/0xd0 [ 249.868719] ? rcu_all_qs+0x32/0x1f0 [ 249.872493] ? __sys_sendmmsg+0x61d/0x850 [ 249.876721] __sys_sendmmsg+0x490/0x850 [ 249.880769] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 249.885776] ? syscall_return_slowpath+0xe9/0x710 [ 249.890726] __x64_sys_sendmmsg+0x11c/0x170 [ 249.895107] ? __sys_sendmmsg+0x850/0x850 [ 249.899306] do_syscall_64+0x15b/0x230 [ 249.903261] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 249.908484] RIP: 0033:0x455a09 [ 249.911713] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 249.919470] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 249.926803] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 249.934132] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 249.941448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 249.948757] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000028 23:39:37 executing program 4: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:37 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000600000000000000010000000000000000000000"], 0x18) 23:39:37 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2800000006000000090000ddffffff00000000000000000000000000000000000100000000000000556805969f4d0f43378a8533f563c38c34647b68d6f1e1bba203ed47c36eda4d3b9a8b5bb585fdfe2c61a9915e9876735454c1b019b6b7430768e8eb6f88484905e93c68d981e92b809cd6f057f63b0977933f68bd511f0784a37104fee80f7c7f928a"], 0x28) 23:39:37 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000600)=@sack_info={r2, 0xffffffff, 0x1}, &(0x7f00000002c0)=0xc) r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:37 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x1) fcntl$setpipe(r0, 0x407, 0x0) 23:39:37 executing program 2 (fault-call:5 fault-nth:41): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:37 executing program 0: r0 = accept(0xffffffffffffff9c, &(0x7f0000000040)=@pptp={0x0, 0x0, {0x0, @multicast2}}, &(0x7f00000000c0)=0x80) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1d, &(0x7f00000002c0)={@loopback, 0x0}, &(0x7f0000000300)=0x14) sendmsg(r0, &(0x7f0000000900)={&(0x7f0000000340)=@ll={0x11, 0x17, r1, 0x1, 0x0, 0x6, @random="b7e7d947bb53"}, 0x80, &(0x7f0000000840)=[{&(0x7f00000003c0)="cfc6263d26c2a957e7fac352239db64e02a8fbbcd28c0b8ced73a977647ad8571ca9f7a7f81d7a4f06545cc26e3a74416104359ae0ec43c7", 0x38}, {&(0x7f0000000400)="b3aed4a818c29071d627bda7928ec15caf4a325ba23d7aa8f1d1", 0x1a}, {&(0x7f0000000440)="41ef41878ed31a163f6655c0a4941cb83e1b8df91bdf3843ca16e6f029e9b96b5a037e4cf1a79421ad282e5dfc54f0dd6a3cb5b617eaa4a45a1ccdf451b19fdc586013f71a8d2692bf4685e60af547e9ea98755148dd11079fe081f73b09447833cd9695ac632d745636ae53ece3fe2b3031d42a7e1a2c2e86b2801c07ec1bb4c98f36d6a30b3d9e2eae7ce0f0bc8c2c01c7535ec7c540f9f717e4b35fb0230fc00d7d51fe7b543ab810c250420f732315a8025bcbc8b3d1777950d72855d2c05f51599a", 0xc4}, {&(0x7f0000000540)="8ed3fd816262c86694c45a5389d0fd98bd75be6f7ce3277a94844fcf", 0x1c}, {&(0x7f0000000580)="ba0365e25caa0f1d09c3fcf00147c29be3ff8f8ac4ff", 0x16}, {&(0x7f00000005c0)="f0cbeb6afaf40e8468e6076667725bbf4c80835cfee08c5419ecb2f99208ad0b8759562a4b109bc6b50557a29f659525778214ded29fc9173fabae458aefbf7e85d2b04102e0a61b14b1bc1c68d06b4c0597a677aeb18e8432304bcff7068ec386f7fa0e21c095f9fa919e7476ad5550b68afbae99bffb1c5a97f0e6b1debcfdd68e21fe637e3e", 0x87}, {&(0x7f0000000680)="9b59cb1470156a180f7c25f6e433bd66e850d1d9e22fd262e4155bb08e462a09dc91369057307142a5f90bb7e2da613465dedd9132ce5b1da548cb68808be27d723dd19c07665b30ba3d066274a9d690043e9f62d0a4aceea8e2073d732f9a9baed567baea117ba67c895e8834066eef6f6fe8318bfbc559595ab3d8da8f7eefcc6717c294c5d0c4178d94c2e1efd2d78b83bdb56a1b577c1f0d8fe8ec5436cb7d668a51afb1a4b28076d1795265f8882340", 0xb2}, {&(0x7f0000000740)="0069cabf586e57a5eeb97dc61453c7071a6096a6427a43cfc43c5666460d5f59e3785c1e7b5be866ef391c574c478b364cc73257a2b03829afbab0d933d4698b5c9e7f3a70f556b1170cedc4efb89d0fe03cb951c66c8c3b1835553b5740b4e8e265661bb8ecd5860adb4d4a8d7a0f175fc939c8aacd00f325df8f071ae33116124f6c7a871d2cd84e7786c461d934144086ba3f1cd179fd3daa09fcaaa1c4831c236d484c6e0695994a4de1cea26d4ddfb195697ad4e3cf91d2f660dba7cc7f9f9d712bca8b496c058604e943a927f9f3dc3ed5cd7c6f5bda365a47a29edf90136bee", 0xe3}], 0x8, &(0x7f00000008c0), 0x0, 0x4010}, 0x20000000) r2 = socket$kcm(0x29, 0x5, 0x0) ioctl(r2, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 250.086931] FAULT_INJECTION: forcing a failure. [ 250.086931] name failslab, interval 1, probability 0, space 0, times 0 [ 250.098438] CPU: 0 PID: 15618 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 250.105667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.115071] Call Trace: [ 250.117726] dump_stack+0x185/0x1d0 [ 250.121415] should_fail+0x87b/0xab0 [ 250.125199] __should_failslab+0x278/0x2a0 [ 250.129516] should_failslab+0x29/0x70 23:39:37 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000000)={0xd8fa, 0x6, 0x1000}) 23:39:37 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x28000, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2800b575df001139c8ed4cb8bdd44f640000260000000000000000000000151d6d0f26c0234d000000000000b8ba497fd7d3a83851709ee7534120ef9afe4625c5c86894d3ec48d08a9513c66012512983bfc9f5c3ca0432339b2cc6f09605de00000000000000000000000000000000000059041cd36dc4e1bf08c8dcf8aa66f99a20dce3d20ba7aedde9d985c636062d7a6947ef0770c0e0b310b8a074cfcbca5b1e37a1f833d90052a6"], 0x28) [ 250.133499] __kmalloc_node_track_caller+0x24b/0x11b0 [ 250.138767] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 250.144212] ? alloc_skb_with_frags+0x1e6/0xb80 [ 250.148993] __alloc_skb+0x2cb/0x9e0 [ 250.152936] ? alloc_skb_with_frags+0x1e6/0xb80 [ 250.157679] alloc_skb_with_frags+0x1e6/0xb80 [ 250.162248] ? kmsan_set_origin_inline+0x6b/0x120 [ 250.167167] ? __msan_poison_alloca+0x15c/0x1d0 [ 250.171923] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 250.176763] ? packet_sendmsg+0x6594/0x8ad0 [ 250.181176] sock_alloc_send_pskb+0xb56/0x11a0 [ 250.185861] ? kmsan_set_origin+0x9e/0x160 [ 250.190189] packet_sendmsg+0x6594/0x8ad0 [ 250.194432] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 250.199969] ? rw_copy_check_uvector+0x643/0x6c0 [ 250.204786] ? __msan_poison_alloca+0x15c/0x1d0 [ 250.209547] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 250.215086] ? import_iovec+0x3c7/0x600 [ 250.220249] ? copy_msghdr_from_user+0x72c/0x830 [ 250.225142] ? compat_packet_setsockopt+0x360/0x360 [ 250.230244] ___sys_sendmsg+0xec8/0x1320 [ 250.234418] ? kmsan_set_origin_inline+0x6b/0x120 [ 250.239345] ? __msan_poison_alloca+0x15c/0x1d0 [ 250.244101] ? _cond_resched+0x3c/0xd0 [ 250.248075] ? rcu_all_qs+0x32/0x1f0 [ 250.251870] ? _cond_resched+0x3c/0xd0 [ 250.255843] ? rcu_all_qs+0x32/0x1f0 [ 250.259616] ? __sys_sendmmsg+0x61d/0x850 [ 250.263831] __sys_sendmmsg+0x490/0x850 [ 250.267874] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 250.272866] ? syscall_return_slowpath+0xe9/0x710 [ 250.277798] __x64_sys_sendmmsg+0x11c/0x170 [ 250.282168] ? __sys_sendmmsg+0x850/0x850 23:39:37 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socket$inet_sctp(0x2, 0x0, 0x84) ioctl$SG_SET_COMMAND_Q(r0, 0x2271, &(0x7f0000000000)=0x1) accept4(r1, 0x0, &(0x7f0000000040), 0x80800) fcntl$setpipe(r1, 0x407, 0x0) 23:39:37 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000580)={0x0, 0x2}, &(0x7f00000005c0)=0x8) r2 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:37 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@remote, @remote, 0x0}, &(0x7f0000000200)=0xc) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000240)={r1, 0x1, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="280007000602040000ffff005a02bfd6b5ccca4177114d4f00800000003b000000000000003a29cf16da9ab3b6369460ee61874bcbf839e54b17144fe54567a6b9df7d7d4155f3ff668b17bc2a3f445ea56b97b0d75442ab6cfa466b12ff8d8a438dd4b5e70cde2797ba2b782d0774a0384ad680c0170718da7241cfefee650ca8286eea064a982d0a3d5565619bfc57a440efe568be73c440c3e9d1a04056108958277de3f52df241d22e1b18f3c73e9435d2dcde1431de332820e3db2faf496617b9244d0606c9e7d4987710cf5c65a0dc6628ccc5ae65a69d377d699cd6ee1f45dec52bb0dd1e1b740f765ad74ed5b8f7e7fccc27649a24a6187d129ca90468a1e4ac7be4ebdeb147f634fb2e0b8abed4f811550bfe5d89a34bc41882fd82dbb32518"], 0x28) [ 250.286363] do_syscall_64+0x15b/0x230 [ 250.290363] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 250.295589] RIP: 0033:0x455a09 [ 250.298805] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 250.306568] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 250.313878] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 250.321189] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 250.328503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 250.335816] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000029 23:39:37 executing program 4: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:37 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="180000deefffff0000"], 0x18) 23:39:37 executing program 2 (fault-call:5 fault-nth:42): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:37 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0047173007d82c9924097024face93d91f4705c6a0246920fbee069d77f31e738ebb49709f67899c7c559e17c7b1a2516191ad7438de49a43c6dad75d1b5a2c5dda2d75ac8f24452090945d993e3584f8baeccfc49c57570b630d674ce208115024f4ec8f57b2f4c987234428dcf5ec18b02086f6ce2334906f874a884532e6bfec22f9a86148e") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="020100000000e2010000000000000000"], 0x10}, 0x1}, 0x0) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000100)={0x40, 0x83, 0x2, 0x9, 0x0, 0x2, 0x8001, 0x2, 0x65ad, 0x8001}) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000002c0)={r0}) r3 = geteuid() sendmsg$nl_generic(r2, &(0x7f0000000b00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1020000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000380)={0x71c, 0x1b, 0x20, 0x70bd29, 0x25dfdbfe, {0xb}, [@typed={0x8, 0x18, @ipv4=@multicast1=0xe0000001}, @generic="2030c02a62dfed0d1ee4ea31c0471d2810d07093978945880bd0027f464eafbefe93f6fdba7538eb416e70a7f3b6aef8f560ec3a3c5dee6504040645d734a93899901457cd8bfdb04ce659aa958abf31e559c52193beded77af1e2fbe29d7b39f80ef40f19b67ceb9d76ebcbe8cff9c22fc1d652576b4f8a8f23b5ed564d2d90c9b4e50a5e989affa2f46a99f86fc616a13fb041b6db18b67abd467ec8aa51a5c2f6b622284a731c8a683451af92a3cd", @nested={0xbc, 0x1f, [@generic="9796229af1b85e6e48f7570a65b7e9176a33d3acdbd3dac49a53a102782e366183e7b2ae096c34a770704dac7d7503e1f2129381ab7c9c3a93d02b04b18f454958cbfc818a2c1b06c3fd74187ba8fe40dc0a8bd0449f878f41697aadd1cb2fc8521532046ef799c3958d651c1fa752d5c8206bb8d0b9ec9a9474ae93ab7afcb8e1475b404a754afe0401eeff3fc695b17a7db57d4d75063e8929832ec28deebeb47388ce113aee9f9fb477172e6328bede44a813eb"]}, @generic="68de3a3892ededc5b4c064fe455aa2f519e026c91116912b255a38817797c1288e8eb2c705fd642304200cfdd395379c22585cfe67e73d76353f51ca2cc56885100194ad7912009eec3e84fd75ebe063cd1006b93dcbf031ea8fd1b0f7960ed4247e90de46e37c5b7c55fc2a5e11057a41eacf5316f1ad0ce6f6fd6d8add5e46e094205e8d949ada251e59fa3b1544be75ee977afe95aede2f48b2b83557b18f41a9f5e3b4240b9c7a3e997cdd66cc8c51924c3f695e6b48e92d283f5c6e9a8a71a499ae56744ff863c3c7fe106025c3d1bce7670b78636cda2c7641b9b359b760b08e70", @typed={0xc, 0x69, @u64=0x10001}, @nested={0x234, 0x6a, [@generic="e1ab823628faff22fe65a8052df466117fe6279edd162679015e94b86a6e5cf3a647dc3277ce8cce151cd6035903711a07ab19f61a8b6214ec570eb98fe03de22d5a5830e136347959c93859d3ba8ac33ab9789fc67d804bf0fecb87bb37462c37c232bb386091496081dd8838bd6179ab7c1832bd1890813b4d1653eb1b13cc9dc146301d0286ced4382cd59147a2308193816e2b073de9f5c8ec89b7c22625565842f4f1cf1909154b467451e3a37193c6fa8798b45a9b9d3b75d04eeb7550b82b67e0f295c46da0bfef2f9cdc32ac90160afbbf5117235a56420af64473", @generic="b993fcc199f750c1bc37d6ae006ed4b91cb5d5c80a1864e892c5aba0e905250d779a1b16e85c7c6fca36b100ffa879a540109c4519a675d42ec971e5c41ffd197a9b4c71c1a176b940dc14aab9d23ea54bde20760e5264c79654b8d751e7214634427a484ef003aa0c82415ef178d0cdf90da7f86597a218a87d01e6a579ed1e2256daff106d39b5b28cebba7da1cf2cdb13e20271a7da8ca638", @generic="f83bd40aa6e5841e8ee55f523660e8efa8033ae49f8d1b6a6d0b4b6e6b265b73679906a48202d8814fe994b42a0db5381205ba2552", @generic="e4f94636d64502da3a8068ea", @generic="fb3d17f9b8cbcc78498655326c51af45abb61bada5e52d09660f0bd7f69f1c1ddeabbe347b6164f17f88bf6b10a72a77c02ea62ef005e98fe3581f64fbc6aab87d2e240163d05f287e50d2b25e0ae75b8047c7c459f75ef15c6e430317e4aa4a9b8ef66d37f1916ff62445c0ea3783b47c3904e2936c"]}, @nested={0x10, 0x35, [@typed={0x4, 0xd}, @typed={0x8, 0x75, @uid=r3}]}, @nested={0xb0, 0x8b, [@typed={0x28, 0x8, @str='trustedcgroupposix_acl_accessem0\x00'}, @generic="d087c3b18f003c32d43da354ca243247980be6f418e1169ecb1d035c6ac5d6c194c43744a44126b01fae2111a66b008324714eb51b706153e26fd438755eb28cf46d66d7ce6e93a67c86b7999ba791a8f8368b2d4ca4e7e044e6489c63895435137fef4782372dd03ae8a38c4521", @typed={0x14, 0x1b, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}]}, @nested={0x1b0, 0x19, [@generic="8d01771e19eb937b04531a6a99d1b1bbd478367b3a92519fabc92006b7f4f5d4909ded844effd636c16ef5e439782e3604eaa3bffe54e7f81cacccfbc0196a1b53c3382648abdac477a8429e9ae59307e3249bdc95ed02b542661266325ada08119bb6786463a068224e90372b1490bb3687f53edbb00a712ea2eeca0caa82c8b41aecc8348a7ec9efc1354e5a0547d78d19f583d897446d81389cb5f377593f08179cebfd6a12be3b5837dde0c1a528cc2a0ccc4467806a10f05d270041062adff4b19caf4b58612433cff90c108f28c99fb75ac140802caf37dd96dd63ad8dd78848202d3bf0a5", @generic="ca5db3a992a038d3ef470f48fa28a9f06928d4cbe75c9c1c9106545aad8329", @typed={0x10, 0x7, @str='md5sum-!#\x00'}, @generic="42974b62e4cdac9d22ff3b9fa8c47bed1cf4146c2d2a5f9adc1fb68daa0fcfa67e5fb94b52fbebc503faffabe39c210e559341a5cd43016b44bc8533f74d3b9fd45d35892ed7bf2ab8cb6580deba90490deb03b045fe6f1da5ffb15acdb6291233beee68a6d15e79fcd82c2045e3ce30f70fa7a5c95436c1fe664d5c37486a76f14f0377a0c0defb894c7c", @typed={0x8, 0x61, @fd=r0}]}]}, 0x71c}, 0x1, 0x0, 0x0, 0x1}, 0x48000) setsockopt$RDS_CONG_MONITOR(r2, 0x114, 0x6, &(0x7f0000000300)=0x1, 0x4) 23:39:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:37 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=ANY=[@ANYBLOB="7261770000000000000000000000000000000000000000000000000000000000090000000300000060030000f0000000fffffffffffffffff0000000ffffffff90020000ffffffffffffffff90020000ffffffff03000000", @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYBLOB="000000000000000000000000000000000205000000000000000000000000000000000000000000000000000000000000da058cf0c1b6ae1bfd9c3e2f7e048f47b20f6e143bd16a483b20a3f955277d65317df08b942b254e324a491f82580f089b625fdb20985bf83c3efdc31e4c7d3c4909a6"], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f00000000000000000000000000000000000000000000000000028004d41524b0000000000000000000000000000000000000000000000000002ff0f00000000000000000000000000000000ffff7f00000100000000000000000000000000000000ff000000ffffffff00000000ff0000000000000000000000000000ff0000000073797a5f74756e0000000000000000006272696467655f736c6176655f310000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000501040000000000000000000000000000003801a00100000000000000000000000000000000000000000000000048006862680000000000000000000000000000000000000000000000000000000900000002010100f9ff000007008400ffff6a00000002000010ff030700000001000100020006002800727066696c74657200000000000000000000000000000000000000000000020000000000000068004354000000000000000000000000000000000000000000000000000000020400000001ffffff02000000736e6d7000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000158d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x3c0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="280000009a6100000575000000a3827bcd52cdfbab006a5cdcde38d08219c4e6c400000000000000000000000000000100008031ca7ad0c161a767b5f7491478273fd5aa907caf0af6e496743003a7080c181751e91ab8"], 0x28) [ 250.666372] FAULT_INJECTION: forcing a failure. [ 250.666372] name failslab, interval 1, probability 0, space 0, times 0 [ 250.677902] CPU: 1 PID: 15662 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 250.685135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.694532] Call Trace: [ 250.697188] dump_stack+0x185/0x1d0 [ 250.700906] should_fail+0x87b/0xab0 [ 250.704715] __should_failslab+0x278/0x2a0 [ 250.709061] should_failslab+0x29/0x70 [ 250.713030] kmem_cache_alloc_node+0x157/0xc80 [ 250.717696] ? validate_xmit_skb+0xfea/0x1320 [ 250.722276] ? __alloc_skb+0x202/0x9e0 [ 250.726232] __alloc_skb+0x202/0x9e0 [ 250.730014] alloc_skb_with_frags+0x1e6/0xb80 [ 250.734584] ? kmsan_set_origin_inline+0x6b/0x120 [ 250.739480] ? __msan_poison_alloca+0x15c/0x1d0 [ 250.744228] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 250.749076] ? packet_sendmsg+0x6594/0x8ad0 [ 250.753497] sock_alloc_send_pskb+0xb56/0x11a0 [ 250.758181] ? kmsan_set_origin+0x9e/0x160 [ 250.762514] packet_sendmsg+0x6594/0x8ad0 [ 250.766761] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 250.772296] ? rw_copy_check_uvector+0x643/0x6c0 [ 250.777096] ? __msan_poison_alloca+0x15c/0x1d0 [ 250.781833] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 250.787356] ? import_iovec+0x3c7/0x600 [ 250.791391] ? copy_msghdr_from_user+0x72c/0x830 [ 250.796193] ? compat_packet_setsockopt+0x360/0x360 [ 250.801281] ___sys_sendmsg+0xec8/0x1320 [ 250.805382] ? kmsan_set_origin_inline+0x6b/0x120 [ 250.810261] ? __msan_poison_alloca+0x15c/0x1d0 [ 250.814987] ? _cond_resched+0x3c/0xd0 [ 250.818921] ? rcu_all_qs+0x32/0x1f0 [ 250.822683] ? _cond_resched+0x3c/0xd0 [ 250.826636] ? rcu_all_qs+0x32/0x1f0 [ 250.830391] ? __sys_sendmmsg+0x61d/0x850 [ 250.834603] __sys_sendmmsg+0x490/0x850 [ 250.838638] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 250.843638] ? syscall_return_slowpath+0xe9/0x710 [ 250.848566] __x64_sys_sendmmsg+0x11c/0x170 [ 250.852918] ? __sys_sendmmsg+0x850/0x850 [ 250.857099] do_syscall_64+0x15b/0x230 [ 250.861045] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 250.866273] RIP: 0033:0x455a09 [ 250.869491] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 250.877253] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 250.884551] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 250.891862] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 250.899158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 250.906456] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000002a 23:39:38 executing program 7: write$fuse(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400080) sendmsg$nfc_llcp(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x27, 0x1, 0x2, 0x3, 0x8, 0x8, "04bf6ec152f1858cd6df11c7a6beaaa4edda85991cb095e79653123a2ddde47af07bfc7aec1825dca35e9a381d89fdcc90b0eabcb3224ab8aa8b963f8c445d", 0x1b}, 0x60, &(0x7f0000000200)=[{&(0x7f0000000100)="c475b75452c1cf18f9986a623fef43c3b953ad2325b82f7d91521833c081221cf8ff44e026a934009af69ecd07efcbbf6f67deda08ffe47a3023a61fd00ae7a7df866afb8cc4b154700fcfaca5ad35ef8a023bad78cf39e6c4fe0f42f4e15b955a48fb7d0884d0cec34c425db6b70ca0f1dad882d5bf4d4f8c36688f0aa504aa84d22e18f44b7075e1ed64b9a304e74067b4f3b4c04a16d4ba0499c25a67d43cac77109d0f6f6bf454fd1438aa0781bd93ee87811d3249bb1265e799b222a7651f98560dbfa5c8f14e02668ed125fad84b9e286881e591db9f56f2185531222f0241ff14b2", 0xe5}], 0x1, 0x0, 0x0, 0x80}, 0x4000004) 23:39:38 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@sack_info={0x0, 0x7ff, 0x5}, &(0x7f0000000500)=0xc) r2 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:38 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f0000000040)) ioctl$TCGETA(r0, 0x5405, &(0x7f0000000080)) fcntl$setpipe(r1, 0x407, 0x0) 23:39:38 executing program 6: r0 = socket$inet_icmp(0x2, 0x2, 0x1) pwrite64(r0, &(0x7f0000000000)="cd37cae183757ee2da6b6683486ed6beebef9fe5de02b55b2e0e7fdb577379fb2e8000a02dc0f5ead8fd9f2ab3dd6c66a42790ff5ba2b10a77b00411998ba66019340e65903bfd7d496e90ed54a0f370a89797eb7bdf204be27c7f45b6", 0x5d, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:38 executing program 2 (fault-call:5 fault-nth:43): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:38 executing program 0: r0 = socket$kcm(0x29, 0x4, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) accept$ax25(r1, 0x0, &(0x7f0000000a80)) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x80, 0x0) ioctl$EVIOCGABS0(r2, 0x80184540, &(0x7f0000000940)=""/224) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="57000000000000000000000000040000"], 0x10}, 0x1}, 0x0) recvmmsg(r3, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}, 0xad}, {{&(0x7f0000000040)=@can, 0x80, &(0x7f00000008c0)=[{&(0x7f00000002c0)=""/76, 0x4c}, {&(0x7f0000000340)=""/245, 0xf5}, {&(0x7f0000000440)=""/165, 0xa5}, {&(0x7f0000000500)=""/243, 0xf3}, {&(0x7f0000000600)=""/177, 0xb1}, {&(0x7f00000006c0)=""/131, 0x83}, {&(0x7f0000000780)=""/99, 0xffffffffffffff93}, {&(0x7f0000000800)=""/159, 0x9f}], 0x8, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x77359400}) 23:39:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 251.648837] FAULT_INJECTION: forcing a failure. [ 251.648837] name failslab, interval 1, probability 0, space 0, times 0 [ 251.660385] CPU: 0 PID: 15695 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 251.667618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.677010] Call Trace: [ 251.679653] dump_stack+0x185/0x1d0 [ 251.683344] should_fail+0x87b/0xab0 [ 251.687128] __should_failslab+0x278/0x2a0 [ 251.691441] should_failslab+0x29/0x70 [ 251.695382] __kmalloc_node_track_caller+0x24b/0x11b0 [ 251.700636] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 251.706084] ? alloc_skb_with_frags+0x1e6/0xb80 [ 251.710839] __alloc_skb+0x2cb/0x9e0 [ 251.714619] ? alloc_skb_with_frags+0x1e6/0xb80 [ 251.719364] alloc_skb_with_frags+0x1e6/0xb80 [ 251.723949] ? kmsan_set_origin_inline+0x6b/0x120 [ 251.728897] ? __msan_poison_alloca+0x15c/0x1d0 [ 251.733660] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 251.738508] ? packet_sendmsg+0x6594/0x8ad0 [ 251.742927] sock_alloc_send_pskb+0xb56/0x11a0 [ 251.747631] ? kmsan_set_origin+0x9e/0x160 [ 251.751947] packet_sendmsg+0x6594/0x8ad0 [ 251.756186] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 251.761698] ? rw_copy_check_uvector+0x643/0x6c0 [ 251.766622] ? __msan_poison_alloca+0x15c/0x1d0 [ 251.771388] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 251.776914] ? import_iovec+0x3c7/0x600 [ 251.780961] ? copy_msghdr_from_user+0x72c/0x830 [ 251.785827] ? compat_packet_setsockopt+0x360/0x360 [ 251.790930] ___sys_sendmsg+0xec8/0x1320 [ 251.795084] ? kmsan_set_origin_inline+0x6b/0x120 [ 251.800000] ? __msan_poison_alloca+0x15c/0x1d0 [ 251.804805] ? _cond_resched+0x3c/0xd0 [ 251.808779] ? rcu_all_qs+0x32/0x1f0 [ 251.812576] ? _cond_resched+0x3c/0xd0 [ 251.816543] ? rcu_all_qs+0x32/0x1f0 [ 251.820325] ? __sys_sendmmsg+0x61d/0x850 [ 251.824553] __sys_sendmmsg+0x490/0x850 [ 251.828613] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 251.833622] ? syscall_return_slowpath+0xe9/0x710 [ 251.838565] __x64_sys_sendmmsg+0x11c/0x170 [ 251.842950] ? __sys_sendmmsg+0x850/0x850 23:39:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:38 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) fcntl$setpipe(r1, 0x407, 0x0) 23:39:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:38 executing program 7: pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x80000) setsockopt$inet_dccp_int(r0, 0x21, 0xb, &(0x7f00000000c0)=0x61, 0x4) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:38 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0xffffffffffffff73, 0x1, 0x0, @fuse_notify_inval_entry_out={0x3ff, 0x6}}, 0xffffffffffffff84) [ 251.847157] do_syscall_64+0x15b/0x230 [ 251.851116] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 251.856359] RIP: 0033:0x455a09 [ 251.859590] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 251.867366] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 251.874686] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 251.882002] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 251.889491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 251.896804] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000002b 23:39:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:39 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:39 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cuse\x00', 0x105501, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000080)={r0, 0x50, &(0x7f0000000100)}, 0x10) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000680000000000000000000000000000000000000"], 0x18) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="300000b31ab6afb3866ba3fa7114992a81484a9af1b6e57a547f143a2c7dbe57b505b6e8e88d5d6d9dcd5d5e05d49d181072389f66a29c67252261bd2127318c145a6dfd6822daf52c849e193c0b5d6b815b88c27125754241031ae48a10c3478f9f50e1a3379a6ec81a6069909777a1d1619c6a276655859f82b18e2732ee4864e293d373ab5da23c01e9b3d8dd129c83d5c38f3acf7954595c9413e8f4b54546c59810c5b6383283d89bef4390ceadb1bf849c0e13127b9aaaa164d7f2421e38619c6e5d06a71dd26d2d7615c50b57c76c", @ANYRES16=r1, @ANYBLOB="000325bd7000fedbdf250b000000080004007f00000008000400000000001c00020008000700180000000800050002000000080002004e24000028000100140003000000000000000000000000000000000008000200de000000080004004e20000008000400090000001c00030008000500ac1414bb0800080000000000080001000000000024000200080007007f000000080002004e22000008000b000a00000008000700f2a20000"], 0xb0}, 0x1, 0x0, 0x0, 0x10}, 0x40) 23:39:39 executing program 5: r0 = inotify_init() fanotify_init(0x4, 0x2) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x5, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f0000000140)=""/75) openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x604000, 0x0) write$evdev(r1, &(0x7f0000000080)=[{{0x77359400}, 0x7fff, 0x10000, 0x7}, {{0x77359400}, 0x5, 0xd6, 0x1}, {{r2, r3/1000+10000}, 0x29f4, 0x100, 0x101}], 0x48) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000400)={0x1, 0x1, &(0x7f0000000200)=""/85, &(0x7f0000000280)=""/205, &(0x7f0000000380)=""/99, 0x5000}) fcntl$setpipe(r0, 0x407, 0x6) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000100)={0x2, 'vlan0\x00'}, 0x18) 23:39:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:39 executing program 2 (fault-call:5 fault-nth:44): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:39 executing program 6: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffff9c) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000000)={0x0, 0x3}) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f00000000c0)={0x1, 0x1000000000000000}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f000000afdf)={0x12c93910c05dc26, 0x20000006, 0x0, @fuse_notify_poll_wakeup_out={0xffffffff}}, 0xfffffffffffffe4b) inotify_init1(0x800) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)={0x303, 0x33}, 0x4) 23:39:39 executing program 1: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:39 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x6) write$fuse(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000600000000005a890c5a6a3b5fc18df79e6a9837cf9c84c662526536139f34065cac2a93de88b3a543d4d70d0ef563aa7f042266d0063468427c5a42512528bea3ea88475886cc98d09a8fec8363e4c8a794c25476781b461aa7fb9490ad0ba6c12810c80909f3f6ee6d4a4a86b5fbd6283d69126b73d43e9f0fe52fc61cf2c79fad29cf367bcc10038a5e0871ba1c81b7b7bec41794b965c5eb11076bd6aaa3ecdea3ce67d53946e7ae39d59a0a8fa28cfc280ae3185eeb668a6970603c5414900a34bf76af4f1ebcf5c6ec9285a721068991d2223b62792ba8100b957c8e9ae185390bc536d2e7e49aa55c8d95021f57ffb21eba1259de4a57ac160e35c2250e5582fd38832f8b5ebaf7e7230a2a85384f125a598271065723e7efe8009928183a"], 0x18) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000000c0)={'mangle\x00'}, &(0x7f0000000040)=0x54) syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x200) 23:39:39 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:39 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x4b00, 0x0) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000080)={0x8, 0xfffffffffffffffa, 0x80000001, 0x100}, 0x10) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:39 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)={0x0}) ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f0000000040)={r2}) [ 252.670441] FAULT_INJECTION: forcing a failure. [ 252.670441] name failslab, interval 1, probability 0, space 0, times 0 [ 252.681902] CPU: 1 PID: 15758 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 252.689125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.698515] Call Trace: [ 252.701166] dump_stack+0x185/0x1d0 [ 252.704944] should_fail+0x87b/0xab0 [ 252.708739] __should_failslab+0x278/0x2a0 [ 252.713081] should_failslab+0x29/0x70 23:39:39 executing program 3: socket$kcm(0x29, 0x5, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 252.717042] kmem_cache_alloc_node+0x157/0xc80 [ 252.721694] ? validate_xmit_skb+0xfea/0x1320 [ 252.726259] ? __alloc_skb+0x202/0x9e0 [ 252.730241] __alloc_skb+0x202/0x9e0 [ 252.734019] alloc_skb_with_frags+0x1e6/0xb80 [ 252.738567] ? kmsan_set_origin_inline+0x6b/0x120 [ 252.743460] ? __msan_poison_alloca+0x15c/0x1d0 [ 252.748211] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 252.753066] ? packet_sendmsg+0x6594/0x8ad0 [ 252.757469] sock_alloc_send_pskb+0xb56/0x11a0 [ 252.762146] ? kmsan_set_origin+0x9e/0x160 [ 252.766443] packet_sendmsg+0x6594/0x8ad0 [ 252.770678] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 252.776190] ? rw_copy_check_uvector+0x643/0x6c0 [ 252.781017] ? __msan_poison_alloca+0x15c/0x1d0 [ 252.785767] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 252.791297] ? import_iovec+0x3c7/0x600 [ 252.795341] ? copy_msghdr_from_user+0x72c/0x830 [ 252.800188] ? compat_packet_setsockopt+0x360/0x360 [ 252.805291] ___sys_sendmsg+0xec8/0x1320 [ 252.809446] ? kmsan_set_origin_inline+0x6b/0x120 [ 252.814353] ? __msan_poison_alloca+0x15c/0x1d0 23:39:39 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) write$fuse(r0, &(0x7f0000000000)={0x30, 0x0, 0x2, @fuse_notify_retrieve_out={0x3, 0x401, 0x100000000, 0xf39}}, 0x30) 23:39:39 executing program 1: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) [ 252.819098] ? _cond_resched+0x3c/0xd0 [ 252.823068] ? rcu_all_qs+0x32/0x1f0 [ 252.826856] ? _cond_resched+0x3c/0xd0 [ 252.830824] ? rcu_all_qs+0x32/0x1f0 [ 252.834590] ? __sys_sendmmsg+0x61d/0x850 [ 252.838808] __sys_sendmmsg+0x490/0x850 [ 252.842856] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 252.847850] ? syscall_return_slowpath+0xe9/0x710 [ 252.852777] __x64_sys_sendmmsg+0x11c/0x170 [ 252.857151] ? __sys_sendmmsg+0x850/0x850 [ 252.861339] do_syscall_64+0x15b/0x230 [ 252.865287] entry_SYSCALL_64_after_hwframe+0x44/0xa9 23:39:39 executing program 3: socket$kcm(0x29, 0x5, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:39 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x121000, 0x0) openat(r2, &(0x7f0000000080)='./file0\x00', 0x20000, 0x100) [ 252.870512] RIP: 0033:0x455a09 [ 252.873726] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 252.881488] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 252.888795] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 252.896110] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 252.903420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 252.910728] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000002c 23:39:39 executing program 5: r0 = accept$ax25(0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000040)=0x10) getsockname$ax25(r0, &(0x7f0000000100), &(0x7f00000000c0)=0x10) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) 23:39:40 executing program 1: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:40 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x4001, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:40 executing program 6: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x4000, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000140)={0x3, &(0x7f0000000100)=[{}, {0x0}, {}]}) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000180)={r1, 0x2}) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x101000, 0x0) write$fuse(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="be000000000000200000000000000000070000001a00000001000000ff000000018035f50600000001000000000000000000000000000000000000000000000000000000000000000000000000000000dc551c9ba16d7d9bf7b2b7554bb136d566db5c8eb1d67f4d57056d7313d9946cf5346909d82d8267175a43f3d18679c9751acff0610071f65c941b4f8bb2fd30a1a3a5647d4fc69a8f56ddc995de5ea94e3718502c08941185f949bfc0e351cd98b29792a5dec53babac9434a451653a8863bc0dbb844e17a182aabe59c5a859dcad159467bb"], 0x28) 23:39:40 executing program 4: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x5, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="280000000600000000ecff001e91d81d5ce107f1000000e2ffffffffff0300000000000000000000"], 0x28) 23:39:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:40 executing program 7: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffffffffff80, 0x80000) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000080)=0x1, 0x4) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x3f7, 0x0) fcntl$dupfd(r1, 0x406, r0) 23:39:40 executing program 3: socket$kcm(0x29, 0x5, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:40 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x7fffffffffe, &(0x7f0000000380)="0047fc15070300000009708bc315137b6720a05f") r1 = socket$key(0xf, 0x3, 0x2) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000100)={'gre0\x00', {0x2, 0x4e20, @broadcast=0xffffffff}}) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) r2 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000040)={0x0, 0x0, @rand_addr}, &(0x7f0000000080)=0x10, 0x800) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x2, 0x30, 0x7ff, 0x9}, &(0x7f00000002c0)=0x18) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000300)={r3, 0x8, 0x9, [0xe84, 0x6, 0x4, 0x100, 0x0, 0x101, 0x95, 0x1, 0x5]}, 0x1a) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:40 executing program 2 (fault-call:5 fault-nth:45): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:40 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = semget(0x0, 0x2, 0x200) semctl$SEM_STAT(r1, 0x6, 0x12, &(0x7f0000000000)=""/237) fcntl$setpipe(r0, 0x407, 0x0) 23:39:40 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) [ 253.450741] FAULT_INJECTION: forcing a failure. [ 253.450741] name failslab, interval 1, probability 0, space 0, times 0 [ 253.462359] CPU: 0 PID: 15820 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 253.469611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.479001] Call Trace: [ 253.481652] dump_stack+0x185/0x1d0 [ 253.485353] should_fail+0x87b/0xab0 [ 253.489132] __should_failslab+0x278/0x2a0 [ 253.493448] should_failslab+0x29/0x70 23:39:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001}, &(0x7f00000000c0)=0x20) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:40 executing program 3: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:40 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x4000000080000004) fcntl$setpipe(r1, 0x407, 0x0) r2 = msgget$private(0x0, 0x111) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xc) r5 = geteuid() getresgid(&(0x7f0000000100), &(0x7f0000000140)=0x0, &(0x7f0000000180)) r7 = fcntl$getown(r0, 0x9) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000001c0)=0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000200)={{0x5cc4, r3, r4, r5, r6, 0x0, 0xf496}, 0x80000001, 0xbf6, 0xff, 0xc8, 0x0, 0x5, r7, r8}) [ 253.497394] __kmalloc_node_track_caller+0x24b/0x11b0 [ 253.502638] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 253.508066] ? alloc_skb_with_frags+0x1e6/0xb80 [ 253.512808] __alloc_skb+0x2cb/0x9e0 [ 253.516564] ? alloc_skb_with_frags+0x1e6/0xb80 [ 253.521311] alloc_skb_with_frags+0x1e6/0xb80 [ 253.525873] ? kmsan_set_origin_inline+0x6b/0x120 [ 253.530781] ? __msan_poison_alloca+0x15c/0x1d0 [ 253.535533] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 253.540378] ? packet_sendmsg+0x6594/0x8ad0 [ 253.544784] sock_alloc_send_pskb+0xb56/0x11a0 23:39:40 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 253.549458] ? kmsan_set_origin+0x9e/0x160 [ 253.553784] packet_sendmsg+0x6594/0x8ad0 [ 253.558034] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 253.563538] ? rw_copy_check_uvector+0x643/0x6c0 [ 253.568362] ? __msan_poison_alloca+0x15c/0x1d0 [ 253.573130] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 253.578663] ? import_iovec+0x3c7/0x600 [ 253.582709] ? copy_msghdr_from_user+0x72c/0x830 [ 253.587573] ? compat_packet_setsockopt+0x360/0x360 [ 253.592689] ___sys_sendmsg+0xec8/0x1320 [ 253.596842] ? kmsan_set_origin_inline+0x6b/0x120 23:39:40 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f00000000c0)={0x2c6, 0xffffffffffffffbf, 0x0, @fuse_notify_delete_out={0x4, 0x81, 0x20}}, 0xffffffffffffff6e) [ 253.601757] ? __msan_poison_alloca+0x15c/0x1d0 [ 253.606513] ? _cond_resched+0x3c/0xd0 [ 253.610472] ? rcu_all_qs+0x32/0x1f0 [ 253.614250] ? _cond_resched+0x3c/0xd0 [ 253.618207] ? rcu_all_qs+0x32/0x1f0 [ 253.621994] ? __sys_sendmmsg+0x61d/0x850 [ 253.626212] __sys_sendmmsg+0x490/0x850 [ 253.630275] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 253.635281] ? syscall_return_slowpath+0xe9/0x710 [ 253.640230] __x64_sys_sendmmsg+0x11c/0x170 [ 253.644611] ? __sys_sendmmsg+0x850/0x850 23:39:40 executing program 6: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x10) write$vnet(r0, &(0x7f0000000240)={0x1, {&(0x7f00000000c0)=""/195, 0xc3, &(0x7f00000001c0)=""/72, 0x1, 0x4}}, 0x68) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f0000000000)={@multicast1=0xe0000001, @multicast2=0xe0000002}, 0x8) write$fuse(r1, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 253.648811] do_syscall_64+0x15b/0x230 [ 253.652761] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 253.657996] RIP: 0033:0x455a09 [ 253.661212] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 253.668976] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 253.676294] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 253.683610] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 253.690931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:40 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$HDIO_GETGEO(r2, 0x301, &(0x7f0000000080)) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="0211fc0f0200000000000000b2791a04521e7500c97effffffff"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) [ 253.698252] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000002d 23:39:41 executing program 3: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:41 executing program 2 (fault-call:5 fault-nth:46): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:41 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:41 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x7) 23:39:41 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0xfffffffffffffffd, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:41 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000608000000ffffffffffffff0000001000000000"], 0x18) 23:39:41 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="021100000000"], 0x10}, 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040), 0x10) 23:39:41 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) 23:39:41 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0xfffffe0a, 0x6, 0x0, @fuse_poll_out={0x1}}, 0x18) [ 254.100444] FAULT_INJECTION: forcing a failure. [ 254.100444] name failslab, interval 1, probability 0, space 0, times 0 [ 254.111888] CPU: 0 PID: 15863 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 254.119118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.128530] Call Trace: [ 254.131194] dump_stack+0x185/0x1d0 [ 254.134881] should_fail+0x87b/0xab0 [ 254.138678] __should_failslab+0x278/0x2a0 [ 254.143011] should_failslab+0x29/0x70 23:39:41 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="28000000060000000000000000000000000000000000000000000000000000000080000000000000"], 0x28) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e21, @multicast1=0xe0000001}, @in6={0xa, 0x4e24, 0xdb66, @remote={0xfe, 0x80, [], 0xbb}, 0xfff}, @in6={0xa, 0x4e22, 0x100000001, @local={0xfe, 0x80, [], 0xaa}, 0x10001}, @in={0x2, 0x4e24}, @in={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0xfffffffffffffff8, 0xffffffff00000001, @empty, 0x4}, @in={0x2, 0x4e21, @multicast1=0xe0000001}], 0x94) 23:39:41 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) fcntl$setpipe(r1, 0x407, 0x0) [ 254.146982] kmem_cache_alloc_node+0x157/0xc80 [ 254.151643] ? validate_xmit_skb+0xfea/0x1320 [ 254.156217] ? __alloc_skb+0x202/0x9e0 [ 254.160201] __alloc_skb+0x202/0x9e0 [ 254.163990] alloc_skb_with_frags+0x1e6/0xb80 [ 254.168544] ? kmsan_set_origin_inline+0x6b/0x120 [ 254.173464] ? __msan_poison_alloca+0x15c/0x1d0 [ 254.178212] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 254.183055] ? packet_sendmsg+0x6594/0x8ad0 [ 254.187466] sock_alloc_send_pskb+0xb56/0x11a0 [ 254.192168] ? kmsan_set_origin+0x9e/0x160 [ 254.196499] packet_sendmsg+0x6594/0x8ad0 23:39:41 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) [ 254.200733] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 254.206234] ? rw_copy_check_uvector+0x643/0x6c0 [ 254.211307] ? __msan_poison_alloca+0x15c/0x1d0 [ 254.216955] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 254.222485] ? import_iovec+0x3c7/0x600 [ 254.226529] ? copy_msghdr_from_user+0x72c/0x830 [ 254.231391] ? compat_packet_setsockopt+0x360/0x360 [ 254.236493] ___sys_sendmsg+0xec8/0x1320 [ 254.240644] ? kmsan_set_origin_inline+0x6b/0x120 [ 254.245561] ? __msan_poison_alloca+0x15c/0x1d0 23:39:41 executing program 3: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 254.250318] ? _cond_resched+0x3c/0xd0 [ 254.254284] ? rcu_all_qs+0x32/0x1f0 [ 254.258084] ? _cond_resched+0x3c/0xd0 [ 254.262051] ? rcu_all_qs+0x32/0x1f0 [ 254.265815] ? __sys_sendmmsg+0x61d/0x850 [ 254.270019] __sys_sendmmsg+0x490/0x850 [ 254.274070] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 254.279070] ? syscall_return_slowpath+0xe9/0x710 [ 254.284013] __x64_sys_sendmmsg+0x11c/0x170 [ 254.288389] ? __sys_sendmmsg+0x850/0x850 [ 254.292553] do_syscall_64+0x15b/0x230 [ 254.296481] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 254.301695] RIP: 0033:0x455a09 [ 254.304902] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 254.312640] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 254.319942] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 254.327261] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 254.334580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 254.341888] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000002e 23:39:41 executing program 2 (fault-call:5 fault-nth:47): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 254.561211] FAULT_INJECTION: forcing a failure. [ 254.561211] name failslab, interval 1, probability 0, space 0, times 0 [ 254.572660] CPU: 1 PID: 15896 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 254.579888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.589280] Call Trace: [ 254.591929] dump_stack+0x185/0x1d0 [ 254.595626] should_fail+0x87b/0xab0 [ 254.599401] __should_failslab+0x278/0x2a0 [ 254.603717] should_failslab+0x29/0x70 [ 254.607670] __kmalloc_node_track_caller+0x24b/0x11b0 [ 254.612919] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 254.618349] ? alloc_skb_with_frags+0x1e6/0xb80 [ 254.623112] __alloc_skb+0x2cb/0x9e0 [ 254.626877] ? alloc_skb_with_frags+0x1e6/0xb80 [ 254.631610] alloc_skb_with_frags+0x1e6/0xb80 [ 254.636185] ? kmsan_set_origin_inline+0x6b/0x120 [ 254.641100] ? __msan_poison_alloca+0x15c/0x1d0 [ 254.645855] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 254.650697] ? packet_sendmsg+0x6594/0x8ad0 [ 254.655107] sock_alloc_send_pskb+0xb56/0x11a0 [ 254.659788] ? kmsan_set_origin+0x9e/0x160 [ 254.664125] packet_sendmsg+0x6594/0x8ad0 [ 254.668338] ? __fsnotify_parent+0x132/0x560 [ 254.672834] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 254.678341] ? rw_copy_check_uvector+0x643/0x6c0 [ 254.683149] ? __msan_poison_alloca+0x15c/0x1d0 [ 254.687903] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 254.693431] ? import_iovec+0x3c7/0x600 [ 254.697477] ? copy_msghdr_from_user+0x72c/0x830 [ 254.702334] ? compat_packet_setsockopt+0x360/0x360 [ 254.707439] ___sys_sendmsg+0xec8/0x1320 [ 254.711556] ? kstrtoull+0x766/0x7e0 [ 254.715353] ? kmsan_set_origin_inline+0x6b/0x120 [ 254.720274] ? __msan_poison_alloca+0x15c/0x1d0 [ 254.725024] ? _cond_resched+0x3c/0xd0 [ 254.729000] ? rcu_all_qs+0x32/0x1f0 [ 254.732787] ? _cond_resched+0x3c/0xd0 [ 254.736760] ? rcu_all_qs+0x32/0x1f0 [ 254.740535] ? __sys_sendmmsg+0x61d/0x850 [ 254.744759] __sys_sendmmsg+0x490/0x850 [ 254.748897] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 254.753906] ? syscall_return_slowpath+0xe9/0x710 [ 254.758855] __x64_sys_sendmmsg+0x11c/0x170 [ 254.763244] ? __sys_sendmmsg+0x850/0x850 [ 254.767427] do_syscall_64+0x15b/0x230 [ 254.771336] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 254.776534] RIP: 0033:0x455a09 [ 254.779724] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 254.787462] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 254.794740] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 254.802025] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 254.809320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 254.816601] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000002f 23:39:42 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)={{0x108, 0x2, 0x6, 0x2f8, 0x330, 0x8, 0x393, 0x9}, "ee354fe482a0d2b7d673067eefbd235e5a488a7b3a05f5b582d64062d8ea79d1a0dfd942c6628ffec560fac04845fb8cab4729e73b93f68cfd6f0104cc80298b7afc03e565b8663dc6904cb94bf8b3308a4050826c9e5d030878da87d6a174b1b5891b27260d4ef09368ab1891d7e138ca00425d3ae87c02662542c8e3b970644a025d", [[]]}, 0x1a3) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) 23:39:42 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) connect$l2tp(r0, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x0, 0x3, 0x1, {0xa, 0x4e21, 0xe0, @remote={0xfe, 0x80, [], 0xbb}, 0xffffffff80000001}}}, 0x32) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x40080, 0x0) 23:39:42 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x8000, 0x4) pipe2(&(0x7f00008df000), 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:42 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) 23:39:42 executing program 3: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:42 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f00000004c0)='/dev/snd/pcmC#D#c\x00', 0xffffffffffff7393, 0x40) recvfrom$ipx(r1, &(0x7f0000000500)=""/157, 0x9d, 0x40, &(0x7f00000005c0)={0x4, 0x100000000000000, 0x3, "2198ff4279a8", 0x400}, 0x10) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x8, 0x101001) sendmsg$nl_crypto(r3, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000200}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=@upd={0xe0, 0x12, 0x422, 0x70bd2c, 0x25dfdbfe, {{'ecb(serpent)\x00'}, [], [], 0x2400, 0x400}}, 0xe0}, 0x1, 0x0, 0x0, 0x40}, 0x84) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:42 executing program 2 (fault-call:5 fault-nth:48): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 255.123985] FAULT_INJECTION: forcing a failure. [ 255.123985] name failslab, interval 1, probability 0, space 0, times 0 [ 255.135503] CPU: 1 PID: 15908 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 255.142734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.152150] Call Trace: [ 255.154792] dump_stack+0x185/0x1d0 [ 255.158477] should_fail+0x87b/0xab0 [ 255.162259] __should_failslab+0x278/0x2a0 [ 255.166563] should_failslab+0x29/0x70 23:39:42 executing program 3: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:42 executing program 6: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000000)={{0xffffffffffffffff, 0x0, 0x9, 0x0, 0x7fffffff}, 0x7f, 0xffffffff}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 255.170520] kmem_cache_alloc_node+0x157/0xc80 [ 255.175171] ? validate_xmit_skb+0xfea/0x1320 [ 255.179724] ? __alloc_skb+0x202/0x9e0 [ 255.183692] __alloc_skb+0x202/0x9e0 [ 255.187469] alloc_skb_with_frags+0x1e6/0xb80 [ 255.192015] ? kmsan_set_origin_inline+0x6b/0x120 [ 255.196905] ? __msan_poison_alloca+0x15c/0x1d0 [ 255.201655] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 255.206497] ? packet_sendmsg+0x6594/0x8ad0 [ 255.210897] sock_alloc_send_pskb+0xb56/0x11a0 [ 255.215575] ? kmsan_set_origin+0x9e/0x160 [ 255.219886] packet_sendmsg+0x6594/0x8ad0 23:39:42 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x600000, 0x0) ioctl$sock_netrom_TIOCOUTQ(r1, 0x5411, &(0x7f0000000140)) signalfd4(r0, &(0x7f0000000000)={0x7f}, 0x8, 0x800) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000060000001f0000e98e3014d425931918000000000080c3000000005550687b8302c9482496a68f05438147403932159ead865aa48a152f24de888c893b1c5c14720fcfc754096fdced69468c82e3fe1ac355d01a71857de8c0a5dc4ad3b58fedd30b"], 0x18) 23:39:42 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) dup2(r0, r0) fcntl$setpipe(r0, 0x407, 0x0) [ 255.224206] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 255.229707] ? rw_copy_check_uvector+0x643/0x6c0 [ 255.234534] ? __msan_poison_alloca+0x15c/0x1d0 [ 255.239269] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 255.244839] ? import_iovec+0x3c7/0x600 [ 255.248886] ? copy_msghdr_from_user+0x72c/0x830 [ 255.253747] ? compat_packet_setsockopt+0x360/0x360 [ 255.258868] ___sys_sendmsg+0xec8/0x1320 [ 255.263027] ? kmsan_set_origin_inline+0x6b/0x120 [ 255.267939] ? __msan_poison_alloca+0x15c/0x1d0 [ 255.272686] ? _cond_resched+0x3c/0xd0 [ 255.276649] ? rcu_all_qs+0x32/0x1f0 [ 255.280423] ? _cond_resched+0x3c/0xd0 [ 255.284381] ? rcu_all_qs+0x32/0x1f0 [ 255.288150] ? __sys_sendmmsg+0x61d/0x850 [ 255.292359] __sys_sendmmsg+0x490/0x850 [ 255.296397] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 255.301384] ? syscall_return_slowpath+0xe9/0x710 [ 255.306278] __x64_sys_sendmmsg+0x11c/0x170 [ 255.310636] ? __sys_sendmmsg+0x850/0x850 [ 255.314820] do_syscall_64+0x15b/0x230 [ 255.318757] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 255.323983] RIP: 0033:0x455a09 [ 255.327200] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 255.334921] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 255.342223] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 255.349512] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 255.356818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 255.364286] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000030 23:39:42 executing program 0: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x101000, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e22, @rand_addr=0x8}, @in={0x2, 0x4e21, @loopback=0x7f000001}, @in6={0xa, 0x4e20, 0xffffffffffffffe1, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, @in6={0xa, 0x4e22, 0x1000, @dev={0xfe, 0x80, [], 0x21}, 0x3}], 0x58) r1 = socket$kcm(0x29, 0x2, 0x0) ioctl(r1, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f00000003c0)=""/238) 23:39:42 executing program 2 (fault-call:5 fault-nth:49): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:42 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:42 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) 23:39:42 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe(&(0x7f00000000c0)) fcntl$setpipe(r0, 0x407, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000100)={&(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0), 0x2, 0x1, 0x3}) [ 255.565545] FAULT_INJECTION: forcing a failure. [ 255.565545] name failslab, interval 1, probability 0, space 0, times 0 [ 255.577111] CPU: 1 PID: 15947 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 255.584338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.595036] Call Trace: [ 255.597693] dump_stack+0x185/0x1d0 [ 255.601387] should_fail+0x87b/0xab0 [ 255.605159] __should_failslab+0x278/0x2a0 [ 255.609483] should_failslab+0x29/0x70 [ 255.613455] __kmalloc_node_track_caller+0x24b/0x11b0 [ 255.618706] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 255.624143] ? alloc_skb_with_frags+0x1e6/0xb80 [ 255.628909] __alloc_skb+0x2cb/0x9e0 [ 255.632697] ? alloc_skb_with_frags+0x1e6/0xb80 [ 255.637443] alloc_skb_with_frags+0x1e6/0xb80 [ 255.642011] ? kmsan_set_origin_inline+0x6b/0x120 [ 255.647218] ? __msan_poison_alloca+0x15c/0x1d0 [ 255.651975] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 255.656859] ? packet_sendmsg+0x6594/0x8ad0 [ 255.661256] sock_alloc_send_pskb+0xb56/0x11a0 23:39:42 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) [ 255.665931] ? kmsan_set_origin+0x9e/0x160 [ 255.670263] packet_sendmsg+0x6594/0x8ad0 [ 255.674469] ? __fsnotify_parent+0x132/0x560 [ 255.678954] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 255.684453] ? rw_copy_check_uvector+0x643/0x6c0 [ 255.689261] ? __msan_poison_alloca+0x15c/0x1d0 [ 255.694017] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 255.699559] ? import_iovec+0x3c7/0x600 [ 255.703601] ? copy_msghdr_from_user+0x72c/0x830 [ 255.708463] ? compat_packet_setsockopt+0x360/0x360 [ 255.713568] ___sys_sendmsg+0xec8/0x1320 [ 255.717682] ? kstrtoull+0x766/0x7e0 [ 255.721477] ? kmsan_set_origin_inline+0x6b/0x120 [ 255.726387] ? __msan_poison_alloca+0x15c/0x1d0 [ 255.731116] ? _cond_resched+0x3c/0xd0 [ 255.735062] ? rcu_all_qs+0x32/0x1f0 [ 255.738846] ? _cond_resched+0x3c/0xd0 [ 255.742844] ? rcu_all_qs+0x32/0x1f0 [ 255.746601] ? __sys_sendmmsg+0x61d/0x850 [ 255.750824] __sys_sendmmsg+0x490/0x850 [ 255.754826] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 255.759807] ? syscall_return_slowpath+0xe9/0x710 [ 255.764721] __x64_sys_sendmmsg+0x11c/0x170 [ 255.769079] ? __sys_sendmmsg+0x850/0x850 [ 255.773287] do_syscall_64+0x15b/0x230 [ 255.777236] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 255.782454] RIP: 0033:0x455a09 [ 255.785649] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 255.793395] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 255.800688] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 255.807997] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 255.815308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 255.822602] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000031 23:39:42 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) accept4$unix(r0, &(0x7f00000000c0), &(0x7f0000000040)=0x6e, 0x80000) 23:39:42 executing program 3: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:42 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x4, 0x8000, 0x7, 0x200, 0x0}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000140)={r1, 0x1}, 0x8) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) bind$pptp(r0, &(0x7f0000000180)={0x18, 0x2, {0x3, @rand_addr=0x401}}, 0x1e) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x8) 23:39:42 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x44000, 0x0) accept$ax25(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4) socket$can_raw(0x1d, 0x3, 0x1) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="02110030175ef5c1e30002000d00000000000000000070e07160bdc86f6d48743c08116e2aadb600c876af3a9924bcd12f447d70fb164361e301bfdcefebad60d06478428e891837af8b29337cc1c304fe12fdfa66f8bda2f91c6c35760378c381b35319175fd8e7d62240bf5a75d933190e796265f8e4be4d964784a232cb927918120fdf7841ad5f19f4cd62821aa1f115e5df503b380425ea13ac1e3cb699eb"], 0x10}, 0x1}, 0x0) recvmmsg(r2, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:42 executing program 2 (fault-call:5 fault-nth:50): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:42 executing program 4: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f0000000040)={0x6}) 23:39:42 executing program 5: pipe2(&(0x7f0000000080), 0xc0004) 23:39:42 executing program 1: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r1, &(0x7f0000001780)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001740)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r1, &(0x7f00000017c0)=@bind_ip={0x2, 0x28, 0xfa00, {0x0, {0xa, 0xfc, 0x0, @loopback={0x0, 0x1}}, r2}}, 0x30) write$rdma_cm(r1, &(0x7f0000000000)=@listen={0x7, 0x8, 0xfa00, {r2}}, 0x10) write$fuse(r0, &(0x7f0000000000)={0x28, 0x1, 0x0, @fuse_notify_inval_inode_out}, 0x28) [ 256.110432] FAULT_INJECTION: forcing a failure. [ 256.110432] name failslab, interval 1, probability 0, space 0, times 0 [ 256.122018] CPU: 0 PID: 15978 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 256.129249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.138637] Call Trace: [ 256.141276] dump_stack+0x185/0x1d0 [ 256.144960] should_fail+0x87b/0xab0 [ 256.148740] __should_failslab+0x278/0x2a0 [ 256.153038] should_failslab+0x29/0x70 [ 256.156989] kmem_cache_alloc_node+0x157/0xc80 [ 256.161638] ? validate_xmit_skb+0xfea/0x1320 [ 256.166204] ? __alloc_skb+0x202/0x9e0 [ 256.170195] __alloc_skb+0x202/0x9e0 [ 256.174666] alloc_skb_with_frags+0x1e6/0xb80 [ 256.179324] ? kmsan_set_origin_inline+0x6b/0x120 [ 256.184235] ? __msan_poison_alloca+0x15c/0x1d0 [ 256.189009] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 256.193853] ? packet_sendmsg+0x6594/0x8ad0 [ 256.198262] sock_alloc_send_pskb+0xb56/0x11a0 [ 256.202963] ? kmsan_set_origin+0x9e/0x160 23:39:43 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) r1 = socket$packet(0x11, 0x800000000002, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f000095bffc), 0x4) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x2}, 0x4) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="b2c1d0813dd6c99f39a29266b22855f5f7fe23e92bdc8cac427e692e48179af8c6ec5b96dc5cde98cad30a3c242c66b6899877ecd4ef8c9a3c024b0ec29cb8a62869876e432a7583850a4609a63c6db3bd098dc3fac735711d6b11aef66ed43e3d"], 0x18) close(r0) write$binfmt_elf32(r0, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0xe798, 0x1000, 0x200, 0x120b, 0x0, 0x3, 0x3e, 0x2, 0x327, 0x38, 0x138, 0x9, 0x6, 0x20, 0x1, 0x3, 0x5, 0x16a3}, [{0x1, 0x6, 0x7, 0x7, 0xff, 0x7996fabf, 0x8, 0x101}], "b7953d022004a97527", [[], []]}, 0x261) 23:39:43 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x7, 0x9, 0x4, 0x200, 0xb967, 0x1f, 0x1, 0x8001, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_id=r2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x301100) ioctl$BLKTRACESTART(r3, 0x1274, 0x0) [ 256.207384] packet_sendmsg+0x6594/0x8ad0 [ 256.211622] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 256.217894] ? rw_copy_check_uvector+0x643/0x6c0 [ 256.222702] ? __msan_poison_alloca+0x15c/0x1d0 [ 256.227524] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 256.233022] ? import_iovec+0x3c7/0x600 [ 256.237057] ? copy_msghdr_from_user+0x72c/0x830 [ 256.241906] ? compat_packet_setsockopt+0x360/0x360 [ 256.247324] ___sys_sendmsg+0xec8/0x1320 [ 256.251435] ? kmsan_set_origin_inline+0x6b/0x120 [ 256.256341] ? __msan_poison_alloca+0x15c/0x1d0 23:39:43 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$binfmt_aout(r0, &(0x7f0000000000)={{0x108, 0x4200000000000000, 0x6, 0x3d8, 0x10b, 0x7fff, 0x154, 0xe4b6}, "e96a4e019491830933a47f77a2dfce320f80e5f3c380d15dfe3f0158caf479205d347c1382659273c7e4df32eafd1b90bc0cd172514476d0780117e47cd6d27e40a3c9300125d6f654bf58268c749a0ed868bee2d9aabe1f3c6bfd26594c741ccb740014da8245a37d271d5e743d12322af5f21cc06f3c4475a74a", [[]]}, 0x19b) fcntl$setpipe(r1, 0x407, 0x7) 23:39:43 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) io_setup(0x4, &(0x7f00000001c0)=0x0) eventfd(0xffffffffffffff5b) io_submit(r1, 0x2, &(0x7f00000003c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0xf, 0xffffffff, r0, &(0x7f0000000200)="214c0f8b7363cb6b33fef79a6686f608e4b21df8901f45c4ae40c48053", 0x1d, 0x7, 0x0, 0x1, r0}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x5, r0, &(0x7f0000000280)="650b7583af274430ec84a4846c47497135f5e1d8d8cefd58b96414c23c4308526f47305f61592cd4b38cfc71902bb85606877b5d1e144f6efd23333c3ed4b30d553d5ce8716d4d2cb090efa8c837b6cca05e0fc634346f4614499126209ad5c139556c65130ce9a578662917ecab717e9b5d02745565951c349a42de740510c9832a3f983685a7a7449198fa4f792818a97e0333eceb2359bcf7cd62914733dcb82bdac46f2aad753986fabf00e4c3fefadcfc725497d057fb4079c367ef93dd56efd8c1903396e62e753b99aea9b284d650881521b89fc012fe05853177094e1a588ff67cd3b3f26120680f81d3450fe395fc0c2db62b815203c29d", 0xfc, 0x0, 0x0, 0x1, r0}]) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="28000000061300000000000000000000000000000000000000000000000000000000000000000004"], 0x28) getpeername$packet(r0, &(0x7f0000000400)={0x0, 0x0, 0x0}, &(0x7f0000000440)=0x14) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000480)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000580)=0xe8) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000005c0)={{{@in6, @in=@dev={0xac, 0x14, 0x14, 0x1d}, 0x4e23, 0x0, 0x4e22, 0x1, 0x2, 0x20, 0x20, 0x29, r2, r3}, {0x3, 0xf8, 0x5, 0x4, 0x1, 0x8c7, 0x7ff, 0x9}, {0x7ff, 0x83d, 0x7, 0x6}, 0x4, 0x6e6bb6, 0x0, 0x1, 0x0, 0x3}, {{@in6, 0x4d2, 0x3c}, 0xa, @in6=@loopback={0x0, 0x1}, 0x34ff, 0x0, 0x3, 0x3, 0x200, 0x4f08, 0x8100000001}}, 0xe8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="b40000008146d3c9c901330d23a7a597a9735ba87e504fc3e3deb4c5081ccf5f1dfbc2cbf62baaddae525210ba9c6a41bc065a116bc7146eae01ad65a003b93eeeeba6f63ae3d86e10847871c3b5f951f02f1be73d23fe9cacd050e54593583a95fdbfeeabbacf1755722b23d6b4b191fb57e9b0d4100aa65d17c5c7d978c65e70a0bdff5d9df2ff064faef47e95b437336375a9df586c10fbde18f46f06000000000000005d3d6e9d8c8b3e6086bce7cb32bcf996d657bd"], &(0x7f0000000000)=0xbc) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000040)={r4, 0x1}, &(0x7f0000000180)=0x8) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000800)=0x0) tkill(r5, 0x1d) 23:39:43 executing program 1 (fault-call:2 fault-nth:0): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:43 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 256.261086] ? _cond_resched+0x3c/0xd0 [ 256.265055] ? rcu_all_qs+0x32/0x1f0 [ 256.268849] ? _cond_resched+0x3c/0xd0 [ 256.272902] ? rcu_all_qs+0x32/0x1f0 [ 256.276671] ? __sys_sendmmsg+0x61d/0x850 [ 256.280880] __sys_sendmmsg+0x490/0x850 [ 256.284921] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 256.289914] ? syscall_return_slowpath+0xe9/0x710 [ 256.294849] __x64_sys_sendmmsg+0x11c/0x170 [ 256.299222] ? __sys_sendmmsg+0x850/0x850 [ 256.303420] do_syscall_64+0x15b/0x230 [ 256.307370] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 256.312629] RIP: 0033:0x455a09 [ 256.315843] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 256.323600] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 256.330906] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 256.338200] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 256.345480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 256.352779] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000032 [ 256.399792] FAULT_INJECTION: forcing a failure. [ 256.399792] name failslab, interval 1, probability 0, space 0, times 0 [ 256.411196] CPU: 1 PID: 15994 Comm: syz-executor1 Not tainted 4.17.0-rc5+ #1 [ 256.418433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.427834] Call Trace: [ 256.430482] dump_stack+0x185/0x1d0 [ 256.434181] should_fail+0x87b/0xab0 [ 256.437970] __should_failslab+0x278/0x2a0 [ 256.442295] should_failslab+0x29/0x70 [ 256.446269] __kmalloc+0xc5/0x350 [ 256.449809] ? loop_add+0x78/0xe80 [ 256.453460] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 256.458909] loop_add+0x78/0xe80 [ 256.462354] ? idr_find+0x9a/0xc0 [ 256.465888] ? do_vfs_ioctl+0xcbd/0x24b0 [ 256.470038] loop_control_ioctl+0x6fb/0x9e0 [ 256.474425] ? xor_init+0x90/0x90 [ 256.477921] do_vfs_ioctl+0xcbd/0x24b0 [ 256.481885] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 256.487290] ? __fget_light+0x6a3/0x700 [ 256.491326] ? security_file_ioctl+0x5e/0x200 [ 256.495896] __x64_sys_ioctl+0x280/0x320 [ 256.500012] ? ksys_ioctl+0x260/0x260 [ 256.503858] do_syscall_64+0x15b/0x230 [ 256.507808] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 256.513022] RIP: 0033:0x455a09 [ 256.516235] RSP: 002b:00007fcac195dc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 256.523991] RAX: ffffffffffffffda RBX: 00007fcac195e6d4 RCX: 0000000000455a09 [ 256.531296] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000013 [ 256.538698] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 256.546006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 256.553334] R13: 00000000000002d6 R14: 00000000006f94b0 R15: 0000000000000000 23:39:43 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x1, 0x0, @fuse_bmap_out}, 0x18) 23:39:43 executing program 5: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x2080, 0x0) bind$vsock_dgram(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @reserved=0x1}, 0x10) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) fcntl$setpipe(r1, 0x407, 0x0) ioctl$PPPIOCGL2TPSTATS(r1, 0x80487436, &(0x7f00000000c0)="17904c65b93e479f01a04a666286f35337441ff21aca15e0426315974a9806ee6bb0deefdbbbce820f6385f29ea1c0fdd011b010257731fddd06e635b31758c48c5bcb95212d27bdb051855be8cd58a2c90000ba4153fd6984a55079e6ee758a9bd8f610e2efe0f518734ff4032ad9b4edadd9a8aef711b2f9c8136991fad91f28c11b9ddf968a024d53da75bdaa3b4d3978504b4a244e6489fe6d6e07d70bf661a160de27") 23:39:43 executing program 2 (fault-call:5 fault-nth:51): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:43 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:43 executing program 6: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x8, 0x20000) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000040)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) ioctl$TTUNGETFILTER(r1, 0x801054db, &(0x7f00000000c0)=""/221) 23:39:43 executing program 4 (fault-call:2 fault-nth:0): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:43 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={r7, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x8, 0xfb07}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x9}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000300)={r8, 0x9}, &(0x7f0000000340)=0x8) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:43 executing program 1 (fault-call:2 fault-nth:1): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:44 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) ptrace$peek(0xffffffffffff7fff, r1, &(0x7f0000000080)) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 257.086037] FAULT_INJECTION: forcing a failure. [ 257.086037] name failslab, interval 1, probability 0, space 0, times 0 [ 257.097506] CPU: 1 PID: 16025 Comm: syz-executor1 Not tainted 4.17.0-rc5+ #1 [ 257.100433] FAULT_INJECTION: forcing a failure. [ 257.100433] name failslab, interval 1, probability 0, space 0, times 0 [ 257.104728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.104743] Call Trace: [ 257.104791] dump_stack+0x185/0x1d0 [ 257.104844] should_fail+0x87b/0xab0 [ 257.104883] __should_failslab+0x278/0x2a0 [ 257.104936] should_failslab+0x29/0x70 [ 257.104982] __kmalloc_node+0x22f/0x1200 [ 257.105027] ? idr_alloc_u32+0x4b3/0x570 [ 257.105060] ? blk_mq_alloc_tag_set+0x5f5/0x1710 [ 257.105125] blk_mq_alloc_tag_set+0x5f5/0x1710 [ 257.105158] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 257.105210] ? idr_alloc+0x192/0x220 [ 257.170354] loop_add+0x396/0xe80 [ 257.173870] ? idr_find+0x9a/0xc0 [ 257.177352] ? do_vfs_ioctl+0xcbd/0x24b0 [ 257.181440] loop_control_ioctl+0x6fb/0x9e0 [ 257.185780] ? xor_init+0x90/0x90 [ 257.189244] do_vfs_ioctl+0xcbd/0x24b0 [ 257.193162] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 257.198537] ? __fget_light+0x6a3/0x700 [ 257.202536] ? security_file_ioctl+0x5e/0x200 [ 257.207083] __x64_sys_ioctl+0x280/0x320 [ 257.211161] ? ksys_ioctl+0x260/0x260 [ 257.214972] do_syscall_64+0x15b/0x230 [ 257.218890] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 257.224084] RIP: 0033:0x455a09 [ 257.227287] RSP: 002b:00007fcac195dc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.235023] RAX: ffffffffffffffda RBX: 00007fcac195e6d4 RCX: 0000000000455a09 [ 257.242306] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000013 [ 257.249596] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 257.256875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 257.264162] R13: 00000000000002d6 R14: 00000000006f94b0 R15: 0000000000000001 [ 257.271476] CPU: 0 PID: 16023 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 257.278701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.288091] Call Trace: [ 257.290735] dump_stack+0x185/0x1d0 [ 257.294427] should_fail+0x87b/0xab0 [ 257.298325] __should_failslab+0x278/0x2a0 [ 257.302634] should_failslab+0x29/0x70 [ 257.306575] __kmalloc_node_track_caller+0x24b/0x11b0 [ 257.311836] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 257.317266] ? alloc_skb_with_frags+0x1e6/0xb80 [ 257.322012] __alloc_skb+0x2cb/0x9e0 [ 257.325783] ? alloc_skb_with_frags+0x1e6/0xb80 [ 257.330507] alloc_skb_with_frags+0x1e6/0xb80 [ 257.335077] ? kmsan_set_origin_inline+0x6b/0x120 [ 257.339996] ? __msan_poison_alloca+0x15c/0x1d0 [ 257.344762] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 257.349605] ? packet_sendmsg+0x6594/0x8ad0 [ 257.354011] sock_alloc_send_pskb+0xb56/0x11a0 [ 257.358689] ? kmsan_set_origin+0x9e/0x160 [ 257.363010] packet_sendmsg+0x6594/0x8ad0 [ 257.367244] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 257.372751] ? rw_copy_check_uvector+0x643/0x6c0 [ 257.377568] ? __msan_poison_alloca+0x15c/0x1d0 23:39:44 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000000)) [ 257.382336] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 257.387851] ? import_iovec+0x3c7/0x600 [ 257.391894] ? copy_msghdr_from_user+0x72c/0x830 [ 257.396753] ? compat_packet_setsockopt+0x360/0x360 [ 257.401857] ___sys_sendmsg+0xec8/0x1320 [ 257.406082] ? kmsan_set_origin_inline+0x6b/0x120 [ 257.410995] ? __msan_poison_alloca+0x15c/0x1d0 [ 257.415746] ? _cond_resched+0x3c/0xd0 [ 257.419716] ? rcu_all_qs+0x32/0x1f0 [ 257.423507] ? _cond_resched+0x3c/0xd0 [ 257.427479] ? rcu_all_qs+0x32/0x1f0 [ 257.431327] ? __sys_sendmmsg+0x61d/0x850 23:39:44 executing program 7: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x800, 0x0) sendmsg$nl_netfilter(r0, &(0x7f00000012c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10010404}, 0xc, &(0x7f0000001280)={&(0x7f0000000100)={0x1178, 0x5, 0x3, 0x300, 0x70bd26, 0x25dfdbfd, {0x2, 0x0, 0x1}, [@generic="99e57b74d39026d8160d166a57505648d7e26cc4f35a8530c47a4a70163151c6f14c043ed1cb271aec7b80fe34ac2e255cf785e4f0c63ed86350714cdaeda022be9bbc96cb5d932607c281a8ba596a87f5f6e5dc99614222a7de9fcc23f1c36892a39b0771d7c4c74666cc68c016ab3f3264b06856308e5bd602b138a98ed6f3f3c0de1e7d9b69a33d2ce7cf0449a00eef80be7a166ff728a318652b34f5ac58f52f2445cac21512dc466acc25558a11146751", @generic="6e849c72cb4966ffd21919ab3dd53750b02da1c670c2206d5ac59ad8227ce4b2c41cbf9a462c508ff9754084a825e99b575fafb16f29c7134e739d664fd2e937b21547", @nested={0x106c, 0x8b, [@typed={0x14, 0x8, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @typed={0xc, 0x41, @str='cgroup*\x00'}, @typed={0x14, 0x5d, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}, @generic="c528bf9a2f89c92307c5bc423e9f42f7f2f5874c4b841f20f3114c9b000915fa05f9fc631612374a95a4d9e968aaf61199ebc070d6ec249e7456a2fb9277e85c4305c5981be57a5b80ec027b84c9fbef5dd4a68f7c134f691027bca6f7ac8a03a7b958972918b0da58015de05563c1acff334b4dcf5d77474653ff6fb89d150eba7b4ef021443a95a334c945750a61e122bf46b967f221a71d0c39f29a144a4688c89c8a814b7d2027b6c72d16bf0607d3ff9e9dfe942172443014f667a3fec18d921979eaf9d0c82bb6c54d387a39d0759b8c84ef502a6fc01ec85d2049d0e94f8dc1c73132d2941e70912ab5b9f11e0f1b14024b8cd3a4f8a65e931438604aa564a5713b3b993a4bb4de669b06abe00c37b283c0d642130a0608760237520a34308620ac6e2758097cb7ffe9b2f1de86b893e1df8ae6c7706dbbe6ffd3014668e1c2a3dd9bdf7e23a51b1c45028e1aae0af6119c59b646829ad97efc82fda81e82309d14610315a7e88b0d17448677a4ca77f353c0e40d6d7f082062fd1e1a1786284233abf6d98a69fbde0e84c106d2220df28c29b511596a7a3011deca788d62f2aa69cf48523679e23ba4d2bed81c7cbb5d69a0c9198acbf4f315e6c350a8e2ef1f5b78ab906a6cd32d5c92d8f36ee687499e30c493dd3d920bb704a08e5b87aff3d6edf16ede45ba3a286aafcfbc69a76c05076922454b12579a77d95e79d5b6ec25c87085681566f8d94088ef431aa5291a60253492aa6490d6c5cdbe2e80d518d392c079c6204d62cabaf7f22d084b7498a55b9d9b2f2a891aedee711efe40d2f0c486299bc1bb55792084623dfb974e4353ed96d3700c52b3fb8453426da5269b667cbd0c3fdd171e3f7af09ea5ce7c213382f626f4848c162c3e8c71a02d8e068b0a79b2466870ca590fb806d7f7ff2e58496b2f2c648e56f7e1050b97ba28d7078436fd5ce6fef90dce284c33f16fbeb9395979f31fdae72ed665927414e5751a7a211ae7ab4957d792c383f430be7cd2c0f2e469db8ccb71a1926ebcd6a98dd8c567c7a782081519e5c34ea14016e6f7940f7a1738554f73b0389859f329b8832891d90c792916a17fad5e1873b481463bb5b67d0ccd9cd70216825d949022ea2851ea57f79c0b10964359bb05c568fd0281978e7d6eab9aa4477fefcf7da66a3a7a0e2c59df430b0bfe8d32018c5ec3687fcff954d08ed96b29c7e26dd289dc8e384bb2d7a7585edc918af4f165fcdd7987c314b5e04f7149af2025c67bea488b8c73def46e3e070ac44504810c18ed537be76d2d6743cc9f7899c97bd49a0dd76d114b49aa90e412900f02a957828e4d07d0d6dbe381f7b5ecaa7dd005d0c1cee1420500361e6ea67a300a6868a55a28e8a023070e4776f2a949ac36636973ac4b5be047ea108c7873b47bae63d243ea1fd241d793e7e0917225414ba9e62f4acb885d53dc270d4bccb554b75dc9829cb25cce008f0fdaf1288f4e37ce2d2cd7a52189ab686075ca70fc09a632c0e77d068e7d63afa0ac9ff1ca09afdbb25a6ce0c652c8a6d85b6a60b0275cd584108d80c52083f4571c6a85d4431f2754cf49d19535f22e1116c9ae446d0c8832af1121e3af42ad6c261d0a12600dc4f7bd563fa711777f9a476377b76b995e2146e627bb9d670e5b2d7828c386d772d19f16ee3da3c3a688c82fdd733017be2888a4aadd1d9dfca6153754fdb42844bdff4c5a46aeeefa22fce7549279f9f23952b8f5d5c69116635dfb181a5d986ff3b0d3da2e0894d268572ef88141ab64bbb3dedb77c06e9de1f291840a6fa4866a5779e77cb840d0a1b508dda617b009621f88c3bea7373b0bfe73de41c9392d7744a3b69a08185766a29d751cc00cb3a1ee1ebc0ffd1576da0107392cd3b3340b864e45ad118578c8866fed920a2095d3476ae6f8fea81719899302baa4501458ada1668c3f4a9a96d6c9c99d47f7a06d9085ff4fa1038f06132d4b0bd8fd2e735a00fc78da4b4ebd026976c6172576c2f93eeece247f231a3e8ee36687e93fc95cc1f454157daa1a672b055bc5123636391fe5e892735180f3f2f6c0e102a09bb6c1ef5db4c5f55b82a6c249ef1925213786106ffb8e3e6b6bab087959f5e43bc5df2cd3ca35d01d6d22401d9c6ab15c472bba485c70d79e07cfc7c1fd1546729320ef27c16bff82f382a186b3c62615b75e4abe589cc1c856a2b35b761d81cb3100cac9bfde56aab279a3e8aa31df879f2c44daa21760ce584ce721532376264d397a9d56e726025274bbb5db368677f5a5218784a56c5959f9952edeb306c41d13f3434bdacf256556485771011a96f45ffe358dce597487fe5917d51525cd4535a789fa096304d0842a55b20bbd16f1608e79dc8aecfa5cf4338075f3d8d02eda044197cb587e859f3e0bc25c6e4f56dc8615d80ad4c784edff487aec67067f0bb41bdbc0856849a23664cc69354facd7a49ea062311c788db92257b311e378772d21e67b2985cee3627412b8172b22ed9aca3bd890fd9696e6c6f40f3b507235685d0b02f9a0cee543f8d8bb3ece173efe0dc4be1115ba488055aff884256112a4f9ad52bebdafab352c546956d38426d6915ad541b4a5ca94018019258f5a795b4d6e747fb7fc50ce28ccb7df290529b13a0bf4c91994d67f2a5962a1ddf1dd22dac755462261379facdfe816264ce1d19a7b87e6ce99439811909e785f3aabfa064de535fc11fc1b192489b614ec0144a49f70e4640b0ab1fd08e7174465360e9fff5552726a4a863da00bc71f3b14d203e9aee4e2128859e35bd7b51bf1bc69c65f72a0aa914e8b46401a5af78b7f5b551e6ac6999594ad0f61fbdc9050a8507feaee203485ef53d148cd750b21674551a10a956713b249e95d528173ec1741b047e6f3f7289cf2abd92b45756f571efbd15d82ed92c5a524fb7957f490069bb3d2ba1a93bc7c926f6fd519bcab7181a088ecbd2a69b7248f2239a51cb3b0faa0c62af3afd6e5e7316c31756cba14c2b7be46138686c411cb3e132a7249f55072a50b77bd9b365d33f17f77593b3b9c7a76881d9cc5149216c960b4472617aa9079d13198473c2c42426f25188c7f859c1dadb38d49f91d6e3d9aaf034d669f9b8cc57336d9c7bf8c348e5f0de986bd92446baeac6cff7964f1a7d0e5322e571dddb9d44a385adfcae4766ea97beff2f695b9e728a9ea65605b66e89f2d3209555f826f971dbfe9601b1f11cdf1de212c09d6e97c28b970c9c4209ea3e526a8dc1cfa881b0752bd0c46cba2d750732d19ba1cad77e527e56c984032c5812473f9bb56c6cb8fc829718d30c903cc35a53b1504d69221759fe92381b89133d892681bb1718c0dcb2b37473964c7094e7b367956288946bdacdc40a882e7a22372cebab7e6e16bcabdea877ce241b048021431b62031061b8c0d2b76a4d96be0344acc3546cc48fa41e77f2034386efca80566ba86d662dc3eac5b68ff7f91e7ccf3119c64b0de1721ea261cc3b52cffa0aa9056de080d59f218efd66b50eb0c6184e78a8e10e40bac584d07cd1cc604c9d3a5c4886d8dd16c70685dd5a85575f63fdccab6f824c50489e9127ad4a172d7a8c643e67ba1cebdf24732637603ff7e21815c4954c7aff610d58c40d9b8b829928b01dc9ba3603619e3fbe69494ba398d8c5bc73ec5706e2687f238bd45dc79926482f05c603dd88a6d6ac019ab1cb48f2a35385c827446e8b7988cd9f8792a3472b119853f57b5898ac8ad51df4bfec31c6c4e502538688507861df23fc01e432b3ca478a611eeb863de7172484cfbd4cf4b4adcae998bfce24532504aec80bc36895faf846d896321253ce7e9699d6e3059695cbc4a0daaded0d4b994549f8a392423eb75f0e35ffe508f0daa7d7245b607137a3e6b8de398662fa78c8786d70d05275325772175b8014ff433719542a4d65cd0aab913afe08e756127db1213ec8f58fff2423341239916c83a400d646e397ac042615bf280a6404dfdc192c38c3009b5534014e8b8a571720710d5074b604b15f5822b1b8f51a5628386b1cf46738371292bd0ca8c6f9165f04e31d914d31a0d1c4a9df3aa7e38b2f8cd49be6614b26115f23e0b08553c7200a156472efbcc20d8fc63fc542ca0fec40c64b9dfcae433780ba401c63a4b9f16b3bada9af2083441cf827ce92ce23da7ed8810d8a6de6b524e82ae7d9ad66628dd559b6ea8166d7bafa4d19d86ed4635649f16c458e3af1a69264d5261b876dd0722594220068fb532da6adce0924055ac92a3fcd7391a96cb78b8593c409a87c0d1520d54d1704e665ea195ec39bef1dc77fbfc2aacbface8666e17df0e0749f4cf24b0513f3717132d595ee74e43c7daeb9eba4c42881934794bc8ecf72b595e467a4e1a40edc1009961f085c23876d0e37acbd4cdd9e662f3947865fafbd77ac58d9afd6ca8362db5badc074333d7c8f6f81dfb4ebcdcda3ce5260ef53bb177eecb1baf6879110c031397492ef42a2933e2480a966f810e1547f73bc034b8fe99f114a709aaa3e6312cf3fef8907b90451e5d8a4e69711a5af0e6aa468d595c7db345110260e098363a470a74cfdf5211c74d872d55c431382e9a4ad7cc913328bc8213a909e883ee2ed37053f736fc4b4e96e799aca0a4ea3e494d53da8d518161ee46b4e7b321c75afd8c8d8a87077d08dc6c0455ddd7ca7fc6d2d423288e4aa8556687690ab993453feb99a25be97e0948d43db427fa732baaedf5f9c03920a2a6cec781f3a61811b2f79383b3df36537f766e6564e27552634079f6aa0c12885128a47893f912d322eec621d6ea8db21cf2fd5eea6a6ed853f3cf7d74e52c643297bb911d38ccbd8b675bf2fd433a7bfb2465bcba25f4bbb908bb350400317f4294208cf2ac29a5989d9d44bb69cde064971832d574b1bd9b8564e8dfad6959f277986ab40e0d056e1e5c3e5ba31be3c7f87318531fa33f8f837d7471369a3fc31aa80552272e8d5b3a489cd8f6ed0786664721148c84b5681f0f69aaf0d7e5409f1bdb7c2320d36b2b8afac815615a08ccb2063636d044f4d4f2b568dca3ecb0f3d9800582a96705b4180988c8a40f003916a1d23107e6a6f76176aa7d42c1294f64f3e70265500c3c2e4ba652dd1d79dfe85d4c6b5f714ef2921b44853243a850e6bcccc3840b3f9dfe6ad221070fb2fee85061f96829b230f61015a60e3e045c2a147218c4cdc0a23697585f83e6b1741fd5c5978395a98292b55143be89963c1226bc5487e4417b413205e87bfc53106e06efe541a20a939875be81f668ddd13f4e608a2e8ec4deb83bb1d5a5865440347444f0f33413645a0db54a6e36932f71842456323a88bd78a89ea418e24a598a2a14686f26c91c6f019a72e701ae8f10eb0845b877b360b08bf9ef0f34708e098cf5d713077db1b9e45745c8a76b0a2d929e6c70174f68a4d20879a4f074de489eb23eb143b2dd80a93db0842623a942fe25c160da57f9ee9873f5cbd9a8c3fc0597d141af9d5f17bb9c27b4cc632dc79b7e14c65dfddb7c1922c28d0fb0aca6c49496434bde13c027f91cc95d753a67f209f53fa7154cd352f994af57134111520fe5446ebab69bf7d178012ab478f6137cdda9358d3d06459487963dff04a2770931a6ea24bb71eb3e1870cd25f788010001b96390d1b46e5f4c34125adb2f2ab8cf638181945c2c20de3ad71e10d151ad11ae7f9b6e565851f0c66a5bf8eb2caa1812ec4344f37da8cf245a776ae67cd73d0d08c366602b6a68534c99c7c2e65fb903", @generic="498f38634901ac08f9bd9a03dc8226daf015887229909f", @typed={0x8, 0x8f, @u32=0xef}, @typed={0x8, 0x49, @ipv4=@rand_addr=0x17fa}, @typed={0xc, 0x41, @u64=0x1000}]}]}, 0x1178}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r1) [ 257.435548] __sys_sendmmsg+0x490/0x850 [ 257.439601] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 257.444599] ? syscall_return_slowpath+0xe9/0x710 [ 257.449540] __x64_sys_sendmmsg+0x11c/0x170 [ 257.453910] ? __sys_sendmmsg+0x850/0x850 [ 257.458099] do_syscall_64+0x15b/0x230 [ 257.462064] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 257.467305] RIP: 0033:0x455a09 [ 257.470524] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 257.478317] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 23:39:44 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = memfd_create(&(0x7f0000000000)='\'GPLuserbdev^\x00', 0x1) setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000100)={{&(0x7f0000000040)=""/68, 0x44}, &(0x7f00000000c0), 0x8}, 0x20) fcntl$setpipe(r0, 0x407, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x1d5e) 23:39:44 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:44 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) connect(r0, &(0x7f0000000040)=@ethernet={0x6}, 0x80) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:44 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0xfbfffffffffffffd, 0x0) write$fuse(r0, &(0x7f0000000000)={0xda, 0x6, 0x0, @fuse_notify_inval_entry_out={0x1ff, 0xfffffffffffffff8}}, 0xfcda) getrlimit(0xf, &(0x7f0000000100)) ioctl$KIOCSOUND(0xffffffffffffffff, 0x4b2f, 0x3) connect$ax25(0xffffffffffffffff, &(0x7f00000000c0)={0x3, {"88e988aafe69e6"}, 0xffffffff00000000}, 0x10) syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x30, 0x90440) [ 257.485733] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 257.493048] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 257.500362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 257.507699] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000033 23:39:44 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x8, 0x105080) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) getresgid(&(0x7f0000000040)=0x0, &(0x7f0000000080), &(0x7f00000000c0)) getresgid(&(0x7f0000000100)=0x0, &(0x7f0000000180), &(0x7f00000001c0)=0x0) r4 = getgid() r5 = getegid() r6 = socket$vsock_dgram(0x28, 0x2, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000300)=0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000340)={{{@in, @in6=@ipv4={[], [], @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@rand_addr}}, &(0x7f0000000440)=0xe8) setsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000480)={r7, r8, r3}, 0xc) getresgid(&(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)=0x0) r10 = getegid() setgroups(0x6, &(0x7f00000002c0)=[r1, r2, r4, r5, r9, r10]) 23:39:44 executing program 2 (fault-call:5 fault-nth:52): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:44 executing program 1 (fault-call:2 fault-nth:2): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:44 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000001000)={0x1000, &(0x7f0000000000)="f26c8c2ed03bd2879bb0726b24a29310bc484f6a5018f99de1e1407b2f4cfe11644438f71c4406e8b7b43c0e4bd5b1ea8bb5e67be152b71697108eaaeb5f2ab62f9ca0dbf39dd444e80388ee51c159681afea55ff029586ce6c60bfdcbed4a52ce7b7879f277406a2b1a4999ac046c00f3994933a28fe9eac35059602ea9a612bb9fd655643aa6cfae6109238a6c8a41577f247088a08adc4504819ac31c2a9a85a96d88119e0325b960e879afaa9aff878bf686642406931d852c972466f44597ee8eba8d9efec3a3a9519734c192146912964bd51dc75dca101027ec450ccc1219eb1261c90d4d8b0f40d2c646a49d95820fea9cdfc55d2da3c0bef8009114d0185ec5c8c01525d0a2bebaacfa82287f7f0ae937ea70621734b761d6d48183ec7716d17ab49eeb3b83a23e4b41fc0f37dc7535d4222a3b9bce0d019aa6a0470cb8dda42b32d713ff65693174f7ead2f88399095f99ee4e2bd679138a29b8694a0ade9b7864794c70109fbfea78c6f301c58d2a72bb8baafb25f368c26e1f0ae089234b81f56a5fa86d8ba69aa6f9f15cdfed3adf62a815d7856d00842bcd696818a5e138c4691608a9f3671982de87d646ae69df117a1cdac189e3b20b1ebba5da5f5460cd026329fee2783ff7203b50f9d9a80328cf4c4a61a04a5a9039df4edc7fa619a691598c205e5cd984b3d2bdc4570ad5e3ba3c35e0e8f41805740907a74c2418c73e68b01a080776d19a5a493d31e0f81663ab9ce591dccf984637498e42f5869fc265b1cfe4b8f8fb9bad013743455ef73d4a782cd134cb58891a65e331b5fa91056799d3d2ba5c6a57c68b086bbd77edeee387469f76855ba3dd3e85b1694531218aff9d429db61e3a74b19a752fb371015b2eb08ccf0be88a2b3739bda96e79a4435e38333e3d7459aabfc704059e380b026f36187605c55d298efcbae1d8b4a791196074bec2dd93e8670e78950b91304fdc13a6be5463d5ac034ebfa1e1207ba537245b36e81e0b1154ef0e01e34ab7c6b3825e1021e509dbda264f3de3aaf77dad54842bb6e5d2905e724d0846a382d65d0ebb2278041f387c2a4c68a8d909739d1e59989fb304fc95fe2db1481f5a5ceddcb22d6e6a163248d7f8be7ef7d90754ed7cc59d62adb049e0d917134efc8d76c2f6d0fe04c7adc7ec4aa40e6b45c95ab8ff977a70f61f9d75cdcd94bfef330b5a91cabaee7f28dfe9cd337e8d13be8646014c710883225d496ee854b59338beb6fe197238a127ecc86bf0e3525c3dded0eed71008f7c107ac6f92cb99b43f116c3acee5debb65639d6b2f38764b0a67d9688c6ef09755ac2706197ac602d2689273fee87b47def246a9f0fa85dea0607bd290371a57d7729079325c6cca77cb2a8d1ea40729eb9b783b8ff64ea960343e29f9b71bd765bbc7612e9f8bc0cf031a550856834e3ba9035486ccb0ba8a7f5075d4a4578bf57e2a942b7923f5e43527010ca3bd6eaad7f4528d7e4b82845ad054f1248ea5672b2180fce74e432468f538d756d641fb8dc986f3bda5a789aed41ecf55b2d785711ef72088c8a87aa943ad189def7afec6e99ae594d3279f4e1362079c5548c86610c9c64ae238afa41822d1e5b73fcdb09f3ff587161a4507a26ff6150ee6a35f2f0ecae7219cd56ab004ba309a225da439616924d1014e13e42697393da5466ecf5be21d265ad3510750eee812ced6db5e904b4b9c510270aa30291d22eff87867755c61fce00c51ec4bde79c1458e103039e8ab00af29b0ff69ca92fdb2e8b2a07ed9c8025019964cb52fbe1544656275a939e2461dd92f78d917e6e96bb64921995f18fd00969d260fc9387a038f443ecb764bf5c82c08915dea2aafcfc399e5f536d836113607b9e176d72d6a808e7a5f63a7dfccf079ec21eebd2867a06edad2cc97407c059769f697d474ea53b0be87a0f9913c469803db4ccba1eb0ffcf39ae305ef2f157b0041d072b38890a05ecf48bd24e98d9d21ddbf33926889ad8ab6524483a49108fe736efbdcbbad90a9d41d352debf78e69487f2a27b9bfd27206f62813050ca8a4afe185b86584303c03d96f30e5e0195253c1f66c352b1f4946e501dfd410b96fc4a262bf49dcc1e45759aebe39bfdd40c45be770834d3a7fc205815f40c195ebcd4fa94d6316861dd0b650140db7f2fed92420556af08d698f2400e519856ca277c1932dc85dfcf21294e4f69e601270b646e48f51761fbe7028e2166d935795af02f1549a6a3cd575ec848196457431b29891af932547efa9ffef67aecf0bcef577710c6310a4c2619e7d51cafc560c3e9bee606a697e44e901c3ef75726d9a107e093a4bc2034e81192e877489e5d0f2655f181bb4b2205ab69600485183d5f93496758df553337d73f8ec0d526526cdc820d3622dcc87ca5ce5dea7953a3b82e56fa4257fa96d589bc950b253200bac4c37cd81cb95fa024dbba8e089f93b2338793639e6ca5e3fcefb1c24dcb22865d9b04862a80bcfae3f7a4b93a46fe2faf5f50ace27869ce9e6d783ae54a6bc82068c4e94d1e6e100eddcaae85fbf42ecc236ee2c454e1eb5dac052e789309dcc94e4822640c5724f7390c503ef4d5d4e30082a1e62a658a61c29923f1d93c1604100a43c4d0bbbae3eefd59a2d92296071add615f69af1298c450c41dd47e5e6dc61ddc2ad323e22799c7de8682265d67715f2efafa749bb35f78c1c7e03cb843b2dd9fee5a8f98459503fbd7b42c647c992c998a92e1184019562f1c13ea4c4b65dfe15fccf250014b375f1a4bc5bbda23d0b2612ec5328c4ed2224409815874d875bb3217344505d8af8652e5361db1fffbf5e21296443bf72a4357eaad6fb57cae1bfe77080b18352a0ad2cda269761b66cf5f252e0ece46c6543210eb761251cafcaa19a8d9311fadc9057f9569d07bff2d2c50de9ba701ec18b01b11204e32e6b194b8f9503b6b99462a0f8f43f2e532e5fe8251dcbfe32ca84e03011b936a18b7759e1695e287c6a54d5086011098f63bac36bdb71ff52fc8d8c2c6c4e81c718c6a25f291529725f91ad80bea77909293bbe9f44d207703adefad9d9acba0666680e6d18729d4c64207414b3cd768fc8443bba1ee609dae78532adf55ed87926eee098d81073694432fd90331b36c2c10ebabe31c37e667e7147b1faf7ac02a875a457d555ecb3639592daa8949188d21eb770f45e7fe5fe824aff45c63b381b731142841bdac0baf6b954a40b92cc58d6131beef4aa705ff21253a8efb834189ac17a1d3cd2c314fa7d5c909dd1c9412e730ef2285c62ac2fb062a5a2d4d540bd67bf10377518ff4b843dd54a7d1a6852e4aacf64ffd3de7114c95ecdf077b5d76bb7d35d4549c66ff3c22b06ae406fb3fef5cb5035ac2abefb918b679d572335a1a46bc94eaa3a5b4ccf192e846ff35e15c01404d57b59e9c14a4d538bfc306a0130eeb863cc732a2b582809b5e425c80f6714349b308b81b33574f4ce1acc154ff6695cd5df7514175c0e660cae8e1c89d2c2645680aa227ae3760f7d13846e41f8e1ab60fb4ee793ad87720c9ef2571dee120b4c78d0e1985d5fe3c26a86b8c7b1f54eafbfa37ac411460f5904d1c4a223c685b13db27c345d185a6890e254a6381b03a81f6103af6e114a2cc45b2a8615a2e12af5e8549393e4de242c7c63a1b85f4fb354c7da83123ec5a2943461e7cc02d0a91a4e7ef65b392d155fda4fc2645c53b69f800b4b3b61c0835d6ca82a4ba4b8caab8de77dab2450235d0a104d8b88dd4a113c81b7512f93268f2ae8438a5edce710353c0d5ed3fd5df0893fedabc4cbbd6addfae2b68a7ca6b95b188f1ffbeceb2e50545a3d115eaa405c7eaa79c53cb00685618a13477e8331d58f812a6868afd16c014183aa8f2d2575317bb3e7ebd6b61157a2398aef19a64f430d85cbe81b9ad949c06d594178730600c53561b058b09844f64c2bd5738aaec172e597ff289644d527ba6f1e897ff3b25d7a333aeef56faf0c68794e1d299f9d13d8fc9a692790a9b4aa65bd4dd53900825c6b8f958e8a7a2f3c287566f74b34d49616de34b1d612d9c9d979fdbd0745a36be7dd90641107d29a66ccfa6d36ed6bb15906c31692935ef42a1af59cf72e224788767bdea50b440d48f519658c7d1f3fb4e53ff641ede45df40468664d91a853c2d4f5e75bba7ae3a95117c5426de9bc0fc39e9bdbf2c440837bf35b90c6d0637c4136b19d44168544c09e1af45a7475c9fbe8dbc480f3157be4d6a7677633edf3b612ea2db8d15bb12ffe20838bf28fb7bd67309fd3a2f08c15ec4a115074fc3e2fb48ec405a1e8760e269e3c1668d96afce1e3324c7a6a40f9f03fa0fdb8dc426cde9dab5c3235207ccd179c7c841fdf8aba9817ea928378f662a298e195f4835c95b80f24563c1c725c3f2c56ef9468b807657023d78e20eae0edaf12e5c9e4c59ed72c9b2320d8337ecf82a9686af1981a42e14665eaf5cf5dddc1dc2587b5022525194102703e57de51c77e44c529b36c6333399e29eb6d2296c92e367e8f673a07d1c5ff232397989dc8345dab236cef43655115b311beb0f11505d24510c6631ea6272e260107d96004bb12751b46ecc3981bef3bd6671ea82b42e6fd53130d255d7cd222a9a174008faa0192c9dbc648273a17a4580e20885f7136b65a7427452b81892d6c32cf4763a16f70e9295e05e31f42b346214f821ce68f2e161b026645bd60c1e9c42bc6ce21282044f13e4a9fecdfdcc54da14349172f6c0bb541ccf0ba231c73929db2e6a66761dc9ef66f01cf91b07d95e56340f28c5045c068a0aa666f036493758faf22f87dc80d5ce2ad5355933e62b37181df249ca4e08e8af2edafde3912f9fc7ad4b421211e29b6ceceeb682e8c2c185149daaf55be41f6de6375c79e52646dca9dc54d5dc3191019ab8ed99d2055a0e26ca04588b3d0004a37ec7c800b2ce6de80b72b4cd3dcf5b1051b5840f7a4d08e27029aec972592cedd283830efccab264a829ae2920a4f1241dac7271207c29138fdc366bec32102a11ec1f56fd463f5492e467af8100338efc20da9608e600e3404ecb11fdafc49faa58674e53b44dc905c582afff7c7e738d2dba6bf6b923d010f1bd657dc6b037047910cc46e25ce3ba7e72972e6e09f93aaaf325fdcaf025aa2a590912dbb74a3b808bea4332179a9cbf74d26a49bec24d1b0fc55d2168d67fe3ae9a7ab073fdf8976100c794fee05fe03275f79a674857127d59cb591de0fc9387db6d738da250b07da8acc596f40de42675c24b11ab5f196b27f3f1480b067a913fc9b45ac3ccb670c1befd74a4bd692dea2f6b247b022e14cdde8eec303086c2e72f8f537b3765ab01e486b4fd2ed2b4d58fb59cb6d0614a6538695d95cc911021c99db141265fd5ebfafcff7efe3212f5601287318552f80a660ea69c88f3e0cdd17b72b6616c41582c0921b20a920329ee3731739357bed938d6686c38daf6c37245444ba5b7c7c1bbffb3d3e94d8f79da003a61b15a0a02c4cce9605f2025b51b8116229c116e201a7405072ca8bcfef9610dab757ff290e264f0809d7e213508de9584de5ba74271ba138b588432c28f14af41ebc4ec4b14fc3671d710ab9682b6a6097a2e4b9724e9b384571a5d67426d8086cd5889cc0ed0c4bfb912303d0fdcf1889b95629270eef36782d30b76fde489902d00ac9c08d71b66ee77b726c2ce9a0f68e5cf445da63c37824298b5728c7c4221ba5e6dc3699b4298242ea8e4fd9bc4134a5670ac151339faa"}) getsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000001040)=""/60, &(0x7f0000001140)=0x3c) [ 257.786883] FAULT_INJECTION: forcing a failure. [ 257.786883] name failslab, interval 1, probability 0, space 0, times 0 [ 257.798565] CPU: 1 PID: 16063 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 257.805799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 257.815200] Call Trace: [ 257.817858] dump_stack+0x185/0x1d0 [ 257.821550] should_fail+0x87b/0xab0 [ 257.825350] __should_failslab+0x278/0x2a0 [ 257.829668] should_failslab+0x29/0x70 [ 257.833626] kmem_cache_alloc_node+0x157/0xc80 [ 257.838278] ? validate_xmit_skb+0xfea/0x1320 [ 257.842850] ? __alloc_skb+0x202/0x9e0 [ 257.846832] __alloc_skb+0x202/0x9e0 [ 257.850608] alloc_skb_with_frags+0x1e6/0xb80 [ 257.855157] ? kmsan_set_origin_inline+0x6b/0x120 [ 257.860046] ? __msan_poison_alloca+0x15c/0x1d0 [ 257.864781] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 257.869614] ? packet_sendmsg+0x6594/0x8ad0 [ 257.874008] sock_alloc_send_pskb+0xb56/0x11a0 [ 257.878681] ? kmsan_set_origin+0x9e/0x160 [ 257.882993] packet_sendmsg+0x6594/0x8ad0 [ 257.887216] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 257.892726] ? rw_copy_check_uvector+0x643/0x6c0 [ 257.897526] ? __msan_poison_alloca+0x15c/0x1d0 [ 257.902270] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 257.907786] ? import_iovec+0x3c7/0x600 [ 257.911838] ? copy_msghdr_from_user+0x72c/0x830 [ 257.916689] ? compat_packet_setsockopt+0x360/0x360 [ 257.921796] ___sys_sendmsg+0xec8/0x1320 [ 257.925936] ? kmsan_set_origin_inline+0x6b/0x120 [ 257.930942] ? __msan_poison_alloca+0x15c/0x1d0 [ 257.935660] ? _cond_resched+0x3c/0xd0 [ 257.939575] ? rcu_all_qs+0x32/0x1f0 [ 257.943335] ? _cond_resched+0x3c/0xd0 [ 257.947275] ? rcu_all_qs+0x32/0x1f0 [ 257.951015] ? __sys_sendmmsg+0x61d/0x850 [ 257.955192] __sys_sendmmsg+0x490/0x850 [ 257.959214] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 257.964178] ? syscall_return_slowpath+0xe9/0x710 [ 257.969085] __x64_sys_sendmmsg+0x11c/0x170 [ 257.973423] ? __sys_sendmmsg+0x850/0x850 [ 257.977582] do_syscall_64+0x15b/0x230 [ 257.981502] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 257.986697] RIP: 0033:0x455a09 [ 257.989884] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 257.997614] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 258.004889] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 258.012173] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 258.019462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 258.026745] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000034 [ 258.085760] FAULT_INJECTION: forcing a failure. [ 258.085760] name failslab, interval 1, probability 0, space 0, times 0 [ 258.097192] CPU: 0 PID: 16074 Comm: syz-executor1 Not tainted 4.17.0-rc5+ #1 [ 258.104425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.113822] Call Trace: [ 258.116440] dump_stack+0x185/0x1d0 [ 258.120082] should_fail+0x87b/0xab0 [ 258.123809] __should_failslab+0x278/0x2a0 [ 258.128095] should_failslab+0x29/0x70 [ 258.132033] __kmalloc_node+0x22f/0x1200 [ 258.136119] ? blk_mq_alloc_tag_set+0x6de/0x1710 [ 258.140890] blk_mq_alloc_tag_set+0x6de/0x1710 [ 258.145503] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 258.150877] ? idr_alloc+0x192/0x220 [ 258.154619] loop_add+0x396/0xe80 [ 258.158205] ? idr_find+0x9a/0xc0 [ 258.161691] ? do_vfs_ioctl+0xcbd/0x24b0 [ 258.165782] loop_control_ioctl+0x6fb/0x9e0 [ 258.170113] ? xor_init+0x90/0x90 [ 258.173573] do_vfs_ioctl+0xcbd/0x24b0 [ 258.177480] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 258.182859] ? __fget_light+0x6a3/0x700 [ 258.186866] ? security_file_ioctl+0x5e/0x200 [ 258.191406] __x64_sys_ioctl+0x280/0x320 [ 258.195502] ? ksys_ioctl+0x260/0x260 [ 258.199330] do_syscall_64+0x15b/0x230 [ 258.203238] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 258.208451] RIP: 0033:0x455a09 [ 258.211663] RSP: 002b:00007fcac195dc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.219950] RAX: ffffffffffffffda RBX: 00007fcac195e6d4 RCX: 0000000000455a09 [ 258.227237] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000013 23:39:45 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) r1 = semget$private(0x0, 0x0, 0xa) semctl$IPC_RMID(r1, 0x0, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:45 executing program 0: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f00000002c0)="0047fc0500000000000000") r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xfffffffffffffffe, 0x80000) fcntl$getown(r1, 0x9) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000080)=0x8001, 0x4) setsockopt$llc_int(r1, 0x10c, 0x0, &(0x7f00000000c0)=0x7a25, 0x4) ioctl$PPPIOCGMRU(r1, 0x80047453, &(0x7f0000000100)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:45 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) timerfd_create(0x1, 0x93a22330dde6524c) r1 = gettid() syz_open_procfs(r1, &(0x7f0000000000)='net/ip6_mr_vif\x00') write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) r2 = msgget$private(0x0, 0x1) msgsnd(r2, &(0x7f0000000180)={0x3, "ce60d9b59d4c920dbfdde40e83cb4fc01811866ffeb9de0a713a2185d6ca05a28373e3f12d586cab1a57fd29e13d2293f09ecce2e061d34804e92362"}, 0x44, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0xe, @dev={0xfe, 0x80, [], 0x16}, 0x7}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000100)=[@in={0x2, 0x4e24, @broadcast=0xffffffff}, @in6={0xa, 0x4e21, 0x6, @remote={0xfe, 0x80, [], 0xbb}, 0xc7a3}, @in={0x2, 0x4e21, @loopback=0x7f000001}, @in6={0xa, 0x4e23, 0x2d, @dev={0xfe, 0x80, [], 0x1d}, 0x8000}], 0x10) 23:39:45 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getpgid(0xffffffffffffffff) r1 = getpgid(0xffffffffffffffff) r2 = getpgid(r1) ptrace$setregs(0xf, r2, 0x107, &(0x7f0000000000)="b4b1085e7041768636961e81828e84dd51333b02fa97babfa3a4c4dd0b0f75904117c44c6cfb6c55f10124366a767061c474555e7caba9ebe00a7f3dcbe4") fcntl$setpipe(r0, 0x407, 0x0) 23:39:45 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x0, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:45 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) getpeername$netlink(r1, &(0x7f0000000040), &(0x7f0000000080)=0xc) ioctl(r0, 0x6, &(0x7f0000000180)="6f77cc3dc47a648d1fb34d33070297a7be0922bca32f441682af7ee4fc69cfeeda369abc21a56137a7cc5571321529093785c0bf56e74c2febffc7103c66806623313a447c05095778da7b88c2fb184bca196bd3b12a85c74b240c695a6dc772c17dfed3d0ed8274da9f0dd908b395340fc8d2a57693d7ca21dca5ed22606bba52d46c6bb863677d46f439f60370d82f578fc8b06d0a6963222474698189af78d8bc24e0cfd431189018e97ffac36e9e") socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:45 executing program 1 (fault-call:2 fault-nth:3): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:45 executing program 2 (fault-call:5 fault-nth:53): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 258.234528] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 258.241806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 258.249081] R13: 00000000000002d6 R14: 00000000006f94b0 R15: 0000000000000002 [ 258.330626] FAULT_INJECTION: forcing a failure. [ 258.330626] name failslab, interval 1, probability 0, space 0, times 0 [ 258.342109] CPU: 0 PID: 16078 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 258.349342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.358745] Call Trace: [ 258.361396] dump_stack+0x185/0x1d0 [ 258.365076] should_fail+0x87b/0xab0 [ 258.368853] __should_failslab+0x278/0x2a0 [ 258.373160] should_failslab+0x29/0x70 [ 258.377097] __kmalloc_node_track_caller+0x24b/0x11b0 [ 258.382350] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 258.387784] ? alloc_skb_with_frags+0x1e6/0xb80 [ 258.392519] __alloc_skb+0x2cb/0x9e0 [ 258.396274] ? alloc_skb_with_frags+0x1e6/0xb80 [ 258.401010] alloc_skb_with_frags+0x1e6/0xb80 [ 258.405575] ? kmsan_set_origin_inline+0x6b/0x120 [ 258.410488] ? __msan_poison_alloca+0x15c/0x1d0 [ 258.415234] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 258.420069] ? packet_sendmsg+0x6594/0x8ad0 [ 258.424462] sock_alloc_send_pskb+0xb56/0x11a0 [ 258.429142] ? kmsan_set_origin+0x9e/0x160 [ 258.433465] packet_sendmsg+0x6594/0x8ad0 [ 258.437684] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 258.443182] ? rw_copy_check_uvector+0x643/0x6c0 [ 258.447983] ? __msan_poison_alloca+0x15c/0x1d0 [ 258.452731] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 258.458246] ? import_iovec+0x3c7/0x600 [ 258.462296] ? copy_msghdr_from_user+0x72c/0x830 [ 258.467158] ? compat_packet_setsockopt+0x360/0x360 [ 258.472257] ___sys_sendmsg+0xec8/0x1320 [ 258.476424] ? kmsan_set_origin_inline+0x6b/0x120 [ 258.481347] ? __msan_poison_alloca+0x15c/0x1d0 [ 258.486093] ? _cond_resched+0x3c/0xd0 [ 258.490061] ? rcu_all_qs+0x32/0x1f0 [ 258.493850] ? _cond_resched+0x3c/0xd0 [ 258.497813] ? rcu_all_qs+0x32/0x1f0 [ 258.501578] ? __sys_sendmmsg+0x61d/0x850 [ 258.505792] __sys_sendmmsg+0x490/0x850 [ 258.509849] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 258.514845] ? syscall_return_slowpath+0xe9/0x710 [ 258.519782] __x64_sys_sendmmsg+0x11c/0x170 [ 258.524158] ? __sys_sendmmsg+0x850/0x850 [ 258.528359] do_syscall_64+0x15b/0x230 [ 258.532314] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 258.537540] RIP: 0033:0x455a09 [ 258.540760] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 258.548519] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 258.555830] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 258.563401] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 258.570713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:45 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000240)='/dev/snd/pcmC#D#p\x00', 0x8, 0x80000) ioctl$TIOCLINUX6(r1, 0x541c, &(0x7f0000000280)={0x6, 0x10000}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x100, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f00000002c0)=0x3) r3 = accept(0xffffffffffffff9c, &(0x7f0000000000)=@rc, &(0x7f0000000080)=0x80) write$binfmt_aout(r1, &(0x7f0000000380)={{0x10b, 0x3d, 0x0, 0x120, 0x372, 0x5, 0x38c, 0x3}, "7d44c1d59ba71180ab6daf61a40fa31b9788288ea7de8b706cb5eb94de2778a2eb89ebd1537bdca341e861e9d293beaac449aff477ac59e406feea4ad7e81b2596e78860d7af7bb4dfdb6d99beedb237d8415c6559b76bb59c30c0f0d749e16343d1440966ce40b83524c31721e9e0", [[], [], []]}, 0x38f) sendmmsg$alg(r3, &(0x7f0000000200)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)="59da0413985a47a22f83be9645010137643976f24ed1a094d03ec5a22216f2eae1e406096d09c2c13a74ab06c4014ff17493ece9516294d9535cb311ff", 0x3d}], 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="180000000000000017010000040000008e8710dcb4dfeb8e9ef40000000000001701000004000000030000000000000018000000000000001701000004000000ae0b00000000000018000000000000bff0801a00030000000000000000000000980000000000000017010000020000008000000092b84f05c8fe1c242cc9f4d83cffcd704d7364fcc0aa7945d2c492c21fa9dc7356ae77188aac97e96fb5eca1ccb29974e0ef93485500a0eb4faf8b04abb2d87b70200b2602b9e7bdb92892ed39fc1b6c2a7742b1e4be7c38c6f103aa286fce031f2742673a7f7bc1a53218b36fee3df782d83cf9c52a2b75aff5a6192988ca48e54325148f86000000009a914b972cc7475e"], 0xf8, 0x1}], 0x1, 0x3c) r4 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@empty, 0x3e, 0x2, 0x3, 0x8, 0x6, 0xfffffffffffffffd, 0x4}, 0x20) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f00000001c0)={0x9, 0x7, 0x80000001, 0x78, 'syz0\x00', 0x5}) connect$vsock_dgram(r2, &(0x7f0000000340)={0x28, 0x0, 0x2711, @any=0xffffffff}, 0x10) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r4) 23:39:45 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x0, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:45 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/autofs\x00', 0x0, 0x0) ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000040)) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000080)) [ 258.578024] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000035 [ 258.630346] FAULT_INJECTION: forcing a failure. [ 258.630346] name failslab, interval 1, probability 0, space 0, times 0 [ 258.641759] CPU: 0 PID: 16092 Comm: syz-executor1 Not tainted 4.17.0-rc5+ #1 [ 258.648988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.658379] Call Trace: [ 258.661025] dump_stack+0x185/0x1d0 [ 258.664719] should_fail+0x87b/0xab0 [ 258.668506] __should_failslab+0x278/0x2a0 [ 258.672813] should_failslab+0x29/0x70 [ 258.676747] __kmalloc_node+0x22f/0x1200 [ 258.680878] ? blk_mq_init_tags+0xc0/0x530 [ 258.685204] blk_mq_init_tags+0xc0/0x530 [ 258.689318] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 258.694744] ? blk_mq_hw_queue_to_node+0x1ae/0x1f0 [ 258.699726] ? blk_mq_alloc_rq_map+0xea/0x4b0 [ 258.704302] blk_mq_alloc_rq_map+0x198/0x4b0 [ 258.708762] blk_mq_alloc_tag_set+0xd27/0x1710 [ 258.713417] loop_add+0x396/0xe80 [ 258.716938] ? idr_find+0x9a/0xc0 [ 258.720454] ? do_vfs_ioctl+0xcbd/0x24b0 [ 258.724575] loop_control_ioctl+0x6fb/0x9e0 23:39:45 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="144dfc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) r2 = syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x20e9ea1, 0x484000) getsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f00000000c0), &(0x7f0000000100)=0x4) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="021110000a000c000000000000000000"], 0x10}, 0x1}, 0x0) shutdown(r1, 0x1) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:45 executing program 6: openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0xffffffffffffffff, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x800, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000040)) write$fuse(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="28000000060000000000000000000000db000000000000000000000000000000000000000000000051687ff5617e2c5979306f11f926f36b817dc82068a68b354302a562f23cc7f35604b4c296faac6b7bf2199e12e4a93e3571bece31108c761a363b331c"], 0x65) 23:39:45 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x0, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:45 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x7, 0x7ff, 0xff}, 0xc) socket$unix(0x1, 0x2, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:45 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) sendmsg$nl_generic(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xac, 0x40, 0x210, 0x70bd2a, 0x25dfdbfe, {0x4}, [@generic="7b099dd5437fdc4ff8271f584acac7cb3e8ee6c16e3a8d3de5872326440d462723cb0d48e9fb682a6b9487e1ca156d8b386f85efa2437c9c2424b72bb48ca4c4ec4c3ee597e931a658022e23a89b10795da66e1ea88032fc54678477f86524cb786ae571d56218df189b5bdc1fac60d0311dd91522708e48c833b453fb65deea9e41e07d3dae8e37efe681e8a560f6a9bcc0116446"]}, 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x20008010) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) [ 258.728944] ? xor_init+0x90/0x90 [ 258.732432] do_vfs_ioctl+0xcbd/0x24b0 [ 258.736378] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 258.741814] ? __fget_light+0x6a3/0x700 [ 258.745851] ? security_file_ioctl+0x5e/0x200 [ 258.750423] __x64_sys_ioctl+0x280/0x320 [ 258.754534] ? ksys_ioctl+0x260/0x260 [ 258.758458] do_syscall_64+0x15b/0x230 [ 258.762405] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 258.767701] RIP: 0033:0x455a09 [ 258.771063] RSP: 002b:00007fcac195dc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.778791] RAX: ffffffffffffffda RBX: 00007fcac195e6d4 RCX: 0000000000455a09 [ 258.786080] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000013 [ 258.793438] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 258.800709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 258.807991] R13: 00000000000002d6 R14: 00000000006f94b0 R15: 0000000000000003 [ 258.821631] blk-mq: reduced tag depth (128 -> 64) 23:39:46 executing program 2 (fault-call:5 fault-nth:54): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:46 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{}, {0x0}]}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000100)={r2, &(0x7f00000000c0)=""/26}) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:46 executing program 1 (fault-call:2 fault-nth:4): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:46 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)) r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:46 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000040)={0x0, 0x3f}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r1, 0x80}, 0x8) 23:39:46 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x804, 0x0) write$fuse(r0, &(0x7f000000afdf)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out}, 0x28) 23:39:46 executing program 0: getcwd(&(0x7f00000003c0)=""/240, 0xf0) r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x11, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) r2 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x8, r2) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000002c0)={{{@in=@remote, @in=@multicast1}}, {{@in=@rand_addr}, 0x0, @in=@loopback}}, &(0x7f0000000040)=0xe8) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0xb3, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) 23:39:46 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:46 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f000000afdf)=ANY=[@ANYBLOB="2800008c15677a69069b7307da0006000000000000000000000000000000000000000000000040"], 0x28) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000000)) 23:39:46 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000000c0)={0x81, 0x6, 0x9, 0x4, [], [], [], 0x1, 0x1, 0x2, 0xffffffffffffffc0, "fb83eb32de8d0f35739b15fe9ca37dcd"}) [ 259.889283] FAULT_INJECTION: forcing a failure. [ 259.889283] name failslab, interval 1, probability 0, space 0, times 0 [ 259.900826] CPU: 1 PID: 16153 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 259.908054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.917451] Call Trace: [ 259.920111] dump_stack+0x185/0x1d0 [ 259.923816] should_fail+0x87b/0xab0 [ 259.927634] __should_failslab+0x278/0x2a0 [ 259.931949] should_failslab+0x29/0x70 [ 259.935909] kmem_cache_alloc_node+0x157/0xc80 [ 259.940565] ? validate_xmit_skb+0xfea/0x1320 [ 259.945128] ? __alloc_skb+0x202/0x9e0 [ 259.949092] __alloc_skb+0x202/0x9e0 [ 259.952861] alloc_skb_with_frags+0x1e6/0xb80 [ 259.957396] ? kmsan_set_origin_inline+0x6b/0x120 [ 259.962322] ? __msan_poison_alloca+0x15c/0x1d0 [ 259.967089] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 259.971913] ? packet_sendmsg+0x6594/0x8ad0 [ 259.976303] sock_alloc_send_pskb+0xb56/0x11a0 [ 259.980970] ? kmsan_set_origin+0x9e/0x160 [ 259.985265] packet_sendmsg+0x6594/0x8ad0 [ 259.989487] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 259.994989] ? rw_copy_check_uvector+0x643/0x6c0 [ 259.999802] ? __msan_poison_alloca+0x15c/0x1d0 [ 260.004555] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 260.010079] ? import_iovec+0x3c7/0x600 [ 260.014123] ? copy_msghdr_from_user+0x72c/0x830 [ 260.018980] ? compat_packet_setsockopt+0x360/0x360 [ 260.024079] ___sys_sendmsg+0xec8/0x1320 [ 260.028223] ? kmsan_set_origin_inline+0x6b/0x120 [ 260.033129] ? __msan_poison_alloca+0x15c/0x1d0 [ 260.037881] ? _cond_resched+0x3c/0xd0 [ 260.041847] ? rcu_all_qs+0x32/0x1f0 [ 260.045628] ? _cond_resched+0x3c/0xd0 [ 260.050522] ? rcu_all_qs+0x32/0x1f0 [ 260.054296] ? __sys_sendmmsg+0x61d/0x850 [ 260.058510] __sys_sendmmsg+0x490/0x850 [ 260.062553] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 260.067547] ? syscall_return_slowpath+0xe9/0x710 [ 260.072480] __x64_sys_sendmmsg+0x11c/0x170 [ 260.076863] ? __sys_sendmmsg+0x850/0x850 [ 260.081068] do_syscall_64+0x15b/0x230 [ 260.085023] entry_SYSCALL_64_after_hwframe+0x44/0xa9 23:39:46 executing program 4: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) 23:39:46 executing program 4: r0 = socket$bt_bnep(0x1f, 0x3, 0x4) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x100, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2) clone(0x8800, &(0x7f0000000000)="e3e40174a5708af3c40e72004aeb31f9358ec5d2e4524abcb8ad098869afc25a58811ee30172d641b814030c5f8327ebc69edd81ce77390a12dc9a199e0fcb600afd910477fe3890ca3a2d8a2ba4151d2f25c65c3485f1b5300770033bd31f863b97ca22b1e218f5c135014dae0b9c4c5d38f609c6ee771aebdb5a6b03dc90af7a595525", &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000180)="0d021665ca7f8c7535b76c78c88032") r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0) r4 = semget(0x2, 0x3, 0x2) semctl$SEM_INFO(r4, 0x3, 0x13, &(0x7f00000001c0)=""/106) semget(0x3, 0x7, 0x4) 23:39:47 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)) r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:47 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x9, 0x400000) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) pkey_alloc(0x0, 0x1) ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f00000000c0)=0xffffffff) 23:39:47 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x34) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 260.090252] RIP: 0033:0x455a09 [ 260.093473] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 260.101237] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 260.108548] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 260.115864] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 260.123168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 260.130482] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000036 23:39:47 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) r1 = geteuid() r2 = getgid() fchown(r0, r1, r2) 23:39:47 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/autofs\x00', 0x0, 0x0) ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000040)) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000080)) 23:39:47 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)) r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:47 executing program 2 (fault-call:5 fault-nth:55): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:47 executing program 6: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000)=0x20, 0x4) write$fuse(r0, &(0x7f000000afdf)={0x12, 0x6, 0x0, @fuse_notify_poll_wakeup_out={0x5}}, 0x12) write$binfmt_misc(r0, &(0x7f00000000c0)={'syz1', "c37c34f11cdffbd1e0da8bff051598f49fc0cec62f596bf78ce23f212cb9c282cf859d6ac0bbc8b1cbc6cd92598477d460c6a386c58eac85cb8d6cd5d4be56411c32602dba1d0ad4ed6071eac362e64bc692ef2c5d835006ff18a50a7d7b00382e84cacb38dfe43e0416770699cbeeb4c05afed9f69b70cb83d7e9a21af0f64e57576af3a04cb3bcdc2c6d0570968b57a93103060206808120832aea04165918cacef5d61072413e4c7bdeb5a615960836b26933a706c0b956add9c885ee1895b66c9300216ef68090aa316398ded82dd45e"}, 0xd6) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) 23:39:47 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) accept$alg(r0, 0x0, 0x0) ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f00000000c0)=""/164) write$fuse(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000600000000000008007ed91bf800000000000000000000000000b82f324d786149e527d9271d200fd96fb611d5f1f16ff2e771d61b7c70e950ca3b6be0732b0c4d03cef1d40fc95c8fe174d99fb509ae13312b4f5c0dd35e3dd93a96266105b4ac3e0e5fead0c079b0901d4ade7afd6ea7111e35103dc9fb8918677c1ed3c52d5d83b58ea0981c41733a2ac0d2992b54933fea962cc0e7fd4ea995244e2945cdea475a141742017401ebca3c1801c13f00e6edbfb604fead9fd94084b07f50b9403015ab724ce6994126997f4ea78ec13b1ca6856f43fefc0aa2759c"], 0x18) r1 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x81, 0x200000) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f00000001c0), &(0x7f0000000200)=0x4) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2800, 0x0) 23:39:47 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0xfffffffffffffffc, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) fcntl$setflags(r0, 0x2, 0x1) getsockname$ax25(r1, &(0x7f0000000000), &(0x7f0000000040)=0x10) 23:39:47 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x1) ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040)) [ 260.452359] FAULT_INJECTION: forcing a failure. [ 260.452359] name failslab, interval 1, probability 0, space 0, times 0 [ 260.463856] CPU: 0 PID: 16188 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 260.471109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.480497] Call Trace: [ 260.483173] dump_stack+0x185/0x1d0 [ 260.486877] should_fail+0x87b/0xab0 [ 260.490643] __should_failslab+0x278/0x2a0 [ 260.494947] should_failslab+0x29/0x70 23:39:47 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1) 23:39:47 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d8") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 260.498888] __kmalloc_node_track_caller+0x24b/0x11b0 [ 260.504140] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 260.509695] ? alloc_skb_with_frags+0x1e6/0xb80 [ 260.514430] __alloc_skb+0x2cb/0x9e0 [ 260.518184] ? alloc_skb_with_frags+0x1e6/0xb80 [ 260.522911] alloc_skb_with_frags+0x1e6/0xb80 [ 260.527467] ? kmsan_set_origin_inline+0x6b/0x120 [ 260.532376] ? __msan_poison_alloca+0x15c/0x1d0 [ 260.537133] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 260.541973] ? packet_sendmsg+0x6594/0x8ad0 [ 260.546379] sock_alloc_send_pskb+0xb56/0x11a0 [ 260.551055] ? kmsan_set_origin+0x9e/0x160 [ 260.555383] packet_sendmsg+0x6594/0x8ad0 [ 260.559618] ? apic_timer_interrupt+0xa/0x20 [ 260.564084] ? sock_def_readable+0x250/0x250 [ 260.568562] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 260.574060] ? rw_copy_check_uvector+0x643/0x6c0 [ 260.578868] ? __msan_poison_alloca+0x15c/0x1d0 [ 260.583621] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 260.589150] ? import_iovec+0x3c7/0x600 [ 260.593315] ? copy_msghdr_from_user+0x72c/0x830 [ 260.598165] ? compat_packet_setsockopt+0x360/0x360 23:39:47 executing program 6: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x9, 0x400000) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) pkey_alloc(0x0, 0x1) ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f00000000c0)=0xffffffff) 23:39:47 executing program 0: socket$kcm(0x29, 0x5, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:47 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x2, 0x0) recvfrom$unix(r1, &(0x7f0000000180)=""/4096, 0x1000, 0x10001, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e20}, 0x6e) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 260.603246] ___sys_sendmsg+0xec8/0x1320 [ 260.607402] ? kmsan_set_origin_inline+0x6b/0x120 [ 260.612315] ? __msan_poison_alloca+0x15c/0x1d0 [ 260.617065] ? _cond_resched+0x3c/0xd0 [ 260.621029] ? rcu_all_qs+0x32/0x1f0 [ 260.624832] ? _cond_resched+0x3c/0xd0 [ 260.628812] ? rcu_all_qs+0x32/0x1f0 [ 260.632584] ? __sys_sendmmsg+0x61d/0x850 [ 260.636927] __sys_sendmmsg+0x490/0x850 [ 260.640977] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 260.645969] ? syscall_return_slowpath+0xe9/0x710 23:39:47 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d8") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:47 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000040)={'vcan0\x00', 0x81}) 23:39:47 executing program 5: r0 = accept$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000040)) fcntl$setsig(r0, 0xa, 0x25) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x84800) setitimer(0x1, &(0x7f00000000c0)={{0x77359400}, {0x77359400}}, &(0x7f0000000100)) fcntl$setpipe(r1, 0x407, 0x80000080000000) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x3, 0x7, 0xfffffffffffffff8, 0x5, 0x4, r1, 0x1}, 0x2c) [ 260.650896] __x64_sys_sendmmsg+0x11c/0x170 [ 260.655271] ? __sys_sendmmsg+0x850/0x850 [ 260.659495] do_syscall_64+0x15b/0x230 [ 260.663444] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 260.668669] RIP: 0033:0x455a09 [ 260.671879] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 260.679634] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 260.686935] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 260.694238] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 260.701551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 260.708861] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000037 23:39:47 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={r7, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x8, 0xfb07}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x9}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000300)={r8, 0x9}, &(0x7f0000000340)=0x8) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:47 executing program 2 (fault-call:5 fault-nth:56): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 260.946507] FAULT_INJECTION: forcing a failure. [ 260.946507] name failslab, interval 1, probability 0, space 0, times 0 [ 260.957892] CPU: 0 PID: 16236 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 260.965117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 260.974502] Call Trace: [ 260.977148] dump_stack+0x185/0x1d0 [ 260.980824] should_fail+0x87b/0xab0 [ 260.984607] __should_failslab+0x278/0x2a0 [ 260.988916] should_failslab+0x29/0x70 [ 260.992874] kmem_cache_alloc_node+0x157/0xc80 [ 260.997581] ? validate_xmit_skb+0xfea/0x1320 [ 261.002158] ? __alloc_skb+0x202/0x9e0 [ 261.006110] __alloc_skb+0x202/0x9e0 [ 261.009882] alloc_skb_with_frags+0x1e6/0xb80 [ 261.014446] ? kmsan_set_origin_inline+0x6b/0x120 [ 261.019369] ? __msan_poison_alloca+0x15c/0x1d0 [ 261.024118] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 261.028951] ? packet_sendmsg+0x6594/0x8ad0 [ 261.033354] sock_alloc_send_pskb+0xb56/0x11a0 [ 261.038023] ? kmsan_set_origin+0x9e/0x160 [ 261.042335] packet_sendmsg+0x6594/0x8ad0 [ 261.046564] ? __fsnotify_parent+0x132/0x560 [ 261.051048] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 261.056552] ? rw_copy_check_uvector+0x643/0x6c0 [ 261.061360] ? __msan_poison_alloca+0x15c/0x1d0 [ 261.066104] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 261.071618] ? import_iovec+0x3c7/0x600 [ 261.075659] ? copy_msghdr_from_user+0x72c/0x830 [ 261.080516] ? compat_packet_setsockopt+0x360/0x360 [ 261.085612] ___sys_sendmsg+0xec8/0x1320 [ 261.089717] ? kstrtoull+0x766/0x7e0 [ 261.093510] ? kmsan_set_origin_inline+0x6b/0x120 [ 261.098424] ? __msan_poison_alloca+0x15c/0x1d0 [ 261.103170] ? _cond_resched+0x3c/0xd0 [ 261.107124] ? rcu_all_qs+0x32/0x1f0 [ 261.110863] ? _cond_resched+0x3c/0xd0 [ 261.114796] ? rcu_all_qs+0x32/0x1f0 [ 261.118529] ? __sys_sendmmsg+0x61d/0x850 [ 261.122788] __sys_sendmmsg+0x490/0x850 [ 261.126796] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 261.131746] ? syscall_return_slowpath+0xe9/0x710 [ 261.136629] __x64_sys_sendmmsg+0x11c/0x170 [ 261.140963] ? __sys_sendmmsg+0x850/0x850 [ 261.145128] do_syscall_64+0x15b/0x230 [ 261.149052] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 261.154246] RIP: 0033:0x455a09 [ 261.157443] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 261.165189] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 261.172479] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 261.179760] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 261.187061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:48 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x100, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000040)={0x0, 0x48874e17cd79c4ba, 0x800, 0x7ff, 'syz0\x00', 0x800}) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:48 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:48 executing program 6 (fault-call:3 fault-nth:0): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:48 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) io_setup(0x3c0, &(0x7f0000000040)=0x0) io_cancel(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0xb, 0x378, r0, &(0x7f00000000c0)="00f9aac309d8173a85d13ec48a8e54ee523e80fb71db5e23b720b5170ca543351d7cfd38f9bdfeb8dce2da018711f7cb1bdfa9f619e3b0fbef474b8df8338187446e189e8b024794ab1b5cf6b40f0182e5754a0f830873d354bf415b3e3844f1a9f6411656e4e2e07c73361529d825d7a8c5c74c4ff09e4380f443d668cbd1956e9f09ab71db0bd1d1ed78ce1ca768e5f4098cce0aea573131203f914cff15e97da5eac21cc15686f8e922c54b2ceba9b3a5c8b0171aee0f14cd59cb9c76908c9eb031fe99421111ce6ce44693a1920abcc80f42d982dab9ae3a4d0a", 0xdc, 0x97b7, 0x0, 0x0, r0}, &(0x7f0000000200)) flistxattr(r0, &(0x7f0000000240)=""/220, 0xdc) 23:39:48 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d8") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:48 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x2000, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x0, 0x0) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000000c0)={0x3, r2}) socketpair$ax25(0x3, 0x0, 0xce, &(0x7f0000000000)) 23:39:48 executing program 2 (fault-call:5 fault-nth:57): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 261.194351] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000038 23:39:48 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={r7, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x8, 0xfb07}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x9}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000300)={r8, 0x9}, &(0x7f0000000340)=0x8) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 261.287970] FAULT_INJECTION: forcing a failure. [ 261.287970] name failslab, interval 1, probability 0, space 0, times 0 [ 261.299467] CPU: 0 PID: 16255 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 261.306696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.316089] Call Trace: [ 261.318733] dump_stack+0x185/0x1d0 [ 261.322414] should_fail+0x87b/0xab0 [ 261.326181] __should_failslab+0x278/0x2a0 [ 261.330515] should_failslab+0x29/0x70 [ 261.334468] __kmalloc+0xc5/0x350 23:39:48 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c9924") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:48 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r0, 0x28}, 0x10) fcntl$setpipe(r1, 0x407, 0x0) fsync(r0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x400, 0x0) [ 261.337970] ? tipc_group_create+0xfa/0x9c0 [ 261.342360] tipc_group_create+0xfa/0x9c0 [ 261.346581] ? local_bh_enable+0x36/0x40 [ 261.350717] tipc_setsockopt+0x13d1/0x1f60 [ 261.355005] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 261.360451] ? tipc_shutdown+0x5c0/0x5c0 [ 261.364573] __sys_setsockopt+0x496/0x540 [ 261.368807] __x64_sys_setsockopt+0x15c/0x1c0 [ 261.373366] ? __ia32_sys_recv+0x180/0x180 [ 261.377641] do_syscall_64+0x15b/0x230 [ 261.381588] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 261.386814] RIP: 0033:0x455a09 [ 261.390018] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 261.397776] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 261.403092] FAULT_INJECTION: forcing a failure. [ 261.403092] name failslab, interval 1, probability 0, space 0, times 0 [ 261.405074] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 261.405094] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 23:39:48 executing program 6 (fault-call:3 fault-nth:1): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) [ 261.405113] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 261.405131] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000000 [ 261.446567] CPU: 1 PID: 16260 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 261.453774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.463164] Call Trace: [ 261.465780] dump_stack+0x185/0x1d0 [ 261.469430] should_fail+0x87b/0xab0 [ 261.473184] __should_failslab+0x278/0x2a0 [ 261.477464] should_failslab+0x29/0x70 [ 261.481389] __kmalloc_node_track_caller+0x24b/0x11b0 [ 261.486621] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 261.492042] ? alloc_skb_with_frags+0x1e6/0xb80 [ 261.496782] __alloc_skb+0x2cb/0x9e0 [ 261.500522] ? alloc_skb_with_frags+0x1e6/0xb80 [ 261.505233] alloc_skb_with_frags+0x1e6/0xb80 [ 261.509774] ? kmsan_set_origin_inline+0x6b/0x120 [ 261.514680] ? __msan_poison_alloca+0x15c/0x1d0 [ 261.519420] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 261.524241] ? packet_sendmsg+0x6594/0x8ad0 [ 261.528604] sock_alloc_send_pskb+0xb56/0x11a0 [ 261.533252] ? kmsan_set_origin+0x9e/0x160 [ 261.537567] packet_sendmsg+0x6594/0x8ad0 [ 261.541800] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 261.547282] ? rw_copy_check_uvector+0x643/0x6c0 [ 261.552078] ? __msan_poison_alloca+0x15c/0x1d0 [ 261.556820] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 261.562331] ? import_iovec+0x3c7/0x600 [ 261.566351] ? copy_msghdr_from_user+0x72c/0x830 [ 261.571191] ? compat_packet_setsockopt+0x360/0x360 [ 261.576232] ___sys_sendmsg+0xec8/0x1320 [ 261.580345] ? kmsan_set_origin_inline+0x6b/0x120 [ 261.585238] ? __msan_poison_alloca+0x15c/0x1d0 [ 261.589944] ? _cond_resched+0x3c/0xd0 [ 261.593885] ? rcu_all_qs+0x32/0x1f0 [ 261.597640] ? _cond_resched+0x3c/0xd0 [ 261.601561] ? rcu_all_qs+0x32/0x1f0 [ 261.605327] ? __sys_sendmmsg+0x61d/0x850 [ 261.609538] __sys_sendmmsg+0x490/0x850 [ 261.613542] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 261.618505] ? syscall_return_slowpath+0xe9/0x710 [ 261.623391] __x64_sys_sendmmsg+0x11c/0x170 [ 261.627763] ? __sys_sendmmsg+0x850/0x850 [ 261.631929] do_syscall_64+0x15b/0x230 23:39:48 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={r7, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x8, 0xfb07}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x9}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000300)={r8, 0x9}, &(0x7f0000000340)=0x8) recvmmsg(r1, &(0x7f0000003000)=[{{&(0x7f0000002b40)=@nl, 0x80, &(0x7f0000002d00), 0x0, &(0x7f00000001c0)=""/193, 0xc1}}, {{&(0x7f0000002e40)=@can, 0x80, &(0x7f0000002f80), 0x0, &(0x7f0000002fc0)=""/60, 0x3c}}], 0x2, 0x10020, &(0x7f0000003180)={0x0, 0x1c9c380}) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 261.635853] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 261.641070] RIP: 0033:0x455a09 [ 261.644282] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 261.652023] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 261.659315] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 261.666595] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 261.673884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 261.681176] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000039 [ 261.748825] FAULT_INJECTION: forcing a failure. [ 261.748825] name failslab, interval 1, probability 0, space 0, times 0 [ 261.760327] CPU: 0 PID: 16265 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 261.767563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.777198] Call Trace: [ 261.779850] dump_stack+0x185/0x1d0 [ 261.783548] should_fail+0x87b/0xab0 [ 261.787339] __should_failslab+0x278/0x2a0 [ 261.791649] should_failslab+0x29/0x70 [ 261.795613] __kmalloc+0xc5/0x350 23:39:48 executing program 5: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x3ffd) fcntl$setpipe(r0, 0x407, 0x0) [ 261.799133] ? kmsan_set_origin_inline+0x6b/0x120 [ 261.804027] ? tipc_conn_alloc+0x56/0x7b0 [ 261.808256] tipc_conn_alloc+0x56/0x7b0 [ 261.812312] ? tipc_topsrv_kern_subscr+0xcf/0x520 [ 261.817228] tipc_topsrv_kern_subscr+0x217/0x520 [ 261.822069] tipc_group_create+0x643/0x9c0 [ 261.826395] tipc_setsockopt+0x13d1/0x1f60 [ 261.830701] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 261.836158] ? tipc_shutdown+0x5c0/0x5c0 [ 261.840296] __sys_setsockopt+0x496/0x540 [ 261.844576] __x64_sys_setsockopt+0x15c/0x1c0 23:39:48 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000040)=0x1, 0x4) write$fuse(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000060000000000000000000000000000000000000092875ae47a6af725bdb2a94f8edc1778125f338d695e975776a05d0978bd9e8e3305ed8e557e54a1d557f0ff0abb1dea"], 0x18) [ 261.849157] ? __ia32_sys_recv+0x180/0x180 [ 261.853444] do_syscall_64+0x15b/0x230 [ 261.857396] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 261.862623] RIP: 0033:0x455a09 [ 261.865843] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 261.873600] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 261.881182] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 261.888489] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 261.895798] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 261.903108] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000001 23:39:49 executing program 2 (fault-call:5 fault-nth:58): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:49 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c9924") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:49 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x36b, 0x18000) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000040)={0x0, 0xfffffffffffffff9}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000180)={r2, @in={{0x2, 0x4e20, @broadcast=0xffffffff}}, 0x100000000, 0x101, 0x0, 0x6, 0x8}, 0x98) 23:39:49 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={r7, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x8, 0xfb07}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x9}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000300)={r8, 0x9}, &(0x7f0000000340)=0x8) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:49 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1) 23:39:49 executing program 6 (fault-call:3 fault-nth:2): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:49 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendto(r0, &(0x7f0000000440)="846f688604859e843ccac1d1537f80e5396df8993aeae8e6698b45a1b759e355859798857698944a00162686d2422cfdb0fe4ccfed8b6d46a262a420e21c559f7515c826f5f78bd4688793dc2464b2efd9dfff45f9ea78097c7b0a78be73578f083b8250786b388d8844d8a51b1b163b236242bc431fff78c560dc937d2d462e1c471d4cada2968890fde646e3c7d4338251a58ef23ca61fcf1e202759146887e2a729e2a765e49aa0e29a4960", 0xad, 0x1, 0x0, 0x0) fcntl$setpipe(r1, 0x407, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000380)={0x4, 0x8, 0x9, 0x3, 0x0}, &(0x7f00000003c0)=0x10) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000400)={r2, 0x7, 0x20}, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000240)='fou\x00') sendmsg$FOU_CMD_GET(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000400}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, r4, 0x114, 0x70bd2c, 0x25dfdbfe, {0x3}, [@FOU_ATTR_IPPROTO={0x8, 0x3, 0xa9}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e22}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_TYPE={0x8, 0x4, 0x3}, @FOU_ATTR_TYPE={0x8, 0x4, 0x5406f5df0980dac1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x4000) sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8040}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xc8, r3, 0x520, 0x70bd29, 0x25dfdbfe, {0x3}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x100000001}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}, @IPVS_CMD_ATTR_DEST={0x30, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x6}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4}, 0x20000010) 23:39:49 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000f3308471fc06000007c6d7ca51538eb3851228ef090000"], 0x18) socket$bt_rfcomm(0x1f, 0x3, 0x3) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000000)) [ 262.190409] FAULT_INJECTION: forcing a failure. [ 262.190409] name failslab, interval 1, probability 0, space 0, times 0 [ 262.201787] CPU: 0 PID: 16294 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 262.209027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.219448] Call Trace: [ 262.222095] dump_stack+0x185/0x1d0 [ 262.225782] should_fail+0x87b/0xab0 [ 262.229550] __should_failslab+0x278/0x2a0 [ 262.233834] should_failslab+0x29/0x70 23:39:49 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x81ffb) fcntl$setpipe(r0, 0x407, 0x0) [ 262.237774] kmem_cache_alloc+0x129/0xb70 [ 262.241997] ? radix_tree_node_alloc+0x1c7/0x5c0 [ 262.246836] ? kmsan_set_origin_inline+0x6b/0x120 [ 262.251774] radix_tree_node_alloc+0x1c7/0x5c0 [ 262.256483] radix_tree_extend+0x23d/0x910 [ 262.260803] idr_get_free+0x357/0x1490 [ 262.264780] idr_alloc_u32+0x277/0x570 [ 262.268743] ? __msan_poison_alloca+0x15c/0x1d0 [ 262.273494] idr_alloc+0x161/0x220 [ 262.277094] tipc_conn_alloc+0x376/0x7b0 [ 262.281236] tipc_topsrv_kern_subscr+0x217/0x520 [ 262.286091] tipc_group_create+0x643/0x9c0 23:39:49 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c9924") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 262.290417] tipc_setsockopt+0x13d1/0x1f60 [ 262.294725] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 262.300174] ? tipc_shutdown+0x5c0/0x5c0 [ 262.304312] __sys_setsockopt+0x496/0x540 [ 262.308646] __x64_sys_setsockopt+0x15c/0x1c0 [ 262.313204] ? __ia32_sys_recv+0x180/0x180 [ 262.317481] do_syscall_64+0x15b/0x230 [ 262.321465] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 262.326699] RIP: 0033:0x455a09 [ 262.329921] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 23:39:49 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x88000, 0x0) 23:39:49 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={r7, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x8, 0xfb07}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x9}, &(0x7f00000002c0)=0x8) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 262.337679] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 262.344991] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 262.352310] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 262.359628] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 262.366944] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000002 [ 262.386806] FAULT_INJECTION: forcing a failure. [ 262.386806] name failslab, interval 1, probability 0, space 0, times 0 [ 262.398165] CPU: 1 PID: 16296 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 262.405390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.414778] Call Trace: [ 262.417438] dump_stack+0x185/0x1d0 [ 262.421120] should_fail+0x87b/0xab0 [ 262.424865] __should_failslab+0x278/0x2a0 [ 262.429135] should_failslab+0x29/0x70 [ 262.433070] kmem_cache_alloc_node+0x157/0xc80 [ 262.437719] ? validate_xmit_skb+0xfea/0x1320 [ 262.442270] ? __alloc_skb+0x202/0x9e0 [ 262.446208] __alloc_skb+0x202/0x9e0 [ 262.449948] alloc_skb_with_frags+0x1e6/0xb80 [ 262.454481] ? kmsan_set_origin_inline+0x6b/0x120 [ 262.459367] ? __msan_poison_alloca+0x15c/0x1d0 [ 262.464091] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 262.468900] ? packet_sendmsg+0x6594/0x8ad0 [ 262.473250] sock_alloc_send_pskb+0xb56/0x11a0 [ 262.477869] ? kmsan_set_origin+0x9e/0x160 [ 262.482156] packet_sendmsg+0x6594/0x8ad0 [ 262.486333] ? __fsnotify_parent+0x132/0x560 [ 262.490767] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 262.496259] ? rw_copy_check_uvector+0x643/0x6c0 [ 262.501052] ? __msan_poison_alloca+0x15c/0x1d0 [ 262.505858] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 262.511353] ? import_iovec+0x3c7/0x600 [ 262.515381] ? copy_msghdr_from_user+0x72c/0x830 [ 262.520211] ? compat_packet_setsockopt+0x360/0x360 [ 262.525256] ___sys_sendmsg+0xec8/0x1320 [ 262.529343] ? kstrtoull+0x766/0x7e0 [ 262.533134] ? kmsan_set_origin_inline+0x6b/0x120 [ 262.538028] ? __msan_poison_alloca+0x15c/0x1d0 [ 262.542749] ? _cond_resched+0x3c/0xd0 [ 262.546687] ? rcu_all_qs+0x32/0x1f0 [ 262.550427] ? _cond_resched+0x3c/0xd0 [ 262.554342] ? rcu_all_qs+0x32/0x1f0 [ 262.558093] ? __sys_sendmmsg+0x61d/0x850 [ 262.562279] __sys_sendmmsg+0x490/0x850 [ 262.566283] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 262.571245] ? syscall_return_slowpath+0xe9/0x710 [ 262.576121] __x64_sys_sendmmsg+0x11c/0x170 [ 262.580458] ? __sys_sendmmsg+0x850/0x850 [ 262.584633] do_syscall_64+0x15b/0x230 23:39:49 executing program 6 (fault-call:3 fault-nth:3): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) [ 262.588561] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 262.593751] RIP: 0033:0x455a09 [ 262.596949] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 262.604695] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 262.611973] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 262.619249] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 262.626530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 262.633846] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000003a [ 262.734111] FAULT_INJECTION: forcing a failure. [ 262.734111] name failslab, interval 1, probability 0, space 0, times 0 [ 262.745531] CPU: 1 PID: 16314 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 262.752859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.762271] Call Trace: [ 262.764915] dump_stack+0x185/0x1d0 [ 262.768604] should_fail+0x87b/0xab0 [ 262.772395] __should_failslab+0x278/0x2a0 [ 262.776709] should_failslab+0x29/0x70 [ 262.780645] __kmalloc+0xc5/0x350 [ 262.784166] ? _raw_spin_unlock_bh+0x57/0x70 [ 262.788627] ? tipc_sub_subscribe+0x287/0x870 [ 262.793206] tipc_sub_subscribe+0x287/0x870 [ 262.797592] tipc_conn_rcv_sub+0x577/0x950 [ 262.801915] tipc_topsrv_kern_subscr+0x436/0x520 [ 262.806764] tipc_group_create+0x643/0x9c0 [ 262.811105] tipc_setsockopt+0x13d1/0x1f60 [ 262.815407] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 262.820861] ? tipc_shutdown+0x5c0/0x5c0 [ 262.824995] __sys_setsockopt+0x496/0x540 [ 262.829242] __x64_sys_setsockopt+0x15c/0x1c0 [ 262.833816] ? __ia32_sys_recv+0x180/0x180 [ 262.838106] do_syscall_64+0x15b/0x230 [ 262.842051] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 262.847293] RIP: 0033:0x455a09 [ 262.850512] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 262.858273] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 262.865585] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 262.872899] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 262.880213] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 262.887527] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000003 [ 262.895164] Subscription rejected, no memory 23:39:49 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x7fe) fcntl$setpipe(r0, 0x407, 0x0) 23:39:49 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:49 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x40, 0x0) ioctl$KDGKBENT(r1, 0x4b46, &(0x7f0000000040)={0x1ff, 0x7fff, 0x9}) renameat(r1, &(0x7f0000000080)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) getpeername(r1, &(0x7f0000000180)=@llc, &(0x7f0000000100)=0x80) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:49 executing program 2 (fault-call:5 fault-nth:59): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:49 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={r7, @in={{0x2, 0x4e21, @rand_addr=0x3}}, 0x8, 0xfb07}, &(0x7f0000000500)=0x90) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:49 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c992409") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:49 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000006000000000010000000000000000000000000001051c6afa606c78364bf8b6867a52efa608f47b6041130c49b75457871c4a26df2e8deeacab75f"], 0x18) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000000)={0x8, 0x6, 0x98f3}) 23:39:49 executing program 6 (fault-call:3 fault-nth:4): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) [ 263.065691] FAULT_INJECTION: forcing a failure. [ 263.065691] name failslab, interval 1, probability 0, space 0, times 0 [ 263.077102] CPU: 1 PID: 16348 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 263.077193] FAULT_INJECTION: forcing a failure. [ 263.077193] name failslab, interval 1, probability 0, space 0, times 0 [ 263.084327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.084341] Call Trace: [ 263.084387] dump_stack+0x185/0x1d0 [ 263.084425] should_fail+0x87b/0xab0 [ 263.084463] __should_failslab+0x278/0x2a0 [ 263.084516] should_failslab+0x29/0x70 [ 263.123114] __kmalloc+0xc5/0x350 [ 263.126584] ? tipc_nametbl_subscribe+0x5a5/0x1900 [ 263.131541] tipc_nametbl_subscribe+0x5a5/0x1900 [ 263.136328] ? trace_kmalloc+0xb6/0x2b0 [ 263.140337] ? kmsan_memcpy_origins+0xf1/0x170 [ 263.144958] tipc_sub_subscribe+0x482/0x870 [ 263.149297] tipc_conn_rcv_sub+0x577/0x950 [ 263.153578] tipc_topsrv_kern_subscr+0x436/0x520 [ 263.158369] tipc_group_create+0x643/0x9c0 [ 263.162640] tipc_setsockopt+0x13d1/0x1f60 [ 263.166897] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 263.172298] ? tipc_shutdown+0x5c0/0x5c0 [ 263.176380] __sys_setsockopt+0x496/0x540 [ 263.180590] __x64_sys_setsockopt+0x15c/0x1c0 [ 263.185107] ? __ia32_sys_recv+0x180/0x180 [ 263.189349] do_syscall_64+0x15b/0x230 [ 263.193255] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 263.198456] RIP: 0033:0x455a09 [ 263.201646] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 263.209369] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 263.216643] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 263.223917] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 263.231191] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 263.238469] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000004 [ 263.245790] CPU: 0 PID: 16340 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 263.245903] Service creation failed, no memory 23:39:50 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) [ 263.252997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.253009] Call Trace: [ 263.253051] dump_stack+0x185/0x1d0 [ 263.253087] should_fail+0x87b/0xab0 [ 263.253128] __should_failslab+0x278/0x2a0 [ 263.257729] Failed to subscribe for {574619648,0,4294967295} [ 263.267075] should_failslab+0x29/0x70 [ 263.267117] __kmalloc_node_track_caller+0x24b/0x11b0 [ 263.296150] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 263.301579] ? alloc_skb_with_frags+0x1e6/0xb80 [ 263.306353] __alloc_skb+0x2cb/0x9e0 [ 263.310117] ? alloc_skb_with_frags+0x1e6/0xb80 23:39:50 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000965643c8e7dbf5958e92fd599626a7d4cd8e795a328d18e34fc4bdbcab192d317c74f1fa0bc06566451a7ec8110bf5db1f5ec9d97d148c1489fed77a236d763d98f9b95f79bd3043daac44ddb56d35a6ce24aff4292f3406bf2f2aca6a35e538527e396ab4bb101873e7080978b045f203bf832f31a5f3c4f0067eb4ad2c5416c47cde43cfbd0abf1e29572ce95e00c087204c9f2121e6cbc0fbb49a585916ff94a3fccab76a9ab4f54692ea5581ec494996b859"], 0x18) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000100)=&(0x7f00000000c0)) [ 263.314844] alloc_skb_with_frags+0x1e6/0xb80 [ 263.319401] ? kmsan_set_origin_inline+0x6b/0x120 [ 263.324316] ? __msan_poison_alloca+0x15c/0x1d0 [ 263.329064] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 263.333897] ? packet_sendmsg+0x6594/0x8ad0 [ 263.338316] sock_alloc_send_pskb+0xb56/0x11a0 [ 263.343002] ? kmsan_set_origin+0x9e/0x160 [ 263.347306] packet_sendmsg+0x6594/0x8ad0 [ 263.351497] ? __fsnotify_parent+0x132/0x560 [ 263.355973] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 263.361474] ? rw_copy_check_uvector+0x643/0x6c0 23:39:50 executing program 6 (fault-call:3 fault-nth:5): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) [ 263.366271] ? __msan_poison_alloca+0x15c/0x1d0 [ 263.371020] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 263.376542] ? import_iovec+0x3c7/0x600 [ 263.380598] ? copy_msghdr_from_user+0x72c/0x830 [ 263.385430] ? compat_packet_setsockopt+0x360/0x360 [ 263.390501] ___sys_sendmsg+0xec8/0x1320 [ 263.394614] ? kstrtoull+0x766/0x7e0 [ 263.398419] ? kmsan_set_origin_inline+0x6b/0x120 [ 263.403340] ? __msan_poison_alloca+0x15c/0x1d0 [ 263.408083] ? _cond_resched+0x3c/0xd0 [ 263.412034] ? rcu_all_qs+0x32/0x1f0 23:39:50 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c992409") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 263.415807] ? _cond_resched+0x3c/0xd0 [ 263.419757] ? rcu_all_qs+0x32/0x1f0 [ 263.423518] ? __sys_sendmmsg+0x61d/0x850 [ 263.427785] __sys_sendmmsg+0x490/0x850 [ 263.431823] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 263.436809] ? syscall_return_slowpath+0xe9/0x710 [ 263.441700] __x64_sys_sendmmsg+0x11c/0x170 [ 263.446055] ? __sys_sendmmsg+0x850/0x850 [ 263.450235] do_syscall_64+0x15b/0x230 [ 263.454157] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 263.459366] RIP: 0033:0x455a09 23:39:50 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001100)={r6, 0x3, 0x80000000000002f9, [0x9, 0x1, 0x8, 0x1, 0x100, 0x6, 0x5, 0x6]}, &(0x7f00000003c0)=0x18) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 263.462553] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 263.470294] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 263.477600] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 263.484904] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 263.492199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 263.499491] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000003b 23:39:50 executing program 2 (fault-call:5 fault-nth:60): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 263.626746] FAULT_INJECTION: forcing a failure. [ 263.626746] name failslab, interval 1, probability 0, space 0, times 0 [ 263.638104] CPU: 0 PID: 16362 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 263.645340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.654738] Call Trace: [ 263.657395] dump_stack+0x185/0x1d0 [ 263.661090] should_fail+0x87b/0xab0 [ 263.664891] __should_failslab+0x278/0x2a0 [ 263.669185] should_failslab+0x29/0x70 [ 263.673136] __kmalloc+0xc5/0x350 23:39:50 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x440000, 0x0) ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000040)) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket(0xa, 0x1, 0x0) ioctl(r2, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") unshare(0x24020400) sync_file_range(r2, 0x0, 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r3) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) pread64(r0, &(0x7f0000000080)=""/174, 0xae, 0x0) 23:39:50 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000000)=""/244) dup2(r1, r0) ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000200)=""/245) fcntl$setpipe(r1, 0x407, 0x0) [ 263.676646] ? tipc_nametbl_insert_publ+0xa53/0x22d0 [ 263.681809] tipc_nametbl_insert_publ+0xa53/0x22d0 [ 263.686831] tipc_nametbl_publish+0x412/0x640 [ 263.691420] tipc_setsockopt+0x1b33/0x1f60 [ 263.695753] ? tipc_shutdown+0x5c0/0x5c0 [ 263.699886] __sys_setsockopt+0x496/0x540 [ 263.704127] __x64_sys_setsockopt+0x15c/0x1c0 [ 263.708684] ? __ia32_sys_recv+0x180/0x180 [ 263.712963] do_syscall_64+0x15b/0x230 [ 263.716911] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 263.722141] RIP: 0033:0x455a09 23:39:50 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x6, 0x1) ioctl$EVIOCSABS20(r2, 0x401845e0, &(0x7f0000000040)={0x7f, 0x27b, 0x1, 0x14, 0x7, 0x5}) [ 263.725358] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 263.733116] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 263.740429] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 263.747747] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 263.755063] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 263.762381] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000005 [ 263.769820] Failed to bind to 574619648,0,0, no memory [ 263.812088] FAULT_INJECTION: forcing a failure. [ 263.812088] name failslab, interval 1, probability 0, space 0, times 0 [ 263.823436] CPU: 0 PID: 16372 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 263.830660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.840069] Call Trace: [ 263.842721] dump_stack+0x185/0x1d0 [ 263.846412] should_fail+0x87b/0xab0 [ 263.850204] __should_failslab+0x278/0x2a0 [ 263.854518] should_failslab+0x29/0x70 [ 263.858484] kmem_cache_alloc_node+0x157/0xc80 [ 263.863143] ? validate_xmit_skb+0xfea/0x1320 [ 263.867706] ? __alloc_skb+0x202/0x9e0 [ 263.871681] __alloc_skb+0x202/0x9e0 [ 263.875453] alloc_skb_with_frags+0x1e6/0xb80 [ 263.880015] ? kmsan_set_origin_inline+0x6b/0x120 [ 263.884940] ? __msan_poison_alloca+0x15c/0x1d0 [ 263.889690] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 263.894516] ? packet_sendmsg+0x6594/0x8ad0 [ 263.898905] sock_alloc_send_pskb+0xb56/0x11a0 [ 263.903562] ? kmsan_set_origin+0x9e/0x160 [ 263.907885] packet_sendmsg+0x6594/0x8ad0 23:39:50 executing program 5: r0 = creat(&(0x7f0000000180)='./file0\x00', 0x25) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000001c0), &(0x7f0000000200)=0x4) r1 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x8080) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000000100)={0xb7e, 0x1, 0x9, {}, 0x80000000, 0x8}) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r3, 0x407, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f0000000000)={0x1, 0x0, [0x0]}) read(r1, &(0x7f0000000040)=""/119, 0xff61) [ 263.912090] ? __fsnotify_parent+0x132/0x560 [ 263.916572] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 263.922083] ? rw_copy_check_uvector+0x643/0x6c0 [ 263.927416] ? __msan_poison_alloca+0x15c/0x1d0 [ 263.932161] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 263.937668] ? import_iovec+0x3c7/0x600 [ 263.941716] ? copy_msghdr_from_user+0x72c/0x830 [ 263.946579] ? compat_packet_setsockopt+0x360/0x360 [ 263.951682] ___sys_sendmsg+0xec8/0x1320 [ 263.955801] ? kstrtoull+0x766/0x7e0 [ 263.959605] ? kmsan_set_origin_inline+0x6b/0x120 [ 263.964524] ? __msan_poison_alloca+0x15c/0x1d0 [ 263.969291] ? _cond_resched+0x3c/0xd0 [ 263.973270] ? rcu_all_qs+0x32/0x1f0 [ 263.977069] ? _cond_resched+0x3c/0xd0 [ 263.981034] ? rcu_all_qs+0x32/0x1f0 [ 263.984812] ? __sys_sendmmsg+0x61d/0x850 [ 263.989033] __sys_sendmmsg+0x490/0x850 [ 263.993106] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 263.998095] ? syscall_return_slowpath+0xe9/0x710 [ 264.003023] __x64_sys_sendmmsg+0x11c/0x170 [ 264.007393] ? __sys_sendmmsg+0x850/0x850 [ 264.011579] do_syscall_64+0x15b/0x230 [ 264.015522] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 264.020745] RIP: 0033:0x455a09 [ 264.023962] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 264.031720] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 264.039033] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 264.046352] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 264.053679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 264.061003] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000003c 23:39:51 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c992409") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:51 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f00000000c0)={0x28, 0x6, 0x0, @fuse_notify_inval_inode_out={0x8000, 0x8000000000000, 0x9}}, 0x28) r1 = msgget(0x0, 0x400) msgctl$MSG_STAT(r1, 0xb, &(0x7f0000000100)=""/171) 23:39:51 executing program 6 (fault-call:3 fault-nth:6): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:51 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000001040)={r5, 0x2d, "52dde453f79f4ce7cdf226ce9333e0601a0a4a2f9ba64ab12fd84e576d9fdd904f0a2ce6740325cc335e9a7a18"}, &(0x7f0000001080)=0x35) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:51 executing program 2 (fault-call:5 fault-nth:61): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:51 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/loop-control\x00', 0x80000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0x64a5, 0x210080) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000140)="8145ae0cbe6d321572d2d08ce7069d28e996d619a8003924fcc4") ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2000, 0x0) ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f00000000c0)) getsockopt$inet6_tcp_int(r2, 0x6, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4) 23:39:51 executing program 5: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) getsockopt$packet_int(r0, 0x107, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000100)) 23:39:51 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) fcntl$setsig(r0, 0xa, 0x14) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200000, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r1, &(0x7f0000000040)="472c316f10cb00ae8fa8cc16c66e8b638a7ebe482a9639fac873199fe8723a811cb7bb836618c3f105394cfed5b5becfed7ccda594c07ce1d07a651a5673003afb5199fbbfb83a356b"}, 0x10) [ 264.880526] FAULT_INJECTION: forcing a failure. [ 264.880526] name failslab, interval 1, probability 0, space 0, times 0 [ 264.891940] CPU: 0 PID: 16398 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 264.896325] FAULT_INJECTION: forcing a failure. [ 264.896325] name failslab, interval 1, probability 0, space 0, times 0 [ 264.899182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.899195] Call Trace: [ 264.899243] dump_stack+0x185/0x1d0 [ 264.899292] should_fail+0x87b/0xab0 [ 264.899344] __should_failslab+0x278/0x2a0 [ 264.899398] should_failslab+0x29/0x70 [ 264.937990] __kmalloc+0xc5/0x350 [ 264.941475] ? tipc_nametbl_insert_publ+0xed5/0x22d0 [ 264.946705] tipc_nametbl_insert_publ+0xed5/0x22d0 [ 264.951685] tipc_nametbl_publish+0x412/0x640 [ 264.956241] tipc_setsockopt+0x1b33/0x1f60 [ 264.960520] ? tipc_shutdown+0x5c0/0x5c0 [ 264.964634] __sys_setsockopt+0x496/0x540 [ 264.968828] __x64_sys_setsockopt+0x15c/0x1c0 [ 264.973352] ? __ia32_sys_recv+0x180/0x180 [ 264.977595] do_syscall_64+0x15b/0x230 [ 264.981502] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 264.986963] RIP: 0033:0x455a09 [ 264.990157] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 264.997885] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 265.006056] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 265.013335] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 265.020707] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 265.027985] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000006 [ 265.035293] CPU: 1 PID: 16404 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 265.035438] Failed to bind to 574619648,0,0, no memory [ 265.042497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.042509] Call Trace: [ 265.042554] dump_stack+0x185/0x1d0 [ 265.042598] should_fail+0x87b/0xab0 [ 265.067197] __should_failslab+0x278/0x2a0 [ 265.071517] should_failslab+0x29/0x70 [ 265.075455] __kmalloc_node_track_caller+0x24b/0x11b0 23:39:52 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 265.080691] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 265.086122] ? alloc_skb_with_frags+0x1e6/0xb80 [ 265.090886] __alloc_skb+0x2cb/0x9e0 [ 265.094647] ? alloc_skb_with_frags+0x1e6/0xb80 [ 265.099373] alloc_skb_with_frags+0x1e6/0xb80 [ 265.103920] ? kmsan_set_origin_inline+0x6b/0x120 [ 265.108896] ? __msan_poison_alloca+0x15c/0x1d0 [ 265.113653] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 265.118550] ? packet_sendmsg+0x6594/0x8ad0 [ 265.122966] sock_alloc_send_pskb+0xb56/0x11a0 [ 265.127697] ? kmsan_set_origin+0x9e/0x160 [ 265.132001] packet_sendmsg+0x6594/0x8ad0 [ 265.136234] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 265.141745] ? rw_copy_check_uvector+0x643/0x6c0 [ 265.146567] ? __msan_poison_alloca+0x15c/0x1d0 [ 265.151326] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 265.156864] ? import_iovec+0x3c7/0x600 [ 265.160943] ? copy_msghdr_from_user+0x72c/0x830 [ 265.165803] ? compat_packet_setsockopt+0x360/0x360 [ 265.170897] ___sys_sendmsg+0xec8/0x1320 [ 265.175132] ? kmsan_set_origin_inline+0x6b/0x120 23:39:52 executing program 6 (fault-call:3 fault-nth:7): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) [ 265.180046] ? __msan_poison_alloca+0x15c/0x1d0 [ 265.184804] ? _cond_resched+0x3c/0xd0 [ 265.188776] ? rcu_all_qs+0x32/0x1f0 [ 265.192570] ? _cond_resched+0x3c/0xd0 [ 265.196531] ? rcu_all_qs+0x32/0x1f0 [ 265.200302] ? __sys_sendmmsg+0x61d/0x850 [ 265.204522] __sys_sendmmsg+0x490/0x850 [ 265.208569] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 265.213565] ? syscall_return_slowpath+0xe9/0x710 [ 265.218502] __x64_sys_sendmmsg+0x11c/0x170 [ 265.222883] ? __sys_sendmmsg+0x850/0x850 [ 265.227082] do_syscall_64+0x15b/0x230 23:39:52 executing program 7: socket$can_raw(0x1d, 0x3, 0x1) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:52 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x100000000) write(r0, &(0x7f0000000000)="97bbf0d022e4440ec63fa8c0002b36aa80ec7b1f56cb0bef99a840470bc4fbd28997375d7d57565c4f091a6c9ba3e1ef215407eaa09a3b4aad414cbae7891d661c2c30ce2e92df79c251a9936ef52fa50bbd157005298488061b52a2ccb3992d3df33c3a45f3c58e317e386206b3e5c0d9", 0x71) [ 265.231031] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 265.236257] RIP: 0033:0x455a09 [ 265.239469] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 265.247227] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 265.254541] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 265.261831] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 265.269108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:52 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000001140)={0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x7, 0x2}, &(0x7f0000000400)=0x90) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:52 executing program 2 (fault-call:5 fault-nth:62): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 265.276394] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000003d [ 265.392828] FAULT_INJECTION: forcing a failure. [ 265.392828] name failslab, interval 1, probability 0, space 0, times 0 [ 265.404214] CPU: 0 PID: 16423 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 265.411445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.420841] Call Trace: [ 265.423498] dump_stack+0x185/0x1d0 [ 265.427295] should_fail+0x87b/0xab0 [ 265.431078] __should_failslab+0x278/0x2a0 [ 265.435386] should_failslab+0x29/0x70 23:39:52 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 265.439345] __kmalloc_node_track_caller+0x24b/0x11b0 [ 265.444602] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 265.450035] ? tipc_buf_acquire+0x97/0x2a0 [ 265.454374] __alloc_skb+0x2cb/0x9e0 [ 265.458145] ? tipc_buf_acquire+0x97/0x2a0 [ 265.462456] tipc_buf_acquire+0x97/0x2a0 [ 265.466638] tipc_named_publish+0x4d3/0xb70 [ 265.471105] tipc_nametbl_publish+0x4d3/0x640 [ 265.475743] tipc_setsockopt+0x1b33/0x1f60 [ 265.480102] ? tipc_shutdown+0x5c0/0x5c0 [ 265.484240] __sys_setsockopt+0x496/0x540 [ 265.488497] __x64_sys_setsockopt+0x15c/0x1c0 23:39:52 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x80000, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000040)={0x0, 0x800, 0x3, 0xa2, 0x8, 0x7, 0x1, 0x8001, {0x0, @in6={{0xa, 0x4e22, 0x5f, @remote={0xfe, 0x80, [], 0xbb}, 0x4}}, 0xf4, 0x7, 0xffff, 0xe1, 0x7fffffff}}, &(0x7f0000000100)=0xb0) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000180)={r2, @in={{0x2, 0x4e21, @broadcast=0xffffffff}}, 0x6, 0x1}, 0x90) [ 265.493065] ? __ia32_sys_recv+0x180/0x180 [ 265.497359] do_syscall_64+0x15b/0x230 [ 265.501316] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 265.506544] RIP: 0033:0x455a09 [ 265.509762] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 265.517547] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 265.524859] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 265.532166] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 23:39:52 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) ioctl$TIOCGWINSZ(r4, 0x5413, &(0x7f0000000080)) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 265.539482] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 265.546782] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000007 [ 265.554216] Publication distribution failure [ 265.578848] FAULT_INJECTION: forcing a failure. [ 265.578848] name failslab, interval 1, probability 0, space 0, times 0 [ 265.590206] CPU: 0 PID: 16419 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 265.597431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.606825] Call Trace: [ 265.609471] dump_stack+0x185/0x1d0 [ 265.613160] should_fail+0x87b/0xab0 [ 265.616933] __should_failslab+0x278/0x2a0 [ 265.621244] should_failslab+0x29/0x70 [ 265.625208] kmem_cache_alloc_node+0x157/0xc80 [ 265.629862] ? validate_xmit_skb+0xfea/0x1320 [ 265.634427] ? __alloc_skb+0x202/0x9e0 [ 265.638401] __alloc_skb+0x202/0x9e0 [ 265.642165] alloc_skb_with_frags+0x1e6/0xb80 [ 265.646716] ? kmsan_set_origin_inline+0x6b/0x120 [ 265.651628] ? __msan_poison_alloca+0x15c/0x1d0 [ 265.656378] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 265.661212] ? packet_sendmsg+0x6594/0x8ad0 [ 265.665604] sock_alloc_send_pskb+0xb56/0x11a0 [ 265.670275] ? kmsan_set_origin+0x9e/0x160 [ 265.674612] packet_sendmsg+0x6594/0x8ad0 [ 265.678819] ? __fsnotify_parent+0x132/0x560 [ 265.683308] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 265.688810] ? rw_copy_check_uvector+0x643/0x6c0 [ 265.693617] ? __msan_poison_alloca+0x15c/0x1d0 [ 265.698395] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 265.703920] ? import_iovec+0x3c7/0x600 [ 265.707959] ? copy_msghdr_from_user+0x72c/0x830 [ 265.712775] ? compat_packet_setsockopt+0x360/0x360 [ 265.717823] ___sys_sendmsg+0xec8/0x1320 [ 265.721900] ? kstrtoull+0x766/0x7e0 [ 265.725677] ? kmsan_set_origin_inline+0x6b/0x120 [ 265.730596] ? __msan_poison_alloca+0x15c/0x1d0 [ 265.735350] ? _cond_resched+0x3c/0xd0 [ 265.739293] ? rcu_all_qs+0x32/0x1f0 [ 265.743072] ? _cond_resched+0x3c/0xd0 [ 265.746994] ? rcu_all_qs+0x32/0x1f0 [ 265.750743] ? __sys_sendmmsg+0x61d/0x850 [ 265.754933] __sys_sendmmsg+0x490/0x850 [ 265.758933] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 265.763886] ? syscall_return_slowpath+0xe9/0x710 [ 265.768804] __x64_sys_sendmmsg+0x11c/0x170 [ 265.773152] ? __sys_sendmmsg+0x850/0x850 [ 265.777347] do_syscall_64+0x15b/0x230 [ 265.781262] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 265.786486] RIP: 0033:0x455a09 [ 265.789686] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 265.797403] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 265.804680] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 265.811971] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 265.819249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 265.826543] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000003e 23:39:52 executing program 6 (fault-call:3 fault-nth:8): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:52 executing program 5: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e22, @broadcast=0xffffffff}}, 0x7, 0x5, 0x1, 0x3, 0x20}, &(0x7f0000000100)=0x98) socket$inet6(0xa, 0x6, 0x6) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000140)={r1, 0x40, 0x6, [0x8000, 0x9, 0x6, 0x1, 0x7fffffff, 0xffffffffffffffff]}, &(0x7f0000000180)=0x14) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r3, 0x407, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000000)) 23:39:52 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) write$fuse(r0, &(0x7f0000000200)=ANY=[@ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRES64=r0, @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB="994ec569592f3612863db4a83de63e254fc4a685a2f6e057a96cbce21e7653bff98a087692e80cee", @ANYPTR64, @ANYRES16=r0], @ANYRES32=r0, @ANYBLOB="e47fe841c1217804c72e2809295e2154f2b9697fb9a782adf797860ba3c94b13877583f081c6173e78f7f14dd8ae8546c81be0068870ca1696553d4c84be732ba05482b152a4b895e5937a51d1101e08febb0595abbb061d414aac1937e05f01229a479e8d183bdf68975b4b6013687ce6a0216cbd386a8fc83560a433726f14f570cab69c6b2e5a189a186e7ca1a97ebe139572bdc889f9d73030d9966f761a81e0b975182f4c63a4653fc8be6c5518bea9f57648daef9e0b16cf011d719b581a97c031690d7d149b565690cb3f955d582e061e82ab30c477d79864392fdba2e1d6a3359aff053749b366"]], 0x8) 23:39:52 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:52 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xffffffff, 0x80000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000040)={0x224, 0x1, 0x42a0}) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:52 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) clock_adjtime(0x3, &(0x7f0000000000)={0x3, 0x4, 0x7f, 0x8001, 0x8001, 0xed, 0x3, 0xfffffffffffffff9, 0x0, 0x4, 0x8001, 0x4, 0x6, 0x6, 0x2, 0x5, 0x0, 0x10001, 0x6, 0xbcc, 0x80, 0x1, 0x9, 0x100, 0x9cb9, 0x5}) 23:39:52 executing program 2 (fault-call:5 fault-nth:63): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:52 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 266.075400] FAULT_INJECTION: forcing a failure. [ 266.075400] name failslab, interval 1, probability 0, space 0, times 0 [ 266.086896] CPU: 1 PID: 16461 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 266.094127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.103518] Call Trace: [ 266.106164] dump_stack+0x185/0x1d0 [ 266.109853] should_fail+0x87b/0xab0 [ 266.113625] __should_failslab+0x278/0x2a0 [ 266.117935] should_failslab+0x29/0x70 [ 266.121898] kmem_cache_alloc_node+0x157/0xc80 [ 266.126582] ? __alloc_skb+0x202/0x9e0 [ 266.130536] ? __msan_poison_alloca+0x15c/0x1d0 [ 266.135287] __alloc_skb+0x202/0x9e0 [ 266.136702] FAULT_INJECTION: forcing a failure. [ 266.136702] name failslab, interval 1, probability 0, space 0, times 0 [ 266.139066] tipc_buf_acquire+0x97/0x2a0 [ 266.139129] tipc_named_publish+0x4d3/0xb70 [ 266.139183] tipc_nametbl_publish+0x4d3/0x640 [ 266.139265] tipc_setsockopt+0x1b33/0x1f60 [ 266.167609] ? tipc_shutdown+0x5c0/0x5c0 [ 266.171712] __sys_setsockopt+0x496/0x540 [ 266.175918] __x64_sys_setsockopt+0x15c/0x1c0 [ 266.180438] ? __ia32_sys_recv+0x180/0x180 [ 266.184683] do_syscall_64+0x15b/0x230 [ 266.188591] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 266.193810] RIP: 0033:0x455a09 [ 266.197001] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 266.204733] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 266.212011] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 266.219308] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 266.226593] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 266.233869] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000008 [ 266.241197] CPU: 0 PID: 16469 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 266.241297] Publication distribution failure [ 266.248415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.248428] Call Trace: [ 266.248473] dump_stack+0x185/0x1d0 [ 266.248504] should_fail+0x87b/0xab0 [ 266.248544] __should_failslab+0x278/0x2a0 [ 266.276541] should_failslab+0x29/0x70 [ 266.280494] __kmalloc_node_track_caller+0x24b/0x11b0 [ 266.285745] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 266.291203] ? alloc_skb_with_frags+0x1e6/0xb80 [ 266.295964] __alloc_skb+0x2cb/0x9e0 [ 266.299748] ? alloc_skb_with_frags+0x1e6/0xb80 [ 266.304480] alloc_skb_with_frags+0x1e6/0xb80 [ 266.309029] ? kmsan_set_origin_inline+0x6b/0x120 [ 266.313932] ? __msan_poison_alloca+0x15c/0x1d0 [ 266.318684] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 266.323523] ? packet_sendmsg+0x6594/0x8ad0 [ 266.328010] sock_alloc_send_pskb+0xb56/0x11a0 [ 266.332682] ? kmsan_set_origin+0x9e/0x160 [ 266.337006] packet_sendmsg+0x6594/0x8ad0 [ 266.341231] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 266.346823] ? rw_copy_check_uvector+0x643/0x6c0 [ 266.351622] ? __msan_poison_alloca+0x15c/0x1d0 [ 266.356371] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 266.361887] ? import_iovec+0x3c7/0x600 [ 266.365943] ? copy_msghdr_from_user+0x72c/0x830 [ 266.370793] ? compat_packet_setsockopt+0x360/0x360 23:39:53 executing program 6 (fault-call:3 fault-nth:9): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:53 executing program 5: r0 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x40002, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e23, @loopback=0x7f000001}, @in={0x2, 0x4e22, @loopback=0x7f000001}, @in={0x2, 0x4e20}, @in6={0xa, 0x4e20, 0x7ff, @loopback={0x0, 0x1}, 0x100000000}], 0x4c) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r2, 0x407, 0x0) getsockname$inet(r1, &(0x7f0000000000)={0x0, 0x0, @multicast1}, &(0x7f0000000040)=0x10) 23:39:53 executing program 7: r0 = memfd_create(&(0x7f0000000140)='/dev/cuse\x00', 0x3) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000180)={0x0, 0x80000, 0xffffffffffffff9c}) tee(r0, r1, 0x8000, 0x8) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f00000000c0)=""/123) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r2, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:53 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) [ 266.375866] ___sys_sendmsg+0xec8/0x1320 [ 266.380010] ? kmsan_set_origin_inline+0x6b/0x120 [ 266.384933] ? __msan_poison_alloca+0x15c/0x1d0 [ 266.389685] ? _cond_resched+0x3c/0xd0 [ 266.393652] ? rcu_all_qs+0x32/0x1f0 [ 266.397433] ? _cond_resched+0x3c/0xd0 [ 266.401388] ? rcu_all_qs+0x32/0x1f0 [ 266.405146] ? __sys_sendmmsg+0x61d/0x850 [ 266.409359] __sys_sendmmsg+0x490/0x850 [ 266.413388] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 266.418400] ? syscall_return_slowpath+0xe9/0x710 [ 266.423358] __x64_sys_sendmmsg+0x11c/0x170 [ 266.427742] ? __sys_sendmmsg+0x850/0x850 [ 266.431915] do_syscall_64+0x15b/0x230 [ 266.435839] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 266.441071] RIP: 0033:0x455a09 [ 266.444287] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 266.452023] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 266.459320] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 266.466606] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:53 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:53 executing program 2 (fault-call:5 fault-nth:64): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 266.473919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 266.481201] R13: 00000000000005a8 R14: 00000000006fd860 R15: 000000000000003f [ 266.588131] FAULT_INJECTION: forcing a failure. [ 266.588131] name failslab, interval 1, probability 0, space 0, times 0 [ 266.599509] CPU: 0 PID: 16491 Comm: syz-executor6 Not tainted 4.17.0-rc5+ #1 [ 266.606740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.616138] Call Trace: [ 266.618805] dump_stack+0x185/0x1d0 [ 266.622501] should_fail+0x87b/0xab0 [ 266.626282] __should_failslab+0x278/0x2a0 [ 266.630628] should_failslab+0x29/0x70 [ 266.634562] __kmalloc_node_track_caller+0x24b/0x11b0 [ 266.639802] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 266.645217] ? tipc_buf_acquire+0x97/0x2a0 [ 266.649531] __alloc_skb+0x2cb/0x9e0 [ 266.653357] ? tipc_buf_acquire+0x97/0x2a0 [ 266.657669] tipc_buf_acquire+0x97/0x2a0 [ 266.661796] tipc_named_publish+0x4d3/0xb70 [ 266.661817] FAULT_INJECTION: forcing a failure. [ 266.661817] name failslab, interval 1, probability 0, space 0, times 0 [ 266.677395] tipc_nametbl_publish+0x4d3/0x640 [ 266.681968] tipc_setsockopt+0x1b33/0x1f60 [ 266.686259] ? tipc_shutdown+0x5c0/0x5c0 [ 266.690352] __sys_setsockopt+0x496/0x540 [ 266.694553] __x64_sys_setsockopt+0x15c/0x1c0 [ 266.699074] ? __ia32_sys_recv+0x180/0x180 [ 266.703317] do_syscall_64+0x15b/0x230 [ 266.707223] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 266.712421] RIP: 0033:0x455a09 [ 266.715719] RSP: 002b:00007f33abc29c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 266.723544] RAX: ffffffffffffffda RBX: 00007f33abc2a6d4 RCX: 0000000000455a09 [ 266.730820] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000014 [ 266.738097] RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000 [ 266.745373] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000015 [ 266.752659] R13: 00000000000006d9 R14: 00000000006ff4f8 R15: 0000000000000009 [ 266.759965] CPU: 1 PID: 16479 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 266.760091] Publication distribution failure [ 266.767196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.767208] Call Trace: [ 266.767252] dump_stack+0x185/0x1d0 [ 266.767296] should_fail+0x87b/0xab0 [ 266.791012] __should_failslab+0x278/0x2a0 [ 266.795315] should_failslab+0x29/0x70 [ 266.799274] kmem_cache_alloc_node+0x157/0xc80 [ 266.803942] ? validate_xmit_skb+0xfea/0x1320 [ 266.808598] ? __alloc_skb+0x202/0x9e0 [ 266.812577] __alloc_skb+0x202/0x9e0 [ 266.816424] alloc_skb_with_frags+0x1e6/0xb80 [ 266.820991] ? kmsan_set_origin_inline+0x6b/0x120 [ 266.825897] ? __msan_poison_alloca+0x15c/0x1d0 [ 266.830646] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 266.835479] ? packet_sendmsg+0x6594/0x8ad0 [ 266.839878] sock_alloc_send_pskb+0xb56/0x11a0 [ 266.844546] ? kmsan_set_origin+0x9e/0x160 [ 266.848871] packet_sendmsg+0x6594/0x8ad0 [ 266.853106] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 266.858614] ? rw_copy_check_uvector+0x643/0x6c0 [ 266.863414] ? __msan_poison_alloca+0x15c/0x1d0 [ 266.868150] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 266.873658] ? import_iovec+0x3c7/0x600 [ 266.877686] ? copy_msghdr_from_user+0x72c/0x830 [ 266.882538] ? compat_packet_setsockopt+0x360/0x360 [ 266.887634] ___sys_sendmsg+0xec8/0x1320 [ 266.891782] ? kmsan_set_origin_inline+0x6b/0x120 [ 266.896686] ? __msan_poison_alloca+0x15c/0x1d0 [ 266.901425] ? _cond_resched+0x3c/0xd0 [ 266.905384] ? rcu_all_qs+0x32/0x1f0 [ 266.909162] ? _cond_resched+0x3c/0xd0 [ 266.913117] ? rcu_all_qs+0x32/0x1f0 [ 266.916878] ? __sys_sendmmsg+0x61d/0x850 [ 266.921184] __sys_sendmmsg+0x490/0x850 [ 266.925219] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 266.930212] ? syscall_return_slowpath+0xe9/0x710 [ 266.935169] __x64_sys_sendmmsg+0x11c/0x170 [ 266.939534] ? __sys_sendmmsg+0x850/0x850 [ 266.943725] do_syscall_64+0x15b/0x230 [ 266.947671] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 266.952897] RIP: 0033:0x455a09 [ 266.956137] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 266.963891] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 266.971195] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 266.978509] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:53 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req={0x2, 0x3ff, 0x4, 0x20}, 0x10) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:53 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f00000000c0)={0x1010, 0x6, 0x0, @random="0f9cc642eeb7054d996067bfd95e640a436e7a004525c72de6d000e0a03e6fbf8317cdf2f1777409a350173d5d2ee3271b8b7c05072d6ced1fd619e98d80534414a373f07d2f331ec8f6a0fa6cefe139e6b78f9e87743fbac830cb16df898e7a2cfb91010a2a10c872a3ca991b96ad3b1d9864064b30626014da51241d13d6bf352ecbf6efb0e42e20ba97718753d156c9affa8b4989038eeeae5df6e0e60f0d4e7daa65ddfdc5c1ae4277ee53a4c76b6a0b23ccffc5dc6bb73f59029e0de82ee422c9aa2395ec2324cd429d6a1a2cb6005c49b2c9a0da74e13baa9b0e1c27c2ef0eebcc99e30aa046859682291ad9b69621e94ef0d9599cad5631ccabfdd065b79d788c7da2870f797c06f5b14c44834f7954842dd236ee8e5a82dfc4a08c8d136ccd9c5537de30aca077828e98d6f5cb26e0180579edf8f924162e7bd626d575f439024bcf494df3a747e40023d591919862e71b1e83b6d01a9a589052835c8bb7c8aea68630454f73ebd13321d33b9464dbf0032cc55766ffbc0679832d08867daccc8331d084cdd213bcb4e649376469a03a0be420aee5bc25c5cc9fedeac44650a30a089d9900ab77e7f0b71640e7e4ed21805fdd7e36c771c452f8090633287779e5bd6ed1e2001a49a0aa23b830029464023d2cad558edbc0b105708246cb9bde0f22cee09364e7db6085f3bf27283dc76e7abaaed5e1849cba72ce4008af21919e4deded007178709cdcd6b156a51bbc30e121ea41f433a8b6a238c1b97013b32fd42c2c010a20585e5ff64cb376ac8171e2f72613868cac1d1fe033399374c3914a7cd76ce4b19eab219438458bdef47d6c97f78c1d9d2fedafb2e52e57da509e216b1c1737da74b6f45cc6ca06b80dd36eb4171550548c10a3e056526157cd68783568a77e3d1a345dab49930382b3faf01eef5be6bba03c082b5ddbd7591e693e03e8a585b792b4add9d4a254e4d81849c365c9cbc257707e32433b78e6f74c9027502201618c5aff33279e982fc3a9481d82ab3425375c776a59e6fbf88414e66c4d67edff6213835c3a324056e56813b0bd8ff05ac8c26f93413dd28e1bc4343b68f04ccfd74181de394b2c7c21567ab8a42d5a73177d840abad41f4f3e511d0545b784919dc3e358381e0322dd540a490e68aca62e748622e55b9e4345657b833daba908b5c6f7d5765423e1659debe72a2d9db05c9b7b864cd5be175b97057c117392134e7b3132025e82dc0823d40ff97799179e1443816f3298a20d45b29f60b78dd2e224e798ac7d327a5c4655702f8cbeadb9f05a32203dcd05ce83433d1197a2cbbbc31299bcf53dbe753cedf5d40340de47e43709648c6a038b5f488f12d9b59df67843b9c6a81768e92311e78e50df08db108807b9a54a65b3f47acdea54bef0d91da5aecec2873604683594510a8db2cb02016d208082e360ee06adb16906d84b7fd8b07a262bf30e7ba2b37230621122d04a871262c3a562dfc44b9ba447a314c1a03d3abd6984517c7eca5ad3934442a334669e03bae232ff22ebdc724f8806b36846490d9966b1bf1f2a581f3046c2289537dd2676b47fb28ad9e89ba60d4c39712dddf1f17a483cb8efbe05a73bc9f0b3f3ec7272360bdc5001110497f176fe0b9035e6df1913f03cd8b2e74439f002051ad23ff1f50ca7c32ddc133e5c58da859377ab1bc2833a1a3aca2f34d1b86a76f7c714d08d5d96a70a0c0cddb4953c41fdd46b4478d6fa135fa5622d41ad99599a0b28ffe5d16159798e0d8df93c38bbd19bbc28fe5fa3126a28d1105f2de1480389a51ba5a0436c1e39d7c1206779dcd60f75645bfbaab16b777d2c5d48c9b21cecf20c233f9ea2f2d57491ef6b21037226ab92864fabfd46f7cfc97f008b2bfa2436b6ed9937e8cc3247d3f658c5ff6e98de5a9f4a46b0e07acdcd184a7646a9831b9cb42ae5fb881aa5ef08874407ce820aa3980af96b2f06420fbd8bd1432c01fd4030cb6642fea7429744ffad48eb11ef954f8a16265e69bdabc666fc20f0ebd329247f8f737a845cf0f900e7d87b6ef5215793f78eed5b7ac49af8d361d16835c3775988b72bae5c42834cea9d78554af0d8b132a5a181a6247cc9d8bdb0306c0d52bd8999741732351066943205173ea35b2b27d188064dba46e9966adc0f69c2f681a2e12401cb9dcc223f7b05f8c66490e28d3841217ab609049f8341627a78f0ba4439c4442c1a23d58b8379c4045bf64750853143b47c6cfff429bd177010457aca78e89bb5c0a39da63afabcab6cba56cfcc3ad6bffa9ff9593320ee1bc2ba8e50f3614a80a518982326c1d0af0eaa2fcd986db87db611d8d2cb193046b00577cf4506d44ee6247f2c0f7ee96a8191ac4a309cd23b86d9e83313e7efccd1c84ead0102d0b946b27ace426afe8539dbe49fb9cc99b5a3b322951fb6a2e5a9a10a1dd17689018811d369003ec25aaf0cb41278753155980c7300de89ebc781fcb50133b6a619989a7ad468f3970f862142fa624c5b5b6b25126bae04450934b003ef54ae9b44a912216f29e2882b2b45319bddab54369d563699364319c954c1278997444dfe2e4b45459d57aca7f24feacda4df27726ec7bd2e258ea1c4e92c57a0ca143ed1aeb8a4bbc6c47a3f6e70e88d34a0b9ab15ed85e6a9c39fd7510cfdc3ed061297df6218d53043965377be643fbc6ade76ddede14a4013b3ddd24e48d2bf6ee1496c2232dc44f1c4c2ccffb074163cd69dcde6afab2633b49f581bc9951663e4a631de9fe8a1acc6496c1c0efe8e7cd09ed19028c078c6869a3964c1df28d47189be2af72a64a1c0457db49b754dd7b998bf13e21796023c038a7b72f6111fb7c89a97b9bcecf07880160b12db609c7451dffe979ac554c6c13405b0b574e6a94b556c0deae71dfa6760c7a792ddb0295fdfa1e6824092184ca285cee8c78b0796b9e940d3118c8d0aa205f3cd2b19ea727af72303f6cdc3baf9afd88442bc115c82d45cef343ccd452015542929d061f818974f0f97d52e3c36f013c9b2356c5778382c00eba28a0468339936040e80c8a1e4019b1792bd0e4331029e030197f89ab37964c305170ed3199ece0303235db66b165b995c62d50847c9295cb1f296416b8deaa5e2df215aaeea95cfec22df452a38d30890c78804fa6d025fd8fc75b669b44f814976944569315a4ce051289a97fdc24495e8704bf483e07c21259fbc3e3ff2957f6dbd9436c5a393e35a3ea282cacda3dbbc4a4865b914de3156ba0359ccd905c4d9009d18a56a810e9c4cfe78022ca08a03a3086ae5790966b1b171b30be7c103ecc7585797465df9e1a0a22cea1e5dfc540f0658062683d133820cf5cc8cf68edd4adb3baa3ad09d177d8295400af4794601f52305a9d8c5140b0b390779f21f005982678bf074066c09adaed16344056cdec590bd317a520daf14e62a9ff3c33ab05e2effa77e2a7305c057e29ef365c9013b2bba68e242d4d1165a26dc20139cd145f1d5feca165d0783c65136ad45ba312d5771d79be28402415d0068169fe33e4768392a6c3e4fda6398b4f462352648e38e3cf1c92d2abd4acd7342b40958b46ffc68991c52bff3856cea66254a1fc5d95dcbdb0677898c1d426a6c796a25286657644791aecf284b2c1a45a08b5e13655ff7cd3ef3985a77f6a266ce60cf8058a3e03250c2fe71c553caa1eafd067643cb4ea86615c27c375ce9d60ed57d6b1b193466c3f8231281a38f91e1bc5011508bf11f217ae96cea8f7f2828eee0a6c89db5e2590125f4adf2bc480b0a6ba3de504f537c7c9d25f3ee82e3efd20f0ee4b85de94b65c488a738e9206cb67d335f36b241638f87f6d91c4716dbc0abe9168f54e439443bed69656abdb14e50d2c158ba8734366dd53fafc73dd937492364c78d76e61caa25e642f917fbd4ad27704a073d2b0436e98edcfd77f97a44fa62815c40f4ec8be02960280d9e17de60fc3925c54b0ee8005f12569048046b7974c3f39bc82956ceb6551573fc41f32922d459c4208d248592ff7c9c8e1620a47d96b944ae901b32f274b8e6fbb6d11a75dc835c537661bbb00545602157bb9bad096ee18cc05364fe02298db1cb20c5d0d42e12971ab2276c4e7d9455babded2af5f5732ebec6e8e4ecbb20b22b92e911ad16bf480bb296a7b8d97e4bf8d2c3fa7697ad4d5d1d3f51dd0ddfe043e11667ebdfe1bb7ee8d17d73c4dfaf4a01596f0a7183df7a0d098b1a273b9022c2a00c1b392ca94e50462670de5cddb2a8d2394d492f8ea03f1b8411120b4245160eb322f808c8f4cbbe0b11e1ecdb35840c5570f186679f09f641707bf0ddc37b7f261dea3f82c9bea13b503d49203ae82451d137efdba9166bc6b04904d5033598d1e59b8f7d4d2b982cb7be2c12df803a915cfec6027068881d46f4dfd2b55f0332b9888272d94e66ff65b66def546b4116dd769fae136ae7289a6b6bab411d94f979e57559164c70a6696ea3f7d6f3861c351cbfc16742fd5387931d20b4ce224c21c33466c6193dde8752898181aceb8cf1e06781477c78ea725ac37c526f158f481efdc20fd9549b3bb31cb55daffc309b51a3d9de9069740d05a59cff5c51e4612993fdc8e7f7980b424f2a71c88b3ec2fd922ece42fd38e3b8ea674855872389a1c5ac2bc5320907f402dd5254fac7100b436e8d7c73f6f5314ea35869e44308b15415ee96e312888757b188ac920f7b012383beb62706a60eef98710daa7d0c586b25487f561b8eee223c1f269a605f5c82ab277212db25ceba00c006f18499992aca395af6651abeed5916b0c2848ef97d6ffdba78c728725584cdb4677a3ca3c1ae9713c9fa7f2ab47016bb9158ec14ad9eb0e403c6bcdd6ae4eaff165b76f93d4de6ecd4fdd023223440584bb9066671c582f80bb2976d4e40529c21c7104e34dde3022c7d30d27c1b38ed1c1ffd2aabbd1673d856c5c865e7d52380d15eaee9bd8c06fdb8f2a25a605aec8647dad45752c4b0cce3542bf47bbd5ada395481459ee164e9b6126204e2390c50fdba36ee23c96b170f17e6d546be69bbe5a7f1c6c2565ef9e6bbd4e099a4b2d9eeb58c90cf23f821fd39c418797428b9ad49a8aa72d404dd98e503eba1414446f7c63ce70c646403672e993068532dd9bd5967247677e67e23bd11a9ef84cc5c61752001c9d3309b67e10b9bb0d495d6df6fcd7c472d9ff6c8047293906df20638b22b7e6bc502da7a448400b7a6af8c77f47c91fbca4811bb85e8f04965259172593cfcadb66e0a1af1aff5d893438b044289d84b14e8f87069045ca2ab93b3ff3eb0fc4748cb2bc7e89b7dbd38cde696047283c10a871a42c468c03cdb5c40b5ed1d6f50ff8a5a844b10c20f2e7c39a80a0f3b1d6b028e5336ddad7628a9e7cc19bb038d1a594e5b11d6de56514f9b991cb7f9fdfc1e0752c3339c33f5ba9956374acba552c0d306eb6171e0f5f5963a17488a59b71a902c3f89ef8942ff667babdbd679b4d13dc150cf6a34f7c867d0988be813d1976e0a5c317683bc4ef5eac89cd6b1f3eadd73550cb4025969106512ca35ef60b64223ee39bd245d67a551e193513afd55a59cd6f40a049d176f12911e51c7ea1b1e686867c01fdd400febd37628b96ddc2336893fe8b15056a92b0b83063507add425d9df080b8855c819febff8d5058caf20e3be892a57120eefa2005e935a11c6abf19d0b9478c925d3aab21133a60e4ed61f2e4caa3cf1b7b6af2a6b563dd4872aa76e44026779363f0e7cd5be1576b426c1851dff124a"}, 0x1010) 23:39:54 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001240)=@assoc_value={r3, 0x2}, &(0x7f0000001280)=0x8) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:54 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 266.985826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 266.993137] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000040 23:39:54 executing program 5: pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) fcntl$setpipe(r0, 0x407, 0x2000000000) 23:39:54 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:54 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x6, 0x80) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000040)={0x0, 0x2}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r2, 0x44e, 0x401}, 0xc) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:54 executing program 7: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000c26fec)={0x1, 0x84, 0x103, 0x2}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001100)={r0}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001040)={r0, &(0x7f0000000000)="d0988964153fd0327b4e218f96da2d459b45556e7a0c4a5a42992e50e4b524da57cb554f7fe75a4f2c0cecdc5aa218ee1e17c486c304788e8ebcc973020bbd832d190ce53be22390dfe15f8f5fbb676e0b7c4bd6fd1ce7bb7c2a6a853f62c3543ff49e71826be7cbe1b62f8c2c49d472b0c66844b70ac3a5f626abb371f94ce2f8", &(0x7f0000001000)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f000000b000)={r0, &(0x7f000000a000), &(0x7f0000006000)}, 0x20) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) socket$nl_crypto(0x10, 0x3, 0x15) read(r1, &(0x7f00000000c0)=""/141, 0x8d) 23:39:54 executing program 6 (fault-call:3 fault-nth:10): r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:54 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000010c0)=@assoc_value={0x0, 0x9}, &(0x7f0000001200)=0x8) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:54 executing program 2 (fault-call:5 fault-nth:65): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:54 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) 23:39:54 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x2, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x881, 0x0) ioctl$BLKPBSZGET(r1, 0x127b, &(0x7f0000000040)) 23:39:54 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000040)={0xfffffffffffffcf1, 0x6, 0x0, @fuse_notify_retrieve_out={0x1, 0x3, 0x1, 0x1fac}}, 0x18) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x5, 0x4) 23:39:54 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:54 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200, 0x100) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000040)={0x9, 0x6, 0x0, 0xffffffff}, 0x10) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 267.453588] FAULT_INJECTION: forcing a failure. [ 267.453588] name failslab, interval 1, probability 0, space 0, times 0 [ 267.465111] CPU: 0 PID: 16544 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 267.472353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.481747] Call Trace: [ 267.484388] dump_stack+0x185/0x1d0 [ 267.488077] should_fail+0x87b/0xab0 [ 267.491944] __should_failslab+0x278/0x2a0 [ 267.496262] should_failslab+0x29/0x70 [ 267.500217] __kmalloc_node_track_caller+0x24b/0x11b0 [ 267.505465] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 267.510898] ? alloc_skb_with_frags+0x1e6/0xb80 [ 267.515663] __alloc_skb+0x2cb/0x9e0 [ 267.519433] ? alloc_skb_with_frags+0x1e6/0xb80 [ 267.524166] alloc_skb_with_frags+0x1e6/0xb80 [ 267.528722] ? kmsan_set_origin_inline+0x6b/0x120 [ 267.533619] ? __msan_poison_alloca+0x15c/0x1d0 [ 267.538375] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 267.543214] ? packet_sendmsg+0x6594/0x8ad0 [ 267.547623] sock_alloc_send_pskb+0xb56/0x11a0 [ 267.552313] ? kmsan_set_origin+0x9e/0x160 [ 267.556614] packet_sendmsg+0x6594/0x8ad0 [ 267.560925] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 267.566429] ? rw_copy_check_uvector+0x643/0x6c0 [ 267.571235] ? __msan_poison_alloca+0x15c/0x1d0 [ 267.575985] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 267.581501] ? import_iovec+0x3c7/0x600 [ 267.585537] ? copy_msghdr_from_user+0x72c/0x830 [ 267.590396] ? compat_packet_setsockopt+0x360/0x360 [ 267.595492] ___sys_sendmsg+0xec8/0x1320 [ 267.599643] ? kmsan_set_origin_inline+0x6b/0x120 23:39:54 executing program 7: openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x0, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:54 executing program 6: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0xfffffffffffffffe, 0x100, 0x0, 0x8000}, 0x10) setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000000)={0x303, 0x33}, 0x4) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:54 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:54 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) [ 267.604564] ? __msan_poison_alloca+0x15c/0x1d0 [ 267.609319] ? _cond_resched+0x3c/0xd0 [ 267.613296] ? rcu_all_qs+0x32/0x1f0 [ 267.617094] ? _cond_resched+0x3c/0xd0 [ 267.621072] ? rcu_all_qs+0x32/0x1f0 [ 267.624856] ? __sys_sendmmsg+0x61d/0x850 [ 267.629088] __sys_sendmmsg+0x490/0x850 [ 267.633142] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 267.638510] ? syscall_return_slowpath+0xe9/0x710 [ 267.643470] __x64_sys_sendmmsg+0x11c/0x170 [ 267.647859] ? __sys_sendmmsg+0x850/0x850 [ 267.652104] do_syscall_64+0x15b/0x230 [ 267.656064] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 267.661314] RIP: 0033:0x455a09 [ 267.664538] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 267.672322] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 267.679637] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 267.686957] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 267.694285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:54 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x8, 0x10000) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:54 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000000000)={0x7fff, 0x7, 0x11ea15e, 0x6, 0xd6, 0x3b0}) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={0x0, 0x4}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in6={{0xa, 0x4e23, 0x98, @remote={0xfe, 0x80, [], 0xbb}, 0xff}}, 0xf8bc, 0x0, 0x5, 0x3, 0x1}, 0x98) [ 267.701606] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000041 23:39:54 executing program 6: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0xffffffffffffff7f) ioctl$sock_ipx_SIOCAIPXPRISLT(r1, 0x89e1, &(0x7f0000000000)=0x6) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000080)={0x303, 0x33}, 0x2) 23:39:54 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000000040)={0x81, 0xffff, 0x3, 0x2, 0xffffffffffffffe0, 0x4}) 23:39:54 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0x0, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:55 executing program 2 (fault-call:5 fault-nth:66): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:55 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0x0, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:55 executing program 6: r0 = socket(0x1f, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x747901, 0x0) pwrite64(r2, &(0x7f0000000080)="0ba19b19ee6fa959a4d99f21c862c02260980616d27bab5088095e", 0x1b, 0x0) ioctl$BLKROTATIONAL(r2, 0x127e, &(0x7f00000000c0)) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:55 executing program 4: socketpair(0xa, 0x5, 0x8, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000240)=0x7f) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = semget(0x2, 0x3, 0x200) semctl$GETVAL(r3, 0x5, 0xc, &(0x7f0000000000)=""/32) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x200000, 0x0) setsockopt$ipx_IPX_TYPE(r4, 0x100, 0x1, &(0x7f0000000180)=0x1ff, 0x4) keyctl$set_reqkey_keyring(0xe, 0x5) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x81, 0x0) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000080)=0x0) mq_getsetattr(r4, &(0x7f00000001c0)={0x5, 0x2, 0x8000, 0x400000, 0x7, 0x7, 0x4, 0x1}, 0x0) ioctl$TIOCSPGRP(r5, 0x5410, &(0x7f00000000c0)=r6) 23:39:55 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)=ANY=[@ANYBLOB="021100000200000000000000000011003f063809f609cfe1502945dc159a9f631fa8442ddd716d72"], 0x10}, 0x1}, 0x0) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:55 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x10002, 0x0) ioctl$DRM_IOCTL_IRQ_BUSID(r1, 0xc0106403, &(0x7f0000000180)={0x401, 0x4, 0xe2e, 0x2}) ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f0000000040)=""/207) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) accept$nfc_llcp(r1, &(0x7f00000001c0), &(0x7f0000000240)=0x60) 23:39:55 executing program 7: lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rfkill\x00', 0x80, 0x0) fchownat(r2, &(0x7f0000000280)='./file0\x00', r0, r1, 0x0) socket$inet(0x2, 0x3, 0x2) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000200)=0xc) syz_fuseblk_mount(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0xf002, r0, r3, 0x2, 0x3, 0x108008) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r4, 0xc08c5334, &(0x7f00000002c0)={0x7, 0x80000001, 0x4, 'queue1\x00', 0x4}) write$fuse(r4, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:55 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000), 0x10) [ 268.149558] FAULT_INJECTION: forcing a failure. [ 268.149558] name failslab, interval 1, probability 0, space 0, times 0 [ 268.161031] CPU: 0 PID: 16600 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 268.168264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.177673] Call Trace: [ 268.180325] dump_stack+0x185/0x1d0 [ 268.184022] should_fail+0x87b/0xab0 [ 268.187845] __should_failslab+0x278/0x2a0 [ 268.192154] should_failslab+0x29/0x70 [ 268.196113] kmem_cache_alloc_node+0x157/0xc80 [ 268.200772] ? validate_xmit_skb+0xfea/0x1320 [ 268.205353] ? __alloc_skb+0x202/0x9e0 [ 268.209349] __alloc_skb+0x202/0x9e0 [ 268.213128] alloc_skb_with_frags+0x1e6/0xb80 [ 268.218540] ? kmsan_set_origin_inline+0x6b/0x120 [ 268.223465] ? __msan_poison_alloca+0x15c/0x1d0 [ 268.228319] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 268.233158] ? packet_sendmsg+0x6594/0x8ad0 [ 268.237542] sock_alloc_send_pskb+0xb56/0x11a0 [ 268.242217] ? kmsan_set_origin+0x9e/0x160 23:39:55 executing program 5: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) fcntl$setpipe(r0, 0x407, 0x0) [ 268.246542] packet_sendmsg+0x6594/0x8ad0 [ 268.250771] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 268.256370] ? rw_copy_check_uvector+0x643/0x6c0 [ 268.261175] ? __msan_poison_alloca+0x15c/0x1d0 [ 268.265920] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 268.271447] ? import_iovec+0x3c7/0x600 [ 268.275494] ? copy_msghdr_from_user+0x72c/0x830 [ 268.280354] ? compat_packet_setsockopt+0x360/0x360 [ 268.285452] ___sys_sendmsg+0xec8/0x1320 [ 268.289591] ? kmsan_set_origin_inline+0x6b/0x120 [ 268.294496] ? __msan_poison_alloca+0x15c/0x1d0 [ 268.299244] ? _cond_resched+0x3c/0xd0 [ 268.303915] ? rcu_all_qs+0x32/0x1f0 [ 268.307699] ? _cond_resched+0x3c/0xd0 [ 268.311666] ? rcu_all_qs+0x32/0x1f0 [ 268.315443] ? __sys_sendmmsg+0x61d/0x850 [ 268.319657] __sys_sendmmsg+0x490/0x850 [ 268.323703] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 268.328698] ? syscall_return_slowpath+0xe9/0x710 [ 268.333638] __x64_sys_sendmmsg+0x11c/0x170 [ 268.338014] ? __sys_sendmmsg+0x850/0x850 [ 268.342215] do_syscall_64+0x15b/0x230 [ 268.346169] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 268.351399] RIP: 0033:0x455a09 [ 268.354624] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 268.362394] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 268.369705] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 268.377449] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 268.384764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 268.392076] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000042 23:39:55 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0x0, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:55 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:55 executing program 6: r0 = socket(0x1b, 0x805, 0x100000000000000) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000000)=0x7, 0x4) 23:39:55 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x4000, 0x0) 23:39:55 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") socket$key(0xf, 0x3, 0x2) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:55 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x40000) getsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0), &(0x7f0000000100)=0xb) 23:39:55 executing program 2 (fault-call:5 fault-nth:67): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:55 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/prev\x00') accept$packet(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000200)=0x14) connect(r1, &(0x7f0000000240)=@hci={0x1f, r2, 0x1}, 0x80) bind$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) getsockopt(r1, 0x2, 0xffff, &(0x7f0000000080)=""/180, &(0x7f0000000180)=0xb4) [ 268.623096] FAULT_INJECTION: forcing a failure. [ 268.623096] name failslab, interval 1, probability 0, space 0, times 0 [ 268.634562] CPU: 0 PID: 16627 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 268.645005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.654403] Call Trace: [ 268.657059] dump_stack+0x185/0x1d0 [ 268.660750] should_fail+0x87b/0xab0 [ 268.664633] __should_failslab+0x278/0x2a0 [ 268.668952] should_failslab+0x29/0x70 [ 268.672900] __kmalloc_node_track_caller+0x24b/0x11b0 [ 268.678149] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 268.683589] ? alloc_skb_with_frags+0x1e6/0xb80 [ 268.688365] __alloc_skb+0x2cb/0x9e0 [ 268.692138] ? alloc_skb_with_frags+0x1e6/0xb80 [ 268.696896] alloc_skb_with_frags+0x1e6/0xb80 [ 268.701458] ? kmsan_set_origin_inline+0x6b/0x120 [ 268.706345] ? __msan_poison_alloca+0x15c/0x1d0 [ 268.711086] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 268.715911] ? packet_sendmsg+0x6594/0x8ad0 23:39:55 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:55 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f00000000c0)) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {0x0}]}) ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000080)={r2, 0x20}) [ 268.720290] sock_alloc_send_pskb+0xb56/0x11a0 [ 268.724985] ? kmsan_set_origin+0x9e/0x160 [ 268.729307] packet_sendmsg+0x6594/0x8ad0 [ 268.733534] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 268.739028] ? rw_copy_check_uvector+0x643/0x6c0 [ 268.743846] ? __msan_poison_alloca+0x15c/0x1d0 [ 268.748591] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 268.754110] ? import_iovec+0x3c7/0x600 [ 268.758154] ? copy_msghdr_from_user+0x72c/0x830 [ 268.762972] ? compat_packet_setsockopt+0x360/0x360 [ 268.768054] ___sys_sendmsg+0xec8/0x1320 23:39:55 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f00000000c0)={0x65a, 0x1000, "47814b8b055198d734c205aa2d56cce95277017e94112cfa992502ab03f3dde2e3da0083abd0863b69b88d646def86ce6ce6a735b1ede2f4bdfab9169a4e4b6d6e0d7dfc517378aef306d790f531b492c0cad005baf77c9c3d5b0af68d15b0b4a7c1378cfc4d99f8de7d781c8b6242a2c70529a9e08a7d6056ecfd3689d68e13cae981fcae90a8c703eeef98ed4447b116cb39b4047b1a982ba89d7bec0e8c70dde06de8553eb49ef371f01132f253f0149078f51bb79fee5313a7c1c90879f96e95f9e1e0ce986dc758e1a9cf2e0d0c7c38c1bccc75562ecadcb4497fdca2b6ecaf06abeff27966005c2540c4f309ffaf251d7a2f8ee56137688185a0e7854edba480cab0db68307c331a6dbd6a7e4531c35609a17c06be99bae005bc78c7c3039f10e90edbe8ab28261719f0726276a5ab5010f48145535692d3ffbbe47b7ed28deefee10166a89d03bc84e3168bbd7ddda8cc06d5725d07270b8475126a6f90b24488e3587fccc0920daf38d6dbd3ba2e70ea0ce5f41eea10f5ad0a0296de7e566456b9ce5c16a88c9256ebbb2e53066d84dae42f4425af0aa121e6035936aba2d05ef4e068a638ed3eeac4d01dc1bf560b231443c101a08d40045eeaf0bc430c7e179607b880378743144077c099457be2d34783e24e9f3ce8bf4b2e6344f4f63fe731c8ca0bc1412bab66dc2764d10d1a2a41257e8496f2b1d784c934234febd3f8f6e758ba2048e134556e4a9641877ca18ff8cae1091979f3b2b0e8f80e188a3fb0af6324e9b7e1a99983c1776b1b34f19ccae9a8c5d47240fe1b77d583ec34d0a780987e8831f6c9cc520ff5944600f5dfe7d62b7e0859accce939d33fc869ae1d9eada71f0cd139da41fbbce69130d899105218f2c33e11a215b8beadbab21bba93215dd77874639d90d002c5268c16449cc21a1162a32da537299d61836ad54e5dde382b869b96539a961a007ca78b55707ca60143e4ccff7584c483f7e30770ad3c9f7e18aacc66a08cb8c26db65fa213670e6d34bdcdebce8b8a83c6779064f04ae63c8ed5d50493e0790f2dab44624b60f5b35fbc17b9f24d04443ef57069f6c372f58603e3cad8ba49b4c7e1eeb096d5accec709aa3ccf68b92b3a685d6f27669239ebc34821bfbd6430cfd457b507de2e009e0060853b39ae2671c623e41531ea05eb153634071a26faa067645f8de1d0e60ab797b052a0eb991511b0d04818525e997517164b2f6b9695d20b2a235d4661ff128eb1a205ff5cf77a3fb381bb7b3f09dd2e83048c5e6afdcba79cffe677efab773047190fa390b3246e18ab445f1dcde6864331f5a67a094f70aac1bae560370a11a9bd0926cc45048be3d53d3d390ef21da3db483ff3f3e1efed64cc27af74c5b4cffc7f0b0e27c36f2dff2a109bff8ba9891a2291f807a15cc0a915f9f0ddb0bbd95ec98b1ce08c9f24caf299e3f24981e7d6b40c5b506209b42af763ff368a61cdbb95fe5632df77f668160c3311dc4a22fc68ad340e0eb0e1527606ce22ab0f778504b15a70b705207f13a06f2b49673dada00bbb419b08486399c7dcb6c39a00692b6911cd985d4bb8470118c73e0d06fbe8e27216b6a0a99a29226cd88c27c7ff433d8321d583bb8e4847fe43a9ab127319701a90e816099d298150b14adb49fad90f4b9fce7227357e6fa9e6754483570ea4ea90a90456eed6c367777ab36f7d04346ee4b86d0f5868d9f23271e552a47af0b7fd1d9d9b36ed3001771f95325b9af6faa50e9c820ec2a4a024d76345a0ff45319b3e070bef193c723e2c30e0b2b7831562dcf0b99ee241808c7404566f78ca07c46ce110a171f3ddc8bf49f66b9b37033e57d3b7f1ca767ba903f1025a73586b0c92818b5d778341f1dec718ad87eb74ac9e73a02c38b295a4f7afa257ff14de06b419518174c7ff2c4202598ab1e54ab1b204fe0cd58f4ee09a8d73bbb2e030f2bc49f3216415c822727bdd6eb4131ddb7426c8102c630e2f20aee78463740d58798a8b99bc49e5ffa42ee74b2240e2e0b4cd2c3a882e6c65e87ee36420d4b0b2032d000805657a617e25962442a8b9fb41794c6e41355cdd8e91fe9ee99bc941efe3916c9fc9d904c1238758a3d6e7323cd11f57b12c3adfa6a39abfba04f4c54cab9c6985b24f18541e7c54438ff9560957b2504f370959c47061d558318d64d287b1738442788a9d1dc16095440f0c4f4fb74edeaa02d0e562243fab8e2ae52e453884187aea415dd2ed826582802f7bbf81b66e1283cc9a67e13a3e7ff216085f1db62629904560d10d6be21bf56aa6d8e4441b58b949ad2ad80e970d35acbb662ff66fd5c6d842674908ba08120f69b2b20a2e9727a56c9478451ce9212b8b55793e16fb85b93e9833eb36bee4c45e99099e392c742e66e1db8856de817ee8fd30c60265e52f00e9e80fcd32a249104fe5480a1e2db96f84217f06b4bf709beb147690ad0de905569042dc6dbc9ec4aa71d9b49d0c82b0d396a0c9bd66d049456f49d802dd84bbf09e73cf05a3c23873e11ad92f99c45cd8758af82e20a25b5f468914b7ae830c34ed6609c71645d2e1df1a4d7675e96ff0c13c504d422da9eb86a47ee021226618bebe35a5333981b053fa28b99ec2a5a272edc7971dbe3687af9af2e150b0fd7b1a99be54e1cf07c1fe00f7a6b50449b6418636eadf614cb6795537f8207992a39673459a4b8d7f7358f96deb7ec9ca45c2bc612614a591f510298e6f88066c8542ff319095c09f2c81b2f0ab9f7d69e0ef32ff15c599ddaf1a7e653958b730c06c8d6da1903383e709065550457fbd73a49aeffe245e9204714a5dd3409f354cf3d592238f339663fb40d99fdd2e98ecdbf4b6e9c536294f442e229a9db0b0981eb8e1ab9e1a9e7580f7784568c6039e54be487fb8a7f0387ce67f549017eaf3fcb733b12a611ca7ce87be71943d150bd3d601d3090529634e7ee4267a360df748651238807efec94238d0b8bfc8c600d778c2296b7fe51d1ad9ad78d1f3e021f7b67cc0ee2715e9d8fed1fb3b15205e5073cb4bb8b456b9358243703152220b16d7cb46f62fb0030558ff3ac906dbb6e24102707f7ad2b7f87173572ddc9cb7c7273fe155906412ab7e3c113c236e4ebf817e23a79e1fbde2a7db80f1004e774cd24ef57f6b72c2f435d71f8205e209ce039aa24d4b9ab2de78db1c2988e7067c5ea3020d8e10440fa0e18578ad34ad910fbfb34f1a8910a2123b5e591bc6cbd811b29bad23d033ee7e5a97c803928c207596622a8717ce3b825d5d7468afebad22f0eac9c8f7d5808605ad0dff9c0b72026cf222c64d301d5f34cc5b9993a54daf43be72cdb09b3d031cf1a92b09a39812237809c9c46e121a3aae3d7bb86473a77e66eca3f3c637f308463d2ecb56acf0e59c6349875b72edb5807f48490dc55a3ae1918b9636d382f9b85aa043e34767240d73a01a37a88339215d2f1e9a7418e635aa012a25b2202a1219d27f0fa58fbf5d9f8c1813ac9d608cc2399e88e77ed560f3ae5f1ebdda4d91853bb690fd83bd2e56cc22ec172b2ef79815a9787d149ee62fcdbff2ac4b645ae6f3cda9c3dd84b8a79f83216e9d0f6a8be53276acc29f5473ef460ac292bedbdcc2fcb6fed82677348bd3ebb253b8b24ff9c3ff198d162796ad6e21d591d3a3dd32dc53869d2115495bcd6920de59454c424c8fe10525fb26b82a4870f6fe11fbf3866f9a049909f49b1df5c9609db9a15ac3285c79bec293a73f45668b5fa27440190d22bc27360ddcdb6fadb747995e2821c80edfa20ffe7ff055e3315e4abe95531ce4c62e43e7baeee4b4b7a973ef67988b495a9fa48b726a5d6f793cf9e9232ff613374151b5901e44fe6099fb06faf477c6214fad84b575f1127e999ba2e298effcb2c98e14496795a0004a7ee4a747cd67c8c9b35e07d027451666f7fe74cb8bb97f851e600185b7631fa3923682ab95d102beda490bb12f9faaaf4c8dfa33f2f72be646f293ac29b29d13afdb2b3a49884dcda6e2a64dc72189733bb831039102b42f647231604d99b0adfc2bc53959b2299f2fa35aa0dc090163d2f381f0dd9ea0b87516afc9cc5bac55572dc2bf5e804c9f472dc4cf0b7424f766bc34e6e39ef3dce849ab757bc8c3e9d40b242cc73013a6f0ff05b25cf5b3645599fa3494ca7bd2c4d54baf0eb517febae3513ba1cc2885a01197552ce7d1a8539ff90b309d6dd3a96e50e07d78aa277974a287a39e919d2df5a857563807a6d729d251a067abbdb2f60c11e8dec7ff19e4ebf05d4a36945a19ab803b1899b9a51f278b8e348bd53d54783e78aa7e38c3271c0e40a3a0b52f1f8b2738d88d32bd65b6915024905f5e66611f5ecc003771852c831b70cd8cd9f552b16903ff2f99eb92bb37cc457b2373049365f34f810c5061a981a6a09b5e3232230c98fe0a94f0f96efd3637e246ce277b0f79186cefb725f89da03ef52c645dba8b5e1988311a2a78be36a7c4d3d301b0815f2cd7475f80330070b51a7295b8cc4b0d9b66c607e777b2655128f04ccc6ed23a4ff8b198e58a1699f076f97dff941f05b329f9ad69c1d5a56631793c2f8d1f8c858a4aad622167a95b2f6650ad954608d84c9cba8eb0aa5fc5c8ab09d017050e7fa105ff4a9a608009babc31e762f41a3d11bdae3808d424787a7b15088f35f3c10da80cb7b3d5e9d43061afbfd6adf1e77722e756132177e5f16bc03dd02598728838b7592d5872743de413dc5331dd669cd9531d1b7fce395ba1235ce8526a4e7e1341325f220096f9d92a432cd87c5a477f801cec62012bbffc60b7e9872c3b9041169c8e40fff5122b5280571aba2965faeaeb17f0c88785e8bf10866c2972c9635c5473010b034ea77a21c9d10ad3678f78631236b5a0198da3f60566fbbb98918c41402adb0480cc4aeda977d39e21ec3388c329b652668da946cbefcc5b0a57bb6dc8422244ad5e3e0c3b014484eb477f9445c05b85447912c6295d0af2ac58c0e656e1be06b6c7b0bc2c0db873d53a0034df65db53cd9007e1f5170b18f7f50fe9d9d4fca9198c136b3477069b15aca117e85142bc7d9fb1903c4e571960ecc56ff9b1b31413e7131794082d3f49b10a09f994032f2634f024c532f9dc7f80c5447a65b66294744ca39700ec23f39e3accc194aed6d34e5268bbd756b41e6e9c8f5c9002b65ade8787f0c1145ff8f5f8a8ecb3d05f54788d71df241bf19aea266d0687bd55607a3a707a8a6c580cb4f6188c40468726c1ac0d86bc208bdfb8f022e4b8d750ff4bbfc7029d64064f888bfb3e7762bd4b4ff4c5fc2390408dd9112b256367ac7ecaea63d22a09548c2581332bfee9e618815fef8d9a2d1bcb4ac7b295b67576f8da31de1136f870b9b4403898bb32e6f602941f8e675cb1246d208a4a7956524c4a8f9b01fbca3511a55fd0be7f3b2e2356bba08bc0fc90e6c20fc37f91ac7223ce4d46d74526a4b51a7a751958777bc01db72b1da288ce4449fca46a7a9ebeec581c5218df700b9a2db8cd189fde31ddaa7cdcd88bc2f9cbff56eda2aa68df37830d2916adbeced605c4afb1d476f4211b1c57ad88339d97b04f25005e270e446855e0a3bc8ab7cbee0742edd5c118f684d722c3e5d8ea6c4de7553a8cd740605104d8e50217680b60d4dd85e5e3964c5f03a94e2fd9f5486524193b3e6d74e99dcf4be0b64cf53a78c4291beeeaed943ddb71cffb9dd2b8e979f4353602378e92a229c0976e95ab44aedae94a568e039cd036440df1910245f5816374bfb3b340"}) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)={0x303, 0x33}, 0x4) [ 268.772195] ? kmsan_set_origin_inline+0x6b/0x120 [ 268.777110] ? __msan_poison_alloca+0x15c/0x1d0 [ 268.781861] ? _cond_resched+0x3c/0xd0 [ 268.785825] ? rcu_all_qs+0x32/0x1f0 [ 268.789614] ? _cond_resched+0x3c/0xd0 [ 268.793612] ? rcu_all_qs+0x32/0x1f0 [ 268.797470] ? __sys_sendmmsg+0x61d/0x850 [ 268.801683] __sys_sendmmsg+0x490/0x850 [ 268.805743] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 268.810735] ? syscall_return_slowpath+0xe9/0x710 [ 268.815672] __x64_sys_sendmmsg+0x11c/0x170 [ 268.820045] ? __sys_sendmmsg+0x850/0x850 23:39:55 executing program 6: r0 = socket(0x1e, 0x805, 0x2000) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) getsockopt$inet_opts(r0, 0x0, 0x0, &(0x7f0000000080)=""/152, &(0x7f0000000000)=0x98) io_setup(0x7, &(0x7f0000000140)=0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000340)='/dev/usbmon#\x00', 0x9b3, 0x15d142) ioctl$EVIOCSABS0(r2, 0x401845c0, &(0x7f0000000380)={0x400, 0x1ff, 0x0, 0xb, 0x5, 0x400}) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) io_cancel(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3, 0xffffffffffffff00, r0, &(0x7f0000000180)="0888e06c77cb88edd036ed24150b72d1037468ba06c81575b272bfdc5735661f95c1924be421589cf904790d9fdfd7abb492d7fdd306601809cff70ef5075fc3626d55f4174815629c49a8a8344fd7b02d1574596b7922ceed45e063c0ce03b064c05df91d3d632e63339ec6db303ea5e9ccdecc58352b32e5195be7cfc57f6e5487d535becaf68288ba3ef5bae89bb7961d526aa3e1540705faea2d61dc6fdacaaa8650854c60d984fbc33cba9a360db57c33ac753874a677432900ca319ed233954e1048390026284a77e37c0b1688ab599bb3c0740fbdbd02a49987870b5c02c6027a48081855e097b9", 0xeb, 0xfffffffffffffffc, 0x0, 0x0, r3}, &(0x7f0000000300)) r4 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) keyctl$session_to_parent(0x12) [ 268.824236] do_syscall_64+0x15b/0x230 [ 268.828184] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 268.833405] RIP: 0033:0x455a09 [ 268.836617] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 268.844383] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 268.851705] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 268.859020] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 268.866365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:55 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 268.873675] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000043 23:39:56 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:56 executing program 2 (fault-call:5 fault-nth:68): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) getpeername(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast2}}}, &(0x7f0000000080)=0x80) ioctl$SIOCGIFMTU(r1, 0x8921, &(0x7f00000000c0)) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect(r2, &(0x7f0000931ff4)=@un=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect$unix(r2, &(0x7f0000000040)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:56 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = fcntl$dupfd(r0, 0x406, r0) ioctl$BLKGETSIZE64(r2, 0x80081272, &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:56 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x0, 0x0) ioctl$fiemap(r1, 0xc020660b, &(0x7f00000000c0)={0x7, 0x5, 0x7, 0x31e6, 0x2, [{0x1ff, 0x5, 0x54a7, 0x0, 0x0, 0x501}, {0x3f, 0xa7e6, 0x0, 0x0, 0x0, 0x588}]}) 23:39:56 executing program 0: socket$kcm(0x29, 0x5, 0x0) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:56 executing program 6: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xc3bf, 0x8201) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000080)=0x2b2e, 0x4) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) r3 = add_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000180)="5c6fc897e2e83999ade6562b206aaff9e5bed983050a98a60081cf5bd6eacc32253eea", 0x23, 0xfffffffffffffffa) r4 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0x0) keyctl$search(0xa, r3, &(0x7f00000001c0)='big_key\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x3}, r4) socket$packet(0x11, 0x2, 0x300) 23:39:56 executing program 5: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x200000, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000040)={r1}) [ 269.221328] FAULT_INJECTION: forcing a failure. [ 269.221328] name failslab, interval 1, probability 0, space 0, times 0 [ 269.232894] CPU: 1 PID: 16679 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 269.240130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.249540] Call Trace: [ 269.252191] dump_stack+0x185/0x1d0 [ 269.255880] should_fail+0x87b/0xab0 [ 269.259748] __should_failslab+0x278/0x2a0 [ 269.264078] should_failslab+0x29/0x70 [ 269.268036] kmem_cache_alloc+0x129/0xb70 [ 269.272343] ? skb_clone+0x31e/0x590 [ 269.276258] ? memcg_kmem_put_cache+0x40/0x290 [ 269.280900] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 269.286349] skb_clone+0x31e/0x590 [ 269.289940] dev_queue_xmit_nit+0x4ea/0x1230 [ 269.294417] dev_hard_start_xmit+0x27c/0xc80 [ 269.298920] __dev_queue_xmit+0x2ad2/0x3540 [ 269.303318] ? packet_sendmsg+0x6594/0x8ad0 [ 269.307703] ? sock_alloc_send_pskb+0xff3/0x11a0 [ 269.312527] dev_queue_xmit+0x4b/0x60 [ 269.316370] ? __netdev_pick_tx+0xb50/0xb50 [ 269.320779] packet_sendmsg+0x7d7d/0x8ad0 [ 269.324994] ? rw_copy_check_uvector+0x643/0x6c0 [ 269.329803] ? __msan_poison_alloca+0x15c/0x1d0 [ 269.334550] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 269.340156] ? import_iovec+0x3c7/0x600 [ 269.344196] ? copy_msghdr_from_user+0x72c/0x830 [ 269.349048] ? compat_packet_setsockopt+0x360/0x360 [ 269.354141] ___sys_sendmsg+0xec8/0x1320 [ 269.358275] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 269.363709] ? balance_callback+0x48/0x260 23:39:56 executing program 0: socket$kcm(0x29, 0x5, 0x0) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:56 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0xc482, 0x0) 23:39:56 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x3, 0x8000000000000000, 0x6, 0x5, 0xffffffff}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r1, 0xe5}, &(0x7f0000000140)=0x8) write$fuse(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="180000008000000000000000000000000b03a806ec610000000000e5e0233f4d9b669292c09b55dac363d3d469ed51ef91cf"], 0x2f) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x3f) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x5) r2 = semget(0x1, 0x7, 0x3c) fchmod(r0, 0x1a0) semctl$GETVAL(r2, 0x2, 0xc, &(0x7f0000000180)=""/142) r3 = shmat(0xffffffffffffffff, &(0x7f0000ffb000/0x2000)=nil, 0x2000) shmdt(r3) 23:39:56 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x10000) fcntl$setpipe(r0, 0x407, 0x0) syz_open_dev$random(&(0x7f00000000c0)='/dev/random\x00', 0x0, 0x2000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000040)={0x8, 0x1, {0x3, 0x0, 0x6, 0x3, 0x7}}) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000100)=0x9, 0x4) [ 269.368006] ? finish_lock_switch+0x25/0x50 [ 269.372409] ? finish_task_switch+0xde/0x270 [ 269.376898] ? __schedule+0x69b/0x730 [ 269.380764] ? _cond_resched+0x5e/0xd0 [ 269.384723] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 269.390154] __sys_sendmmsg+0x490/0x850 [ 269.394200] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 269.399261] ? syscall_return_slowpath+0xe9/0x710 [ 269.404142] __x64_sys_sendmmsg+0x11c/0x170 [ 269.408487] ? __sys_sendmmsg+0x850/0x850 [ 269.412654] do_syscall_64+0x15b/0x230 [ 269.416579] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 269.421800] RIP: 0033:0x455a09 [ 269.425004] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 269.432754] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 269.440055] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 269.447344] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 269.454642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 269.461928] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000044 23:39:56 executing program 6: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4002, 0x0) ioctl$DRM_IOCTL_INFO_BUFS(r2, 0xc0106418, &(0x7f0000000080)={0x900, 0x20, 0x2ac7fadf, 0x6ed54f6a, 0x19, 0x7f01}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:56 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) 23:39:56 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = syz_open_dev$vcsa(&(0x7f0000000280)='/dev/vcsa#\x00', 0x81, 0x20000) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000002c0)=0x8, 0x4) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = socket$can_bcm(0x1d, 0x2, 0x2) getpeername(r2, &(0x7f00000001c0)=@generic, &(0x7f0000000240)=0x80) setsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000080)=0x93, 0x4) r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000300)=0x2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000500", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf250a00000034000100080001000a0000000800010000000000080004004e2300000800010002000000080004004e5f15bee82e5b947e86cf289116607f2300000800010002000000080006009ed20000a9fb717b5c26d74a70e760320de1067a4034ec61e4bdceb4dbaedd1b85cfb63626c68a14596d7667fad0a0799bd6828a7d67bbdaa94ebf8206c83357bb197df9203829513d68494640b93fc57dca3298e502a437e60882e359d4dac99ede4ace2d882c599afe18091944ee7c54061e65cd9dff1e4f1625841c492bc0015ef3a971d743defe10bebcb8866cd81e3eaa0d0d2718e0ea0644d5f9571c3d81a1285345c38f91d8e88d942d25c28bcc33785aa574e40fe30f9a9c14fb39bede710cb417c0e2c1ad68e5ec6757f968988799f10a80ac3ffbb1285578d70a2b14d1123ab45ecacb8d8c8e41205ec1a6b0483de2fc413e02070c2c0a95d83798a377b734364e97a9a704e3d70127b4"], 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x4000004) 23:39:56 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r2 = accept(r0, 0x0, &(0x7f0000000000)) setsockopt$inet6_MCAST_LEAVE_GROUP(r2, 0x29, 0x2d, &(0x7f0000000040)={0x0, {{0xa, 0x4e21, 0x3ff, @mcast1={0xff, 0x1, [], 0x1}, 0x3fb52bbc}}}, 0x88) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x26, &(0x7f0000000100)={@dev={0xac, 0x14, 0x14, 0x14}, @rand_addr=0x200, @multicast1=0xe0000001}, 0xc) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000180)) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 23:39:56 executing program 0: socket$kcm(0x29, 0x5, 0x0) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:56 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000000)={'icmp6\x00'}, &(0x7f0000000040)=0x1e) fcntl$setpipe(r1, 0x407, 0x0) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x1}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000100)=r2, 0x4) fdatasync(r0) 23:39:56 executing program 6: r0 = socket(0xf, 0x4, 0x1) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x4200, 0x1) mkdirat(r2, &(0x7f0000000240)='./file0\x00', 0x22) accept4$nfc_llcp(r1, &(0x7f0000000180), &(0x7f0000000200)=0x60, 0x800) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000100)={0x2e, 0x0, {0x0, 0x0, 0x6, 0x3, 0xfffffffffffffd9c}}) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000080)=0x14) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:56 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:56 executing program 2 (fault-call:5 fault-nth:69): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = accept4(0xffffffffffffff9c, &(0x7f0000000080)=@alg, &(0x7f0000000100)=0x80, 0x0) connect$vsock_dgram(r1, &(0x7f0000000180)={0x28, 0x0, 0x0, @hyper}, 0x10) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x81, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'team_slave_0\x00', 0x200}) 23:39:56 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f0000000040)) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) 23:39:56 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) 23:39:56 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000040)=[0x81, 0x384a]) [ 270.039832] FAULT_INJECTION: forcing a failure. [ 270.039832] name failslab, interval 1, probability 0, space 0, times 0 [ 270.052223] CPU: 1 PID: 16746 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 270.059453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.068861] Call Trace: [ 270.071511] dump_stack+0x185/0x1d0 [ 270.075193] should_fail+0x87b/0xab0 [ 270.078962] __should_failslab+0x278/0x2a0 [ 270.083272] should_failslab+0x29/0x70 23:39:57 executing program 6: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req={0x10000, 0x1, 0x8, 0x7}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req3={0x80000000}, 0xfd40) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:57 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:57 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0xfffffffffffffff2) ioctl$void(r0, 0xc0045878) [ 270.087294] __kmalloc_node_track_caller+0x24b/0x11b0 [ 270.092532] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 270.097958] ? alloc_skb_with_frags+0x1e6/0xb80 [ 270.102720] __alloc_skb+0x2cb/0x9e0 [ 270.106515] ? alloc_skb_with_frags+0x1e6/0xb80 [ 270.111248] alloc_skb_with_frags+0x1e6/0xb80 [ 270.115809] ? kmsan_set_origin_inline+0x6b/0x120 [ 270.120713] ? __msan_poison_alloca+0x15c/0x1d0 [ 270.125464] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 270.130305] ? packet_sendmsg+0x6594/0x8ad0 [ 270.134686] sock_alloc_send_pskb+0xb56/0x11a0 23:39:57 executing program 3: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, 'port1\x00', 0xa9824f69d1376637, 0x10800a}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) [ 270.139361] ? kmsan_set_origin+0x9e/0x160 [ 270.143683] packet_sendmsg+0x6594/0x8ad0 [ 270.147916] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 270.153418] ? rw_copy_check_uvector+0x643/0x6c0 [ 270.158225] ? __msan_poison_alloca+0x15c/0x1d0 [ 270.162978] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 270.168509] ? import_iovec+0x3c7/0x600 [ 270.172560] ? copy_msghdr_from_user+0x72c/0x830 [ 270.177418] ? compat_packet_setsockopt+0x360/0x360 [ 270.182849] ___sys_sendmsg+0xec8/0x1320 23:39:57 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) ioctl(r0, 0xffffffffffffffc3, &(0x7f0000000000)="e9aae119476213e764becbddb86b28cf39e1a494eb8e584a559b1f87796c10b180cf") [ 270.186997] ? kmsan_set_origin_inline+0x6b/0x120 [ 270.191895] ? __msan_poison_alloca+0x15c/0x1d0 [ 270.196641] ? _cond_resched+0x3c/0xd0 [ 270.200594] ? rcu_all_qs+0x32/0x1f0 [ 270.204410] ? _cond_resched+0x3c/0xd0 [ 270.208439] ? rcu_all_qs+0x32/0x1f0 [ 270.212241] ? __sys_sendmmsg+0x61d/0x850 [ 270.216476] __sys_sendmmsg+0x490/0x850 [ 270.220534] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 270.225538] ? syscall_return_slowpath+0xe9/0x710 [ 270.230481] __x64_sys_sendmmsg+0x11c/0x170 [ 270.234865] ? __sys_sendmmsg+0x850/0x850 [ 270.239061] do_syscall_64+0x15b/0x230 [ 270.243010] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 270.248233] RIP: 0033:0x455a09 [ 270.251452] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 270.259201] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 270.266488] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 270.273794] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 270.281101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 23:39:57 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = syz_open_dev$vcsa(&(0x7f0000000280)='/dev/vcsa#\x00', 0x81, 0x20000) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f00000002c0)=0x8, 0x4) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = socket$can_bcm(0x1d, 0x2, 0x2) getpeername(r2, &(0x7f00000001c0)=@generic, &(0x7f0000000240)=0x80) setsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000080)=0x93, 0x4) r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000300)=0x2, 0x4) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000500", @ANYRES16=r5, @ANYBLOB="000025bd7000fcdbdf250a00000034000100080001000a0000000800010000000000080004004e2300000800010002000000080004004e5f15bee82e5b947e86cf289116607f2300000800010002000000080006009ed20000a9fb717b5c26d74a70e760320de1067a4034ec61e4bdceb4dbaedd1b85cfb63626c68a14596d7667fad0a0799bd6828a7d67bbdaa94ebf8206c83357bb197df9203829513d68494640b93fc57dca3298e502a437e60882e359d4dac99ede4ace2d882c599afe18091944ee7c54061e65cd9dff1e4f1625841c492bc0015ef3a971d743defe10bebcb8866cd81e3eaa0d0d2718e0ea0644d5f9571c3d81a1285345c38f91d8e88d942d25c28bcc33785aa574e40fe30f9a9c14fb39bede710cb417c0e2c1ad68e5ec6757f968988799f10a80ac3ffbb1285578d70a2b14d1123ab45ecacb8d8c8e41205ec1a6b0483de2fc413e02070c2c0a95d83798a377b734364e97a9a704e3d70127b4"], 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x4000004) [ 270.288401] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000045 23:39:57 executing program 2 (fault-call:5 fault-nth:70): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:57 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) accept$inet(r1, &(0x7f00000000c0)={0x0, 0x0, @loopback}, &(0x7f0000000100)=0x10) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400480, 0x0) r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x10302, 0x0) ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f0000000080)=r3) [ 270.497648] FAULT_INJECTION: forcing a failure. [ 270.497648] name failslab, interval 1, probability 0, space 0, times 0 [ 270.509173] CPU: 1 PID: 16782 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 270.516401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.525801] Call Trace: [ 270.528446] dump_stack+0x185/0x1d0 [ 270.532129] should_fail+0x87b/0xab0 [ 270.535917] __should_failslab+0x278/0x2a0 [ 270.540234] should_failslab+0x29/0x70 [ 270.544197] kmem_cache_alloc_node+0x157/0xc80 [ 270.548863] ? validate_xmit_skb+0xfea/0x1320 [ 270.553438] ? __alloc_skb+0x202/0x9e0 [ 270.557414] __alloc_skb+0x202/0x9e0 [ 270.561195] alloc_skb_with_frags+0x1e6/0xb80 [ 270.565748] ? kmsan_set_origin_inline+0x6b/0x120 [ 270.570689] ? __msan_poison_alloca+0x15c/0x1d0 [ 270.575447] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 270.580291] ? packet_sendmsg+0x6594/0x8ad0 [ 270.584693] sock_alloc_send_pskb+0xb56/0x11a0 [ 270.589383] ? kmsan_set_origin+0x9e/0x160 [ 270.593708] packet_sendmsg+0x6594/0x8ad0 [ 270.597932] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 270.603449] ? rw_copy_check_uvector+0x643/0x6c0 [ 270.608287] ? __msan_poison_alloca+0x15c/0x1d0 [ 270.613042] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 270.618571] ? import_iovec+0x3c7/0x600 [ 270.622611] ? copy_msghdr_from_user+0x72c/0x830 [ 270.627469] ? compat_packet_setsockopt+0x360/0x360 [ 270.632593] ___sys_sendmsg+0xec8/0x1320 [ 270.636738] ? kmsan_set_origin_inline+0x6b/0x120 [ 270.641656] ? __msan_poison_alloca+0x15c/0x1d0 [ 270.646407] ? _cond_resched+0x3c/0xd0 [ 270.650372] ? rcu_all_qs+0x32/0x1f0 [ 270.654156] ? _cond_resched+0x3c/0xd0 [ 270.658127] ? rcu_all_qs+0x32/0x1f0 [ 270.661902] ? __sys_sendmmsg+0x61d/0x850 [ 270.666123] __sys_sendmmsg+0x490/0x850 [ 270.670164] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 270.675160] ? syscall_return_slowpath+0xe9/0x710 [ 270.680098] __x64_sys_sendmmsg+0x11c/0x170 [ 270.684476] ? __sys_sendmmsg+0x850/0x850 [ 270.688678] do_syscall_64+0x15b/0x230 [ 270.692630] entry_SYSCALL_64_after_hwframe+0x44/0xa9 23:39:57 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000040)={0x1, [0x100000000]}, &(0x7f00000000c0)=0x6) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000000100)={0x1, 0x2, {0x1, 0x3, 0x8, 0x0, 0x1f}}) 23:39:57 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:57 executing program 6: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x9, @remote={0xfe, 0x80, [], 0xbb}, 0x6db9}, 0x1c) 23:39:57 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = accept(0xffffffffffffffff, &(0x7f0000000040)=@ethernet={0x0, @remote}, &(0x7f00000000c0)=0x80) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x4000, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x8100, 0x0) ioctl$GIO_FONT(r2, 0x4b60, &(0x7f0000000300)=""/32) pread64(r0, &(0x7f0000000240)=""/72, 0x48, 0x29) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000100)={0x0, 0x7}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000001c0)=ANY=[@ANYRES32=r3, @ANYBLOB="0200882c6b52"], 0xa) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x8400, 0x0) 23:39:57 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = fcntl$dupfd(r0, 0x406, r0) ioctl$BLKGETSIZE64(r2, 0x80081272, &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:57 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000040)) socket$inet6(0xa, 0x80000, 0xcb7e) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:57 executing program 2 (fault-call:5 fault-nth:71): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:57 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x0, 0x4) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x0, 0x4) socket$vsock_stream(0x28, 0x1, 0x0) splice(r1, &(0x7f0000000000), r1, &(0x7f0000000040), 0x10000, 0x2) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000080)=0x5, 0x4) fcntl$setpipe(r1, 0x407, 0x0) [ 270.697860] RIP: 0033:0x455a09 [ 270.701078] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 270.708842] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 270.716159] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 270.723472] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 270.730838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 270.738150] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000046 23:39:57 executing program 6: r0 = fanotify_init(0x2, 0x1800) fstatfs(r0, &(0x7f00000010c0)=""/198) r1 = socket(0x1e, 0x805, 0x8000002000000000) ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000001080)=@get={0x1, &(0x7f0000000080)=""/4096, 0x100000001}) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x7c98, 0x7, 0x4, 0x7}, 0x14) syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000001200)={'vcan0\x00', 0x0}) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000012c0)={0x0, 0x1, 0xfff}, &(0x7f0000001300)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000001340)={r3, @in={{0x2, 0x4e21, @rand_addr=0x3}}}, &(0x7f0000001400)=0x84) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000001240)={@mcast2={0xff, 0x2, [], 0x1}, @mcast2={0xff, 0x2, [], 0x1}, @mcast1={0xff, 0x1, [], 0x1}, 0x10000, 0x401, 0x7fff, 0x500, 0x38f8, 0x200, r2}) r4 = socket(0x1e, 0x805, 0x0) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000001440)={@mcast2={0xff, 0x2, [], 0x1}, @loopback={0x0, 0x1}, @dev={0xfe, 0x80, [], 0x1a}, 0x4, 0x7, 0x2, 0x400, 0x6aeb, 0x2, r2}) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) socketpair(0x11, 0x20000000000802, 0x400, &(0x7f00000011c0)) socket$vsock_stream(0x28, 0x1, 0x0) 23:39:57 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x5}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={r1, 0x4}, 0x8) ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000140)={0x2, 0x9, 0x1f, 0x2, 0x6, 0x8000}) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000"], 0x18) [ 270.903953] FAULT_INJECTION: forcing a failure. [ 270.903953] name failslab, interval 1, probability 0, space 0, times 0 [ 270.915381] CPU: 0 PID: 16809 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 270.922607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.932003] Call Trace: [ 270.934650] dump_stack+0x185/0x1d0 [ 270.938354] should_fail+0x87b/0xab0 [ 270.942131] __should_failslab+0x278/0x2a0 [ 270.946445] should_failslab+0x29/0x70 [ 270.950396] __kmalloc_node_track_caller+0x24b/0x11b0 [ 270.955641] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 270.961078] ? alloc_skb_with_frags+0x1e6/0xb80 [ 270.965839] __alloc_skb+0x2cb/0x9e0 [ 270.969609] ? alloc_skb_with_frags+0x1e6/0xb80 [ 270.974376] alloc_skb_with_frags+0x1e6/0xb80 [ 270.978979] ? kmsan_set_origin_inline+0x6b/0x120 [ 270.983881] ? __msan_poison_alloca+0x15c/0x1d0 [ 270.988635] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 270.993480] ? packet_sendmsg+0x6594/0x8ad0 [ 270.997880] sock_alloc_send_pskb+0xb56/0x11a0 23:39:58 executing program 0: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 271.002564] ? kmsan_set_origin+0x9e/0x160 [ 271.006888] packet_sendmsg+0x6594/0x8ad0 [ 271.011085] ? __fsnotify_parent+0x132/0x560 [ 271.015565] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 271.021170] ? rw_copy_check_uvector+0x643/0x6c0 [ 271.025984] ? __msan_poison_alloca+0x15c/0x1d0 [ 271.030721] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 271.036229] ? import_iovec+0x3c7/0x600 [ 271.040283] ? copy_msghdr_from_user+0x72c/0x830 [ 271.045143] ? compat_packet_setsockopt+0x360/0x360 [ 271.050249] ___sys_sendmsg+0xec8/0x1320 23:39:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/audio\x00', 0x4100, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000001200)={0x0, @in6={{0xa, 0x4e22, 0x8001, @loopback={0x0, 0x1}, 0x2}}, 0x2, 0x6}, &(0x7f00000012c0)=0x90) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000013c0)=ANY=[@ANYRES32=r2, @ANYBLOB="5e0000004c9c3916572732ef7abe34c7ea961a85e0e569c95d78e7cfb69ae9852cb6702db743d23dd42ceb9edd155024cbc7417b0c5f152f502d6e51bd3cf1781734d52a41c57c5d33dc16df7484fa148d5ae683a376cd4a3040ecdf3d2351f656140684e0f8ae5135"], &(0x7f0000001380)=0x66) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x8000, 0x0) ioctl$EVIOCGKEYCODE_V2(r3, 0x80284504, &(0x7f00000001c0)=""/4096) r4 = dup(r0) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000000)={0x0, 0x6, 0x7fff, 0x1000, 0x1, 0x8, 0xe000000000000000, 0x2, {0x0, @in6={{0xa, 0x4e22, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0xfffffffffffffffb}}, 0x8000, 0x289, 0x200, 0x9, 0x9}}, &(0x7f00000000c0)=0xb0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r5, 0x1, 0x20}, 0xc) [ 271.054370] ? kstrtoull+0x766/0x7e0 [ 271.058164] ? kmsan_set_origin_inline+0x6b/0x120 [ 271.063078] ? __msan_poison_alloca+0x15c/0x1d0 [ 271.067827] ? _cond_resched+0x3c/0xd0 [ 271.071790] ? rcu_all_qs+0x32/0x1f0 [ 271.075576] ? _cond_resched+0x3c/0xd0 [ 271.079546] ? rcu_all_qs+0x32/0x1f0 [ 271.083325] ? __sys_sendmmsg+0x61d/0x850 [ 271.087542] __sys_sendmmsg+0x490/0x850 [ 271.091586] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 271.096590] ? syscall_return_slowpath+0xe9/0x710 23:39:58 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000040)) socket$inet6(0xa, 0x80000, 0xcb7e) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:58 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000001c0)={0x9, 0x2, 0x7, 0x0, 0x0}, &(0x7f0000000200)=0x10) setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000240)={r2, 0x4, 0xb9ad}, 0x10) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000040)) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x3843}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={r4, 0xabe}, &(0x7f0000000180)=0x8) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r3) [ 271.101530] __x64_sys_sendmmsg+0x11c/0x170 [ 271.105909] ? __sys_sendmmsg+0x850/0x850 [ 271.110109] do_syscall_64+0x15b/0x230 [ 271.114064] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 271.119301] RIP: 0033:0x455a09 [ 271.122521] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 271.130657] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 271.137976] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 271.145392] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 23:39:58 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) sendto$inet6(r0, &(0x7f0000000000)="4f0ceed746a5206fa84a6ad66ae8eec7bc4ca9a9d1b2dcb32ce537b604ab90fd1f994d1b518ac91a4f7f0b69d269251b4f0a4f93fd40490a74c6ad910f4c859f12555abed081f00a6b0f247c77acb4e91115087f8e5d832cac47ee25484a3fb35328284469096e6e6f37052e3f82e10d6752b4f2083b553ffbcbf94d3d312a4eba322cbb93e733a358a8aa5e44e62a1d3436a6ca22a46c6ded082f94e05f4959bc67b94f1b287abe1ddd4ea08184402618bb081753d9d85b772d4c8102ed3c0eee5c4ad1c3f2a43bcea7157ac262e640951daa74bdd46648cce5b7a51c0689c0", 0xe0, 0x10, &(0x7f0000000100)={0xa, 0x4e22, 0x800, @dev={0xfe, 0x80, [], 0x21}, 0x3f}, 0x1c) 23:39:58 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) setsockopt$sock_void(r0, 0x1, 0x24, 0x0, 0x0) syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x6, 0x204000) [ 271.152708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 271.160026] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000047 23:39:58 executing program 6: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x8001, 0x9, 0x6, 0x1, 0x5, 0x1, 0x6}, 0x1c) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000100)=""/116, &(0x7f0000000000)=0x74) 23:39:58 executing program 0: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:58 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2, 0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000040)) socket$inet6(0xa, 0x80000, 0xcb7e) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:58 executing program 4: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={0x4}, 0x8, 0x80000) ftruncate(r0, 0x2) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) 23:39:58 executing program 2 (fault-call:5 fault-nth:72): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:58 executing program 7: r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x10000, 0x0) preadv(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)}, {&(0x7f0000000100)=""/209, 0xd1}, {&(0x7f0000000200)=""/176, 0xb0}], 0x3, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000600e50300000000000000000000000000000000"], 0x18) close(r1) preadv(r1, &(0x7f0000000040), 0x0, 0x0) ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f00000000c0)=0x1) 23:39:58 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x4caf9f21, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:58 executing program 6: r0 = socket(0x1e, 0x805, 0x0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000080)) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0xfffffffffffffffe) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x5, 0x0) ioctl$BLKREPORTZONE(r2, 0xc0101282, &(0x7f0000000200)=ANY=[@ANYBLOB="a70000000000000005000000000000000300000000000000090000000000000003000000000000000509bd010000000000000000000000000000000000000000000000000000000000000000000000007f000000000000000000000000000000150f0000000000000003090000000000000000000000000000000000224c91e338d45ef0bc71d74c16a7ace5000000000000000000000000000000000000000002000000000000000000000000000000090000000000000000008b090000000000000000000000000000000000000000000000000000000000000000000000003516000000000000030000000000000004000000000000000880230400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000050000000000000040040106000000000000000000000000000000000000000000000000000000000000000000000000"]) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) ftruncate(r2, 0x81) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e23, @rand_addr=0x8}}, 0x2, 0x6, 0xf35b, 0x847, 0x32}, &(0x7f00000001c0)=0x98) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000380)={r3, 0x258, 0xef, "f1ae02f0300808c15666ccd1388dfae9c277ced8546bd569a7a2247d3ff413e502d193f8cc980fd3af01d7b9112eade48fb6384c0c539a9d98c4e503449687035ecc7a11e5c500bf1bb73914a13c0b3dbca093c0bb4cd9c4856491b6e407581dac7245c2ff94324f9dacba5d0289d6df3ccdb6376a06a963282ac7c835938d3b950ac24ec91e9c1fe380943b8990be9a64746c1228f5538d873e3c28bf75d7d12c45ce487a388c7388090ded039af249785f1e998563e884def9ae98a8c210141ae634a3ec266d91de15b40c13c0c9959c2c295ceb72ad5eb90a17b672984d54098f8e1b84aed92a63b832ac29ab6c"}, 0xf7) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f00000000c0)={'bond_slave_0\x00', 0x400}) 23:39:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = geteuid() ioprio_set$uid(0x3, r1, 0x7) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) shutdown(r2, 0x1) 23:39:58 executing program 0: r0 = socket$kcm(0x29, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:58 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000040)={0x303, 0x33}, 0x4) 23:39:58 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/audio\x00', 0x4100, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000001200)={0x0, @in6={{0xa, 0x4e22, 0x8001, @loopback={0x0, 0x1}, 0x2}}, 0x2, 0x6}, &(0x7f00000012c0)=0x90) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000013c0)=ANY=[@ANYRES32=r2, @ANYBLOB="5e0000004c9c3916572732ef7abe34c7ea961a85e0e569c95d78e7cfb69ae9852cb6702db743d23dd42ceb9edd155024cbc7417b0c5f152f502d6e51bd3cf1781734d52a41c57c5d33dc16df7484fa148d5ae683a376cd4a3040ecdf3d2351f656140684e0f8ae5135"], &(0x7f0000001380)=0x66) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x8000, 0x0) ioctl$EVIOCGKEYCODE_V2(r3, 0x80284504, &(0x7f00000001c0)=""/4096) r4 = dup(r0) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000000)={0x0, 0x6, 0x7fff, 0x1000, 0x1, 0x8, 0xe000000000000000, 0x2, {0x0, @in6={{0xa, 0x4e22, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0xfffffffffffffffb}}, 0x8000, 0x289, 0x200, 0x9, 0x9}}, &(0x7f00000000c0)=0xb0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r5, 0x1, 0x20}, 0xc) 23:39:58 executing program 5: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x620100, 0x0) getresuid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)=0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'team_slave_1\x00', 0x0}) fstat(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r0, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000780)={&(0x7f0000000580)=ANY=[@ANYBLOB="c40100001300020027bd7000fddbdf25fe8000000000000000000000000000bbfe8000000000000000000000000000bb4e2400044e242112020080a02e000000", @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="7f00000000000000010000000100000008004acf9f9971937997000000000000c900000000000000040000000000000002000000000000000080000000000000070000000000000009000000000000008a9b000000000000010000000000000005000000bc6b6e0001010200000000000c001000000000000000000028001a00ff020000000000000000000000000001ff0100000000000000000000000000010a007c000c001000000000000000000008000c000300000010000a0027bd700026bd700003000000ac000700e00000020000000000000000000000007f0000010000000000000000000000004e2001004e2400000a00a0203b000000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="ec0800000000000002000000000000004d0a00000000000008000000000000000700000000000000020000000000000000000000000040000800000000000000f0440000000000003f00000000000000050000000000000019e6e15c0000000004000000b16b6e0000010003000000000800030019200000"], 0x1c4}, 0x1, 0x0, 0x0, 0x40000}, 0x48800) pipe2(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r4, 0x407, 0x0) readlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/194, 0xc2) epoll_create1(0x80000) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) modify_ldt$write2(0x11, &(0x7f0000000240)={0x9, 0x1000, 0x0, 0x9, 0x1f, 0x3, 0x6, 0xb0d4, 0x4, 0x3}, 0x10) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r4, 0x84, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000800)=@security={'security\x00', 0xe, 0x4, 0x4b8, 0xffffffff, 0x140, 0x140, 0x0, 0xffffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, &(0x7f0000000280), {[{{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@common=@mh={0x28, 'mh\x00', 0x0, {0x8, 0x8}}, @common=@ipv6header={0x28, 'ipv6header\x00', 0x0, {0x2, 0x83}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x1, 0x1}}}, {{@ipv6={@remote={0xfe, 0x80, [], 0xbb}, @empty, [0xffffff00, 0xff000000, 0xffffff00], [0xff, 0x0, 0x0, 0xffffff00], 'tunl0\x00', 'gre0\x00', {0xff}, {}, 0x2b, 0x66a, 0x1, 0x2}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@physdev={0x98, 'physdev\x00', 0x0, {'irlan0\x00', {0xff}, 'sit0\x00', {}, 0x3, 0x4}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x6, 0x6}}}, {{@ipv6={@ipv4={[], [0xff, 0xff]}, @local={0xfe, 0x80, [], 0xaa}, [0xffffffff, 0xff000000, 0xffffff00, 0xd709b3bc292ebfa], [0xffffffff, 0xff000000, 0xffffffff, 0xffffff00], 'veth1\x00', 'sit0\x00', {}, {}, 0x3e, 0x8, 0x2, 0x25}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@frag={0x30, 'frag\x00', 0x0, {0x7ff, 0x9, 0x1, 0x30, 0x1}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x80000000}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x518) 23:39:58 executing program 6: r0 = socket(0xd, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:58 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x428000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:58 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:58 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x6) [ 272.079295] FAULT_INJECTION: forcing a failure. [ 272.079295] name failslab, interval 1, probability 0, space 0, times 0 [ 272.090678] CPU: 1 PID: 16862 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #1 [ 272.097875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.107235] Call Trace: [ 272.109848] dump_stack+0x185/0x1d0 [ 272.113497] should_fail+0x87b/0xab0 [ 272.117243] __should_failslab+0x278/0x2a0 [ 272.121528] should_failslab+0x29/0x70 [ 272.125446] kmem_cache_alloc_node+0x157/0xc80 [ 272.130082] ? validate_xmit_skb+0xfea/0x1320 [ 272.134615] ? __alloc_skb+0x202/0x9e0 [ 272.138524] __alloc_skb+0x202/0x9e0 [ 272.142257] alloc_skb_with_frags+0x1e6/0xb80 [ 272.146782] ? kmsan_set_origin_inline+0x6b/0x120 [ 272.151649] ? __msan_poison_alloca+0x15c/0x1d0 [ 272.156379] ? sock_alloc_send_pskb+0x13b/0x11a0 [ 272.161184] ? packet_sendmsg+0x6594/0x8ad0 [ 272.165570] sock_alloc_send_pskb+0xb56/0x11a0 [ 272.170200] ? kmsan_set_origin+0x9e/0x160 [ 272.174475] packet_sendmsg+0x6594/0x8ad0 [ 272.178640] ? __fsnotify_parent+0x132/0x560 [ 272.183108] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 272.188584] ? rw_copy_check_uvector+0x643/0x6c0 [ 272.193348] ? __msan_poison_alloca+0x15c/0x1d0 [ 272.198085] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 272.203565] ? import_iovec+0x3c7/0x600 [ 272.207564] ? copy_msghdr_from_user+0x72c/0x830 [ 272.212407] ? compat_packet_setsockopt+0x360/0x360 [ 272.217469] ___sys_sendmsg+0xec8/0x1320 [ 272.221573] ? kmsan_set_origin_inline+0x6b/0x120 [ 272.226441] ? __msan_poison_alloca+0x15c/0x1d0 [ 272.231227] ? _cond_resched+0x3c/0xd0 [ 272.235237] ? rcu_all_qs+0x32/0x1f0 [ 272.238978] ? _cond_resched+0x3c/0xd0 [ 272.242921] ? rcu_all_qs+0x32/0x1f0 [ 272.246673] ? __sys_sendmmsg+0x61d/0x850 [ 272.250858] __sys_sendmmsg+0x490/0x850 [ 272.254881] ? prepare_exit_to_usermode+0x4a/0x3a0 [ 272.259837] ? syscall_return_slowpath+0xe9/0x710 [ 272.264735] __x64_sys_sendmmsg+0x11c/0x170 [ 272.269099] ? __sys_sendmmsg+0x850/0x850 [ 272.273271] do_syscall_64+0x15b/0x230 23:39:59 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000600000000000000000000000002000000000000"], 0x18) 23:39:59 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) 23:39:59 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:59 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/audio\x00', 0x4100, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000001200)={0x0, @in6={{0xa, 0x4e22, 0x8001, @loopback={0x0, 0x1}, 0x2}}, 0x2, 0x6}, &(0x7f00000012c0)=0x90) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000013c0)=ANY=[@ANYRES32=r2, @ANYBLOB="5e0000004c9c3916572732ef7abe34c7ea961a85e0e569c95d78e7cfb69ae9852cb6702db743d23dd42ceb9edd155024cbc7417b0c5f152f502d6e51bd3cf1781734d52a41c57c5d33dc16df7484fa148d5ae683a376cd4a3040ecdf3d2351f656140684e0f8ae5135"], &(0x7f0000001380)=0x66) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x8000, 0x0) ioctl$EVIOCGKEYCODE_V2(r3, 0x80284504, &(0x7f00000001c0)=""/4096) r4 = dup(r0) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000000)={0x0, 0x6, 0x7fff, 0x1000, 0x1, 0x8, 0xe000000000000000, 0x2, {0x0, @in6={{0xa, 0x4e22, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0xfffffffffffffffb}}, 0x8000, 0x289, 0x200, 0x9, 0x9}}, &(0x7f00000000c0)=0xb0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000100)={r5, 0x1, 0x20}, 0xc) 23:39:59 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r2 = socket(0x11, 0x4000000000080003, 0x0) bind$packet(r2, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) syz_emit_ethernet(0x34, &(0x7f00000004c0)=ANY=[@ANYBLOB="2b00000000001b207f5c5eeb08004500005800000000002f9078ac140000000800000086dd0800005700000000100000000100000000000000080022eb0000000020000000020000000000000000000000080065580000000098292528fe27d766b57bae9fbc0f06db3c533aa3c6c3401ea2d3058c1e60749f44dbccd22c5e20b85dee2d0407ebfd6e1ddb6b9da46e9b6f37a001474f399caceadb25bfa0e32c577b5dae044b8ee15c5d5cf616bb1acccba81123dfa55ef07f92febc7c5c79213f36c87b43b236f1870c9403eb08c990c9492f3b7ce801685b448a935d6a7913c669c31f7c489c82586d7019a310d6977d4edca2c02693013f83911a2bc7c46405b260d7000000000000000000000000006fed8d03b1d5166bdcb3776940ca877659a16231a6cf399623348ed3b117f81fbdf823ec3b731b70dc68a4669a5863bb14bb7e01cae3b094aa4b88ecc8705418e9a8ac"], &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000040)=0x3, 0x8) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) getsockname$llc(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0x10) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = accept(0xffffffffffffffff, &(0x7f0000000000)=@alg, &(0x7f0000000080)=0x80) sendmsg$nl_generic(r1, &(0x7f0000000740)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2040}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="b00500002c00000529bd7000fcdbdf2511000000ed2f628d9bf9271d439c4e5c230d7da677a46a859791ced2f526b9988cd37b22508ada03b3c1b53bdabc6915dfbe0b9348a1af2d0e90bf03ff73cc9c9450a6ad02f20229d39946824cb272341359d1aa5f1102cb6fe0a3335f572528fbf40f90d7a1a9864894e61c9cbfb477c91acbc93ac3f4a0ba3efdc7f25c41fec1588e91f3d6eb63f125246bb8502126e8c4a124ea23726ba5c5d9bf058b9cff2c2104f0315b9728406943fa523f45b7068ab00c1d77f5e5eb4e40102cc7d795cdc8fe7f0d607da068bb64c0d50cc46a9dd340663b401cc120b151e23e4a1e03bfef2f6b860c089b151b936c119253739030a46c43a8749028cf1448bacd1232c2cb07ddde18f327bd8c88ed96c382ae9b7050a3290f3e7bf565d1b148ec154903ced6b6aada514ac3fba0001100df360f02b1c253cc0cfe091d0b2571e4a09577204063c6670e3616174b2cf8f7d7f3c77220e8b338453bf4dfbc75da64dc0280fc903b802226ff0a96d67071dfaf6bfd81297ed542029a7ff206c7de8e6be966cf71759b50f2f4d60d92228c1fd00c00360192425392bd768c129efff9774e2ce9efc9d8a1ef9e79109614ba7beb74d4d2657371a92fd98f6396ad5c9fb790fd6fa337203f2bbc20ae5e9168b184abc440024d00dbb73203137fc6131df1ff7553c501810a246ecbed8e55cd80be5ca7e5312ec288ef2b6eb584442617e41aac324729c2beede0b2b003d025fa236defd67e4d2e4d215dd0239ba06db5c44dd4c389a7db6ea98e43c4de588695d3d10f1d0b994962283e6599b8d6ffaa8909a6448afabe0e2cb2754c5bd44bb702e0ecddfb6679a4e6261f141a9015ce43f630debce05f645407a836d1283a941d0efb457789e5998932261b89286697093de0d64a3c2f1f15579e926a5d336c06e3c93a22c20f29099ad8c4a0442faaa06c70aa5958cf6d0c0146c3a20b8b234b528d1d5b1bfa598d45ef8e062cb17825da7a859e2ae235e83187fe1e6fb620f9a55b9727c2d09cf3e9c1b3244ef2066268ff2a9ea9d9588518a88effa274caf1b266bc970c57d14f1fbf0314ad70e23adfffe4115904c55452debcb079fb46a8cf1f6a801a6b6791fa06e8d78caabfb36a8d3e1ff1d5ec82acffe35193b2b813627ab22a59e071c5972892a44c717f297a0795810e0e49fecfbfd1c37456bdbd89160a918d408291d83ff077af5fa1cbc24c09a2b425a1157aec415ebb583f34ad9296093fa6516c31f7038960ffc9ef912aa2a88d26115c2a8bd929ead549dedf67475490f9f8330a8b9df1ff503a0e3b220072cb8c1365185dd9b2ac9f3845c7d1bcac6f8cfdd7fe222eb22255e8638eccfaa9c58bc7180ddb6fb413a5cc804d7cb84d1f4e01f99141fbd6f006a59198b904232fb0604ec6c24eeb7db194e81968817b472492b824135cf0b5658738210a7d000129ae231099cbdc6f87487943f0f400280014f8a29cd923f86d163cc9289a6b9c91529fb7e80974ab7436169433c337d046a0b8aeadf283f4cf77d67a330718a6754a05523460e2e96b030b9d187baa6ac9ba945e657cb5452ec6f6fd8eeeed201c2d3e549356dac7c104e76234addd3bd65be8982ce73f03062095f9492b18cf8f3b606326bbe533321db3e593580b92dc93af6545af35ea787a8963bfed65cadff46242158d5ca1e2a80e8eb86f8cfe9d9ace7af27d98c791f40d1d7329ab3a82edc0f21632edf25e214abc45fe4fd4ec95a51b4bb87c826dff740b35f9b215cf9b3392c9c373e00aee3333f94406028c40e9d58e7c8ee834c4b036a7424383e20b46f0b7b5504b3a2fea14517a99697e6275780f92fbd161db5225ecbcb2e59496869ad61cbb09432c919a953b3a2bf73d01b202ab16abe086e629f46752f789fdccb286087ce8b9b51207fdb8ce4fcaa7873e9f99e5ff5146e89a14eae325fcef6083080093000400310090652f3c595dc40fd1a752911423c433ad509e4aa961f57ab7f7a67471a21d6e15236ad432f71dee0c003b0009000000"], 0x5b0}, 0x1, 0x0, 0x0, 0x80c4}, 0x20000000) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:59 executing program 6: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x808, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) [ 272.277186] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 272.282376] RIP: 0033:0x455a09 [ 272.285582] RSP: 002b:00007f6620f86c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 272.293299] RAX: ffffffffffffffda RBX: 00007f6620f876d4 RCX: 0000000000455a09 [ 272.300574] RDX: 0492492492492510 RSI: 0000000020871fc8 RDI: 0000000000000014 [ 272.307850] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 272.315129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 272.322407] R13: 00000000000005a8 R14: 00000000006fd860 R15: 0000000000000048 23:39:59 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) bind$llc(r0, &(0x7f00000000c0)={0x1a, 0x334, 0x80, 0x20, 0x7fffffff, 0x7ff, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x800455d1, &(0x7f0000000040)) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) 23:39:59 executing program 6: r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) ioctl$LOOP_SET_FD(r0, 0x4c00, r0) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x1f, 0x100000001, 0x80000001, 0x7fffffff, 0x6, 0x101, 0x343f00000000000}, 0x1c) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000140)={{0xa, 0x4e20, 0x7, @mcast2={0xff, 0x2, [], 0x1}, 0x9}, {0xa, 0x4e24, 0x4f600000000000, @dev={0xfe, 0x80, [], 0xf}, 0x6}, 0xfd5, [0xd408, 0xffffffff, 0x5, 0x1, 0x20, 0xfffffffffffffffd, 0xfffc000000000000, 0xffffffffffffffe0]}, 0x5c) r2 = socket(0x1e, 0x805, 0x0) set_mempolicy(0x8006, &(0x7f00000000c0)=0x3ff, 0xffff) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req={0x22400000}, 0x10) 23:39:59 executing program 3: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r0, 0x407, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x4000, 0x0) 23:39:59 executing program 5: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x4, 0x4640) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000080)) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000040)=0x1000000000, 0x4) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000100)=0xfffffffffffffffe, 0x4) pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000200)=""/160) fcntl$setpipe(r2, 0x407, 0x7) setsockopt$inet6_dccp_buf(r2, 0x21, 0x2, &(0x7f00000002c0)="be7f5243f0c6db477be92eb4a2b687b8e002998841296469db05a4654f63e7cf850a0ac932ce4caf1edd0070cda9a987132949bf29066e478ce9704c616592e184df1313f66496443ff16947d3083deb5849f07877ffb5730f5346c3857c7ce4d6f6c11bfe4af2dffe76e5a95410375ac9553a4345ed0f445cbdd3553df2f4ff8b5e34788c94bba8e7ae5af2b42a", 0x8e) 23:39:59 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:59 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x80000, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, &(0x7f0000000040)={0x1, 'y'}, 0x2) listen(r1, 0xd3) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) 23:39:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:59 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r2 = socket(0x11, 0x4000000000080003, 0x0) bind$packet(r2, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) syz_emit_ethernet(0x34, &(0x7f00000004c0)=ANY=[@ANYBLOB="2b00000000001b207f5c5eeb08004500005800000000002f9078ac140000000800000086dd0800005700000000100000000100000000000000080022eb0000000020000000020000000000000000000000080065580000000098292528fe27d766b57bae9fbc0f06db3c533aa3c6c3401ea2d3058c1e60749f44dbccd22c5e20b85dee2d0407ebfd6e1ddb6b9da46e9b6f37a001474f399caceadb25bfa0e32c577b5dae044b8ee15c5d5cf616bb1acccba81123dfa55ef07f92febc7c5c79213f36c87b43b236f1870c9403eb08c990c9492f3b7ce801685b448a935d6a7913c669c31f7c489c82586d7019a310d6977d4edca2c02693013f83911a2bc7c46405b260d7000000000000000000000000006fed8d03b1d5166bdcb3776940ca877659a16231a6cf399623348ed3b117f81fbdf823ec3b731b70dc68a4669a5863bb14bb7e01cae3b094aa4b88ecc8705418e9a8ac"], &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:59 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x1, 0x0) write$fuse(r0, &(0x7f0000000000)={0x18, 0x6, 0x0, @fuse_bmap_out}, 0x18) execveat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=[&(0x7f00000000c0)='/dev/cuse\x00', &(0x7f0000000100)='/dev/cuse\x00'], &(0x7f00000001c0)=[&(0x7f0000000180)='/dev/cuse\x00'], 0x400) 23:39:59 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x719080, 0x0) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:59 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x0, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) 23:39:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000080)=0x4) r1 = socket(0x11, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) bind$packet(r1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) 23:39:59 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop-control\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000240)="0047fc2f07d82c99240970") r2 = socket(0x11, 0x4000000000080003, 0x0) bind$packet(r2, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) syz_emit_ethernet(0x34, &(0x7f00000004c0)=ANY=[@ANYBLOB="2b00000000001b207f5c5eeb08004500005800000000002f9078ac140000000800000086dd0800005700000000100000000100000000000000080022eb0000000020000000020000000000000000000000080065580000000098292528fe27d766b57bae9fbc0f06db3c533aa3c6c3401ea2d3058c1e60749f44dbccd22c5e20b85dee2d0407ebfd6e1ddb6b9da46e9b6f37a001474f399caceadb25bfa0e32c577b5dae044b8ee15c5d5cf616bb1acccba81123dfa55ef07f92febc7c5c79213f36c87b43b236f1870c9403eb08c990c9492f3b7ce801685b448a935d6a7913c669c31f7c489c82586d7019a310d6977d4edca2c02693013f83911a2bc7c46405b260d7000000000000000000000000006fed8d03b1d5166bdcb3776940ca877659a16231a6cf399623348ed3b117f81fbdf823ec3b731b70dc68a4669a5863bb14bb7e01cae3b094aa4b88ecc8705418e9a8ac"], &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 23:39:59 executing program 6: r0 = socket(0x1c, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r1 = socket(0x1e, 0x805, 0xffffffffffffffbc) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000000)=@req={0x22400000}, 0x10) 23:39:59 executing program 1: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x5, 0x8000) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000040)=""/51, 0x33}, {&(0x7f0000000080)=""/81, 0x51}, {&(0x7f0000000180)=""/156, 0x9c}], 0x3) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000001580)='/dev/loop-control\x00', 0x103, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$VT_WAITACTIVE(r0, 0x5607) readv(r1, &(0x7f00000014c0)=[{&(0x7f0000000240)=""/14, 0xe}, {&(0x7f0000000280)=""/196, 0xc4}, {&(0x7f0000000380)=""/191, 0xbf}, {&(0x7f0000000440)=""/78, 0x4e}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x5) ioctl$TCSETS(r0, 0x5402, &(0x7f0000001540)={0xffffffffffffffff, 0x3, 0x5, 0x18ae, 0x8, 0x3, 0x200, 0x2, 0x20, 0x10000, 0x2, 0x6}) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000140)={0x0, 0x3, 0x30, 0x6, 0x2}, &(0x7f00000015c0)=0x18) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001600)={r2, 0x1, 0x5, [0x100, 0x9, 0x2, 0xca, 0x6]}, 0x12) 23:39:59 executing program 5: pipe2(&(0x7f00008df000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x8001) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000000)) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040), &(0x7f0000000080)=0x8) [ 272.953401] ================================================================== [ 272.960848] BUG: KMSAN: uninit-value in vcs_read+0x18ba/0x1cc0 [ 272.966841] CPU: 0 PID: 16982 Comm: syz-executor1 Not tainted 4.17.0-rc5+ #1 [ 272.974125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.983492] Call Trace: [ 272.986094] dump_stack+0x185/0x1d0 [ 272.989745] ? kmsan_internal_check_memory+0x159/0x1e0 [ 272.995044] kmsan_report+0x149/0x260 23:40:00 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) ioctl(r0, 0x0, &(0x7f0000000100)="0047fc2f07d82c99240970") r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000001300)='/dev/urandom\x00', 0x2, 0x0) write$binfmt_elf64(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7f454c46d90001810900000000000000030003000000000001000000000000004000000000000000a60000000000000008000000000838000100030000004509070000000000000005000000000000000600000000000000001000000000000008000000000000000100000000000000040700000000000001000000ffff0000e08fffffffffffff02000000000000000000000000000000ffffff7f000000004000000000000000600200000000000042c07aeca6c0b6b611fc55643ddb310de303da865d4175d962562f3f8b8d0997bb2df505ebf7b0bc40c5066ff100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xadd) [ 272.998949] kmsan_internal_check_memory+0x179/0x1e0 [ 273.004075] kmsan_copy_to_user+0x75/0x160 [ 273.008325] vcs_read+0x18ba/0x1cc0 [ 273.011982] do_iter_read+0x884/0xd80 [ 273.015878] ? vcs_lseek+0x470/0x470 [ 273.019784] do_readv+0x295/0x5f0 [ 273.023269] __x64_sys_readv+0xe1/0x120 [ 273.027251] ? vfs_readv+0x260/0x260 [ 273.030993] do_syscall_64+0x15b/0x230 [ 273.034897] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 273.040089] RIP: 0033:0x455a09 [ 273.043306] RSP: 002b:00007fcac195dc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 273.051032] RAX: ffffffffffffffda RBX: 00007fcac195e6d4 RCX: 0000000000455a09 [ 273.058319] RDX: 0000000000000003 RSI: 0000000020000100 RDI: 0000000000000013 [ 273.065628] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 273.072912] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 273.080200] R13: 000000000000056b R14: 00000000006fd2a8 R15: 0000000000000000 [ 273.087924] [ 273.089557] Uninit was stored to memory at: [ 273.093902] kmsan_internal_chain_origin+0x12b/0x210 [ 273.099023] __msan_chain_origin+0x69/0xc0 [ 273.103280] vcs_read+0xd01/0x1cc0 [ 273.106840] do_iter_read+0x884/0xd80 [ 273.110647] do_readv+0x295/0x5f0 [ 273.114103] __x64_sys_readv+0xe1/0x120 [ 273.118081] do_syscall_64+0x15b/0x230 [ 273.121975] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 273.127161] Uninit was created at: [ 273.130818] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 273.135943] kmsan_kmalloc+0x94/0x100 [ 273.139790] __kmalloc+0x141/0x350 [ 273.143349] vc_allocate+0x438/0x800 [ 273.147083] con_install+0x8c/0x640 [ 273.150725] tty_init_dev+0x1b5/0x1020 [ 273.154640] tty_open+0x17b4/0x2ed0 [ 273.158282] chrdev_open+0xc25/0xd90 [ 273.162005] do_dentry_open+0xcfe/0x15f0 [ 273.166078] vfs_open+0x1b6/0x2f0 [ 273.169540] path_openat+0x47f1/0x6460 [ 273.173439] do_filp_open+0x261/0x640 [ 273.177256] do_sys_open+0x624/0x960 [ 273.180987] __x64_sys_open+0xf2/0x130 [ 273.184889] do_syscall_64+0x15b/0x230 [ 273.188809] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 273.193995] [ 273.195719] Bytes 0-50 of 51 are uninitialized [ 273.200300] Memory access starts at ffff8801bdf5b000 [ 273.205399] ================================================================== [ 273.212759] Disabling lock debugging due to kernel taint [ 273.218245] Kernel panic - not syncing: panic_on_warn set ... [ 273.218245] [ 273.225651] CPU: 0 PID: 16982 Comm: syz-executor1 Tainted: G B 4.17.0-rc5+ #1 [ 273.234236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.243606] Call Trace: [ 273.246217] dump_stack+0x185/0x1d0 [ 273.249892] panic+0x39d/0x950 [ 273.253119] ? kmsan_internal_check_memory+0x159/0x1e0 [ 273.258411] kmsan_report+0x260/0x260 [ 273.262234] kmsan_internal_check_memory+0x179/0x1e0 [ 273.267370] kmsan_copy_to_user+0x75/0x160 [ 273.271625] vcs_read+0x18ba/0x1cc0 [ 273.275343] do_iter_read+0x884/0xd80 [ 273.279169] ? vcs_lseek+0x470/0x470 [ 273.282905] do_readv+0x295/0x5f0 [ 273.286384] __x64_sys_readv+0xe1/0x120 [ 273.290375] ? vfs_readv+0x260/0x260 [ 273.294114] do_syscall_64+0x15b/0x230 [ 273.298024] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 273.303231] RIP: 0033:0x455a09 [ 273.306448] RSP: 002b:00007fcac195dc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 273.314174] RAX: ffffffffffffffda RBX: 00007fcac195e6d4 RCX: 0000000000455a09 [ 273.321464] RDX: 0000000000000003 RSI: 0000000020000100 RDI: 0000000000000013 [ 273.328841] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 273.336130] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 273.343414] R13: 000000000000056b R14: 00000000006fd2a8 R15: 0000000000000000 [ 273.351220] Dumping ftrace buffer: [ 273.354765] (ftrace buffer empty) [ 273.358458] Kernel Offset: disabled [ 273.362067] Rebooting in 86400 seconds..