a635a895b852c03b95a8c8f664a2f0a5aa3648fbb6c6cd11e04ab8efbb334b3785ac3524209d128c4e790e46f594422536f8af4d6a24213e4db11ecd1d92e033ceb38203a7dbd030131b7215284ecf484dbad3517de0402aad9a9513d3b5d7a9e83d77a5a307a69a535e08fa7fe5999250bf8a77f82da0a0aa0d59e43a85e8eb1bde8fcefbf855dcb7cd416e3a098a7f3fb63d053b78e19252bc059890a60bd282de455b141962eb9d85a01ade01ded3571930f214ba1d425f7b13255a84c1cd2a22e48f9ca6285619eb79b87c237d71d6d1b79c3e4439637f1525420885b3c136aacfce15425afe5685ab60787f9481fe5344e6aba27c9fc6b8d171d7a61655a64d377377177abe5b516d17c7f7b473dcd12251acbb119a14026028362efbd10942955b649b9bd7a76bb68d1e9f992e6ebf7fa4342944932985aae5794ae17245c5857cbabdce7ea1659aee97ce674efe2257d355485a9c8aab2c7ef3950fc669f53653172bd611e950e7d1ea88c5d31cf8c93a048cfd45acf5aa3ea3f0b828e0735fc3d931c5f7942a4ef9b6f3cccd67c2633c937feaebb331a8ce89f95de0cde95aa09a344b3871bf0b48f458b3b2a38e96e22d12c5c03cf4b8ff98924eb4e2603e576d5f68f889e4ab2ce8263a721fc4cef1b650bb89e813b8092946271a8206af7f2f5ae40644b73e5e198334449a664a0532c5895c27e7a206378957f7deb02c117e61429fbb473a47e05e668fa9e1c7a499bb86cb6a10e80473bd3713ad1e09782754d4a83478ebffff29b9748b07f7fb3390edf2badf240ccedd8e847c06c45686659a263e3d895e6c1dcfefb0bbc79ba70744900a98adbf56e6900d84a6b800262583e03553919121e44ab9fcb2f0fd19d44db65ca230931535c04b7f522ce9c717094bcebb3c9fd2e625ff219fc0c9e7fa7013a8b2e75c9c97378b70f9d60b1863b00df73546c11d5931ab9b913ac890ea5ee8d306c2ef0edbf29bf02b2449e9d3bd192e35ff38e532349f747ce826750e000305d3d8d5b2c1114640af83baea0c2d63572971e212b3c556d0cf0beaf810ed36b25a4fdef42555c712dfb15e2e95a126e1d7f27018165cbf010fb240cb9ba3921ace7c84cca21b80b28e61545ab201a0b6e3d96427e13f0df564ba37cc60c853bd59cae475a2eaf02f4ac60d3d9e9f4478663f9c7c535f7ce7c0fd6008f2f550df0faf50f47273663cf83f4eb321c5aff167a075a70b5a6ceea6f864cb47cf97e2a57bd7b01dc543fc921e6598b5bbf522032f5f32be542efaef0651131baa32d169a0b5dab4687bb4b70c8b87a679117943917f2b03e635add8cd3b5363003aa923a44a662d1fab90d1f441f476fc3849bae8ad77c4af1f94b95528c6e7195a0ec864a3299d5b1512d430b1684b05a43d44dd8fd97f9e7918a3dc273ac4f7d0a4fff80bdb70a483402b7fa61f33595ee5cd934427b7e80945b9c1ee70e455de2b9ac78b1256db4f1f4f671f9034942d86b5fb54ab07243b45718017a5064be9c46efcf2ba5f0bc11494d3d992a0770d0afbb7e467b9f78556795ff8d2c6eac72c2a7c7725d45b2e3d03d26bd14b92a0a819479faf5b021d57f4acc8fa49ed2fb0e97c1422ee1f078af81f2fc99ff00410de957af16992504be49d41f676a866d4461fee2cb142c035bf458cb6ad31e8605ac80cc3aaa429377c52b382cc4673aa26f2e855bb016adc65e8f350d743358e3ac4c63ea0d70c6e91cf1e26323d48da8a5e0de338102e61b1a32c4fd032d8154b6847894f9c8cb4d3ae18bbd85eae5714916a27010b1f72febef48afac2ff05fbc105551d2c40247ae400806e2c2c65b8bca2202a53d8246a03abc22e0d74141ac3bcbd46e65fbbf775dc2da0479a015f9bae25bc4d64dac93c6a23c279931336411fb67fb5dc80108fcbfa8fd729674acabc09cd810a6517c77e8e83eddc9f2eaa848d82836c3def54adf774edad6f149e1441cadbc4abc958f78afbfaa4038a4da40561fc146c353feb8081e3ad5debb31b1dec59c1ab01f1cad085cb20dd03e29c418c3e2a91232f4e8fac0e10e81fabbc8f3710e11166cb05d5586c47eb5a9ca9f3b027f001c4caa44b107f35eb0a1274e3f3e4d3ae7cf757c3d2375f5c09d980cc37571b0d6802b637fa030441b60142fbf1cb5133b16f25cf34e9d7e1f893cc6e0d36a8e8302a12579b257c22ba36272264c8cd1218cce8878ca665e75e562476cf39e8918992da92eb881c4c78cdfd5a186c0933fcb8de27234474dedeef652db4356618b6f0773f2ba31e930b422c805af2f5f7ffc69f0f43eeccf6fa9ee263e1d6c6c427064852e462196756a9bcdb68c1a2aba50ef4d28ba264536a69491b65f621462bd0fe0dc6e5bf03008cf7f3012300b9400ec28bf79eee9915c02ad50561b03afb0ad491cb4cf74b498b08609cba7b3e638ef09a125ca62a3faf5b07915468e5ce3fb54fc2782d21677ecf9812b7a2e820e484343b249004807503ee865430c83bceedde6c490ba56be806420f078cca42f4b96379d2735f09c2d4eda01af2dd8674f1f215b893fee4d0f9777f78030ec1338ae9aad0b3a6e78064d80971275ee126e32ab4c580f0356c495c86ed9b9a44a5d2aac5c3ad57a4b0474ce6a510ecd21574a675d1ab996049067628c3a854c7ab7b62021ab90a54109749bcab1760dc00470d3b704475b3acbf0cc7c9fb30d7d2c876606876343b1366f3c1b88d9a11712c951a15a3c3ef089f0568cad0ea729604c07769f8f544103377b8dda321391bf9426320f63953c1c9f8561fc6c8027989688fa7ec15e5ce188af3f8f85a8311867577bfcbcac843e115e35600223eb5cab14a668ba77f0b7421842723d8180c750627e8827bc7ab92f04847ff42ca06af73a99d260f88083992803998bff9917465719aba830ac6520c0e813c69989c4a4a6e6d93ee8b9ed4b9af6f89d7d9757eab68e0bbbdc95c6468bced2fa44648eac55214218ac9c62880b391fb039d0aedccbdda156368e7bc490837d8d24c07d4b9804dc3942d2ca713acd1bbe87eda0316977e3d63308b430c0279cd303dc487c3b3a157a2cbd8137e46b06b74d3a265a3fe7ca4fef2286d7f6fcaec7a52ef985fe98ef482a35426433aded387daf9d5207385fd043760a09e6aaec5a2e7c81b4d312027f0c84635bbcf2ce3fdce4acc6dca990f42bfa299715c96949d6977f41217ec132634016f470c049c3c033cb38196f9798c34770e855494d063e6ea987ca51671983bf2709851f882fa4dae987ac090d86f9a9068c64cfb680c4efa2b86c227b4fa2255ddf3606766fa994ddc1cc28b8f0b5d5b26e7715257aacc5da9b9c008f53c32cd3afabcfda55b633427571e5db99d72d0183788406c4df8566e579f21291f263dd55c53fb056f473df9fa62144ca87526a4269bbfe08d2c09c3bde75b2514e3a5534c8d39d8ae5720ef4c9934918d0f15349a6be24aa02aa65d3b679bd449bf4975441470a7ce8fd7861e21851854cbb9ca5f16e323ab33566bd74b2c905114deaa5d39820fa1a33ed556bd8595db9d7752fd75ca6dbbc096b13cc640cd4a5626966b39da30b61e961d1e37cbbff23ec306d811dcff1ed2180d3afb9feebdac77eeb75307c6097fe02cfbadab4fd55a05fad6b828c08563d7071812aca6ce2da32b5ccf3555fb2dc57fa3468de27d3e037bb1497099a5b053ff16834e330e06d18cbb1e953a6fb73163d1924274bcd7c5bd8332bc307f5202b7c0e4346d4195ac62986120f055df7ccbefe259a433e58849d3ed90549dfb917858580602d84749d053961587b9f2aaa53c9e9318ee71580e1029acde1ee741e63150bacf6b533795f82c66e5e7ab08731b057cff3d316b827d8bfd42f3c66481166be519458172dd7720c2dba275467cf355889fd0ec57dabcd706b24d662af288f8052861b3a0f599add14f316e264abfa97b3fbf72b3a5f62616549395b6e5f6ad2c4e5356550641a6e564da18a74880c0f8a4162e4d06595628aaadd19b3d6e1bc59c182b9fc1ba039c169ed03034c1b121ef6660c72477f363d2bf6311e7979f59b4168ead5a77c5e5acace273e5961ffcda67851556d14fef09214a4fbe18e803dab0bf586e1f7bc5b67e1dfa7d7851cca407d1fe72bf93d93d3f500b038e07a743d699b37baa4b548afdebd7ae3ae3e70150236e2141a5edb04407ac54653593df4bbbbc42cb0ddef841530ea9049f1a48323b6b6f2e3888a4ee4e1960123c3e9c256b16c7e678915c8a21c05ef32aa89d9e7c35996927014ff7ac4904545e8aad83764fa457f6bfa5096e55679bcd89923776e84b618bf88169e7bb61a25b7dc4ef08e807ca76ddd4d46b2bc5177bc5811a1d10b41d24ca80a830748e83bd5159b8e4d8aa4fdb65da4ddca6e1eae3b1a1399f7e9d47846157e725916d0b128e6c458d07225e522419e15580201f534f5be2e", 0x1000}, {&(0x7f0000005f00)="56c54b5047eb4ffaed125feba86df63ccb9d905f87901774b5bb437e934c6aa2f16484c5b1a4525128025089ac1ab0d5b31f4e9c45b04dfae4a1bfa2481ea0564c52ae50a3b51dafe318916f51821a0294fe6d05d77857", 0x57}, {&(0x7f0000005f80)="6a7ba50b701793f85773e5e5a540adf9d490c5bddeeae03c04f38ee846b09f9527be06271bda4fab576dd3f482baa18b6f92d80d4d84c992f7eaebb4292517592e767791edb845fddf4c4ce9c5b4486c8468ce4e56f0cd077c871e02c626ac6672f5aab065a8b6593b7c9c1ab38fc3230fc950b128cea87d4eff07d05eead77e40c4d323610cf9581468da34068df3fe9f00c1354ea85183b28c3a2b60d60511686424deef9230d5874a6b7bf983b76cd3ba1a2b247efc71c51c98f1d25fd706fd9ca14d8c3e5bd22d273b3da144ed56721505004c4886432b25edb2b5a8", 0xde}, {&(0x7f0000006080)="3b2146f0b98df754e95c7a9377cfc673da3c010a32f348d2abac781ecaf37610e2e638e7a2d7871693eeff197b7338465fa826b000f7f98bb4b2dac6c44c1732159ed043ddc516d97a98c684e9f6e9800f9bfb70c35395f3609f1cb1b1fc9e50cae0a8da443099e3f0d3ee2c", 0x6c}], 0x7, &(0x7f00000062c0)=[@init={0x14, 0x84, 0x0, {0xa6b, 0x7ff, 0x1ff, 0x800}}, @authinfo={0x10, 0x84, 0x6, {0x5}}, @init={0x14, 0x84, 0x0, {0xbd, 0x2, 0xfff, 0x100}}, @dstaddrv6={0x1c, 0x84, 0x8, @loopback={0x0, 0x1}}, @sndrcv={0x2c, 0x84, 0x1, {0xb0ef, 0x7e, 0x820c, 0x1, 0x8a6, 0x8, 0xe905, 0x6, r3}}, @dstaddrv4={0x10, 0x84, 0x7}, @sndrcv={0x2c, 0x84, 0x1, {0x3, 0x0, 0x200, 0x48000000000000, 0x0, 0x7ff, 0x0, 0x0, r4}}, @prinfo={0x14, 0x84, 0x5, {0x0, 0x10001}}, @sndinfo={0x1c, 0x84, 0x2, {0xbc87f12, 0x6, 0x0, 0x2, r5}}], 0xec, 0x80}, {&(0x7f00000063c0)=@in6={0xa, 0x4e24, 0x3, @loopback={0x0, 0x1}, 0xc1}, 0x1c, &(0x7f00000075c0)=[{&(0x7f0000006400)="84d3dcb07d7e8bb545c7f9d845ee89a6a7f0bc3d145c25d91728a7ac485e92de7c8ac3cd5931c410f97e2562c98b17a5", 0x30}, {&(0x7f0000006440)="2971dadaf0613c6aff547d641f73f418bc23c94a54de7f4c41f1d9e4f979ddf48aa5ac0fcfc53e8506d09888d7af359a3c946ff8c164bfd3a7fb0e029c52c277464ab9ce8bc46c043711dde1b4b800d531f1013927e2a6f313a2e6a477c2fb1eae9ffb0e2ab7edc6c444cbde26111b1be43ab1d04de33017d4", 0x79}, {&(0x7f00000064c0)="9b098fde88bca2e61483fd2c1a27b782b03bc98f0477eb076391a3a955469757b6c741bc170d58ec4b941acf0ec54571c29e1a20d3027c5d5785500f26dbbc2c2c7f0d0978d2", 0x46}, {&(0x7f0000006540)="5fef448779c2b9fabeb7f267c390f3bfc37f6ba3d9129d0202ea8aa0472671a4de1da766f7c498290fcf3180ec205521052f140546171318fbcbfd11c93da8c334019572132e6af527b404988d860b2269e2c6631fc72624a7c0d87556eae341ac9b991db605c0e8a77e9cb1", 0x6c}, {&(0x7f00000065c0)="efe09a72ce47d37436ecff7374babdf68e0c32077ad5d930aeaae43bc08b664aa5b3fc082e9d131b293ba62567cc6d4640c9439ebf95d4a9e8d20fd0437ef84d6e6fb97c51d3e6e10c57a7f05f41b733c8933b5b19fc382737bbd728322dd7bed8a17055275e38e6a00817d221684f302ac87e8e8c3394cf17540086c2705ea157660a47897f3dd3a7cee1902dc0feb2a5a2054afbe1411604b0b70abb80241cbba27bd854c4a09038d47d5d02dd5a760928e8d95de274bdee2842b4cfa4b061c659478f617a3558a44f0a49015b7533e4ed72fbda7b892ce4e9fe5442d85daae7e52df4b60b14dbd784174a9bce7573cff3c688d2e317a2b975b3d744ab51076761cc62e161178f4baf714d258c6e908b4b06738af7ef80bd957eddefff7e8a4fc0d04201f9fa3cfa3ac28ac43ab4d72480a45e45989c68998d5b191a808990108a1d221e0bd7c683cdcb89ad38099dfa7e3e7fbbd6dab679952e5726f97d4ba2c0549f1beca433353a5829eaa9742177a72c34c22c9549c382bccfd2f799403263ef6135804737b6bbcbc281e11efe9d6690c1345043829e86f5f2ac48a4386475efe87a12b5605da0b947e9433dc602d02579056eeb5812e91046ec0655467e6dba8b83b2290c15a4ef8370e6b1094d12ee615e6f3f7aca66ed246ad45ef2903c72c30b0157465910690b5dbaaba11646d5727b30ceced5953b0ab15e5f68339272312babf5b4a4bc5f3e788cd2c3ab457f74c8d925afb85b7fa2ce11acc4b1907b1a79d00f0298b8607cefb93c274e83c166b51427653121eec62251c0c0fa8e626bc16460c28d404e338e706b6dd1bc26b740d41198ae2a4b673bffaef87e94f10dc78f4a10a27808a211e3ef0c57d5c8cf74f51d52de1a7518b451f419d574b05bd1d648bf856aa7249c3f3dda0a7602aff60a293009c58c0e41792e8d6d56e3e1951b314fd946775433647b6dcb9fd109e5b239ed1c34c9eb74c002166773254dd73d548c6029bc32ae3c377f0efcfb46bf17824060152ab2f3cf87096f585977e19c42e749abf71ae56887039495866da44c175bf7101b248c81d76644921f29361bc006a253f33de70cd569911b6cd014a069e4dce7702fe229ed991cf3d5e1eefe32c9ffc3a480fe444491b1238b559603fdf3ec960da3554c63230d7b777771c9f0fee9496c899597c590b3c017344ed9061a38401793dfe077d2cf9d1e071857635c471f7871f4a98f394484077b05b60f08a62156f8a1906e3fcc2818c9c86e31188ca0a43a53692818997ad2f5f46d3ee14ce183c2a525d04e65279920bacdd1acfdd54f39464a17280bacd69eb86fd1abe4089d9d4eb1af1e2d203eedf689e66f27745eb495e9e179bd94a8e7796d87180f1cf98f29487d6ae3fe5e31c6064f38fc2bd7ac9312cd246f00198ec8241ee16d3f9da4638aa1ec79837e008059ad75fcb0570468c948d9366a0b24972273d2f0b299e0443c5353d64ca7f0833dad7e88cc6ae11594323bac0b5434502e79fc30ece80e555c36d5ce23e79656ed49560455a26a5e00ee7a6ae2edf3a74097c69425531ee8f500f82326f242e0448dabd6987f901fb2a323184f12e7e03d061cb8c7c24683a16d41cabf9f804c14b9a7c0079e46b1ddb8bcc28d8fcddef0d4633a7b67c78b132922a7fbe5945a5430cb219b1412321093a10a8bdfd9f5cb6580d7493d8a39f54295bdfcba9d2d03807424edaaaf813ebd07f4f6f0b2e214dcc4899d8d13058902b7ee6eef79bec12c0c82b64195ce672287e0e6ad553cf03658fe883a1825c19f3b7b52e1aea9fa73f827e493d108dff76d8c4b8d63b3ba47c9a9c59cccc46ae0b04d5cb7e362ecafd3fcace4471d7cbc6150d2926608057e0d93b37e5eb09d9da293058335d09315c3a72707cd77dd60ca6b54918be36e4940671f7a2fec3567320c8a0c240e6747391988633a2bbe5e92148ff606e34a28699247c762b90d4cc016ee3000e5120606df5d47c08ac7331e65561536844908a53eceaaf3921501c5373a040196cfeebeaca705fc5e51a4dde3be30346d616e690c392ef4f2a9e3623f2992f7305928ada04fba3134c92f871ac478bf543d0b26967be64c40ef7d8a300dc0b821142c68652ed7e07c2da29c31c164e3e7fca279ee0678e6bb9fb587af7a0668230d9d342e4dc180633ceaabe751f09a1e7ba55801c582e183b8fe258eca3883ed99296e3d077932b6a6e49d44f5443150ea05bef0f53b0e8f9ae79f60af04596d573d7a396b6011707ec20ca2ad944b5aef75830245cc6b5719c9da4ee95511e590e445f1bf23e2f9340f9e9c18aea447823a37ecb268a7777e1235debb7f794490c8b135fd28dcf6ec48f8cb6b22812e5f0f36f3c76b9d1dc19d01424ced6c23cda00cfbe13808f4818f6ca8252dac412e9583e3ffc6eef25f49c703d6011178fa0d44018bc94ea696ccfcb2511173353775e17562963dd2a10bf946ba45c4d40de5cc2d34c1982af8ab4017bfda9ea8f67866e4ccf563f4a65049981655be3718c8c4140219abf64e40c0128e53fc34898d757d6bd8fb75a6d2a8a7a2ef1e9d9eefca46ab74031f41bff21b7e7d1b97c95eb30bca1b7ebcb85dd20c346f02f27cf78875328a0a76b222c7850d04404aa4b03b02738385d310b93e5f845c3d45cee89c679517d54b4e865525dc4d09cc2c5a8d0a8e8ce74cd9e45cfb54fb1191f65536e4d1fa852433e062087122887ec29e5b65b35bd97a948edbfd4ea1f2144422b65efa94e37a7d8c0856d4d7d0db6c0e082b7511243e5bb39cf6b44a3c148867af0b463af1ad50f15d57fadce45ca1649f8cc8ed835cf256e3eae251f6863b3d543ebc23200505c0704f5cf0ca0edcb3239ad72753ad2bbee37a1cc0716d97b4240eeac954b498833407c94ac320a681d4fd43f70c54d9b180eaa58684555c372dc4389c0cc4a52ded6d1f62435ba9c485452cf8b5f39ccbefffdb369f30c332c3e1e2ab98ac5f558e93701856ff95f5e58fee1846aa2b39d1428c75274ee8d8de88c4f4e7c2bebca1904f1e7ab8eb26e962ea779a8d497314205e5f3ba2f59a989583c1428e307729513f854bfb96b5462c20df89200bd341110cca8fdfbc3cd8c6c5c5cc573ca13088929afbe289c724fc2b66ebfc4358dbf2abe6bc61bfb100c84e570a584dfa50b4a55991be4ebf546174eeb170bf86cf19d67321752453999db4a5e46fa4ea214e0c6480569572301baa5940e1a20703bc3dc91397afe9ae05d2e01bd53d976709a8c8029f031a9824d4d8bbb3fe5f870a09dbc3be2dea835fc7929da221d664d1fb19bbbbcb3dac905a766faecf9e74a7b2e436514075f2b906c522ad9fdde3afda7adf95a82a1690d6469f3efca8eda5e92f506fc7590ae7a9990f95eaec4c609589a9b0dc5d564961bf6a8d956664437f6ebb18a8b56d95d7ee97dc4d3c8f929e7af60401a8a563b1017efbeb03835dc04278c8f21f2a78b72b563b42d3594f164d15338ff73f4c4a4b98dd107a00b5e5cfdfc9ca262fba1401b13a83997db740b5b2e8bb4dbc8f5536a4e43da9f5a4b0b6ea871485a4255cf912e551218e413b5ff2e31380b84df98d1f78fe7fe870efff79c4784cd12bb08dd4be6dab5dd7940da480a6b8142316f71e7688da8e1c53e4dc8a07b226de5ec5850ca55cb681e7ed376422cd774c4d4aee90f904c04723f29ff7f9207c69b37b7b746f40eed0977cf31304640fcae05a734e6c8357ff6f4be8764acd3900592bfa37c231b0b6f0ad4ff6f19c574ddfb5eee9476bd6f2e619df06e709228ee66d840fba82d383a5c3c964dd2dfa998d8ce134a73d3c6ac93daaba37c48a880e49addd517a97f47517420dbed8ae1891fdd581751415e6c43d9cfe0c6e800340320d5699b10b50d35f88cbf0b4891a31ae8ffbae97badb167b58a88353e33f5198c4d55b66fb342afcb2803c5bb1c405e61a1db992339b0bcb3eaf20ec477e12c6e55c1a2f087a0aeae1038c9d48fd919b8a1816489e09be516f6432a781637b214f6c71d98f3375e4a32b4a5b149bcd1036449275758df508625bb8bc6a2bf131ba927a1b53ccaba448356a2a3c26c3f35d1e7b72fd2b9aab14a2fdb269e2aafc2fb0e6d38cffc872ebeb91e2f10dd915def9964a3bb992b36c7ce175fb1ee07c5810bfab3dd10ba2d5aa44949a7d04551c54ae2f298668dc1409dacfe7015fb03a80118aec16e5a8d353e54e5560cead87aa863e1f8123c6870967c8c057b2a092c06ec274aa6f6eee785c62b8e1c3abbfa3bdfdf48abe8f7830805d496008c98adc373d2a58560d80595029b69441cf93b0d8dfc4bc77a2c4a5a067d368ef5b215cf112e149e921fecea6603891c9aaa3f5d71ae4ee4aeab4ac2abc575cfe43d60db19400debe703a2ab2ee37d69a20058d16667e3fe95f6cb7b0ee817095dff6886621b6b0ece8ec76db700963b911aab812638b42cb2469c0813c56ecb397b2cbcad94a91393f2bbb5b12d680d9c973b88b74efdfe4a5fcf29eb8c150d35f2184554dcc22a7c9188f4958c14968ce0c51157ff260c3ab99cfcbc0fd4df980ca8b959cffc1035bef186eea99c75bd2ffa603688a5c62cd1f1d201e4faf8bc9e54adb36f50f2e72bc79a5be169f0da08ad92b44b45bc44f75d6827ff09e4f48ba7a2591819a4d87f4555e7bf7d7ece9fd321a74a8f49601c8b71edab1c5ddeface42a70d33ad4b9b0827d4f806465c4dd977006f9a68785200a3c276379c4d7013da7e26ab74dd2b5a460b3d6890b8d3e84a56b6f16591618bd7e952e886e5ff560f4119ba83c9be0a91261b38756affdaf1a99bcc27b2a970c6223ef1b299e6dc4e81bdd952dac28f55eca39e8883eafc81468e208e3a8a35d63dc7652a22935e4911aa764c487d0474eb2538e6009a3b4f9cadac22a0a24d04bb384b27b2361876c684c9e040be004fa07e7c040569f46fe92c8996c18feedcbd8cc44c48a82e57a906853ce4eb9b100122b28c46ac27b9416f087c39bef9deea1ddf61b65b149856816c0fe99f9ba6a1cfcf5f46c9c69a94f17ea766191ce24457c5687266a0ebd078b8d9c6954ad05733b8072659932234af1f7005cc3174b3da73205f8854b59e5b1681575fd7c6df4092724837abe3b9c6d2947c5033601a913de52966a76c1d0c4c624d96f69e635296f58020fce40b8ce124a00418010e6caa2e3780befc2fce3a6e47af83e6c9bb4b8c6cd9445dfcc092880e15852b2b627372b5e4b615c1447a1791dd3564c9bb21072a7b64c4a0f5991c4313f8135d023e86e56910ad5b07bc6aa1680004155173dc425db74eaf8ab17c36dcc624050f39b57f3216a1f492401d997d459ffa258a60d37430d5a6a704cf8cb405869c162ff87e6ef18c861399850db2a38f6afeb46c528b7c6c978c9d96b9869c57b6769f576bef83105a9101b46667affb8bd0dd82887cd6e774764ed5bbc8775cc5422c74a57af7469195a2069bcd568d661dcb4d38fd2b0900e4175b78b4c80fb5d93596fdffea050bd36bab03b1a61b2f88100c850c984ea69c45ac7ec918d4498fa065e04e63a3e13f3a3ccfa83bed0904b3067c0107cf5bba36a2b04853565d0147990c80b3b274a8457fa3586b905893f33c56ae2f1cdcc2aa0b792db52eb7a2320706708ab5de5b7962da4da51e3e8577a976c06aca49272f7f14223e323307141dc31eac390c88dd8c4eb632a2c79387bd907bc35d2025107aa7cf5373575f4facf431bd42802ce34d3c9128f0bbd50c2082b9be8e3a323", 0x1000}], 0x5, &(0x7f0000007840)=ANY=[@ANYBLOB="2c000000840000000100000003000100010000000000000003000000010000000100000004000000", @ANYRES32=r7, @ANYBLOB="2c00000100010005f22a6ff739fc0b8646d80000002d6c8762186792c92fe2a4c19193770000000000000800001093000000400000", @ANYRES32=r8, @ANYBLOB="10000000840000000700000000000000"], 0x68, 0x4000}], 0x5, 0x4000040) 2018/06/01 03:15:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:49 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0xffffffffffffffff, 0x3, 0x1, 0xafd, &(0x7f0000000000)=[0x0, 0x0], 0x2}, 0xc) ioctl$EVIOCGPHYS(r1, 0x80404507, &(0x7f0000000140)=""/79) getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f0000000200)={'nat\x00', 0xef, "5cc17c352ffa42b9be3ea214236f741297db0218e3cce21ac79a1755428fc572931cefdb307cc057708d84e89eed1e026f31706f493f8ee67a4299c3e3bd9e98d2a2ee1538e067b78cde4579010850599fa3f40e61edc503c2c7bda557e297ffec0edc57b064da18843110d8b2e851536fb8d83086b679f14f14cfc302f11f3cd390b78573db8f1bff3d7eec1ab97b5170d6b3ffb4a87fdc187b1b91db2fc73d1328b8b3452bd6c5b4f4f7d0968bf72ce1c77259112156fdb58ef28a61fcc74e1dcc688e44f43a10717ce5c08f680865eef7cebe6b80b876c5c527829083be6af29a7fcd65a0ffaea18a6a5213c939"}, &(0x7f0000000100)=0x113) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_coalesce={0xe}}) 2018/06/01 03:15:49 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000007fffffff"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:49 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xf5ffffff}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:49 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) ioctl$int_out(r0, 0x80004523, &(0x7f0000000080)) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x16180, 0x0) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f00000000c0)={0x400000000000000, 0x13000, 0x9a, 0x4, 0x1b}) 2018/06/01 03:15:49 executing program 2 (fault-call:2 fault-nth:33): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1362.422657] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1362.437691] FAULT_INJECTION: forcing a failure. [ 1362.437691] name failslab, interval 1, probability 0, space 0, times 0 [ 1362.449085] CPU: 0 PID: 21923 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1362.456463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1362.465830] Call Trace: [ 1362.468437] dump_stack+0x1b9/0x294 2018/06/01 03:15:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1362.472186] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1362.477393] ? unwind_get_return_address+0x61/0xa0 [ 1362.482359] ? __save_stack_trace+0x7e/0xd0 [ 1362.486715] should_fail.cold.4+0xa/0x1a [ 1362.490808] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1362.495930] ? save_stack+0xa9/0xd0 [ 1362.499572] ? save_stack+0x43/0xd0 [ 1362.503211] ? kasan_kmalloc+0xc4/0xe0 [ 1362.507108] ? __kmalloc_node_track_caller+0x47/0x70 [ 1362.512225] ? __alloc_skb+0x14d/0x780 [ 1362.516137] ? __ip_append_data.isra.47+0x21d0/0x2a30 2018/06/01 03:15:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1362.521337] ? ip_make_skb+0x2be/0x350 [ 1362.525234] ? udp_sendmsg+0x24ec/0x35e0 [ 1362.529648] ? inet_sendmsg+0x19f/0x690 [ 1362.533676] ? sock_sendmsg+0xd5/0x120 [ 1362.537638] ? __sys_sendto+0x3d7/0x670 [ 1362.541631] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1362.545961] ? do_fast_syscall_32+0x345/0xf9b [ 1362.550489] ? find_held_lock+0x36/0x1c0 [ 1362.554582] ? check_same_owner+0x320/0x320 [ 1362.558935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1362.564490] ? rcu_note_context_switch+0x710/0x710 2018/06/01 03:15:49 executing program 7: r0 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={"79616d300001178b00", 0x4013}) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)="be199a3571995e69cd7a2276eccb04b7268c449b9a1cd92dd93bb2aedcb3bffd7f9d6d802540e8cf1c14089e52e7302c0f08a6b9c7b16e2c93fe7c6cd749eaf605cd21259ca5c5f2f2f8e6915073f5fa1d20d24ba3cfe2803ad77876c11e06eec946be3d4e510083ed129641c2fcb3077690f4a0d5ceef62521d4c9265eb234763c51c6da024df5075b0d4f8e930d72c97e0fa9d9d77a31cdc442ca97c50bdc86619faacd603", &(0x7f00000001c0)="2406375f1e80e41830e293b4ca0d85ec5a3b0bb53f5a821b498009ba745c57cfc4fc1a2cf57c83ddf2fb022050834cf1645af71fe760935179ff1aac9e1314f1eb4440d6429e208777cebc1635e574", 0xa6, 0x4f}) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f00000000c0)=0x9dd) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x105, 0x76, 0xe80, 'queue0\x00', 0x6}) [ 1362.569432] __should_failslab+0x124/0x180 [ 1362.573682] should_failslab+0x9/0x14 [ 1362.577491] kmem_cache_alloc_node+0x272/0x780 [ 1362.582117] __alloc_skb+0x111/0x780 [ 1362.585851] ? skb_scrub_packet+0x580/0x580 [ 1362.590190] ? dst_init+0x459/0x600 [ 1362.593845] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1362.599392] ? ip_generic_getfrag+0x11c/0x2d0 [ 1362.603914] ? ip_reply_glue_bits+0xc0/0xc0 [ 1362.608257] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1362.613293] ? skb_put+0x17b/0x1e0 [ 1362.616852] __ip_append_data.isra.47+0x21d0/0x2a30 2018/06/01 03:15:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1362.621893] ? ip_reply_glue_bits+0xc0/0xc0 [ 1362.626242] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1362.632076] ? xfrm_policy_lookup+0x70/0x70 [ 1362.636419] ? ipv4_mtu+0x375/0x580 [ 1362.640067] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1362.645532] ? find_held_lock+0x36/0x1c0 [ 1362.649628] ? ip_setup_cork+0x44d/0x6d0 [ 1362.653710] ip_make_skb+0x2be/0x350 [ 1362.657442] ? ip_reply_glue_bits+0xc0/0xc0 [ 1362.661780] ? ip_flush_pending_frames+0x30/0x30 [ 1362.666553] ? ip_route_output_key_hash_rcu+0x3380/0x3380 2018/06/01 03:15:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1362.672373] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1362.677927] ? xfrm_lookup_route+0x64/0x1f0 [ 1362.682267] udp_sendmsg+0x24ec/0x35e0 [ 1362.686174] ? ip_reply_glue_bits+0xc0/0xc0 [ 1362.690517] ? udp4_lib_lookup2+0x340/0x340 [ 1362.695207] ? graph_lock+0x170/0x170 [ 1362.699034] ? expand_files.part.8+0x9a0/0x9a0 [ 1362.703636] ? check_same_owner+0x320/0x320 [ 1362.707984] ? lock_downgrade+0x8e0/0x8e0 [ 1362.712148] ? lock_release+0xa10/0xa10 [ 1362.716151] ? check_same_owner+0x320/0x320 [ 1362.720490] ? __check_object_size+0x95/0x5d9 [ 1362.724999] inet_sendmsg+0x19f/0x690 [ 1362.728811] ? __might_sleep+0x95/0x190 [ 1362.732795] ? ipip_gro_receive+0x100/0x100 [ 1362.737133] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1362.742709] ? security_socket_sendmsg+0x94/0xc0 [ 1362.747479] ? ipip_gro_receive+0x100/0x100 [ 1362.751816] sock_sendmsg+0xd5/0x120 [ 1362.755548] __sys_sendto+0x3d7/0x670 [ 1362.759395] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1362.764096] ? wait_for_completion+0x870/0x870 [ 1362.768710] ? __lock_is_held+0xb5/0x140 [ 1362.772796] ? __sb_end_write+0xac/0xe0 [ 1362.776792] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1362.782861] ? fput+0x130/0x1a0 [ 1362.786143] ? ksys_write+0x1a6/0x250 [ 1362.789948] ? __do_page_fault+0x441/0xe40 [ 1362.794183] ? __ia32_sys_read+0xb0/0xb0 [ 1362.798685] __ia32_sys_sendto+0xdf/0x1a0 [ 1362.802827] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1362.807847] do_fast_syscall_32+0x345/0xf9b [ 1362.812180] ? do_int80_syscall_32+0x880/0x880 [ 1362.816773] ? _raw_spin_unlock_irq+0x27/0x70 [ 1362.821277] ? finish_task_switch+0x1ca/0x840 [ 1362.825771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1362.831302] ? syscall_return_slowpath+0x30f/0x5c0 [ 1362.836239] ? sysret32_from_system_call+0x5/0x46 [ 1362.841095] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1362.845962] entry_SYSENTER_compat+0x70/0x7f [ 1362.850363] RIP: 0023:0xf7f63cb9 [ 1362.853718] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1362.861437] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd 2018/06/01 03:15:49 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000002"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:49 executing program 7: prctl$intptr(0x26, 0x1) clone(0x0, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f0000000000)) r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000000)=0x400) eventfd(0x2) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x100) perf_event_open$cgroup(&(0x7f0000000080)={0x7, 0x70, 0x800, 0xca, 0x1, 0x6, 0x0, 0x1f, 0x1000, 0x1, 0x5c9, 0x28, 0x9, 0x1f, 0x5, 0x6, 0x200000004000000, 0x5, 0x0, 0x9, 0x100000000, 0x24, 0x10000, 0x8, 0xffffffff, 0x2, 0x401, 0x40, 0x6655, 0x3ff, 0x7ff, 0xffffffffffffffd9, 0xffff, 0x7, 0x8, 0x0, 0xffffffff88da0f00, 0x7f, 0x0, 0x3, 0x2, @perf_bp={&(0x7f0000000040), 0xc}, 0x2001, 0x9, 0x81, 0x7, 0x9, 0x9, 0x9d4}, r0, 0x4, r1, 0xb) [ 1362.868710] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1362.875983] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1362.883251] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1362.890527] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:49 executing program 6: r0 = socket$inet(0x2, 0x1, 0x4) setsockopt$sock_int(r0, 0x1, 0x24, &(0x7f00000000c0)=0x404, 0x4) getsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040), &(0x7f0000000080)=0x4) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e20}, 0x10) socketpair(0x4, 0x2, 0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000180)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000200)={{0x3, 0x6, 0x5, 0x4, "c868a88b79c69f732091eecadf737d760a18e6d02acd5e0ec6de03fda6c9fe7b0d7b3128a2a40c456b12e9cb", 0x3}, 0x0, 0x0, 0x9, r3, 0x4, 0x7, "d9024fcb73add71a3a395918eda7f327f48cc011da978f38a24e7e039628af565b0d85b823f938499552dbf495169d3677cd2b699c7a4fb61965ba6a8ad0f048", &(0x7f00000001c0)='cpu.stat\x00', 0x9, [], [0x5, 0x8000, 0x7, 0x10000]}) openat$cgroup_ro(r1, &(0x7f0000000140)='cpu.stat\x00', 0x0, 0x0) 2018/06/01 03:15:49 executing program 1: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f000094cff4)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) getsockname$unix(r0, &(0x7f00000022c0)=@abs, &(0x7f0000003340)=0x6e) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x9, [0x5, 0x5, 0x20, 0x0, 0x7, 0x1, 0xffffffffffffffff, 0x1, 0x9]}, &(0x7f0000000080)=0x16) 2018/06/01 03:15:49 executing program 2 (fault-call:2 fault-nth:34): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:49 executing program 3: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x505840, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0106434, &(0x7f0000000080)={0x79, 0x0, 0x1, 0x5}) ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40086436, &(0x7f0000000100)={r1, 0x3}) perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setrlimit(0x7, &(0x7f0000000000)) timerfd_create(0x0, 0x0) [ 1363.045513] FAULT_INJECTION: forcing a failure. [ 1363.045513] name failslab, interval 1, probability 0, space 0, times 0 [ 1363.052553] validate_nla: 4 callbacks suppressed [ 1363.052563] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1363.056885] CPU: 0 PID: 21967 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1363.076495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1363.085882] Call Trace: [ 1363.088490] dump_stack+0x1b9/0x294 [ 1363.092134] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1363.097336] ? is_bpf_text_address+0xd7/0x170 [ 1363.101848] ? kernel_text_address+0x79/0xf0 [ 1363.106270] ? __unwind_start+0x166/0x330 [ 1363.110433] should_fail.cold.4+0xa/0x1a [ 1363.114511] ? __save_stack_trace+0x7e/0xd0 [ 1363.118853] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1363.123974] ? save_stack+0xa9/0xd0 [ 1363.127620] ? save_stack+0x43/0xd0 [ 1363.131265] ? kasan_kmalloc+0xc4/0xe0 [ 1363.135532] ? kasan_slab_alloc+0x12/0x20 [ 1363.139717] ? find_held_lock+0x36/0x1c0 [ 1363.143809] ? check_same_owner+0x320/0x320 [ 1363.148152] ? rcu_note_context_switch+0x710/0x710 [ 1363.153099] __should_failslab+0x124/0x180 [ 1363.157351] should_failslab+0x9/0x14 [ 1363.161164] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1363.166337] __kmalloc_node_track_caller+0x33/0x70 [ 1363.171286] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1363.176058] __alloc_skb+0x14d/0x780 [ 1363.179795] ? skb_scrub_packet+0x580/0x580 [ 1363.184136] ? dst_init+0x459/0x600 [ 1363.187780] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1363.193329] ? ip_generic_getfrag+0x11c/0x2d0 [ 1363.197838] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.202171] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1363.207193] ? skb_put+0x17b/0x1e0 [ 1363.210747] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1363.215780] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.220117] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1363.225926] ? xfrm_policy_lookup+0x70/0x70 [ 1363.230260] ? ipv4_mtu+0x375/0x580 [ 1363.233904] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1363.239364] ? find_held_lock+0x36/0x1c0 2018/06/01 03:15:49 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000004"], 0x60}, 0x1}, 0x0) [ 1363.243454] ? ip_setup_cork+0x44d/0x6d0 [ 1363.247545] ip_make_skb+0x2be/0x350 [ 1363.247570] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.247587] ? ip_flush_pending_frames+0x30/0x30 [ 1363.247607] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1363.247631] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1363.271488] ? xfrm_lookup_route+0x64/0x1f0 2018/06/01 03:15:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:49 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xfe80}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:49 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) getgroups(0x1, &(0x7f0000000040)=[0x0]) stat(&(0x7f0000000240)='/\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getegid() setresgid(r2, r3, r4) 2018/06/01 03:15:49 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000004000000"], 0x60}, 0x1}, 0x0) [ 1363.271509] udp_sendmsg+0x24ec/0x35e0 [ 1363.271531] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.271571] ? udp4_lib_lookup2+0x340/0x340 [ 1363.271588] ? graph_lock+0x170/0x170 2018/06/01 03:15:50 executing program 2 (fault-call:2 fault-nth:35): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1363.271607] ? do_raw_spin_unlock+0x41/0x2e0 [ 1363.271626] ? expand_files.part.8+0x9a0/0x9a0 2018/06/01 03:15:50 executing program 3: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x40, 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080), &(0x7f00000000c0)=0x4) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xfffffef3) read(r1, &(0x7f0000000200)=""/250, 0x50c7e3e3) madvise(&(0x7f00007ca000/0x1000)=nil, 0x1000, 0x4) [ 1363.271643] ? compat_start_thread+0x80/0x80 [ 1363.271658] ? _raw_spin_unlock_irq+0x27/0x70 [ 1363.271686] ? lock_downgrade+0x8e0/0x8e0 [ 1363.271701] ? lock_release+0xa10/0xa10 [ 1363.271715] ? check_same_owner+0x320/0x320 [ 1363.271731] ? __check_object_size+0x95/0x5d9 [ 1363.271748] inet_sendmsg+0x19f/0x690 [ 1363.271762] ? __might_sleep+0x95/0x190 [ 1363.271776] ? ipip_gro_receive+0x100/0x100 [ 1363.271796] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1363.271813] ? security_socket_sendmsg+0x94/0xc0 [ 1363.271825] ? ipip_gro_receive+0x100/0x100 [ 1363.271843] sock_sendmsg+0xd5/0x120 [ 1363.271858] __sys_sendto+0x3d7/0x670 [ 1363.271875] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1363.271894] ? wait_for_completion+0x870/0x870 [ 1363.271916] ? schedule+0xef/0x430 [ 1363.271940] ? __sb_end_write+0xac/0xe0 [ 1363.271959] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1363.271976] ? exit_to_usermode_loop+0x87/0x310 [ 1363.271997] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1363.272011] ? exit_to_usermode_loop+0x1ef/0x310 [ 1363.272028] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1363.272044] __ia32_sys_sendto+0xdf/0x1a0 [ 1363.272058] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1363.272074] do_fast_syscall_32+0x345/0xf9b [ 1363.272092] ? do_int80_syscall_32+0x880/0x880 [ 1363.272108] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1363.272127] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1363.272142] ? syscall_return_slowpath+0x30f/0x5c0 [ 1363.272161] ? sysret32_from_system_call+0x5/0x46 [ 1363.272181] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1363.272200] entry_SYSENTER_compat+0x70/0x7f [ 1363.272211] RIP: 0023:0xf7f63cb9 [ 1363.272220] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1363.272235] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1363.272244] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1363.272252] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1363.272261] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1363.272269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1363.349648] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1363.445786] FAULT_INJECTION: forcing a failure. [ 1363.445786] name failslab, interval 1, probability 0, space 0, times 0 [ 1363.656663] CPU: 0 PID: 22010 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1363.656676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1363.673405] Call Trace: [ 1363.676019] dump_stack+0x1b9/0x294 [ 1363.679657] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1363.684843] ? unwind_get_return_address+0x61/0xa0 [ 1363.689764] ? __save_stack_trace+0x7e/0xd0 [ 1363.694076] should_fail.cold.4+0xa/0x1a [ 1363.698127] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1363.703250] ? save_stack+0xa9/0xd0 [ 1363.706871] ? save_stack+0x43/0xd0 [ 1363.710592] ? kasan_kmalloc+0xc4/0xe0 [ 1363.714465] ? __kmalloc_node_track_caller+0x47/0x70 [ 1363.719569] ? __alloc_skb+0x14d/0x780 [ 1363.723467] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1363.728652] ? ip_make_skb+0x2be/0x350 [ 1363.732544] ? udp_sendmsg+0x24ec/0x35e0 [ 1363.736587] ? inet_sendmsg+0x19f/0x690 [ 1363.740549] ? sock_sendmsg+0xd5/0x120 [ 1363.744420] ? __sys_sendto+0x3d7/0x670 [ 1363.748477] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1363.752805] ? do_fast_syscall_32+0x345/0xf9b [ 1363.757289] ? find_held_lock+0x36/0x1c0 [ 1363.761358] ? check_same_owner+0x320/0x320 [ 1363.765680] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1363.771210] ? rcu_note_context_switch+0x710/0x710 [ 1363.776136] __should_failslab+0x124/0x180 [ 1363.780375] should_failslab+0x9/0x14 [ 1363.784173] kmem_cache_alloc_node+0x272/0x780 [ 1363.788750] __alloc_skb+0x111/0x780 [ 1363.792460] ? skb_scrub_packet+0x580/0x580 [ 1363.796768] ? dst_init+0x459/0x600 [ 1363.800386] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1363.805913] ? ip_generic_getfrag+0x11c/0x2d0 [ 1363.810413] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.814743] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1363.819759] ? skb_put+0x17b/0x1e0 [ 1363.823286] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1363.828298] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.832614] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1363.838404] ? xfrm_policy_lookup+0x70/0x70 [ 1363.842724] ? ipv4_mtu+0x375/0x580 [ 1363.846339] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1363.851773] ? find_held_lock+0x36/0x1c0 [ 1363.855848] ? ip_setup_cork+0x44d/0x6d0 [ 1363.859948] ip_make_skb+0x2be/0x350 [ 1363.863659] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.867977] ? ip_flush_pending_frames+0x30/0x30 [ 1363.872730] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1363.878259] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1363.883798] ? xfrm_lookup_route+0x64/0x1f0 [ 1363.888119] udp_sendmsg+0x24ec/0x35e0 [ 1363.891998] ? ip_reply_glue_bits+0xc0/0xc0 [ 1363.896332] ? udp4_lib_lookup2+0x340/0x340 [ 1363.900642] ? graph_lock+0x170/0x170 [ 1363.904436] ? expand_files.part.8+0x9a0/0x9a0 [ 1363.909015] ? check_same_owner+0x320/0x320 [ 1363.913350] ? lock_downgrade+0x8e0/0x8e0 [ 1363.917485] ? lock_release+0xa10/0xa10 [ 1363.921454] ? check_same_owner+0x320/0x320 [ 1363.925769] ? __check_object_size+0x95/0x5d9 [ 1363.930260] inet_sendmsg+0x19f/0x690 [ 1363.934050] ? __might_sleep+0x95/0x190 [ 1363.938017] ? ipip_gro_receive+0x100/0x100 [ 1363.942333] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1363.947861] ? security_socket_sendmsg+0x94/0xc0 [ 1363.952604] ? ipip_gro_receive+0x100/0x100 [ 1363.956928] sock_sendmsg+0xd5/0x120 [ 1363.960639] __sys_sendto+0x3d7/0x670 [ 1363.964436] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1363.969102] ? wait_for_completion+0x870/0x870 [ 1363.973674] ? __lock_is_held+0xb5/0x140 [ 1363.977750] ? __sb_end_write+0xac/0xe0 [ 1363.981722] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1363.987264] ? fput+0x130/0x1a0 [ 1363.990549] ? ksys_write+0x1a6/0x250 [ 1363.994344] ? __do_page_fault+0x441/0xe40 [ 1363.998564] ? __ia32_sys_read+0xb0/0xb0 [ 1364.003122] __ia32_sys_sendto+0xdf/0x1a0 [ 1364.007262] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1364.012289] do_fast_syscall_32+0x345/0xf9b [ 1364.016615] ? do_int80_syscall_32+0x880/0x880 [ 1364.021208] ? _raw_spin_unlock_irq+0x27/0x70 [ 1364.025694] ? finish_task_switch+0x1ca/0x840 [ 1364.030192] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1364.035729] ? syscall_return_slowpath+0x30f/0x5c0 [ 1364.040674] ? sysret32_from_system_call+0x5/0x46 [ 1364.045519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1364.050359] entry_SYSENTER_compat+0x70/0x7f [ 1364.054753] RIP: 0023:0xf7f63cb9 [ 1364.058096] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1364.065792] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1364.073050] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1364.080306] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1364.087559] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1364.094818] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:51 executing program 6: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/.nforce\x00', 0x0, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x0, 0x0) ioctl$fiemap(r0, 0x40046602, &(0x7f0000000100)=ANY=[]) clock_gettime(0x0, &(0x7f0000000140)) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, &(0x7f00000000c0)) 2018/06/01 03:15:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:51 executing program 7: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @rand_addr=0xef}, 0x10) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000080)={{0x2, 0x4e22, @rand_addr=0x2}, {0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x48, {0x2, 0x4e22}, 'ip6tnl0\x00'}) sendto$inet(r0, &(0x7f0000000280), 0x314, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10) shutdown(r0, 0x1) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) 2018/06/01 03:15:51 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x400, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000180)={@can={0x1d}, {&(0x7f0000000080)=""/58, 0x3a}, &(0x7f00000000c0), 0x1e}, 0x9c) sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x1d2, &(0x7f0000001600)=[{&(0x7f0000000100)="957d470d28f255c2a7049a4a1ff6e2048b956062ffa6e949b13f480fce2e4476353a7bd0e1e6"}, {&(0x7f0000000240)="ae40b5db3addeeea452ad6df424db6cad84407ce7fad31442455375955516a1aec2bd658d34974af5e25a2b527c7f8f6f3e311228885a2bf553ec3008a536e89392d7e868b50f2a6558413ac1d2952b19a13b83a946230dba10ab663515ab723cae0b452bb4eac8927a598f03a1a9d4b20c899dc57801d63f36d6b102a30baa6ece26ac5680e200a62a42f1c160d47c1c88dbf2dbfa01966ab0e34aa10"}, {&(0x7f0000000300)="ad3759835342b778e56fcb2e972378b963c372c6678fe4350af98b6dbe010354f56589f6179bf3b8abe1d5925a58ff8e00bd0a3d92d2335c089ba10822d3cb9669b9cbd31ab67a5c5596d1320f0a760dedcc0e6dfed826f3d733a7edab7d2558ee6f1da5c3b64d660932eb811b0119bcc1da06a87d0d6d7f4761d0bfa82f76271cc23530e01a78888ae6b53b47681a077b01c6e8a172ccdbd22c3854b430a698ff934a37ab"}, {&(0x7f0000001640)="84f62da0d978253e27216d7f08eebe83fce94e27575bea83be32bbd22018ad096cd45160c31e6d501cb4160e81a4ac18c98ada9bdb1854df84169c12bf73edf629dc803a7ce1360253eae3b0accf80785df36c08c470f46d1ac71727d97105d3384a4d2b3537599fd79754c95dd2c85014f6ae98a3e5a76b710f9517a9b0df510f93ef18988a7a445abeb0ba25cdee7d07bde6706415388689270e9cd704fd2a532151a0d8ec6bcfd2e97233d50fadc11efdc9a7116b8c769fde9f342b96fdeb94bef7f1fb815c7d96934c7a08c5f420664009c8faf8f24aea1c68d1b5791f964b1c1700cacd3c0459f91d23a99f7f729f1d072dc3643abddcaf809b11089754d067688c9a545a1aef493edc5905d9b390ba31a871ba5f91dcd561225a42ccad6e421425079aa9a04e9777c3a0a0c6df4e902a88ba1870d76a08dfed6754ee21c728af7d5003e04dd678f9ae3448f990b57f1a443b0735a48b8c176137381f721fb37880b5e19a471eb5dbd0626ed436afda54048f869110c2a177091b182075da3c9b4688ddff44b692d72ff30130fdb503005b28c3bb35ea47a11b808edb0f876a61158d7b22804851b5ceca97a51791fe30864be975117d0943f58618c626a78ec9f83e34e346d96351669bba7b32f58e4a64affd85b073fc1c4291a4b9accb48159b2253f8804ba727a56487ac7c9ee7be1f229d98d36e12c5f03d5f1adbc736ee393ccdda48aba8beed9ae92e8a2c040f5538177ab3085f67e49f0f5240bcc3a5b2c372d41b52b6dc09a068b04bf5cf12d3cd3611d0bd10cda7a3ba194e69344665d0223277536bcfc88ed921caf4f460043180a9784c6ac23059a3627d87e220f3bc60455cc5f90c1f50f6bb1c5c6ddacfdb9f64597ada87fce81077400b003b1823fcd7adc5d9aff9aec831e9ffb4d7765fddbd835b53a496a2e1f759d9353e7d3d5ec50f1fcdf84deb00073802f473258681e83c475f798e3fcf6ade61de2965bda4884ca8d1d3a0c84e69db1c55266cdde59f55556f7afb167b0c8ac6e5a7e2ef2a41e06e24b6420f7f21c169b2b97ab15bd981a85943feaa62b1ff9df087970c8d6c6bbde0459affeb2138d991ddffa5c9437a274adcea8497d4c34924f50bd79495104654d970aa932fb980c68ba0abb6bdbf38bb889182bffefb680dcfdda1093a6acada347647232db86b706209ca0ae00f27d307e0d0262df1325c80fa588c9a99c28b471c363356f338b88a91ae1bf12132271b66611ca3295e7092e2698540b3f1f19d289caeefc6d13589f53193d341b6a4c6164e9ceaf912ae3127793f2b94fb5401d8df9b71acd9f37a79847203519c362f2f850a7326eb7a74280620c906f22330dbfc130619b8b6e3b9ec4eb54aed20dbeeb9e8c34318b89caf49dc2a56e72d9e6efc4678c18ec640d0a5ab5f2b280f4037d1eb8fa92bcac746f5d3db21d35d270e95507942fdce76d380819fe97400d6cbb3c612c8c6a2891c3488101ddd78b178a4ffcac9529388a5085c45090d63976b146340fb029662aef3a43608675f61ec192e3c9de2272cf17a3adda87c8fcb72d661fef4ee5aaa9fd7a4538bb7e6c1a1c9ffb15af541b1b912d33fa3f92970e62b897413b6de6b4e04833744d80e30bccf116899f871445f187a55fdc4be9941e3b5fd58fb179b5917640b27ad866d55ef6f67deed72b263a823b878ffbe855b7b4119f88ff9e637d9cacfc94aa8557f254126cf94c64a50c86b7943e1791f18eb7454111af4ce06b5c3fc7a239d1a89b7ebd2c3f8ef2efb8c076086a98bc44050f3a051f7cc437e2f6bba7ef8205d2b37d823919d9ff04dc8de0f23814cec67ddff2eda212733337708cd48bb47a19e1a1ca12f1eed0f6702d4de668c5873c7f3b18a90aef97678cf493db32dc4a5a7eb3624a9adbb111309cd25df61ab5e0b4ecb2dda8d6abe387fe7a59a89c22acb5ef89ad786cc5a4f691a1e7ad694d046399ec2fb7eeb4c884da7e386f7d2991a7a5b43f4da427e1604c14270ff60a0b27bce0dd0a6c84ee56952e520d8f835e064106e68c95d216564f77332fbb5673d7b1d609a3a6e6c0bef43bd7a0346dabc8fd23551b11a8a9552caec02f0660fb79cc96b854027a8b4d5091e6a347ea1bcc7da3b2547a3e900998904b21feab36825a2e4e4712917a83ab89b5cdbab64a3dcc1a079447245c8f133bc56b52750e335aaff0f0c12c7f76e91e50146b128e97ae419e79105e01f822c52bb6996365a87de5fbae7ba9c59432d2bc5932ac6700d6b731957efca1c242f7465c36dfb77927adf5074750207e6e4eef93d89b9f35bc70e2ba8033d3eba1fd11a9b5f8edd9170c0617a0fe98ed87a37fcf2870d75460467148f079054e592b0f1e98f3eae7eba57468b3cf071ba3bc9a9cf604db9e1b76beff7d3bac82047fb61b0a46a0c4262055dc373fdf80ab7832b18bd56303c2c7856dbec277fde2fe6b6a4742d064603e6ec2f1c688e188a0ec4112122dec9046363f68487c02f2b07e229cec08572c433363de2fc0164a5b0b2398c3fa3d78d81d257248cc0cbf3309a1a6007dfe5f5ba30722ba91f92c1fd07ff0ba776245c7a94d557629063e8d5c67b65ca135ecef533db600b96e27ea77658831fee455aa157a916b52960a4b3d451576b1664aebc6ae59b6df987dead6d862199324fb60c7def65c3cae5f6076f4529f096f38aa22f52db37b54687678c623cfda8f933a0de4e8977eb63b6e0c454664e0026d094160e0580609e2246deb58f3729e4a36405019d50f93ee01b2b542d6c9b840f92f85ab50c39b0c5e18424da6fc804dd3a8b291dc26612293159c0e90390ceff27f64228757527c2b5de893d8ea76289f8c02fae326c505bfa0e25b1d39eacd7d40a2c446af013144bdfdb5faf2495e02dfc935e4861f9d7d7ac67a0c9bbc13827bc40c42f7c04886d34e0f41d96b21a476b4afdc0fbe97ec3ed6d0ec343408fe1babb7d0b379981520a451d2291ee99f43cd6c560a51fe731c6600ceb45912a3f1281c1bef0e1fb008e80b5fa47d8052701dc2b645f2c44356395d604cfdd4fc5188fb75c325ccaf84e216d136a7a0d71343433fab9e19942d0239996858659ed8798ebe2ba198e7c74ee1bd75c6b99e9ec05d921a48f13870a4cb006caa3c4f3d87b03a436de2dd958b40d21c763923a3afc97f4c65881df7ce3b2b80138c43eb59b13ab9be14a2524e1cd5e49943613b6fdd37d5a07d7b39e6ec7ec0c62b9cf84fc1f20eda81905c96e726bb45617c7ccdde60d8a370f76fb84456bf1879b3df06f915753187d02f069bed106e8398f03a868430eabea3f11a80efa639998077788b38cd986f843d40e8fec8c47a4f3d83f423e3b62a0647cd805a2945521cf311ed3c7c44ad09a6a52a0b0c3d312fc96370e8289e312951aef8795e03c92359a2c864af620294b346e3c4d292b57e39b70f148bf1a319174b4eb81713970404d9540c9dd38880f9b534387dcdf28b1979d4e14425ecd63cdcc59313b0a2804cf8873d2a9833d800d2be5e35680af42e33e3ece8a2de69d1f82a5a4155206c28c15334c3b4ec00e42b9e15ab134d9a38d3e12ff0f51c10e7a8b2fcd841a294c22bc7d331b7c4eb6682da5f1d1b0c7bfd1214c195fcdc34559f7da0ef0c3e8102182e920bd5019939ad6f30d6fcec127670d31f86a7c4ad6c2da6c4ea0050f2fd12b1ddd6ad060c9c94f37b55ced92583625bb20dc3580066886e22d99641cae1f1ca933524fae8040db87293875831d63906734c09c227c010b1c5b71fcface3c5a668b86125047760e0c1e47fa83fe7f97ed813475e417b942327f8eb80d129e197c28e1416c3bd691d67c6f0a2dac1713f5e5e9c56a4e70a73f8918061e3b33595c3ef63e5e5be382c7a10a403129e1faecd3ffedb9a116e430b4c1a646c8d19b9a702a552534be8d95101f22c33af7c010ed2ed4909031db4f66e10b22603c7821cd189dce35fd95628c391e031552fbdd22c32f04580219346f9595a4a03ad5c683f88ca71bfa6719a27182fe220cb976b0783e3096774c8ef546340d76c37ab9cdd9b5a26fb89038b5e2d619c62da4a977e54284fe37913b441816bd16555545a8c8f63a4a75dbf19784b02be88b0629346b61c5a904854679b1d4b3738cf4e7ba4d3d9f13e5c0dc2243ab8bfe76a49d7536715262ef840970b8df01fb873323c7082cb9b926482fbec732ace551e157b78b82a6e914dc346ad291da5fcbeadaba30b95fd4a11057025c2a03b47241dbe52109d3784b6b17a7dd9d76cb566745e2f32939ed0f523259e01989e139c3e3598a5ce69ae8aa0e0649906311cf3789ed25b7e42be375622c4609bcb9fe8a8d642ce5009b0157c79e966222d39dc6ce86a500af1184e7fd8af045d887de78a450b0de2ac69e9f0c2ff477458b373f06b1fe384c724f58a740291fd89ab5d67ac81e9ac31dfae85dbccf0c233c83abd8c4f433f8ed2cdd820df4e0d58f37a26fa5768b3b944250e9e15b6cc14c6a7526e68584f55f7ff893b64872fc1a80beed5237971461ed520e7c2853db5d2994820745973a1bb2273a655d4a383720425300fc8833223f0976c823e3e0cc01fb14a9073902e6c49b066de055ae3def331f9a57523660e0bd6bc9fe57f93f0fd9cd61f872504a87588a5fa1619bf66344e97958d741f23041d2c012ed2b28fab5ecc59bf798bd2bbf267e11773c7a24c51d72b38f0654d322ff7b336445ef125bc883a28b41e41ec8f8d1dfc88c03ce8999cd745fa1c6f6b49cbe30370da92378e9cfa5d613e95433af2c51b8b23d4b482c35868fc97e4d9fbf894b4c801412d7a49265edd0c1b25d7497dad321763760ce9bf3f88cfa07604d17a398800f64fd2567311da736fc5bf25b64598ecd05e0269e24b51b6cac0eedd9ea55e9bf953a8bc607d906ccf12507f153411a0902d30c6749ca9572acee6b537c1b608d8d66ea1bf636d2a9fd31a1fa794ecb6cd22b30800bcce3076b0a15b74193c93a32d7ed6cd8f6661c20bcdfaf748a5670e4ac4e03d24ad540ce90c8423fa35c2229870bf1a61290673b60009af3bed37d09526c774741e0ac99602af90febd70865fe804e2c1264a7652a255ca63619b731ee40ea8d76048c503670d66e5594e26a136c8df7ad4db119290e7cd8ba18476d06d2742b8c70fc93623af9bcb5c98174d43652ec6abaacf3b0cc059308067f9ea03cd0786688d2197afc0af9fda7bf3d06e7749ca30a10e204eb3d5c7b205e88094ed6465ce445d5088ae7d2aae5c60c0b9224d770286bc5534e17f9c2f09f960f02aa61cbf601b54fe2d7fd777d9db4da97009a42b7c24f2ffb5f3351aa9830fc0b61a732ca14f9e713fc673a9a36e1f811b504002c6200fec15e293dae4af91f292403ed58536e2f3907024fe8800467b4949a0d66876709f6268c77db7d657c870879da34d071b128237dd38ad5781efc73b14a27a5489fcd0a4fbd29c73b8499d7a162734465d1f324b49f762890fe4f395dddc18be4da9611380a4bf727538dc565389f7df3ebea206a03e213fc59cb6d6cc3499cbbbae14b70f92fee479247e9e1f3bf8dcff32bff6ad8f718da6724df5bb94ba79b114bdbd386007549d7d35cd33e6a01c57fc31b756a2543d772d8f4ad594538798534dc9f84e7300e394018b3a0ef750a85dc99647ad703763aa26897328ca95e29e7bdab1fedb5fe83768bf9263dbe229d479ef8b3610f9655643d7f4e68c670eb427856f507a0170797366b206cd970eed8acb413fd4484"}, {&(0x7f00000013c0)="30fe0aba4a7875218c491c59ea5311cefe5e30801376d25c7341ed0568e34f977e3e4c83320212aca172493f5d00a89e0740945293b05d560f9d18f85b9e28f071ce077e9301448068ae0a0f5bd5df022284331d901cad1cd5b5952d747f324534d8f5a0dbddf485ddde3e80ec6569d113ae4d6fe3fde5b3f036480194ecc7e073fb459b24b8f54fd235838f29061b52b15560469bde0be8ba3167696b89b664cb0a20ef832ad3fc9bd58db29249a9e604801e55d89bb37ef19169065c04448b2d836e4de325d68a6fa16afa76a3b30b1bce2005a5235a34e1ba52df2bbbe6f7122f03371fc3"}, {&(0x7f00000014c0)="a4191811e918e52caa9964943ecffad315233bbc14aca92c6fa7938b322cbf06d26fa4b29354862f47fbf50b6f995b4d1e04c7ba0dc5ea12694016f2d04271328fc5ec863565efb13eb009607c1a150f13dc0d7f2155125ea3086df7529271bb804d4c62f27bc84df45e265aedc33a4c83b8968a14c289739d30ebbb859913d3a94d901292f0063abe0e0cc6118c061803b16913f90b62dd825dd6f2b882caef03ae5f0f3c19869f81d66e8a00f6ac190371abac20285655b08f17eb2b75741d20c57d5f90bf167cc903aa9ee36e14f3679fb8a1aeec151653c7ca"}, {&(0x7f00000015c0)}]}, 0x800) 2018/06/01 03:15:51 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000400300"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:51 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) unshare(0x400) flock(r0, 0x2) r1 = dup(r0) getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x8) ioctl$TIOCLINUX2(r1, 0x541c, &(0x7f0000000000)={0x2, 0x6, 0x7, 0x20, 0x40, 0x9}) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f00000000c0)=0x4410) 2018/06/01 03:15:51 executing program 2 (fault-call:2 fault-nth:36): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:51 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x300}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1364.446559] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1364.453474] FAULT_INJECTION: forcing a failure. [ 1364.453474] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.465488] CPU: 0 PID: 22028 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1364.472873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1364.482265] Call Trace: [ 1364.484874] dump_stack+0x1b9/0x294 [ 1364.488527] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1364.493737] ? is_bpf_text_address+0xd7/0x170 [ 1364.498255] ? kernel_text_address+0x79/0xf0 [ 1364.502685] ? __unwind_start+0x166/0x330 [ 1364.506915] should_fail.cold.4+0xa/0x1a [ 1364.511050] ? __save_stack_trace+0x7e/0xd0 [ 1364.515378] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1364.520491] ? save_stack+0xa9/0xd0 [ 1364.524106] ? save_stack+0x43/0xd0 [ 1364.527719] ? kasan_kmalloc+0xc4/0xe0 [ 1364.531593] ? kasan_slab_alloc+0x12/0x20 [ 1364.535734] ? find_held_lock+0x36/0x1c0 [ 1364.539814] ? check_same_owner+0x320/0x320 [ 1364.544151] ? rcu_note_context_switch+0x710/0x710 [ 1364.549081] __should_failslab+0x124/0x180 [ 1364.553314] should_failslab+0x9/0x14 [ 1364.557120] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1364.562230] __kmalloc_node_track_caller+0x33/0x70 [ 1364.567156] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1364.571911] __alloc_skb+0x14d/0x780 [ 1364.575627] ? skb_scrub_packet+0x580/0x580 [ 1364.579945] ? dst_init+0x459/0x600 [ 1364.583570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1364.589098] ? ip_generic_getfrag+0x11c/0x2d0 [ 1364.593592] ? ip_reply_glue_bits+0xc0/0xc0 [ 1364.597927] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1364.602936] ? skb_put+0x17b/0x1e0 [ 1364.606467] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1364.611486] ? ip_reply_glue_bits+0xc0/0xc0 [ 1364.615803] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1364.621591] ? xfrm_policy_lookup+0x70/0x70 [ 1364.625900] ? ipv4_mtu+0x375/0x580 [ 1364.629518] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1364.634959] ? find_held_lock+0x36/0x1c0 [ 1364.639025] ? ip_setup_cork+0x44d/0x6d0 [ 1364.643081] ip_make_skb+0x2be/0x350 [ 1364.646788] ? ip_reply_glue_bits+0xc0/0xc0 [ 1364.651103] ? ip_flush_pending_frames+0x30/0x30 [ 1364.655852] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1364.661396] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1364.666937] ? xfrm_lookup_route+0x64/0x1f0 [ 1364.671252] udp_sendmsg+0x24ec/0x35e0 [ 1364.675135] ? ip_reply_glue_bits+0xc0/0xc0 [ 1364.679479] ? udp4_lib_lookup2+0x340/0x340 [ 1364.683806] ? graph_lock+0x170/0x170 [ 1364.687605] ? expand_files.part.8+0x9a0/0x9a0 [ 1364.692178] ? check_same_owner+0x320/0x320 [ 1364.696503] ? lock_downgrade+0x8e0/0x8e0 [ 1364.700648] ? lock_release+0xa10/0xa10 [ 1364.704613] ? check_same_owner+0x320/0x320 [ 1364.708930] ? __check_object_size+0x95/0x5d9 [ 1364.713434] inet_sendmsg+0x19f/0x690 [ 1364.717224] ? __might_sleep+0x95/0x190 [ 1364.721186] ? ipip_gro_receive+0x100/0x100 [ 1364.725498] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1364.731028] ? security_socket_sendmsg+0x94/0xc0 [ 1364.735769] ? ipip_gro_receive+0x100/0x100 [ 1364.740091] sock_sendmsg+0xd5/0x120 [ 1364.743803] __sys_sendto+0x3d7/0x670 [ 1364.747593] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1364.752256] ? wait_for_completion+0x870/0x870 [ 1364.756829] ? __lock_is_held+0xb5/0x140 [ 1364.760972] ? __sb_end_write+0xac/0xe0 [ 1364.764939] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1364.770463] ? fput+0x130/0x1a0 [ 1364.773742] ? ksys_write+0x1a6/0x250 [ 1364.777541] ? __do_page_fault+0x441/0xe40 [ 1364.781772] ? __ia32_sys_read+0xb0/0xb0 [ 1364.785823] __ia32_sys_sendto+0xdf/0x1a0 [ 1364.789960] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1364.794966] do_fast_syscall_32+0x345/0xf9b [ 1364.799277] ? do_int80_syscall_32+0x880/0x880 [ 1364.803851] ? _raw_spin_unlock_irq+0x27/0x70 [ 1364.808336] ? finish_task_switch+0x1ca/0x840 [ 1364.812826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1364.818347] ? syscall_return_slowpath+0x30f/0x5c0 [ 1364.823275] ? sysret32_from_system_call+0x5/0x46 [ 1364.828109] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1364.832940] entry_SYSENTER_compat+0x70/0x7f [ 1364.837333] RIP: 0023:0xf7f63cb9 [ 1364.840679] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:15:51 executing program 7: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80, 0x0) ioctl$BLKPG(r0, 0x1269, &(0x7f0000000080)={0x7ff, 0x600000000000, 0x38, &(0x7f0000000040)="1ff4dcfba34cf8190099d6b4017ca5e42613844afe37583a071fbfe549315d659382abe64549cf481d743796e45b786e5db3d3ff4138991c"}) r1 = socket$unix(0x1, 0x801, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8) listen(r2, 0x0) connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8) write$binfmt_aout(r1, &(0x7f00000001c0), 0xffffffffffffff19) [ 1364.848381] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1364.855637] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1364.862902] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1364.870160] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1364.877424] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:51 executing program 1: r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x6, 0x48841) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000080)={0x0, 0xb1f6}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000100)={r1, 0x3f}, 0x8) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x4) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00001edff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x404e20, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) [ 1364.918474] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:15:51 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:51 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f00000001c0)=0x708a, 0x4) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0086426, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{}, {}, {}]}) connect$inet(r0, &(0x7f00000000c0)={0x2}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000200), 0x33d) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000001b40)=0x8, 0x4) recvmmsg(r0, &(0x7f0000001a80)=[{{&(0x7f0000000200)=@l2, 0x80, &(0x7f0000000580)=[{&(0x7f0000000280)=""/198, 0xc6}, {&(0x7f0000000380)=""/29, 0x1d}, {&(0x7f00000003c0)=""/83, 0x53}, {&(0x7f0000000440)=""/117, 0x75}, {&(0x7f00000004c0)=""/164, 0xa4}], 0x5, 0x0, 0x0, 0xff}}, {{&(0x7f00000005c0)=@in={0x0, 0x0, @multicast1}, 0x80, &(0x7f0000001800)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/150, 0x96}, {&(0x7f0000001700)=""/255, 0xff}], 0x3, &(0x7f0000001840)=""/81, 0x51, 0x2}, 0x3}, {{&(0x7f00000018c0)=@ipx, 0x80, &(0x7f0000001a40)=[{&(0x7f0000001940)=""/62, 0x3e}, {&(0x7f0000001980)=""/138, 0x8a}], 0x2, 0x0, 0x0, 0x6}, 0x3}], 0x3, 0x2, &(0x7f0000001b00)={0x77359400}) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x4e23, @loopback=0x7f000001}, {0x6}, 0x40, {0x2, 0x4e20, @broadcast=0xffffffff}, 'bridge_slave_1\x00'}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000001b80)={r0}) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000001bc0)={0x0, 0x1}, &(0x7f0000001c00)=0x8) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000001c40)=@assoc_id=r2, &(0x7f0000001c80)=0x4) getsockopt$inet_mreqsrc(r0, 0x0, 0x26, &(0x7f0000000080)={@local, @loopback}, &(0x7f0000000180)=0xc) 2018/06/01 03:15:51 executing program 2 (fault-call:2 fault-nth:37): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:51 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000003080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x0) r2 = syz_open_pts(r0, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0xffffffff80000000) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x7) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x20180, 0x0) getsockopt$inet_mreq(r3, 0x0, 0x20, &(0x7f00000000c0)={@multicast1, @local}, &(0x7f0000000100)=0x8) dup3(r0, r1, 0x0) 2018/06/01 03:15:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:51 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x80, 0x0) r2 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000240)={{0x5, 0x7, 0x72c, 0x9, "9e75cfe7821f994ede26e254fbe9c00fe11607492a062f80477047fd9d4dd801b1cc881979cb33dec21b723f", 0x3}, 0x0, 0x0, 0x8001, r2, 0xce, 0x9, "4f96a1d0dff26f5333e92a0a3f12d4e17dcdde4dad3147eccd9c104eee12f7bd501d160ab39ad8fd9ab77343644ad4e3ef5890ca7732ac4a711db737b85daab2", &(0x7f00000001c0)='\x00', 0x1, [], [0x4e, 0x0, 0x8000, 0x6]}) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000200)=0x6, 0x4) ioctl$TIOCSTI(r1, 0x5412, 0x101) vmsplice(r0, &(0x7f0000000140)=[{&(0x7f0000000040)="d76c", 0x2}, {&(0x7f00000000c0)="a0bdc164788f18c380746fb26e54adb73ffcade54453deb67e1ed0132558602827bb14c72a090ac5451178b4d0d7fa7b1d4b4a77d58a224f7a84e7e23fddafbd04a742bd77ad64c816545eb00ccdbc06d784", 0x52}], 0x2, 0x2) ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f00000003c0)={'veth0_to_team\x00', {0x2, 0x4e20}}) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x7}, 0x1c) bind$inet6(r0, &(0x7f0000000380)={0xa, 0x4e23, 0xd6bc, @dev={0xfe, 0x80, [], 0xb}, 0xfffffffffffffffd}, 0x1c) 2018/06/01 03:15:51 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xff0f000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:51 executing program 6: r0 = socket$inet6(0xa, 0x3, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1f, &(0x7f0000000080)=""/142, &(0x7f0000000140)=0x8e) getsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000000), &(0x7f0000000040)=0x4) getsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000180), &(0x7f00000001c0)=0x4) openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0x10000, 0x0) [ 1365.382865] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1365.393904] FAULT_INJECTION: forcing a failure. [ 1365.393904] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.405389] CPU: 0 PID: 22078 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1365.412763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1365.422127] Call Trace: [ 1365.424745] dump_stack+0x1b9/0x294 [ 1365.428409] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1365.433622] ? unwind_get_return_address+0x61/0xa0 [ 1365.438657] ? __save_stack_trace+0x7e/0xd0 [ 1365.443001] should_fail.cold.4+0xa/0x1a [ 1365.447084] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1365.452204] ? save_stack+0xa9/0xd0 [ 1365.455846] ? save_stack+0x43/0xd0 [ 1365.459493] ? kasan_kmalloc+0xc4/0xe0 [ 1365.463407] ? __kmalloc_node_track_caller+0x47/0x70 [ 1365.468609] ? __alloc_skb+0x14d/0x780 [ 1365.472512] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1365.477716] ? ip_make_skb+0x2be/0x350 [ 1365.481616] ? udp_sendmsg+0x24ec/0x35e0 [ 1365.485688] ? inet_sendmsg+0x19f/0x690 [ 1365.489675] ? sock_sendmsg+0xd5/0x120 [ 1365.493569] ? __sys_sendto+0x3d7/0x670 [ 1365.497548] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1365.501908] ? do_fast_syscall_32+0x345/0xf9b [ 1365.506421] ? find_held_lock+0x36/0x1c0 [ 1365.510521] ? check_same_owner+0x320/0x320 [ 1365.514883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1365.520459] ? rcu_note_context_switch+0x710/0x710 [ 1365.525410] __should_failslab+0x124/0x180 [ 1365.529695] should_failslab+0x9/0x14 [ 1365.533515] kmem_cache_alloc_node+0x272/0x780 [ 1365.538141] __alloc_skb+0x111/0x780 [ 1365.541883] ? skb_scrub_packet+0x580/0x580 [ 1365.546231] ? dst_init+0x459/0x600 [ 1365.549879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1365.555456] ? ip_generic_getfrag+0x11c/0x2d0 [ 1365.559978] ? ip_reply_glue_bits+0xc0/0xc0 [ 1365.564328] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1365.569376] ? skb_put+0x17b/0x1e0 [ 1365.572944] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1365.577996] ? ip_reply_glue_bits+0xc0/0xc0 [ 1365.582347] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1365.588193] ? xfrm_policy_lookup+0x70/0x70 [ 1365.592549] ? ipv4_mtu+0x375/0x580 [ 1365.596194] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1365.601682] ? find_held_lock+0x36/0x1c0 [ 1365.605794] ? ip_setup_cork+0x44d/0x6d0 [ 1365.609877] ip_make_skb+0x2be/0x350 [ 1365.613625] ? ip_reply_glue_bits+0xc0/0xc0 [ 1365.617968] ? ip_flush_pending_frames+0x30/0x30 [ 1365.622751] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1365.628311] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1365.633869] ? xfrm_lookup_route+0x64/0x1f0 [ 1365.638206] udp_sendmsg+0x24ec/0x35e0 [ 1365.642103] ? ip_reply_glue_bits+0xc0/0xc0 [ 1365.646430] ? udp4_lib_lookup2+0x340/0x340 [ 1365.650754] ? graph_lock+0x170/0x170 [ 1365.654565] ? expand_files.part.8+0x9a0/0x9a0 [ 1365.659148] ? check_same_owner+0x320/0x320 [ 1365.663489] ? lock_downgrade+0x8e0/0x8e0 [ 1365.667635] ? lock_release+0xa10/0xa10 [ 1365.671605] ? check_same_owner+0x320/0x320 [ 1365.675934] ? __check_object_size+0x95/0x5d9 [ 1365.680433] inet_sendmsg+0x19f/0x690 [ 1365.684242] ? __might_sleep+0x95/0x190 [ 1365.688223] ? ipip_gro_receive+0x100/0x100 [ 1365.692632] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1365.698176] ? security_socket_sendmsg+0x94/0xc0 [ 1365.702926] ? ipip_gro_receive+0x100/0x100 [ 1365.707255] sock_sendmsg+0xd5/0x120 [ 1365.710979] __sys_sendto+0x3d7/0x670 [ 1365.714782] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1365.719453] ? wait_for_completion+0x870/0x870 [ 1365.724052] ? __lock_is_held+0xb5/0x140 [ 1365.728123] ? __sb_end_write+0xac/0xe0 [ 1365.732108] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1365.737649] ? fput+0x130/0x1a0 [ 1365.740922] ? ksys_write+0x1a6/0x250 [ 1365.744713] ? __do_page_fault+0x441/0xe40 [ 1365.748949] ? __ia32_sys_read+0xb0/0xb0 [ 1365.753024] __ia32_sys_sendto+0xdf/0x1a0 [ 1365.757173] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1365.762186] do_fast_syscall_32+0x345/0xf9b [ 1365.766536] ? do_int80_syscall_32+0x880/0x880 [ 1365.771128] ? finish_task_switch+0x1ca/0x840 [ 1365.775639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1365.781180] ? syscall_return_slowpath+0x30f/0x5c0 [ 1365.786114] ? sysret32_from_system_call+0x5/0x46 [ 1365.790962] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1365.795808] entry_SYSENTER_compat+0x70/0x7f [ 1365.800227] RIP: 0023:0xf7f63cb9 [ 1365.803601] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1365.811308] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1365.818577] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1365.825842] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:15:52 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x202000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000640)={0x44, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0063404000000000000000000000000000000000000000000000000000000000000000100000000044ad4af69bb838ab399ceca2", @ANYPTR64=&(0x7f0000000240)=ANY=[], @ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="002049472e46c0f920e2c9304cd9f9e2f7df6a5ea91bf0baca310a725c88e79defe5ca5acb4761520f71c95f687f1be10583911294325caaa2cb8459bfa8c10b9aefabe3988e2365f1e5b6eea6ca5b375936ca2487740b727cbd3d149129ec80459f49a0a5229fe3adf3fbeda27128ed"]], 0x0, 0x0, &(0x7f0000000540)}) 2018/06/01 03:15:52 executing program 3: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, &(0x7f0000000000)) r2 = gettid() ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f00000000c0)=ANY=[@ANYBLOB="09000000000000000000000000000000000000000000000000d285e3a4695360afe20c2f8a000000000009000000000000000000"]) tkill(r2, 0x8) r3 = dup2(r0, r0) ioctl$ASHMEM_PURGE_ALL_CACHES(r3, 0x770a, 0x0) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af23, &(0x7f0000000080)) 2018/06/01 03:15:52 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000fffffffb"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:52 executing program 1: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400000, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x4) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000080)={0xff, 0x0, 0x1, 0x32c, 0x0}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000100)={r2, 0xfffffffffffffffe, 0x30, 0x3, 0x3ef2}, &(0x7f00000001c0)=0x18) setrlimit(0x4, &(0x7f0000000040)={0x0, 0x7fffffff}) [ 1365.833114] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1365.840380] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1365.939541] binder: 22089:22093 transaction failed 29201/-22, size -699556284533309440--6706813973561821029 line 2971 [ 1365.995511] binder: BINDER_SET_CONTEXT_MGR already set [ 1366.019550] binder: 22089:22109 ioctl 40046207 0 returned -16 [ 1366.066517] binder: undelivered TRANSACTION_ERROR: 29201 2018/06/01 03:15:52 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) accept4$inet6(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, @mcast1}, &(0x7f0000000240)=0x1c, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x20000) getsockopt$inet_int(r0, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000300)={0x0, 0x1}, 0x8) madvise(&(0x7f0000718000/0x2000)=nil, 0x2000, 0x3) 2018/06/01 03:15:52 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:52 executing program 2 (fault-call:2 fault-nth:38): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:52 executing program 1: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r0 = syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x2, 0x301000) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000200)={0x10007, 0x2, 0x4000, 0x2000, &(0x7f000079f000/0x2000)=nil}) mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000000), 0x8, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x400000, 0x20) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@local, @in6=@mcast2}}, {{}, 0x0, @in=@multicast1}}, &(0x7f0000000180)=0xe8) 2018/06/01 03:15:52 executing program 6: r0 = epoll_create(0x6) r1 = epoll_create(0x3) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f000000dff4)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x6, 0x105000) recvfrom$unix(r2, &(0x7f0000000040)=""/180, 0xb4, 0x40000000, 0x0, 0x44) 2018/06/01 03:15:52 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x4000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:52 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000034000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:52 executing program 7: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2=0xe0000002}, 0x10) close(r0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23}, 0x10) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x6, 0x10, &(0x7f0000000140)={{{@in=@local, @in=@multicast1}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000240)=0xe8) [ 1366.337342] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1366.340218] FAULT_INJECTION: forcing a failure. [ 1366.340218] name failslab, interval 1, probability 0, space 0, times 0 [ 1366.356137] CPU: 0 PID: 22127 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1366.363515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1366.372956] Call Trace: [ 1366.375574] dump_stack+0x1b9/0x294 [ 1366.379197] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1366.384377] ? is_bpf_text_address+0xd7/0x170 [ 1366.388860] ? kernel_text_address+0x79/0xf0 [ 1366.393268] ? __unwind_start+0x166/0x330 [ 1366.397418] should_fail.cold.4+0xa/0x1a [ 1366.401486] ? __save_stack_trace+0x7e/0xd0 [ 1366.405801] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1366.410910] ? save_stack+0xa9/0xd0 [ 1366.414537] ? save_stack+0x43/0xd0 [ 1366.418153] ? kasan_kmalloc+0xc4/0xe0 [ 1366.422046] ? kasan_slab_alloc+0x12/0x20 [ 1366.426187] ? find_held_lock+0x36/0x1c0 [ 1366.430267] ? check_same_owner+0x320/0x320 [ 1366.434604] ? rcu_note_context_switch+0x710/0x710 [ 1366.439550] __should_failslab+0x124/0x180 [ 1366.443793] should_failslab+0x9/0x14 [ 1366.447585] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1366.452687] __kmalloc_node_track_caller+0x33/0x70 [ 1366.457611] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1366.462372] __alloc_skb+0x14d/0x780 [ 1366.466079] ? skb_scrub_packet+0x580/0x580 [ 1366.470393] ? dst_init+0x459/0x600 [ 1366.474018] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1366.480938] ? ip_generic_getfrag+0x11c/0x2d0 [ 1366.485422] ? ip_reply_glue_bits+0xc0/0xc0 [ 1366.489735] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1366.494740] ? skb_put+0x17b/0x1e0 [ 1366.498270] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1366.503289] ? ip_reply_glue_bits+0xc0/0xc0 [ 1366.507623] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1366.513420] ? xfrm_policy_lookup+0x70/0x70 [ 1366.517735] ? ipv4_mtu+0x375/0x580 [ 1366.521355] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1366.526818] ? find_held_lock+0x36/0x1c0 [ 1366.530877] ? ip_setup_cork+0x44d/0x6d0 [ 1366.534928] ip_make_skb+0x2be/0x350 [ 1366.538632] ? ip_reply_glue_bits+0xc0/0xc0 [ 1366.542951] ? ip_flush_pending_frames+0x30/0x30 [ 1366.547698] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1366.553231] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1366.558767] ? xfrm_lookup_route+0x64/0x1f0 [ 1366.563428] udp_sendmsg+0x24ec/0x35e0 [ 1366.567312] ? ip_reply_glue_bits+0xc0/0xc0 [ 1366.571628] ? udp4_lib_lookup2+0x340/0x340 [ 1366.575948] ? graph_lock+0x170/0x170 [ 1366.579742] ? expand_files.part.8+0x9a0/0x9a0 [ 1366.584310] ? check_same_owner+0x320/0x320 [ 1366.588631] ? lock_downgrade+0x8e0/0x8e0 [ 1366.592771] ? lock_release+0xa10/0xa10 [ 1366.596747] ? check_same_owner+0x320/0x320 [ 1366.601071] ? __check_object_size+0x95/0x5d9 [ 1366.605560] inet_sendmsg+0x19f/0x690 [ 1366.609360] ? __might_sleep+0x95/0x190 [ 1366.613324] ? ipip_gro_receive+0x100/0x100 [ 1366.617652] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1366.623183] ? security_socket_sendmsg+0x94/0xc0 [ 1366.627925] ? ipip_gro_receive+0x100/0x100 [ 1366.632239] sock_sendmsg+0xd5/0x120 [ 1366.635949] __sys_sendto+0x3d7/0x670 [ 1366.639740] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1366.644417] ? wait_for_completion+0x870/0x870 [ 1366.649005] ? __lock_is_held+0xb5/0x140 [ 1366.653075] ? __sb_end_write+0xac/0xe0 [ 1366.657058] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1366.662587] ? fput+0x130/0x1a0 [ 1366.665869] ? ksys_write+0x1a6/0x250 [ 1366.669672] ? __do_page_fault+0x441/0xe40 [ 1366.674006] ? __ia32_sys_read+0xb0/0xb0 [ 1366.678069] __ia32_sys_sendto+0xdf/0x1a0 [ 1366.682209] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1366.687217] do_fast_syscall_32+0x345/0xf9b [ 1366.691539] ? do_int80_syscall_32+0x880/0x880 [ 1366.696130] ? _raw_spin_unlock_irq+0x27/0x70 [ 1366.700790] ? finish_task_switch+0x1ca/0x840 [ 1366.705306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1366.710842] ? syscall_return_slowpath+0x30f/0x5c0 [ 1366.715850] ? sysret32_from_system_call+0x5/0x46 [ 1366.720685] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1366.725531] entry_SYSENTER_compat+0x70/0x7f [ 1366.729931] RIP: 0023:0xf7f63cb9 2018/06/01 03:15:53 executing program 1: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x10040, 0x0) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000200)={0x0, 0x6, 0x80, 0x3, 0x6, 0x6, 0x7, 0x8, {0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x43, 0x396671a0, 0x1, 0x400, 0x7}}, &(0x7f00000002c0)=0xb0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000300)={0x31, 0x7ff, 0x204, 0x0, 0x0, 0x1ac, 0x81, 0x1e, r1}, &(0x7f0000000340)=0x20) r2 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x40, 0x0) vmsplice(r2, &(0x7f0000000180)=[{&(0x7f0000000080)="a520a50717bd28c5a037adb8f7466d3437eb554415cfbf29b3bd68b51225230b78d7c389f13078e8c71bb4a6ac9f2a686ed02751df665a4cea401c2fd09b22ffddc1d1a69242f559f859b738c041f568dba167700fd91b464f5d792e6c4179fad448bc4bddd911bde77f2ec2c5cd62d34b1d1d389e884da50ec79d9724482d294355101502b873c6952157a0cb3b73b1a1c5f75940565cef5d4ea77327473d8c1447dde46da7a9f5400a880a2eb003cb5d5a1f46c837fac9e8c08141a389854b011d885fe693c735836b0e5add334d8497cd", 0xd2}], 0x1, 0x1) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0xa82, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000001580)=0x1b) writev(r3, &(0x7f0000001d80)=[{&(0x7f0000001c00)=';', 0x1}], 0x1) [ 1366.733282] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1366.741421] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1366.748690] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1366.755954] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1366.763245] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1366.770521] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:53 executing program 2 (fault-call:2 fault-nth:39): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:53 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@broute={'broute\x00', 0x20, 0x1, 0x1c4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000040], 0x0, &(0x7f0000000000), &(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000500000000000000000076657468315f746f5f7465616d000000697036746e6c3000000000000000000069726c616e300000000000000000000069666230000000000000000000000000ffffffffffff000000000000aaaaaaaaaa000000000000000000e40000000c0100003401000064657667726f7570000000000000000000000000000000000000000000000000140000000000001f0400000000000000000000000000000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000726564697265637400000000000000000000000000000000000000000000000004000000000000004155444954000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000011f3bbce48aeb1005bad344e8dcd92f2f789607120ccca9392f62deb2309637496488ca00224e0f11e2715f5bba71415e59a08cd046cd516b541ae9661d143f7f8c3230dcdf774d8db2ac0339a54d6f8de3bd34bbf374c278d888b5bf48e60e47d751d824739416e438101e1815bffcdca"]}, 0x285) 2018/06/01 03:15:53 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000001"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:53 executing program 6: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x8001) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f00000001c0)={r0, r0, 0xfffffffffffffff8, 0x6, &(0x7f0000000100)="682c92606a99cf8d33158f3ef48f530138e971f9b30a042b3ec17a1de3d813ad7db664765d8e6dad4c77be76f0bb5a92a399cc4a8e0dc222c3ea63d646ed65e4ff75c9effa3b1950809587353ec0b2297501b56491966bf1d0812ebd9ed281113bbd31ace2c7196a4a128133113437b60298587ae1d3183b497c89bc4a9808ce65deb7841f02770cf8", 0x0, 0xff, 0x101, 0x2, 0x5, 0x2d0, 0x78ec, "496ba43b300bd751df2559031c86b3997bc085a9de8988fff6067b978b731966a17025ede788f7c6208057edd2a0e95064d4ee8940b292d7d0d0c876ebca6c6ba42dfe32f95fdda407f270f1"}) sigaltstack(&(0x7f0000822000/0x1000)=nil, &(0x7f0000000080)) mlockall(0x1) ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, &(0x7f00000000c0)) madvise(&(0x7f00001a2000/0xc00000)=nil, 0xc00000, 0x4000000000000008) [ 1366.924447] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1366.931129] FAULT_INJECTION: forcing a failure. [ 1366.931129] name failslab, interval 1, probability 0, space 0, times 0 [ 1366.943379] CPU: 0 PID: 22147 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1366.950849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1366.960395] Call Trace: [ 1366.963008] dump_stack+0x1b9/0x294 [ 1366.966665] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1366.971883] ? unwind_get_return_address+0x61/0xa0 [ 1366.973145] QAT: Invalid ioctl [ 1366.976846] should_fail.cold.4+0xa/0x1a [ 1366.976870] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1366.976890] ? save_stack+0xa9/0xd0 [ 1366.976906] ? save_stack+0x43/0xd0 [ 1366.976919] ? kasan_kmalloc+0xc4/0xe0 [ 1366.976932] ? __kmalloc_node_track_caller+0x47/0x70 [ 1366.976948] ? __alloc_skb+0x14d/0x780 [ 1366.976961] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1366.976980] ? udp_sendmsg+0x24ec/0x35e0 [ 1367.005502] QAT: Invalid ioctl [ 1367.005554] ? inet_sendmsg+0x19f/0x690 [ 1367.025885] ? sock_sendmsg+0xd5/0x120 [ 1367.027442] kernel msg: ebtables bug: please report to author: Wrong len argument [ 1367.029799] ? __sys_sendto+0x3d7/0x670 [ 1367.029813] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1367.029830] ? do_fast_syscall_32+0x345/0xf9b [ 1367.029850] ? find_held_lock+0x36/0x1c0 [ 1367.029889] ? check_same_owner+0x320/0x320 [ 1367.058692] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1367.060543] QAT: Invalid ioctl [ 1367.064291] ? rcu_note_context_switch+0x710/0x710 2018/06/01 03:15:53 executing program 1: unshare(0x2000400) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00') perf_event_open(&(0x7f00000001c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0x0, r0, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000100)={0x0, 0x81, 0x800, &(0x7f0000000000)=0x61e}) ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000080)={[{0x9, 0xfffffffffffffbff, 0xfffffffffffffffd, 0x19, 0xe914, 0x1, 0x2, 0x1000, 0x2, 0x2b, 0x2, 0x9d79, 0x7f}, {0x1, 0xffff, 0x4, 0x4, 0x7, 0x6, 0xfffffffffffffff7, 0x1ff, 0x40, 0x1ff, 0x9, 0x4, 0x6}, {0x0, 0x7, 0x8, 0x1, 0x2400000000000, 0x4, 0x9, 0x3c80, 0x40, 0xffff, 0x5, 0x100000001}], 0x810}) 2018/06/01 03:15:53 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioprio_set$pid(0x2, 0x0, 0x4001) clone(0x80000, &(0x7f0000000280), &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000000)) [ 1367.064312] __should_failslab+0x124/0x180 [ 1367.064332] should_failslab+0x9/0x14 [ 1367.064347] kmem_cache_alloc_node+0x272/0x780 [ 1367.064370] __alloc_skb+0x111/0x780 [ 1367.064390] ? skb_scrub_packet+0x580/0x580 [ 1367.094126] ? dst_init+0x459/0x600 [ 1367.097791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1367.102544] QAT: Invalid ioctl [ 1367.103347] ? ip_generic_getfrag+0x11c/0x2d0 [ 1367.103366] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.103384] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1367.103405] ? skb_put+0x17b/0x1e0 [ 1367.124303] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1367.129348] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.133703] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1367.139525] ? xfrm_policy_lookup+0x70/0x70 [ 1367.143876] ? ipv4_mtu+0x375/0x580 [ 1367.147529] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1367.153087] ? find_held_lock+0x36/0x1c0 [ 1367.157525] ? ip_setup_cork+0x44d/0x6d0 [ 1367.161603] ip_make_skb+0x2be/0x350 [ 1367.165340] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.169677] ? ip_flush_pending_frames+0x30/0x30 [ 1367.174432] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1367.179976] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1367.185689] ? xfrm_lookup_route+0x64/0x1f0 [ 1367.190009] udp_sendmsg+0x24ec/0x35e0 [ 1367.193897] ? perf_trace_lock+0xd6/0x900 [ 1367.198042] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.202460] ? udp4_lib_lookup2+0x340/0x340 [ 1367.206772] ? graph_lock+0x170/0x170 [ 1367.210579] ? expand_files.part.8+0x9a0/0x9a0 [ 1367.215165] ? lock_downgrade+0x8e0/0x8e0 [ 1367.219320] ? lock_release+0xa10/0xa10 [ 1367.223288] ? check_same_owner+0x320/0x320 [ 1367.228043] ? __check_object_size+0x95/0x5d9 [ 1367.232538] inet_sendmsg+0x19f/0x690 [ 1367.236328] ? __might_sleep+0x95/0x190 [ 1367.240292] ? ipip_gro_receive+0x100/0x100 [ 1367.244635] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1367.250167] ? security_socket_sendmsg+0x94/0xc0 [ 1367.254910] ? ipip_gro_receive+0x100/0x100 [ 1367.259233] sock_sendmsg+0xd5/0x120 [ 1367.263120] __sys_sendto+0x3d7/0x670 [ 1367.266915] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1367.271602] ? wait_for_completion+0x870/0x870 [ 1367.276193] ? __sb_end_write+0xac/0xe0 [ 1367.280178] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1367.285729] ? fput+0x130/0x1a0 [ 1367.289004] ? ksys_write+0x1a6/0x250 [ 1367.292809] ? __do_page_fault+0x441/0xe40 [ 1367.297300] ? __ia32_sys_read+0xb0/0xb0 [ 1367.301366] __ia32_sys_sendto+0xdf/0x1a0 [ 1367.305521] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1367.310531] do_fast_syscall_32+0x345/0xf9b [ 1367.314846] ? do_int80_syscall_32+0x880/0x880 [ 1367.319419] ? _raw_spin_unlock_irq+0x27/0x70 [ 1367.323903] ? finish_task_switch+0x1ca/0x840 [ 1367.328394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1367.333933] ? syscall_return_slowpath+0x30f/0x5c0 [ 1367.338868] ? sysret32_from_system_call+0x5/0x46 [ 1367.343709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1367.348551] entry_SYSENTER_compat+0x70/0x7f [ 1367.352960] RIP: 0023:0xf7f63cb9 [ 1367.356314] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1367.364028] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1367.371290] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1367.378557] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1367.385817] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1367.393076] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:54 executing program 6: r0 = socket(0xa, 0x1, 0x0) recvfrom(r0, &(0x7f0000000140)=""/79, 0x4f, 0x40000000, &(0x7f00000001c0)=@pptp={0x18, 0x2, {0x3, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x80) setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000300)=0x788b0ebd, 0x409e) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000240)=0x0) ptrace$cont(0xffffffffffffffff, r1, 0x6, 0xfffffffffffffff9) getsockopt$inet_opts(r0, 0x0, 0x2, &(0x7f0000000440)=""/249, &(0x7f0000000000)=0xf9) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={0x0, 0x6}, &(0x7f0000000080)=0x8) bind(r0, &(0x7f0000000280)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x0, 0x4, 0x3, 0x3, {0xa, 0x4e24, 0x4, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x15}}, 0xa91}}}, 0x80) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x8, 0x8000, 0x1, 0x3, r2}, &(0x7f0000000100)=0x10) getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000340)={@loopback, @rand_addr, 0x0}, &(0x7f0000000380)=0xc) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000580)={@hci={0x1f, r3}, {&(0x7f00000003c0)=""/106, 0x6a}, &(0x7f0000000540), 0x40}, 0x9c) 2018/06/01 03:15:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000240)='/dev/snd/pcmC#D#c\x00', 0x7, 0x1) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d2, &(0x7f0000000300)={0x6, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, [0x2]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f0000000080)={0x1, 0x0, [{0x1}]}) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, [0x1, 0xc00000000000000, 0x5]}) 2018/06/01 03:15:54 executing program 2 (fault-call:2 fault-nth:40): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:54 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000002000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:54 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000e00)={0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000dc0)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_UID={0x8, 0x19}]}, 0x24}, 0x1}, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e23, 0x6, @remote={0xfe, 0x80, [], 0xbb}, 0x9}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000140)={r2, @in={{0x2, 0x4e23, @rand_addr=0x92f}}, 0x100, 0x5}, &(0x7f0000000200)=0x88) 2018/06/01 03:15:54 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x50000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:54 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:54 executing program 7: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x81, 0x5}, &(0x7f0000000140)=0x88) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000180)={r2, @in6={{0xa, 0x4e20, 0x7, @local={0xfe, 0x80, [], 0xaa}, 0x800}}}, 0x84) 2018/06/01 03:15:54 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000200), 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000000)={0x8, 0x2, 0xfff, 0x7, 0x0}, &(0x7f0000000040)=0x10) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000080)={r2, 0x1000, 0x7}, 0x8) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0) recvfrom$ax25(r1, &(0x7f0000000300)=""/90, 0x5a, 0xfffffffffffffffc, &(0x7f0000000100)={0x3, {"d4ad0f2391f881"}}, 0x10) [ 1367.744132] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1367.754130] FAULT_INJECTION: forcing a failure. [ 1367.754130] name failslab, interval 1, probability 0, space 0, times 0 [ 1367.765468] CPU: 0 PID: 22182 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1367.772848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1367.782560] Call Trace: [ 1367.785174] dump_stack+0x1b9/0x294 [ 1367.788832] ? dump_stack_print_info.cold.2+0x52/0x52 2018/06/01 03:15:54 executing program 6: r0 = memfd_create(&(0x7f0000000080)="5bd295e7a5c45ebd0000", 0x0) chdir(&(0x7f0000000040)='./file0\x00') write$binfmt_aout(r0, &(0x7f0000000400)={{0x108, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e2}}, 0x20) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f00000003c0), &(0x7f00000005c0), 0x1000) [ 1367.794047] ? is_bpf_text_address+0xd7/0x170 [ 1367.798576] ? kernel_text_address+0x79/0xf0 [ 1367.803009] ? __unwind_start+0x166/0x330 [ 1367.807219] should_fail.cold.4+0xa/0x1a [ 1367.811314] ? __save_stack_trace+0x7e/0xd0 [ 1367.815664] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1367.820815] ? save_stack+0xa9/0xd0 [ 1367.824722] ? save_stack+0x43/0xd0 [ 1367.828363] ? kasan_kmalloc+0xc4/0xe0 [ 1367.832260] ? kasan_slab_alloc+0x12/0x20 [ 1367.836446] ? find_held_lock+0x36/0x1c0 [ 1367.840524] ? check_same_owner+0x320/0x320 [ 1367.844851] ? rcu_note_context_switch+0x710/0x710 [ 1367.849789] __should_failslab+0x124/0x180 [ 1367.854115] should_failslab+0x9/0x14 [ 1367.857920] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1367.863024] __kmalloc_node_track_caller+0x33/0x70 [ 1367.867959] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1367.872707] __alloc_skb+0x14d/0x780 [ 1367.876423] ? skb_scrub_packet+0x580/0x580 [ 1367.880740] ? dst_init+0x459/0x600 [ 1367.884375] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1367.889912] ? ip_generic_getfrag+0x11c/0x2d0 [ 1367.894398] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.898816] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1367.903828] ? skb_put+0x17b/0x1e0 [ 1367.907381] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1367.912408] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.916731] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1367.922536] ? xfrm_policy_lookup+0x70/0x70 [ 1367.926851] ? ipv4_mtu+0x375/0x580 [ 1367.930479] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1367.935922] ? find_held_lock+0x36/0x1c0 [ 1367.939994] ? ip_setup_cork+0x44d/0x6d0 [ 1367.944052] ip_make_skb+0x2be/0x350 [ 1367.947772] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.952093] ? ip_flush_pending_frames+0x30/0x30 [ 1367.956849] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1367.962380] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1367.967916] ? xfrm_lookup_route+0x64/0x1f0 [ 1367.972228] udp_sendmsg+0x24ec/0x35e0 [ 1367.976121] ? ip_reply_glue_bits+0xc0/0xc0 [ 1367.980448] ? udp4_lib_lookup2+0x340/0x340 [ 1367.984763] ? graph_lock+0x170/0x170 [ 1367.988564] ? expand_files.part.8+0x9a0/0x9a0 [ 1367.993159] ? check_same_owner+0x320/0x320 [ 1367.997494] ? lock_downgrade+0x8e0/0x8e0 [ 1368.002491] ? lock_release+0xa10/0xa10 [ 1368.006469] ? check_same_owner+0x320/0x320 [ 1368.011044] ? __check_object_size+0x95/0x5d9 [ 1368.015543] inet_sendmsg+0x19f/0x690 [ 1368.019348] ? __might_sleep+0x95/0x190 [ 1368.023314] ? ipip_gro_receive+0x100/0x100 [ 1368.027627] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1368.040720] ? security_socket_sendmsg+0x94/0xc0 [ 1368.045487] ? ipip_gro_receive+0x100/0x100 [ 1368.049805] sock_sendmsg+0xd5/0x120 [ 1368.053510] __sys_sendto+0x3d7/0x670 [ 1368.057312] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1368.061984] ? wait_for_completion+0x870/0x870 [ 1368.066564] ? __lock_is_held+0xb5/0x140 [ 1368.070624] ? __sb_end_write+0xac/0xe0 [ 1368.074592] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1368.080122] ? fput+0x130/0x1a0 [ 1368.083397] ? ksys_write+0x1a6/0x250 [ 1368.087186] ? __do_page_fault+0x441/0xe40 [ 1368.091413] ? __ia32_sys_read+0xb0/0xb0 [ 1368.095468] __ia32_sys_sendto+0xdf/0x1a0 [ 1368.099610] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1368.104640] do_fast_syscall_32+0x345/0xf9b [ 1368.108955] ? do_int80_syscall_32+0x880/0x880 [ 1368.113530] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1368.118375] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1368.123904] ? syscall_return_slowpath+0x30f/0x5c0 [ 1368.128846] ? sysret32_from_system_call+0x5/0x46 [ 1368.133693] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1368.138535] entry_SYSENTER_compat+0x70/0x7f 2018/06/01 03:15:54 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000fbffffff"], 0x60}, 0x1}, 0x0) [ 1368.142936] RIP: 0023:0xf7f63cb9 [ 1368.146338] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1368.154040] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1368.161393] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1368.168657] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1368.175915] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1368.183180] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) capset(&(0x7f00001e8ff8)={0x19980330}, &(0x7f0000032fe8)) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000140)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000700000004000000a0040000600100007802000060010000b8030000b8030000b803000004000000", @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="ac1414aaac1414bb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000000000000000000000000000000626f6e645f736c6176655f3100000000726f736530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0006001000000000000000000000000000000000000000000000000000070004e464c4f4700000000000000000000000000000000000000000000000000000000000000000000000000042fd94c273aba5e601573e4fce4f3d5d3bba611e0b9a970cfab8d1c707e6fd027e816385272bd971bd1a65457a259a07f504d250bde6449521d29bc6cb317e5000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f000180100000000000000000000000000000000000000000000000000002800434c415353494659000000000000000000000000000000000000000000000000000000000000e00000010000000000000000ffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006772653000000000000000000000000076657468315f746f5f626f6e6400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000000000"], 0x4f0) 2018/06/01 03:15:54 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x200000088) recvmmsg(r0, &(0x7f0000003ac0)=[{{&(0x7f0000003900)=@un=@abs, 0x80, &(0x7f0000003a40), 0x0, &(0x7f0000003a80)=""/37, 0x25}}], 0x1, 0x0, &(0x7f0000003bc0)) r1 = dup2(r0, r0) ioctl$sock_netrom_SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000000080)) bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c) r2 = socket$inet6(0xa, 0x8000000000000802, 0x88) sendmsg$inet_sctp(r2, &(0x7f0000a29000)={&(0x7f00005dafe4)=@in6={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c, &(0x7f0000fc8000)}, 0x0) ioctl$KDMKTONE(r1, 0x4b30, 0x5) 2018/06/01 03:15:54 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:55 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:55 executing program 6: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f000001cff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) shutdown(r0, 0x1) sendmsg$rds(r0, &(0x7f000000dfc8)={&(0x7f0000014000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10, &(0x7f0000004000), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000b66f1e30b6d08a140100000300000000000000a107b05a2681bf8d78", @ANYPTR64=&(0x7f0000019000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='.\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f000001efff)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="000000000000000000000000580000001401000007000000000000000000000000000000", @ANYRES16=r0, @ANYPTR64=&(0x7f0000017000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x92}, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0xffffffff80000000, 0x40) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="25030000f7", @ANYRES16=r2, @ANYBLOB="00032dbd7000fcdbdf2509000000"], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4000004) r3 = dup3(r1, r1, 0x80000) r4 = dup(r0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}}, &(0x7f0000000340)=0x84) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r4, 0x84, 0x19, &(0x7f0000000380)={r5, 0x42c}, 0x8) setsockopt$RDS_CONG_MONITOR(r3, 0x114, 0x6, &(0x7f0000000180), 0x4) 2018/06/01 03:15:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00004c6f8b)='mounts\x00') mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='mqueue\x00', 0x0, &(0x7f00000004c0)) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000001140)) eventfd(0x7) epoll_create1(0x80000) readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/4096, 0x1000) preadv(r0, &(0x7f00000023c0)=[{&(0x7f00000012c0)=""/4096, 0x1000}], 0x1, 0x0) 2018/06/01 03:15:55 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000000100)) read(r0, &(0x7f0000000800)=""/143, 0xffffffffffffff53) [ 1368.429478] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:15:56 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:56 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x20000, 0x0) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000180)=0x10000) sendmsg$nl_generic(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0xf503}, 0xc, &(0x7f0000000280)={&(0x7f0000000ac0)={0x14, 0x27, 0xffffffffffffffff, 0x0, 0x0, {0x8}}, 0x32a}, 0x1}, 0x0) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/215, 0xd7}], 0x1) 2018/06/01 03:15:56 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:56 executing program 3: r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x2, 0x0) ioctl$EVIOCSFF(r0, 0x402c4580, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x004w\x00']) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000000)=[0x0, 0xfffffffffffffffa]) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000200)=""/96) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x8) sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@ipv6_getroute={0x24, 0x1a, 0x10, 0x70bd26, 0x25dfdbfd, {0xa, 0x0, 0x80, 0x7fff, 0x0, 0x3, 0xfd, 0x8, 0x200}, [@RTA_MARK={0x8, 0x10, 0xfffffffffffffff8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004040}, 0x20008000) getsockopt$inet6_buf(r1, 0x29, 0x2d, &(0x7f0000000100)=""/217, &(0x7f0000000080)=0xd9) 2018/06/01 03:15:56 executing program 2 (fault-call:2 fault-nth:41): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:56 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x5}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:56 executing program 7: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x0, 0x0) mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x1ff) ioctl$KDGKBLED(r0, 0x40045108, &(0x7f0000000140)) 2018/06/01 03:15:56 executing program 1: r0 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) write(r0, &(0x7f00000002c0)="24ac068c1e6251fdb7ddcde0d6421454a8bc61d0f8a2f1ee3ff7ccb6611a475f1049dfd714794cc6b5fc2f57a902f786e77b3e8a809ab524c32cf836e7e954133ae5bf5dcab13d00df3110c5c37a892fbada756f2111950bf3720c6c764c24d4aeccace06bc0a09551bceaffcc6ed0dee73b7288f361c1544593428f58307fce02a07ac35b98a1a98f6784153a3c17b994ca6cc107376daa25d4aebcc8b9a2962b4323c2c7f28152be2233652c756f96cae9e3f122d88bf026def61af58a1d515e2db00766ca9abc1a89e2ac2fa1fc23b5293306c1a7ae81c48904781ca83bd20132c0b35468f4687097f4e0eb27bab0f6a3960d4466083ea8580934efb3607639d16feb88e477398474cca221185e56203a957451ddf1cba3e72a8a2f0851ef8fd4dfe342934996311c00187703a737d6189f4f1720776bf81736165ac32b9875ee5f2ee3e9006baa663dff0072af9e398024ff9a26f00edef0f66c3182cc6a3683f3106df11e5df289db5c3b8d9dc937faf346ff705185a929b2104c4c22528826b1b9836cdbfbd3d2b16fc91df5220936c262732e229a2c6f3ee620e7788cc5b594395385d94435024bf3f0a19c6f3dbb70353fd13374c569959451e03e4373ceb7a6c67c2de15e01d5e3332cf3333bf2a1b14df4136bc03767c37daa83a847c97a693b391d48159a434c8b4424eb62b978e726689fa0739bb710d79379f4dfbd92b2af6cb7c2645fd0547605b9ba508488bcbd4be7136b5f8cec8ab741a9a827b6645d0cba812a239f0c9e1939add9dbf0eafd74e3a5ad00cd3fa59306a7fbd811272fdee758de268dda6c92460da2b240005a2075a046d8128ab1db3fd34b400c4362eb24a7ebabd0cdae46d775269854ebb25edf5d55bf403c7783ecad13", 0x281) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100)={0x0, 0x0, 0x1f}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000140)={r3, 0x80000, r0}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0xc) sendmsg$nl_netfilter(r0, &(0x7f0000001c80)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x81000}, 0xc, &(0x7f0000001c40)={&(0x7f0000000580)=ANY=[@ANYBLOB="881600000d0600022abd7000fbdbdf25be0000096c01900008006100", @ANYRES32=r2, @ANYBLOB="10003000766d6e65743065746830000044ecc31f3d2e9012a6fb292f2666e31f7b19992cffef166105ada77d37dea4eb2ccacf26c6845fc12b86e6b8bf88ee4f766fb297a7ef165876e3276285b72b71dd7c657b1853f6b8496e20dc3f7388bb74d20b1cbf6722324469e047b1735da833701d788ecce45efccd25fb9a7df6b2c292dab267bd6dd32fb567c38f12a00dffea0d4bbe4003d8a4806703dd00bc25d9aed550c37b88591a756f48fd766a73d434bb2c20bd1d897e32a483a0cbfc66bced83e2637cf571e6e67bad2ba89f3944a2f544b434a29db6456099c4d2d2c5b8e3875166befff3a614cdd67b5990172e99064f5f6ccd80fdbfc74a7fa7aaf8b39546337fdd2c9e154ee9e6def7951c32b5e9e6fbc74bc549f04e9ce322968cba9ac3011f1af48116487b0a8fc0b5078746f44ff174b6e608006600", @ANYRES32=r4, @ANYBLOB="08001d00ffffffffb9b77c0809396f8845061c2763427f7a80ca5a28b9754600825e34a4dfca38ada683d96551bc561ba1c8589b95b7f0adeea073617bcf15f122710e082d79d80c4ac171d00c24605f11c1dd1c940e28fc8f53f31d00a3fd492ef4381d5bd22ee54d376ccf35f893da4f40388a43193c2f08000a007f00000104001c0080018600aa7f549f396b882131ca275c79e31749fd384f357ee38e4c652e03d3b49b3ca176dfa5e3cea82623861844a9abeaa7847401292be9c21fe132372a6372a9a0f24835b147ea3880cd2193ebca3df0fcf5ec4f4770e386ee46a9b36fd1fd4955fed0ee81b29712a6a454dc2881158e2bb81cdec23e60a43a5ca57a9c4538ca822f412f4b4dca259ff69a648627a88ca760ce0000951248cbf6037ccd4a5ec413e8dd015a87e08ae52d606086476378d446f81985f6c6339f575572c5dac5c6c46ecf7fed0151a45083fa08ab125b3f33e8672a76a5ac7b03069f03c5c538b494f5600008008200ffffffff1392d82f003ff0fd457c3be2a753870349b709793a65c2e1970e3a0f3a3941abd76b049aca0e8169ff8ba59f5c17a604d56786b682da01845949cbeaf05697feb896e8c58c5e7cd4cfc2bf5de79eef9edb2712b76e8b8387f2b3f8ef0deac3105ef23cdbc615c1b3da5d38c285d08d5068c36c4c07382e0596f1a167051731c9322a6e04d09c7ef09d3a700fde6bfc89f2048cfc875cf2323536083ae99c24c24694c9d4b55faba1ebcd1cf77e1b17b477621f43d00b1d0444d00800a6e8513184eca1df1e28ab813e3b296fefcc616ea745a3deed56d35d7cff494e0bcb8af6e32f81cc251bdd22c12158b65f8b6bc55e1a8576b4b1ac22dda3ca6f7d66cc6a18843603e6372eb8c9098f3dadb3b378e7625a78e795cf74eade26612d2d3bdd3ff5065f3cb825e1b04e4cc3116e921039de24a7bf41c5f4a41054000c006000000000000100000008007100", @ANYRES32=r0, @ANYBLOB="040000003b68e8d74da012a1caeac67a6bc4f4751ba154d33f11cf51d278c3a177b67f19bac81281fef32d0d1175acddba931d96a7e0a92c32d1d60930cc49a1d6f3966c29bd18ed6a6a5e245be90e897abf8dd5421a5eff76d7d3e41cff47847205d40353c954280bab23ad07e9dd3a93d170a2b4c9cb7d4dfbd644ad5520c2bf7f644a6aadff172d8b6b5b7163506cb72d7a6c3bf02bdde9b1f1b13971559cd10451b6e0dfa0b0119ebcfaad6bcd0f1e7c5517727978e6b7e2487a383a1ff7e5e6d274896c6ec5a6207c05e83329e74f5111884a2326069ade6f8175c2bcd00cbdb1834483434f07475408540678e98a3d49512668158dde4acbbe8c4196bae4d6387b9523a21e11be7811ea969c9d6e8943e1ace26cbd3ed357957ccc6f20c337afe5ccb3a00d6928d65baf4f4d9263361366b7aa67eea810ab9c9994fc9f91b2832b816bf0071f6fad9c1ff17f23fe0eb51b3db60d81b0d6b6665d8aefa47b1c2693ed73e39029e4dba3809aefe5bfe214b26f5053472cedd3d53a0371392dc606a6aaeeb368a10f416b0d810a806e616b3166612b1b2ee203ce7ab4345c8abb714a743c96132e1a35dd52188f7d4853428ce050ce6d117f45019d8b5924e37bf85461c0854471aec678fb045f3ad507a8f3cd3fccfa306c7f978a5ee7da94722e3da03f2ed69dc43756f1e4335f9b7b3b1850af9bc7860b2e8c370dcf8278c8ebfc059f5078e85732608d002c74e0460365b77262982570fb3037cb47ebe9319bb273bc1c4be2e692985a700a23ccf6e12f9608281032713decd7535d4ff90e09f478fbd1a83f2c372a51bc6a98c8d20e6422c810abe6664ac2cfbdd464c783a3f184268e5a21c378815023045a6970914234414623a2f935ae1c433c669c3efbcf7b82d2523a5afbe44ae7e12bcd4a5cad86541be63a771971375723e07304ce94ef7f4f96868d065eb7883eae1b1891b365d23b0dea01fe52dc9a9d01831d5696563578da18352d4ceb7bc5ecf5531dac1e2d3ed23f48f273cd1bc71fba3a5212a0cc56fa859cc7f0fadbcb9f080ede6a2ecb1d17888e7570c746800464ec321bf7f160ac664206dbf7041cedffcde05d767e85075b30d16b9aacf8115bb2ba8cd2253809b8a176e36460b3963dfbbae5d599c2b7295167085a174117e17e7a26b2d9573057877a91f2503ce88d4260305d8e88b0f30beac46ce7764e6e014da387c4e6216a5e7735586c5a43ee0b644fd3f1e3cc2e7958f54ec044c89219555ef6d54eb04b7955e5fd69d69f9dafa5b37ae3707a62e6f79479478672dd5076dd19775c3a55e7143863b67a22ef29200c4bfd00006d3cf363e8a72db9ca42ab7f27496365f1c6a57fedcc7f5ce397cfc6e6aa7ca5c8eb0a67505db4f3b2fbfac89bd295dfe280b300f5d89b3581256cb974cce885dc896b42a52e38555b795953a7c4df4b32be6cc88956c4c957a679126cc65e712cab44a46650290068f822411efbc2f6b621a9cc70fae7ce1903a587cc9f1f6975373901414b3b48096c385b250470607b61a859ec8e76dc931c96cad54ea1dd3c8613b19ec2d3b5b0783f65cfad077107256b78c4985b579472660416ea5c0b92658faf01a057437489bdd70bf03cc6b2c011b36558e410bf7348eb661ee5812288662c395ab8cfada6a41eae4c8bb0a79a114850e3df4f44ecb498a5292242a0a0a9e4f6381b42a6921aa532d95822c3e5be4487ed0197295b84e0c16e6c065e2774c1c329331b9bde674b48b8fcb7ffc4d0554e3188813d0fa9811cb6b9cf57fcf2ea5819b90f3a4fba5b39c3626e12e3e823cae4dc546eec2dbf25e3d2ca4d31104962275847e6ae3cd047e4a076a659f8301f2c3d1e5486a5406e5cce013fa99576e8371aa2086b1646542399a5053d2833dc0ceb4357e7d66627421cf8eff0d1709f6d92dbc8c5388ebb35fa072042610bb6bbafd38290d6b5e455b563a2d8900624bda9b70a4fff392a4ef314ad0848f30fb437943e2f6f9371cea766181ac86ccaa670c68f3999fbc5bd4f3d089c1a587d764346120dd701ad37fc7ebb925e7d2fc7324d5092903c5c8c4b8da018d60250507b094e0ae1ee9616a6869b1cda0c04ccb693b07fba7ab5101fb87fb40d712a9ac8d1cb4092e12eb9335f9df6584a9cd5a466d2b4ecc2f878f10eb76c3555a1d33ba8385b5c065939c3d0ab0547d0caf89da796196c55088948c490f2b0fd16e2833bdfb675237ac48a6962b1c0488dd31ff01a4f4e4013043cb182f2aa8b4f846c9bc874258a133da8762e717fce62146246bdb13a7d2b068e4eb65bb85bc66436ea8142d8a4541aa726b364e6c75bdfbb18cba4d1f4b1a64b6b854ba500000c8cc2bab0d7cbd849b7694ce6098a3f4bfd4000778b9497e22e22c7c073b4fa418203e226036e49669b8cc31b4db81b502bf3bf5173a6afb4a904a3270a23158b1ec7bfb797a626b898def230c7d7a2a893f0930be2edded2dc5847add04065e9dd7507f96b20999b914141e5e046cce3697678705e402dba69dbf9ae3ea92d7c24e852864c92ec1bbb92af61512b8dbd16e13b53008ee0b25c87b66949cfbecb8fc7031bfa2dc3758fa7eb05b474274afe1f1a4601bddc777b892d32070f7a15555dffc3d06bf7ccd494ad74dd02a40893a6eb83d05e4e75abba5a169449b23f68d033ea706060fed1db7fc7a51b821eac1c99be122089f5904d80ab9406f499fd109e70e540517fa88a151ac18d371baf952ed1f62cee72efbda6741ae6972a8e5427d7ddb2d6b3db1d12983013218d1c4bc81bb4bfa4446ebbcf24260374ca23ad83950757fb65174bdd342d2fe1be422816bef0c1f51acd45e73a24d78cd93dd21f039f54bb8538f4730f1a9ae7d5af6cafa0f430dee9d899dd5b3e5ebd0f297c844f720b782a38256d582b6e7160c9747be3c3a91e38a85cab8564a27b09c664ec1c4197a48638f7a490764e9b755f4047bd96af3de22d0f5bf977de0ff01bca60ac28307610d61980867da4e41e7c2711eb86c9e4e9db8b00e2ca7fd5dfb1cc0147892a98114656c0a1e75e4250e6ffea9f3f78e9a9c262ce30c5bcfd065a8bd20ee18de4135ff2ff40f421d91389175fedb0f9458d302a7dbfa51111a4b67709545c096997e91d2e25437cfbf9704c05615509b965029279cbf3f77858779e8ea1c009d94b6a2120b6ec82e330e3ef52558ab8fe47d19d9682342e3c6d81fdd8ed8ac90aad83192cf1c5632289193d49ab973637eaa7ffb4e6c415dc6ad99292b20f3e977a759bb52b1459afe803e8cdf7f622c0212edc4c777c40f98f27892c1289e962b6179b8c725d074a0ff95a70cf0a206980df80a574d1dc3878eb673ab3dd304ace246ef43c3f44c27966933abeed56eae0ebd0c7bf30aa200907cfae5d7e73e59f7b8bed520e583cebc1ec1f02d669dcf499fcc00970a62ad218e91ae4cc03ed7851ad6782a5ec06fc2575d2d4cbbe055f9d8c2506506e372f7088db2f59a8c51921de9f5ac14919a54ba2fadab2aa7f14514334c36ff5bc64caa43675c1b6078a40815a1fe776162474115ca1c149ff6a99ebccb5bce11ce140815f3896db38a6d2e6b758106c49eb02b0cecf19793cfa6b298e47d75c8eb1dd4115275d6eea1208ba98e5fae6a2f9b6a2ad4772b382053545c0dc2f8824d396877ed54ff287d86c0b1179a75dff3bb83d481cd37f032ffcfed6b04ae9e087e2195d0f23c6a5a275528fbf0fb8b2e7e49a072fe3bc19236802ca339afd54ebf5eae2adca668123055829f32da10be97e82b271069cab8efb261151f48a61034fad0961997af015ec3d8d37580c1b8a125fa6b0940ae61b87aca6de61b4dc22c68521fb0542cedb791d13a2aa348db457827462f93d91a1a422c16ada9629cb714cea84044abcc56b12e41c21b145a263b54376eeab5fc9ed0fb11fdbe57c70b0471f3e2fa55d5f5d982bc0d696f4a5f99f6f1031db6869d14fa55d69221000620c042ad8831025189a4fd1c3d355fffde3a26a3117d3eca582868cdc723e1a9744436e514cffed2656fbad5f12b807c2e8dc088d4d3a5875038e46a7e3cb8138912bd2e6de2c874929ef9b146d72fac52bc4f5455bb04da22a3954d4eb228b7a774c176d7b368fbe1e2ddf8d49e557d4c3e2d9cf8b88af0051d0a53426313273aa953c5b6853c22987996e583e9a5a5ebf7c138103fbcf9591b15e14908406f14d1384e0dfd90a8a7ce8e623232d43b501440f51f022b9ac40dc434dca3d958305dff2d5dedc0c2c9175d0c21682eab7914fc0ede03e55c22c1c55c24c835e8b7d99107adc23b0775492570ce2e1a1e5831ceafc3405faec839f7b2f0ec5652ed4cfc8b8f7f48a4771aa66a783c75ca35de6b6d4589762694c5dbfc7803720a33458642139a2146dffa16e02f297b22bf3e604b750b798d8f30bb78e7bf3f989212173e3c6f40c3e2d5b9eb2f1cecd310760454b22d898b1d870c7f7a21e503cda532264306eb9083a0f343a77e4d82d28bebfcbf0806cd47ffa5d67b21c7cde529831cb5664f4bb11ca77023462ea70bbc768bc5f9850c0ff38e35739c67c74bbcfa0da26a571222551c017c67869a0f97df640fa02410d54b083e3770f222e98ae0f75d2142712d5340ae558b4bb173677e68f806cd7333ee3695a241ad297c1f2e83bdef62a924f637461ded696be322e2e1a60f7ab5d1e33f40be904a826077e212dca107e17ff264ab0bdc31de7a337c805499899ad09db84fdd04e39a88de1eb01901e02744d697f700d229ad5e7ab470f81038f241f1e7d537e6347fa4b3115aa14af143104b4e24e8221ed98f931524e4c2fc65ce38ac4c1c3f131da363139c85c48f03200aa349a4da21c33de458439381c133b8fc7eca678927c1d71960f0bcadda6c2d02c5a7020b9df65bb5a267f05afd9f74a57725bceb59b7b9b8dad47e9e6e279b09b4c50ca348ba838b115fb8a74479b5c7926ac3a52f3e1ed10eb71768ac1603b333dcdc9cee3e510727d9afd821479e37b6831168b2866ad73d24fe343965fccac3ba8f47f789214d573eb36ae8bbc44ad7805e6e5c8e4d1b60f0df36b812846055618382cbaaa6a16cf124f83bcbff4427414ee524722c7950ca7e256c52b22d99e9b7fbb06caf84dcecc40e5e02f90a32bcbf46bae186ff7252333327ae3b7772b60352049ca16362e49b00f9b97d080e3f114e84fc168c1e94943d77737074a3147881f948ec1ed069260beb13d8fc071b4d16e46518c4367bedb4d8a13ddfdcade3e2bbd7003764e60c262b699cd88bad564194300862e3eec7312ed0753e90a64299be7a2dce1d9d01f8197bae97892ef6f1a7066fb5b154569447d82aa90b39d9112801ba0addbdbf2e25f405b989befea45ac367e423dd4fef23e26445b7d9d9300fbe32d152f31e733049598b004746e71f33361b4af9a91a7d1b10d05c53e7e5085c161c7f7090f3578d6d8c9e9cd275b5a53587a8ca226779692f4fe27cdc9aa6a7d99ae258c13ba8a040e8b33c2b55152c7bce188adc26b782f9205050aa28b29e0479d11861adf8f9917ab821465dd4650483763f85a2f279bbe1a30a1b431d0f2f831c733e2dd8480138c470296c2c8226facee97b06333ffa60e307fd66c432dfcd352e8c16a71aa325b504842852508a219206210d794ba4db0d63df751b23c32d87d8b1b396ed19118aacd555a761dd316aa351810b398651d12e0918c4d4fac80944d617d800c4a97372c2f0d30f1b2b0b8a5b998a52f6db508bba9c9aa6791a4c143837db6b64b532e7c9771da5d1917c9adb431e400cea8fa192ce476af3a0ed9432d2a33b1ff90713173d24c396d93d195b3091697b39b0b416bc5d6148a243af1790d5d2f3e58f21017f16cfd09d0a91a56b0493428422ee4669c30ccbf5b4e27bcdd0b0bebef6b6ffa9756aa04f19c07d69f6dc3bb402087b167184ab37c17ee1bde322f1ff3fb539840005600c6bd9c8cc1703e792f7d9092c4a2d2da25ea8485b32422f6861a3c4e29215dbc86688b503b3ed008007400", @ANYRES32=r1, @ANYBLOB="04007f0008005700ac14140b00d992133f709aec905d0a14757557ed7d346700107b086f3272b8278b6dd5edc93196d090355571df3d71881ae0e73ad059784bab7d9aaf84962cc3d470e818601587fabb197e8c5ceebeded14312108dd120ad272b50f211f04ca50681f84841bfad03ab137c636135d58bfac33f53d53d2d219de53dd43fb207b5bea29a3562451b4bca5e672cff35c1a2498a3c752cd0c28e60ba3a6a72e0a0883beb169b73e02bf3ba702b13a9e21a06fff9c95d79ed46ae92eb6414ac16338d74dd18106349a2f9eb3b9af5c025caa8dc7db01365cd5035a81165aad665d4a47121b0000100a4000a00e713840262c6f6f5b60d58e4fa71596d27c9f4528956a8519205daade5fb00da0c97c2b95b5db8fb7df61f4d886321539c2980238e6482be882afb0a145bac6fc44271551c56703b5e58a4702281c48d4e47e9b43fa465fc36670c961c471d96fe98a685f50b015042023f81d953e0c4f5227ea65561b04aa3b0d3636f462fec67ebdeeb8bd74df1bbeb47188a3ab5afea8970960784679cb46247bbca86000008008d000900000000"], 0x1688}, 0x1, 0x0, 0x0, 0x10}, 0x80) fgetxattr(r2, &(0x7f0000000040)=@known='system.posix_acl_default\x00', &(0x7f0000000080)=""/1, 0x1) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0xc) [ 1369.436619] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1369.455200] FAULT_INJECTION: forcing a failure. [ 1369.455200] name failslab, interval 1, probability 0, space 0, times 0 [ 1369.466712] CPU: 0 PID: 22259 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1369.474086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1369.483451] Call Trace: 2018/06/01 03:15:56 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000356000)=0x1, 0x4) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x13d) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000080)={0x6, 0x43, 0x8000, 0x200, 0x8, 0x8, 0x1, 0xa1e, 0x0}, &(0x7f00000000c0)=0x20) ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f00000002c0)) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000100)={r2, 0x5}, 0x8) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000140)=0x8000, 0x4) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000280)=0x7, 0x4) sendto$inet6(r1, &(0x7f0000000180)="00346a776d7ffdc9e94177e30465939818083ab6b4eb893f09ac43284ce60f47af37feb835203917b43c6254fa420c5162433a0d84abc116a28bf729f536d53172121e0a50ec6d42934b43cd207389f774407a5fd04114efd08b84b67504214d21fe0e84764db5cb8d366c2e80587ed1cf2c5fa85324ca5dd470a310d5ed5abdc1fbab084295f5cc19768299c3e4ab24b614a3a95e5493a4965ea5b5d0c1128e095c909745761ee52dd8b86e596e16ef80ce851a958002ddefef673273a452653dc0fbab46fa697c7a5ef0739a9d58cfe329162f758442b4bddf1bd666eea1e816fe", 0xe2, 0x200408d4, &(0x7f000072e000)={0xa, 0x0, 0x3, @dev={0xfe, 0x80, [], 0xf}}, 0x1c) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000040)=[{0xf, 0x5}, {0x2, 0x17}, {0x2, 0x100}, {0xf}, {0x2, 0x8001}, {0x4}], 0x6) [ 1369.486064] dump_stack+0x1b9/0x294 [ 1369.489725] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1369.494958] ? unwind_get_return_address+0x61/0xa0 [ 1369.499910] ? __save_stack_trace+0x7e/0xd0 [ 1369.504260] should_fail.cold.4+0xa/0x1a [ 1369.508347] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1369.513474] ? save_stack+0xa9/0xd0 [ 1369.517121] ? save_stack+0x43/0xd0 [ 1369.520764] ? kasan_kmalloc+0xc4/0xe0 [ 1369.524665] ? __kmalloc_node_track_caller+0x47/0x70 [ 1369.529790] ? __alloc_skb+0x14d/0x780 2018/06/01 03:15:56 executing program 7: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) write$binfmt_elf32(r0, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x6, 0x3, 0x2, 0x9, 0x3, 0x3f, 0x9, 0x22, 0x38, 0x2b2, 0x5, 0x9, 0x20, 0x1, 0x3f, 0x9, 0x7fffffff}, [{0x3, 0x4, 0x7ff, 0x100000001, 0x2, 0x1, 0x9, 0x7}], "a425c8ca6a7ecf6996ced182cc09d080c5936047185cdd3b037e5617b55ede4165b8a849682363e5e0c9394a86cdf28b827f4b30233e78bf455a93c3323ffd16b9fa178a94eb8673ba564526b63f2e64cb3017af5ada917564", [[], [], [], [], [], [], []]}, 0x7b1) r1 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") ioctl$fiemap(r1, 0x40046602, &(0x7f0000000180)=ANY=[@ANYBLOB="0108000000440fe6580000008000000000fcb2c90b674933240ddd91e3953a47c9051f78d8cb68bb000000000000bbaa8e060aad0603f269ab98b8af5c4b459d139f407c789cd347da8226b9de044f7ae9ffce159e45b793484032179d160c671c647698dbe76aee6522be34287246ac4bd5effa07cc00000000000000000000000000000000"]) [ 1369.533692] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1369.538901] ? ip_make_skb+0x2be/0x350 [ 1369.542816] ? udp_sendmsg+0x24ec/0x35e0 [ 1369.546893] ? inet_sendmsg+0x19f/0x690 [ 1369.550920] ? sock_sendmsg+0xd5/0x120 [ 1369.554817] ? __sys_sendto+0x3d7/0x670 [ 1369.558803] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1369.563152] ? do_fast_syscall_32+0x345/0xf9b [ 1369.567664] ? find_held_lock+0x36/0x1c0 [ 1369.571806] ? check_same_owner+0x320/0x320 [ 1369.576147] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1369.581710] ? rcu_note_context_switch+0x710/0x710 2018/06/01 03:15:56 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000100)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, {{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}}}, 0x108) r2 = add_key(&(0x7f0000000000)='.request_key_auth\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000080)="d99ce536111a71b7932c9934b6182805a65459b71d29b262143e0df646882fc923869649558ca86f917e6290c791993f633d428861a2bc43d830d76196eb2dfd4348233c4f2f584b6b040fc5", 0x4c, 0xfffffffffffffffe) r3 = add_key$keyring(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$instantiate(0xc, r2, &(0x7f0000000240)="9c68e9803ec871e612d787df5e9a89c59610d8575c4cc96cb1614a32128f2359088bdfdff6b29a1bdd754b78826af9dc2a50e2957d5262f1270b30bcdff49b4072b0ca01d3cbb345e69eb3891670b44cdebb19cb0e4eb4e22936916a9fa060a1f51879762bd56d570853385a74e4aae3c39982b94c17ad17af6fc91e310b068b524359da0fc255fa9bf23499100c5f767b33f20405a3ce38f67541d6829863e6bc9b9e9640e57d34bf50f4d45fe0068dbf43116f06b4e6092be422ae8fe5ee47", 0xc0, r3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x430340, 0x0) preadv(r1, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x23}], 0x1, 0x400000b6) 2018/06/01 03:15:56 executing program 7: futex(&(0x7f000000cffc), 0x4, 0xffffffff80000001, &(0x7f0000cc3ff0)={0x0, 0x989680}, &(0x7f0000000000), 0x0) [ 1369.586661] __should_failslab+0x124/0x180 [ 1369.590914] should_failslab+0x9/0x14 [ 1369.594728] kmem_cache_alloc_node+0x272/0x780 [ 1369.599335] __alloc_skb+0x111/0x780 [ 1369.603070] ? skb_scrub_packet+0x580/0x580 [ 1369.607497] ? dst_init+0x459/0x600 [ 1369.611142] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1369.616719] ? ip_generic_getfrag+0x11c/0x2d0 [ 1369.621230] ? ip_reply_glue_bits+0xc0/0xc0 [ 1369.625566] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1369.630657] ? skb_put+0x17b/0x1e0 [ 1369.634223] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1369.639263] ? ip_reply_glue_bits+0xc0/0xc0 [ 1369.643639] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1369.649469] ? xfrm_policy_lookup+0x70/0x70 [ 1369.653819] ? ipv4_mtu+0x375/0x580 [ 1369.657457] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1369.662912] ? find_held_lock+0x36/0x1c0 [ 1369.666991] ? ip_setup_cork+0x44d/0x6d0 [ 1369.671063] ip_make_skb+0x2be/0x350 [ 1369.674785] ? ip_reply_glue_bits+0xc0/0xc0 [ 1369.679117] ? ip_flush_pending_frames+0x30/0x30 2018/06/01 03:15:56 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000100), 0x0) r2 = memfd_create(&(0x7f00000000c0)='cbc(twofish)\x00', 0x3) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000380)=r2, 0x4) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7be", 0x10) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f0000000300)) io_setup(0x5, &(0x7f00000002c0)=0x0) io_destroy(r3) sendto$unix(r1, &(0x7f0000000000)="6070080e0db5fb779231195f0000000087d0d2b4c1d4e100827d79d1c38b63bb29d5de38e5b712826802a818b07f333f4b481444ed3b785821065393444cfa47b0e4c61dcd965c70ead025c1468eca0a87bdd378e016ea35308982d4344f8dfc0e351ccfb99f9001ff3af47be7b966c3c2b355e1d57e55ccd4859f46a2f19c2130cfb36ef28236fce9bc4b871c38277986fb2b2369ba87b8775d40944c032940e4f5c3a55e2633234d3fdec73024e5d3", 0xb0, 0x4080, 0x0, 0x0) recvfrom$ipx(r1, &(0x7f0000000140)=""/220, 0xffffffffffffffbd, 0x0, 0x0, 0x3d1) [ 1369.683881] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1369.689433] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1369.694980] ? xfrm_lookup_route+0x64/0x1f0 [ 1369.699321] udp_sendmsg+0x24ec/0x35e0 [ 1369.703223] ? ip_reply_glue_bits+0xc0/0xc0 [ 1369.707565] ? udp4_lib_lookup2+0x340/0x340 [ 1369.711894] ? graph_lock+0x170/0x170 [ 1369.715710] ? expand_files.part.8+0x9a0/0x9a0 [ 1369.720326] ? check_same_owner+0x320/0x320 [ 1369.724676] ? lock_downgrade+0x8e0/0x8e0 [ 1369.728832] ? lock_release+0xa10/0xa10 [ 1369.732810] ? check_same_owner+0x320/0x320 [ 1369.737146] ? __check_object_size+0x95/0x5d9 [ 1369.741671] inet_sendmsg+0x19f/0x690 [ 1369.745480] ? __might_sleep+0x95/0x190 [ 1369.749462] ? ipip_gro_receive+0x100/0x100 [ 1369.753798] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1369.759355] ? security_socket_sendmsg+0x94/0xc0 [ 1369.764119] ? ipip_gro_receive+0x100/0x100 [ 1369.768481] sock_sendmsg+0xd5/0x120 [ 1369.772201] __sys_sendto+0x3d7/0x670 [ 1369.776018] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1369.780691] ? wait_for_completion+0x870/0x870 [ 1369.785278] ? __lock_is_held+0xb5/0x140 [ 1369.789354] ? __sb_end_write+0xac/0xe0 [ 1369.793341] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1369.798884] ? fput+0x130/0x1a0 [ 1369.802171] ? ksys_write+0x1a6/0x250 [ 1369.805975] ? __do_page_fault+0x441/0xe40 [ 1369.810247] ? __ia32_sys_read+0xb0/0xb0 [ 1369.814322] __ia32_sys_sendto+0xdf/0x1a0 [ 1369.818477] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1369.823523] do_fast_syscall_32+0x345/0xf9b [ 1369.827856] ? do_int80_syscall_32+0x880/0x880 [ 1369.832438] ? _raw_spin_unlock_irq+0x27/0x70 [ 1369.836944] ? finish_task_switch+0x1ca/0x840 [ 1369.841431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1369.847224] ? syscall_return_slowpath+0x30f/0x5c0 [ 1369.852154] ? sysret32_from_system_call+0x5/0x46 [ 1369.857023] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1369.861872] entry_SYSENTER_compat+0x70/0x7f [ 1369.866266] RIP: 0023:0xf7f63cb9 [ 1369.869612] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1369.877348] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1369.884703] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1369.891961] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1369.899217] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1369.906470] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:56 executing program 7: r0 = socket$inet6(0xa, 0x400000000001, 0x0) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080), &(0x7f00000000c0)=0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x22, &(0x7f0000000100)=0x3, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000003c0)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000400)={@remote={0xfe, 0x80, [0x5], 0xbb}, 0x1c, r1}) r2 = dup(r0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) eventfd(0x5) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) accept4$netrom(r2, &(0x7f00000001c0)=@full, &(0x7f0000000140)=0x48, 0x800) 2018/06/01 03:15:56 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x218}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:56 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000000000003f"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:56 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:56 executing program 3: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) vmsplice(r0, &(0x7f00000001c0), 0x0, 0x6) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') r2 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000000)=""/188, 0xffffffff00000018) mkdirat(r2, &(0x7f0000fc3ff6)='./control\x00', 0x0) close(r0) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffb) 2018/06/01 03:15:56 executing program 2 (fault-call:2 fault-nth:42): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:56 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f000016b000)={0x26, 'aead\x00', 0x0, 0x0, 'ccm_base(ctr(cast6),md4)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x5, &(0x7f0000ff8000), 0x0) dup(r0) 2018/06/01 03:15:56 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x16) socket$netlink(0x10, 0x3, 0xd) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="390000001300094700bb61e1c3e4ffff06000000020000004500000020000000190029000d0000000000280f00000007fd17e1ffff06060400", 0x39}], 0x1) [ 1370.368341] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1370.374525] FAULT_INJECTION: forcing a failure. [ 1370.374525] name failslab, interval 1, probability 0, space 0, times 0 [ 1370.387163] CPU: 0 PID: 22303 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1370.394536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1370.403903] Call Trace: [ 1370.406541] dump_stack+0x1b9/0x294 [ 1370.410219] ? dump_stack_print_info.cold.2+0x52/0x52 2018/06/01 03:15:57 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1370.415447] ? is_bpf_text_address+0xd7/0x170 [ 1370.419975] ? kernel_text_address+0x79/0xf0 [ 1370.424430] ? __unwind_start+0x166/0x330 [ 1370.428598] should_fail.cold.4+0xa/0x1a [ 1370.432675] ? __save_stack_trace+0x7e/0xd0 [ 1370.437010] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1370.442138] ? save_stack+0xa9/0xd0 [ 1370.445815] ? save_stack+0x43/0xd0 [ 1370.449484] ? kasan_kmalloc+0xc4/0xe0 [ 1370.453389] ? kasan_slab_alloc+0x12/0x20 [ 1370.457550] ? find_held_lock+0x36/0x1c0 [ 1370.461302] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1370.461636] ? check_same_owner+0x320/0x320 [ 1370.461660] ? rcu_note_context_switch+0x710/0x710 [ 1370.478443] __should_failslab+0x124/0x180 [ 1370.482696] should_failslab+0x9/0x14 [ 1370.486511] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1370.491639] __kmalloc_node_track_caller+0x33/0x70 [ 1370.496588] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1370.501360] __alloc_skb+0x14d/0x780 [ 1370.505086] ? skb_scrub_packet+0x580/0x580 [ 1370.509426] ? dst_init+0x459/0x600 [ 1370.513067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 2018/06/01 03:15:57 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1370.518616] ? ip_generic_getfrag+0x11c/0x2d0 [ 1370.523126] ? ip_reply_glue_bits+0xc0/0xc0 [ 1370.527461] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1370.532485] ? skb_put+0x17b/0x1e0 [ 1370.536040] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1370.541075] ? ip_reply_glue_bits+0xc0/0xc0 [ 1370.545419] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1370.551238] ? xfrm_policy_lookup+0x70/0x70 [ 1370.555573] ? ipv4_mtu+0x375/0x580 [ 1370.558850] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:15:57 executing program 1: futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x0) ppoll(&(0x7f0000013000)=[{r0}], 0x1, &(0x7f0000001000)={0x77359400}, &(0x7f000000d000), 0x8) read$eventfd(r0, &(0x7f00000000c0), 0x8) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) read$eventfd(r0, &(0x7f0000000000), 0x8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x25) [ 1370.559216] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1370.559231] ? find_held_lock+0x36/0x1c0 [ 1370.559260] ? ip_setup_cork+0x44d/0x6d0 [ 1370.559277] ip_make_skb+0x2be/0x350 [ 1370.559295] ? ip_reply_glue_bits+0xc0/0xc0 [ 1370.559315] ? ip_flush_pending_frames+0x30/0x30 [ 1370.593041] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1370.598607] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1370.604162] ? xfrm_lookup_route+0x64/0x1f0 [ 1370.608501] udp_sendmsg+0x24ec/0x35e0 [ 1370.612406] ? ip_reply_glue_bits+0xc0/0xc0 2018/06/01 03:15:57 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1370.616743] ? udp4_lib_lookup2+0x340/0x340 [ 1370.621077] ? graph_lock+0x170/0x170 [ 1370.624897] ? expand_files.part.8+0x9a0/0x9a0 [ 1370.629506] ? check_same_owner+0x320/0x320 [ 1370.633854] ? lock_downgrade+0x8e0/0x8e0 [ 1370.638018] ? lock_release+0xa10/0xa10 [ 1370.642008] ? check_same_owner+0x320/0x320 [ 1370.646358] ? __check_object_size+0x95/0x5d9 [ 1370.649960] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1370.650878] inet_sendmsg+0x19f/0x690 [ 1370.650896] ? __might_sleep+0x95/0x190 2018/06/01 03:15:57 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1370.650911] ? ipip_gro_receive+0x100/0x100 [ 1370.650948] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1370.650963] ? security_socket_sendmsg+0x94/0xc0 [ 1370.650979] ? ipip_gro_receive+0x100/0x100 [ 1370.685006] sock_sendmsg+0xd5/0x120 [ 1370.688732] __sys_sendto+0x3d7/0x670 [ 1370.692549] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1370.697262] ? wait_for_completion+0x870/0x870 [ 1370.701864] ? __lock_is_held+0xb5/0x140 [ 1370.705951] ? __sb_end_write+0xac/0xe0 [ 1370.709946] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1370.715496] ? fput+0x130/0x1a0 2018/06/01 03:15:57 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1370.716384] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1370.718807] ? ksys_write+0x1a6/0x250 [ 1370.718826] ? __ia32_sys_read+0xb0/0xb0 [ 1370.718848] __ia32_sys_sendto+0xdf/0x1a0 [ 1370.718865] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1370.718884] do_fast_syscall_32+0x345/0xf9b [ 1370.718903] ? do_int80_syscall_32+0x880/0x880 [ 1370.718940] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1370.757063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1370.762669] ? syscall_return_slowpath+0x30f/0x5c0 2018/06/01 03:15:57 executing program 2 (fault-call:2 fault-nth:43): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1370.767647] ? sysret32_from_system_call+0x5/0x46 [ 1370.772519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1370.777407] entry_SYSENTER_compat+0x70/0x7f [ 1370.778775] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1370.781834] RIP: 0023:0xf7f63cb9 [ 1370.781842] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1370.781858] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1370.781867] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 2018/06/01 03:15:57 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000020"], 0x60}, 0x1}, 0x0) [ 1370.781876] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1370.781885] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1370.781893] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1370.867204] FAULT_INJECTION: forcing a failure. [ 1370.867204] name failslab, interval 1, probability 0, space 0, times 0 [ 1370.878608] CPU: 0 PID: 22341 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1370.885988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1370.895365] Call Trace: [ 1370.897979] dump_stack+0x1b9/0x294 [ 1370.901631] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1370.906868] ? unwind_get_return_address+0x61/0xa0 [ 1370.911836] ? __save_stack_trace+0x7e/0xd0 [ 1370.916183] should_fail.cold.4+0xa/0x1a [ 1370.920360] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1370.925484] ? save_stack+0xa9/0xd0 [ 1370.929134] ? save_stack+0x43/0xd0 [ 1370.932783] ? kasan_kmalloc+0xc4/0xe0 [ 1370.936685] ? __kmalloc_node_track_caller+0x47/0x70 [ 1370.941801] ? __alloc_skb+0x14d/0x780 [ 1370.945700] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1370.950906] ? ip_make_skb+0x2be/0x350 [ 1370.954797] ? udp_sendmsg+0x24ec/0x35e0 [ 1370.958870] ? inet_sendmsg+0x19f/0x690 [ 1370.963471] ? sock_sendmsg+0xd5/0x120 [ 1370.967420] ? __sys_sendto+0x3d7/0x670 [ 1370.971395] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1370.975718] ? do_fast_syscall_32+0x345/0xf9b [ 1370.980208] ? find_held_lock+0x36/0x1c0 [ 1370.984283] ? check_same_owner+0x320/0x320 [ 1370.988613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1370.994156] ? rcu_note_context_switch+0x710/0x710 [ 1370.999390] __should_failslab+0x124/0x180 [ 1371.003636] should_failslab+0x9/0x14 [ 1371.007439] kmem_cache_alloc_node+0x272/0x780 [ 1371.012032] __alloc_skb+0x111/0x780 [ 1371.015770] ? skb_scrub_packet+0x580/0x580 [ 1371.020118] ? dst_init+0x459/0x600 [ 1371.023852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1371.029400] ? ip_generic_getfrag+0x11c/0x2d0 [ 1371.033913] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.038587] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1371.043616] ? skb_put+0x17b/0x1e0 [ 1371.047157] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1371.052166] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.056481] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1371.062282] ? xfrm_policy_lookup+0x70/0x70 [ 1371.066606] ? ipv4_mtu+0x375/0x580 [ 1371.070259] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1371.075716] ? find_held_lock+0x36/0x1c0 [ 1371.079795] ? ip_setup_cork+0x44d/0x6d0 [ 1371.083856] ip_make_skb+0x2be/0x350 [ 1371.087577] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.091915] ? ip_flush_pending_frames+0x30/0x30 [ 1371.096681] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1371.102233] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1371.107763] ? xfrm_lookup_route+0x64/0x1f0 [ 1371.112093] udp_sendmsg+0x24ec/0x35e0 [ 1371.116007] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.120351] ? udp4_lib_lookup2+0x340/0x340 [ 1371.124697] ? graph_lock+0x170/0x170 [ 1371.128513] ? expand_files.part.8+0x9a0/0x9a0 [ 1371.133106] ? check_same_owner+0x320/0x320 [ 1371.137449] ? lock_downgrade+0x8e0/0x8e0 [ 1371.141599] ? lock_release+0xa10/0xa10 [ 1371.145567] ? check_same_owner+0x320/0x320 [ 1371.149891] ? __check_object_size+0x95/0x5d9 [ 1371.154389] inet_sendmsg+0x19f/0x690 [ 1371.158196] ? __might_sleep+0x95/0x190 [ 1371.162176] ? ipip_gro_receive+0x100/0x100 [ 1371.166520] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1371.172085] ? security_socket_sendmsg+0x94/0xc0 [ 1371.176840] ? ipip_gro_receive+0x100/0x100 [ 1371.181249] sock_sendmsg+0xd5/0x120 [ 1371.184975] __sys_sendto+0x3d7/0x670 [ 1371.188778] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1371.193455] ? wait_for_completion+0x870/0x870 [ 1371.198049] ? __lock_is_held+0xb5/0x140 [ 1371.202123] ? __sb_end_write+0xac/0xe0 [ 1371.206109] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1371.211638] ? fput+0x130/0x1a0 [ 1371.214922] ? ksys_write+0x1a6/0x250 [ 1371.218727] ? __ia32_sys_read+0xb0/0xb0 [ 1371.222784] __ia32_sys_sendto+0xdf/0x1a0 [ 1371.226936] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1371.231981] do_fast_syscall_32+0x345/0xf9b [ 1371.236331] ? do_int80_syscall_32+0x880/0x880 [ 1371.240912] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1371.245753] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1371.251313] ? syscall_return_slowpath+0x30f/0x5c0 [ 1371.256261] ? sysret32_from_system_call+0x5/0x46 [ 1371.261110] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1371.265961] entry_SYSENTER_compat+0x70/0x7f [ 1371.270359] RIP: 0023:0xf7f63cb9 [ 1371.273706] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1371.281411] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1371.288689] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1371.295968] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1371.303253] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1371.310559] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:58 executing program 2 (fault-call:2 fault-nth:44): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:58 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xffffff73) getsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040), &(0x7f0000000080)=0x4) 2018/06/01 03:15:58 executing program 7: r0 = syz_open_dev$sndpcmc(&(0x7f000000b000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0x7, &(0x7f00000000c0)="0725f3fb60114177525c03eee625c18b25c5b2f94e91787cd856ac") getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x2) 2018/06/01 03:15:58 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x401, 0x0) readv(r0, &(0x7f00000011c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1) 2018/06/01 03:15:58 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:58 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = memfd_create(&(0x7f0000000080)='wlan0self]vboxnet0md5sum{\x00', 0x2) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f00000000c0)={0x0, 0x8d, "83e90c80b33887f0767e20decd12e21f16ec2ff8cadf670fa90984f073d42760f843f199c20854f75ba268e8b944c963200ab75fda14dd2d8fb952e24cdb32ad6db7b2bc03a1b8d3fe6b4cc8d5e4e6a019a9e261749d006eb51bb82c5ee4d23ed2ffbae0aaa82b71b401fcc676eaa569914b2dcf4464b80bf184c79dc762a80d9a1d35350b9517f4b4381e262d"}, &(0x7f0000000280)=0x95) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={r2, 0x6f, 0x6, 0x1, 0x100000001, 0x8}, 0x14) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000300)={{0x1000, 0x110000, 0x0, 0x6, 0x0, 0x12, 0x7, 0x73, 0x9, 0x10000, 0xffffffffffff9919, 0x61}, {0x10000, 0x6000, 0x0, 0x7ff, 0xffff, 0x1, 0xea76, 0x8, 0xfffffffffffeffff, 0x800, 0x20, 0x7fffffff}, {0x1000, 0x100000, 0xf, 0x75c, 0x3ff, 0x400, 0x7, 0xae6, 0x3, 0xdd12, 0x1, 0x1}, {0x3000, 0x15000, 0xb, 0x1, 0x5, 0x7, 0x80000000, 0x2, 0x6, 0x1ff, 0x4, 0xffffffffffffff44}, {0x5000, 0xf000, 0xa, 0x0, 0xe9b, 0x8000, 0xf58, 0x7fd, 0x80000000, 0xfffffffffffffffc, 0x752, 0x74}, {0x2, 0x0, 0x9, 0x100000001, 0xffffffffffffffff, 0xffffffffffff8001, 0x1, 0x5, 0x2, 0x7fffffff, 0x0, 0x20}, {0x2000, 0x3002, 0x10, 0x4, 0x859, 0x401, 0x5fd0, 0x3ff, 0x2e9b, 0x8, 0x50, 0x20}, {0x14001, 0xd000, 0xb, 0x3f, 0x0, 0x2, 0xffff, 0xffff, 0x2, 0x9, 0xffffffffffff63d5, 0x6}, {0x7000, 0x5000}, {0x0, 0x10000}, 0x9, 0x0, 0xd001, 0x20, 0x8, 0x400, 0x1, [0x5, 0x0, 0x1, 0x9]}) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000440)={r2, 0x1000000, 0x8c, 0x401, 0x7, 0xeae}, 0x14) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000180)={0x10, 0x40030000000000}, 0xc, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000002e0019010000000000002000030000000800000004000800ac0639ba9fc43f19cfd9bc1580993cc106f38736b4a1c2360e4b1ceb36008547e4eff69bbf7c58e4930f76713260b4d8e9e8d95552cf2ffb3e9742c8a42edf481ea133ac78cc94897c9dafe8e5050e3109b0f7b99bf78a07375e22aa5ab095b05cfa72361074a26bae3e2af2ac5b8d3ca060cab06d497142f4eda73864"], 0x1c}, 0x1}, 0x0) 2018/06/01 03:15:58 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:58 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xfffffff5}, 0x1c) shutdown(r0, 0x0) [ 1371.552914] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1371.590852] FAULT_INJECTION: forcing a failure. [ 1371.590852] name failslab, interval 1, probability 0, space 0, times 0 [ 1371.602304] CPU: 0 PID: 22376 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1371.609680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1371.619220] Call Trace: [ 1371.621830] dump_stack+0x1b9/0x294 [ 1371.625512] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1371.630719] ? is_bpf_text_address+0xd7/0x170 [ 1371.635230] ? kernel_text_address+0x79/0xf0 [ 1371.639653] ? __unwind_start+0x166/0x330 [ 1371.643823] should_fail.cold.4+0xa/0x1a [ 1371.647908] ? __save_stack_trace+0x7e/0xd0 [ 1371.652260] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1371.657905] ? save_stack+0xa9/0xd0 [ 1371.661578] ? save_stack+0x43/0xd0 [ 1371.665221] ? kasan_kmalloc+0xc4/0xe0 [ 1371.672249] ? kasan_slab_alloc+0x12/0x20 [ 1371.676412] ? find_held_lock+0x36/0x1c0 [ 1371.680506] ? check_same_owner+0x320/0x320 [ 1371.684849] ? rcu_note_context_switch+0x710/0x710 [ 1371.689791] __should_failslab+0x124/0x180 [ 1371.694044] should_failslab+0x9/0x14 [ 1371.697867] kmem_cache_alloc_node_trace+0x26f/0x770 2018/06/01 03:15:58 executing program 3: r0 = socket(0x11, 0x100000803, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r2 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) r3 = syz_open_procfs(0x0, &(0x7f0000000100)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554114df45bad382d0ec01857fa07421a5de901d2da75af1f0200f5ab26d7a071ccf1cd182ffdecfb35331c5a6be1bd118f4728e9a29f8c482d9c34") ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0c0583b, &(0x7f0000000080)={0x0, &(0x7f0000000040)}) r4 = socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r3, 0x84, 0x74, &(0x7f0000000280)=""/72, &(0x7f0000000040)=0x10) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a}, 0x0, 0x0, r2) fcntl$setstatus(r4, 0x4, 0x46800) r5 = socket$inet6(0xa, 0x3, 0x3a) bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e24, 0xa7d, @remote={0xfe, 0x80, [], 0xbb}, 0x81}, 0x1c) r6 = socket$netlink(0x10, 0x3, 0xc) getsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f0000000780)=0x8, &(0x7f0000000800)=0x1) writev(r6, &(0x7f000037d000)=[{&(0x7f0000199fe1)="1f00000002031900000007000000068100ed853b09000100010100ff3ffe58", 0x1f}], 0x1) r7 = socket$netlink(0x10, 0x3, 0xc) writev(r7, &(0x7f0000fb5ff0)=[{&(0x7f0000fb4000)="1f00000003031900030007000000068100023b0509000100010100ff1ffe58", 0x1f}], 0x1) r8 = add_key(&(0x7f0000000040)='cifs.spnego\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000200)="84e93ce8a8167d890233ac3f7b00e42ab9022ae54de2311e3516cc2c5bec6161e7910d9917758fa4ba9e819dc760d534f54ab2266609d4a32b047959c0fbfc7a2674c85c2f28d7a1e4deb1b213d139c88dd89dbe6e8b8b2f96f0689007088377078eda9fc45ce79bace5570950997c5c54efb7102b9d8b56847b3936c6971cb1bc71716498d5cea7abc2556987e76afa314d07fe461a1ab62070c00c1d023b067a38c92e3f4d82f51fd7de", 0xab, 0xfffffffffffffffd) r9 = add_key(&(0x7f0000000440)="72ff7dd8b6e59d481cede50c1cfd0100007063559325ec3e15d038d8bae7e7d5631a00", &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000480)="a128908e1c78e2d0f49d3bd96d2c5372911bcf561ade35290a9a165acd9588d87c0802be0785a483c7b14ebfed79dbf610f853a85a7a1ec6f41c21a428706a513161975bdb789da2c5321727760f8f03f00817f41fcb89546fd5d2fd28073dc09c0bd0502ff86d1dac51a608a0d662e3b518a8d6ed82aa1501750d7a840273bc33a9a8ff2682f21ad80ead90083cf028e70dde0e27530aa9d604ee83ff3eb2e4db226ceba80c14fed6c5ac97c482874a798af31744fd4cde3f838df00b85d9deb9f7babfc912efbfefab2f4921b83e0e7230f493c422894e690df06946cd1c5b330b7c9078b71a7e27520e693cc420d7c3f8ca61858422ab6ebb21ec", 0xfc, r8) sendmsg$netrom(r0, &(0x7f0000000740)={&(0x7f0000000580)=@ax25={0x3, {"bdf7272900d581"}, 0x7}, 0x10, &(0x7f0000000700)=[{&(0x7f00000005c0)="73bd9ad2204a205d832ace22e6435b2e080cbc86bc04f41f6423ab232791540c362d58cbb539c195286d73cddca72a3cdf6b0c6f2a3d13c31a", 0x39}, {&(0x7f0000000600)="3185d294e0945e9f7e7521d5c875c88ff5", 0x11}, {&(0x7f0000000640)="956a4b6b6b580f24614808e52efe36851db4d6ff64936b57e956c8b8478b89a6ba9ba5a139d7572f832c5dbb99504ff639e4ccd75d0ad0c2f07375dc0456bb74d5dc77fea6174f111aec19d2f0f335c5377859d83d57c6e3afd43188275b98000cb033e58705c9787284d871df57a9b2c8f5c9ddc4191362fd63b0dd1738ef6f712f3d37c988355255facbd36b8910bfe680d17a8cec23c8e640b97c2b2654cacca90815eda9d5e04abb1461b16a88179c364a83aed1c7dbd5ffffe17e8b2fff", 0xc0}], 0x3, 0x0, 0x0, 0x20000040}, 0x4081) keyctl$search(0xa, r8, &(0x7f0000000100)='pkcs7_test\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, r9) setsockopt$inet6_int(r5, 0x29, 0xc8, &(0x7f00000007c0), 0x4) setsockopt$inet6_MRT6_ADD_MIF(r5, 0x29, 0xca, &(0x7f0000000000)={0x9, 0x1, 0x6, 0x8, 0x9}, 0xc) setsockopt$inet6_MRT6_ADD_MFC(r5, 0x29, 0xc9, &(0x7f0000000180)={{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}}, {0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}, 0x5c) 2018/06/01 03:15:58 executing program 6: r0 = syz_open_dev$sndmidi(&(0x7f0000000380)='/dev/snd/midiC#D#\x00', 0xe440, 0x1) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000080), 0x8) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) 2018/06/01 03:15:58 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000040)=""/140, 0x25) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a45320, &(0x7f00000004c0)={{0x4000000080}, 'port0\x00', 0x3f, 0xffffffffffffffff}) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f00000002c0)=0x1) clock_settime(0x2, &(0x7f00000001c0)={0x0, 0x989680}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000280)={0x3d8cb47d95373def}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000200)) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) 2018/06/01 03:15:58 executing program 1: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x100], 0x2000}) ioctl$KVM_NMI(r1, 0xae9a) writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000015c0)="1a6d7a1cb472d71933daf8", 0xb}], 0x1) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x0) [ 1371.703001] __kmalloc_node_track_caller+0x33/0x70 [ 1371.707950] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1371.712726] __alloc_skb+0x14d/0x780 [ 1371.716458] ? skb_scrub_packet+0x580/0x580 [ 1371.720801] ? dst_init+0x459/0x600 [ 1371.724449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1371.730013] ? ip_generic_getfrag+0x11c/0x2d0 [ 1371.734529] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.738873] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1371.743903] ? skb_put+0x17b/0x1e0 [ 1371.747485] __ip_append_data.isra.47+0x21d0/0x2a30 2018/06/01 03:15:58 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1371.752524] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.756877] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1371.762692] ? xfrm_policy_lookup+0x70/0x70 [ 1371.767033] ? ipv4_mtu+0x375/0x580 [ 1371.770679] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1371.776140] ? find_held_lock+0x36/0x1c0 [ 1371.780226] ? ip_setup_cork+0x44d/0x6d0 [ 1371.784297] ip_make_skb+0x2be/0x350 [ 1371.788045] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.792378] ? ip_flush_pending_frames+0x30/0x30 [ 1371.797161] ? ip_route_output_key_hash_rcu+0x3380/0x3380 2018/06/01 03:15:58 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tun(&(0x7f0000000540)='/dev/net/tun\x00', 0x0, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x1ffc) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000300)={{0x0, 0x1, 0x0, 0x0, "ffdc897f8514ef60b2bb636bf32cbc41f837e587dc9b53cabaec3fea238140cd00a6fc1919dc9f0866b17a99"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8d1501d63370d2dca34998e642ad28d63eea31fdbfd183c784459f2346ea6f974d8999ef9aa2f7907ff2ff56bd65f90fb4a01bef623ada9e9b7e145db5d2a113", &(0x7f00000002c0)="6966623000faffffffffffffff00", 0xe, [], [0x0, 0x0, 0x0, 0x5]}) io_setup(0x5b6f, &(0x7f0000000700)=0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000180)) r3 = gettid() ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000280)=0x40) rt_tgsigqueueinfo(r3, r3, 0x800000000d, &(0x7f0000000440)={0xef1, 0x6, 0xc, 0x5}) ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f0000000480)={0x4, 0x2, 0x0, [{0x5, 0x4, 0x2, 0x8, 0x75b, 0x3, 0xf3}, {0xf1fe, 0x10001, 0x4, 0x8, 0x6, 0x2, 0x957}]}) io_submit(r2, 0x1, &(0x7f00000001c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000080)="35f95d7268855919fcfc7ffd13a75a190b70def36b2348b6dbba7affa4c48a536622cfbbc057a201e47c7e334b50f24b3bf72b0ed9666bd9096a18fb5e97ca8888f2f51e6daa856a222adb138c5d94", 0x4f}]) [ 1371.802713] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1371.808258] ? xfrm_lookup_route+0x64/0x1f0 [ 1371.812590] udp_sendmsg+0x24ec/0x35e0 [ 1371.816492] ? ip_reply_glue_bits+0xc0/0xc0 [ 1371.820835] ? udp4_lib_lookup2+0x340/0x340 [ 1371.825167] ? graph_lock+0x170/0x170 [ 1371.828983] ? expand_files.part.8+0x9a0/0x9a0 [ 1371.830176] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1371.833572] ? check_same_owner+0x320/0x320 [ 1371.833605] ? lock_downgrade+0x8e0/0x8e0 [ 1371.833621] ? lock_release+0xa10/0xa10 [ 1371.833636] ? check_same_owner+0x320/0x320 [ 1371.833651] ? __check_object_size+0x95/0x5d9 [ 1371.833669] inet_sendmsg+0x19f/0x690 [ 1371.866222] ? __might_sleep+0x95/0x190 [ 1371.870210] ? ipip_gro_receive+0x100/0x100 [ 1371.874545] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1371.880094] ? security_socket_sendmsg+0x94/0xc0 [ 1371.884851] ? ipip_gro_receive+0x100/0x100 [ 1371.889192] sock_sendmsg+0xd5/0x120 [ 1371.892901] __sys_sendto+0x3d7/0x670 [ 1371.896696] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1371.901368] ? wait_for_completion+0x870/0x870 [ 1371.905943] ? __lock_is_held+0xb5/0x140 [ 1371.910007] ? __sb_end_write+0xac/0xe0 [ 1371.913981] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1371.919507] ? fput+0x130/0x1a0 [ 1371.922776] ? ksys_write+0x1a6/0x250 [ 1371.926562] ? __do_page_fault+0x441/0xe40 [ 1371.930788] ? __ia32_sys_read+0xb0/0xb0 [ 1371.934849] __ia32_sys_sendto+0xdf/0x1a0 [ 1371.938987] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1371.944007] do_fast_syscall_32+0x345/0xf9b [ 1371.948328] ? do_int80_syscall_32+0x880/0x880 [ 1371.952914] ? _raw_spin_unlock_irq+0x27/0x70 [ 1371.957410] ? finish_task_switch+0x1ca/0x840 [ 1371.961901] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1371.967429] ? syscall_return_slowpath+0x30f/0x5c0 [ 1371.972352] ? sysret32_from_system_call+0x5/0x46 [ 1371.977190] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1371.982045] entry_SYSENTER_compat+0x70/0x7f [ 1371.986451] RIP: 0023:0xf7f63cb9 [ 1371.989809] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:15:58 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1371.997516] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1372.005684] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1372.012943] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1372.020292] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1372.027561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:58 executing program 2 (fault-call:2 fault-nth:45): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:58 executing program 6: prctl$intptr(0x21, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x200002, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000000)={'syzkaller0\x00', {0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) read(r1, &(0x7f0000000280)=""/1, 0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc)) syz_open_pts(r0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)=0x0) clock_gettime(0x7, &(0x7f0000000300)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f000006b000)={{r4, r5+30000000}, {0x0, 0x9}}, &(0x7f0000000100)) socket$bt_cmtp(0x1f, 0x3, 0x5) getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000040)={'HL\x00'}, &(0x7f0000000080)=0x1e) r6 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x4, 0xa280) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r6, 0x84, 0xc, &(0x7f0000000180), &(0x7f00000001c0)=0x4) tkill(r2, 0x1000000000016) 2018/06/01 03:15:58 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1372.161908] FAULT_INJECTION: forcing a failure. [ 1372.161908] name failslab, interval 1, probability 0, space 0, times 0 [ 1372.173307] CPU: 0 PID: 22416 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1372.180699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1372.190072] Call Trace: [ 1372.192691] dump_stack+0x1b9/0x294 [ 1372.196348] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1372.201566] ? perf_trace_lock_acquire+0xe3/0x980 [ 1372.206421] ? unwind_get_return_address+0x61/0xa0 [ 1372.211358] should_fail.cold.4+0xa/0x1a [ 1372.215427] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1372.220541] ? save_stack+0xa9/0xd0 [ 1372.224181] ? save_stack+0x43/0xd0 [ 1372.227813] ? kasan_kmalloc+0xc4/0xe0 [ 1372.231711] ? __kmalloc_node_track_caller+0x47/0x70 [ 1372.236841] ? __alloc_skb+0x14d/0x780 [ 1372.240734] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1372.245924] ? udp_sendmsg+0x24ec/0x35e0 [ 1372.250095] ? inet_sendmsg+0x19f/0x690 [ 1372.254083] ? sock_sendmsg+0xd5/0x120 [ 1372.257977] ? __sys_sendto+0x3d7/0x670 [ 1372.261973] ? do_fast_syscall_32+0x345/0xf9b [ 1372.266488] ? find_held_lock+0x36/0x1c0 [ 1372.270573] ? check_same_owner+0x320/0x320 [ 1372.274907] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1372.280445] ? rcu_note_context_switch+0x710/0x710 [ 1372.285381] __should_failslab+0x124/0x180 [ 1372.289630] should_failslab+0x9/0x14 [ 1372.293438] kmem_cache_alloc_node+0x272/0x780 [ 1372.298060] __alloc_skb+0x111/0x780 [ 1372.301800] ? skb_scrub_packet+0x580/0x580 [ 1372.306140] ? dst_init+0x459/0x600 [ 1372.309782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1372.315328] ? ip_generic_getfrag+0x11c/0x2d0 [ 1372.319855] ? ip_reply_glue_bits+0xc0/0xc0 [ 1372.324189] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1372.329203] ? skb_put+0x17b/0x1e0 [ 1372.332741] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1372.337798] ? ip_reply_glue_bits+0xc0/0xc0 [ 1372.342160] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1372.347985] ? xfrm_policy_lookup+0x70/0x70 [ 1372.352325] ? ipv4_mtu+0x375/0x580 [ 1372.355971] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1372.361433] ? find_held_lock+0x36/0x1c0 [ 1372.365515] ? ip_setup_cork+0x44d/0x6d0 [ 1372.369587] ip_make_skb+0x2be/0x350 [ 1372.373309] ? ip_reply_glue_bits+0xc0/0xc0 [ 1372.377630] ? ip_flush_pending_frames+0x30/0x30 [ 1372.382383] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1372.387927] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1372.393466] ? xfrm_lookup_route+0x64/0x1f0 [ 1372.397801] udp_sendmsg+0x24ec/0x35e0 [ 1372.401691] ? perf_trace_lock+0xd6/0x900 [ 1372.405852] ? ip_reply_glue_bits+0xc0/0xc0 [ 1372.410193] ? udp4_lib_lookup2+0x340/0x340 [ 1372.414518] ? graph_lock+0x170/0x170 [ 1372.418330] ? expand_files.part.8+0x9a0/0x9a0 [ 1372.422929] ? lock_downgrade+0x8e0/0x8e0 [ 1372.427084] ? lock_release+0xa10/0xa10 [ 1372.431074] ? __check_object_size+0x95/0x5d9 [ 1372.435578] inet_sendmsg+0x19f/0x690 [ 1372.439396] ? __might_sleep+0x95/0x190 [ 1372.443363] ? ipip_gro_receive+0x100/0x100 [ 1372.447689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1372.453237] ? security_socket_sendmsg+0x94/0xc0 [ 1372.458006] ? ipip_gro_receive+0x100/0x100 [ 1372.462351] sock_sendmsg+0xd5/0x120 [ 1372.466074] __sys_sendto+0x3d7/0x670 [ 1372.469884] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1372.474564] ? wait_for_completion+0x870/0x870 [ 1372.479173] ? __sb_end_write+0xac/0xe0 [ 1372.483173] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1372.488727] ? fput+0x130/0x1a0 [ 1372.492010] ? ksys_write+0x1a6/0x250 [ 1372.495816] ? __do_page_fault+0x441/0xe40 [ 1372.500063] ? __ia32_sys_read+0xb0/0xb0 [ 1372.504153] __ia32_sys_sendto+0xdf/0x1a0 [ 1372.508328] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1372.513349] do_fast_syscall_32+0x345/0xf9b [ 1372.517682] ? do_int80_syscall_32+0x880/0x880 [ 1372.522279] ? _raw_spin_unlock_irq+0x27/0x70 [ 1372.526774] ? finish_task_switch+0x1ca/0x840 [ 1372.531266] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1372.536806] ? syscall_return_slowpath+0x30f/0x5c0 [ 1372.541789] ? sysret32_from_system_call+0x5/0x46 [ 1372.546661] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1372.551530] entry_SYSENTER_compat+0x70/0x7f [ 1372.555964] RIP: 0023:0xf7f63cb9 [ 1372.559333] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1372.567055] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1372.574338] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1372.581618] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1372.588898] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1372.596159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:15:59 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:15:59 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:15:59 executing program 1: syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6050a09c00083c009c043973d9fe71000004003eb2a8512b25a41604a6c57537f0a77a4c842ce7ce6e0000000000000000000000f6a56d890000000000aa00000000000000"], &(0x7f0000000040)) 2018/06/01 03:15:59 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xffffffff00000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:15:59 executing program 2 (fault-call:2 fault-nth:46): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:15:59 executing program 3: r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x6, 0xf70da0d67afdc8d9) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f00000001c0)=""/209) r1 = syz_open_dev$evdev(&(0x7f0000dfdfee)='/dev/input/event#\x00', 0x0, 0x2) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f00000003c0)={0x14}, 0x14}, 0x1}, 0x0) r2 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x0, 0x0) readv(r2, &(0x7f0000001400)=[{&(0x7f0000000000)=""/46, 0x2e}], 0x1) write$evdev(r1, &(0x7f000004d000)=[{{}, 0x0, 0x10000001}, {{0x2}}], 0x30) 2018/06/01 03:15:59 executing program 6: unshare(0x44000000) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0x6, 0x8, 0x1}, 0x2c) bpf$MAP_DELETE_ELEM(0xf, &(0x7f0000000000)={r0, &(0x7f00000004c0)="652651ea86b6de75ef98e56594f94870410d65a333e8779e9cac9e5501b3a96d9e66e482e96f4155d061f59b725641972b07450c68da6ec7ce7482045d474aed4934df32e227e3af8208bac936311625f7bbd250fd2ac03afcacc26927cf5c4396dfbfb64fb1f51f38a6d76fec5b0c7b538127041873c6add93b34e03441c80000000000000000000000f39b7e81cae68173dc2fb7f6ef71505228e8ba882f7e81f8c2552ba22ffa75adff006e052e58c7bcb3b88a63990369b3a7f07fcf8b2f3d09c2ce3a6192b94270ba46924b13334c00000000713955492884d654690de60851e26ddcc9cee79cdfb9c77256eee3198da37f78c0635910a0ebf2395afa73f2db9fb8fcfce0fa2f213a791befdb85117f6d1f86ee22b5591793c7e875bf76807d405e86ba67bca20789f04015a9ac4bc00000000000"}, 0xc3) socket$alg(0x26, 0x5, 0x0) 2018/06/01 03:15:59 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000580)='/dev/loop#\x00', 0x0, 0x82) r1 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x2000000000) pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000080)="ad", 0x1}], 0x1, 0x1806) sendfile(r0, r0, &(0x7f0000000000), 0x8000) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) [ 1373.178251] FAULT_INJECTION: forcing a failure. [ 1373.178251] name failslab, interval 1, probability 0, space 0, times 0 [ 1373.189772] CPU: 0 PID: 22448 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1373.197145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1373.206513] Call Trace: [ 1373.209135] dump_stack+0x1b9/0x294 [ 1373.212824] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1373.217562] IPVS: ftp: loaded support on port[0] = 21 [ 1373.218028] ? is_bpf_text_address+0xd7/0x170 2018/06/01 03:15:59 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1373.218047] ? kernel_text_address+0x79/0xf0 [ 1373.218063] ? __unwind_start+0x166/0x330 [ 1373.218084] should_fail.cold.4+0xa/0x1a [ 1373.240379] ? __save_stack_trace+0x7e/0xd0 [ 1373.244724] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1373.249849] ? save_stack+0xa9/0xd0 [ 1373.253478] ? save_stack+0x43/0xd0 [ 1373.257097] ? kasan_kmalloc+0xc4/0xe0 [ 1373.261507] ? kasan_slab_alloc+0x12/0x20 [ 1373.265652] ? find_held_lock+0x36/0x1c0 [ 1373.269731] ? check_same_owner+0x320/0x320 [ 1373.274405] ? rcu_note_context_switch+0x710/0x710 [ 1373.279344] __should_failslab+0x124/0x180 [ 1373.283584] should_failslab+0x9/0x14 [ 1373.287376] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1373.292496] __kmalloc_node_track_caller+0x33/0x70 [ 1373.297420] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1373.302171] __alloc_skb+0x14d/0x780 [ 1373.306847] ? skb_scrub_packet+0x580/0x580 [ 1373.311166] ? dst_init+0x459/0x600 [ 1373.314799] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1373.320511] ? ip_generic_getfrag+0x11c/0x2d0 [ 1373.325023] ? ip_reply_glue_bits+0xc0/0xc0 [ 1373.329353] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1373.334360] ? skb_put+0x17b/0x1e0 [ 1373.337892] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1373.342908] ? ip_reply_glue_bits+0xc0/0xc0 [ 1373.347231] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1373.353027] ? xfrm_policy_lookup+0x70/0x70 [ 1373.357342] ? ipv4_mtu+0x375/0x580 [ 1373.360960] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1373.366407] ? find_held_lock+0x36/0x1c0 [ 1373.370470] ? ip_setup_cork+0x44d/0x6d0 [ 1373.374521] ip_make_skb+0x2be/0x350 [ 1373.378226] ? ip_reply_glue_bits+0xc0/0xc0 [ 1373.382539] ? ip_flush_pending_frames+0x30/0x30 [ 1373.387290] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1373.392827] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1373.398436] ? xfrm_lookup_route+0x64/0x1f0 [ 1373.402755] udp_sendmsg+0x24ec/0x35e0 [ 1373.406638] ? ip_reply_glue_bits+0xc0/0xc0 [ 1373.410955] ? udp4_lib_lookup2+0x340/0x340 [ 1373.415275] ? graph_lock+0x170/0x170 [ 1373.419075] ? expand_files.part.8+0x9a0/0x9a0 [ 1373.423648] ? check_same_owner+0x320/0x320 [ 1373.427987] ? lock_downgrade+0x8e0/0x8e0 [ 1373.432128] ? lock_release+0xa10/0xa10 [ 1373.436102] ? check_same_owner+0x320/0x320 [ 1373.440417] ? __check_object_size+0x95/0x5d9 [ 1373.444916] inet_sendmsg+0x19f/0x690 [ 1373.448721] ? __might_sleep+0x95/0x190 [ 1373.452701] ? ipip_gro_receive+0x100/0x100 [ 1373.457021] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1373.462571] ? security_socket_sendmsg+0x94/0xc0 [ 1373.467334] ? ipip_gro_receive+0x100/0x100 [ 1373.471660] sock_sendmsg+0xd5/0x120 [ 1373.475374] __sys_sendto+0x3d7/0x670 [ 1373.479165] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1373.483827] ? wait_for_completion+0x870/0x870 [ 1373.488411] ? __lock_is_held+0xb5/0x140 [ 1373.492482] ? __sb_end_write+0xac/0xe0 [ 1373.496450] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1373.501984] ? fput+0x130/0x1a0 [ 1373.505254] ? ksys_write+0x1a6/0x250 [ 1373.509044] ? __do_page_fault+0x441/0xe40 [ 1373.513278] ? __ia32_sys_read+0xb0/0xb0 [ 1373.517333] __ia32_sys_sendto+0xdf/0x1a0 [ 1373.521469] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1373.526480] do_fast_syscall_32+0x345/0xf9b [ 1373.530794] ? do_int80_syscall_32+0x880/0x880 [ 1373.535376] ? _raw_spin_unlock_irq+0x27/0x70 [ 1373.539862] ? finish_task_switch+0x1ca/0x840 [ 1373.544358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1373.549904] ? syscall_return_slowpath+0x30f/0x5c0 [ 1373.554846] ? sysret32_from_system_call+0x5/0x46 [ 1373.559706] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1373.564557] entry_SYSENTER_compat+0x70/0x7f [ 1373.568955] RIP: 0023:0xf7f63cb9 [ 1373.572306] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1373.580010] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1373.587280] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1373.594556] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1373.601812] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1373.609070] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:00 executing program 1: socket$packet(0x11, 0x3, 0x300) r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x6, 0x422400) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000080)={0x4, 0x6}) r1 = socket$key(0xf, 0x3, 0x2) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f00000000c0)) sendmsg$key(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)={0x2, 0xd, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x30, 0x0, 0xffffff0e, 0x0, 0x0, 0x0, 0x0, @in6=@loopback={0x0, 0x1}, @in=@remote={0xac, 0x14, 0x14, 0xbb}}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}]}, 0x80}, 0x1}, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x42400, 0x0) ioctl$BLKGETSIZE(r2, 0x1260, &(0x7f0000000140)) 2018/06/01 03:16:00 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:00 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl(r0, 0x5, &(0x7f0000000280)="539b8acb69fa650ccacc9d0426374a11b3cb69832683ce1ef21ffb3daed16f76bbc124c5997244b275aebcce988ef850d9312875e23a51c059813271f31bd91a319e4015b8baa57d4f17fc80ecabd9444f4cf5d68b1bd513d95e4f11c824aadaa813cb2fc8afde96e4970739656d22843a376c37b1fda0f41dfd4de388a365de3e7afdbcb3e20ecdae3d421bf54e8d3593c78117815a27f4233ddc020ae5506c39e9953d37d6020fd520428eae1067f3a527ab38044c9c7ef49bc52799d2722e38079265041d58cacf9e5c3f7769d564108aad966e8d0ba76220f998a0357a5d9f7620df4d") ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000000c0)={{0x2, 0x0, @loopback=0x7f000001}, {0x1, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1e}}, 0xfffffffffffffffe, {0x2, 0x0, @rand_addr}, "00000000000010000000000000000004"}) [ 1373.680480] validate_nla: 2 callbacks suppressed [ 1373.680490] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:00 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:00 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:00 executing program 1: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$sock_buf(r1, 0x1, 0x1c, &(0x7f0000000000)=""/1, &(0x7f0000000040)=0x1) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) fcntl$setpipe(r0, 0x407, 0x10001) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f0000000080)={{0xa, 0x4e22, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr=0xff}, 0xffffffffffffff81}, {0xa, 0x4e24, 0x7f, @mcast2={0xff, 0x2, [], 0x1}, 0x1}, 0x2, [0xe1a9, 0xa7a3, 0x6, 0x6, 0x2, 0x2, 0x101, 0xfffffffffffffff9]}, 0x5c) [ 1373.815342] IPVS: ftp: loaded support on port[0] = 21 2018/06/01 03:16:00 executing program 2 (fault-call:2 fault-nth:47): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:00 executing program 7: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @remote={0xac, 0x223, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14}}, @icmp=@parameter_prob={0x14, 0x0, 0x0, 0x0, 0x0, 0x0, {0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}}}}}}, &(0x7f0000000040)) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x200000, 0x0) ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f00000000c0)) [ 1373.879968] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1373.951284] FAULT_INJECTION: forcing a failure. [ 1373.951284] name failslab, interval 1, probability 0, space 0, times 0 [ 1373.962653] CPU: 0 PID: 22489 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1373.970102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1373.979464] Call Trace: [ 1373.982068] dump_stack+0x1b9/0x294 [ 1373.985723] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1373.990930] ? unwind_get_return_address+0x61/0xa0 [ 1373.995886] should_fail.cold.4+0xa/0x1a [ 1374.000663] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1374.005813] ? save_stack+0xa9/0xd0 [ 1374.009455] ? save_stack+0x43/0xd0 [ 1374.013099] ? kasan_kmalloc+0xc4/0xe0 [ 1374.017007] ? __kmalloc_node_track_caller+0x47/0x70 [ 1374.022127] ? __alloc_skb+0x14d/0x780 [ 1374.026069] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1374.031284] ? udp_sendmsg+0x24ec/0x35e0 [ 1374.035356] ? inet_sendmsg+0x19f/0x690 [ 1374.039693] ? sock_sendmsg+0xd5/0x120 [ 1374.043599] ? __sys_sendto+0x3d7/0x670 [ 1374.047594] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1374.051955] ? do_fast_syscall_32+0x345/0xf9b [ 1374.056477] ? find_held_lock+0x36/0x1c0 [ 1374.060673] ? check_same_owner+0x320/0x320 [ 1374.065012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1374.070600] ? rcu_note_context_switch+0x710/0x710 [ 1374.070627] __should_failslab+0x124/0x180 [ 1374.070662] should_failslab+0x9/0x14 [ 1374.083844] kmem_cache_alloc_node+0x272/0x780 [ 1374.088453] __alloc_skb+0x111/0x780 [ 1374.092190] ? skb_scrub_packet+0x580/0x580 [ 1374.096537] ? dst_init+0x459/0x600 [ 1374.100183] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1374.105737] ? ip_generic_getfrag+0x11c/0x2d0 [ 1374.110258] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.114605] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1374.119769] ? skb_put+0x17b/0x1e0 [ 1374.123335] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1374.128378] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.132726] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1374.138544] ? xfrm_policy_lookup+0x70/0x70 [ 1374.142885] ? ipv4_mtu+0x375/0x580 [ 1374.146538] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1374.151998] ? find_held_lock+0x36/0x1c0 [ 1374.156085] ? ip_setup_cork+0x44d/0x6d0 [ 1374.160165] ip_make_skb+0x2be/0x350 [ 1374.163899] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.168236] ? ip_flush_pending_frames+0x30/0x30 [ 1374.173015] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1374.178570] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1374.184116] ? xfrm_lookup_route+0x64/0x1f0 [ 1374.188453] udp_sendmsg+0x24ec/0x35e0 [ 1374.192350] ? perf_trace_lock+0xd6/0x900 [ 1374.196513] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.200860] ? udp4_lib_lookup2+0x340/0x340 [ 1374.205194] ? graph_lock+0x170/0x170 [ 1374.209006] ? expand_files.part.8+0x9a0/0x9a0 [ 1374.213599] ? lock_downgrade+0x8e0/0x8e0 [ 1374.217736] ? lock_release+0xa10/0xa10 [ 1374.221702] ? check_same_owner+0x320/0x320 [ 1374.226023] ? __check_object_size+0x95/0x5d9 [ 1374.230519] inet_sendmsg+0x19f/0x690 [ 1374.234317] ? __might_sleep+0x95/0x190 [ 1374.238287] ? ipip_gro_receive+0x100/0x100 [ 1374.242634] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1374.248425] ? security_socket_sendmsg+0x94/0xc0 [ 1374.253257] ? ipip_gro_receive+0x100/0x100 [ 1374.257574] sock_sendmsg+0xd5/0x120 [ 1374.261280] __sys_sendto+0x3d7/0x670 [ 1374.265081] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1374.269741] ? wait_for_completion+0x870/0x870 [ 1374.274326] ? __sb_end_write+0xac/0xe0 [ 1374.278294] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1374.283820] ? fput+0x130/0x1a0 [ 1374.287088] ? ksys_write+0x1a6/0x250 [ 1374.290879] ? __do_page_fault+0x441/0xe40 [ 1374.295111] ? __ia32_sys_read+0xb0/0xb0 [ 1374.299162] __ia32_sys_sendto+0xdf/0x1a0 [ 1374.303309] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1374.308581] do_fast_syscall_32+0x345/0xf9b [ 1374.312919] ? do_int80_syscall_32+0x880/0x880 [ 1374.317499] ? _raw_spin_unlock_irq+0x27/0x70 [ 1374.321982] ? finish_task_switch+0x1ca/0x840 [ 1374.326473] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1374.332088] ? syscall_return_slowpath+0x30f/0x5c0 [ 1374.337038] ? sysret32_from_system_call+0x5/0x46 [ 1374.341889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1374.346747] entry_SYSENTER_compat+0x70/0x7f [ 1374.351153] RIP: 0023:0xf7f63cb9 [ 1374.354506] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1374.362216] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1374.369471] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1374.376723] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1374.383987] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1374.391257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:01 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000200000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:01 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:01 executing program 1: r0 = syz_open_dev$sndmidi(&(0x7f00000001c0)='/dev/snd/midiC#D#\x00', 0x4, 0x2000) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000200)={0x0, 0xd5, "6486247eb9a0aa7dc9f32126505aa31a058ad2a8671273c81f42b85c120923dfa9e270a14d30594264b196536982016be597ab56ffca9098523356b38a1992057853289d50d828cf1022430d6e23881b1322822720e6cbd246732c488fb518f54ad08a7dd64347dcd185b7a94e6f6c60006a35b77297c0a9ea496b2ee643266935b9eb2e213405c52125a5ef8f40ad331b53619654a751a944e688aea7baa2bd42571b9a0cda09bdf98be23f6cea65af74e8e74e9738a79f768b119f60465589a4617a65643826186e6a75aa4a015c8a3613b59a2e"}, &(0x7f0000000300)=0xdd) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000340)={r1, 0xffffffffffff4815, 0x3}, 0x8) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ASHMEM_SET_PROT_MASK(r4, 0x40047705, &(0x7f0000000080)={0x400, 0x100000000}) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$int_in(r5, 0x5452, &(0x7f00000000c0)=0x7fff) ioctl$KVM_SET_CPUID(r5, 0x4008ae89, &(0x7f0000000000)) setsockopt$inet_icmp_ICMP_FILTER(r4, 0x1, 0x1, &(0x7f0000000100)={0x8}, 0x4) 2018/06/01 03:16:01 executing program 6: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x802, 0x0) syz_open_dev$tun(&(0x7f0000000300)='/dev/net/tun\x00', 0x0, 0x115001) readahead(r0, 0x5, 0x3) r1 = dup2(r0, r0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) sendmsg$can_raw(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x1d, r2}, 0x10, &(0x7f0000000480)={&(0x7f0000000400)=@canfd={{0x1, 0xda, 0xffffffffffffffff, 0x3}, 0x1a, 0x2, 0x0, 0x0, "afc6566dfcc1d34ec7f7460760fcd66c4e81afa4dd281501ff8565931ef1ede3470ff7fa1fd9928c6a3156c18e36e8215b966abf37bd9ebb18f8fc1203269cd4"}, 0x48}, 0x1, 0x0, 0x0, 0x24000000}, 0x40090) r3 = syz_open_dev$sndmidi(&(0x7f0000000200)='/dev/snd/midiC#D#\x00', 0x4, 0x27ff) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000080)={0x0, 0x880000}) r4 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffffffffffff, 0x18800) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000000c0)={0x0, 0x9, 0x3, 'queue0\x00', 0x1000}) fcntl$getflags(r0, 0x4) ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000500)={'teql0\x00', {0x2, 0x4e22, @multicast1=0xe0000001}}) setsockopt$sock_int(r3, 0x1, 0x2d, &(0x7f0000000340)=0x80, 0x4) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x300, 0x0) ioctl$BLKBSZGET(r0, 0x80041270, &(0x7f00000001c0)) ioctl$EVIOCGBITKEY(r3, 0x80404521, &(0x7f0000000240)=""/131) 2018/06/01 03:16:01 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xfe80000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:01 executing program 7: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x40, 0x0) ioctl$sock_ipx_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'rose0\x00', {0x4, 0x79, 0x7f, "4589b441f866", 0x72}}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x2, 0x7}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000280)={r1, @in6={{0xa, 0x4e20, 0x1, @ipv4={[], [0xff, 0xff]}, 0xfffffffffffffffd}}, 0x7, 0x6}, &(0x7f0000000340)=0x88) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000080)={0x1000, 0x9}) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f00000004c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000480), 0x106}}, 0x20) prctl$setfpexc(0xc, 0x3) write$rdma_cm(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="030000000100010000000000000000007a04356d2fd6c0af2dd1428c5308000000000000009400e8300000000000000000000a001ba12cf93920b32aa2ccc1c6397aaf62f63e071a0ca5d3c597c22cfaaf4323c252d73578f726412aee02b48f8334ff51f8059b27c2a0c1d00e1887d298fd2743f089fa1053f0228740d860733c17083f1c84d78e4c0db5f13f4cfd59a95d85704c7dd7d305"], 0x2d) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000380)={@dev={0xfe, 0x80, [], 0x11}, 0x3, 0x0, 0x3, 0x2, 0x9, 0x1, 0x5}, &(0x7f00000003c0)=0x20) ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000100)={0x100000001, 0x5, 0x3f, 0x1f}) 2018/06/01 03:16:01 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vhost-vsock\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)={0x1}) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000100)={0x0, r1}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)) 2018/06/01 03:16:01 executing program 2 (fault-call:2 fault-nth:48): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1374.473632] FAULT_INJECTION: forcing a failure. [ 1374.473632] name failslab, interval 1, probability 0, space 0, times 0 [ 1374.484952] CPU: 0 PID: 22512 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1374.492328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1374.501707] Call Trace: [ 1374.504305] dump_stack+0x1b9/0x294 [ 1374.507939] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1374.513133] ? perf_trace_lock_acquire+0xe3/0x980 [ 1374.517972] ? kernel_text_address+0x79/0xf0 [ 1374.522374] ? __unwind_start+0x166/0x330 [ 1374.526527] should_fail.cold.4+0xa/0x1a [ 1374.530585] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1374.535688] ? save_stack+0xa9/0xd0 [ 1374.539319] ? save_stack+0x43/0xd0 [ 1374.542940] ? kasan_slab_alloc+0x12/0x20 [ 1374.547087] ? find_held_lock+0x36/0x1c0 [ 1374.551170] ? check_same_owner+0x320/0x320 [ 1374.555493] ? rcu_note_context_switch+0x710/0x710 [ 1374.560417] __should_failslab+0x124/0x180 [ 1374.564650] should_failslab+0x9/0x14 [ 1374.568447] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1374.573565] __kmalloc_node_track_caller+0x33/0x70 [ 1374.578507] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1374.583270] __alloc_skb+0x14d/0x780 [ 1374.586990] ? skb_scrub_packet+0x580/0x580 [ 1374.591313] ? dst_init+0x459/0x600 [ 1374.594952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1374.600495] ? ip_generic_getfrag+0x11c/0x2d0 [ 1374.604986] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.609309] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1374.614329] ? skb_put+0x17b/0x1e0 [ 1374.617866] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1374.622881] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.627213] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1374.633019] ? xfrm_policy_lookup+0x70/0x70 [ 1374.637339] ? ipv4_mtu+0x375/0x580 [ 1374.640965] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1374.646415] ? find_held_lock+0x36/0x1c0 [ 1374.650476] ? ip_setup_cork+0x44d/0x6d0 [ 1374.654545] ip_make_skb+0x2be/0x350 [ 1374.658261] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.662576] ? ip_flush_pending_frames+0x30/0x30 [ 1374.667331] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1374.672875] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1374.678417] ? xfrm_lookup_route+0x64/0x1f0 [ 1374.682736] udp_sendmsg+0x24ec/0x35e0 [ 1374.686619] ? ip_reply_glue_bits+0xc0/0xc0 [ 1374.690938] ? udp4_lib_lookup2+0x340/0x340 [ 1374.695258] ? graph_lock+0x170/0x170 [ 1374.699057] ? expand_files.part.8+0x9a0/0x9a0 [ 1374.703640] ? lock_downgrade+0x8e0/0x8e0 [ 1374.707777] ? lock_release+0xa10/0xa10 [ 1374.712018] ? __check_object_size+0x95/0x5d9 [ 1374.716511] inet_sendmsg+0x19f/0x690 [ 1374.720311] ? __might_sleep+0x95/0x190 [ 1374.724282] ? ipip_gro_receive+0x100/0x100 [ 1374.728604] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1374.734130] ? security_socket_sendmsg+0x94/0xc0 [ 1374.738879] ? ipip_gro_receive+0x100/0x100 [ 1374.743201] sock_sendmsg+0xd5/0x120 [ 1374.746913] __sys_sendto+0x3d7/0x670 [ 1374.750702] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1374.755379] ? wait_for_completion+0x870/0x870 [ 1374.759952] ? __lock_is_held+0xb5/0x140 [ 1374.764017] ? __sb_end_write+0xac/0xe0 [ 1374.767991] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1374.773518] ? fput+0x130/0x1a0 [ 1374.776784] ? ksys_write+0x1a6/0x250 [ 1374.780572] ? __do_page_fault+0x441/0xe40 [ 1374.784809] ? __ia32_sys_read+0xb0/0xb0 [ 1374.788863] __ia32_sys_sendto+0xdf/0x1a0 [ 1374.793013] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1374.798039] do_fast_syscall_32+0x345/0xf9b [ 1374.802352] ? do_int80_syscall_32+0x880/0x880 [ 1374.806918] ? _raw_spin_unlock_irq+0x27/0x70 [ 1374.811399] ? finish_task_switch+0x1ca/0x840 [ 1374.815895] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1374.821432] ? syscall_return_slowpath+0x30f/0x5c0 [ 1374.826361] ? sysret32_from_system_call+0x5/0x46 [ 1374.831209] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1374.836045] entry_SYSENTER_compat+0x70/0x7f [ 1374.840519] RIP: 0023:0xf7f63cb9 [ 1374.843881] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1374.851586] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1374.858855] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1374.866124] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:01 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000003f0000"], 0x60}, 0x1}, 0x0) [ 1374.873384] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1374.880640] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1374.902114] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:01 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:01 executing program 6: r0 = syz_open_dev$sndpcmc(&(0x7f000048b000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ca9000/0x1000)=nil, 0x1000, 0x2000d, 0x2051, r0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000000)) 2018/06/01 03:16:01 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) read(r0, &(0x7f0000000000), 0x0) write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="337dfe8a3cff093c1a083593dcb13c790303e41e0e95e7aba8a02507863d2f3b973938b30127041764c5"], 0x2a) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0xe9, &(0x7f0000000080)=""/233}, &(0x7f0000000180), &(0x7f00000001c0)=""/126, 0x0, 0x0, 0x0, &(0x7f00000002c0)}) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0xfffffffffffffe8b) ioctl$SG_GET_NUM_WAITING(r0, 0x227c, &(0x7f0000000280)) 2018/06/01 03:16:01 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000007f520e1c"], 0x60}, 0x1}, 0x0) [ 1375.033846] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:01 executing program 6: r0 = socket$inet(0x2, 0x3, 0x2) openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x40040, 0x0) setsockopt$inet_int(r0, 0x0, 0x22, &(0x7f0000000080), 0xffffff92) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f0000000280), 0x0, 0x0, &(0x7f0000000300)={0x2, 0x0, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:01 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000000000f2"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:01 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:01 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/stat\x00') fstat(r0, &(0x7f0000002380)) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)={0x0, 0xb6ca}, &(0x7f00000000c0)=0x8) [ 1375.224963] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:01 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000e11ff0)=[{&(0x7f0000000140)="580000001400192340834b80040d8c560a067fffffff81004e220000000058000b4824ca945f64009400050028925aa8000000000000008000f0fffeffe809000000fff5dd00000010000100570aa8f7410400000000fcff", 0x58}], 0x1) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x64, r1, 0x402, 0x70bd28, 0x25dfdbfe, {0x7}, [@IPVS_CMD_ATTR_DAEMON={0x48, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x10000}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x100000001}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2=0xe0000002}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x40000) 2018/06/01 03:16:01 executing program 1: r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x80, &(0x7f0000000d80), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20, 0xcd2e7241e47c670b}, 0x0) 2018/06/01 03:16:01 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:02 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x91ffffff00000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:02 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:02 executing program 2 (fault-call:2 fault-nth:49): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:02 executing program 6: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth0_to_bridge\x00', &(0x7f0000000940)=@ethtool_per_queue_op={0x4b}}) r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000007e00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000007e40)=0x14, 0x0) write(r1, &(0x7f0000000040)="86b5c370d6349313a6526739b69af2c29bb37ff48495381d7cdd281a44", 0x1d) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000007e80)={@loopback={0x0, 0x1}, 0x5, r2}) 2018/06/01 03:16:02 executing program 3: r0 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x800}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"79616d300001178b00", 0x4012}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000000c0)={0x1, 0x2, [@link_local={0x1, 0x80, 0xc2}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}]}) [ 1375.557493] FAULT_INJECTION: forcing a failure. [ 1375.557493] name failslab, interval 1, probability 0, space 0, times 0 [ 1375.568845] CPU: 0 PID: 22584 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1375.576218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1375.585585] Call Trace: [ 1375.588195] dump_stack+0x1b9/0x294 [ 1375.591852] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1375.597071] ? unwind_get_return_address+0x61/0xa0 [ 1375.602019] ? __save_stack_trace+0x7e/0xd0 [ 1375.606358] should_fail.cold.4+0xa/0x1a [ 1375.610784] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1375.615905] ? save_stack+0xa9/0xd0 [ 1375.619551] ? save_stack+0x43/0xd0 [ 1375.623280] ? kasan_kmalloc+0xc4/0xe0 [ 1375.627181] ? __kmalloc_node_track_caller+0x47/0x70 [ 1375.632329] ? __alloc_skb+0x14d/0x780 [ 1375.636264] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1375.641484] ? ip_make_skb+0x2be/0x350 [ 1375.645383] ? udp_sendmsg+0x24ec/0x35e0 [ 1375.649625] ? inet_sendmsg+0x19f/0x690 [ 1375.653620] ? sock_sendmsg+0xd5/0x120 [ 1375.657554] ? __sys_sendto+0x3d7/0x670 [ 1375.661556] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1375.665896] ? do_fast_syscall_32+0x345/0xf9b [ 1375.670402] ? find_held_lock+0x36/0x1c0 [ 1375.674494] ? check_same_owner+0x320/0x320 [ 1375.678835] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1375.684428] ? rcu_note_context_switch+0x710/0x710 [ 1375.689373] __should_failslab+0x124/0x180 [ 1375.693632] should_failslab+0x9/0x14 [ 1375.697463] kmem_cache_alloc_node+0x272/0x780 [ 1375.702064] __alloc_skb+0x111/0x780 2018/06/01 03:16:02 executing program 1: r0 = socket(0x10, 0x3, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000300)='/dev/rfkill\x00', 0x0, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000ffffffff01000000000000000004000000000000ff00000000000000000000000000000004000000000000000700000000000000ff7f000000000000c73a0d33000000000100eb00000000003500000000000000"]) sendmsg$nl_route(r0, &(0x7f0000000740)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f0000000700)={&(0x7f0000000000)=ANY=[@ANYBLOB="200000001e000106000000000000000007000000e4080008486617609e9146247f15e26d706d6daa7d4282f04e57f3d55b699cd6004e836fece3096b2d43701d57af577c7820fb0a37141dddaed9973bb08b68ff9ed16df2b8e9f4a0aac1ffc04771b725e2989761f085a8fee86f3fdf3735fdfcd6daff5bf42ac1d5b1acb1cec821d96170936bd454851961fa2edf7f717cadfb22d9ff09596b5fa90b487796e9752bca039dda08d95c030dd45dfe3fb85f56f2a2eb4acd376752dd99d0eba3687428af24047b7ed7abe4bc39dd8ef1c691", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}, 0x1}, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x7ffc, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') getsockname(r1, &(0x7f00000003c0)=@ipx, &(0x7f0000000180)=0x80) sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x30, r2, 0x0, 0x70bd26, 0x25dfdbfb, {0x3}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x100000001}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0x30}, 0x1}, 0x51) [ 1375.705799] ? skb_scrub_packet+0x580/0x580 [ 1375.710141] ? dst_init+0x459/0x600 [ 1375.713790] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1375.720295] ? ip_generic_getfrag+0x11c/0x2d0 [ 1375.724801] ? ip_reply_glue_bits+0xc0/0xc0 [ 1375.729141] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1375.734170] ? skb_put+0x17b/0x1e0 [ 1375.737726] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1375.742762] ? ip_reply_glue_bits+0xc0/0xc0 [ 1375.747104] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1375.752917] ? xfrm_policy_lookup+0x70/0x70 [ 1375.757257] ? ipv4_mtu+0x375/0x580 [ 1375.760902] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1375.766363] ? find_held_lock+0x36/0x1c0 [ 1375.770455] ? ip_setup_cork+0x44d/0x6d0 [ 1375.774541] ip_make_skb+0x2be/0x350 [ 1375.778281] ? ip_reply_glue_bits+0xc0/0xc0 [ 1375.782627] ? ip_flush_pending_frames+0x30/0x30 [ 1375.787404] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1375.792963] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1375.798527] ? xfrm_lookup_route+0x64/0x1f0 [ 1375.802872] udp_sendmsg+0x24ec/0x35e0 2018/06/01 03:16:02 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-net\x00', 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$vnet(r0, &(0x7f0000000180)={0x1, {&(0x7f0000000000)=""/219, 0x84417d2a9e6e9e46, &(0x7f0000000480)=""/98}}, 0x68) r2 = dup(r1) ioctl$EVIOCSFF(r2, 0x402c4580, &(0x7f0000000100)={0x56, 0x81, 0x4, {0xce0, 0x2}, {0x1f, 0x7}, @rumble={0x4, 0x5}}) [ 1375.806783] ? ip_reply_glue_bits+0xc0/0xc0 [ 1375.811129] ? udp4_lib_lookup2+0x340/0x340 [ 1375.815470] ? graph_lock+0x170/0x170 [ 1375.819312] ? expand_files.part.8+0x9a0/0x9a0 [ 1375.823911] ? check_same_owner+0x320/0x320 [ 1375.828260] ? lock_downgrade+0x8e0/0x8e0 [ 1375.832426] ? lock_release+0xa10/0xa10 [ 1375.836418] ? check_same_owner+0x320/0x320 [ 1375.840756] ? __check_object_size+0x95/0x5d9 [ 1375.845267] inet_sendmsg+0x19f/0x690 [ 1375.849081] ? __might_sleep+0x95/0x190 [ 1375.853068] ? ipip_gro_receive+0x100/0x100 [ 1375.857416] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1375.862966] ? security_socket_sendmsg+0x94/0xc0 [ 1375.867734] ? ipip_gro_receive+0x100/0x100 [ 1375.872070] sock_sendmsg+0xd5/0x120 [ 1375.875798] __sys_sendto+0x3d7/0x670 [ 1375.879614] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1375.884297] ? wait_for_completion+0x870/0x870 [ 1375.888887] ? __lock_is_held+0xb5/0x140 [ 1375.892957] ? __sb_end_write+0xac/0xe0 [ 1375.896943] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1375.902474] ? fput+0x130/0x1a0 [ 1375.905750] ? ksys_write+0x1a6/0x250 [ 1375.909545] ? __do_page_fault+0x441/0xe40 [ 1375.913775] ? __ia32_sys_read+0xb0/0xb0 [ 1375.917836] __ia32_sys_sendto+0xdf/0x1a0 [ 1375.921978] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1375.926991] do_fast_syscall_32+0x345/0xf9b [ 1375.931311] ? do_int80_syscall_32+0x880/0x880 [ 1375.935892] ? _raw_spin_unlock_irq+0x27/0x70 [ 1375.940384] ? finish_task_switch+0x1ca/0x840 [ 1375.944874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1375.950663] ? syscall_return_slowpath+0x30f/0x5c0 [ 1375.955600] ? sysret32_from_system_call+0x5/0x46 [ 1375.960440] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1375.965277] entry_SYSENTER_compat+0x70/0x7f [ 1375.969675] RIP: 0023:0xf7f63cb9 [ 1375.973029] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1375.980743] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1375.988016] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1375.995291] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1376.003432] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1376.010699] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1376.037592] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:03 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="337dfe8a3cff093c1f79d4ed718c68c0a56a0303e41e0e95e7aba8a02507863d2f3b973938b30127041764c5"], 0x2a) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0xe9, &(0x7f0000000080)=""/233}, &(0x7f0000000180), &(0x7f00000001c0)=""/126, 0x0, 0x0, 0x0, &(0x7f00000002c0)}) r1 = open(&(0x7f0000000000)='./file0\x00', 0x105000, 0x55) ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0xfffffffffffffe8b) ioctl$SG_GET_NUM_WAITING(r0, 0x227c, &(0x7f0000000280)) 2018/06/01 03:16:03 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xfc00}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:03 executing program 1: r0 = memfd_create(&(0x7f0000000000)='security.capability\x00', 0x0) fsetxattr(r0, &(0x7f00000000c0)=@known='security.capability\x00', &(0x7f0000000180)='security.capability\x00', 0xfa560206522418f2, 0x0) fremovexattr(r0, &(0x7f00000012c0)=@known='security.capability\x00') 2018/06/01 03:16:03 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:03 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[{}, {0x8, 0x8}, {}, {}, {}], 0x2000000000000108) 2018/06/01 03:16:03 executing program 6: openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x100, 0x0) r0 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @broadcast=0xffffffff}, 0x1}}, 0x2e) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000003000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x1, 0x15}}, 0x2e) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000040)="61f0740f") 2018/06/01 03:16:03 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:03 executing program 2 (fault-call:2 fault-nth:50): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:03 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f000010aff6)='/dev/ptmx\x00', 0x0, 0x0) fsetxattr(r0, &(0x7f0000000000)=@known='security.capability\x00', &(0x7f0000000040)="000000037970652700000004000000070000204500000000", 0x18, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x100, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x58, r2, 0x202, 0x70bd27, 0x25dfdbff, {0x1}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffffffffa7e5bd0c}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5d}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}]}, 0x58}, 0x1}, 0x4000000) [ 1376.489997] FAULT_INJECTION: forcing a failure. [ 1376.489997] name failslab, interval 1, probability 0, space 0, times 0 [ 1376.501340] CPU: 0 PID: 22626 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1376.508710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1376.518070] Call Trace: [ 1376.520680] dump_stack+0x1b9/0x294 [ 1376.524327] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1376.529534] ? is_bpf_text_address+0xd7/0x170 [ 1376.534052] ? kernel_text_address+0x79/0xf0 [ 1376.538484] ? __unwind_start+0x166/0x330 [ 1376.542666] should_fail.cold.4+0xa/0x1a [ 1376.546809] ? __save_stack_trace+0x7e/0xd0 [ 1376.551162] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1376.556314] ? save_stack+0xa9/0xd0 [ 1376.560007] ? save_stack+0x43/0xd0 [ 1376.563649] ? kasan_kmalloc+0xc4/0xe0 [ 1376.567551] ? kasan_slab_alloc+0x12/0x20 [ 1376.571734] ? find_held_lock+0x36/0x1c0 [ 1376.575828] ? check_same_owner+0x320/0x320 [ 1376.580168] ? rcu_note_context_switch+0x710/0x710 [ 1376.585117] __should_failslab+0x124/0x180 2018/06/01 03:16:03 executing program 1: r0 = open(&(0x7f0000000000)='./file0\x00', 0x200000, 0x40) ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{}, {}]}) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={0x0, 0x2}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x7, 0x7f, 0x200, 0xfffffffffffffffb, 0x0, 0x80000000, 0x4d9, 0x81, r1}, 0x20) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000180)={r0, r0, 0xf, 0x2}, 0x10) timerfd_create(0x3, 0x80800) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000001c0)={r1, 0x2f}, 0x8) ioctl$SG_GET_COMMAND_Q(r0, 0x2270, &(0x7f0000000200)) ioctl$BLKALIGNOFF(r0, 0x127a, &(0x7f0000000240)) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000280)=0x9, 0x4) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f00000002c0)) ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000300)={0x22, 0x1, 0x8, 0x6}) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000340)={'erspan0\x00', 0x7ff}) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000380)={0x85, 0x9}) ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f00000003c0)) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000400)=[@in6={0xa, 0x4e22, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x92}], 0x1c) r2 = syz_open_dev$audion(&(0x7f0000000440)='/dev/audio#\x00', 0x4, 0x40) ioctl$KVM_DIRTY_TLB(r2, 0x400caeaa, &(0x7f0000000480)={0x100000000, 0x7}) getsockopt$sock_buf(r0, 0x1, 0x3f, &(0x7f00000004c0)=""/100, &(0x7f0000000540)=0x64) ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f00000005c0)={0x0, 0x0, 0xa6, &(0x7f0000000580)}) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000600)={0x3a, @loopback=0x7f000001, 0x4e23, 0x4, 'rr\x00', 0x33, 0x2, 0x72}, 0x2c) setsockopt$inet_sctp6_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000640)={0x662, 0x7fff, 0x2, 0xfffffffffffffffa}, 0x8) ioctl$TIOCEXCL(r2, 0x540c) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000680)="7140bd74762a4cddd884e5713005eeeee908b4c2e9dd906fd388ebb4e451d6c687ec1bf4983e3ec1e862fda2b6cf9753cb77fe80bf92c9558308cf1b9245558e2f112b55c0fc1e5ad5ac5c126e396e9f0f4a9e4eb9f0b28f2469646a6ef6f45d43f28047ca9a42475633eda145276c09c30fd1f91f403975a5be76377cc907f15117194257c2f3332a5a8eac691bfd4e2f9a21dcb42620d1457e66afa46fbce5c6fd1b70d6ddc09f9fa39c1224e695ba3c687449f18e8abac835ec854a9341b27ae30a3f8dfed72b712c4e530f24ba9380afda5a71bc8987973c19d104e82522d6a639d92337cc0102e7f7884f9dde1d8bc5d976506a154f83013001281b8c8c00d4fa914772c26e05f4414c8189b0f7d6def27e3e922cdddd66f9b7db11c764cd51f05935e660ca622b1eba90996cdf4f02913a3b0769e4c44c31178826205bf982b8d1236603cfef2885a08b54e7b4f9ce233d053ef0ef6d9d441241a39d2946c1277f4e335415eadcd0d035a9d7175a4c10bea05ed182dce1438e4e54ac37a0757b79d73c18f253cfff96da9b7de00901b38cef48db5151a57dd88c2c7c07e686b20930f66781c7246ad9d8f84c7b72826be6c56642b5d83842b2dd441d3c5fd64388ae4543e59f4e5892a3cbadfa9f5b483b6bf417382ac7eb956226044d94b83c87d058184b5499edcd1ac8d068873ee65f8d24ad69bce2163a54af6044c1e0d53020d010e97e2a9d6b5c09779caf873c4da18a807611120c6410c0ccb09c08ca05efda3b7ceaa31ce827afb5c286f2c2c1f1aeed6e3626148adcbe4edc298db02263024a682e0e04fb12959ff6aa98fcf6919dcdde85961e301b0b2158f5b7439a68521cc974530f75182f918732fa83115cdfa2279dd591b5220b705f037540a8fcde20bae5d983fa5de6a777ae9ff53b0ca1919cfa22eb91db302aadf1345773880ea3b0feaeb8ec11fbcb8b5285d56cf9e3858ceb2c8ed9cfcd558f6ef2ca368107ad99e9c5da88da4a4de14b31cf62c9e7bae8a31585d45cabbcff11b89ea0fe5e284292b87355b0607434e8b694f1adf1295ecabb49923cd7ae9765a2afbc3d4ec34d0d58f53b20ea6a9dad362ac6bfab8bd81e6aafe7ff9ebbf17fb9c6c94c79b5f1a360661c89ca534c6076623bc17961d3b8037421d14cd28c69bfcce5f9bdb0f0552dae6428badcd9a20203018d7851cd695e0f2d169e22a0cba4294468530cd3d3c7e3a0b9cc03f737e735812c942ffa2f6d0aea87df945fd92254b9f7bda90453bb90214e8eebc06294b07cb065c3e40617f00b207e42a1f9677018a20f7081c580c377e6c3e5237b15725db279fd114e42c1fa8faf25114c7904239f4df87069bbfdc482a7e4afdb7eb06b9552898a7a2c5328dc8681ee56c7aba79fe2d90eb8a3ab6070d98cc500c4458ee8d9af7ae7109000812d685aba9bbfc5e71572f1823594218a8853201ad189742380039b85500bd2803e27c973f1bfd80b02902a2776fd53b2ac995a4dc8f531be63b1dfb88ef5c8428d18e8049dfe3294dac4b66ca6d08fe9a1b55aca501f590aa7276dd36c68031389ff9eb9773324d19d61d0f806ca6b368d3ad22707f2cbcee9ca1de5df2cf360857d9f0001ed255b68111a9d4c55329a3ca21a519be34568e42be02a68466cdf9c6a154d13b7137efacdf1f20b1203a1bf74ed39f65d01b670eef618e4b0df82071cdadbbfafdaafce4272645db8d9292137570cd08b600341759646fa711fd0f307e8251c27ad4ab50d6f64fd26b10e84fe2f8e4b02b748307ed430a33487919b867dfa5838ce9c8c8aae28a0fca2fc4cb8bae08f07b9a86da15d1e110e64efe018c112e5080a7cd119ec615fd8e51cce1f72fb425489bfc6ea3440ad4b59ff6fabaa13eb69f390e6a644982ce4a629b7c1009e998eac24bd388f71b6390d6697391bfc790c5ca7cdf434c5c8a789ed7d26acd5e33df2d05c76803ba8eec90af27fba8beed13f4484da6d7d4cfcb5beb4d2de16623dae9ebd3bca1e116d267f6cc90cda1e81dd0218d5800ed9cc6e27bc760c185114448bd0c83650023829a1c4604092623ac655c243c1bdfb856aab86ff53c11040db6fdfc872df6f483fb9be801079608a821eac46c952d61bbfaebcb3697dd598d7120d9a13865409462f5125f897ff63a4c7b9b24454f41a1b4a76be02936cb5ea489a9dd9f0e99a8c52215e0534e4b3a606a1dd0a191bd5910cd490f440c3509d5d065b9319b588b56c9dbc7539a6e9f36b99d5a2d7ec0dbc338b34ac6f587952cd40608d55282c65d391117c9b5e5e75c296afbac406d8c395bab754ec86ee30dcab697a84d19a27c71447999e94bc49f460879df739fba175a34ccd8381208fa3f66493fc73153e42d79dd77b1595d1886373a870eea056c834c7935cf9788b842a85a8ed76dce0f8265a30834b76e5e2eda1c03d1a6e6fb6dc968748842e09af1fe029a1e9efe5f02925ff55ae369c4480f966be35a1e27c5cd8d2ac5da6f267498d70319843fb5c18d1017c34e917d1e0ff8d1f9858ab06a43e5eeef4011a14b5b0ca2805d39d2266509ac1424765b98b0c0236a9c3c4ad89786ad5bf45b6e87c3723058a3ba68413bcb61067709a536a75bf903f6797396acd4bc13c5e3224ea6d05460c739e57b9092e04a82716de58ee892e52cb28b28c4bf10ca31706e264f4cdcbd26bc7a4ae7cca39f4906a01f598cbda5db6b7f6e78743dcf21d7b10de94c84a4292fb10214e5fb9ec75b075493afcc0e01a3ef504d73c700ac1ba8fc0f2e45ea9fc07ee024fc30d69561f59785e4b7095ffca5e1ed32f14c13d4642586edc682be478613696227519c4728d8a8d5e759d9eae9ac3073c62925dd4597f4a17772b5c204f4568b3f02d3aa90b3cca9c4afd076ab7d225e952907975e89917508f58c1f96f67e5d0c029ba56dd58776dc5ad707f2322ba11ab021eb64582fdec717fe97d822e9af2ca604263632e458af9204ae962387c3a8ca93e83a8ed7efb149a8696e85e63644a25e125ebd62ec2fa6027be1416bc9c9bba936fb07c31df72c9de1d4a119280d6bf4a1ea8c06e0de9a163779c35a3bc8e8992ee715c89b18062122255b35dc1e9c6e58915e5816bb458fec68744cebeb8333e43f1d5d78f25ed46eecf0781739ace7f83503f7bb6ea376d92c1a6563b49fc9933cbc2f3e31c0bbdc7dfa5b871c3d00b31a6caf5651664cc591cae0319a396a86769f11e89d28adce185379a8251f864e638cc28bb061782245516d9c5ad68b9bed391e5b71227deff911102a934c8765b63895a546bfdc778d606ef2d54ef326a76bd811857b59361a849210fc0e19e62363ee8bb21136166da5b00464f7052aaacf19f77223d1ba6023339f96e75c10f64a87a9e946c458d3b26bc51584c3ff6db9ba057c8cefe492465b07ddfe2204cfabd7f6889368d8ca6c27b68401b76329ae0e374982448e88b59ebb423ff24e559e61c19f1e7fa4b8d22fe1efe47f8097382ebc77827f6557f9073d366df491c9be05e05e1f016f87b1bf98d17b1d562e7450d478955fe12403d708f30da679b29638dcd41d3c3b3af67e89563e14c1c103b9240a8a95fdc7b6a0dbd0519461db1a3eede6aecc8d1e65d730a8c13b2f4a72ab18765021e7027a4dae72e0388123732dc564c12f23c1e6540166a710eb8b3d166c3804f7629af6c2865471961c0f4041cf7b5f6632d24b08684a21db5f7e281565fe77e34b1ac430ef1748a195ee7768de9742aa7d378271c8b89e7eaaaa97bf80af65666b5f421f67d7b13a31c4e52096504384e216bdf765b80fe9865cff7a9f0e773b40fba40b446c8827eda60e06add94e20eaa200893775d6182cdd3d7e230b4777ee3aaf0874943df6ce4dfa245e6289fe60b6b3c2d0f8ef94ff999cdc0d1cec00d600a0d9bcf4d61d07d235652f6e9eccd9a47e3faff18c2c9d8f8b2140e3053f618660c28d25b496a610191a74698a76fe7214928c6f0445c38f3883313cbb0db98d967d10ed80c97033422e19cbed394e0167de024e3c83753d52a15f96209d9d2e1d7d704e776a3b583a9377d274ca892d7b386ccfbef80cab1128dee8191d7e865be32d87d0704edc30b3c5d776aa389c88608bb5a2d48edefcc2e9f11522939e47bd0515300434d3304d06307bece3cbbe34e4b6cae7d19dad06a611b9799f76b8dee373c1e61cfa4b7b3cb0449d98e6abb8704b71b2d2acbff578d1ab08910de5a0101ec1f71e7754d76769dfa04ba096642e09583d6488080f90db426e80a701cba0df1ae464ab7183649085c4cb4228575dbeac3936b5e06caeb1b31d558f333971dfe3da822bf14cc05f62a9f833b642b26195452dee3ed591f6e8ffdef77951c8fa63960f819528e1504e2a956b4d2f4e8c0ae6f7f49416a6bf1bde5d51d870c11ff4b6360b762f756cc25bc8939ca6c3be63392b3f015e9df26872924fce5708ce5410d326ea0f1f7db4a63be45d9c9bfeb30fcab187592a26096daca2ea26d37bfe33f801fcc237ab2038f489e25923bc262b9f61e9ac750b27de77ea9e4489665ce6e721ef7c720577ec5bda7f1129155f2154450fb179b4938fb85d178acfb8ed17914a159e9ccb7c2840238fbe58be9d7c91b636e586ccc04aff9db00e4bef338a0249a89e6fe46024854e9e7773a0b8913164260091dbcbd6b07f5d7cc3d5e689ef44bc8e45fcd2adcf56087aaf57f810a7bfaa145807d750d4974c2ae6e068638328129d381be549a682ba5a4aa89f633f9c5d9245dd51242b36450a24149902c92d69b385358bf582db9178625d4c8235c12cb7127aac23e2395629dc88451949445985c8186956e4b6e25ab60d0417a01baa2b3bda8b6e33c2517e7a2cc833430cefa115075f576f1470fc75100f63614aa35c585848cd57120752979b266173ca05617ef9d5b10bf312fb04385e6992085abe548b22f672a7cdac9909859e0d94f8d588f05ecc2c30bda340728d7be68e1cff9fa1fe1fb687d094c398b2c24fd2033d25f2a9b406bdc2a4c506c71527bf505ea0195dffab3e2d81fb3586d59b8cef52c0d67954bd6c27ddb83588b936af4a356ff10563bba4f62899715f06880c97018e37a822f17afb6a244f2dcceb8b27a3788a8a75f0b85e5b39659cf40ea11fb232db922c66538d92c8d05ddfb8a99a18754852d184c60513585637cebe270ded1675249467987c089b71dd72f77819eb7ca108384e6e18bb4529a3139935449b7b79f510d970f1affa8503b027d723865020d5bca94795420c69c6456ed77a28c92ab41150f3b8cb010ac4419085189353e77c7800da4a2bc9585931808c077a3c09315edad034599b5c09505f84ee12fb925e0b6f0667911f3ea6757dd35044aabfeae2a9a8e10440f9b45234398e88485dd121aea4f24c0b11fdae47072bc25427f5b9da1a5f46974a66eb1aab3e5917646631b1d4f6f786954d2a034c3dd6f0dc2945873b635ee726ede0ccbee21dde5e72a7b0b189374967c9201694299787d8bf1fb49f3fc1fbf1f6de6824b1a19dfea252abc3c04178af5a3d147537e00547f612379d30b46b4066df8e683b65f4edc6092ba3b362f8f3d5509b0a15520761fabecaf8c86353d48cd2aff6c78a68dc9e20471e7b25b49387ccdd919ab8cbdc2658883ac0079f48fc0c069b9e8c93654e964ab71d855356140d85ea0ad0bbcd3e612ee3250028cd7ff95d3aa73344b77765213c4ebe76538f5c6d3f25f31a4ae9cd1feff2dca11e9217b0113fa8acf37d31f4a10b889f6") ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000001680)={0x4, 0x100000000, 0x0, 0x3f, 0x401}) connect$nfc_llcp(r0, &(0x7f00000016c0)={0x27, 0x0, 0x2, 0x5, 0x6, 0x0, "812895573565e4e007cf0ef66e2d9a0e5d85a5dd2213b0782c7925b4787728817535fced3917887016890ec5eba97d11abba1c73db5ca25ca56eedc1569c99", 0x3c}, 0x58) recvfrom$inet(r2, &(0x7f0000001740)=""/29, 0x1d, 0x10022, &(0x7f0000001780)={0x2, 0x4e24, @multicast1=0xe0000001}, 0x10) socket$alg(0x26, 0x5, 0x0) ioctl$TCSETAF(r2, 0x5408, &(0x7f00000017c0)={0x6, 0x9, 0x7ff, 0xc63b, 0x5, 0x8, 0x8, 0x800, 0x3ff, 0x298f}) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r2, 0x28, 0x6, &(0x7f0000001800)={0x0, 0x7530}, 0x8) [ 1376.589365] should_failslab+0x9/0x14 [ 1376.593193] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1376.594559] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1376.598319] __kmalloc_node_track_caller+0x33/0x70 [ 1376.598342] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1376.598361] __alloc_skb+0x14d/0x780 [ 1376.619105] ? skb_scrub_packet+0x580/0x580 [ 1376.623457] ? dst_init+0x459/0x600 [ 1376.627106] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1376.632660] ? ip_generic_getfrag+0x11c/0x2d0 2018/06/01 03:16:03 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1376.637192] ? ip_reply_glue_bits+0xc0/0xc0 [ 1376.641533] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1376.646568] ? skb_put+0x17b/0x1e0 [ 1376.650126] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1376.655161] ? ip_reply_glue_bits+0xc0/0xc0 [ 1376.659510] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1376.665327] ? xfrm_policy_lookup+0x70/0x70 [ 1376.669665] ? ipv4_mtu+0x375/0x580 [ 1376.673313] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1376.678778] ? find_held_lock+0x36/0x1c0 [ 1376.682873] ? ip_setup_cork+0x44d/0x6d0 [ 1376.686953] ip_make_skb+0x2be/0x350 [ 1376.690684] ? ip_reply_glue_bits+0xc0/0xc0 [ 1376.695018] ? ip_flush_pending_frames+0x30/0x30 [ 1376.699792] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1376.705354] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1376.710933] ? xfrm_lookup_route+0x64/0x1f0 [ 1376.715274] udp_sendmsg+0x24ec/0x35e0 [ 1376.719181] ? ip_reply_glue_bits+0xc0/0xc0 [ 1376.723520] ? udp4_lib_lookup2+0x340/0x340 [ 1376.727851] ? graph_lock+0x170/0x170 [ 1376.731689] ? expand_files.part.8+0x9a0/0x9a0 [ 1376.736281] ? check_same_owner+0x320/0x320 2018/06/01 03:16:03 executing program 1: getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@mcast2, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000000)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@broadcast, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast1}}, &(0x7f00000000c0)=0xe8) setreuid(r0, r1) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETAF(r2, 0x5404, &(0x7f00009d4000)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$KDGKBLED(r2, 0xc0045405, &(0x7f0000000080)) ioctl$TCSETS(r2, 0xc0045405, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0x6, 0x7}, &(0x7f00000003c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000400)={r3, 0x5}, 0x8) [ 1376.740634] ? lock_downgrade+0x8e0/0x8e0 [ 1376.742813] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1376.744792] ? lock_release+0xa10/0xa10 [ 1376.744809] ? check_same_owner+0x320/0x320 [ 1376.744828] ? __check_object_size+0x95/0x5d9 [ 1376.744846] inet_sendmsg+0x19f/0x690 [ 1376.744862] ? __might_sleep+0x95/0x190 [ 1376.744876] ? ipip_gro_receive+0x100/0x100 [ 1376.744893] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1376.744913] ? security_socket_sendmsg+0x94/0xc0 [ 1376.787372] ? ipip_gro_receive+0x100/0x100 [ 1376.791718] sock_sendmsg+0xd5/0x120 [ 1376.795460] __sys_sendto+0x3d7/0x670 [ 1376.799283] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1376.803970] ? wait_for_completion+0x870/0x870 [ 1376.808563] ? __lock_is_held+0xb5/0x140 [ 1376.812640] ? __sb_end_write+0xac/0xe0 [ 1376.816618] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1376.822154] ? fput+0x130/0x1a0 [ 1376.825436] ? ksys_write+0x1a6/0x250 [ 1376.829225] ? __do_page_fault+0x441/0xe40 [ 1376.833455] ? __ia32_sys_read+0xb0/0xb0 [ 1376.837513] __ia32_sys_sendto+0xdf/0x1a0 [ 1376.841663] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1376.846675] do_fast_syscall_32+0x345/0xf9b [ 1376.850989] ? do_int80_syscall_32+0x880/0x880 [ 1376.855575] ? _raw_spin_unlock_irq+0x27/0x70 [ 1376.860061] ? finish_task_switch+0x1ca/0x840 [ 1376.864551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1376.870080] ? syscall_return_slowpath+0x30f/0x5c0 [ 1376.875005] ? sysret32_from_system_call+0x5/0x46 [ 1376.879849] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1376.884703] entry_SYSENTER_compat+0x70/0x7f 2018/06/01 03:16:03 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:03 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x201, 0x0) write$binfmt_aout(r0, &(0x7f0000000640)=ANY=[@ANYBLOB="0000063fc900fff9000a"], 0xa) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TCFLSH(r0, 0x540b, 0xdf35) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000040)) [ 1376.889111] RIP: 0023:0xf7f63cb9 [ 1376.892463] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1376.900162] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1376.907430] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1376.914688] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1376.921947] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1376.929204] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:03 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1377.057956] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:04 executing program 7: r0 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f0000e71000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x32) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000e7a000)) recvmmsg(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f00000008c0), 0x31c8263, &(0x7f0000000900)=""/112, 0x70}}], 0x1, 0x1, &(0x7f0000000a00)={0x77359400}) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000000)="0aeb600107f2392f1058cd857a178df28debb58f9c502513e026bb5dab48ed6ba018ccbf2af0b42a074f2b7d5c46eacb75") 2018/06/01 03:16:04 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:04 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000001, 0x0, 0x0, 0x0, 0x0, 0xbd9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f00000002c0)={0x50b2, {0x2, 0x4e21, @loopback=0x7f000001}, {0x2, 0x4e20, @rand_addr=0x7fff}, {0x2, 0x4e21, @loopback=0x7f000001}, 0x380, 0x8, 0x100000001, 0x82, 0x1ff, 0x0, 0x7fffffff, 0x3, 0x9}) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x84400, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0x5, &(0x7f0000000040)=0x101, 0x4) fadvise64(r2, 0x0, 0xffffffffffffffc1, 0x1) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000018ef00fa0000000000639a118f3a0d689ffc34254f89e26761bd78302c0d0282c9881825af61b23b655311b23e2d4ca8721c26dc27d7c8e9ce4f90ebf21edac1a0c48cfdec2d176d110c5b77d7d8282c6c23f9d03e5c6379eb30f37b7116b58fa6a615b4e07c697d098f7d0468098e78e683a144f3cfa6853cc50f4f0248ef287203a523c9488ca344e5937e0ecfa876f69c665f66dfedcb43e2d8d3a08417b45160c01f79898843edf7b32e45df5d772ea315c164ddd972d5baf9a6c443541dfda9eabdbb8d1180efc68fde0b14103b9f30", @ANYPTR64=&(0x7f0000008840)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="3f01000000000000"], 0x20) dup2(r0, r4) 2018/06/01 03:16:04 executing program 3: r0 = accept4(0xffffffffffffff9c, &(0x7f00000001c0)=@in6, &(0x7f0000000140)=0x80, 0x80000) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000240)={0x0, 0x8e, "8798f4231736c00f05cc6dfcfd9372dcdbd1a52417f4596c359c559a1884aee85ada2d89ab66f1d2c75b3ff339aa4eb1e330eb04148cd0af9d3623491c32ee229dff6b2ba14ee738317b1de6023c813622688ab43583dcd91523bbda89770652627425a18b6c9cc712f6ff14e9dd0bc41c59e29b78a03ef485502f5de669044927c93646be729414cd930db2f904"}, &(0x7f0000000300)=0x96) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000340)={r1, 0x0, 0x0, 0x1, 0x800, 0x401}, &(0x7f0000000380)=0x14) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0xe16}) write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xffffff78) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7}) r3 = syz_open_pts(r2, 0x0) ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000080)={0x8, 0x3, 0x1ff, 0x9, 0x2, 0x5}) readv(r3, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/55, 0x37}], 0x1) ioctl$VT_ACTIVATE(r2, 0x5606, 0x7f) 2018/06/01 03:16:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000015c0)={r2, 0x0, 0x2, r2}) fcntl$setpipe(r1, 0x407, 0x6) r3 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r3, 0xfffffffffffffffb, 0x2, r2}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = fcntl$dupfd(r1, 0x78860cbe2a24d4dd, r3) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000000)=0x8, 0x2) 2018/06/01 03:16:04 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:04 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x4000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:04 executing program 2 (fault-call:2 fault-nth:51): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1377.603332] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1377.608592] FAULT_INJECTION: forcing a failure. [ 1377.608592] name failslab, interval 1, probability 0, space 0, times 0 [ 1377.622314] CPU: 0 PID: 22682 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1377.629699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1377.639065] Call Trace: [ 1377.641680] dump_stack+0x1b9/0x294 [ 1377.645335] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1377.650551] ? perf_trace_lock_acquire+0xe3/0x980 [ 1377.655415] ? unwind_get_return_address+0x61/0xa0 [ 1377.660372] ? __save_stack_trace+0x7e/0xd0 [ 1377.664720] should_fail.cold.4+0xa/0x1a [ 1377.668804] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1377.673948] ? save_stack+0xa9/0xd0 [ 1377.677601] ? save_stack+0x43/0xd0 [ 1377.681243] ? kasan_kmalloc+0xc4/0xe0 [ 1377.685150] ? __kmalloc_node_track_caller+0x47/0x70 [ 1377.690394] ? __alloc_skb+0x14d/0x780 [ 1377.694327] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1377.699582] ? ip_make_skb+0x2be/0x350 2018/06/01 03:16:04 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1377.703493] ? udp_sendmsg+0x24ec/0x35e0 [ 1377.707676] ? inet_sendmsg+0x19f/0x690 [ 1377.711668] ? sock_sendmsg+0xd5/0x120 [ 1377.715594] ? __sys_sendto+0x3d7/0x670 [ 1377.719589] ? do_fast_syscall_32+0x345/0xf9b [ 1377.724107] ? find_held_lock+0x36/0x1c0 [ 1377.728233] ? check_same_owner+0x320/0x320 [ 1377.732580] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1377.738265] ? rcu_note_context_switch+0x710/0x710 [ 1377.743224] __should_failslab+0x124/0x180 [ 1377.747604] should_failslab+0x9/0x14 [ 1377.751601] kmem_cache_alloc_node+0x272/0x780 [ 1377.756215] __alloc_skb+0x111/0x780 [ 1377.759952] ? skb_scrub_packet+0x580/0x580 [ 1377.764296] ? dst_init+0x459/0x600 [ 1377.767972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1377.773524] ? ip_generic_getfrag+0x11c/0x2d0 [ 1377.778033] ? ip_reply_glue_bits+0xc0/0xc0 [ 1377.782381] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1377.787422] ? skb_put+0x17b/0x1e0 [ 1377.791015] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1377.796060] ? ip_reply_glue_bits+0xc0/0xc0 [ 1377.800414] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1377.806235] ? xfrm_policy_lookup+0x70/0x70 [ 1377.810584] ? ipv4_mtu+0x375/0x580 [ 1377.814234] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1377.819700] ? find_held_lock+0x36/0x1c0 [ 1377.823794] ? ip_setup_cork+0x44d/0x6d0 [ 1377.827879] ip_make_skb+0x2be/0x350 [ 1377.831618] ? ip_reply_glue_bits+0xc0/0xc0 [ 1377.835963] ? ip_flush_pending_frames+0x30/0x30 [ 1377.840737] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1377.846275] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1377.851801] ? xfrm_lookup_route+0x64/0x1f0 [ 1377.856137] udp_sendmsg+0x24ec/0x35e0 [ 1377.860025] ? ip_reply_glue_bits+0xc0/0xc0 [ 1377.864356] ? udp4_lib_lookup2+0x340/0x340 [ 1377.868681] ? graph_lock+0x170/0x170 [ 1377.872475] ? do_raw_spin_unlock+0x41/0x2e0 [ 1377.876883] ? expand_files.part.8+0x9a0/0x9a0 [ 1377.881456] ? compat_start_thread+0x80/0x80 [ 1377.885865] ? _raw_spin_unlock_irq+0x27/0x70 [ 1377.890362] ? lock_downgrade+0x8e0/0x8e0 [ 1377.894515] ? lock_release+0xa10/0xa10 [ 1377.898496] ? __check_object_size+0x95/0x5d9 [ 1377.902996] inet_sendmsg+0x19f/0x690 [ 1377.906807] ? __might_sleep+0x95/0x190 [ 1377.910776] ? ipip_gro_receive+0x100/0x100 [ 1377.915094] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1377.920631] ? security_socket_sendmsg+0x94/0xc0 [ 1377.925378] ? ipip_gro_receive+0x100/0x100 [ 1377.929707] sock_sendmsg+0xd5/0x120 [ 1377.933414] __sys_sendto+0x3d7/0x670 [ 1377.937206] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1377.941878] ? wait_for_completion+0x870/0x870 [ 1377.946457] ? schedule+0xef/0x430 [ 1377.950009] ? __sb_end_write+0xac/0xe0 [ 1377.953990] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1377.959520] ? exit_to_usermode_loop+0x87/0x310 [ 1377.964183] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1377.969709] ? exit_to_usermode_loop+0x1ef/0x310 [ 1377.974455] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1377.979288] __ia32_sys_sendto+0xdf/0x1a0 [ 1377.983439] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1377.988451] do_fast_syscall_32+0x345/0xf9b [ 1377.992765] ? do_int80_syscall_32+0x880/0x880 [ 1377.997972] ? _raw_spin_unlock_irq+0x27/0x70 [ 1378.002475] ? finish_task_switch+0x1ca/0x840 [ 1378.006961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1378.012487] ? syscall_return_slowpath+0x30f/0x5c0 [ 1378.017404] ? sysret32_from_system_call+0x5/0x46 [ 1378.022253] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1378.027092] entry_SYSENTER_compat+0x70/0x7f [ 1378.031492] RIP: 0023:0xf7f63cb9 [ 1378.034843] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1378.042541] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd 2018/06/01 03:16:04 executing program 1: socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x6}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r1, 0xffffffff}, &(0x7f00000001c0)=0xfffffffffffffd94) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x8, &(0x7f0000000080)) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x0, 0x0) ioctl$KDGETLED(r2, 0x4b31, &(0x7f0000000000)) 2018/06/01 03:16:04 executing program 7: perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000004c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$bt_rfcomm(0x1f, 0x1, 0x3) sendmsg(r0, &(0x7f0000000300)={&(0x7f0000000000)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha384\x00'}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000080)="18afac681da92047439399332cf1ef7f1afe8a8c67165e5ddd1c415f560f9d84e421e45f19ecd6eca38704a5e650c6f9d22d785dad62e94d973a9129411f700bcfad1069411f4edc063819570bd13eca9b7d42f079a46d6d98abdf389616f74d0f178004392827c40042122bd6ac", 0x6e}, {&(0x7f0000000100)="f7c040f76b70e52e74440353400651227ea25641a0e94a7d11071a52c52ed99676206fc938bb5a3a37b5ff9e04b679950d483280c0a02724af07aa56ec2e90afaf8c834f724380931ff92bb4f6795e9d8e0c8aa08b37e217213a2c6c621bf2036208d427bb7d6731dcf275aa53caafe73458feb12acd0eb89007326ab8666cee6db16682cc5bf2a54affa5195f636d5a955c0ba3920e", 0x96}, {&(0x7f00000001c0)="cc21c55207ad3916121865ce3038e3c3fffbc53053fb38d2056baa1e62fcc9dbb1e25c97bb70c7d93ff26a851bacf08ab8ea041dd727e02ba86b04524d9a1c2063fee5ff0853f8a74e6266a9ffdccc74e82fbda92791539c1fae86b9d8b6a23c54fbdf7711b349d37f99c32ab2804be4a9c1794b09fa3e0c6c88addc", 0x7c}], 0x3, &(0x7f0000000280)=[{0x48, 0x101, 0xfffffffffffffff9, "9b25b87ae03acdc04492dc729a69882cea64e584b27054b4216ab1eed3b104bf07f9fa890e8779274651e3460c9303c9afce9680f888ae857a"}], 0x48}, 0x40000) [ 1378.049799] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1378.057054] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1378.064321] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1378.071577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:05 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:05 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:05 executing program 2 (fault-call:2 fault-nth:52): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:05 executing program 6: r0 = epoll_create1(0x80000) write$binfmt_elf64(r0, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x3, 0x5, 0x101, 0x100000001, 0x3, 0x3, 0x9, 0x2ea, 0x40, 0x213, 0x3, 0x1800, 0x38, 0x1, 0xffffffffffffa1bc, 0x3, 0x435add03}, [{0x2, 0x5f, 0xad, 0x7, 0xfffffffffffffffc, 0x401, 0xa1, 0x9}], "93b0f952b65fbc2cdeec74b458b3670bee2f4a20fdd08db3ba405f9f02729e88e143538c1f0714ff5a7bb3", [[]]}, 0x1a3) vmsplice(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f00000005c0)}], 0x1300, 0x0) 2018/06/01 03:16:05 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) read(r0, &(0x7f0000000040)=""/11, 0xb) r1 = syz_open_pts(r0, 0x0) ioctl$TCXONC(r1, 0x540a, 0x3) 2018/06/01 03:16:05 executing program 3: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000003000)=[{&(0x7f000000efdc)="240000004a00030007fffd946fa283bc0a008000020f0000031d8568791ba3a2d188737e", 0x24}], 0x1}, 0x0) setsockopt$inet_dccp_buf(r0, 0x21, 0xc2, &(0x7f0000000000)="89351040a0edce131ada55cc98964a0efa6105fbfc19f6d654361f876d958ba4924e15018145c158422c592920cce600e2c90140fe5b4c884f0cb1c02a9d8cfe45a1a6ee4ad37b22536eb1140f5b2e6fd1540884c9a04827a102b87fab6439b7b0d1a5059680886ccdbf8dcf3699c6044845adb70c92b9913635f8910e832a7cabe1dc0b7e0877fc9bcf5a94f1870f02f679467a13", 0x95) 2018/06/01 03:16:05 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}}, 0x0, 0x1, 0x0, "111d6c1ba6050dd77cf3f2f09d1cb02a25988f1ea9c5be7d9801641c99b0def45ac625ada3316175a9d341111c181811e12c196e1ab99946e5e47e0594e415670d1330cd611c3974c55bb4d50000e111"}, 0xd8) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000000)=0xfffffffffffffff8, 0x4) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000040)={@in6={{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}}, 0x0, 0x0, 0x0, "411b3f1c08455047284bea37cf1ab7534db964b7958943c7db1b29d39d5221fac53a751f6f97a5f406473879b8171ae0d09086cb18d602ee628a185531290242710b99b8401772c02989f80629dc1d9e"}, 0xd8) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rfkill\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000480)={0x0, 0x2, 0x10001, 0x7f, 0x1, 0x4c9a679e, 0x8, 0x0, {0x0, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}}, 0x80000000, 0x6c8, 0x8, 0x5374008e, 0x9a}}, &(0x7f0000000540)=0xb0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000580)={r2, 0xffffffffffffffff}, 0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000400)={r2, 0x1, 0x100}, &(0x7f0000000440)=0x8) setsockopt$inet6_tcp_int(r1, 0x6, 0x11, &(0x7f00000005c0)=0x3, 0x4) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xffff, 0x9, 0x4, 0x2, 0x9, 0x5, 0x2, {0x0, @in6={{0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, [], 0xd}, 0x1}}, 0x9, 0x5a6, 0x0, 0x8}}, &(0x7f0000000340)=0xb0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000380)={r3, 0x3, 0x12d1fee8}, &(0x7f00000003c0)=0x8) 2018/06/01 03:16:05 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xff0f0000}, 0x1c) shutdown(r0, 0x0) [ 1378.698666] FAULT_INJECTION: forcing a failure. [ 1378.698666] name failslab, interval 1, probability 0, space 0, times 0 [ 1378.710081] CPU: 0 PID: 22731 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1378.717457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1378.726825] Call Trace: [ 1378.729440] dump_stack+0x1b9/0x294 [ 1378.733164] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1378.738370] ? is_bpf_text_address+0xd7/0x170 [ 1378.742889] ? kernel_text_address+0x79/0xf0 [ 1378.748391] ? __unwind_start+0x166/0x330 [ 1378.752570] should_fail.cold.4+0xa/0x1a [ 1378.756635] ? __save_stack_trace+0x7e/0xd0 [ 1378.760965] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1378.766079] ? save_stack+0xa9/0xd0 [ 1378.769700] ? save_stack+0x43/0xd0 [ 1378.773318] ? kasan_kmalloc+0xc4/0xe0 [ 1378.777199] ? kasan_slab_alloc+0x12/0x20 [ 1378.781348] ? find_held_lock+0x36/0x1c0 [ 1378.785433] ? check_same_owner+0x320/0x320 [ 1378.789762] ? rcu_note_context_switch+0x710/0x710 [ 1378.794690] __should_failslab+0x124/0x180 [ 1378.798938] should_failslab+0x9/0x14 [ 1378.802743] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1378.807852] __kmalloc_node_track_caller+0x33/0x70 [ 1378.812777] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1378.817528] __alloc_skb+0x14d/0x780 [ 1378.821245] ? skb_scrub_packet+0x580/0x580 [ 1378.825572] ? dst_init+0x459/0x600 [ 1378.829199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1378.834991] ? ip_generic_getfrag+0x11c/0x2d0 [ 1378.839504] ? ip_reply_glue_bits+0xc0/0xc0 [ 1378.843825] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1378.848834] ? skb_put+0x17b/0x1e0 [ 1378.852368] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1378.857398] ? ip_reply_glue_bits+0xc0/0xc0 [ 1378.861726] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1378.867531] ? xfrm_policy_lookup+0x70/0x70 [ 1378.871847] ? ipv4_mtu+0x375/0x580 [ 1378.875478] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1378.880918] ? find_held_lock+0x36/0x1c0 [ 1378.884986] ? ip_setup_cork+0x44d/0x6d0 [ 1378.889065] ip_make_skb+0x2be/0x350 [ 1378.892777] ? ip_reply_glue_bits+0xc0/0xc0 [ 1378.897108] ? ip_flush_pending_frames+0x30/0x30 [ 1378.901866] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1378.907407] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1378.912947] ? xfrm_lookup_route+0x64/0x1f0 [ 1378.917268] udp_sendmsg+0x24ec/0x35e0 [ 1378.921155] ? ip_reply_glue_bits+0xc0/0xc0 [ 1378.925484] ? udp4_lib_lookup2+0x340/0x340 [ 1378.929807] ? graph_lock+0x170/0x170 [ 1378.933618] ? expand_files.part.8+0x9a0/0x9a0 [ 1378.938193] ? check_same_owner+0x320/0x320 [ 1378.942535] ? lock_downgrade+0x8e0/0x8e0 [ 1378.946689] ? lock_release+0xa10/0xa10 [ 1378.950668] ? check_same_owner+0x320/0x320 [ 1378.954983] ? __check_object_size+0x95/0x5d9 [ 1378.959487] inet_sendmsg+0x19f/0x690 [ 1378.963282] ? __might_sleep+0x95/0x190 [ 1378.967254] ? ipip_gro_receive+0x100/0x100 [ 1378.971591] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1378.977133] ? security_socket_sendmsg+0x94/0xc0 [ 1378.981884] ? ipip_gro_receive+0x100/0x100 [ 1378.986210] sock_sendmsg+0xd5/0x120 [ 1378.989928] __sys_sendto+0x3d7/0x670 [ 1378.993738] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1378.998409] ? wait_for_completion+0x870/0x870 [ 1379.002994] ? __lock_is_held+0xb5/0x140 [ 1379.007069] ? __sb_end_write+0xac/0xe0 [ 1379.011067] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1379.016605] ? fput+0x130/0x1a0 [ 1379.019880] ? ksys_write+0x1a6/0x250 [ 1379.023672] ? __do_page_fault+0x441/0xe40 [ 1379.027901] ? __ia32_sys_read+0xb0/0xb0 [ 1379.031957] __ia32_sys_sendto+0xdf/0x1a0 [ 1379.036101] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1379.041113] do_fast_syscall_32+0x345/0xf9b [ 1379.045432] ? do_int80_syscall_32+0x880/0x880 [ 1379.050002] ? _raw_spin_unlock_irq+0x27/0x70 [ 1379.054496] ? finish_task_switch+0x1ca/0x840 [ 1379.058985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1379.064515] ? syscall_return_slowpath+0x30f/0x5c0 [ 1379.069443] ? sysret32_from_system_call+0x5/0x46 [ 1379.074284] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1379.079144] entry_SYSENTER_compat+0x70/0x7f [ 1379.083560] RIP: 0023:0xf7f63cb9 [ 1379.086912] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:16:05 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) read(r0, &(0x7f0000000340)=""/26, 0xc) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) getsockopt$bt_hci(r1, 0x0, 0x3, &(0x7f00000001c0)=""/98, &(0x7f0000000100)=0x62) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) [ 1379.094615] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1379.101890] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1379.109154] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1379.116422] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1379.123693] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1379.131509] validate_nla: 1 callbacks suppressed [ 1379.131519] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:05 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1379.208088] netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. [ 1379.235666] netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. 2018/06/01 03:16:06 executing program 7: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x3f, 0x80040) ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000040)=""/55) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x0) readv(r2, &(0x7f0000000080)=[{&(0x7f0000000300)=""/208, 0xd0}], 0x1) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000002000)={0x0, 0x0, 0x0, 0xffffffff}) write(r1, &(0x7f0000c34fff), 0xffffff0b) 2018/06/01 03:16:06 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:06 executing program 3: r0 = fanotify_init(0x3, 0x0) ioctl$int_out(r0, 0x2, &(0x7f0000000280)) socketpair(0x19, 0x80000, 0xb1, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={0x0}, &(0x7f00000002c0)=0xfffffffffffffde3) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000001c0)={0x0, 0x0, 0x200, 0x2, 0xffff}, 0x14) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r2, 0x9, 0x3f}, &(0x7f0000000180)=0xc) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f00000000c0)="719f1f9e71eb165eb4128f6018cbc7c6", 0x10) r4 = openat$cgroup_int(r3, &(0x7f0000000200)='io.max\x00', 0x2, 0x0) restart_syscall() getsockopt$netrom_NETROM_T1(r1, 0x103, 0x1, &(0x7f0000000240), &(0x7f0000000300)=0x4) write(r4, &(0x7f0000000140)='\f', 0x1) 2018/06/01 03:16:06 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000ffffff"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:06 executing program 2 (fault-call:2 fault-nth:53): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:06 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x7000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:06 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = memfd_create(&(0x7f0000000040)='bbr\x00', 0x3) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e21, 0x8, @mcast2={0xff, 0x2, [], 0x1}, 0x100000001}}, 0x200000, 0x100, 0x5, 0x9e, 0x3}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={r2, 0x1}, &(0x7f0000000280)=0x8) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r0, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e399aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0201c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x51, &(0x7f0000e66000)={0x2, 0x0, @rand_addr}, 0x10) open$dir(&(0x7f00000002c0)='./file0\x00', 0x40, 0x2) readv(r0, &(0x7f00000005c0)=[{&(0x7f00000004c0)=""/101, 0x65}, {&(0x7f0000000540)=""/101, 0x65}], 0x2) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4) recvmsg(r0, &(0x7f0000000100)={&(0x7f00000019c0)=@hci, 0x80, &(0x7f0000001b00)=[{&(0x7f0000001a80)=""/80, 0x50}], 0x1, &(0x7f0000001b40)=""/150, 0x96}, 0x0) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="15", 0x1}], 0x1) 2018/06/01 03:16:06 executing program 6: r0 = socket(0xa, 0x80005, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2=0xe0000002}, 0xdc9a5a2be2900b7c) r1 = getpid() capget(&(0x7f00000000c0)={0x19980330, r1}, &(0x7f0000000100)={0x0, 0x1, 0xc24, 0x724, 0x1, 0x2}) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in={{0x2}}, 0x0, 0xfffffffffffff000}, 0x98) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0xa00, 0x0) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000080)) setsockopt$inet6_MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000140)={0x6, 0x1, 0x80000, 0x5, 0x5}, 0xc) [ 1380.156952] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1380.172289] FAULT_INJECTION: forcing a failure. [ 1380.172289] name failslab, interval 1, probability 0, space 0, times 0 [ 1380.183684] CPU: 0 PID: 22772 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1380.191072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1380.200436] Call Trace: [ 1380.203047] dump_stack+0x1b9/0x294 [ 1380.206693] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1380.211900] ? unwind_get_return_address+0x61/0xa0 [ 1380.216843] ? __save_stack_trace+0x7e/0xd0 [ 1380.221181] should_fail.cold.4+0xa/0x1a [ 1380.225259] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1380.230375] ? save_stack+0xa9/0xd0 [ 1380.234019] ? save_stack+0x43/0xd0 [ 1380.237639] ? kasan_kmalloc+0xc4/0xe0 [ 1380.241517] ? __kmalloc_node_track_caller+0x47/0x70 [ 1380.246623] ? __alloc_skb+0x14d/0x780 [ 1380.250511] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1380.255685] ? ip_make_skb+0x2be/0x350 [ 1380.259556] ? udp_sendmsg+0x24ec/0x35e0 [ 1380.263603] ? inet_sendmsg+0x19f/0x690 [ 1380.267566] ? sock_sendmsg+0xd5/0x120 [ 1380.271447] ? __sys_sendto+0x3d7/0x670 [ 1380.275402] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1380.279710] ? do_fast_syscall_32+0x345/0xf9b [ 1380.284196] ? find_held_lock+0x36/0x1c0 [ 1380.288260] ? check_same_owner+0x320/0x320 [ 1380.292589] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1380.298125] ? rcu_note_context_switch+0x710/0x710 [ 1380.303061] __should_failslab+0x124/0x180 [ 1380.307297] should_failslab+0x9/0x14 [ 1380.311089] kmem_cache_alloc_node+0x272/0x780 [ 1380.315669] __alloc_skb+0x111/0x780 [ 1380.319374] ? skb_scrub_packet+0x580/0x580 [ 1380.323685] ? dst_init+0x459/0x600 [ 1380.327302] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1380.332827] ? ip_generic_getfrag+0x11c/0x2d0 [ 1380.337312] ? ip_reply_glue_bits+0xc0/0xc0 [ 1380.341622] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1380.346624] ? skb_put+0x17b/0x1e0 [ 1380.350152] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1380.355161] ? ip_reply_glue_bits+0xc0/0xc0 [ 1380.359475] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1380.365277] ? xfrm_policy_lookup+0x70/0x70 [ 1380.369584] ? ipv4_mtu+0x375/0x580 [ 1380.373199] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1380.378635] ? find_held_lock+0x36/0x1c0 [ 1380.382688] ? ip_setup_cork+0x44d/0x6d0 [ 1380.386736] ip_make_skb+0x2be/0x350 [ 1380.390439] ? ip_reply_glue_bits+0xc0/0xc0 [ 1380.394749] ? ip_flush_pending_frames+0x30/0x30 [ 1380.399493] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1380.405028] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1380.410551] ? xfrm_lookup_route+0x64/0x1f0 [ 1380.414874] udp_sendmsg+0x24ec/0x35e0 [ 1380.418752] ? ip_reply_glue_bits+0xc0/0xc0 [ 1380.423068] ? udp4_lib_lookup2+0x340/0x340 [ 1380.427383] ? graph_lock+0x170/0x170 [ 1380.431177] ? expand_files.part.8+0x9a0/0x9a0 [ 1380.435744] ? check_same_owner+0x320/0x320 [ 1380.440060] ? lock_downgrade+0x8e0/0x8e0 [ 1380.444195] ? lock_release+0xa10/0xa10 [ 1380.448154] ? check_same_owner+0x320/0x320 [ 1380.452470] ? __check_object_size+0x95/0x5d9 [ 1380.456956] inet_sendmsg+0x19f/0x690 [ 1380.460745] ? __might_sleep+0x95/0x190 [ 1380.464711] ? ipip_gro_receive+0x100/0x100 [ 1380.469280] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1380.474806] ? security_socket_sendmsg+0x94/0xc0 [ 1380.479546] ? ipip_gro_receive+0x100/0x100 [ 1380.483866] sock_sendmsg+0xd5/0x120 [ 1380.487571] __sys_sendto+0x3d7/0x670 [ 1380.491358] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1380.496020] ? wait_for_completion+0x870/0x870 [ 1380.500594] ? __lock_is_held+0xb5/0x140 [ 1380.504652] ? __sb_end_write+0xac/0xe0 [ 1380.508617] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1380.514151] ? fput+0x130/0x1a0 [ 1380.517417] ? ksys_write+0x1a6/0x250 [ 1380.521203] ? __ia32_sys_read+0xb0/0xb0 [ 1380.525253] __ia32_sys_sendto+0xdf/0x1a0 [ 1380.529387] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1380.534391] do_fast_syscall_32+0x345/0xf9b [ 1380.538716] ? do_int80_syscall_32+0x880/0x880 [ 1380.543305] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1380.548143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1380.553678] ? syscall_return_slowpath+0x30f/0x5c0 [ 1380.558600] ? sysret32_from_system_call+0x5/0x46 [ 1380.563431] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1380.568281] entry_SYSENTER_compat+0x70/0x7f [ 1380.572675] RIP: 0023:0xf7f63cb9 [ 1380.576025] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1380.583718] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1380.590974] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1380.598231] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:07 executing program 3: ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000100)={'syz_tun\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="1a0000000001000000000000000000000000000000"]}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000040)={0x69f7, 0x89a, 0x100, 0x101, 0x7fff, 0xfffffffffffffffb, 0x3, 0xfd2, 0x7ff, 0x4}) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)=""/255, 0x443}], 0x140) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x2) dup3(r1, r0, 0x0) write(r0, &(0x7f0000c34fff), 0xffffff0b) 2018/06/01 03:16:07 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000fbffff"], 0x60}, 0x1}, 0x0) [ 1380.605495] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1380.612749] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:07 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:07 executing program 6: r0 = memfd_create(&(0x7f0000000000)='}em0\x00', 0x0) fgetxattr(r0, &(0x7f00000000c0)=@random={'user.', 'system.posix_acl_default\x00'}, &(0x7f0000000140)=""/184, 0xf8) 2018/06/01 03:16:07 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000040000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:07 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0xa4f8) prctl$setname(0xf, &(0x7f0000000040)='\x00') ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000080)={[], 0x0, 0x200}) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000180)=0xfffffffffffffffd) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x7, 0x8000) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000200)='team\x00') getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000880)={@remote, @multicast1, 0x0}, &(0x7f00000008c0)=0xc) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000980)={'team0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000009c0)={{{@in, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@remote}}, &(0x7f0000000ac0)=0xe8) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000001000)={@empty, @broadcast, 0x0}, &(0x7f0000001040)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000001080)={{{@in6=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, &(0x7f0000001180)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000011c0)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f00000012c0)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001480)={{{@in6=@mcast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000001580)=0xe8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f00000015c0)={'gretap0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001600)={'ip6gretap0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001640)={{{@in6=@ipv4={[], [], @broadcast}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000001740)=0xe8) accept4$packet(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, 0x0}, &(0x7f00000017c0)=0x14, 0x80800) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000001800)={@broadcast, @local, 0x0}, &(0x7f0000001840)=0xc) sendmsg$TEAM_CMD_NOOP(r3, &(0x7f0000001d80)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001d40)={&(0x7f0000001880)={0x49c, r4, 0x0, 0x70bd26, 0x25dfdbfd, {}, [{{0x8, 0x1, r5}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0x218, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x9}}, {0x8, 0x7}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r10}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9fb}}}]}}, {{0x8, 0x1, r12}, {0x214, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xffffffff00000001}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r13}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r14}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r15}}, {0x8, 0x7}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r16}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xffffffff}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7a000000000}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1edd}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xffffffffffff0000}}}]}}]}, 0x49c}, 0x1, 0x0, 0x0, 0xc000}, 0x24044800) 2018/06/01 03:16:07 executing program 2 (fault-call:2 fault-nth:54): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:07 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1380.722913] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1380.816636] FAULT_INJECTION: forcing a failure. [ 1380.816636] name failslab, interval 1, probability 0, space 0, times 0 [ 1380.828134] CPU: 0 PID: 22803 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1380.835515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1380.844888] Call Trace: [ 1380.847582] dump_stack+0x1b9/0x294 [ 1380.851216] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1380.856397] ? is_bpf_text_address+0xd7/0x170 [ 1380.860891] ? kernel_text_address+0x79/0xf0 [ 1380.865294] ? __unwind_start+0x166/0x330 [ 1380.870997] should_fail.cold.4+0xa/0x1a [ 1380.875050] ? __save_stack_trace+0x7e/0xd0 [ 1380.879386] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1380.884483] ? save_stack+0xa9/0xd0 [ 1380.888107] ? save_stack+0x43/0xd0 [ 1380.891720] ? kasan_kmalloc+0xc4/0xe0 [ 1380.895608] ? kasan_slab_alloc+0x12/0x20 [ 1380.899747] ? find_held_lock+0x36/0x1c0 [ 1380.903808] ? check_same_owner+0x320/0x320 [ 1380.908131] ? rcu_note_context_switch+0x710/0x710 [ 1380.913049] __should_failslab+0x124/0x180 [ 1380.917281] should_failslab+0x9/0x14 [ 1380.921113] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1380.926212] __kmalloc_node_track_caller+0x33/0x70 [ 1380.931138] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1380.935883] __alloc_skb+0x14d/0x780 [ 1380.939588] ? skb_scrub_packet+0x580/0x580 [ 1380.943902] ? dst_init+0x459/0x600 [ 1380.947525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1380.953070] ? ip_generic_getfrag+0x11c/0x2d0 [ 1380.957567] ? ip_reply_glue_bits+0xc0/0xc0 [ 1380.961892] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1380.966895] ? skb_put+0x17b/0x1e0 [ 1380.970427] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1380.975438] ? ip_reply_glue_bits+0xc0/0xc0 [ 1380.979763] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1380.985560] ? xfrm_policy_lookup+0x70/0x70 [ 1380.989876] ? ipv4_mtu+0x375/0x580 [ 1380.993493] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1380.998942] ? find_held_lock+0x36/0x1c0 [ 1381.003019] ? ip_setup_cork+0x44d/0x6d0 [ 1381.007080] ip_make_skb+0x2be/0x350 [ 1381.010782] ? ip_reply_glue_bits+0xc0/0xc0 [ 1381.015101] ? ip_flush_pending_frames+0x30/0x30 [ 1381.019850] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1381.025392] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1381.030919] ? xfrm_lookup_route+0x64/0x1f0 [ 1381.035263] udp_sendmsg+0x24ec/0x35e0 [ 1381.039146] ? ip_reply_glue_bits+0xc0/0xc0 [ 1381.043461] ? udp4_lib_lookup2+0x340/0x340 [ 1381.047782] ? graph_lock+0x170/0x170 [ 1381.051587] ? expand_files.part.8+0x9a0/0x9a0 [ 1381.056153] ? check_same_owner+0x320/0x320 [ 1381.060469] ? lock_downgrade+0x8e0/0x8e0 [ 1381.064601] ? lock_release+0xa10/0xa10 [ 1381.068569] ? check_same_owner+0x320/0x320 [ 1381.072888] ? __check_object_size+0x95/0x5d9 [ 1381.077373] inet_sendmsg+0x19f/0x690 [ 1381.081158] ? __might_sleep+0x95/0x190 [ 1381.085120] ? ipip_gro_receive+0x100/0x100 [ 1381.089443] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1381.094973] ? security_socket_sendmsg+0x94/0xc0 [ 1381.099716] ? ipip_gro_receive+0x100/0x100 [ 1381.104042] sock_sendmsg+0xd5/0x120 [ 1381.107749] __sys_sendto+0x3d7/0x670 [ 1381.112234] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1381.116892] ? wait_for_completion+0x870/0x870 [ 1381.121461] ? __lock_is_held+0xb5/0x140 [ 1381.125518] ? __sb_end_write+0xac/0xe0 [ 1381.129483] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1381.135009] ? fput+0x130/0x1a0 [ 1381.138292] ? ksys_write+0x1a6/0x250 [ 1381.142083] ? __do_page_fault+0x441/0xe40 [ 1381.146307] ? __ia32_sys_read+0xb0/0xb0 [ 1381.150361] __ia32_sys_sendto+0xdf/0x1a0 [ 1381.154504] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1381.159512] do_fast_syscall_32+0x345/0xf9b [ 1381.163821] ? do_int80_syscall_32+0x880/0x880 [ 1381.168402] ? _raw_spin_unlock_irq+0x27/0x70 [ 1381.172888] ? finish_task_switch+0x1ca/0x840 [ 1381.177376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1381.182900] ? syscall_return_slowpath+0x30f/0x5c0 [ 1381.187827] ? sysret32_from_system_call+0x5/0x46 [ 1381.192660] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1381.197497] entry_SYSENTER_compat+0x70/0x7f [ 1381.201907] RIP: 0023:0xf7f63cb9 [ 1381.205260] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1381.213389] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1381.220731] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1381.227987] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1381.235257] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1381.242518] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1381.267805] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:08 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000007f520e"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:08 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x6}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:08 executing program 7: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r0 = socket(0x40000000002, 0x3, 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8dc, 0x20}, 0x331) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x48, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0xfffffffffffffffc, 0x418, &(0x7f00001a7f05)=""/251}, 0x48) ioctl$sock_proto_private(r0, 0x89e0, &(0x7f0000000000)) 2018/06/01 03:16:08 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:08 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00003e4000)={&(0x7f0000e87000)={0x10}, 0xc, &(0x7f0000a3bff8)={&(0x7f0000000400)=@getlink={0x38, 0x12, 0x209, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, [@IFLA_INFO_KIND={0x4, 0x1, 'user{\x00'}]}, @IFLA_MASTER={0x8, 0xa}]}, 0x38}, 0x1}, 0x0) fdatasync(r0) ioctl$sock_ipx_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000040)={'bpq0\x00', {0x4, 0x401, 0x0, "8500fcae8cbd"}}) 2018/06/01 03:16:08 executing program 1: r0 = socket$inet6(0xa, 0x80001, 0x0) r1 = dup3(r0, r0, 0x80003) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x0, 0x80000001}) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000005c0)={0x6, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2d, &(0x7f0000000280)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x8c) 2018/06/01 03:16:08 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x4) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sysfs$1(0x1, &(0x7f0000000040)='\\\x00') writev(r0, &(0x7f00000a8000), 0x20000000000001df) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x424400) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f00000003c0), &(0x7f0000000440)) getsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000080), &(0x7f00000000c0)=0x4) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r1, 0x118, 0x1, &(0x7f0000000400)=0x100000000, 0x4) alarm(0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(r1, 0x29, 0x44, &(0x7f0000000340)={'HL\x00'}, &(0x7f0000000380)=0x1e) getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f00000002c0)={'nat\x00', 0x0, 0x3, 0x4b, [], 0x7, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000240)=""/75}, &(0x7f0000000100)=0x50) 2018/06/01 03:16:08 executing program 2 (fault-call:2 fault-nth:55): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1381.533156] FAULT_INJECTION: forcing a failure. [ 1381.533156] name failslab, interval 1, probability 0, space 0, times 0 [ 1381.544507] CPU: 0 PID: 22821 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1381.551887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1381.561257] Call Trace: [ 1381.563876] dump_stack+0x1b9/0x294 [ 1381.567611] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1381.572822] ? unwind_get_return_address+0x61/0xa0 [ 1381.578123] ? __save_stack_trace+0x7e/0xd0 2018/06/01 03:16:08 executing program 7: r0 = socket$kcm(0x2, 0x6, 0x0) getsockopt$bt_hci(r0, 0x10d, 0xa, &(0x7f0000000000)=""/86, &(0x7f0000000180)=0x56) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) r2 = socket$unix(0x1, 0x82, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0401273, &(0x7f0000000400)={[], 0x0, 0x7fff, 0x3}) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) getsockname$unix(r2, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x80040, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000001c0)='tunl0\x00', 0x10) sendto$inet(r1, &(0x7f00006d1fd4)="db", 0x1, 0x4000000, &(0x7f00004daff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 1381.582463] should_fail.cold.4+0xa/0x1a [ 1381.586547] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1381.591670] ? save_stack+0xa9/0xd0 [ 1381.595316] ? save_stack+0x43/0xd0 [ 1381.598959] ? kasan_kmalloc+0xc4/0xe0 [ 1381.602865] ? __kmalloc_node_track_caller+0x47/0x70 [ 1381.607985] ? __alloc_skb+0x14d/0x780 [ 1381.611892] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1381.617092] ? ip_make_skb+0x2be/0x350 [ 1381.620992] ? udp_sendmsg+0x24ec/0x35e0 [ 1381.625074] ? inet_sendmsg+0x19f/0x690 [ 1381.629066] ? sock_sendmsg+0xd5/0x120 [ 1381.632952] ? __sys_sendto+0x3d7/0x670 [ 1381.636920] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1381.641240] ? do_fast_syscall_32+0x345/0xf9b [ 1381.645738] ? find_held_lock+0x36/0x1c0 [ 1381.649827] ? check_same_owner+0x320/0x320 [ 1381.654146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1381.659676] ? rcu_note_context_switch+0x710/0x710 [ 1381.664608] __should_failslab+0x124/0x180 [ 1381.668843] should_failslab+0x9/0x14 [ 1381.672633] kmem_cache_alloc_node+0x272/0x780 [ 1381.677392] __alloc_skb+0x111/0x780 [ 1381.681121] ? skb_scrub_packet+0x580/0x580 [ 1381.685451] ? dst_init+0x459/0x600 [ 1381.689076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1381.694618] ? ip_generic_getfrag+0x11c/0x2d0 [ 1381.699114] ? ip_reply_glue_bits+0xc0/0xc0 [ 1381.703441] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1381.708450] ? skb_put+0x17b/0x1e0 [ 1381.711993] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1381.717031] ? ip_reply_glue_bits+0xc0/0xc0 [ 1381.721355] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1381.727150] ? xfrm_policy_lookup+0x70/0x70 [ 1381.731474] ? ipv4_mtu+0x375/0x580 [ 1381.735455] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1381.740907] ? find_held_lock+0x36/0x1c0 [ 1381.744974] ? ip_setup_cork+0x44d/0x6d0 [ 1381.749038] ip_make_skb+0x2be/0x350 [ 1381.752748] ? ip_reply_glue_bits+0xc0/0xc0 [ 1381.757062] ? ip_flush_pending_frames+0x30/0x30 [ 1381.761826] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1381.767364] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1381.772909] ? xfrm_lookup_route+0x64/0x1f0 [ 1381.777239] udp_sendmsg+0x24ec/0x35e0 [ 1381.781127] ? ip_reply_glue_bits+0xc0/0xc0 [ 1381.785447] ? udp4_lib_lookup2+0x340/0x340 [ 1381.789771] ? graph_lock+0x170/0x170 [ 1381.793582] ? expand_files.part.8+0x9a0/0x9a0 [ 1381.798176] ? check_same_owner+0x320/0x320 [ 1381.802506] ? lock_downgrade+0x8e0/0x8e0 [ 1381.806644] ? lock_release+0xa10/0xa10 [ 1381.810606] ? check_same_owner+0x320/0x320 [ 1381.814917] ? __check_object_size+0x95/0x5d9 [ 1381.819417] inet_sendmsg+0x19f/0x690 [ 1381.823235] ? __might_sleep+0x95/0x190 [ 1381.827201] ? ipip_gro_receive+0x100/0x100 [ 1381.831536] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1381.837069] ? security_socket_sendmsg+0x94/0xc0 [ 1381.841815] ? ipip_gro_receive+0x100/0x100 [ 1381.846219] sock_sendmsg+0xd5/0x120 [ 1381.849927] __sys_sendto+0x3d7/0x670 [ 1381.853727] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1381.858389] ? wait_for_completion+0x870/0x870 [ 1381.862968] ? __lock_is_held+0xb5/0x140 [ 1381.867384] ? __sb_end_write+0xac/0xe0 [ 1381.871353] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1381.876881] ? fput+0x130/0x1a0 [ 1381.880153] ? ksys_write+0x1a6/0x250 [ 1381.883945] ? __do_page_fault+0x441/0xe40 [ 1381.888173] ? __ia32_sys_read+0xb0/0xb0 [ 1381.892230] __ia32_sys_sendto+0xdf/0x1a0 [ 1381.896370] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1381.901388] do_fast_syscall_32+0x345/0xf9b [ 1381.905703] ? do_int80_syscall_32+0x880/0x880 [ 1381.910275] ? _raw_spin_unlock_irq+0x27/0x70 [ 1381.914767] ? finish_task_switch+0x1ca/0x840 [ 1381.919352] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1381.924880] ? syscall_return_slowpath+0x30f/0x5c0 [ 1381.929827] ? sysret32_from_system_call+0x5/0x46 [ 1381.934675] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1381.939513] entry_SYSENTER_compat+0x70/0x7f [ 1381.943920] RIP: 0023:0xf7f63cb9 [ 1381.947273] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1381.954978] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1381.962259] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1381.969801] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1381.977071] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1381.984342] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1381.998362] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:08 executing program 6: r0 = socket$unix(0x1, 0x3, 0x0) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000280)) perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f00000002c0)) 2018/06/01 03:16:08 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:08 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x2, 0x20081) ioctl$sock_netrom_TIOCINQ(r0, 0x541b, &(0x7f0000000040)) r1 = syz_open_dev$sndseq(&(0x7f00000002c0)='/dev/snd/seq\x00', 0x0, 0x2) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@mcast1, @in6=@local}}, {{@in6=@local}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0xc058534f, &(0x7f00000000c0)={0xe14}) syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x8001) 2018/06/01 03:16:08 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:08 executing program 2 (fault-call:2 fault-nth:56): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1382.164606] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1382.176591] FAULT_INJECTION: forcing a failure. [ 1382.176591] name failslab, interval 1, probability 0, space 0, times 0 [ 1382.188072] CPU: 0 PID: 22860 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1382.195450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1382.204819] Call Trace: [ 1382.207412] dump_stack+0x1b9/0x294 [ 1382.211045] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1382.216228] ? perf_trace_lock_acquire+0xe3/0x980 [ 1382.221072] should_fail.cold.4+0xa/0x1a [ 1382.225131] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1382.230242] ? save_stack+0x43/0xd0 [ 1382.233863] ? kasan_slab_alloc+0x12/0x20 [ 1382.238008] ? find_held_lock+0x36/0x1c0 [ 1382.242091] ? check_same_owner+0x320/0x320 [ 1382.246413] ? rcu_note_context_switch+0x710/0x710 [ 1382.251344] __should_failslab+0x124/0x180 [ 1382.255588] should_failslab+0x9/0x14 [ 1382.259400] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1382.264527] __kmalloc_node_track_caller+0x33/0x70 [ 1382.269460] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1382.274216] __alloc_skb+0x14d/0x780 [ 1382.277943] ? skb_scrub_packet+0x580/0x580 [ 1382.282275] ? dst_init+0x459/0x600 [ 1382.285906] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1382.291441] ? ip_generic_getfrag+0x11c/0x2d0 [ 1382.295962] ? ip_reply_glue_bits+0xc0/0xc0 [ 1382.300289] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1382.305307] ? skb_put+0x17b/0x1e0 [ 1382.308848] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1382.313875] ? ip_reply_glue_bits+0xc0/0xc0 [ 1382.318201] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1382.323997] ? xfrm_policy_lookup+0x70/0x70 [ 1382.328323] ? ipv4_mtu+0x375/0x580 [ 1382.331952] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1382.337393] ? find_held_lock+0x36/0x1c0 [ 1382.341474] ? ip_setup_cork+0x44d/0x6d0 [ 1382.345531] ip_make_skb+0x2be/0x350 [ 1382.349267] ? ip_reply_glue_bits+0xc0/0xc0 [ 1382.353586] ? ip_flush_pending_frames+0x30/0x30 [ 1382.358342] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1382.363883] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1382.369414] ? xfrm_lookup_route+0x64/0x1f0 [ 1382.373738] udp_sendmsg+0x24ec/0x35e0 [ 1382.377795] ? perf_trace_lock+0xd6/0x900 [ 1382.381950] ? ip_reply_glue_bits+0xc0/0xc0 [ 1382.386280] ? udp4_lib_lookup2+0x340/0x340 [ 1382.390606] ? graph_lock+0x170/0x170 [ 1382.394410] ? expand_files.part.8+0x9a0/0x9a0 [ 1382.399011] ? lock_downgrade+0x8e0/0x8e0 [ 1382.403170] ? lock_release+0xa10/0xa10 [ 1382.407242] ? __check_object_size+0x95/0x5d9 [ 1382.411736] inet_sendmsg+0x19f/0x690 [ 1382.415528] ? __might_sleep+0x95/0x190 [ 1382.419507] ? ipip_gro_receive+0x100/0x100 [ 1382.423974] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1382.429653] ? security_socket_sendmsg+0x94/0xc0 [ 1382.434426] ? ipip_gro_receive+0x100/0x100 [ 1382.438752] sock_sendmsg+0xd5/0x120 [ 1382.442477] __sys_sendto+0x3d7/0x670 [ 1382.446280] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1382.450957] ? wait_for_completion+0x870/0x870 [ 1382.455571] ? __sb_end_write+0xac/0xe0 [ 1382.459560] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1382.465107] ? fput+0x130/0x1a0 [ 1382.468385] ? ksys_write+0x1a6/0x250 [ 1382.472713] ? __do_page_fault+0x441/0xe40 [ 1382.476966] ? __ia32_sys_read+0xb0/0xb0 [ 1382.481058] __ia32_sys_sendto+0xdf/0x1a0 [ 1382.485204] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1382.490216] do_fast_syscall_32+0x345/0xf9b [ 1382.494538] ? do_int80_syscall_32+0x880/0x880 [ 1382.499558] ? finish_task_switch+0x1ca/0x840 [ 1382.504057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1382.509600] ? syscall_return_slowpath+0x30f/0x5c0 [ 1382.514528] ? sysret32_from_system_call+0x5/0x46 [ 1382.519644] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1382.524505] entry_SYSENTER_compat+0x70/0x7f [ 1382.528911] RIP: 0023:0xf7f63cb9 [ 1382.532275] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1382.540778] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1382.548235] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1382.555505] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:09 executing program 3: mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2, 0x32, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)) r0 = fcntl$getown(0xffffffffffffff9c, 0x9) r1 = syz_open_procfs(r0, &(0x7f0000000080)="0001705f66696c657300") renameat2(r1, &(0x7f0000000000)='/\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x1) getdents(r1, &(0x7f0000000200)=""/162, 0x1f7) getdents(r1, &(0x7f0000000ea9)=""/407, 0x197) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}}}, &(0x7f0000000140)=0xe8) bind$packet(r1, &(0x7f0000000180)={0x11, 0xd, r2, 0x1, 0x1, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xd}}, 0x14) mkdirat(r1, &(0x7f0000000100)='./file0\x00', 0x8) 2018/06/01 03:16:09 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x3}, 0x1c) shutdown(r0, 0x0) [ 1382.562780] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1382.570045] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:10 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:10 executing program 1: fsync(0xffffffffffffffff) lseek(0xffffffffffffffff, 0x0, 0x0) 2018/06/01 03:16:10 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:10 executing program 6: r0 = memfd_create(&(0x7f0000a32ff6)='/dev/ptmx\x00', 0x2) ftruncate(r0, 0xffff) readv(r0, &(0x7f0000001600)=[{&(0x7f0000000000)=""/156, 0x9c}, {&(0x7f00000000c0)=""/179, 0xb3}, {&(0x7f0000000180)=""/199, 0xc7}, {&(0x7f0000000280)=""/243, 0xf3}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/190, 0xbe}, {&(0x7f0000001440)=""/227, 0xe3}, {&(0x7f0000001540)=""/188, 0xbc}], 0x8) fcntl$addseals(r0, 0x409, 0xf) ftruncate(r0, 0x0) 2018/06/01 03:16:10 executing program 7: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x0, 0x108000001, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r2 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, 0x0}) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x5, 0x2, 0x0, 0x0, 0x0, 0xf9e1, 0x82214, 0x4, 0x8000, 0x8, 0xa281, 0x80000001, 0x1d220000000, 0x9, 0xffffffff7fffffff, 0x8, 0x9, 0x3, 0x255, 0xd46a, 0x80000000, 0x23, 0x9, 0x1ff, 0x100000001, 0xfffffffffffffffd, 0x7fffffff, 0x4, 0x5, 0x5, 0x4, 0x80000000, 0x10000, 0x236b7216, 0x401, 0x2, 0x0, 0x2, 0x1, @perf_config_ext={0x1, 0x9}, 0x2403, 0x4, 0x2, 0x7, 0x3, 0x80, 0x2ee}, r3, 0xc, r1, 0xa) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) 2018/06/01 03:16:10 executing program 2 (fault-call:2 fault-nth:57): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:10 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x8}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:10 executing program 3: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) poll(&(0x7f0000000000)=[{r0}], 0x1, 0xffffffffffffffe1) syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x8000) close(r1) [ 1383.597278] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1383.612805] FAULT_INJECTION: forcing a failure. [ 1383.612805] name failslab, interval 1, probability 0, space 0, times 0 [ 1383.624134] CPU: 0 PID: 22891 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1383.631506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1383.640871] Call Trace: [ 1383.643484] dump_stack+0x1b9/0x294 2018/06/01 03:16:10 executing program 1: io_setup(0xda4, &(0x7f0000000000)=0x0) r1 = socket(0x2, 0x803, 0xff) shutdown(r1, 0x1) connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0xffffffffffffff6b) r2 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0x0) keyctl$clear(0x7, r2) io_setup(0x7ff, &(0x7f0000000100)) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000500)="cf36a3a14b6f20e57d1441c5507c0cc1712bdaf7", 0x14}]) r3 = syz_open_dev$sndmidi(&(0x7f0000000180)='/dev/snd/midiC#D#\x00', 0x1ff, 0x410000) faccessat(r3, &(0x7f00000001c0)='./file0\x00', 0x4, 0x1000) [ 1383.647142] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1383.652359] ? unwind_get_return_address+0x61/0xa0 [ 1383.657317] ? __save_stack_trace+0x7e/0xd0 [ 1383.661670] should_fail.cold.4+0xa/0x1a [ 1383.665758] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1383.670894] ? save_stack+0xa9/0xd0 [ 1383.674540] ? save_stack+0x43/0xd0 [ 1383.678187] ? kasan_kmalloc+0xc4/0xe0 [ 1383.682093] ? __kmalloc_node_track_caller+0x47/0x70 [ 1383.687220] ? __alloc_skb+0x14d/0x780 [ 1383.691306] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1383.696661] ? ip_make_skb+0x2be/0x350 [ 1383.700568] ? udp_sendmsg+0x24ec/0x35e0 [ 1383.704647] ? inet_sendmsg+0x19f/0x690 [ 1383.708637] ? sock_sendmsg+0xd5/0x120 [ 1383.712541] ? __sys_sendto+0x3d7/0x670 [ 1383.716520] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1383.720849] ? do_fast_syscall_32+0x345/0xf9b [ 1383.725347] ? find_held_lock+0x36/0x1c0 [ 1383.729444] ? check_same_owner+0x320/0x320 [ 1383.733765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1383.739297] ? rcu_note_context_switch+0x710/0x710 [ 1383.744224] __should_failslab+0x124/0x180 [ 1383.748452] should_failslab+0x9/0x14 [ 1383.752432] kmem_cache_alloc_node+0x272/0x780 [ 1383.757023] __alloc_skb+0x111/0x780 [ 1383.760737] ? skb_scrub_packet+0x580/0x580 [ 1383.765057] ? dst_init+0x459/0x600 [ 1383.768696] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1383.774246] ? ip_generic_getfrag+0x11c/0x2d0 [ 1383.778749] ? ip_reply_glue_bits+0xc0/0xc0 [ 1383.783240] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1383.788261] ? skb_put+0x17b/0x1e0 [ 1383.791802] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1383.796827] ? ip_reply_glue_bits+0xc0/0xc0 [ 1383.801166] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1383.806958] ? xfrm_policy_lookup+0x70/0x70 [ 1383.811272] ? ipv4_mtu+0x375/0x580 [ 1383.814892] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1383.820341] ? find_held_lock+0x36/0x1c0 [ 1383.824406] ? ip_setup_cork+0x44d/0x6d0 [ 1383.828462] ip_make_skb+0x2be/0x350 [ 1383.832190] ? ip_reply_glue_bits+0xc0/0xc0 [ 1383.836511] ? ip_flush_pending_frames+0x30/0x30 [ 1383.841273] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1383.846825] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1383.852360] ? xfrm_lookup_route+0x64/0x1f0 [ 1383.856691] udp_sendmsg+0x24ec/0x35e0 [ 1383.860574] ? ip_reply_glue_bits+0xc0/0xc0 [ 1383.864905] ? udp4_lib_lookup2+0x340/0x340 [ 1383.869219] ? graph_lock+0x170/0x170 [ 1383.873034] ? expand_files.part.8+0x9a0/0x9a0 [ 1383.877605] ? check_same_owner+0x320/0x320 [ 1383.881948] ? lock_downgrade+0x8e0/0x8e0 [ 1383.886089] ? lock_release+0xa10/0xa10 [ 1383.890054] ? check_same_owner+0x320/0x320 [ 1383.894370] ? __check_object_size+0x95/0x5d9 [ 1383.898871] inet_sendmsg+0x19f/0x690 [ 1383.902676] ? __might_sleep+0x95/0x190 [ 1383.906643] ? ipip_gro_receive+0x100/0x100 [ 1383.910959] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1383.916509] ? security_socket_sendmsg+0x94/0xc0 [ 1383.921252] ? ipip_gro_receive+0x100/0x100 [ 1383.925568] sock_sendmsg+0xd5/0x120 [ 1383.929281] __sys_sendto+0x3d7/0x670 [ 1383.933075] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1383.937738] ? wait_for_completion+0x870/0x870 [ 1383.942317] ? __lock_is_held+0xb5/0x140 [ 1383.946380] ? __sb_end_write+0xac/0xe0 [ 1383.950354] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1383.955881] ? fput+0x130/0x1a0 [ 1383.959154] ? ksys_write+0x1a6/0x250 [ 1383.962942] ? __do_page_fault+0x441/0xe40 [ 1383.967169] ? __ia32_sys_read+0xb0/0xb0 [ 1383.971227] __ia32_sys_sendto+0xdf/0x1a0 [ 1383.975366] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1383.980385] do_fast_syscall_32+0x345/0xf9b [ 1383.984712] ? do_int80_syscall_32+0x880/0x880 [ 1383.989284] ? _raw_spin_unlock_irq+0x27/0x70 [ 1383.993770] ? finish_task_switch+0x1ca/0x840 [ 1383.999085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1384.004616] ? syscall_return_slowpath+0x30f/0x5c0 [ 1384.009556] ? sysret32_from_system_call+0x5/0x46 [ 1384.014392] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1384.019228] entry_SYSENTER_compat+0x70/0x7f [ 1384.023625] RIP: 0023:0xf7f63cb9 [ 1384.026975] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1384.034675] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1384.041937] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 2018/06/01 03:16:10 executing program 6: r0 = socket$inet(0x2, 0x200000002, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000080)={@multicast1=0xe0000001, @local={0xac, 0x14, 0x14, 0xaa}}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000100)={@multicast1=0xe0000001, @local={0xac, 0x14, 0x14, 0xaa}, 0x0, 0x2, [@rand_addr=0xfffffffffffffffd, @rand_addr]}, 0x18) clock_nanosleep(0x4, 0x0, &(0x7f0000000240)={0x77359400}, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f00000000c0), &(0x7f00000002c0)=0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2=0xe0000002}, 0x10) syz_emit_ethernet(0x2e, &(0x7f0000000140)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @random="5ba4aaea598a", [{[], {0x8100, 0xd5b, 0x80000001, 0x1}}], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1=0xe0000001}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x10002, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000280)={0x5, 0x4, 0xd57, 0x80}) getpeername(r1, &(0x7f0000000180)=@ax25, &(0x7f0000000200)=0x80) 2018/06/01 03:16:10 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1384.049207] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1384.056470] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1384.063724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:10 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:10 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fdinfo\x00') getdents(r0, &(0x7f0000000200)=""/238, 0xee) getdents64(r0, &(0x7f0000000000)=""/78, 0x4e) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000000140)=0x1) getdents(r0, &(0x7f0000000080)=""/188, 0x24a) 2018/06/01 03:16:10 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000000)='cpuset\x00', 0x0, &(0x7f000000a000)) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x3, 0x100000001, 0x6e6, 0x1f, 0x7f, 0xffffffffffffffff, 0x4, {0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1c}}}, 0x1, 0x4, 0x2, 0x810, 0x8ad}}, &(0x7f00000000c0)=0xb0) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={r1, 0xfffffffffffffff7}, 0x8) 2018/06/01 03:16:10 executing program 2 (fault-call:2 fault-nth:58): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:10 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:10 executing program 7: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x101002, 0x0) preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/62, 0x3e}], 0x1, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000b94000)=""/246) syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@empty, @multicast2=0xe0000002}, 0x8) pwritev(r0, &(0x7f0000000040), 0x19d, 0x0) [ 1384.204700] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1384.253386] FAULT_INJECTION: forcing a failure. [ 1384.253386] name failslab, interval 1, probability 0, space 0, times 0 [ 1384.264796] CPU: 0 PID: 22921 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1384.272176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1384.281628] Call Trace: [ 1384.284241] dump_stack+0x1b9/0x294 [ 1384.287892] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1384.293097] ? is_bpf_text_address+0xd7/0x170 [ 1384.297618] should_fail.cold.4+0xa/0x1a [ 1384.301695] ? __save_stack_trace+0x7e/0xd0 [ 1384.306037] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1384.311178] ? save_stack+0x43/0xd0 [ 1384.314828] ? kasan_kmalloc+0xc4/0xe0 [ 1384.318739] ? kasan_slab_alloc+0x12/0x20 [ 1384.322911] ? find_held_lock+0x36/0x1c0 [ 1384.327017] ? check_same_owner+0x320/0x320 [ 1384.331358] ? rcu_note_context_switch+0x710/0x710 [ 1384.336313] __should_failslab+0x124/0x180 [ 1384.340577] should_failslab+0x9/0x14 [ 1384.344392] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1384.349529] __kmalloc_node_track_caller+0x33/0x70 [ 1384.354470] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1384.359244] __alloc_skb+0x14d/0x780 [ 1384.362954] ? skb_scrub_packet+0x580/0x580 [ 1384.367274] ? dst_init+0x459/0x600 [ 1384.370921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1384.376451] ? ip_generic_getfrag+0x11c/0x2d0 [ 1384.381113] ? ip_reply_glue_bits+0xc0/0xc0 [ 1384.385431] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1384.390456] ? skb_put+0x17b/0x1e0 [ 1384.394086] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1384.399111] ? ip_reply_glue_bits+0xc0/0xc0 [ 1384.403440] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1384.409244] ? xfrm_policy_lookup+0x70/0x70 [ 1384.413562] ? ipv4_mtu+0x375/0x580 [ 1384.417192] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1384.422636] ? find_held_lock+0x36/0x1c0 [ 1384.426705] ? ip_setup_cork+0x44d/0x6d0 [ 1384.430764] ip_make_skb+0x2be/0x350 [ 1384.434480] ? ip_reply_glue_bits+0xc0/0xc0 [ 1384.438813] ? ip_flush_pending_frames+0x30/0x30 [ 1384.443579] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1384.449119] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1384.454664] ? xfrm_lookup_route+0x64/0x1f0 [ 1384.459074] udp_sendmsg+0x24ec/0x35e0 [ 1384.462965] ? perf_trace_lock+0xd6/0x900 [ 1384.467111] ? ip_reply_glue_bits+0xc0/0xc0 [ 1384.471432] ? udp4_lib_lookup2+0x340/0x340 [ 1384.475755] ? graph_lock+0x170/0x170 [ 1384.479568] ? expand_files.part.8+0x9a0/0x9a0 [ 1384.484171] ? lock_downgrade+0x8e0/0x8e0 [ 1384.488317] ? lock_release+0xa10/0xa10 [ 1384.492376] ? check_same_owner+0x320/0x320 [ 1384.496703] ? __check_object_size+0x95/0x5d9 [ 1384.501197] inet_sendmsg+0x19f/0x690 [ 1384.505005] ? __might_sleep+0x95/0x190 [ 1384.508995] ? ipip_gro_receive+0x100/0x100 [ 1384.513322] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1384.518863] ? security_socket_sendmsg+0x94/0xc0 [ 1384.523613] ? ipip_gro_receive+0x100/0x100 [ 1384.527943] sock_sendmsg+0xd5/0x120 [ 1384.531651] __sys_sendto+0x3d7/0x670 [ 1384.535444] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1384.540134] ? wait_for_completion+0x870/0x870 [ 1384.544737] ? __sb_end_write+0xac/0xe0 [ 1384.548720] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1384.554253] ? fput+0x130/0x1a0 [ 1384.557787] ? ksys_write+0x1a6/0x250 [ 1384.561574] ? __do_page_fault+0x441/0xe40 [ 1384.565810] ? __ia32_sys_read+0xb0/0xb0 [ 1384.569875] __ia32_sys_sendto+0xdf/0x1a0 [ 1384.574017] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1384.579045] do_fast_syscall_32+0x345/0xf9b [ 1384.583383] ? do_int80_syscall_32+0x880/0x880 [ 1384.587966] ? _raw_spin_unlock_irq+0x27/0x70 [ 1384.592459] ? finish_task_switch+0x1ca/0x840 [ 1384.596950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1384.602491] ? syscall_return_slowpath+0x30f/0x5c0 [ 1384.607429] ? sysret32_from_system_call+0x5/0x46 [ 1384.612268] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1384.617108] entry_SYSENTER_compat+0x70/0x7f [ 1384.621505] RIP: 0023:0xf7f63cb9 [ 1384.624857] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1384.632559] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1384.639838] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1384.647096] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1384.654361] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1384.661620] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x80200, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000100)={0x401}, 0x1) ioctl$KVM_IRQ_LINE(r1, 0x4010ae67, &(0x7f00000001c0)) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000000c0)) 2018/06/01 03:16:11 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000002000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:11 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xfc}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:11 executing program 7: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x10, 0x0) ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0) setrlimit(0x4000000002, &(0x7f0000000140)={0x4, 0x5}) mremap(&(0x7f000005d000/0x1000)=nil, 0x1000, 0xe000, 0x0, &(0x7f0000b18000/0xe000)=nil) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000040)=""/86) 2018/06/01 03:16:11 executing program 6: r0 = socket(0x10, 0x80002, 0x0) bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) connect$netlink(r0, &(0x7f0000e8f000)=@proc={0x10, 0x0, 0x1}, 0xc) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='veth0_to_bridge\x00', 0x10) connect$netlink(r0, &(0x7f00000002c0)=@unspec, 0xc) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000100), 0x4) recvmsg(r0, &(0x7f0000000080)={&(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x80, &(0x7f00000005c0), 0x0, &(0x7f0000000640)=""/99, 0x63}, 0x0) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000180)) 2018/06/01 03:16:11 executing program 2 (fault-call:2 fault-nth:59): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:11 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:11 executing program 3: socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000080)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x40000002}]}) [ 1384.829701] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1384.834176] FAULT_INJECTION: forcing a failure. [ 1384.834176] name failslab, interval 1, probability 0, space 0, times 0 [ 1384.848538] CPU: 0 PID: 22943 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1384.855911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1384.865276] Call Trace: [ 1384.867886] dump_stack+0x1b9/0x294 [ 1384.871533] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1384.876757] ? unwind_get_return_address+0x61/0xa0 [ 1384.881704] ? __save_stack_trace+0x7e/0xd0 [ 1384.886049] should_fail.cold.4+0xa/0x1a [ 1384.890133] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1384.895260] ? save_stack+0xa9/0xd0 [ 1384.898909] ? save_stack+0x43/0xd0 [ 1384.902552] ? kasan_kmalloc+0xc4/0xe0 [ 1384.906433] ? __kmalloc_node_track_caller+0x47/0x70 [ 1384.911541] ? __alloc_skb+0x14d/0x780 [ 1384.916198] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1384.921395] ? ip_make_skb+0x2be/0x350 [ 1384.925283] ? udp_sendmsg+0x24ec/0x35e0 [ 1384.929331] ? inet_sendmsg+0x19f/0x690 [ 1384.933293] ? sock_sendmsg+0xd5/0x120 [ 1384.937200] ? __sys_sendto+0x3d7/0x670 [ 1384.941162] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1384.945472] ? do_fast_syscall_32+0x345/0xf9b [ 1384.949972] ? find_held_lock+0x36/0x1c0 [ 1384.954053] ? check_same_owner+0x320/0x320 [ 1384.958379] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1384.963931] ? rcu_note_context_switch+0x710/0x710 [ 1384.968860] __should_failslab+0x124/0x180 [ 1384.973972] should_failslab+0x9/0x14 [ 1384.977762] kmem_cache_alloc_node+0x272/0x780 [ 1384.982338] __alloc_skb+0x111/0x780 [ 1384.986049] ? skb_scrub_packet+0x580/0x580 [ 1384.990365] ? dst_init+0x459/0x600 [ 1384.993984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1384.999522] ? ip_generic_getfrag+0x11c/0x2d0 [ 1385.004102] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.008414] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1385.013420] ? skb_put+0x17b/0x1e0 [ 1385.016950] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1385.021970] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.026298] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1385.032085] ? xfrm_policy_lookup+0x70/0x70 [ 1385.036398] ? ipv4_mtu+0x375/0x580 [ 1385.040032] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1385.045481] ? find_held_lock+0x36/0x1c0 [ 1385.049540] ? ip_setup_cork+0x44d/0x6d0 [ 1385.053590] ip_make_skb+0x2be/0x350 [ 1385.057293] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.061605] ? ip_flush_pending_frames+0x30/0x30 [ 1385.066356] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1385.071888] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1385.077413] ? xfrm_lookup_route+0x64/0x1f0 [ 1385.081732] udp_sendmsg+0x24ec/0x35e0 [ 1385.085608] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.089922] ? udp4_lib_lookup2+0x340/0x340 [ 1385.094230] ? graph_lock+0x170/0x170 [ 1385.098030] ? expand_files.part.8+0x9a0/0x9a0 [ 1385.102689] ? check_same_owner+0x320/0x320 [ 1385.107013] ? lock_downgrade+0x8e0/0x8e0 [ 1385.111162] ? lock_release+0xa10/0xa10 [ 1385.115122] ? check_same_owner+0x320/0x320 [ 1385.119966] ? __check_object_size+0x95/0x5d9 [ 1385.124462] inet_sendmsg+0x19f/0x690 [ 1385.128248] ? __might_sleep+0x95/0x190 [ 1385.132208] ? ipip_gro_receive+0x100/0x100 [ 1385.136519] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1385.142045] ? security_socket_sendmsg+0x94/0xc0 [ 1385.146797] ? ipip_gro_receive+0x100/0x100 [ 1385.151131] sock_sendmsg+0xd5/0x120 [ 1385.154849] __sys_sendto+0x3d7/0x670 [ 1385.158639] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1385.163407] ? wait_for_completion+0x870/0x870 [ 1385.167979] ? __lock_is_held+0xb5/0x140 [ 1385.172042] ? __sb_end_write+0xac/0xe0 [ 1385.176019] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1385.181556] ? fput+0x130/0x1a0 [ 1385.184822] ? ksys_write+0x1a6/0x250 [ 1385.188613] ? __do_page_fault+0x441/0xe40 [ 1385.193031] ? __ia32_sys_read+0xb0/0xb0 [ 1385.197118] __ia32_sys_sendto+0xdf/0x1a0 [ 1385.201254] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1385.206614] do_fast_syscall_32+0x345/0xf9b [ 1385.210926] ? do_int80_syscall_32+0x880/0x880 [ 1385.215753] ? _raw_spin_unlock_irq+0x27/0x70 [ 1385.220236] ? finish_task_switch+0x1ca/0x840 [ 1385.224726] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1385.230260] ? syscall_return_slowpath+0x30f/0x5c0 [ 1385.235177] ? sysret32_from_system_call+0x5/0x46 [ 1385.240010] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1385.244859] entry_SYSENTER_compat+0x70/0x7f [ 1385.249263] RIP: 0023:0xf7f63cb9 [ 1385.252620] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1385.260315] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1385.267573] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1385.274828] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:11 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:11 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000020000"], 0x60}, 0x1}, 0x0) [ 1385.282080] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1385.289333] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:12 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x5, 0x105000) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xffffffff, 0x1, 0xffffffff00000001, 0x9, 0x7fffffff}, 0x14) r1 = syz_open_dev$tun(&(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TTUNGETFILTER(r1, 0x894c, &(0x7f0000000140)=""/185) [ 1385.325292] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:12 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:12 executing program 2 (fault-call:2 fault-nth:60): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:12 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:12 executing program 7: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x7fffffff, 0x4) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x200000, 0x0) sendto$inet6(r1, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x2000000000e, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) 2018/06/01 03:16:12 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) recvmsg$kcm(0xffffffffffffff9c, &(0x7f0000000640)={&(0x7f0000000100)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @ipv4={[], [], @multicast1}}}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000180)=""/183, 0xb7}, {&(0x7f0000000240)=""/254, 0xfe}, {&(0x7f0000000340)=""/144, 0x90}, {&(0x7f0000000400)=""/172, 0xac}, {&(0x7f00000004c0)=""/178, 0xb2}], 0x5, &(0x7f00000005c0)=""/100, 0x64}, 0x0) r3 = syz_open_dev$amidi(&(0x7f0000000700)='/dev/amidi#\x00', 0x6, 0x480000) pipe2(&(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) setsockopt$netrom_NETROM_T2(r2, 0x103, 0x2, &(0x7f0000000780), 0x4) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000740)=r3, 0x3) r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r5, 0x40000000af01, &(0x7f0000c97ff8)) pread64(r1, &(0x7f0000000080)=""/34, 0xef, 0x0) connect$inet6(r4, &(0x7f00000006c0)={0xa, 0x4e21, 0xffffffffffffff61, @mcast1={0xff, 0x1, [], 0x1}, 0x9}, 0x1c) munlockall() [ 1385.459809] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1385.499844] FAULT_INJECTION: forcing a failure. [ 1385.499844] name failslab, interval 1, probability 0, space 0, times 0 [ 1385.511235] CPU: 0 PID: 22976 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1385.518608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1385.528145] Call Trace: [ 1385.530929] dump_stack+0x1b9/0x294 [ 1385.534580] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1385.539782] ? is_bpf_text_address+0xd7/0x170 [ 1385.544339] ? kernel_text_address+0x79/0xf0 [ 1385.548974] ? __unwind_start+0x166/0x330 [ 1385.553195] should_fail.cold.4+0xa/0x1a 2018/06/01 03:16:12 executing program 1: r0 = socket$inet(0x10, 0x80000, 0x1) sendmsg(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="2f0000001800030007fffd946fa283bc8020000000040005031d856813000900070014cc16ccbb24e0710b42fa3ccc", 0x2f}], 0x1}, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200000, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f0000000100), &(0x7f0000000140)=0x4) openat$cgroup_procs(r1, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) [ 1385.557271] ? __save_stack_trace+0x7e/0xd0 [ 1385.561608] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1385.566732] ? save_stack+0xa9/0xd0 [ 1385.570386] ? save_stack+0x43/0xd0 [ 1385.574023] ? kasan_kmalloc+0xc4/0xe0 [ 1385.577932] ? kasan_slab_alloc+0x12/0x20 [ 1385.582187] ? find_held_lock+0x36/0x1c0 [ 1385.586301] ? check_same_owner+0x320/0x320 [ 1385.590640] ? rcu_note_context_switch+0x710/0x710 [ 1385.595593] __should_failslab+0x124/0x180 [ 1385.599855] should_failslab+0x9/0x14 [ 1385.603673] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1385.608800] __kmalloc_node_track_caller+0x33/0x70 [ 1385.614640] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1385.619509] __alloc_skb+0x14d/0x780 [ 1385.623246] ? skb_scrub_packet+0x580/0x580 [ 1385.627631] ? dst_init+0x459/0x600 [ 1385.631305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1385.636858] ? ip_generic_getfrag+0x11c/0x2d0 [ 1385.641368] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.645714] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1385.650744] ? skb_put+0x17b/0x1e0 [ 1385.654303] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1385.659368] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.663823] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1385.670424] ? xfrm_policy_lookup+0x70/0x70 [ 1385.674768] ? ipv4_mtu+0x375/0x580 [ 1385.678416] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1385.683889] ? find_held_lock+0x36/0x1c0 [ 1385.687975] ? ip_setup_cork+0x44d/0x6d0 [ 1385.692049] ip_make_skb+0x2be/0x350 [ 1385.696303] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.700817] ? ip_flush_pending_frames+0x30/0x30 [ 1385.705603] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1385.711251] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1385.716802] ? xfrm_lookup_route+0x64/0x1f0 [ 1385.721139] udp_sendmsg+0x24ec/0x35e0 [ 1385.725039] ? ip_reply_glue_bits+0xc0/0xc0 [ 1385.729376] ? udp4_lib_lookup2+0x340/0x340 [ 1385.733704] ? graph_lock+0x170/0x170 [ 1385.737516] ? do_raw_spin_unlock+0x41/0x2e0 [ 1385.741936] ? expand_files.part.8+0x9a0/0x9a0 [ 1385.746791] ? compat_start_thread+0x80/0x80 [ 1385.751210] ? _raw_spin_unlock_irq+0x27/0x70 [ 1385.755729] ? lock_downgrade+0x8e0/0x8e0 [ 1385.759990] ? lock_release+0xa10/0xa10 [ 1385.763967] ? check_same_owner+0x320/0x320 [ 1385.768459] ? __check_object_size+0x95/0x5d9 [ 1385.772949] inet_sendmsg+0x19f/0x690 [ 1385.776756] ? __might_sleep+0x95/0x190 [ 1385.780835] ? ipip_gro_receive+0x100/0x100 [ 1385.785162] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1385.790709] ? security_socket_sendmsg+0x94/0xc0 [ 1385.795721] ? ipip_gro_receive+0x100/0x100 [ 1385.800053] sock_sendmsg+0xd5/0x120 [ 1385.803772] __sys_sendto+0x3d7/0x670 [ 1385.807591] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1385.812270] ? wait_for_completion+0x870/0x870 [ 1385.816871] ? schedule+0xef/0x430 [ 1385.820434] ? retint_kernel+0x10/0x10 [ 1385.824334] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1385.829359] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1385.834130] ? retint_kernel+0x10/0x10 [ 1385.838041] __ia32_sys_sendto+0xdf/0x1a0 [ 1385.842193] ? do_fast_syscall_32+0x17a/0xf9b [ 1385.846688] ? do_fast_syscall_32+0x181/0xf9b [ 1385.851177] do_fast_syscall_32+0x345/0xf9b [ 1385.855487] ? do_int80_syscall_32+0x880/0x880 [ 1385.860144] ? _raw_spin_unlock_irq+0x27/0x70 [ 1385.864998] ? finish_task_switch+0x1ca/0x840 [ 1385.869501] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1385.875063] ? syscall_return_slowpath+0x30f/0x5c0 [ 1385.879985] ? sysret32_from_system_call+0x5/0x46 [ 1385.884845] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1385.889681] entry_SYSENTER_compat+0x70/0x7f [ 1385.894167] RIP: 0023:0xf7f63cb9 [ 1385.897515] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:16:12 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:12 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000004fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket(0xa, 0x1, 0x0) getsockopt$inet6_int(r1, 0x6, 0x6, &(0x7f0000000040), &(0x7f0000013000)=0x221) mmap(&(0x7f0000000000/0xfe3000)=nil, 0xfe3000, 0x3, 0x32, 0xffffffffffffffff, 0x0) close(r0) 2018/06/01 03:16:12 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x600000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:12 executing program 7: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7, 0x2) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000040)={0x0, 0x9}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000000c0)={r1, 0x29, "4cb6c843750064337e93e1a677c93920ed87a5a3423f55a8425c7c6b920b01ca3a94d90c08ad1ffa7e"}, &(0x7f0000000100)=0x31) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={r2, 0x80}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={r3, 0x4}, &(0x7f0000000200)=0x8) ioctl$SG_GET_LOW_DMA(r0, 0x227a, &(0x7f0000000240)) ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0) setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000280)={r3, 0x3ff, 0xba, "11f07b43e737d492cd92055937f0be1835c6c7e292768b4d34c06763db4038f5e00a107fb0c1fdc66c103e4f3f1ec23489e8d9fd7859a680f655cb883561b139f47df0630391e871b67d220868f34f5aba48665d594c23781be3bd20b80732dc37ad438f2af3176d3bff682f66a91a97ac99c81364e6f0752077ac1c760fbc0873b6ac5f3edcd1d28fe47b085895fa614939f6f32e6c73420db4aa59e3c6fc8fdf901e8277361c8776109fdd56c6ab094f77efae6df55a1b4eec"}, 0xc2) r5 = getuid() stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_fuse_mount(&(0x7f0000000380)='./file0\x00', 0x6000, r5, r6, 0x5, 0x3008000) r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000480)='/dev/snapshot\x00', 0x0, 0x0) mkdir(&(0x7f00000004c0)='./file0\x00', 0xa0) setsockopt$bt_BT_RCVMTU(r8, 0x112, 0xd, &(0x7f0000000500)=0x7fff, 0x2) accept4$nfc_llcp(r8, &(0x7f0000000540), &(0x7f00000005c0)=0x58, 0x80000) ioctl$TCSBRKP(r0, 0x5425, 0x1) chdir(&(0x7f0000000600)='./file0\x00') ioctl$SG_GET_TIMEOUT(0xffffffffffffff9c, 0x2202, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000640)={r2, 0x3}, 0x8) truncate(&(0x7f0000000680)='./file0\x00', 0x2) writev(r7, &(0x7f0000000b80)=[{&(0x7f00000006c0)="e36122fbdfb6ce90fd95eb916ee6e594eb534db55da94e767c9cee4b1bda94fbdaad828dc6e13e4c92e1cbb011ff2d1f62cb6de08cd1241d106c177424ed25d06fbc940d3664d21c060f4bf2077536eeaffdd74ed95307648367979031afd9826d75c774d4f484", 0x67}, {&(0x7f0000000740)="13b821495d556a2fd58314cbb926c25e796a1aa21a8ffbd0e6ab8dab392d28f97ecb7704a2396d6868c680cf740cb1e4511897fcc23dd6acc9b6f0fd14f7b34d75b035fc24240e9f7689485143da5af7149e3ea3a65587cf0e64cd20a77dfc3dc5aeff9248455e7d6fa681d29db9663f283a143e42490a941a4f17bd40d16129dd6cec8fc9ff7f86ba146c1cdb8429ffc8450fc0b732027450e13b03ec1bc773dd34c9b9d0a6f28b417fc9715407979bb8a7db0db2ce1d697d21dfbab6e13e3594d1b413fd6d0a8728e243f529bd7f8587c2d5c191b0ef1d28387d1edc1142e045f6ff4e21657f77f0b2ead8be9934cd40", 0xf1}, {&(0x7f0000000840)="e26a78c7d721b45570e2bcfab4dd22dff68f0926a5e590aa31f4ad8b5cce4b6665d88849829d10827cfa20d0ddf62604e3b57e76ec4507223ac8b03de402f1822464e1163f3bf8abfcd8cca1ac459b518deff1aa4aeed76b9a56f7bdafdd5441547f9c5b2a26ec9ae72f99a0050163152d51144ae2eb5d5178bf9b47b63f96fb445941b640472bf6c691396d06c78fefcd67b57ca8afe73d1371bb9d646463e68e37c7d3e14507464969b5e2631320359c051240020df2f5d75ab2173c5383f569740cd54363d1bf06", 0xc9}, {&(0x7f0000000940)}, {&(0x7f0000000980)="e5bc544b0b3e3b4d86bc343ba67b9ed57f7e54e8413d726369cb154f132bfb323bec5e737966ae5b3a83f84f222446d0ff7e6e1a758948e09aeb92a0a64f97c9b9d272b0c8ff641a24d611ffbe583896a2293dba8b8be4d42873568c70413f6c277f5d6693f8ea15ef7d9d54a017303cf46a4af10886ee3281523d870ce5b74c30f4f8f75a5291131689d2ff033c500943d6cd0167725f1f1163ab5f1f80e8d168fe9d9ea9e9cc30ae3ab7540ef1f81a6f1b0630bc4de4318e78098aa6e794c682b79a9e7ec6aa1e06c7fb6bd2431dbf", 0xd0}, {&(0x7f0000000a80)="8bb20a3e61465fa0e5510a240912159a600bb34666496a8d588a23c3acf70151c3dbf18ce24f67db129d5556f0ddea52153eaed38945e9e4a35cbfd2404e0afafa979416d2559c9e7a750c08a47b426b0e1de8c0c32d78d5e8f1d43d2bc4", 0x5e}, {&(0x7f0000000b00)="ad16a57cdaff3c7687e46be9982405c8373fc068148a5f635de6a83dea4f7195df257ee568e13c0391c8e0fd8dcd67573c3a2895130cb66b69804af0c6c72efd40ee168216134d6d9c79", 0x4a}], 0x7) ioctl$TIOCGPGRP(r8, 0x540f, &(0x7f0000000bc0)=0x0) sched_getparam(r9, &(0x7f0000000c00)) r10 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000c40)='/dev/mixer\x00', 0x400001, 0x0) vmsplice(r10, &(0x7f00000022c0)=[{&(0x7f0000000c80)="2e2b23cd5c0b8e1745b0bc959f0daaddb71dce637626f36c694131b7b274dfcfee4074febcae333a2a38b0b3d23ae3cc96b804dbfe7f9405e616b2c3d33773ef635a70ec7ba3b589501dca3b3c49c8d4e66656efdfa80e718c3605758823c4c8ad5b177f15f03c6fceacb854d2389d0c2f73e6976f7f6413d171e0aa35952dd807ddf9c8614c11be823dd9b1eb31a96c09de29f946e4bba10834be1e51a6b7a13ee4ace6b229e67fe8f1324ee1978326eba7fa32ac4b96ab785b1f69c9e7ce0dd00bc5e1ea63b932ef9e713e37437ed30c4bbc3f7e779af97cd8cbbb7cab452202b38d71b955c4dd509645bcbf9eacb4f7", 0xf1}, {&(0x7f0000000d80)="0e2ef5a06898c9770cd14ab70b6cc9c3aa9f62d43d4e89d96bb90df393935868dd58e8ef623fb9064805e04d1704367a34f66f11085be7de8558c9a51bc4588b6607439c65bb7d7638c0b7f230fd8bb1fc365111a81c6fe8b1c710877c3239277254ed03d49ab3c82a5abd329a3ce404f598c9743f1fc7ee59847a1bdf38c961473b63d46dfd46b542fbb9cd638ee60e84153529831a986c4b7d78b3ecf76669abd3", 0xa2}, {&(0x7f0000000e40)="571e23232bbc0f3abb82a43f35ad8c4a040c968d48421553aea290a788d83f0c36e6c404d0a3378761113dbd39e07fd5db955dff7b299c271c18cb055d7600360fce8d18e64a3fe8f916785ada273e3bc77152c0bc8fbad60a994c60a3173630c41ac71d2a28a936d0b9c02ce1cf960a2ac8fc275eb40f35067c02a9e92984cbb679511aa14bb69bc0fbea95a205eefbfb18ab228792f6a714460276694a79852455c98458eb3bc11b4fb811f8bd", 0xae}, {&(0x7f0000000f00)}, {&(0x7f0000000f40)="26a87158016ae981f762146d597bc370886a9d6cc401b6a75607847de205488557486837059ae9b70b487a1c8b35dd80507fa0ce63490a1fadc81ef66e9dfea6aefa887ddf85641b93c20d", 0x4b}, {&(0x7f0000000fc0)="3b0f99cc5c4083f06716476753e44f8828ff75e85e5f7584e42022d9931eddbcfdd73a110c166c07de010aba0fbd7814aedae29e18d7094144b6d5f7d52cb84493a64c7508341156752ffa129366aa87bfb84da83f0317f4acf2d84072a0bee3e044fc30711262475b15ee453312cdfdb519b54d15fec1abcf2178b4f2d92d65418386e766f046821d061242e3944ce3b7ba54ea9052e5c98aa80cb72a131aa0e778d3e3669f32d818a9", 0xaa}, {&(0x7f0000001080)="7330bf0f57d6bb9b8643f697f0b910f1c740ed5df8da45c3327abc0f0cd7b345a201764196c94c49f323aa6058950e10335f6d6c4445028c9f4e48841c9e1f323f3fe92d9491c45fd6d769747f0d62ab13cf6193d4587b1de6ba3f6f0f83efcc90f95e1552577f827d23500b6d9a506edaa8d2535dc3b33d13b91ca71e210526cf2ce751fb1d9f286b909088e617ca6c024b204c82ac2198e11390d6a4d39de37cea61e2c7ad3fb9c185acc5436c9563be660659dededb70d4fb1352b02f9617751f2d09e7ecda8a79b427b5f6fea596cd0b51", 0xd3}, {&(0x7f0000001180)="9bddba1db936480ce05f35edd2580341d6e085638f8d6e9f36d1179f599482f286486cd1db92cdc3a02066915252566859cb94", 0x33}, {&(0x7f00000011c0)="5909e2b1f628778a66efd3719dd9c6aeec2d68aa793dd397d6f888c0d66c22e78af11689d95d2ecc8641f7101b67ea3ed945205380a3b3394e68685cf024133245ef9962a1969b8ab86e51e95a48b8c1132b8fcec674a3d05fa20e207e238e3fbba959917a51e1fd52dad8c2e0e920eae852c115f057f3578ad79ce21afca64abeb690d52c4ea1ebb81d2e7c6e1ec939f3d99206c4928af9babd4a295b1b205ff3163ac06760f080949cf261799cf9457613db8ad4e9470eee2f5854c63acf497ff772d3092a3652db2be122fee7a0e6bb06b700b9b553452000b3163af69226fa7bffe2d83461a617eca98e4ce8b974e6029d994864", 0xf6}, {&(0x7f00000012c0)="e0543b3f2f876fe8cf3fbf9be092075035329a64893da6023db51ed1f7293b44881b0989beb3d8885abc4ee15e6c1600fc187b0ea73c5d6869a7f728cbbcf17baf3dfc4bfaabb9d00863ed2d0babb7ceda36e13b4057c3460a5d99613614c65b9a10440d85e08caf5903e4a0bf8eb4912e577d53e3b19e4b4fc8810dd61d53573ee9a3250bd40dca4a40e7cf2524b760c3cf1d9e6eba4beecfda55b0086c8d8b184caef3db44f632ad72e7f5b1d762eb8c8f15c64642d560cf0299298df75a4f95e7f472e4f6bf4a50e4ad2cf9ae911a614cf20b92d9f3ebf09e1977fad8561ea4d748814b6977306ea11d816cbb017492a2add4af1c0a22fc9f4f9dc5541fc389df99e8470e6e6639296f33fc06cb85a3bf3217b00382823a806e56b355b2355a1d1e75ef03f1ceb833b4c467c5358d1dbcb7e644dc6c0ed0679dae164c3f6f033eef5c940accead709dec9406b1685fea2c444b7cb864b9dcb040e949dfd0924428fadcfe04d1d4fed0f8f89ad9f2d4b6e81e2e64b8f79dcc1ad5dde92258b89b61853c00598283c65515a6a05e9da9936f9be8cf613e6106b946873d95e06c92b2c0dc281ec90de683df646a4f746f96a36093c9406095e3d41ae6a54a8c28e9baf94ead48191092994147b6ef5ac296ea9d45c04e0a89c11f99e84ed061bf1fd2e0d073824b1a2817446c69bc30e3bd253b6a014a36b0a01a7e114f6b4bb31ddcb08efcf7bfd393660b6fdb5d4b4607c4012854153e47915b4441c4414bab4fb13f9517f4d027aad537780e9a88d603c3f1c5c90e9acd46f336d7abb0b558ed0d2f1dcd603678ad04975e278f3565badcc3c444e7fb2ed75a2262ebfb5f7da39e2f3cb27b4568a5d66e4a09cee333bbfa719ea76e38bd36ebe06b9c5f1274854f84095bed3e9352aa20ccaf49322a405c5bf901d6e02d0348e1d175b8098189582f46a46c71b4afe989f132aa7383cab676d6586c7f7ed77c9730b0cff92563e77bbeac8435f0d42de003c1fe6d6190bef9346881fd0598b366b31cfc63395cc94b5a969cf2be884e11fc23c4dc9eb0e9b9cc75226f38cf7317cb35326dc5beac62ffb964751def1f759b977e2414a47a3114ac52f4b00d360edae57046a9b55ee2509448ba3c82742adf3ad5e7606a707a5d3446b3ea193254d4fd6074c65a9bd8b86d4c1584ef1f1a0287b2f9df83ba5810de7f9ff07d96d0ec9023c7c35f596144bb2b4b9db5ca89e2df94459b60d5192f64ea9efd7f9b4193a52d148515a34971cdb449cbf873226ccee520fe4003a3d1d02cca450d2d8b9580964976194625aca5c08460baefdcf882de17f3adcd939c0f19264e64f0c2d3d1134cb7bcc58374db3a417e4fd075321ab394a00d8205d0679421f20baa0bc9362aa708d325eaf99deb15c36abe5a0701aa95f6a8f8b21acbc50e0967ced55f8204217f5171c5e1eb4e3055cc9ee7720aa9a204691f302c301a0a58e1fa061ae613970dcfadb8ee6cc56397494e7dc5ba3042dd9452a4b2ae9ed28b5c2c5c79bf9c9507435b40fddf7f50dbf15daebe913e5431fb8605da0293fcb59f6d30696dd37617bc444955189e43336678f6bc49eb69cf876071b569e972ecf90a1c5e342b4f954ca06a2114451239d2a713403e3e03185917791270588190cf3f4ace2d744e0dfb6f21713206a57749947bb314b60c0442ed0a6a8490ff5bbaed52b8e3e24bcb81ccfa56075471dc24d33adc92b45708a22e542ad313e7785a203c01812d3829ef819b61bd962774ac3c66ab126854e7652f1efcd08e18191c5c8fdfcf1b3c2f5ec83f66773d79bdf2f1c0080a0587ec25c8482e4e6abd07d253df984203cf15ebe4cdecb0760ade76d20dc809437537bcc8d2116069cb0c4aaff19ab21d69afa6efbd3b4f915d5ad97e28703e8c3b55e0fd17c6204eb8105f0928d3f0fef402de6e85bf4e77a1dbd514f8c7d781f82a81ed58e5a81d4e40697543dc3c90951f1e79b1060e1425f56113d947341b8baa05c70d9e67d82f2b7c278c10b0b3045db421cfd65e85dd60bfe931d2812753d1b8538fffe0d1f7130e2a811be6dc896b5da421b595d03eb51634c0225d397dbc909afc6f30a641e1676676e009a7496cabfb9021ef2cdfeffb7c9d0ae6b21b783d93636b9e87eb34a237c1f7316bee7e2d8adbc4cd54eed2f8e94512add70ee9ecf2644e7fad8beeaec5c5912b46cd34a1b93d23589fd8fcd84795ea4be6a3dca7f1c52570d2681678829b33f2b04c585da7b2600c763d25baa4b6f335581412a868fa78f05daab529aecdaa84500b8cc7b6df030450a474bf368b337da3036d121e8ab5d948d093c5db2fdeeb7e9fc7c84acbc5bb0bb4878ed73b0e0c8f7e2971b33c5fa4d0af7221bd8d88e3c912cef556c4ed1dc8b410891ae62d4f14e50fe3ba0bc27a4b3b7cdde042afb5f73f001601a8a89e24056d9bf4e6daf740ac10cbdf698baf08cd27bf2293044d9cceca6cfacc00a452e024987ab6a52e0ccf9274250e007a60bdaf1f364aba7f34b016e75f049562340f24d92deae6bd3d60215b37e55065bca099b05ba23904f99290b6e7487b92e179b0c1e9926855725f6f6305e410374018232d144927177410936e336382cba8570442ef2dadac57a7a1877c9482fe249f49724a74861e717762dad7cf71b66a0b9db6f9b6c7b01c4c31551fe52d7dc16876d88edecd374cc8ff41e00b3b3bd4175765c3a3392260b64c80aa6c3c3f76180f378061fd2b762f25192eee8bf0f23b78e04a3dcc151f1f03cc1d1ce53bd5e90329a1fee72c3317c36e69695a4a1c170081c6b82a31ae11c0ed7ef740c5dc746ee2efd1236b8c6fba9a8cd567afc50e2e4b9879c71fd946d4916a9933e8d37e6c5c248b6768226a73c4440b5c9657d16d885118dbd1c306786a775ef57759570d5f6a49d1b346a8cdd58cfd8b309461b6de807dff6272b6333ba3468911e4d2d11738c9ac0f9eeefb6b0327c34d172003afba1f3fd932fc4e26c19ef21aa6dcf93c14e66f098ac5d52c533161d7dcf79832c76d226d1d6b64554f163f1f4258aa538c8ad21e7d50edea92433dbd46ce30ce7e691ab3eb2960e107057c0d93fa9fda010795e96eb903f4331a68b26cabd2b3fe83a7553f98d78e03a7ded99bb75517bdf4c21c20abe6caab202145d04a9839a4d56c8a2fa039e1e92f32a31aafecebb1a593a8c165ea0bb944a25c7a6403461dfdeda2e9b5d17dc6ec7a384f472febd9115d9022984c2b5657b6fc9cf3f7873241da7c4d224e2dd0067597c1d4bf5ddaf0ced310c32c7a131fed297cc6f302463531126f57649d3f189c83fdcc10e96184bb9c214d132df7b3fadc02097b5bcdedf7b8df3163206903a233fac64f49fa749e748959d39d3b66f13619dbb62726fb93ac79bc110d11b3a71e7866b7e3d4f0622c0fbe124badbab92088f31a83f5e4e0546decb3f3deb28a8dd579eb550795809ec47e97945499d12454a84d8ef7bea3fd8110308098c6089d41a61e2d38749228cca263af4d855e48e5397e4ece85a4de6851f106afd89df2ae57232708720cb9431ee229ed245b16ca6215b08eead7f45f1de69467f5741864899b83b81b1953d20ecf005c42ed7c73b8376a2995366caf366459484b838ce5901d9976196e1d941080a7972a5081bed266860605327cf4d1b09b6153e5c99deba9d2d369a0cd8219e1f162a6b851921c17a953289494d2f5de8dc72b9cce4a6e559fe735461a1342f5a72bc5a9fa15685e9052c646518af1c44aec20de5a8d173b1060f8beda453781adfa9ce43b803f354851d452e4d232e9c59226dc9df36a0a535d91e47f336947b71ba1ffa1bdd919a574476eb38b02a5592346a487f15de4526556b82ec3564c93c1fa9dd594d9e8d58a5ad1bf843107b2c58ca490918f8cfad9a0a4122f464c9359ed95d4b0ef1591902325f7e2a40ff92f6921ef115a4c16b824d446ad630229aed0a7d0b4373d9a076f6058eca99cd2a83b2c7933d8dfe55eebb1570895f10f89798163d78dd9c27ee2a39dbdddf279c6d9cd6b31abbe183b99adf3d2dedd79d003a0502da121c7c0c11c8a836397b8ddecef0798b1f7e0cab0b8c73d1f2124d58e2839c241e597e1b1b1934c6170c5bd916d7bdec4b6299121995724a77bd76ad94a4b1170297155a21b1e31a9d4c0b68720d207912896cd1d608421f560d1798cf2de976ec5d831455ac3a09689a0cabdd5ea67fd13141a02bbe80d6eafd0c0247cbe53b7750b4e08f331ead4635e476909164c4cbdbdd5fc86d16da67ca57d7ead3d93ac1382dfb9f501fed34a1b45d46b6b5e9c342d2710c1fa667a485493008d86975ee933c55c126556ede39aefa76de986d254660ea9883d0b5058da58068401b2a227ae6af3ba19b909ac90d8176c2fcb0aa4e2448b9be6acaff7df9e11f087dd575c4d03038dfd01c963356f441c14e9c924d9d2ea14ee995263f3fbcb6952cfc02c2186011d67fd91786960691b0dc9dfeb5ba15fcf55a3cd1917e00e231c4e354acc3ec39e8e38e542dd2b4092e836cb52fceaf67f9d3823ab47777ee8c2fe1f4a8bcf61a2438a0073280d165b4d4cfd0ead1d876f6e06964da57664b7fb52b69d65da606446e9c1a99bf19e7f09d59ec7e6040ce338796c826dfb2ba4995571850f9228e15904576c0edc4a0c90979dff7124c439287b369a55cd357629347841a87485c44cfd0bd36bab37888ed47ba15e9a8d8ad5cba371b5858d8cf2c36fb7eec0e0691c6e03132e670c9715814f9cf14f0f15d96ff59cf68e6dfc1d0ee09c35156a738e9aaca92748c00101e2197e0461e74a3b5013e312161724d04c17533c394333019826250c2f28449d2b9fb58b0d4768260dfea0f1e2f1cce28ba3a25a3e44ed7d239636efe1bd7954c80c5d7655dcb7616d065f12d0dba0b089588323bdf780f2f0cfdc893456768174f5f0153c7838df52ab2548b625401d9f2284f05ecf1aabdf876c0b36d3d086c018e02e8773c788ee559914654be99089ff001d882f1b14e24e3d38f52c0dac3a7e18522cf2bd134e7528d59bdf28a40f6d7630c67f87e9cef4e75503932fee26478c5bbb307dc1bbacdc939027e5ec365986ef679dcf65ba2f01b91e9ea3c94f712d8deb47c1c6b2eab8809d043a2ac1a4c27cbb341114bcaa10e2caf9c95ab9430dc345d754e9f8d3013c37c6469850db5d3360844ca11943aed2c97400bba2a07d61e5c1803e61f1008d12a329f74f433e208eb751113faa8f79194f1187ed3095e6e5da3b9a2d2b75d501e24556bc14496089e3d9c92ad04bce66fce08a89be32660dd2e61a4564b3d8449da93651a117861659e03670db1495a1c13319fd7a8e26402e14ce78e89f5c0969f02ecc0ad51ee21601f07e2122c4550824105bdcfbfb13f7bc43489d85a4a7ddeefbbb74f9d7c3cf364713c1ad35ebf72c75911e0a83c835ed9e801caa6dc9cb9e8294b3bd56cc1f7757935538de220f31bb7b0e3f9afc4ad638d23c9d0ce4b327f94ad480bfb6cca0d61e1ef984caa9a4d1c8c125e730f46c8c5b470fde2841130dc2faeb82491a2451e5cc4eac63b0452b13f229f7c0eb5a18449af934604676d42b5a9f3e424eddee41751f6799b9c8bb36ec448d2f9490c116dca11de7155c20688965ab515958c646c652be9512e427702a18bb57c41f39dd1de261e59bdd3c91dcea6ba930e48e407a70e2f0893ad4d6072c14cd7e8fee2511dcf7877eb3cebdafd4cc7b2dab4864bfd8810982beb82b29813aeba9877f06dd4", 0x1000}], 0xa, 0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r8, 0x84, 0x11, &(0x7f0000002340)={r3, 0xfffffffffffffe00}, &(0x7f0000002380)=0x8) modify_ldt$read_default(0x2, &(0x7f00000023c0)=""/144, 0x90) getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000002480)=""/126, &(0x7f0000002500)=0x7e) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000002540)={r8, r10}) r11 = syz_open_dev$sndmidi(&(0x7f0000002580)='/dev/snd/midiC#D#\x00', 0x800, 0x400000) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r11, 0x84, 0x5, &(0x7f00000025c0)={r4, @in6={{0xa, 0x4e24, 0x6d93fbdf, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x7}}}, 0x84) 2018/06/01 03:16:12 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(rfc4543(gcm_base(ctr(aes-aesni),ghash-generic)))\x00'}, 0x58) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200, 0x30) ioctl$BLKSECDISCARD(r1, 0x127d, &(0x7f0000000040)=0x3) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000080), &(0x7f00000000c0)=0xc) 2018/06/01 03:16:12 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:12 executing program 2 (fault-call:2 fault-nth:61): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:12 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000840)='/dev/sequencer2\x00', 0x801, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = accept4$ipx(r0, 0x0, &(0x7f0000000000), 0x800) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000006d40)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@rand_addr}}, &(0x7f0000006e40)=0xe8) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000007040)={'bpq0\x00', 0x0}) [ 1385.905482] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1385.912735] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1385.920015] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1385.927278] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1385.934546] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 sendmmsg(r1, &(0x7f0000007800)=[{{&(0x7f0000000200)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e22}, 0x2, 0x2, 0x4, 0x2}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000080)="457125592a932e94dcac350ccacc63d8390e35a174a39722edfa6053cd990ded41479198f120", 0x26}, {&(0x7f00000003c0)}, {&(0x7f0000000880)="dee2fdb271a9fd0204f3240f8476a83cadabca77a83019fc80bdb2247117a76b8f2141d7a65d767cfcc2abb53dab34d394a45c04b27467eaa82ad05b80bf5f11f468d6af1a1b0456aae25cd4056defd4529fc76f39ab49a76e4ca0b3b19077cceefa66cff23d956b78ef73630add8ac97f14d94b2b851fac4c2b43f0b303e14057e6c3bb9f9490aa385aafa5d7466f77db1a79d2b6821483ce0916013d96472644bd7ec80bfb4d65eda43a09229b944747cd4ab25bdafd20a12da15862d10b485b0d3fb5190225983aa62490dbc19818be5c947f5d5fe1310605d14f1d1168825759adabfbac6254cc8c6eb927595c911afa6da47f1a5c37f6c50e20a64a5f245e4404d3e14b9eb8ceccb7d08bdacdb2938d6fcd196cb5d8c179134855cba8537b01e7e9a34076c048a749ee923a86efb59be946f7eb0e87642e28f9e64072b10d7ccf61105b9c1ad369a4b012ff5de3c354b642afd498b5538c57c631e56ca1bb1ff14887ce10177996be1affff9c4e554f8f0a22822c0d9d37dd2f9af5108ce18bf0a6e653020b52c8ac59a20fdc6d27d9f15c54dbe865bbb20951b75309635923ccadcd9c71e6c2c6e9d6c69996042237a7a0790edafb06822bbdc84c45172b8dfab81f4446f84082a82df8739dfe63db09ab01533a4b682b50c0bdbbac3041f26998390b7595e0e347af2e74c34f999cdb1186cc838fe618e4986843e157cebfa9fdb33bf48a54785603537f3f29432ed78778cdfe06a274b35e4a34c5be3f5f442d30dabe6425811320a85738ce6fb7d6bc10e8b29b19723a77836fe6bcfc7f684c1e31f94328d9d1c01bd43ad305da16dc4e52a22eb2c58a59859f5a3bc5c00727ecadd69ca9779cdc3dda21194d85969979a1ca91d42bbb2f31a76a2c709627366899ff28cf49ec1bdacec9a5303e8fa31a4e3eaa3622232d190121d1d5fe880b775932934718860fbea6275b03209206581743df33637a9b673e6684ff89069ade0f7a53eb7ae6359b5315c42c05d8253e3ff0922383735b31dab3f4e52796a83f92fd72a618d027062d33874bbac4201a4d8e449ff6e48445769a070d1765e60dd431713320210733fd8a2825187104d8b05c96b7f6d1b8d55ec89b3783e3f18a9d6639acc6058e20e24d841bd3dfa18c110cc569f6d1303210da8f271d63d269723c7e28882c62d1df0001b76924e7677b69ef0937fa780a7bf8991709aef727ed0a71fa699516345351edc9358e2094a1859816bcbff1a8e52d9d1b346f3adaf06112391d1a4d69b8971fc859dc1f2176216356f842d25b4d7fd721ff9fa0ffb7681114dad3352c77e4e5268c4138e00f0e85209fdeb8f42b48e27bf46919d4692ebd75f27d7a9a048dbbd48f94291d0a1c178ac8a9802babe0f7501cacbe78404a435bd0dd156b0e47dbced683eb8328f7b825b069877b0f908caa176791bc8b34510b89cdab1edb7bbd3fb5b8dff5e8cf37f35eddea537914b6b61fd091491ea89c195f24c92c735d2b76402ee544c5e9cf64fd86c24acd138e76856b18ac02a7eca8b0a5ffa5f560732c032ee99eec0122960d2194a5b336cec06067d7235c05be685f3b4df74aa43cc7ef9126c526f3ade5adc8df4afa12904d0d63befb5206aa1929dd6849e0b39d55f2f07f228c8b7b8574959dbc5074939f31a5fb501aba493d28b95ea6962084b137dceef2a2e51ad69f3459d487b3aaa52db42de5b7acb8fdbc7b1b9215459568118ee3bb9ffa02e83021af210430fd52fbc5fcc31c32ec6177e3844ef5511135e0c0c60db6eb81657efdf6178cdf1dda57e2fa45b6bc3fd0abbf282ea26b94ac3c1ec0a9006b68b4852434e985607a46454f96ee6f3bbab1d994783d693d41bc8f440fd03ab1cc208cbb55a4e06843530de86e7841388fe734258df07d545e493aa586663b4746e38d35eb7540fd6d8a91e93cbecf5d3443b814559230db5ce73265408880f2bdb5391810acbfe6dbbfabe01cc42b5fa073eb3ce9c2977e2e642caeefd007186fa1ea5a0f782370dbbab8c459f15f0bb403b1d6677cbd512bfdc3180d76ba09c38137a0c4da9f30388e602f03dbfd13e0846cb568ac26757cdf344e48cf6b4fc374bcae2401c0b360c9d84b68d31db13320037e8b67b823f8562e1ae672e48089e5a44a3fd2cecc7310d580bf7e75c8ff5b39b42a6efc7205a91b8fc20a543bdcdeaf64b3537785e6881656f22ad7bde05a3100be3876413409db6f6ca00b87c6835b5ac0241d608d5d684ebd4f1a7d0c9cfda22763ebbb3619d6f96c966ffa5d4051bca09c8009ff76b1cc61129a8c52cfb03854c6f0fd3c234270df258d06519320a268cea6e7927bb8c3ae5f301c0b1dd90344840aeb5c1cee9124e1adfac49dfaae87b6d526f5b3d0455bf277f4c02047eaff05d9969ddee9a26246f382a2c124467b1ab38c128b659b3c697c797122bc84970f7fdbf7271f87f429ceaaf98e4c4bff63beb7c28a42f3499bd51569ed5224f705b45d0952ba576ef55f9837a8b5a03bdbdb4cc229fc296b002d2ebdb19e03f1d6f2537eabedc4736164909e9e909289b221a617335e497479b70c38995acbf6c9980ceef817f9129124daa5117be121c268739330ced73389d2f7e93d67e0a9b6752e966d1d2f5b733a9ce38b9af4bab44309958dfbd13e2252afcb09ff79eb430714b63b947175627d0241d8f3e522da276b448273d85f4f6048b82b2899e0d10be8a321c0c794e810fd3d98d82fa725ec4d3e6a045c0966193de2f8c3879e040a346f2f5957ab9639bed84d56325f3f0347212ec8256031a428c55ad679d8abf50f7344f1a523bc5c392eab3acc3157f55b9ba3073c4b1f896f1ee4cb360e97e1ec1bef3832c351b345b75347629d1b759017c2171449ce01139ce97e1d1df82d0749854209a0250af0aff45263dd90062ae1dedaf0a0707445140b53f83eaf279d864c82a718dfc97a81f5487fccb67df9d6c64480cd2f4358faa98f0648dae561cac14bb44a170a5bdd8d87a7b27783e93f6cedddaed03c3af71c3fc562b62649b3b11dbedc925e2f8d7a6db3cc62c8ed9dcd92879c4c1f5e5c73d8b11d981b5c741ff2e0786ad727cb1485e9befd3298460c6f7d17af661d993a3bff9392e02267156371f37960777d33b563241f0e09ab20fcbb6945238b8d8986abf9503d3f6a649fa84aee38f6bbe6fd3e477f92878a2c089f0454d9675608ae7f513b42527789352c1df91a4d0d189252ece3bdd7a0ec3494243b467465fe3e476777b1126e0065795a3c50a4d4c02ff937d0843f93ae217f731c9f7c136b79ea725c6cfe510166ce1a6f1a6dd46156535bfd67ea27c83fcc42edf53267d31a3f848113864c901eb2752cc87a00b049cae22426a88ac6ebb6b57745c70d7c90787da4cb01942c30613e1261dbd888aec977835c3d7d11fa9238939f97c9e846647d656eb7e5b4c6a518c027c570d854fa74860caf8c42f725694b62c06432f42e9f332cc906643bcaf1524b49a8342ff5b3d79b76b063e7a29445282c807daca1a72b34c5453f92711de7486463816ea88520bb82c2de3cfef7ab36f121e480dd10536736a84bf49c88155116002f3855a43d8980bc7ce63e923737fc46d0a03157f7182c06f943df2b5ef91fc1bc319d876abed3413726c5abff6416ffab3a07a52de0f8848454443ccf56cd274e38ab4167b707a2593eb1eea3de38529f9764ea3dea83d960fb021df632ad86af35b75bf9112b4863a56780773f64647ecd67c3102c702dcdcf8cdcbf68f5bc5fdf6d0984cfade06f1dd0d1b35875e62c81ec789e21e38affb81272010e208c1167131afa5e457d293494d55c19226effdf9dd45ae8d671d7f7413c73a73f4decd9a6a6221d6c35f441e99a2d8c4365e8f991abd9204f27ce21c334f275b6a6ed3179037019d192d8c72ebe3c46a5d73c328c41a17c30a1b4beb569ced20105a6cd3edb43ecad4217c80b4cee33eb513b2fcbe88560f19620edd9b8f3afb52ffc34c4506601c34c03b4ad254ee987a847672aeec4aa2937e1df71b4e4f520fdfcea828738b46b258d2459991537acd6d5ce89e783b92f91d7855bab08f1eb51e4f28448a8148a6f0df51f3e646a98abc4f79d2f0c0c802baddd00a4d11b1425937805374850bf1e4f4c43a87b3b7c60364951ca758321af463e373fec202cd73c80dceae08849abc9cbfb00673475f3a651ec952e81aad69bdcaac09dd71ad3b8cac2c1fb02739d5c8dacb9823bb5bcde64574b7124b19966557ffcfc0865cb13b1701508179d6022605a56d4893e9fed51aede7227ff86597ee0eee601b67e2c36a7134d50097399d92801cc8e3734fad56d72080df2117ee2b95d9737db1f8030e2a284fc10557dc2811fe01f2f33dc9ddbf0842b4703df74d1956db34d0817f0ec4baa476c0773e0d61cead517047ddafad6ee6e5db6192aac6fea2c37dc0e2a72c7710476ab78151793e20537bbf2154a7b61d41b84b3ec207d38832c54dc627e08ede04eb8527388ff09e81ac0609b1d321840d44473938812ff4963ca99e18ab9827d257bedf82cdb1e2572cb6fa16a1ad46362aaa7cce9f23314ba25295eace5a75ac90d7b035d2200023b98a01f8dd2ed6b30406ce86a6c2278f8149b4b6ddb1b1f0520b63726325471ee924c002a0f37eba19d1934d25b65f4154f07016ca83db8a529bbed533c08086fb65dc90a01fc24c1e16adb169ca90cdc230ea07c908f7543e652687de6eada9cc41912dbbcc3d323df7740f7749597c61d6456a14c0a56bd1fca0d330ddc138b8a3aa4318dc7dae921c62949a5efecdbbdd2bbb53ec29cb0757e24769aa2d67e720bd912f827629b969951ce0b42973533f0b666b07c24211e3861116f67bf2c74bb075043b217172f97c3286df52ae517aae32255e683666268cc2c9e49ab1f389922c80e72b10ffc0049a435cc097657bef3ea122f5fd26f9fc60a4e5cccc07f1cc68db9f2278577eb7ba82f3d1428ce11a657d522ad8a7f8cb091e5a89ed82e5eed16e35f3cce4c5eee77125380492b1229ea0a9880976b6914353a8fdae8bca1f3969b29e78e400666adf11422db2880208a06036fc11e6f179499d75ec8ba8865ecedb4410ea93bd26479ee4fa6af758928e4d46133453fd197cbfdd336b36f1235137309dd169eaafc190f9391b7c0e2b87fded14e82fbee2b15342621d5933f2dbe4bb4ad2f5737820ed17ef5ffa2ee7c97f438b718591a71ae2a72cb11d1cba7eadcc32800930af67f23b5c74364a852fb8a1f1f8b0f6ee013430c2f62f1a5b910c444397f8d143b17cb80882d630cea3913e95d871218dd863b04c4696d086e4be74ae3865cc04442d189209de19bcf7b9941dfd8eb737bb11758d4886a2fd86f16f7f1fd1215c2902f0b69720fe9a6996084b7bb458bca9537c64cb8cd7c43bf6dfa2b3e375206684f4a00111a4dd93df5f3f50a446388aef44fbb7c470ef2787133af2e07d983b711cf726306f641070cba61c5e16205b9ebdde1f2b09f995fd076fe4c7a112cfcbf13233eb4dbba72cb18339904f1e704227f49ef81cbe3b4a39fb2b85d128ad421104a2f760fcfbd338e9b0097d41e6ce86e420f117eaa3f6a18172e59508e0646f08f2f687217b14199e3f20ec718d393ae3f02e796361ad67341e5b45913d0001eca011ea7e37bac75bab8a404aedded4af393077604119caf80f6d9e0231f1e7038b420d3b9ea7009691ce76e2fac01fdfddca432de8192b070779b14e171dcfd6f7f6c8c85bef27c5a5a", 0x1000}, {&(0x7f0000000400)="b40c3c4e440295d8f8194a6f81b804e9c1979eae1d0babb78f731e4069ca0541a063340fc91dd8a706cb657b6be085ec93c6c31c1ecc229ee31526fbb23cde", 0x3f}], 0x4, 0x0, 0x0, 0x44080}, 0xb26}, {{&(0x7f0000000480)=@nfc_llcp={0x27, 0x0, 0x0, 0x2, 0xff, 0x20, "e2fb27fda7c9100cd1e62365be21d0f2ac6132e9cbd29562fd84fe4238d7d2fc4e0dbb8f1eb89839627fa09d5e56fff11b8cda7da3fe419d868bbb1eb0819d", 0x12}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000500)="eb24f53cd3df6f47f621f45d414c652f305aa412", 0x14}, {&(0x7f0000000540)="12805ce3499581830df94954c7d9114a8f4d92e9820a80c7be95ae9809fd26deed5262c94162", 0x26}, {&(0x7f0000000580)="2d69a1b13b80e57c27247d0b5f6024259d49032cfce76e04567f8dc47ca80f7f120c02a8f693d1e170fc9b63178b131a0376be02c6c68a4a8472ec55adaab8a7229f0d44535754019eab1e97a588fbfa0df90d18f9c552a129ee37bf5d0dbaf7b63a25fb964c4c7eedac1e86edd5705f5a182c0ba618ba68189b06d8baea120a886cd74e649d9d885fd64ae279eed80284421ad393c5fa54a9be31a54dd1c8d7690a3f60081939d7b539ea9d81ce58329933f59fead8682ceddba0febb58dafc0f52a4eeb7b473840f03a7af14e7cbc754b8b49edd534f5db4905840516a6d110999bdcb5a3be60e92fbee9ef25a132cc37711618220", 0xf6}, {&(0x7f0000000680)="50d53d2118ea7c9879ff2f918b18c43fb18101a1cb29f8bb1104dde297f0daf94c2742470d7e0707a14abebde4a0eb1de244c98058831f1390aebb839ed074f4018e6cd418375ecd04747f271eae34baf78670ea3151dd9729b54f7ebcee6b35727aa88d17111581b900766772c20406ae663d7cc2f2e5b21000a9a6b49b350d168c5b3c91988d00d2795896d6ac5a5bcb4cabd0f5929118d6ede7432fea89", 0x9f}], 0x4, &(0x7f00000018c0)=[{0xb8, 0x0, 0x7, "3ecd0f725fba80fea82f769eeea277ade54621bc71ae30ef6df3919d690263799bd6064c88b4e9c5836fc3eca351e068acfd27b766557f36004f7925f39cae771e72bfad45fbbfe77a2313e6cd6a9608dbf6a22d37351c4e8a0c568b9476ab63156fb78211452c2b53e1205a870324341ee0132822a56717a667a1afc90dd0fd28d31f6ad04941424837a54eca6d36d1a462cfd4c7fd9e3e281216d9072c0cda02825caf1a04429478ef"}, {0x98, 0x11a, 0x3, "210c594fb14cb7480b01ca678bfea16a9259f08508ed3b37b2cabd2c724ee0c75b863b2bb924d171f7be13a9a039857da50ab2ef73c8a5b29077907b1f5c60f7decdb8a1587bae3ab4b8e3323a9a83eb27db6cba98f1ab969ab525c23892621488a8b7be063c3195a4dc9ca97b926d3b5f5b4f765bc802fcc41a908541eec1b4a04fef9d3d59d5f72bbdb8b7"}], 0x150, 0x20000000}, 0x9}, {{&(0x7f0000001a40)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x80, &(0x7f0000001c80)=[{&(0x7f0000001ac0)="4bb238ba01eeb9f18cc8f5dbbe3774d568e30fdc05ec6e06ec0bdaafbd2da9a002004820afff20cc290e3afa569655c822d69586ad32a80ec7bb4f6c771dc6849b05266ec884da99839aa11360d406f49dff9db6e35af98cdd1a6d2a06caa41e3b85a3864f6bd980b591d95b31781c924599a2e9843da30efb1ada44725a0fdeadfe7bd99bb6b99c389286f542d8fc887b10133afeaaa050bc843d43e402a679964770ae797f34768608ab2672b705f7b89acd901bee653da2d3aa5846646a0861ee2905b95ea283fa", 0xc9}, {&(0x7f0000001bc0)="072c509b2b8c35fb9768c2efe63380f822e3a6a586435d17c77a51ebb68c08f35502cf3d73265bee491c80ecfac093d0ebeece18a5fce6fb24f58ee92033c817cb0d40231d965b24977482ed62200366e47e35e4591b89a0818a35dcdcf97da844b121a64477094cd0d498c5a33cecfbdd4b37ff01c54a8dfbdc2c69a95d40e043082695e4f75ab36c69886b55bd97816f7df6dce2eb3f2cd5ebffa9839934a601a1b12eba8df308b5cb", 0xaa}], 0x2, 0x0, 0x0, 0x40}, 0x10001}, {{0x0, 0x0, &(0x7f0000001f80)=[{&(0x7f0000001cc0)="c58eeb5549769dcaa351425737b1cc694b23dcf902d3dde1516379a9a0eb4be5da379ce9c863d35e4570f1dda8fcf3f78bb2bc13ac6665a1aa43d56b1280dde05ab22848b4efee8af363472fd19360909498124e278be80de1b9f60dc79edb15c3f3effe1ba058516a1aa1b94f267de2946c8403db2954aea6e67960b99382bce628e9398e533b410aa0a6b24be0966ae74cd0fba4b82573ae66c265e65629bd38201d39ac685d34fc895ad28ed5aef6dbe1e6845337c27fa508ccb22c8665ca01", 0xc1}, {&(0x7f0000001dc0)="8862e195c1f30809f0b712600fcdc209f782239b9208bbe7f0e0963015b55b2279f81db3", 0x24}, {&(0x7f0000001e00)="a6f2cc45c6fb1b31c25a06958f74e3642f4b5231bad613b7b5ec48c03c9cd042f8b31ecf1008de6ff736fa1c05c50942c117c7f23dd83a31cffd767d9d75f0", 0x3f}, {&(0x7f0000001e40)="696e469f8901c9343129c6e3d0fd640f150f182ea07946f68c3cc83e3fc0d3235f68b0ac22", 0x25}, {&(0x7f0000001e80)="98553643cfc933fd4d7226dccf0e3a2b4b52af86ba12de50b9b57f88d8b215146d943fba9fdd9b366cc11b5096972b5c13a1fb8ae4d57a215eec7019536112d7d48d27db61fd94886f0aae143a099c2345ee54f676622c9ffe01eef21b51c126fb10046d", 0x64}, {&(0x7f0000001f00)="8018a22fe015ebec75712dcd9c105b2b1881754540d88775afe6815e1f48f6b181afc121aeec9e0d85045cab292a4a3a679f48df05863bbbc78a37498599fc8498f1758b4ce8ce667da6669f36001238b89586d690c93b07a7e8507a9084ac37", 0x60}], 0x6, &(0x7f0000001fc0)=[{0x6c, 0x103, 0x4, "e509126956fcbe4df044a4b93b5334141ee46e38024c5986cc5eedc8ddb4c2fa8ad29e153ecf9d0c365645c28db99e9e2aa11e29d099db086de85550ed9face09a6d8440a4aad7a939595d08455583649c6341c963566bd3be8c4db056"}], 0x6c, 0x40080}, 0x780f4fa5}, {{&(0x7f0000002040)=@pppoe={0x18, 0x0, {0x3, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 'sit0\x00'}}, 0x80, &(0x7f0000004700)=[{&(0x7f00000020c0)="c5ff1d4216caecf0f8cf9edb4275ca9e34369416e0de8344e5960cc98dcd3114b415f92ba4c57eca9bba5c7e0793cd81e2f631a9c66409d1fefbd5ffd35a445bd7d0baec728438bc2156746d8e8208f5d2d5574fe250bde8cd61aec55cb0f9f3e8a870f5edf73180214b47192296c5415e8cebf26dc392ddc1613802162f0508180dd8dd711a6e2b82256aafc844286bc6c493e203f3efeec4fa593792ee62a59fc7333471e8875d8b6105471255a2fd2148cf734436ddee01e968", 0xbb}, {&(0x7f0000002180)="7420ed0c310b4df53b6f6c99d247a0a9e4e7dddf8b4a09a472eadd2e9c0897e7b0e36a295b7fc2f2f855de89aa38aaf6f4d587c17ed91d40738b613221386298b9bcd5186a55ef8ba2af59a31d5f79ab14bc98531a356111e0fdea3e6af67bab50aff6e987e51bd0f2bcd3fd9b1594a13fe245824854b3ca8161b4375cd6ac159ebe2a9483f2bb8d9bdf", 0x8a}, {&(0x7f0000002580)="ea6bee53356d1b3064f8964e7018c02b2b0588a7981f2c3ac1294dc5457d5ce7ce50a0e1ad711feff9acde214e774923502c5d050f0c376f2c29fc4e98db145207a2108a8cdeec8a762d21d4229b1eeca4d3564dd6c92dc772edbe2d3e5b8e37a400e0724db6eddce84ccc30f58078d216aded1678d24864c07ed0857cef7375d77931aa911b093d87c18ffa2db58be791882bb947e8a279406ba3678a7bfd468498c6e4d8f4882465afb3d711ddc3178cf69230c253c34f9f339b17ca452a7770f0d66fce0f0298a624f48eb643ce8373b63b8219fc11e941bae241ac4d822ae315cd24e4aa0dff2fdc687f6d56fd9d61f281685fcb2ff6d8a5f741c7a46ddc81c6eeefa3c09c42bbd154aa131b9d22f9e95de587f0331b4ea60e613b611090ca0747fd71365462cfd7092c498963f2f398dd6e12c12634e82450a39f1812037fcf33f0d390ee2ea0d5ef60586ada0f2806756bcee8b5bd4563a0a50cdfbc74601162d956cb9b021fc1cf0eea2628f0e5695c906c419f954dde39c46276a1c41a2fd084dcba30d450b2ec93185ab0d4add99060b09a3417166433aa685837b05140506fe2b3ae670c236f97567940f7a0bb2bb5477d944f5799209b5f6e68251cd409e7d2c0740b1f1277d2f5b94613dfe07b4a8fbc1c33a3f3192ffd23dca1cb13601f6af6dc9d344b5f542c897b1f327afd7e084fd4687ef2cf61d54bdfa8d50be8753ee78dadcff5e56acc29d68e15e45ea7ac78d90697ab5df65a6dbfba81739471a120444d51afb8ee5f25a07b8646b297ad6820db47eaa8fce81c87fe0888391c5057436e899cefd10454506ed92be4d2affd2572205b638b40839ac47b1759abd9ea191ab5dcb110becc0ae87ae9b8faf882065c2c6d87158b470df741864a0a018b3098412bff873bab9af2f17835df9013295cfd4c00856e2cadb776bd631d3e9d24ab44373855458745dc84a78e2739107b2055ca50adf2e5b0e4f8802e796c345a7d9b24ca161bd8417ed20aea81b91b25348aef98f3c1682e1e8d108b0c6699faa3f533ed47e4880a6e29f6cda7070d6f1c09d7b2ead029cfffb8f95ed5729073391732c9e03e98626c9f683baac801372ce06b0db0aff6a0477eeb532db7af107f2b8b39133a29f13270bcf6ad6db309860833f1643ce1508391546a9742ba674fb8b06a1552e6b9e8f089f099e8804d1c1481ddb7767131d135c81b87924b3fe144750677a7dda594aed8fce09b0c0567c1c43ded72cf5cd5efc1e62a314ce4d5343599d09eee3a018f1ef45ccc28c019bd91cf9fa04daf19c1256908707f41c932edad59ef483cd5beec293205f45a6a0ee4dd453502fca6ede680e5f3d5129ae224d83bd41ad6964e55119abb0ccaa75bd5e82c8dbd9c5caea38ec73beaef75e77782b04e723ddbf71e713ba79bb0100728dd569f1c395bae7a66b05ab6747b3f796e0963102170bbe4afa65307e0cbd338cd284fa7be7f40a8500e6b3d0d563f583d0369f60a8028fa35e3e9d3e2b47344bb363617cabc46d0dc60a449513ed167881deeb70183fd8ed273e61723e54287113f61328f8ff3d9ff2e81752e1d12f9ebaae04cff46b59370c8006c52d78ca16c61e466972608434a9e00e05a57167ab29c12124be31ba258939252282cbfdc3282ed25ed4289c93b45b410964ab5ac63d3f4f0bc8945a6f7180595f162259579eddc8a0db8ed1797031c1e0f0f46c0f59c1140eb768fa6e17967f9313e086a3a6482e212171c985f1326eca50cd35b5d23d827af8ed4e3821edb6447edc1e7fcf1ddfb2ab4995b3cafd8cc46f448407e23dee4f8bd033da19fc0d5d7c945902660ee13f51af0e95d1cdbad857bef9e4ee900902691892b29092990719845d74bff6c97149890b3079c7de476d8e7618c9fbf4085f3b31478e36d13665b1684515847beb7b97d5c6445045a513a170b6850d8c49e2ef72f84c830b8a20f8820aa9ba181947e3109c0287711ec7d63c5b5a78ad69908e3fff1b8520a67628a07deee7e6395dc37863a9b4efaa2e0dd2af28569a60edecc796323c5022cabcb9263d94525c2f152602d8a64447636d82b0c21ca811fbc91e9f8330f2285d0d383ad676b6e15db3775d013c54cce6674a23bd852bce3a23511f52b3be605629ea2fbfd71874071b33debf29d1c2e79db6e40ec3919d1e8a1c38e41a4333654d82685b326da8ae5a383229474d270b9ee1ecbfa7bc4aa436f01841829a555e051d7cadba79decd53417f265f41906580fc8879972a9730cb701efae372df57e00c5b72bbbf89c346e19c4d399e28ea6d4848db469692e729d2d02b74de4252472e534b7f89643dfd7473def053e0ee167c6231391ac01bc7867edaafb5ac55fc21efcecbe5492e0d9bf5f9502a34839ca1325cda680e6936b0af921b271e0e468ef6953b7f83501b7cba8e499f4203fa4b63d4426456c7885c2292ef6b71c02d7458df18762a828ffdb87f9146a799c4a8620bf79b752317d90096365ed798e42a72528fe40ff6c6b7057aa3bd131ba0e0176efee2e118517ab56f1888f7f540f555b1d7746d2be0039c6aa60b3427c14cec297f311501a8c85fc8a8da611792428824ddc8edbc7dbcf14aa04ceb1283caefba202572cc1b9b636cdca3b07c7400cb965959c5e0d68f3b1c87a7d223dbf7ee89610b4b59f710fb985a970acd336fbe57bc85e831e5cfb49de64d26015c2c1cf35481e27cd0a0051668077d754b8b2c690aba644927080046a8e7232adc04ebebc2d434846f452a3cda868ff5ebd1b6c6c8b5d3964efcf4ffe7b03abf8efd040411756262d303b93d99c3c03a95f4f51dec6bbc49e8246eaa040e3347fc88cec17c7206a8c27f193d9037bcd04a329759f230f9489b7b72c575d07ce56b8342c8ecf0c1ecbe6cf941dad687dfc4d72dbbc15b11f63e64535ba35fec558801b76269e970363a7f86cd6cce6841600c2352e0609ed88905c98c2d65c0c861b6001d50abf3011d8d1fa4f910a304fca38ab6d2a43c8e0ffa4a9d4eaf9b5e23681f9f37f6685ffd0f63556fbb1d2fb6444320f709b9a592393a42d581a2a9af202f5614073a1f320e1147283b9b3b1ed8d9c76d334f35be5fd66458086d0e71c404c383a1eb2fc945f2e3b9884f13272787a7ab4c977b660b9253db0370fd4e34bd0d5d6b9d0d791f2869ce3a1281edd248838d85a36fd746e2a9918ab1d6a6f8362e38ac7783d066ff1e6fa0542f79dc479aa6c5a01444c8787957d4cb59717c8f61b1f0aa3ff93b1d8dec93deb37462287e486050ed5978eb42e11cda722b38ab60201822aa5250f742c7152019d9d0d0dfd8847bf033e2ff181404682ce9c2182afe6583a6a1899c0fdb04feb4f2d4088ff15092c9c82307c3621c2c43e5140289a9b3bc9e08b559631636a4dc438929e70395124863896a096093e2ee7c927dc2521c1b526de201d32d469934fc37450d2ef1b3a7dc2348b194035e1f05fe9309fcdfff6ac121bcb3081874e10f3d6a5e1d5982c1af04627a9b9bac1b0b15b0e8b2e6a68e8c6193eceae5c0a46cfc9c699345ad82cd3dbd1eb6f43b7ebe0ad59d056ff2841fec5d5ab10efffd61d36130e89cf5ae8bd0ada80592db303465b80a6edb5a0f596ef5530fe7cab72b283358279596e93cfe3af54e27536db0786639f3aad323e112b68516a1476077105697cbdc620aceb10b0b40fa6d1c92a8925d51ef3d3e7f4d208f5fd0d4a26f812c0a5bf7ae1f12244f11d057ea6a38459cf580c34d5126b164d299e9ebe12b02dfd3d4bbb9faf25c10fcb3029c2cde0aeb93d073db4cc7fa56d6d7c8e542fa9fe55e22e0e49458376e2f48fe0efaeafc44a5b921f2d134fbd841d237185ac280b565ae296dff551bcf0b529366a8592ecc925485b98fc10259c235b8cb526f5e36b7f27c8c38c7c6b4797e9d9f6fd48c52b070cd64df80de74e55a522f5a4787d232c054a5b0e3e650b5531e0d61c176a6e4e2d3ccbef47ec4672044a5f267cc1d5356f646c00afbc2d05670e508fbd82580b3c49310085568093f60a93140090be3cfa71aba7ad3bc480fc887ee68bd3e8f4443504261cdcf7abba529e6f8ea333922f1f381f6e7c688542b2a461eeef2edfaf627975a3fa23ba5bf1b5ecc60c3d555d1a0a6da120455ef745c0729c672fffbf7660c5bf99ed811e31c65fdaeeac4184c740f3fb7027aeb4ff5cf1502bae3c3a697862df437492447a301def38c46064bfbbaf43cbf3a6dfe8afd7ed50a6f196ab766a4ae7ee532076fba217305d03766ce1d193b1bca66189737e4dd1098c41ddefa2ac9a9d1b017c28ba7199971a234654102d99018f8a8712558da81cf12cfcf76e2a09968ddc80f1caf2bd4b44e65956bb366f95002cc6fb10818a4c049fd84d331aee8bdb6272542058841b8d65147604db5741efd6adf573c15961153b22b2aa6d82e7d570fb5f9c1c9fe272c39f1ec131f65d50d86d55e4ca0e492147d015ce0fc3ac6702ed2557e52471a7391ef54959534e062f92ccbd722aab780390591b980971af736d4d317706e3edc5e0224cd5704efd28effbf1e9ffc3cb3558ae34c6036624bbfe25550311d16db61c5a9ba7d1617911eb1eb476be90d0943ad127c690f591449efa6004ea8ef2ad365b9c2b5ab31e7de243dc51d06d64402a396077001f3934b5b81d7da3b4379a8b2372198e8f2cfcf02bd87ebbf42a3a5059a3cdb2b6240010333b60e403ff870bf1482a1abfbfc4460583b7bce2949f7e5567e1d392f08ce1ecf0f4ec0a73cc6364ca9e618574b5586f9de5838b2763b30d83ec2aace612cb526ef1e586665f9730f00f78d719b6471876068bed0fae8e8f65ae7868619b3893d2a5a044b985b4d1c48a3cc91375537ce3da3e30adf16a1e7b9fdae64511c3a6cd4e3166a5e9ae3706575d8a6d38f254d80560fa2823c9073e29cd1c0850c65e89941c91f2eb6d771cb12f89a8d76060144432f181cf3092fe95cb8cbd6ac6d7e4c0b314eeea9ea773470befecd7051097c833e94d680efb1b3619dcd15044421ecafd12f22c801e34d19eaed43891a709492bdfeea013ed02b58d21d3a72c0e1b10421b59e9f6ff9d6fc158950db0e7208b06d59aabfd763c30186edf36bfe91db414bf58018150e8199d79f37a005f39c2fd794b51bc0610653b7d86f0dd13e1367d9eaf6eb7c33b1dedb9366d2521df160dd6b36257055afaa506b499a7110b3352cfd368054ac5d5447995279649155cf2a5e491d3e7ebb315182b85c973d567f5cb96c2676efad2e0c9bcf207376727af46a2c89c59a4893e32fb69978e7077e8d2bdc7418b3935861ef475a6ab2998de3dd9c3003c87e05d968c95fcb84539b6da2a9fc579eb51e4d1bc4f37844a0e6b2c177e43b9407db8bb625a2437889dac21af2e8a5ad18b841704c14b352b1d8dc8484adab5e43837c36ad25ee6ab1a1a98950bfbae95d4160732bec5e084d9a113b093bb1ec62d64529d340711eb0b19f983d00799a296e437ebc27a9c3aee2279ff833ae2c7e939d6aea9331ddcdc773514d6742e1f9ff46879771cb6919c2aa8d8ffc75a91edd311b946a16081c31a0d5dbf54a02f75ba65cafb9f2bc9c716e66f52be6d2c986735057613873d0267667248f69e854d388acd84f5675959f31d2e49cfea5a247ec7dc884475284dae16a639f98c691d6157e842810d95fc64f7814c56a739b19de7b92d097851cadc97c38d94c5c7c3a9700cdf12df92836963cb94bd4018c53729e380f504d27c751115c6b64a10", 0x1000}, {&(0x7f0000003580)="26f454aefd3de898d4457835c9849ea78c67ca1fd4ca48af80b4b5c2f76613c1e09acb33732bdd0b9b68c59dfa446160d471f996aaa138ee90fd4e3b2e65d21d502aa2449fd91ff5676191cb22cfbc72b6882f049967370114a580a26eb365980d0f40503c6708bb65d628c477e4adc0c80fa68537c7d4b88391cfff65ca5245691e6a2ec2eb8899b4b95a3690d048e3999c8ae4bcdfdd866fe7f1a2a787c9125baf06d64c4a3b7cb2b72e4e0703c1cabe7aab97d69dd6f7a28ce50d0b0848ddb53501a9248c36236179fd3e54870e2315f190548c41e7cb386087971c7c7d2a330e50761fd5436fc12897747f78dddcd5f6d553e847884eff263203b812f98ff41beab75d2b82c317dab11f5ad34fcf028f8be21f7425bb569c86046efe0abc9c020d75496da8858943b4f249d7c3aa4e76978378ace1b7363b2d3f894b29331d23a97ee1b80d64050f41087bab1e8e7faa4edacc3c8540a495ecec9dad53d37777d36530b7f400495f803586a7eb2903e06d27fc5781a05171d1d75a4bfbb4f387d586091069e868174dedc6932ea5e29e267b19cd05821c85c0f4d827b580ce5c17261eab015786f221d36a90c0a0c005e223b328c17090892c5c6ea7f829443696612973c87ed0a254409ff8db5a97fcd6612be8a7448020cd9e6ec94174ed1090bb1d5458ce3b8b1ef4c3b4e4b330a922d8b4213caae1091f35facdb167a959ec3dac413ba67c49f61d5edc91c16b7d6060e0aad9986a50d33e887734a6b8451199771bd91c3ca2f32e3e209cf276c90b85c614493f4916d77ab90d8134b62d897715fc154582caf96e584e8352169d18ad505e2d1e7accc58b1918b34482d3594c17b5d55a851ccbb5703b55e03a4197a82f786675b4ff21779c9a69ccc3ce13e052d9631d09160ecb1bbbaccf26ec1e7f2742fff9e5b7527b5298b07fcf85e3c55539c26ce3ae50e2c494996b08fe61b08d56ac16fc07949086d029ceaf00561f8abbe42746b84ea3401b67c038eabbcd28fe2b4c109fa1b90af23e4578022a994db4815bfddb575d6fb7acdb1177f54d9afbdbc7b52c2ec57b8cc6406236806e22ef9def6210572638bb9770e254f1c2da8339dd3262570125a6ba46f66d2784ec17cd3a11688f27c6979b4a9749999dda5fe7127dc33a0faabc4bcf01c6402b5a0a840b68e08b57f396e9572b8c8171bf9e4b156cb4cdb18151de776e015476d8d32145f82ceb205f68e8b6d40db678c13d702bf60c213ab37af8f1e247b7e015d7feefb969f16a4f6044b7425b528c8c349099583656971744efc9f2cf6a003735a6040927c0ce2671262f2a1e5fb002db7a6602cf9aee90186711e2db6391688256f6757c3c1b3772f92cae1d2752760c5c35981890a8ef3bd05b480d71c5de91e694635d8c674c399721e39f7e446652369ee0bdcf2f8424377a38299e13f89c5261bad7ff98563c2d8746455a3497e4602e788e6cc5cd30e4dca678b61a35a2020a8086a2f6fa01005242cdcf536c935b4e5bde06fef0080c895b2804b7f2332d239d9bb8fdc38f6f7c79239ef44d96b5651487168625a4fe92b117c92eb3fa44c85e62d22c8d12124af5cf613520b26b8b95cc6b7498930fa1fbe5a62e949a59adcee93a5f5b506d6ebbeecd7ef55f16480691e3ab77d194fbe5cbd36888a27a136351a5aee69a9705660a7cbb5e655320d1ceb3d9e6dab6a803836a7665d736ff83cd840a29e6f8a2537a849209cef80bf696f4d9b6a03ebdfac1fe7a2cda2a654ca7e4ac649b0bf647668c9907dd8bcc4cb6d9df00fcb867a6c664d37d29bf1a4c31a094c41e8f407999da2c6aa5b24e684f6886687f0add879c64e5ef7b0ba6e7c731ade135f11dc66246df1861ef12aa223fade8384779546d661d07eeef5829b23c75b59de41e0050759fb2cdfae34fcb60348a8ad0d1b3f992c1e4eb8617766cad4e41bd14e0e7a2d9a3b1edd8762ab563f7d2485809b71d534e4ceeed7df325f3310c33dea7ea9583818d7cacd77108f9e51ba71f6e34fb192789796a7e2892e9d7426128c087663c9206d4b7e6c831032600c4120607bb80558e7faa4c4dbcef1242cf908ab6bafc2bb4d6032c0ca408388522d8dbea0a5b9a6908beb174e8004339fa5881184d4e8baebd73829ca23ffbf05365fdc6b266c4ceaee294f30c85ff51262ce285057667aff790c1e9e61f31ac2c2f721cdc2a42afc19c27cba56aa0f961acb8fbafefdbf14cb1a4be776f21e9b190392b37282571fff55370378a8be680592a18d2b1cd6f3e8dd016f9e2c199ed181c479f646e3c052eb4bb4f64b770b71116160e2d2aa54419ffa5e2317b7f2699bb599ebc0f46b4f758fccdac5ef9d39a9bd68770c0e1a73c495bf923e43a18bc39d0ef4d75b5bb9f4a722906bc748a239892d3f066be3edf7f063e180e7b40f3d9d85094f08c4a9c16489a5d9138130f08d568f1a108fa0b4018b83187a652708b6f5de991c60e83d11647046388f29093c9b78950fa8050c44358937814cef63d4cebb5d72e29d0d7d4415126968859cc08436ec42a21cfb363a6e66bd907cf3066f07cdc3fe5f7138f6ef14917a4cf82eca06e3411a7cc92bdbf7e2041381ea67af92a1bb51bb2fd4ca223d3bdf4a7d89fb8d02f03fdcb420949168a889fe7fff17da62ef62f58d902b68da7df292e91b521cbce13ee54970323d6cc377a9599b37bf31da6b1eb00c6d79013b170435f1d9f7dd57036c7a17a3c7b9496404cef083da478afd10065fb986fd9821e36bd89458e0042af9eef16d35d9046445cd7922494d551445555ebb38d59cb9020db7bb2f446dd64c0c7ccac9230d9911cc62529b63d8ff577fe650cea3dbb84fa5a21f3df770d73e5f4da0f2c1f0aa861c58fe2df13c964ff79562c30d5d93d8e7da3897dbbabe60f9908d76751eba88e60888998fd44d56e1c7052b8283b6a9286eb631c30b2421203b897a7766bef80b98d473bd83ccf59417abe03b81b99b937f3c985d9d8289e4fa08b9e142722f26e8a067d9edde691be4e8e4967b1b5816d0568e5552586f042c021e839d30f9b4a6de0647a8fb0161f3d6ec4d02ee3339048a256e56a5755a97835f87ac441a96e9746c5efd5668937d804c76115f06a65c2b90a14b73ca1165ede5908c79a3a7e5deeb4ca057164593e7a8ace48585b73e5bf4e3a196b43fb381c2f0c7f644c797a38c13bfbd4bdbd95780a8b03742cf34e95e998e5cb3ed3f889f1245677bdca496e689432acbd571ee0cca1aa2e40f39980499d51a8e305b76f3aac16cd1667ce38790a0648fc58336668a065fab063c8792aa1f74f1687d4a2da5e7babf601e3d4f4e23e3514284abcfa3069fc834970179735598d949c9a0e37178612d60623a9a0b302a9ff7390f1b1349d80effab1f9cba8c0ac99f56434fa236f81e5e85d8244243b1d9a7fb1b26bffdea29288ebdc1475225c42d3dfbb8f05084d89ae8a72be0c011c54a24c9c09b66e6c1949276875c8eca0a89281ef8e5000fcef5ce268e801430f16a3cdec853931f52bf0a028bcc8b95909677d1547c149def10eeed8ddf4eb046c0ad3c830e07dc3c46a19f80e3271c27637f9100ca1cb4f633531f20d996ae6313a6b676273438d354610d86eab43d19bd32a7b7013e60705d2172e559be2a7feceb945c8053c36a99219c27f576fc70fc804c696423181c1d68c7fb7ba966f4e7b93bfdf95e2750617f5c34c0155232aee3877dc05d8cac1122c4f2a61995806ebc8cae41155158f7a8fa0644b991142084bf8439cdd2be1778349f6107d2fc90a481d5d368d0107d14b79b3f6664d2053165828d6ef5f5c20cf26b551447b9ebd92e274ab9ec1857d770f4c97349f6bf42debb030d860daa450a40753ae7e5ef721ca574005826af5c4c7be0e883452d7c5b5265948cd4099d004a34c78cf7846d641e575a47d6e3ab145bd474b41aee43fcc43f42227325cb0dee7e398faf94f3cc172229136b525ef3c07c4d60bfd9019c5702a0e7d0b9234c4a3741ca82bda4eb549b96b417aea9266686e0626a336ebe852486a89b023cbdafe7a2c2c84a4400f5199b65e750f6b76189d85d543470585e4350da03f50865d577eae137b48ce0518873319bd5b9275ed7c0a7d5ebe5a0277fadf6c7c5db209ab6a93966a766eb499a8968d8fa9f1aeebee6094b69dac227bd8e18303eba63f5cf22c7a766b10118892d372a8cc37675b0eded81739cbcafafabd75c7a82718c34e403413fce6df1f4db1c85b8b9d1c4cc8004873c32c1ceec7c1eb6ac87809ecf92b23b4038930b505fcda552b75e479c5a9baa358026547edc32e2bf8ad6f51be64a0e3fb804982b1613c7159c426a7d384418d7b3fcb12731f8192978dd83d4bd4ecafcb7c9ffea21f3a6eabbbf18c5ccd250fa8ef957793975d5069c2705a5473723076ff1cc9cf0b2ff3c91cda0d703ca3647eb54db01ce91994a70279108283b60fafae67f927c242e74f28f5089b5049e7a5c43f19fe8e38ecd589e711cf24084c17032208b43088fe952032611a31a35e6e3c05f6cb2a57631c29a868815dae104a5d8cb85e4de89bf8aef240b2155668aee3ed16615d9584d41c62c9f567e4c4e004afdb4f0f4cef57498b635c60833c5ef5297cfc799240ded5932ccaf7c953bce089527bc8c8bdb5422b0052464c77cb5bb207a46458fb25512a36be414877363a7610e5af48aca308f906865ed09511e631795a123ce0c1fecc795651e239af45960b18f58976575f4ce6c67f27c37581a2f846705fd33eb05f3e042c466be6ead50b1b10069701ae80b8a69522576f424211ebf63d8ba4a803bea56a36f2a040276f41539e3f83e3093ee68e814628741f9207a5ced51c14cc6925437b24355b0ef9844008227f3bf15617f5c73e3800556a733de1acca701eac8d46b6489f7e8e9fad29a067cf934146ed56a1f615cf41c2c5fe8d3822560571eec6919e37b4fb74497a1bf0174a0aded373c5a21ee37ba9bbbb8caaa161f4f6f7f3caf9ab138ed2138a083c318dc0828c5eae6700de5c6134ffccb463f59e1d2ccdbcb887dce444db160c25328dad391497588142003470ce5a77f0d3bbcb4747ba71cc7bf0057e2a236ec87edd4a94799fc5a665cc335dcd046051ee604c4511e9332a4ca636a8f521c68b48232a25e7bfcf9e6e4b31c3ce4a3bff4470003f1c46791ed7b9c4f47227689750ca50d742e7f8b1316c529a8fc2e536cc5b205513d23e4cc3c772c1b141137a910da029374b532414cbd2a190e29071e5ef9645ca8a253d3d54ca2576a231aac8a57d8ee930ab35fded2eab89c6be476949a3c3caa46650a57dc9688508e6dd60175fa1c138ae376277cdfa038266f079ff5bda02dbbfdda640eb2fda44ba21cad4c20e289b523936b00959fc6bee2565daf542df3b6ef8c48c97bbaf1c9bc4625535513382356b9b75f345a1709be1429556a2a1f95b3985f2dc83801a4acf3a5f1f28a7caf7d0c2a56d02f8bd634c9d120a158c42f28186ee1faf2696c116941a609e8b5e60fe86feaedb0c4e1cebdc7359e966303605d9e45c177317f7df073d77869decdc8a0409321f07ae0829951c43a7292520a8f7c8786a9018393d961842e6d43a96b3cd66c0b9311115512af04ca5557db7390fe9d6eeb19679912065a83cdbece1957f8065b51cb42dd553cc6323f91f234c75245d6ffe2705422a73878a524beb8ec4c40fd10d54dd02f12d8184e43d5ce3927070523b0ca4e52c6b5573cfca1af8ddfcab5f6cbbf08492", 0x1000}, {&(0x7f0000002240)="4f55dee3f1b7c550b7839cd2bdb8a720e398803183c8054f5cba3c54bd1b68c62417c4216d1f97e93dbfbc60b32c4d742a15669c791c019c973e0cc5ec312e55161c72c4a2e45077808c01f994da5e9496743aaaf260e35053aef24a240b32378c6b4816e8db6a4389f219744f798aad6e80bfb179060d542a72eb08cb9ad385", 0x80}, {&(0x7f00000022c0)="0fb9587b0a885d4275768707e0b0bd46eecb85742b25456ef16a289de25e54d00864e35a040eb5dbf79d5e7455153464251b258540ada439ed96be0220a5c48354", 0x41}, {&(0x7f0000002340)="4e4374d8dd844b7da0a3a3a50bf2d154b8c7bfec32e45ed29d4ac89a5d9098ae563786c11220ce6f0f9256b8d0376270ae64110134cb7e8ad5c2b020fef507584da72122019e66b9290f7769800114e0dfe570d97e41e33c065c6bea88fed0d601916ed565a01ab5d57a09885dc5fb83e4ed92edbf26add9b288277705d54343ba083077dbf82e8fc0f33d7eb26eabfb53eeaa74eb7a265e6ecfa074d2e2326e7ff79eff7049b7ac7a41836b0fa1b3b25dceb0e5f98efbb6e4", 0xb9}, {&(0x7f0000002400)="4e68dcf8376be391d545bcba422abafc2d8939e07bfde80d801aa5c2149912f53d003970527494da4cdb2f08", 0x2c}, {&(0x7f0000004580)="fe81eab23106ebe209e01b04f7e37ad1ce3e7b649a2af409e15820bb30cc9dfc7aa742b15fdf0fc281627b87e6aee19ae44bcccb2b9ac91c303250056b21f5ebe031", 0x42}, {&(0x7f0000004600)="f343661416f0b7d22772f95f5c37ab358771715a8553c398ae5d9eef7dff8b0ddf8b86d8b35d3dd62f74ba868d327189a34d89053c556f0184830daf8ee6bd36738d959a10627c2943a20be256ffeec6b9a98ef45440cdf9630cd94508fcf64120cd213f66679d33cc7dc0784043935d956063c0a4a52d10bd38df068fb339f40366fb74cf54583cc407d21541669b2f300ed34a470b70a25a41270358fa41b504561439087ad0e20ba8eb7080d118a04edbc4cc7568998113399c722ea96977aa2cd135c4e7893e26541331798bec32c919e25525", 0xd5}], 0xa, 0x0, 0x0, 0x80}, 0x4a7e}, {{0x0, 0x0, &(0x7f0000002440)=[{&(0x7f0000004780)="0cca0bc3fb67718139e8526bb75a1a4adfa5f0fe6eb6c14ba191bb96b10ff44276a0416f93bfd8493402a539d69e6b23cccbaf7086e64f74909bd051adf6b207298cb02e6c60bf944282e01899d9ca4c8b3bc221ac145e29323d635bf806", 0x5e}, {&(0x7f0000004800)="2988535f5621587829444dce22e3cc21d1759df7b2b29d390fcf26282a58f30655749977ede29cf528faec48781ac96188683c9986a7d0f0aac39471753f49317d236ff3fa3f3c71793b38c5da678ce2a4b9f8567adc4c1ec9c3602bb4f2c0dc34ca974f34f4b02bcf0017f847101c6a7f56c9109a68dfaefe83874b492fb276e95414a872a86b13a27b4caa18acc9d4c357d3f5d3ce55b5e49a8ee57c76b0060a8c60302f2b2d30cda49b324d801493335287c60526216eafc32133e7b54327cbf94ab2", 0xc4}], 0x2, &(0x7f0000004900)=[{0x100c, 0x115, 0x9e, "51d0496ed5bd5934e733ac25b8a74b3ed0c393ea57b58df0f436fb46b6d80b28e5bc7ccc68db66d7f4e2bf285b5a2dc81222700347f8a9f6fe69fd24143683142ef3745542018a15fe37913437fabdd9a49d0ff1110ed5e44557979a85dd46c9ed23f716dd5f9b8136d977cf50cd279f5e97b0530c3403613467e2fa7b7c9ea07ea7f201aacd232eafafc55b7577ef5ecdfc9b615d324c0d907d0abaa94701aa2e2ea32979fcac211020e41a87778307b22346d113a922425b18e7af0ad357a4f9124d8878371e4c977fb3a58d7b1d2c001cdac8e80fbb5014cb9cb9c6bdbc76ade6a2583384287282a9f24786888f64155e2fb176a6f2874f11fdf7b32aacc04d0d844f85367121ff4df7fd1eea8b58cd77255d9f4f484666b14c8e7bde3a1d73490af0eed6f24d2a0a4a2d4914e5d533a9b8e43dea144f2a5f9a1a42a639d2b8119027c4929a3ab2941b0d1857ad24569e87342d8c368cba380e2f9f5ac688881423f640869e70b596048d4d8d07d2791b8f58d572a21e624e73509a9d5962618044c4b1366741c4905fe84b40a526f3defe145922f7677c7ed1a928964964fbc5ae4dff96421b33b8a862adaf9d7544a51c85c56e25a60e5999ffe4e800ec444ba9eda20354e6d7cc8e26f83b517b13ed0c8cc4eab15a845d591b326f20d7255697b71507d97fb140808f7aa3f2870dfc1a96085e5428897bf10264f007e52d26f8989125a5760e9b5b2daa2a1400d5f5802dba98d9ed6ea965a3c7f2aee32cc34af3b35434e3d44c2dc33f81e9c67ea478361e1ea497e85d58ca41dd48385cf9aede06ac99d7705d46505d6972331d6b2498f07c1a3c06de7d41b0e7e6fef4a00c5cf186c01dbf675dc7d7eb99974c1cfe7babce7692a6b1ddbb6658b5ec8ff6e7f8333c4a96002176cfabc7656c84d2838bbd5b2d65aac2b4741fce55d41a68334016e437f59e0db308a3e56fed020ab6c05bd47b8773ca532d40f3788a983bbcfae560f05b808528e9cd0b875f84f49fb621a565884db9c609a297dbd02206efb65ae71961094ab9ce9321ceeed4c0b8f4ea611469fcbcfa29d77b4d20b6b1259393b58065496e96787ae7f8b90874f80c41b467008ef54a660102ce0e13237ef964d9e5716c214ff31fe51faeff078b33036ea549af7105f380fcf896ac21fcabba46912640daa5df52d0415d968cab2585f833e9e96e55fa7b0a2abf41a1baa9cf619d1a89fddc9c2b3b40b4761afdacac3acd26cf0cf5d8a511080de1560dec529d1ba19df1de26cf4b2ee99548da25e2478b74f69b3cb875e59a1d7d15f9481e5896dff9c6cfcdcbccf2ab72a19c61cd4c70f22dad3d53636a6ef8012501f746fa45311d7758a1ba47c6f1a62893916d877e53aaf3d6c286266de8dfc8b951ec89e62918ada1124a48becfae201a49d9514f95dfdaf3e164dc86c9b3820eb78b2c7d4722a51ea7d874f191c6d336eb02b85c8ebee26e7a607ad43d05b2629a0f969a3ecc1d1c42a2527de2fb1fb042e3163469cec53c81623fbc450597bea13addee57892f017f9773830593c6b7050a0e6e1aa132dd09d05ab66e838f243c4b2a6f4284459bff248f0affb5c1ce7542a84f0bc4efa1a38fda1e6d77c10eb001e11ea172fccf35598fd787b1598c2b0bf63404fff5bb1f0318848be34426e0d17c1ffcd23ceb9922e819b789a1ade9c538959cbd770780b5b2cbe74c7ffe8ee78d6a305a8b74153efd02ba1400a0acc5bc8cebe2fb32befa703356e88e20c7cdb71e7f7421c3828aeb93f2bb635477ad19ee91eccd21c1e09f1cd837e261312d1147eea392e396c7d3c988d46a43698c06b3f01276d25e9b50ff89cd82cd1c4bf314dc14e7cb3b85e8d95831a568843f741fe8f79327bfd97d229fe8ebd60a2afc773db48793cfa2302d9006bd8ba8024f47eb138458d8fae4933ab7b85a4aba8a74b88938ab58f1c913bfe27b9b66f0b22afe38ceac9d01f39d1d2233bb334f2719bb2d13e2c088af891e7403f5121fa72acd1378f05031512684a8ae0547719c1c75dea4d50ef044751a188f6aacd90565096a273666a44ca75a59434b7c4b62521f999a1433bbf56641024a2cabc9b4b4393c4f631a26460be31121ecf34ae05d2addc021020a2959c89ec2b3030e592c141ab1da396824091007b5ac72cf43f9e857bc9aed8dd34a8f7ad4432e7d9e03759be1e5470135cbcbaed6618963d137d1676a178da56242a5b261133aa3ca46bfd0eaa95262f3d0b921ebf7540d269e389599a57107984cd1c00334af5c79925718a769f8ab28fae113157516d480976990322c314deb75590deea45c031619329af7b20cd2c50619714516aafc8bf1f71b55114eef7fd5993dd2769e498391e8816994450045f58eb532a42fef0efeb4fd14f787c3b557b94b60b31056e0b7bea7bcada568a7b3f9a93dcbb5d64848ea4f06265bf5ae4c5c1c28b98d259b6e160e3b3da30dda63de0310fb2d8ce75626360c85bdaafecebd3c9e4cf8e97ee45c2099e0251a8fb43d0dc5a285802e55fe50064bfc2181dc92b1b59f71ab64dfb65f5f3c4f9f59bb970f78622bbbe8ce5d0010f6244503f0dfcb4f822746f0bd1acc9a2912fed9b82a33d328e1f2c14abbe1936d343ef5e68c1d7562a46efbb78b05b75b8610247084b4213461c0a46735eafc3e30cb75b0cf4c567e011d8870a9e06391c8824c7543dbda0aef4f18f32d19663237f4ac1d37bedac9561f1c74e98b4314ebcc121fbd8413dda09bc1c1456f143936762ed6fc4b40dba77f36f9123856edf26c57ef0e72a5ab6e9aca9840f652159e6e7c66967544a4bc68014680b9fba3284e92cc6f90d75b08b53e569c2af1fcc65397f8d7e2f8221ad4b7b5699f275db60fd082776b42e6be9406f4c301f5a7d16a90a9cdcc77717c8be537bf26876def49c8dc35d6fc32ead4fe8379517492f845069bbde13b242be06f220bad642b1c6a50e60201b842cd07a31b9adaee9d343b58a256ede7d6373a1fd5656cbbcdd5584706ee41c9e831e767e30f47a0a4e95a5bb3eb58f850b200c4190316d0433f6597415ea6aee0e2d35559d814f8f1372ac4f128a4ef15aeba95d7c418c3b8952bc5653f23b62fd67cbe540a8331b41c8319e4dfc0b8c33a1a2e18d9edd90ce55f7110e911c157b02716a0894465873adee1b0fcfc1601ae85b4fd3237a95ee7647496d8db8befa14859f962d5ca4993a7232b0a420676a58c4726d706be37fc0b4825ad0a86281128d36bb37e97ae206c6689cdd71f523c9e4bc59c80ae9a10781d89530a982c47c5d3cf87c64de3639e9525f95d8f8a5786431592b48e18a0d2a8e59ecddc68b013379658173221d51b390d23a04eb02b4ceb003b33bb13b7c3f095af1b906c5665901e266bb7b8ee5735dab7a3e03b9495c71e436e84f0444215f2c364ba230b9ace221a130df4884356760cae29d526d3916f25723d0aef10e3ef25fbccd108700450b85886f8f78a115183b5855a9dd1344959c1deb8c540f49d9801f51a83de816402d62b09d85b10415c408fc2753898bf80edd52d098754258cd7060650c678e216996ae0539482ac55b2a4e10fbdbc4285a5eab615a6c6e1b01e1fa712664d8d96ec3ff5ae2be14470eee52ea74822e5a4096c891a785b75fc72828eed07368cbbef954d098ddfb3ff98ae5594490b5488826a7531f66a04b6d0b9984096dce03f84b0546b37ca80c797eff63d67c8a1368074e931a69db07965860c453140af0231db8c7d486dbd61268d0cf83c9d4f44aed8a601b7336ab0b4d6cb109219406fb7017c354bddd3d3fe88e6047bbddacf7e3e295fd9295878c5f0f6ddc9ee2b4a1410724547b23adc0cd1030c284569bc74255b513e90ff924c9db74205b54391f965c71220f4dff69051a71a47f8847ad21a6b6f6f9c6fe70a207296ca9170d378de0d57ce787cc97cedb5c0e69e3cfbda52ff0c18fac1cf0be17b5ecd11c7c6b65a063a2e8aa6a268e15ac1407e277a6ff925541f3bcb5531469556bee9ac2a0991a768fc28587212743113a20469c3654e7db27d23b88f8b884f9dee426e2a53ccfe1d54227446bc475e2487bdb4e6febbad60b45c788a4ec0011f11d37b1fcd2f9556982f6b8798b8c3aa91f6dc2fb1ccec059bd2c1c8f953d4d1cc0c241692913b4497dc2cc8403f2e5153a7abf5fed0a14ede307ca0af6738f93b1216f202a0144598e64df9c6751b42c9ca2a5f0527c73636dc62566c7928699c466cd5742c13b2861948a37388324d0923f8b115e9aa0a2713b743b1b45d41e969129888c7a3aec5e6a91d10e04646273ab7e31183cd1d3bbd9e77964df525c437579481d2498a1d697d7655667f4d92176a88a56e1f472ecc23a89783643943a481fda679d1806560980ce5f4bbcdee7e699900369a2ebc21b5307918c5f88b841b022d45a111342a786a346d970c5a31c7131409e2a4e436d293666459c5711554a026f36ad942f9cd67707c684a42f677858c56490db10d2cde0a26a6cae11db2ccc5fed579e44fd159764fe71edd2095a78007c231af9b92fd82d87fc42e33e730a6533bd9195ff71390a6a5a0c2dd489667ecd1bae3485fb380d3ba4d8378cc5b3b92a510a3f43e88e379716406ec8b1bad1b2ecae6f1c9fd793e98c4664a93b0b2911ff5e7fae7b5cc97b9d9fec33991d7b1267cd81e5e6e0d07bd10345384cbf384c815d0759aaa499a5a1e6b2df3cbb9dd23881a1dfcca140ca88402d5a864ee6d80403b0ec2b3fa3e9eac31c81f541812e8401dd448a32d588b865f5e51e2770d8e68a739eb321d2ed8ab96c880f5542d52b90bf5f9834cafcb651d21f77e6d1b43112f8bd83a74c0259a439890c4994b4889140e4fffad06d22633ee21801633bf46360a803e523b3948ce4ae1171a42b1539c9cde5ce1c6ecd6604b4be8737e25175324e24f45e0fc0782e21ae5eb54b3f03691ea46d392c6b6733efc15c5fc426aea4ed0f86c437d4b4360a87d27279740e265bc38dbb84a3d712b021dace95fc5a713b90a3da790ec6c123f918054e0fe25639b971d0591f5ec14b53c31ebf7be63261725e4284986db5fb28af3bbbafff233cb06237203f665d70268f8cd90aaa163c070524659b1a8fa87be4d9877a853f3527368588087164461a71bbbc0ae26c7f15983739eb2c016416365452ac92645b1818013539de2ee5c01c89db76f23886c4feaccfc5e7c88aa9cec8c6272dd52336fbed8fa693ec596363d6bccadeaac1a34f469d4c0a49d8721b6b0627c68ec3af9561733c5cde94d0e5dbb54e57d150713c979d24707285e60f25523094d26b748b39ea56d1dd68340d8552df6e904f85ac23bdc08adeac3896c0f0af478162cda1f120e5f68f62c6d7cfca07c8fb3be3287c3d6275e06d283256f1b0f613a113be2bd6cbe205342e5e4bc2ef95d1d772c3dc2a553d235ab1c2903a5da07c2d998f89e76cdffa8baee1c98cb5ef330bbaf8095d70ae3f0f2b0832697769b6a613aafeb0ac0fb3bab3a4f6d8e5fa33aa91e0b21327f4b4fd53859413899cc8536ff604184d30544e134e72e5bfb3fc0effb1bda31becbd6b916dfec25d28c2052805b9251ff3325ec98096dcc9e809f052eae5c852b325e19ae4826abea81334f478d7fef331ff67fff2e451909b5541e58272fc3ca8d4ddfa13caf7560db779954c295def068fea6cc7b3666529526602b09d938e906ad9b1d8c21df41043803a661956110f6ce6bdabd2c5641fff8547f16595adda9490d46b02d503c186e10a0"}, {0x98, 0x1ff, 0x7, "561cdec5efa13b392e3998ac648b47634abe04781992cf4b70196b6d9028d7bb45db76eaba2da725e215b4d9adc3af699767cad34835e50e9f9ae3ec3f8955749fe23fd877d23bcd2b8f306bb4c23ed1c6239c161e94018c062350009bbfe4aa1a28aac75f32b8cfd5efa12e4d2e0ac7136d1fd19696cd3eb1e36f97c6354d90a5c7b444f9f9bbe33a31"}, {0xa8, 0x100, 0x80, "709305346a09d4d2b1738cd3bb2c32b0496159e544590e404e67d69e6b7bcca6b8ea4fa83ff31f98e848c68321bff35b78139b9359dea944a5c8961f04034277ae9de3d88859cecaee1f6df70f355606ad7eef228b1fa8be2d3af1ab97491e27c7f6586b020413cd522081d91acbbba15fd20ae29c2654d595eb8d3ef5c24ce2c6247b1284678f956883a226869b0d25045558b77f2460e5a655b2"}], 0x114c, 0x20000000}, 0x1}, {{0x0, 0x0, &(0x7f0000005cc0)=[{&(0x7f0000005a80)="30686082e2f15b3df2324f0869340fb6f24e7a9b91575c4ffef9cb1420b2e7bd29c9d13a6b0f88c9f0e8533f1db50ac82a075d997ca3b99e77c607eda7eb6dbb00217eeab947a94529b487897ec2d87be5323197874091d2754035a5f633a7bfe0b95b3af11e8fb8ae2feb45cb5f75a2a2a157e772ec143fff37f52b9541149f544d013e62f2789d39977d72002e9565c5acb93bc9211572bf278165aba501267d2ae4aaf6447b892f74d5c84b2cff334350fd3e67", 0xb5}, {&(0x7f0000005b40)="ff6875fc2d7d1d67a4285e134c9219db5b14ac75a698941a7764ef45eb74446ef9bc24a0069e85180278eafbf61796172eac528f6141083363a994ce6c2a03bce8ab04f36f2f15e3d5655fddfbd4c834b2c77f9dbea1c5d02ff248d67023db65f57466dc3e4e6b7f9626269204f1ad35213ea03404425a", 0x77}, {&(0x7f0000005bc0)="21b4103585291400e282b79eb03721775953df19de581aa358a56e2dcfbc9f4668c3d0e88221127d8d5f9a962819a5c5bb6f87a63669806a49477b03d085631373a3f82d0115baa5d74230774ceeaf763d628602019a96dc9f31f0c40085e242ed8358c952d0114a34d065bc23e49d2c2cfbf94ae190d6596cb8e2659fdc2617460efdf7187d735f259f07dbfcb535d406f5c489", 0x94}, {&(0x7f0000005c80)="26a9afb2d65612c27675e577c5e9eafe95a801cc96c44fd7883a0f4d370b6e95046254", 0x23}], 0x4, &(0x7f0000005d00)=[{0x100c, 0x115, 0x8, "9a5aa65bef7339ca61022d97b33b64393812ee5882e292ba348c949399cfa76b1252da8e76f629a3c9e3fd4468584a3da72196d438e620ea92d46bbb121f42e770820304c5b017c6c2da2a8a38b35c0bc42126e6d70f562f5b825dffa892f33643eff6080083cfae72cfafc946b3d9dd5e05afdd6703ca37cf9813350a18fe92b87e63145b9cb5b8428ddc45dd633d89deaa8d2b824e2d56b7da7d9bfb03a6bb390ea2a71e97b06e40e3636c6d1210fb153bfebb59e47efc60835f5e92818a72624b9aa25ed898479c06d0a149ee15a835228e10e5d23a7258d8765ddc3776266326e1a5dd6c972762cbc3e6b628db639bcf407f3e97f3e53d4de6c989002d8407c389d69ae3e09b1de1ec2bc9a9d691a6cacf7c233b9f39fda5532ad61b36db39a088eb85ff00f95f5deaa7df2ce982c626ff4f350f8b441a2ed34230dd9cb936644636dbd66c39ed0bbe66b22ab659161dd5926506b94a2a6b6ef8f662b618f46f25195607253a05c1e13bfa7d5a28e80a6f93c6a148a0de64188639698f3fd3d36b8b1bb66f4acef5bfa539fcc633b4f71f98199ef7004c6442ed7b628c518ac02d45ca32854fce102d5cb4da5cc05e91b411d4ee544fb5a9a73454ef332379a39a985282fe23c11bf3e604c9eb0adcab9315a52e5efc5a10a9c8cf4a04d04d0c65bf8831c1eae8953bfc60ded10c020257d269def27a694f4e1baf09f8edadcf9fa63b627c91116948e0136b9004de747c6b3b39c007b264f0e922e22649f1cb6ad75720f1d50d039a17b4e83e5d85e9535f4198c2766f45d5b091ca2a7f2bc8f3951485e7137e2a7c0a4d9e72a01b8b997e7275ced0fb342971f8c84650b4bc78c5059fd01a4d580222345b9cef2ae3c8a8fce8c259c79a547b0aa2e96d7ac398e689f0451184dba980de84a636616aa8a3713ca0011f39b1d1c57ce437b6b7fce4483065b9da77ef7aa0d76e5173b0a704542062e1d12b0fd6eea8109fb0559ab494a49dc61f6472ede82dcd92282880019c1db9cdbcd551feff035ca48940c0efb15ae7a18a3755862c0cd4e27bdb38e70db58878c56630370006990b1ba5a97669194d335dcdbbbb2dc0050e28ac8bf88ab95fdc1471c7db619ddef34f7816da44d3815d0d82063ad8388a5c6b7fdb4faa929349ad8361774e2a0ea183668e30cbd8bf2441322b8cd86c2ec54e6b47322d076a246065f3050b7b227a63a46133625310ebb2e860f21ace5aec1b83389c00a5d9cec0a082d93d6a36d690b3ce4da8fce221b7b14233a8f425b0947a12cef514356040571dd95e7a3edd9aa8a0837add768e0cdda064fc7bd6fa548b4a61ea027b9024486fe5dd57ef62c199c9fe0c795b68a2b2660a5449d0f9aa20e86056dc447b2b37ebac57776ca16693b39cb80c6787c37b7a8bfbc636109ba8d8da8da85b3405cc25d0e9b95d5ea3a820021a93045689f3c3e4115dc7f89cd0b67e65be6902dc040110ab61e37eb2c245dd7a89dd21f80857cca44ca7bb9ee38dbb09a3d0dc6db74bd585dc09d768d03e63806b7d7cdee980c256203710a4db38f80fbe5228748f4edb95d159dc95ee118295a9997c8da84507709c7f00efdf109c6c235ac350a2d182d441184bb8855a90bcf27ae6d25bb737c17cc8bbbfe31210e66a7251678d61d3fed273507988102753dc28b48bbc626b78d11b5a68342613f948ae72c3354e982c43cc8ab6cd504f01bb1cc9e8276aa3417a461a458a41c5e7ced32202f62e71ad3db74bbc430672519cedc856d4b8c930feaece0b0f3725d8590d86c1754d4007dffeedc7978c210bf36235abf447c6a7570ad10e4bad75237d74d58299cab28d22fd774d36844a22028489674ef2e93d79f40ca633c4e1fa345699f6490657cf00f031fb5fd23f16f0445a13c23d77e159bf84b3a1b84c1909e442e20f2081c8f02b52b64e52a2125cf2aff5304b7c9c9ae0828820e79c3cf486aded5483a7a44e8fcf7805ba5570ed80674556dcaabb5e9d84cb93d40422503b286934d20661cf1e4c224e14dee8a58fb48493193a402c98c2bbc0ba3d2ebd0188197fc16de69a4b7effc96789660a34605a232869678630e70eef6951f5da8add696b00a80e7750d6cd14d8e9c2c9f08bd4452ad666d2ee4bc5cf11fc8786fc2d1f74ae17436fdb4976ac93b1034ee71a6461d949bbddda527812f977238783867e1bda241d97bacc6ad84abaef7ee51688e8a31efc5d1ba7973697db26667dafc152fa4961aa1a5aa05acf7ced62bc1a1471d5011e06118cd9d43a60e772244927399327303fb8622dd3a3d2df1e5f6d36a6f432de8fe8c7226cccb7607c5eceb4f740f7dd80199244cdfe62251a157fb6452128f44c092eb206c1c3f940c9ed1e912b6287c43606550af75570a0cc1a11eaf6292698e0c2285a47239c3acd0344d26eaf0c9a092db0cd434fe7c73a8e315f863209659b3a5e0f65d4acc0cd84032ca6fcaa80d2e86c687f26436fc15d3821a2c124d73310b9df24be54351b5718361829a9d92267d3d5f664d9af3a87ea81df26e85fc9437d9dbf8cf9b1c0ab50b3fa068c87689020c962fb3340506cade9bf1b9f64b10056ac9d3189c3a1e80db75a515bb3a8d8ea9ea9e877142fd484791b2b4710782569d77fa8d5fbe97d8f62b1dce11cf3d92365f5455349a7d03e6eff3a7f3b10c6aedb49c64f53f3e10600588154db0735fea7b7eeb9e505c61da7e17d70d18dbfc509aff9967cb40bc9bc9df029e47d058d8445d8b33d9bddb05c080dbb4649e9a70d56105e54e3af2a326bbe1951eb96107afd597f8eeac333904e0b4aec1c924e986a80446d7527e3b4072b81983514401865d5c12d2813dbdfd6615b47049d7b406da2767f972b910b2703914223555fcdbd0c63e3e99fea32705956419cde278e122522da385406abefc6c133ddc80ce42625962e111bcf781c628dbd6e7680891a57d5bd1ebad7ae91ce93ef3b7e142e955ffb794e762d388ec02349fe6ea7fc9a306f73424f4832905f9a2259efd2fc8982f7bd164ddf68ab6cbabb6f6ceb1ddc19ccd7d026eb19931dd139077b9ef8953845356a7ccaaa1e54df70839e6b9583dd553794c61818f142288b2c2d1a95859d5b5396c87c9ebebbf63a7156d9c7e42d4ad887c2174384394c73a976bd4ae0352fbdc219551e644a4e01190e03dd325dd6de5d9fba74872c8c637e61604cfa8f9a59ed2b6d04ddfb778bc6e71b01db5e168b1a46a406425e26914d5aa77396dd42429aa91587344e9c71054bb0a6f15a4731e72e7159e17cf35f6f4dab6bddfaed5c6869b38ddef82c5d6e3cd872b8d3e564b214477675c7e25fa5dbdfffaf5ec6971a56db7a6fb6a5c700f55e39ecea9416d166ac4661379a45b1d2439e6073e0a9fb2cd1275979be6366d78c91898334b8696601da6e38f4224c8f354d180f5a1d437e0faa34328283395e273c2a1efbe71d783424fb7a0788486d3c147efbf2840b184033433952a1b19505993d5b9844d1262a2d7a9fd8ea1394bccf0d3877f2a8c631167e03745d3a585107113089239fc819ada0b825553617b6bacbec42dba47a469cf2f8fe1922446a0f45910c4e65b6e80af506e0f590546b60da8f9cb169cba3ad14fda56f7bf467fd84f43225f1c4db81464ea0880816c6ad0071e932f41bbec0652b690ff1bee515eb216763844c1ebab85f916172af553e487a000d778df41ed8d00fe7fc211c4ca125dd5dc2ac62037d00f9c81d5fc31c4550ce7eb5bc981d9fb8793623d86056c3834d19fe02d8c0ee1bac9c2c73bbb3b61fb145d338df1e3cfbf56299cc184fa4eecd78d71b2ca078c822bd024e8cbd9c2598495d4bb0c2e41ec406f6f069d645ed6e34d4534bd193de5bac9083928e1c3519ae92b08fd69a355a4756feb199e9d90f471894dfc434503c7cd9d950e73f5765f49f697338027f28a8f4a2ad39982123d7a2bd9238df1a842a463cd9f0ada1e4a317e154a6c5ec40514c6a1c508d25672374800e27e661714ee5393f4833b3b1f43e47e240cb954fba960bf3f90bd64f46d2af8f46edf18ee770520bdfa5867b548ff151fbb62feb58498db1309c5f061b541b94367cfe625c41a494b22ae3687807d83397521a72fe14cd06b4768d81b5ad27167a9a9317e884cf443e50b1e0b682b18fb6b91a791bd904e674869b83645a1aaf54e51e5b9a3e78ccc8ae6a85e8cfb3959c571e8f23b2608779a7313b69b0099212fa7e6475d93a8eca4926976a61a57ba54a5142c2831c141b1150ed8215938afd0f8e58a7d78b4bcaa843f752c5273f14f7b6d376da00157a053b3f836cd48e6fb20a08711630b72b348aa62ef0e3f0d67132bb35c04bd6174b46e6b5c9420fcf459ed653e6083a2988051710e9a5978c2a5bbeaca637405178bcd651bd58f483f8f1ea86d24cc6bfe54eb2f4c1194c813feb0ab12cdb615170b1d5e00b77fb460196257cacb4ed8bc0391170e6f8c8a834216dde51a8a119a65c095a3ce3597ae5f2a27a14db7b06255fc076d06ce87ba603a309a769e43060b8146402a16c47164a7bebca2e422eef87a9fbf24f388725f40557bc5ac46dee8cc8479431b7139c50e7ad82757dcdc976b0f126492731ca73b5874e3991524e973f956c396569c1f7ee6e353fcfcb3bc396c0bbf4b2c7f904f1f174f0dbefb876bbce6ef2c8b8dc1a73d6c467beb2a09e859ccf1d96728e7710ff618007fd18a3bf7a813cb484b4cdde4cb952daf34c65f578665819aa04a0e52c5197a12303974c30a4c96acbdd67d89885f71f80a8deb076bb3190f603219ade297f865ee0082555b153512b9bc31650ee06cb0ff25554ecc25f1ec13242e771e7c8057bb0275c85f1f51faf09a670531791f1d5cc585147a11f23250f35ac398608d486dd75a693265fb3d56c34eb135cb2498ab6db0da355539c227702a2c5787b5fdf8df5a2fe168686b585885146fc500dee515604cf20c8c9092d0e4ffc7a892af35b4a2b5d193cc4c1c5e25c39569277e1032e4dc247fbf01f843a12c7731bb35667bf27f1db6a4997e6559f2f6940b8895a3e5e8b81038e1fd66c3e26374be066e3dc0736a6613091f0f2ece939f04a5123b00e201ffde1ffd6f78f6268ce6dec433ae70a0cf15628385d48bcb89d624a67faea1258e4dd6282b0ddb2999b7224bce7621d4a49a043010b93b00fe0abbbe986371538a22ac25d57f9d69cc51d1655d80b1e2fd12e635f0995cd7a21f18d80c738462b88824a0bc853178b58e26a91a3a90fa095a21b16fabc7e854cc7bad48f6a67ac72e0f2c076e617efbd03ba3c8bbb181b519a9eb89c7e4f7965061f189e6688f6df2fbbd6f366a3ef9e6ab34b5ab040b27942affbd08964d7f58f50531bc1fbc901b76ac568ec03a23bc3d79a18924f63b34207690025ddf5b64aa2dd10ba194014f16f8cebad5b8a2eada6162286f2bd38162b70be19c19cb418a9dc93cd2e80cd93fb05a67a3b23ca4299e863457a598566a2f6c465c5a13899a9afdafaa3ffbfb9502d2a4ebcac948d1bc023c85805209cba7df587a219574d12c24184313ae1bb2eba110af53117ddc45fa801b951ec26df8f3ca3b32977b86a7c4a517176487c33044536e7651b45f425cdf8dd0f96545fb2e461d80eaad98b4942196440318ca53db1d9e5fe0caba7c3fae41cbbfd9e7cb6d6c7d51dbaccf50f91787e783913cce0a00e65187fe1b7477524577e158f396247467e35e173360b9da25160d59e51e4a8090f6cac7c6cc6f9afe85b7cd6239fb07c48b6ec"}, {0x18, 0x113, 0x0, "0cc59d585595d8987f"}], 0x1024, 0x10}, 0x597}, {{&(0x7f0000006e80)=@can={0x1d, r3}, 0x80, &(0x7f0000007000)=[{&(0x7f0000006f00)="8f58de61dfd1ce9aac46c736258c764aa5eadd098cd9e1558e0068d6ccd50e49579fa5cc59b8fc651ee7591eae4a5c93407327bc1cbeeefabd31eeca782a926a72ac20a7", 0x44}, {&(0x7f0000006f80)="e57c6901746dc821b633ebfcd61f9e0c819763fca464545e63cc70b4914c02ee84c766acef10e050c1edf9d6109097fa7481cf9573ab5f64aee0748db1d062e8c6a9c8", 0x43}], 0x2, &(0x7f0000007c00)=[{0xbc, 0x10c, 0x1, "ad649b3bd122ce1aafa750a79d72d6766d88870a0d617f7fbc4fdf00609b02b55ed1d6184b05d9b5ac42e702f1b54ba0278f5c336750fc30615b5a3c6f979a86c76b06b9a602056ec0d73a3d9e8f56875c3f035f74ae77fe0805b0d082a06a5d822247164b6859ad5ba51ffd353d14c323928ad917fb90b603bae821ae54c0ca65820d9172465e5a868840b8510fea02e6828f2bf86c1122f00cea00b8e48b5228e4e6aa0b340adf116b8372beb13141"}, {0x104, 0x117, 0x1, "f8f8256577529ae31e0e28155164b9e722a71dd6e2c13ce43f451a4012d79f07541d1c1d9ddedf09ae8312e226cfb769e5705ea777cc9732b151c29492d7f7dc9a45690f2f9fbbc59300a46d273c2fb36109e5c550377863d6db53a64d6c208c25efccdaa2b80c5dd3a4ccff322f775ccce6335f137f638e6d7cb0a49447f31aec7374a82f662486269c07db2a4be14d1c59f8b9256e625be525d3afb5937eed38114d0a7e2f64ed74bee417bc249b55861b4009e4e7b1dbb803ba4d5705fbffbb7bbe4e1ae61dd28f3e0646ddf53f9e5f36bf454d043d131b6ed30b25ee1a43298816725a1bafa03fd7250490eb20f391d4b377afc3bdfb"}, {0xd4, 0x118, 0xb3, "b6f870ebd5c7801a7b98a2b6a4633c887e43d9316cb1b9ba6edc8889465e6c4c07b3eb4d16c595d41ba8e9a375169d75bbc26a38970514a1f93c457e02c579b1d1cf33e85520ab0ff3835c4f226f04b81630d79bffab0f69a5e19405516a95f5e29c6fd684e46e3f504ab1c07ff0f260806cefbafbe29a0a79ee4310c71eb9df096fa3165d02ee4b451740a757c8cde80259ffc80d4ccf649b09255bfe0c021af48dd51bc6f620f6f57ed042263ddfaec0e0f59dec747ecb46963be0eb35867bdc0b994583"}, {0x100c, 0x11d, 0xff, "ad2ec3a657430e569af99ba557e0d3cca81ad514d51194aef27d6726a6c8e278eea39f4cd37b8ff425a4615653e20c45e043ecc76c02b6a9a2a5c92703cabb937d5fa198150b4ea5708d85ebdc3f0e3fb479432c00cd370e128616be5bf2b5d2cfa5f18d402ccad9b05f1655594615931c7eaf20d5031b57e9853737620310b0a1c7274eaab93f55481b956a3069cbbaba0dd324bb0a9b7c28f8876bd7a4d85315cafeae5227eab9149d0c10fd5f4bf8697ef47d3148a5acf5387c6156d506d5c7afc582dd1d0f1d419d32dc18a214c55c0df03c8bd839d9bd07f1c76a2c0538f2a24ac643629e5c681609ba5178ed527090407dfe760e98add268e58e5b6e27b2ff6274e3071a279eb25c669cdbbf413449359ed1a2245b73f4f154cbc5422fb1cdee85c9698f81e603cb72a5d52ccfecad88b708f717e47a40e46a3a3b93e8fde3fe391e72fdb6651e641842eae88e23bc66e7750b4aec04a74ccb39e17c225b224c4e51efe87a389b9d891977a25612a7caf51d2c4cbe6a84128e041c041068988158292401a123db4bee30d3eee57722e1a2e64c6fe4b985a413ad0a9a376b74c842014393e1da94448f1fc3f2ee18ab9e1a563bcb5fcfb212c8d26897e3fe7d1feeb977c7a8726fea4d3089be5bf672bfb9053a6d328c4656480cef3e14706b77961e1fdd8a4352fdd463d9028a1c60e29b11f5221d4d5b7689264032e8350b9bb96b4186d6b667b172553272cc2aa14aa88c23af72ef6b9a5fbf9ca4cc8d03add1a7f6fd2267750ee6e2a0e10926d2c4e40399acb5bec5b28b529a7219436b78cf4d44d8031a01bcc176d481169ace32be612a243c9e228cd9b2fdf895bde662bd2a8462e5e5a04da4ab0cae243c30362260e69ddaf89fc24352fbef91f9b1f39e70ad207262ccda66701061e4545560ed5be0cea447ed034eb8ec676c4519baf7ae35f2e0713e708153bc494fb0aea0c9103852a667f153a081d596c2940938de4621157bbee5076b0fe7fbb461ae9df5f2d5ceb02daaa74d50413a60231ec169724590b54e22b086b1d7a9f821449032a0b99c0582cbbed5783c2c18541b0f34c2fbae37ba5a6b74e972399b662a88cc0211ee7c0e32c808485b073a7bef2428c59b40f0102248b301d46200da7e4038a9e1d0bb2a593d7812e7d9d4ac70990846a2f614ccc78003033fede3aa84e877455cdd85d582e74a1ce5fc3315fd4216c67c52c2eefb8829b4713e2cdef38534604fe0d5d9d7f41969ee3c5ff22ab6008bf06783dec31268187fcbdc3e8269fc9688919bb2473615a104f95fc8528f7e60599733c2ac054538a17a8a29ab013003f821f688be09a962cfdea471fcfdf2b8f8b38a41057b6c17242ba8695fff560a93df80ffd1740b8714f8644de307c61af377f18c7898d7203f26b18204c1a8b5e22a493af2365e904c0f156cea879175339b769ac75add986a2b45c3f335656f8e5b7deacd223edc8055371886184243c9b960ebf980f99207b7fead3aa82a6232cecd37666a55a23fe8d36b51145f58876b140d272ea1511472f6358e0babfd69c044704251a644362823ee453e54b9cb3293ec87f53c7d8fb127d560a5cf3a75ee412e895a48c5583ecb308cc42d2a5e71484be8bdd6ba4bf86232b70fba9a37a52649914e65038b980e47b751b7406f8bab9c6e08adea221a932efb10f0a8849535564e85b843303638718c692bb465dd0797d662b5b610f41bd5a71e5dd855d3ab2a0448cd6807b5245a5dfd6f032b05424cda37e41ce9f84cb9add162a6e997bede90c751c387ab6ccb3cfc6fdda7c29b88ab73891ad99bbfc40db397c9c7da0368ed68dcb22e2dbf4efbd27c8785091963f1383225d835b7e6b57c0b18127ae70b9246d13acc67da1c6fa41b6ff2e81cefe7ec1c2c4b380a17fb83b419f48ceedfcbfda7dd7e2cc71144c2cea7aca07b9edcb73a187dd18e4d76114065a74741c6b58f3e9885c92d17f9886a6a7b66fe63773c5c1c2859194a71c46e0efb199ca28860d0be9320a4d3cbbf555c904c72eeca9552a4f06e4293302e96131df4612e84b92592e65630907012d66cfa478330df773a2a815d152bf6c0ca7b953ab6de8cefcca4f370e6468ba7aa4d40d9b26e3c6c614c33e3f4a6c35994f895c6b88983efd9e81549c19e482b31bb3d1d5a6be4d6fff23e12d517cc6dff67ff9e4b599255d658f87e0cbcc1ff6c907c521c08e35a7f00ddd7961e4d52dd0f670608ead8fdc0461e3c839aed7c97fe8f03075fa36a6610617eeadfdd175afd993c230f25457d683b60a5f49f8df9e8b46b27b639a9951209c3f0ba47a9325c022a8a48c01a93bb6eb5ea1566b9550a1f08333a47af214550837767bf23ea9d39499d64ceccde9c04fbc56a5ed01df57a0f27c4d02ab2e531895533df76bdbe1dd4bcb44071d988cd145c88d184e76245b1e1e824c136b4430e2c90353f4c4c5a3c760d8b273d92684d8da1f024ea28ecdd869f9c63a9189c55a29e554541e1f3662343bda16fece5412aacf77a9a03834163269230dafc03a977bcaf38d4b6507374a9f19c19302877836181f8226444063621bc470ce74d1353b4db1fd7c164287c2050b0c286b60231f31cbd550815a952e322bd1aa93f6bf6316b502380964ee29727f42eeebccd4927dc4cf501c035c4ce82af5f5604fb24b2a83657c0c2b8d4141e165bc43fc812eb8dc331b8661b8e7c81f3406cf1269ca09172d167850613c58118eaedac2ba0e60cdb93dd8555388451ebf92ad40e13c1ee12ea128269eef3c178083011f89b99f6ae1d695f9873996b7b8a575a5c62d39911ea8faa87789778625abb7e70252519a0aac8b259a0ed4ae74465ec8197ff665e32e54289800eff6d213c3841296e5daaa2d22d6555edd90f46605b27d55adb8e8db8f8e570e7e0b7c2c152333ae8cf86a5cffdd4a453212bc69a8e3da27a214b73b79ffbe5c21089ecff573359de5c856d189b1696b98cb2fdf56aaba9f44db0b6eacecd33d6d3fba530f3000a3f5d9d0c609ef0b9c66e26e66d0091e51594dbb4f5a00b8f5624590758d511b7e6b114c6d413dfc0b76f9e16399bd5e7603e6ad398be6f06667941395fa975c0891c2971606b8c66b730e7294b6b970b7efe66d82d19a9655ecace53358a7a03b24ee7fa9e7ea920289c578a11f302b3e343290b1f94eae134b3ff36f80d4471c88def1c0a98ddc2c0479aa8aa3ff6d8e549033ee3114fbe6fb928834961b1ecf5cf8354adf4694d5039b15253c68d7509e51b68bfa7ea1a955eb2981374b8afa6dfc3f0d36adacd94a8176c06cf7fc470281bd2000c74e22f7b5fbe2fe81cdf939e0b746095259a8225b9a18855fad2af249e67617ebe5a545afc9ee2379557a16fe7b33a2c31f4c506adf7a9d96abdb97732535dd3129aaa6387570fe484f2660db640f9fcd72c4b9e3040546c28c5930689d62bfc8fff11683125cd3ccdc9031e9372e9411152282393ea78ca9fa62cda3fa907af4e248dab5ed6e619b5bee7caf4689862de77e70d29255830af2cabe8a5a8bd5752be3e3ef81cc9da05ee40a774e2713b22666227f46c281ea9e4033b5e57a110aba343d9318755d5dfdce4c0dce1c3394ad40f5ab25358577472da08b996d616e35d0fc841e2644b62266cb70385c7581a838610e80af26fd68b49b7c9529a5be27146f703d3eb77f4a4dd10d2e48459ad612c16c0c4aab1801b45f1d1f1b6e915349af047f6daca7e692f59c77094c7d4ac3363a15cfa0a0cf0332ffd9fab1f9c19d57dc96e4add13528c3f1d0151317866bbd52922e54d87ff13b2806de0f5e1993cd58a309888c607221873a1714193488cc366278f78e5c116b4d47e40b674e72524c9c3de79d4de03cae6a047f8691592b492cbd777feca52c37fe909a4f1349c411582fa6ae895dec0af79bb9c170a2ddd5532b79fc1662cab7b0ca0e04289e0a46053159ddf33012cacbfc32e7763d32b027df3ece15ddb4b990afa6c9ea89fdeaee7ded25b26c0c10258147f360bf9665352d666ff466995c22319b13a4e378547e11836e19f1939d4d3eb781da3b8e09fad12e14fdaeee14eb6f5d4171c1a559a09265b9d75ebc9467ee62037666e4c429abd6740874e4bc286187fe16a0be6fbb5d0b2bab2cff620d10985ec30c2ece9d03ec9a1847aa8111d0ec514a7e11a94590a022c1a9d1f26e103068f64bef6771385925a752cc07fd420309be7a38962485e24d08631fd670eaa72ab3aedd21b729d48378d56361d4374599213781a0ca2af5b6a65d8080478e5e0d03dd2cc816aee232f7b9c6796da754b9c29735f02226e8468c584bf1d644db1336aac738fd91db5440c0d41d6b46f1153050f3101e896a8aac828cfb3326cd9e486b6c90307188dfe070f6669bfb0663d754af2831c2ddc5440edde77345e3c189d762cf17000c21be4da789175e4971b607cea68f483f2be349acbc312f03fa92777cda8f3619acd777da55f1c94ca7d472faf2ea7e61f8eac3f51d08adf3302677bf4f1ee24a73e046a9949bb2cecf73228c5c0d447326e7f944d8c9676bb2640bea2df3e0a8a1d720c6f11ddca183b2a5506ec51dd04fc8acef330149cf4ddce4b45e55c536b1403b62e9d132d468c80b7b7416650b19bc3cd73386f74ecc04ee9a23cf2ef365a7e185976e46dc7790d125dfc19f3b42a52940f09081c099428edd986919b53467f79583e5e1bc299588e76376d53f29347d6f3e11dacd827e6baa1fcd8609573fc8ba7b8bcd65e0d80c7cc4bfe710023ddc7bfdf255bc7706b529f243abcef4280eb68ea1815a0c5f841d67f070edff51d11863754a45cfaef8b7e675be06450997f34d5be7f8fe8480525b586c5bcc18e3980fe739bcbd677ae8202050de666f8410274ea3c1a823aedc2d509250646573d3e6d3433498fb013c773d2b6970d5d61e304826b8ed8419658ab0599a700093c52edf8fe027fa97798a1a9b81d8b4ad6917949937d5ee8b547fab60e0d1de3fad6ffa6991a774e6da0877f30f135166cdf9046348993a2687dfc47f41c50f89d3e3a7aebfd2c3803897082ac4e2a561214e42938b8f038b14f21e5b56cda777de166e8d0c6fc872baae9d5b58a80ea7ef43655773feba000c644ac34cafb4b05901f9d9ca69be04d49363a21a17cbf445e995570f7f1e4ca54c293bf24b4c64008cd38ca480b726cd0b09dbc52ec035ee73aa665f76109208d67fe048b2d78683366419764169f11092ccd14c4c3d1f4a340aedad941206a319f2fe1622653d6b936d32654b7f866df33d6cb40eb21cfceb452cb4faa0b9a7bbbf6c574cba82824f6f4c114b64f0f3f4c0ca0661f7eae9c6e82c27c49ae59a53f87c947c9cb9ca61b597d96e5d9dca6351f5d4d11887d44922b93904d9f132d75ceb29f71ca63f87507025bca524447bb06d2128f5c67af1c05922727813ef0db4d86a8d9f9494328801e16873b7d97ac7550ca7090a61af4932f5c47b33e6c113987504d4d5eb663ab42388dd5423db933e28e4813a47c758d6416b4ae3d4a6329ef4cf311cf4d66b65e0420dfbd50e65ee706a42e1e7e66e8fb63a19ae8a43d0390509ac2f63f05e77f8ddd1cab1d66c7937787b92020ef3c9fa4e5dd6b5d089dce37a18b90d4c89b764b4493c08f6c5b1e23e311bcc1d24b74ec4df8cfe6e641b6c15dfca8072359aec63e368a01d79c5b150d4bdcfde27683aa5dbc75c4c511c861f558ffac100a4e98f3f7315bab4d6d2f3f0bcd11915773ffd1d39cb2af5a25a3a44f"}, {0xc, 0x116, 0x6f}, {0x6c, 0x112, 0x5ef694bc, "abef4d55add31bcbaf55a71b0712d09e19e09a946b12f3af8ac38cbcfe7dfe3c82774dbb826eae6a67a5c18dada7abb454c6eb422abc66b92ceefc9834d5daf6533e85ad503387e652dff6608a904eb738adcc0f7819a20525b3779f6e4f3cd2"}], 0x1318, 0x4010}, 0x6}, {{&(0x7f0000007080)=@hci={0x1f, r4, 0x1}, 0x80, &(0x7f0000007200)=[{&(0x7f0000007100)="e3efc99a928fc38d4940be8ce33b853327a2972a3e4af7e6e92a293893672f0ee882222b80d3e9231a89f99c947f5fb9c97f84a393a2c4bce4e3ae885110cf5fc3f200db27888e767e423f79da9a4a6ec6a192dad68c33e9fb3f5aeae38fb95d28d18b8cb0948316c503e4b7ac2bf838b3d0887b9b11c5741e7c3d4415202edbdb237dc5a0316724f6a45c3cf54d29aca0f7fceebccd52c9681ed8699751c12a44596763db35dd9056a51d0953e457dbe2b896aa0894f62baff9d1541efb47bfe1c9949de19c87cab2a2f6fef3ff281e3e0f4558c0df90ef956ee48987b2", 0xde}], 0x1, &(0x7f0000007240)=[{0x98, 0x13a, 0x3ad2, "b96adb5485663a52243c04189794f6ab2939560b0143db5d98ce1ad8d7b5b4406f1b9c23ac29dba2680abecd23a297eac27d8acc8676315bc6344fe0883db446ec5fcee10932250108a28172f5003519475d068314f32d64bafceaca2d162e2d7b7d2aba9453af41af976e7edf1ec077b5cbce3f60127717c3bdc3dbd036282279ec942da9af93a540d797"}, {0x20, 0x0, 0x8, "3e3cf90e6d7b41d5ec0b5356b8ddb2bfd8"}, {0xf4, 0x0, 0x0, "52099f716508c450b1255176782826028a49f285efa6d5931b41aaa1e7fd910924b7f38d9212bc4eace4be1628bf46765e5bae46e1f5fa5ddd6e35322d828dd99160d30e8b64f32bdbab3f453c89ec9c58502b6d42a76764ac009cb0d50a3212b3310d31b796d6f414a5bacafd91c63f40ab00ef259836beaa958a87cbb30dad8faa94aea14a73dfb0c1f447011f58b4f14f2270499a449f1937817aabee4ed87a8775cb946aabcbb046118d0ab921edeb025e19d7f910252d451be79168f198430d106b47c44c23163d8bef56fb611aa3f39f5762f87eab095e00ede7fc6e3865360bfc0fc0ad"}, {0x4c, 0x11f, 0x4, "a5e101b5f25029ca27fcdbb31aaadd8ee7616924fc856152f57a31c0cf400340df51839a2091d0620cb6bbe871c4107c5669173106ae859fa9bc015c6a"}, {0x74, 0x113, 0x3, "a43a37d1c3a7952cc40264da8f6a78da033d00ca0a7920c07ea5135d1da6213e5d829584d5a6839d423c5642cddf5d176a8f14c5c8629e6bea4055b49b51b0c186ff8dc984c379d24575482c7ecaa60cd5aee8a3f3f90a5370a057632c8aa70ac67ff7366c9c53"}, {0x28, 0x113, 0x2, "d0e61ed58215a5a14d1898143bb525d83dec82c61436c0691ea6"}, {0x54, 0x13f, 0x3, "49bd799ef90566702923e96eb007d09250cd6f3a237f5296d9dd18f3d27ea159413cc63419f24b10f3cab830d245bcb1dd1b56e055295630446471e196a318bc6b044070b5f2e6"}], 0x2e8, 0x800}, 0x7}, {{&(0x7f0000007540)=@pppoe={0x18, 0x0, {0x2, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 'ip6tnl0\x00'}}, 0x80, &(0x7f00000077c0)=[{&(0x7f0000008f40)="ea0f57089dfdde43a2e0c97b04d5554aa7db819c45103f7828bd5d17ea919c8243a908243df67051cae4a2af66d3cfc9d2e5d01b8b8644a8ab874f08852baa399edeecde3e3f5ee882ce5d1ca6d884b04b4fa9567d74e2c80f1d35456fbf7e2057407ba875af0ba3386da9bc7408e725e6feafe594ed1826ff5bf2ed39ded401ff964eb654d9e15458757066a9e7f60ee58cd99f80a76ce18dc39903604d5b96e8810d4ddfe9ce17ae506d61caf702d39ee9bac64869162e904828d6bac4678888e7884b3e3f1c47b4aaf51e2a4389e4a4198f2e64fa5eb31f1b5165e7eddbdd5e1861a443450def24633ac17809b194f8d32e081266665b13a9923eef96ff0f5cb569333fe1dbdafe6be431e4c79f37c4a1cf21dad1e1b74655cd101e417a364c5cced1c510383c53dcd808f47878feec68a58d858feceb838ab3e3b2a6b2204d6c0661ebee92fa6494f9141901821451cfe49a64dde81aeadf392233b48652c46c53e4aaea49496d495406091654aae55aa55638df27e6a6766d73c6ee29a7a38b120d033a0e568482f177c2df6171433ced90833337f9bee789362e0b8661f925e18d3bd2572e678d51628823c72ddc5dc93acba990dbed5c391055c40255433e401ef2d31020f40f405e435617fd3a8d6757fa80e360abe99c463d45146f03799ca4d40648764c3356068ac02ac760242c9864ad63b3c8d78ce7506cf6d85a771b78c68b045f607919bb62d805af162c48b901af1bfe5a5101bd0ffdba72b566fb115da005faa99265c1dbd7724d7c080eabed1cf08d66a90d1d6d665a0ea105241191c6ffa2dd6917516416f8098993c5ebcd8d87c7d39969ff05d42d6c23a8d8819842208bfbb35a3ef788ff2d2e450898f5ea627107cb603e97a6999754ed7ee24ca831f1ca4925d34695b8fb8d74a69e9347e3baded48b76a26d19004f301a2bcfe21cbac81c04300fb3bcd1b1a37c5e021e9a664c9cd2c02206431f6e57063fead74cc8489619ad193ce9e854f324d40b0afa107ce7fc793d175816948844bb31dcd53bd61c4f452d3454f9fbdc191c4b40e7d63ae537b654e55613496d720b8133c41104353857de524095c2153d64e1dcb995a88850d37fc9618d979f7886f81ef7d0a94f6f2c0198e25e8b45945f0cbc542415faf74dafb7b4d065ddac51f1fa0b14f1a06b85261efb53e2d00d3677f721134b6fa806e8632654bef2c704cca8688633b7ca4ec7a40bf20df2cab2527af967e0c9c4798072be4b89fc17cda82d27b54edfd354b710a48500fa7a04723893b47c7e2dd879f9b6056893d5928c2542474fd7e8a47824816acf33cb7e09b8fd0699013e37e49505803d058727484b6708afa0a3dcd776b1287913ae3e1e12bef33eb50adf9c42e48d746600270f1a617e926d5fbf599f889b538219c7ef69d5932360537d51b4964d1fdd6a54eea26f4e648c48bfda1b13327112a83db5120eb16e3d468e1be0a884d402332f38f2fdaea4e9e7942a96c79b1bfef67207dc7fa2ba4695ad711607e5d827e968655433a1586c00810dda7f14f4927511fe55aed4ec7d87bbf11df755cafd49d4c27c57818d642b0adfed123c8107acc9b4e8a7c2d73475d94b8116c158080328535875a3fa468aa050f2bf3a5498a804ea99bb8d5f5bfd41bb111e468a240b0cca72da711e94cf91ee72023f982d7fa22014ed15e0b9d7ed79a591a513a8b563c12a43f8baf34036bfe3c333c5469d7c11aabc6fd30fdf3b82700e0616f8f6fbe75004883d64895075543e71011a04936ff3d540531ee3022d729fd8cb6dade8a90c239db0279062300d8548f19b3b6c728909bbeb374c6bc61d3b818a7752921501da564887eb5fcb05c9fc77f8d73f3a33027996a16224ab83ad5c245fba284fdc1856be098bc3e1c60f03c2f14435a94c2b6e878f23546764edc882669df744c367b20924d4660e32b2b96a08622bb07b110009de38abd4407aaadcf98da5e7abb95111476176712edfa206ed670fe4a87c8a9df193395704c3251801e99afef6aeac2ecae0235fb6650117985a8304eb8525e1c69ab8f415c7c1325f324c4b889a20ccab079e9184979e97dd5b08debb9124c17e6dc0a87d2f4c30dd1346aa38600b4fa764974b27f50e0090fc68337a0481066a3c034a2c59a604d7ad91b9b13a24173bc35b27afdd6f0b96ecb7a1a612bc9fef5e74f8368dc34d78c284b8da92b85c8f1323e17846b49439b670a5d3f5190c526787a1af933d637820e7599cb295e6f561bbc3341e00de3d27aa91246f3bb61187dd7878142fe02c4633d8189b8ffad04ffd707b975edb2ba452095375d5f04fb3ef47b6b686bc9e389a1dae2ab6e9f07263429cdb95a8d26c9482674e7397a7f4d38c7913b8c9f055cc64174ad4f79d73a114d619b8b78d12e8efacca9a29b686d240570c2fff616c1c005b6c138a0dd17aa5075148c8df28e634f34a72544184531fa845f0a69b06ae60535e8b6b4c1fbdb368b883e5d9e1fedf65c6c0664ce81fa96a6e80320c9dc6da0eec2315d6fb2b754d6cf2d4847acda5a6c61bddef283c01b854f017c1faaee1e59fcdb0df251e58bb6a5309eaf5d42f744965c83ccb9693f07e5cac8b349dc1a95c327d95a3dddcdf209558670c8fda2fdd05b3caf78e2e620cea6e8c25d0b6b4c220624674b8eafdc005cb1b99b9bce1d487c6463b151aacfc22d62dbeba54e4a9bd5ddbaf7ef510b22d7f94dd72cd1f27c0574c151de6f0f8fff563fbbb709abd0d7d236bd6999c7cd5a90e25ff189086d2641af2db06019f9c1f558557ac575fd3bffe1c9404f3117738618c1d98115c76f1c3b9a5ba1fb12e4256851092ee455cbab6b8f681ff4a4cdd0eabea57dcdefb7dff8676c2768ed084ce73dff48d12f58b476f48d60e6b85188d8fa1b26034ceeaaf8fef403c0e9e5106d0c55640c693c6e58dbac09856ecce72c9d8697309604b1da0ce9c88089a301d30a00d8f80990d2cd317be89ff7feda9f36718c52a639db998ed093586256c05f9c5401553f54076261e3d0bd218815b43c777c870620fc1bb6cee78c10d7d8da051944e993016da6a1d8d6160915b8c9e638e4afdb510c563512e884e15a69f7b370f7fb50eb5b807d85205f1d63c1c0d8ce0e0d5731f0400e34eadcb5d02f041fd18b42080a2b31763569e5f7ac7c3a88eaa212d4f2372ee634abb79cd1570fbaacbc2c845676326fb4196b55a00afeb0777e162dd04ae89447094b7143c33da1002a1b1d599f0a09a4ddc2f455e97b7638cbe283cab111ab09fe23e6ae785a98ffd1f73bfdbbb2934f69285d77e7aed05b9a0b31bd54b38ad620689fd87d421292bc8ff74ad6bda5437540ced73121b1005d44fe6e5f64c7c812c09318b8b6fce7604e93f3a98e40e3a75275aa9e6d39f6c073131e468b227d691fce9d97c0924ac1795204235e0142759cccbf87362cfc6deb4616ce270fd0d0bbe0d1c8f295f0ceb7d7a4bb3a23f304e1da67db22f5566ec8568d9ad47363b5ff05f6262edc341a30138ba93bdebe10fb296799caafedeec3be7c7dec9320f53c035a8857efd7254df8a2bd2f1e374fde9f961f2e3c9caf3831f917c810dec3995aabdfc6b5ca135eedf006f8523e1ed6a61226132f3a0887315ef8ccca79bed784e9be3ef64baeb92e73ac7a61fa3b05976cb73a341a1599564829461e454a8c0c82e038b80f3fefd6dd28e42b9adac52660b33bf780509c47c7333e29dcbc52590bce7f2109e18c9da2d553e228aedb222bf1b2d222fabd2d3efc988254a4914796179ac29df339bf816712372c02c7dca5ba2547397b678e13ee2047c9c2ff4fde829136f5e4677c28e3ff92f870d8aacb710f74125374e1a34e3a1ac75b77489ab7778706bbae1c5deffcb84410d7771baa52a648cb10510fa76ffab63a31c302419ee3e4c781c52c131fb569470e41cc246e80c47700aef508e23206bc2138f99dc2af2497f0139d89955d312dd10d2c6ca884c3d77a80ee40153d4d0ad4a6d51645f4aa8c00916c807ef2246fb67401243729a85e73ab55a282bf1da1d7e6ee6c71e6f04699ffcc8a990a27a0902c177190a036156db011c5bd3b24e65c08e99e643c11ab6df5e6d14cd3079fa0b8328734a7ecfc65474ec4705de05c95899a868ab2a41a36aae8e19fd7fb7d02192f44e7e65ca924e70434e1f8579492a059f7ccb803b962b254d18363bd1a81d680f04391943ae2d5cb8dbbc7b5b913e163727df6e460e7689b319f1dc229d111d6f7f16e4779cecc62e9027a1163df751edc4cad67c22d24746da8a2705306e15a486e8b51c01da8934322f0962527e01aceba6f5f7c5eb55a2f2ce546e88689042c83291dfcee7dae61fcf9032023c7235b38ecaef3eb063a1a1ed35e38344c409fb623d37e3a8d0f49139fe75073110c59040e5ee647266884c0b9feec316df61c991e8628789307949b67cdc10b3bfbde376ac385035dc70a27fb4a0b8c6e3f0cbdae44a8eccceea39bc691df248a66718d7046a61ae8e3b9367a88f5e3f240d4caa4d84d607ec42effe52277798509680ce7264c70020fe8608cc31cbb036395ef5d18a00139f582fb60101f639d94f0115d7310d895bb2f7fe47680eb4fe3164490e1918e166523b3e3c26371673971ca8f517139402385103e8ce940852f34237618df404102a4a572757f92d573eb7f647fc94c369c92e61b616edff3512a42dcb2c46e01f39449f440be3111408ba389d4bc193c6dab1a4119eaa74f7185f181b7bf54faad9a14d51d800b468ddf83aaeb653356901f0e8ce6e5a23f356ae9d8855f854c2f4ab6c76610252b0bc8cbcda6864c162cace1cc959ede37a8a462fb323e15e1adec4764f61ea2618474f1682a553a495d6d95c026585325ae9d9b25deca51708b7668441c60ecd25eb2bbbafb624d3cf95d292785b2a381069a08330c840c81c7cd2395631f25a491c7d201088695e80b4265f30fc0c7a624d9980e49d858175a3b7d60310c0a75c66dd8f8ab183c6708050bbf50d47ca0bc1158272886683d85157d77d32f99aa7cfbfc373f7b9195229618528d074613d5c78d13af529f17c4485a9bd475503365cf11273daa3cf93392b20c2e11d0081931e9fb03a3787c2560253bb4f95fb62bbe236943e4e3d958464c95281471658efc6ad57b091dd6a9b30fa4a20ec5cd0dffda3954d404df7b5c300dbffc9939578ef1d9ca84f3fa782995f4fcc965f182e19101ff2d44400bccbf95ad3a6ae3014a98d4d664d2399270fd7d1099695f7ea2abfa0c25e0ba055c2067304ddee2fee7c141e3640554d194c4f6f890fe9f5f4e04dbb81fe1c39befb86d90ff8d54b15f7616a9e543848ba718f7c2244b2e17a249eea464c14bd090a6066624fe4b5a9112a1461b970095f7ea2e36da598608b9088e63a8987825f5a240949e22fd306c5904d730a587181df63861f0a4eb03f714f02477f84a37343cd12cbfb53359ba5002c8cbc0a22cf786746f9f890979e3c14b7c3ce3ac0135aea224f57e8efa4f243c489435e67dfdb8c214caf9e540fe60daaeb73faa699fde7113820216e740cc8d0db2d60873b55080cbe11dd9b4fb18d695d3c15195926aafdf9408d787846348c14417e1ea1091cd25b870f8c284e5844a19cb6258a0fde462c2d8aeca688b214991621004cc2396775578daabcab577c82f8a21f1b3515a85c6c8a743c2394719de018fbfd354be8c435101c9a2c7a06be43e90e211673f401549e9cbb2d828a8f5e54cb248d4b26743075d0", 0x1000}, {&(0x7f00000075c0)="c0e138358905dcf2f7fe0da5b602010ec0502602a5045498b156fba32c4c5026d519b6d18b0d97e1105f93996d9b4abf56ed88c9f5275a4a47ddd37358ba122b30b1af522c8a738a6e748ec30452ad20af9c1d47a78c17ead71c1beaffb8ae67653b7da2", 0x64}, {&(0x7f0000007640)="c965045c95adecfacce12103d3dcef3f2b42ba2e673c567e60877fa374abc19ab25c17e92abf9371b9ee61c7a1e5fe6c1bade2f993f5a3485aafdb73da52d602826b5c9e1971dffe52d6a608d57e065255855aff3388fd69e9491d0055e70dd6c34c9d383008ec059ad94700ccc19f25b87a85e23ebc85b88d4c438645e1e0d4c6f7901e8e736625", 0x88}, {&(0x7f0000007700)="79e054e1dd101ef9e77d8b974c89c77acd44e99afeaa8e2a0050036260644df582f7218d82a2522b", 0x28}, {&(0x7f0000007740)="0df69baae24eca424f433c6400db72c04ed1ee4143b291736def19457e275d32a3467ae7c0e8a99c399d86fe32bab0aa2db72801cb3c3f916b205c8c09156ddb1a26238fe23506e925a5ca06e73cf321ff4bbd057d3fb5d946d61416682cec2367e35e2b6c1ce4688258806382f955852abb71f22460b30b5f7ecd90121aa210", 0x80}], 0x5, &(0x7f0000009f40)=[{0xdc, 0x13f, 0x9, "31517ce4473b9e7364b639b9b6de0f8ca84db7c6efe55f81917bcf249f503c96921f55f77175b11af92eb66e492bcb585c4a0ea43cb72742a53ce1dbf94b63787f22cc34fdffc2d858c8c30082dee3c9eba69dff8e741e6c1b7c0b076720fc4014aa1583f2117a8e675b0a9a4a6cc79176a7910d1c0fa47104efc4ac9ed867d4beec986ad7ce76bf6722673e3a994bc436f65fee896ebeb94fb757fd3b5bf21c5f8742e33514427339fb8e69ab8b7de124dba2880a668c1d78c6f425387f00147b81d128249ea3862deccbaa1f9f98"}, {0x64, 0x10a, 0x6, "6caad2e4acf7788c7fbcd47fa8eac2096c327880dbadcad628f98375841d5412635e8c09411b808f31d4e60d04515c6ac36d3d68bdfc9f23eb1b513492afa1daf1074bc1831be26b225639b293d00663546e6b0e50e20a6b"}, {0x2c, 0x11a, 0x1, "a543b5821bdd805d2a19eee48b3b4ef6a62d5d0c74c6158faddb35b3aa9fc683"}, {0x100c, 0x10b, 0x400, "5ced7afb739ca77e6c3c2f7ae44e68e15e970900c27f9497a7f657a43dc68ee965195d49137a7150f82412fd0549033c0531296a52a95c85b4b1e79e0d3094681b35436fa7f6d3cbaaafe2865cd4fa38f7d58ccde5873b06d5ffe8833f0649977863e08022711c7c0b7369e6d571282faafb1159e1c0b36ddbc0bdc5c55bc41762d355aa30c537bc3f91945f430ab876b2955e7403e0228541c15de57e83ba181256895ca958f875f03a58469069374350f9f0c02237d957b1d1657a21c81b622aaf0706d306b4651eafb46fe6adeece9149379096b94068f7b8ac00b40c7280633a4754973d720e2d2bd03f84c0314d16fc765fae88580e502e213fecec6455a5927ae3ce9a237582b1e6aca210be23ae99830d1ac89319f31d5628a89bbdb10d2af0664ad124d04ece39fce11fa18735c991dd6cdfaf6f4fbbfc6ac5c849851ae8fa1511f0a9ebf9d21d031b1837fc8818765719bc79c6dd243e49e1676f45a4bf670375769458167a71ed7203b3e770e0389f6dbadcf44b8233d1083daf62c9f6bf484f40af3ddb99790c7c1d58007354efb53272a96dd08104ce5ad17363023077824fa6682cebcedfd5ac73a9f397126b04dd7b811d1493c185325c1357e2e88ce0854ecee783032ad125f3acc75aa23c87c2a7855d50e0b921a25e2ec97c5c205f8a1a2ec4854bcb0f5e4015b39be4c979287e4b775f8a9694acc229ef4ab520627b00bcebbef208134738aee77188fd9c3a084cb74589153b1b0d1f0f06b90581dc909beb12e873e5cd97ecdd5650e07382275181fb67bc1d881c6e982e63269e5132f43f1d2af1b015648fcc735569dd73968dfb5114f85f9c9f7794e90313e9f4c03ae6020c9f23984a49cddcaebf29830a0d3b4f6d1eafb401ed1800cd294b1ade0ad5185d7f381a0b7ab493f26112f2acc563efc338873d11857435b7c396ac053e531db30861a2550a6b398ffd5c098bac3d2bd4511edcf50a215778938d76f9f78c907d7996f65a8bbd52f4416da039bbaaa840c9ef2ce90b0f9bb04d6c4dfa63c4efe53ffc2b5ad5e05fdad0243fac9f7086e23149931959280a254073d221f33bb1b7d026fde30579e93b76429954576dbc236c29db629bd997788ed0a2ef6d6a66faf9fbe909dcb1593d4a9b3a1cf893a3bee827f140184f189ea578b1f4367eadcba741ddb9698495a4c2d526a941456d3e6add9c79b9345fed393777960b0fac37c09a705bc2252e6c102db287da2e04593547be55fc56f8cd150afaa7da5b09886affce558922e192aa962ac94e5a9015c744016491959d8e0872029b98bf360dc654a0750d0d8cac0fdd5326cb1b785cfdeac9119aaf2aa09373d39ee4c3b89dc2c4228fdc7a018f18004753ee430ec44e82d4a6bd54b4113c91ad4f779743224d460d85e97f648a667fdef6673446f3b39ace9fbed810d75d20caa8d88b3e65b8ddbc3c0cf03a762a1def533e08cf723d0282113be861751bfc90673cda70e6f5921d882af57bd3005178274cbe4b1f1b9b5a17d3580d7a9dd4b569e17ede6ece466807f4b433e218cef6fc6b95094360530307a9b43ab5073ed5e294ff377552b2164b612bbc5c89743fc34e5199c273dba88f6bc8df33eeecbe4e72ec16773e02dfaa3353a7d94097314c29d5c3c6a6f21c3deeb7850830fcc91f086b8581c5dca8903104eb066b7b099096e9d32e6c63f3170af6119f95039e8d0cce28177f953412df775ee9ca167de0d93330d64c76c50fa8dd482bda32df522806a08efc698d4e5b514715232e3e73b3665b7ca98a5792fa1f36282112851c4985e74e5555efd90af8680e3467ab77e6045f908394d2c65d6369cd03a017e7e0cf854909345d0ecf8ddca3e2bc354c11e41b3ad6227b2897c5a6c93f4d4bdbec3ca38b1c47f630f73333de9edd8155da68610fb7615fc12fffd97456eaefea371d4dd96a5e37098092efb1f7a0922d505122a49f2d14b124f8a44a2d2c63ad2eb44b92bd5ce58441c50629cf2809b6e116abfe9e3042f7fa4bf14c51f18b67cbd6a16a0884ac85c1835c48dd57a50a6475aaf05f625662c590f2243de21215a0432094c9dcbfb63d386321cd488b78bc10275d5e3deb3068d84473f4c5be583ce2bc9ad61bcc4f318a70f3c205fb2dacb91c68d2fecd1fe3f8df4f8726c9d633e97321d1490065a086cb460574395138c2e1e5381e678a883498fb8107058f3a9ea12254a624af415ff381ce4af4052aef93d3cbdeda1a63839e1934900bade455066980e4a765a7fc500c491e43b30f32305726ebe6b408080b91fe68855ae018cd19ed749e6cb26a750491453e2ef2068f8bdbec6f72f2e1070aad8808cf08c1381736bcb63fa7a0cca49ca654b06b7ad4672d1873b9dd4e3fa3fe8591eb35c0847945063837ab2e2e0a1b48edf7fdd41a02be0c8b5539fc386386b33a3a099cebfca275aeb78e82ed7c997da660663905936f726c2b7f1c6c510e8b96fe65d287665f3ee81e8410b1840a2511e72d00a9628df258ba06b792a0ef8b240499323ae2457b8eff23cfff4bcb90b660bf0618e085c4610a5bb126614aa302461f60d9607b6d304601e61e6212ffe7dec36a75ee981ab5cc8d898acdb3ad9d1c0cca7d8f3d592c366baa99c2477203bf133fd2b0f4d776a185de24711fcf3b8d38f78085ac15c4f1ac70163ff9aae06b5f3fa951aebf3afbd01b3878a5a82c1efd784f99bf39fb3effce84e9c6e3d51ab323fb0f39b1e44e044d6a0cf1e78140ec0f05f0ae23486bed112cde807fda6c5396d03cdba5c7683685a284f50a3225144bad8460f5150be828ad300418e08a8c2c408a2ab626d3b032cd1ba8fc2ad414b2cbc3f055f6adf085453b7a1842771510d12697a235e26a765d0275968ddcbdcf6bb1e73a78193e63ff6ff89596897a432299459bde549016f43c2ddda556a3e09be2bd457b9e43bfd3f4a9d61cbe5647bd379e669e991e45591227d05724c17f054b096569e756fd7d4dd3afdb4ad528334f8d0a78102f4bfa20e9114837a88761a3faf43d1728502429e55920734f1adcb9a4139f4c26456b9846fe3a1a090061fef7d36f7c5bc39c06c399ae570d904b1b779a535ec19ee8b97ad290b96fba8d7bf3e1178b4a545ab32a359b91721c662bdb95d85073f8a22a4705d9ba8520b0bdb0791179d2ab8934ca3339252ca4d68971cf6707edef335ab80ce7e84bc5447646e0f5cd737dd669c1fcac964fe919f8dc630ed4fc302943c00c0377389a8a162dcfd9e1109980784b638e8bb1d8d229bd738fb21676c7852232d0a0256540c40ff3536cd77e928dbad43e0c90a9740a542970fbbaaf11e27f3fd48190deae1d76868522a9cfc9643839b785246be2923e6120709ee99e6cd8f7b4747c100b78cb1c0a9cdf2e96c6b1a071083dc068e6685bfe98c94eb26ecde79f3fd4287a5726d55aa03344a87d972eddfd847eeffa19ac9ffc05e69150b460b6ba228a208974a4d0bf095a612f2b7e91a4f8426b81536a839c6a6ec57a8265c3d489f3a21341a08685c18a379bd5277038fa2e725f7deb75e2950a232fddf651369d7c3e95c26c0d66d672d9f93e8e269b0c47d47d282b2efa1bde89c851433d99a654d9c81b24cefbe5280eaac39a78570d08d666bbf5380f67b31d75837d89a3d65e5c321ed37f77dbc3a7cb9e03bd5ccd65f06a7b35c6049ea4993a89e4a952be5b6d64604bd7608100ea8bfac2b7ea92610445c0ab69f09806d23ffac6167555901cc9ccb77b5ed49d5896026f802eb89faa5014a9719ab2d36bc4a357f715e8d9a2252ce3f941589d425c44e9a5f587926019bec46e78e68d57d04eee529f7c8acaf85f8394f6fa823364008faa8ce355daae93edb5000b047b4a4074b5392b59e565759081abed8e98abd3a3d912ee66ac4627e0edacca2d227e9a0f417a395c2d6932ed67d0a53211e7c88b4e5fc7e997b52f16cbcf05be2b53ccce47965699c2c85f3fb6794e7592b3fdecd5afb60c7fb55df47542f4885355b09c55fd78bec687dfcd6f0abbf1e7e7a8bca2b547ace8cd0186db6c670e1e60d886eb082111dc364b71033a81740d5b37367bf83bd85349c76e1fd390aa44ab97fe3af0841c783215998d7989187e1da38851c74d27b9da3c5c6991d49b237bc8d210a694f963b9446815481945612599e16387bf5ce3f74f9cdfb3f1697fc29c196b36d435b0d69f43e71848b0f190090573770a5e1d095a7ff432df98ef0c5bb403279ceecea5cb9e8a952ea2ca2deab27cf3fa93404dc074294bfaa0fc669272e3ad3b68bdd31c818120f172abb9ac780cc6f828564616d2ea6db73683c5487f4570e9e8720c5a00d6d42a66ee57d15d723fd8c11a1632e2dc21e814ef1519c0c05ea25820c155e47937cc2c24287c21d54f2bea1d437255b00415df20c4defaf240318642ab3a0fedb1de40075ceeff22f750f68e04617a6c1e190a3c5f9f74cf214c15a06f6e966a05fc9f550746105648f85a8334274da9f42ca68e029b2c2b2826a959d8adbbd444557c67c17e852fdd0b8463dfee0b6db4edb280ea0a423422e22dc0444226fd60b3dcf57a855403fd97d97b708208337f1f1befec561f7ac8082728eac0d5ddc8d0382ef17bdce3bcc6463fe24e3d393c6999676d84e2c865cc9db96c31b9b681e83cfc415038686a409c817c988bf968ae4842f9a8ff178950c321b6c9aac9e4f0ea9a8355f20b29c5c49706f90f00e2d8a6b12fcb86979e99be2690a6b48dcaaf81bfc2b8f2d3aec44f9f47a243904364eeaabf38bd9b0fab59544f30da26553627c6e94f2c59ba29c83c72c205dff2700a94d32a3595789012beed4418f3ba93abbe3a4b7424852ecccbfe64e4d95f8e4ff405a49b0dcf06bee26202965864e5148e36be3ee173d50e775b5f88283c5273dc3f486a8e51eee8bbaf51f246ee28fa0eb721853b70fb367688b262f98d0af7878c79bf44871a100b910a0f82bd989e389374a8e6c8efc10165462967b264f3b4f7c48c8377b52a00834b64865281cabe004fe86987c1b0940809106ca7eb68ff985bbb6e3da0f07221c07fa442189fd84cfe1c7722e76dcc7b36bddda87cdff7f637581aa717946963a483a52f84a2d39ce1487a9231da0ce604d000876aace752359ba00e178222bbc8236482b60fa8573744849438019f6b221a47dd8cb9ec0e68959d43a39cd4967398da0a595f6166319d756e3aab29f1d02139dccf83c0d7fb0cd2c7de4e8d21e2dd1ba58bb378702679ea39b9230255b7b29a6d4305d86d31b17e12fa18bab26b4c3a077d5ad0ca3e6a61de477dec1c29bd105ff9655aad2cf0a787869ba6e51f1d68f52c60ffcd9dd0083de29d4432deb304af6326a0d4bfa0d10d72499aae201b6ebc2eccb5337df3698efc1909ef8eb818730502b4c843840a4cb482f4d72e06702083e0e384ec5eb906161b60f52af3ffc35d078b2f6b79e47f4910578c501486ade1abd173d31b15e0ee5776b8a0dec00ec9eb10577eaaad462feb473ea0ba51e8c466ed388b9e05e0ab99feba47c28b12caf90850574ecdd45759b86816ebff37c8263d410173be63073aa2cea6737ab2b10a8e2cecc83b0e2d603bcfa65debe95d8f4679cacebb97167d952f6472217f943572b02ec28995920e73332fdd07d1940aee28998a6ba8db368a7cb74b3faa11112efbffd4e3f2f1066b31351d77a30ab8a0a5215076d65451990ac9f87cf7452165a369ab9f0ffcc50046c83718e9c3f25d5e12a114a71ce9a5f9364958c1300b"}, {0xb4, 0x117, 0xff, "416e13b9d64e7ef405832b0ba73a28937b180a6d5c4430e6d41621ac6a05acb09762969b00d85241d4414a759eb6b8c7eaa095a295ff5693ca0aefdac21d263042d988ec6040e8316ff6c4f3504e0d613d51c3fe48f4fadba5d01dbbbe3aeb04a3b2a345076cce71b54223d5ee26f3947b17bf1d749a1b1bd6f7719d47524ca3ff5584a76f74675b6de939473f9fa6e5559544e17b146bddd31939395e53c8f4d88f3c8da9f5"}], 0x122c, 0xc000}, 0x8}], 0xa, 0x880) bind$alg(r1, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia-asm)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000000c0)="71e67a11cdf8311cfc093a52a7d86bd1", 0x10) r5 = accept4$alg(r1, 0x0, 0x0, 0x0) r6 = syz_open_dev$adsp(&(0x7f0000000740)='/dev/adsp#\x00', 0x4, 0x400102) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r6, 0x84, 0x13, &(0x7f0000000780), 0x4) socket$alg(0x26, 0x5, 0x0) recvfrom(r5, &(0x7f00000007c0)=""/127, 0x7f, 0x1, 0x0, 0x0) sendmsg$alg(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002480)="9cf1e077b41e31a35d5dd73b3548bbe26c6ee6cfc8f5ffdd30987447d0f97d1d4567253fd2fc03a3282aafc229e4dbba3c3b7bb49c9dda27457178235160764c78ab005e0f3ffeceff9c7f8db587a7a96642b7f1ad77d1917f63119ed9fd1aff5974a337c7a8a328026de455e524c9b2e587ef5a28925c2fe952484593dba42bfedf2734bab2f921a97d8f64b41cb7ed8be57176d171ed1e077634a0082e466d5c2759a8401d4901d0ba407441c55a7b38304f19929787e9272d2f27c55ef324ee0b34be424ebb7e02c202bae363640f", 0xd0}], 0x1, &(0x7f0000000180)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}, 0x0) recvmmsg(r5, &(0x7f000000bb40)=[{{&(0x7f0000007a00)=@hci, 0x80, &(0x7f0000007bc0)=[{&(0x7f0000007ac0)=""/222, 0xd2}], 0x1, &(0x7f00000002c0)=""/214, 0xd6}}], 0x1, 0x0, &(0x7f0000000040)) [ 1386.002691] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1386.047572] FAULT_INJECTION: forcing a failure. [ 1386.047572] name failslab, interval 1, probability 0, space 0, times 0 [ 1386.058934] CPU: 0 PID: 23015 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1386.066312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1386.075678] Call Trace: [ 1386.078306] dump_stack+0x1b9/0x294 [ 1386.081960] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1386.087197] ? unwind_get_return_address+0x61/0xa0 [ 1386.092149] ? __save_stack_trace+0x7e/0xd0 2018/06/01 03:16:12 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1386.096502] should_fail.cold.4+0xa/0x1a [ 1386.100603] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1386.105741] ? save_stack+0xa9/0xd0 [ 1386.109470] ? save_stack+0x43/0xd0 [ 1386.113114] ? kasan_kmalloc+0xc4/0xe0 [ 1386.117013] ? __kmalloc_node_track_caller+0x47/0x70 [ 1386.122158] ? __alloc_skb+0x14d/0x780 [ 1386.126071] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1386.131363] ? ip_make_skb+0x2be/0x350 [ 1386.135260] ? udp_sendmsg+0x24ec/0x35e0 [ 1386.139335] ? inet_sendmsg+0x19f/0x690 [ 1386.143326] ? sock_sendmsg+0xd5/0x120 2018/06/01 03:16:12 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0xffffffffffffffff) r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0xfff, 0x200) ioctl$BLKALIGNOFF(r1, 0x127a, &(0x7f0000000080)) prctl$setptracer(0x59616d61, r0) [ 1386.147225] ? __sys_sendto+0x3d7/0x670 [ 1386.151209] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1386.155552] ? do_fast_syscall_32+0x345/0xf9b [ 1386.160085] ? find_held_lock+0x36/0x1c0 [ 1386.164184] ? check_same_owner+0x320/0x320 [ 1386.168528] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1386.174103] ? rcu_note_context_switch+0x710/0x710 [ 1386.179055] __should_failslab+0x124/0x180 [ 1386.183333] should_failslab+0x9/0x14 [ 1386.187168] kmem_cache_alloc_node+0x272/0x780 [ 1386.191778] __alloc_skb+0x111/0x780 2018/06/01 03:16:12 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000004ff0)={0x3, &(0x7f0000002fe8)=[{0x1d, 0x0, 0x4000000000401}, {}, {0x6}]}, 0x10) write$binfmt_script(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2321e72e2f66696c65300a"], 0xb) [ 1386.195954] ? skb_scrub_packet+0x580/0x580 [ 1386.200306] ? dst_init+0x459/0x600 [ 1386.201319] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1386.203954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1386.203986] ? ip_generic_getfrag+0x11c/0x2d0 [ 1386.204013] ? ip_reply_glue_bits+0xc0/0xc0 [ 1386.204034] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1386.204051] ? skb_put+0x17b/0x1e0 [ 1386.204073] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1386.204093] ? ip_reply_glue_bits+0xc0/0xc0 [ 1386.243708] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1386.249528] ? xfrm_policy_lookup+0x70/0x70 [ 1386.253870] ? ipv4_mtu+0x375/0x580 [ 1386.257539] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1386.265089] ? find_held_lock+0x36/0x1c0 [ 1386.269203] ? ip_setup_cork+0x44d/0x6d0 [ 1386.273284] ip_make_skb+0x2be/0x350 [ 1386.277012] ? ip_reply_glue_bits+0xc0/0xc0 [ 1386.281347] ? ip_flush_pending_frames+0x30/0x30 [ 1386.286126] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1386.291689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1386.297246] ? xfrm_lookup_route+0x64/0x1f0 [ 1386.301585] udp_sendmsg+0x24ec/0x35e0 [ 1386.305503] ? ip_reply_glue_bits+0xc0/0xc0 [ 1386.309834] ? udp4_lib_lookup2+0x340/0x340 [ 1386.314171] ? graph_lock+0x170/0x170 [ 1386.318032] ? expand_files.part.8+0x9a0/0x9a0 [ 1386.322621] ? check_same_owner+0x320/0x320 [ 1386.326960] ? lock_downgrade+0x8e0/0x8e0 [ 1386.331099] ? lock_release+0xa10/0xa10 [ 1386.335069] ? check_same_owner+0x320/0x320 [ 1386.339564] ? __check_object_size+0x95/0x5d9 [ 1386.344054] inet_sendmsg+0x19f/0x690 [ 1386.347848] ? __might_sleep+0x95/0x190 [ 1386.351812] ? ipip_gro_receive+0x100/0x100 [ 1386.356142] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1386.361691] ? security_socket_sendmsg+0x94/0xc0 [ 1386.366438] ? ipip_gro_receive+0x100/0x100 [ 1386.370756] sock_sendmsg+0xd5/0x120 [ 1386.374477] __sys_sendto+0x3d7/0x670 [ 1386.378273] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1386.382949] ? wait_for_completion+0x870/0x870 [ 1386.387542] ? __lock_is_held+0xb5/0x140 [ 1386.391632] ? __sb_end_write+0xac/0xe0 [ 1386.395967] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1386.401493] ? fput+0x130/0x1a0 [ 1386.404761] ? ksys_write+0x1a6/0x250 [ 1386.408549] ? __do_page_fault+0x441/0xe40 [ 1386.412786] ? __ia32_sys_read+0xb0/0xb0 [ 1386.416844] __ia32_sys_sendto+0xdf/0x1a0 [ 1386.420983] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1386.426087] do_fast_syscall_32+0x345/0xf9b [ 1386.430413] ? do_int80_syscall_32+0x880/0x880 [ 1386.435089] ? _raw_spin_unlock_irq+0x27/0x70 [ 1386.439578] ? finish_task_switch+0x1ca/0x840 [ 1386.444166] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1386.449698] ? syscall_return_slowpath+0x30f/0x5c0 [ 1386.454972] ? sysret32_from_system_call+0x5/0x46 [ 1386.460084] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1386.464928] entry_SYSENTER_compat+0x70/0x7f [ 1386.469332] RIP: 0023:0xf7f63cb9 [ 1386.472684] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1386.480410] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1386.487672] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 2018/06/01 03:16:13 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1386.495030] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1386.502298] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1386.509643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:13 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:13 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@dev={0xfe, 0x80, [], 0x1e}, 0x0, 0x10eff5bfca45c7a0, 0x0, 0x0, 0x8000}, 0xfffffffffffffeba) 2018/06/01 03:16:13 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1386.625378] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:13 executing program 2 (fault-call:2 fault-nth:62): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:13 executing program 6: madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0xc) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@mcast2, 0x0}, &(0x7f00000001c0)=0x14) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000200)={@remote={0xfe, 0x80, [], 0xbb}, r1}, 0x14) mkdirat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x1ff) mkdir(&(0x7f0000000000)='./file0\x00', 0x28) r2 = getpgrp(0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x7}, r2, 0x0, 0xffffffffffffffff, 0x200000000000000) [ 1386.750804] FAULT_INJECTION: forcing a failure. [ 1386.750804] name failslab, interval 1, probability 0, space 0, times 0 [ 1386.762126] CPU: 0 PID: 23056 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1386.769524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1386.778896] Call Trace: [ 1386.781509] dump_stack+0x1b9/0x294 [ 1386.785158] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1386.790707] ? unwind_get_return_address+0x61/0xa0 [ 1386.795652] ? __save_stack_trace+0x7e/0xd0 [ 1386.799985] should_fail.cold.4+0xa/0x1a [ 1386.804058] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1386.809849] ? save_stack+0xa9/0xd0 [ 1386.813470] ? save_stack+0x43/0xd0 [ 1386.817087] ? kasan_kmalloc+0xc4/0xe0 [ 1386.820975] ? __kmalloc_node_track_caller+0x47/0x70 [ 1386.826087] ? __alloc_skb+0x14d/0x780 [ 1386.829976] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1386.835154] ? ip_make_skb+0x2be/0x350 [ 1386.839039] ? udp_sendmsg+0x24ec/0x35e0 [ 1386.843087] ? inet_sendmsg+0x19f/0x690 [ 1386.847060] ? sock_sendmsg+0xd5/0x120 [ 1386.851030] ? __sys_sendto+0x3d7/0x670 [ 1386.854999] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1386.859324] ? do_fast_syscall_32+0x345/0xf9b [ 1386.863823] ? find_held_lock+0x36/0x1c0 [ 1386.867893] ? check_same_owner+0x320/0x320 [ 1386.872217] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1386.877749] ? rcu_note_context_switch+0x710/0x710 [ 1386.882680] __should_failslab+0x124/0x180 [ 1386.886911] should_failslab+0x9/0x14 [ 1386.890703] kmem_cache_alloc_node+0x272/0x780 [ 1386.895300] __alloc_skb+0x111/0x780 [ 1386.899038] ? skb_scrub_packet+0x580/0x580 [ 1386.903488] ? dst_init+0x459/0x600 [ 1386.907287] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1386.912817] ? ip_generic_getfrag+0x11c/0x2d0 [ 1386.917306] ? ip_reply_glue_bits+0xc0/0xc0 [ 1386.921624] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1386.926635] ? skb_put+0x17b/0x1e0 [ 1386.930169] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1386.935182] ? ip_reply_glue_bits+0xc0/0xc0 [ 1386.939505] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1386.945303] ? xfrm_policy_lookup+0x70/0x70 [ 1386.949882] ? ipv4_mtu+0x375/0x580 [ 1386.953501] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1386.958943] ? find_held_lock+0x36/0x1c0 [ 1386.963015] ? ip_setup_cork+0x44d/0x6d0 [ 1386.967247] ip_make_skb+0x2be/0x350 [ 1386.970955] ? ip_reply_glue_bits+0xc0/0xc0 [ 1386.975276] ? ip_flush_pending_frames+0x30/0x30 [ 1386.980036] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1386.985577] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1386.991102] ? xfrm_lookup_route+0x64/0x1f0 [ 1386.995420] udp_sendmsg+0x24ec/0x35e0 [ 1386.999317] ? ip_reply_glue_bits+0xc0/0xc0 [ 1387.003666] ? udp4_lib_lookup2+0x340/0x340 [ 1387.007986] ? graph_lock+0x170/0x170 [ 1387.011797] ? expand_files.part.8+0x9a0/0x9a0 [ 1387.016377] ? check_same_owner+0x320/0x320 [ 1387.020793] ? lock_downgrade+0x8e0/0x8e0 [ 1387.024934] ? lock_release+0xa10/0xa10 [ 1387.028913] ? check_same_owner+0x320/0x320 [ 1387.033239] ? __check_object_size+0x95/0x5d9 [ 1387.037815] inet_sendmsg+0x19f/0x690 [ 1387.041615] ? __might_sleep+0x95/0x190 [ 1387.045586] ? ipip_gro_receive+0x100/0x100 [ 1387.049906] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1387.055437] ? security_socket_sendmsg+0x94/0xc0 [ 1387.060617] ? ipip_gro_receive+0x100/0x100 [ 1387.064935] sock_sendmsg+0xd5/0x120 [ 1387.068641] __sys_sendto+0x3d7/0x670 [ 1387.072459] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1387.077504] ? wait_for_completion+0x870/0x870 [ 1387.082082] ? __lock_is_held+0xb5/0x140 [ 1387.086145] ? __sb_end_write+0xac/0xe0 [ 1387.090124] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1387.095649] ? fput+0x130/0x1a0 [ 1387.098928] ? ksys_write+0x1a6/0x250 [ 1387.102718] ? __do_page_fault+0x441/0xe40 [ 1387.106967] ? __ia32_sys_read+0xb0/0xb0 [ 1387.111110] __ia32_sys_sendto+0xdf/0x1a0 [ 1387.115269] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1387.120280] do_fast_syscall_32+0x345/0xf9b [ 1387.124605] ? do_int80_syscall_32+0x880/0x880 [ 1387.129282] ? _raw_spin_unlock_irq+0x27/0x70 [ 1387.133853] ? finish_task_switch+0x1ca/0x840 [ 1387.138341] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1387.144050] ? syscall_return_slowpath+0x30f/0x5c0 [ 1387.148996] ? sysret32_from_system_call+0x5/0x46 [ 1387.153844] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1387.158682] entry_SYSENTER_compat+0x70/0x7f [ 1387.163079] RIP: 0023:0xf7f63cb9 [ 1387.166437] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1387.174238] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1387.181497] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1387.188765] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1387.196029] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1387.203290] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:13 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200091b1bc0000010000400c3f00000000000000000000000000000000000000"], 0x1}, 0x1}, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x20000, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f0000000100)={'filter\x00'}, &(0x7f00000001c0)=0x50) 2018/06/01 03:16:13 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000340"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:13 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x1802000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:13 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x40040, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000001, 0x31, r0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)) 2018/06/01 03:16:13 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x40000073, 0x0, 0x80ffff}]}) 2018/06/01 03:16:13 executing program 2 (fault-call:2 fault-nth:63): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:13 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) write$binfmt_aout(r1, &(0x7f0000000300)={{0x107, 0x80000001, 0xda28, 0x4b, 0x1af, 0x1f, 0x1c8}, "f467f410783861a708a181427aadc2e9fbf88b49af646a906a0ff4386ba96a6c7c863ea84da634ed97acc749a0b1ec562b24f529bbb008080426bab450e8cd8bf4021d6fd5b57a464a1050931a08030231f7406debc149e460236264c5e8767a15aa5b538214b21c92e696093c46adc841686dfe0cea65e3bfb98a6663fcf765aa8461cc42d5017ee1ad7613aea7cf8baf3a0e88ce07c8", [[], [], [], [], [], [], [], []]}, 0x8b7) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) ioctl$KVM_NMI(r2, 0xae9a) write$binfmt_aout(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="a1e7f3547a091ee06150789c425ddd"], 0x7) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/06/01 03:16:13 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1387.327153] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1387.366870] FAULT_INJECTION: forcing a failure. 2018/06/01 03:16:14 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1387.366870] name failslab, interval 1, probability 0, space 0, times 0 [ 1387.378207] CPU: 0 PID: 23081 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1387.385595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1387.394975] Call Trace: [ 1387.397582] dump_stack+0x1b9/0x294 [ 1387.401233] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1387.406437] ? unwind_get_return_address+0x61/0xa0 [ 1387.411389] ? __save_stack_trace+0x7e/0xd0 [ 1387.415813] should_fail.cold.4+0xa/0x1a [ 1387.419892] ? fault_create_debugfs_attr+0x1f0/0x1f0 2018/06/01 03:16:14 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x8994, &(0x7f0000000040)={'bond0\x00', @ifru_data=&(0x7f0000000080)="e54a072b55ab5ac152086866a43c34bbeb5ca8bea503b236d6cfe77689dc4870"}) ioctl$sock_ifreq(r0, 0x89b7, &(0x7f0000000000)={'bond_slave_1\x00', @ifru_mtu=0xb8}) [ 1387.421205] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1387.425451] ? save_stack+0xa9/0xd0 [ 1387.425469] ? save_stack+0x43/0xd0 [ 1387.425487] ? kasan_kmalloc+0xc4/0xe0 [ 1387.425502] ? __kmalloc_node_track_caller+0x47/0x70 [ 1387.425530] ? __alloc_skb+0x14d/0x780 [ 1387.425553] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1387.459023] ? ip_make_skb+0x2be/0x350 [ 1387.462929] ? udp_sendmsg+0x24ec/0x35e0 [ 1387.467002] ? inet_sendmsg+0x19f/0x690 [ 1387.470992] ? sock_sendmsg+0xd5/0x120 2018/06/01 03:16:14 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1387.474890] ? __sys_sendto+0x3d7/0x670 [ 1387.478873] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1387.483206] ? do_fast_syscall_32+0x345/0xf9b [ 1387.487716] ? find_held_lock+0x36/0x1c0 [ 1387.492080] ? check_same_owner+0x320/0x320 [ 1387.496421] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1387.501964] ? rcu_note_context_switch+0x710/0x710 [ 1387.507164] __should_failslab+0x124/0x180 [ 1387.511396] should_failslab+0x9/0x14 [ 1387.515189] kmem_cache_alloc_node+0x272/0x780 [ 1387.519785] __alloc_skb+0x111/0x780 [ 1387.523580] ? skb_scrub_packet+0x580/0x580 [ 1387.527904] ? dst_init+0x459/0x600 [ 1387.531552] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1387.537086] ? ip_generic_getfrag+0x11c/0x2d0 [ 1387.541571] ? ip_reply_glue_bits+0xc0/0xc0 [ 1387.545888] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1387.550888] ? skb_put+0x17b/0x1e0 [ 1387.554417] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1387.559428] ? ip_reply_glue_bits+0xc0/0xc0 [ 1387.563756] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1387.569547] ? xfrm_policy_lookup+0x70/0x70 [ 1387.573868] ? ipv4_mtu+0x375/0x580 [ 1387.577485] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1387.582938] ? find_held_lock+0x36/0x1c0 [ 1387.587002] ? ip_setup_cork+0x44d/0x6d0 [ 1387.591055] ip_make_skb+0x2be/0x350 [ 1387.594854] ? ip_reply_glue_bits+0xc0/0xc0 [ 1387.599176] ? ip_flush_pending_frames+0x30/0x30 [ 1387.603931] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1387.609466] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1387.614990] ? xfrm_lookup_route+0x64/0x1f0 [ 1387.619304] udp_sendmsg+0x24ec/0x35e0 [ 1387.623181] ? ip_reply_glue_bits+0xc0/0xc0 [ 1387.627495] ? udp4_lib_lookup2+0x340/0x340 [ 1387.631807] ? graph_lock+0x170/0x170 [ 1387.635599] ? expand_files.part.8+0x9a0/0x9a0 [ 1387.640176] ? check_same_owner+0x320/0x320 [ 1387.644506] ? lock_downgrade+0x8e0/0x8e0 [ 1387.648717] ? lock_release+0xa10/0xa10 [ 1387.652679] ? check_same_owner+0x320/0x320 [ 1387.657078] ? __check_object_size+0x95/0x5d9 [ 1387.662000] inet_sendmsg+0x19f/0x690 [ 1387.665796] ? __might_sleep+0x95/0x190 [ 1387.669845] ? ipip_gro_receive+0x100/0x100 [ 1387.674155] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1387.679684] ? security_socket_sendmsg+0x94/0xc0 [ 1387.684426] ? ipip_gro_receive+0x100/0x100 [ 1387.688745] sock_sendmsg+0xd5/0x120 [ 1387.692458] __sys_sendto+0x3d7/0x670 [ 1387.696249] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1387.700911] ? wait_for_completion+0x870/0x870 [ 1387.705511] ? __lock_is_held+0xb5/0x140 [ 1387.709914] ? __sb_end_write+0xac/0xe0 [ 1387.713892] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1387.719416] ? fput+0x130/0x1a0 [ 1387.722692] ? ksys_write+0x1a6/0x250 [ 1387.726481] ? __do_page_fault+0x441/0xe40 [ 1387.730719] ? __ia32_sys_read+0xb0/0xb0 [ 1387.734769] __ia32_sys_sendto+0xdf/0x1a0 [ 1387.738905] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1387.743909] do_fast_syscall_32+0x345/0xf9b [ 1387.748220] ? do_int80_syscall_32+0x880/0x880 [ 1387.752791] ? _raw_spin_unlock_irq+0x27/0x70 [ 1387.757284] ? finish_task_switch+0x1ca/0x840 [ 1387.761772] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1387.767307] ? syscall_return_slowpath+0x30f/0x5c0 [ 1387.772236] ? sysret32_from_system_call+0x5/0x46 [ 1387.777068] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1387.781915] entry_SYSENTER_compat+0x70/0x7f [ 1387.786317] RIP: 0023:0xf7f63cb9 [ 1387.789667] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1387.797378] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1387.804644] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1387.811901] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1387.819155] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 2018/06/01 03:16:14 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000007fffff"], 0x60}, 0x1}, 0x0) [ 1387.826435] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1387.865910] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:14 executing program 1: madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xa) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x7, 0x400202) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2}) 2018/06/01 03:16:14 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:14 executing program 3: r0 = memfd_create(&(0x7f0000033ff3)='\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x20005) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000037000)={0x0, 0x0, 0x0, "9ede7a8c5ae95e48000000000000007f4f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa0500000074dbcfa6dc4d"}) write$sndseq(r0, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, @tick=0xfffffffffffffffd, {}, {}, @ext={0x0, &(0x7f0000038ffe)}}], 0x1c) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000180)={0x4a48b125e136573}) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_getroute={0x1c, 0x1a, 0x30, 0x70bd2b, 0x25dfdbfd, {0x2, 0x20, 0x0, 0x5, 0xff, 0x5, 0x0, 0x8, 0x100}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x41) 2018/06/01 03:16:14 executing program 6: r0 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) write$binfmt_script(r0, &(0x7f0000001380)=ANY=[@ANYBLOB="0abf330b"], 0x1) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f0000000180), &(0x7f00000003c0), 0x1000) sendto$ax25(r0, &(0x7f0000000180)="a6457c2d2cae81e2e80251fd454be10697e71a9b61b6018d0c50f20226d28d71d80dbd0287612a78c9a5b8a202ab6c24588041307c4d661d2007862d34fc05d6821bcf33a8f7baa9de333fed013039e0f96b93e343a8fd1223343f8c45f6174bda4c60b8ba261c8df01c707143e9f65abea4899b044a189e67838996d6ce954c428f88552200c1a2ceb6187789b31cd01c978ef233b46465dd45f1feeb4db296c5fbfa5f4df48aec059d736bef4837ecdb591cd53fbf37501df1ba2a9aed4e8500f3736877bc68bb70cf4f01b02c364a432dac8a3969d88f96dba33bbe482115663e44f63d3f480f0a1a92a479f757b8443fcdfbaa25ae725b472d72125040fa1748248fa2d9aec634427b30bc556c54b5e408d21e7cf2ee46453e03392a6666800a43203a3962ee2f31dd40244db50a5866667a3bcb5877e6ce5754f861a916ae66d19fe62dfe1609c0812912f3bab4521418f05f79573e9f37ce9f757d76d3ebfb1e0d11ee46444ef272a4e76013e37708ed468d1b1547e1ebcb0e093db5f2af88828fd4484280615e83897abc8e5f895d3f1813aaf5c92f0ba35934b546bf989829774a3f8759e3e269673d93edc8fccf320e0461ccf93f7ad49d796a6ffd8bfa5dcb97b830287a58ee52fec75a8f64a9b4caec18609b72c9342831f085c1c3d43df0843be7b7dbcba679440cf644822175109e93a0920d8e3e456c801478ac51ff708b56c6418799ed5a3f996072b8b7cf243151ed23edb566c79b64b3e7dde47466697790cb83cdaa041e6d9407c394adcbb777cc392105cb84b51a42c763444b43840a29710efdeb3197132fcfbd5e77c58cc72fa9173c6bb4e07e9f61face41459fe15c3f41f13413ea56830dba059680c3137c529441f5997674d1ecf0350a74a8b793dfec998eceba75610d73f1b9fedd3a656388e88cb8868093107b5991e80fcd54d4fd6ef8a48a6e96402b2b7c6d1f4752ab8d226eae5d54dfc8155d87ed3520efbc15b0eb18876fc52da214956215b05698ab03eec52094139d1fedffd7cbaeba2e518a40bddc4ec0a15952c671a4e9a0c4fdcdca91c6f7a3bb407d80c204287fa53080f92e8da46cf0d1c9273e30c2a7e33341c487488e1f60652c2046e19a0d5ef23cb717f4d2aff6158a6eaed0420726a62609684d3f83fb45078bea0bff87d653b3aa457b0dd287073140f668327c85b93b70fd82d80d4717e1ee199e3a8d63eb926c28094dd3554502a160c191cfa28580f56e3e51bc0418fe26d1b92502ab84728119e62c7e295256af453f002e7aad43ee8630648b10744491a02cdc516e2309119eab4135e5259349f162670cf40bcb0e6d210041813b49388e5b668ba09e00c7550f703757d003a415084b67d1a8e1bff5553d6174b625a36aaa5731b7f72e8d6881aff49dfb5f051281c177ea3af4e47573220e593a82c911b02b4284a766340725b4c0a08a728b8424d021be20051e7298fda1f7ea2f94bff760ea213b2193c24ea21e830a1af60c5f41357f282765e907799372ca527af2e9b7f9e2f24da04e754484051cbb17297dab92946491f816c690857fd906a1cb4d2f74031ea696b097e24ac6ffe7061f6b8c5d7b19525a088cbd34b139b9690ad7525c53702f8513dcd3587f99c5c9dd49855e23b14ff6363429f4e26e9e9a335069713d78987586996033496fec0a1d675b8568ab8fbdf11d4ba22fb467d9e9d2bea64ee540dff9c3a50efc87d2c9fca2d7b820e193993ec9e05c288cda774ccd9c2a546b36b0796ab64bd4666f2381a510bab99f83e714e914bf6ff68c4715dfd595755932986ee409623984b7efe95802d6d0a71514915b047cd6fd125fc1a5148d376e0c1da5e25d2a440c8092a96f4df996252ae7b457623f3d7009f1c2bb1970870969e54238c81aedc591c41fdb8a7cf7b0bcde67451900c4829c7d1c52fd51c3145ec086ba328057480145d18ef413a745e22dde3eb643b0f21f2ee7ba78ea50b7d16a4eda3bb3493ba8683a4ddf79037a7998d3535fce9e8724afd4ddd05cb1d75b95724306b1fb14af950366ccef2a79e895f75ea7a74a2b5d05a958f5bf71fb18b7c73ef0a1e73255c79b7aa2612ccedaae1e4a80a926fbada38321a5833c9363ac806a480aaf7f3c20b74cfc16d79859bde0def6c7bf18f70f4f5df67edec2b12193551efae503407ea97cecc9a14167a0ba6e268b9e83bd464b4fe4a374d06e6b2302935c4cd9a127680c0ce535192d0172e343d2e169afea3d01a005f0c5b39368634b003a9d761b73833304aa7bedde58654621556f8ea3744a1e0e235de4c3041b06b98b370e21a2ed74bb71c832d158835c2a6b87dcc03d3279154ec9d9a57c815c3a4dcae92c8d29f0f812781dba72c86eae7e9cb69a51f146c26b501ac70e17d764eb599f4e2d807064c043cf725b02c8868b02b67be233dbd00dd010992ddaa96da632317d7035b570d9c35520448473a2daa19b609fedd7f5d15c53ee8af1a3ff42ebc58bed0980c8358c8a99e0aa5f2b794e1a6f7021bd398e6f0de05741113f36ac231577abe25e2a6e80a23edef84daf4cdd295168233aafe22060645f7c2212714dbae822080484076aad35045fbbe82751edf5043661516bcaa76b292e1738508d318f4dbc59a573acc77c7d23bbf7c7e58bfb4819a85ddd145cc262c780a60c5f77fb7721eeb53972761f0997dcb69d97d0c6b77aac2a7de5d8b3b6aea136eb1986308a2b0f3a79b08dfcdfc19aab56bcabe7a79977017b5d5ff23ae35b731060d576dc6e3d72282f810d27179ce787d7bca02ad233791f04552d8e8320ce8c488709d7468315f0feefd7e31d595fc5601938e91f0627aa2da4fb7f38bcdd8209d5ad7e67db6f4bf42641eac04287669b9969bd65329f9122fcdde75b5a4028e31ed63d10e8b37705053efee85c6b94b1cc6d6c6a535a422548e12f7fdf80051478a4f4c94f0889903fabe408a21ec015d1db8da64597e7b4eb187e0f0e3b2447093af11a0df9aa29ab8662f0ee303060dc8e85cc9b1c56943f1d9a7809be38468f07e712bbe9c57dcecae9ed66046453aac7e01a96bf24a59678b365e4b558c5ffdcd39cafc5587f58bbf6898f0ae6d65688d1901bd5ed0c19f147dffc3821712f2f1aab44f3ef5ab6c4395b38cb02b3d52094ea929b56ec339c13e0a2d3f6a97aa914e643fbabf05cd98ab8eea7ab4c85ba83ec954def957a71341e6a2448f2ed4228e2327e45659f6c692eb758941d5bc7f441d22b8a13033e194fab9b26b4c91ad92226756f037dffa66ee65df6a3c651b20d1eb8c41032dfe76b8f8e9d11220123dc4317af626acd55d15a801b65b4667cea9bac5c781b314fe44b8ee34b02db5c56dbd12281959577aa885c5594b72af82ba97d078b80ec97a2279a5345d78870e4f6099df9d31e15e827569c6198f72a22c19d0a25e12e470bffd7521e3ccdd0e49f9e2ad1da9bd76e4e0b0746ba031334ee1b9000ea81ea0ec2df971765a3452b358f81b588971503d7c41dac6d7848c20821074b1d188cba01452a7aaf4c4283a0cb0dcc0b3d34f097406bc6703124c111c1e184a313872befdac0327d10e592270efe7d925932cfc9c1e1f4d995dc9fe4addba458da4fc5a2c7b96a93373632b3fb5b0b212a55b6363373e255f3ec0c9b4579c5310b83c63d72a57dac9d9735230eb6b3e816fd41cb55eeb6490c212904ed45545eea0511afdd8af11333cd575ae7a182ba05f1916bb2297db5c0418ef66cf41e5e7df0d1eab040736bf43be0df20830cc97fd5f40dbb4c20b243f2c43e382fe6db029ef4682c6a14068dc17a2b4b2d49d1c637ea2abfec23fac974157c875315ea59aae6aa72521080ac1e212d98453b864d71d93ef24074a5eb70e0488c23c1d2220f1ec20f0bacb4548a04accd9ed6160605f3be6598d5418f67d943c571a445bea318a6ef056aa343ced4876a4039409a9c1736d5b017bb4ea00167141a176eda392f07ea321123f3402092d308916891358890a47b8e8b2821c8ce0ae78fa8350bf88a2ddcee8c6ada30084736d69ebbc4716de9bf2a382f892c8213a431241d3468651447dcf971ee53a84953e5c1c718bd6a43fbe5b90874a083e4faa4c1d3549d2d9266f2978ee268046670711e04ebd72ee05306c41d025999a331b5ecb1eb6482aacc6f21d62036dbee9b99b330d4f97584921f7b82775c2687c3497a21aa82780d0befff56204fe79e09e8aa61033243ff070a3b78d8c79f3424c5271eef9973923717fc16d066eae585f7e0e70b36745e71a4a3df774ca1b6f380045e1205ca1083d4a3117406776d974c3f1c2df124ad36c06db678bcef176b2bbb2aa85ef6cdec16bb0079d590e9caa2af83dd10f424979f896cb649419a1f25aaf54c37cdbb1e2adacdabc294dbd7f3ccdc25a238f5f34c1fb02becf1eacbd9e926e7b34c2e1b3d3a1ec2b13a8190368b57ecfe2946082071d611d20183edabbf118dba8423ae8e1def3b289bdef01ccf168a8bd1a175bce6849b7ead7d2ba27da1cb284ad45e00a35c5326684f561acceaf2b6ba7161167b43ff24242043f983b94283d60076a65348dad143c70a7d4f6bb21634a28ac1af40e417bcdbbd67669b33ede2837372fe7658b7e82241ed44fc12fc54c0b2ea5befda0f9e19cc61fa7fdc7463df7277316459a297cfffc5473b483cc5b7347d9e1727f18eca8381a5e903d76376bdb76c8cd8a5553452f2782d03e750374292022be1c161b4ab9cc5bea29f20ffd14bf414706217e070362bafe80a9c669160ba42a6ee8705801cb26ff5cb923d5f9690ee85b25732230b74863d1d88fd45d78bda1f2ac55498ff11c487f4e95c572c14b2f6a4a60915563df4991d5f00b239b63fb80932836e9951da0e14b9ae8f0226c1b4a4c5e454ca5e411338120afe96302d88d5390d817b37015258cb014e5b876a97a76d770504c19c76adc7d1e530aec8e95db63e6ccb51a409e0a89b95224f91a8e87d2d4ddb6c527362ce368a389001d0f25a1ad72d9f2f6195a7212fd4c07b25b5fe3ab37f91ce7851f8f5ffeefaa9c180295b1879e6f2bdc149d0a633d4bf660e9097b32de2a81b46d76b80f92f445377da79fa791067c6777a884e3ea8d291cba7e7ab8c83d0f516fd91a4752b6b6012180b6175943db4b31b203a34722f491e5c1e51bf39df601979c8fecd4d08aa74c9c25edf361de434eb751300d705b0b0148ff74782eed57b1981fce199cbfb383ec62fbf4c892c66d97d2b8d0662014ce509763a75767d4709acfbafb352aea68e91bd3ef145f55f672d4739b4f2dec356c9440cd224ff7b9fd422bf31993c982b5b23c4154e57fbd17560031feaf0853ca65b3be1db2fda811e577ca6eb105666a9cfca7c377bbd362c362d94e3273941b134a41892e61b060837aa17c09f49d541333639d4524f516f9b5237d47a054833d967e59908f264d4915574b8d623e94dff1ac91596feca4add7f6f88fc3c991c673f7622641a372c73a92e83e230e47348a60b5f4458f57008d5da840ef8e117d1a8b0dd7a7a6a4f9ed94b9920d7e8df9ff7a83db7c490377f6a5925ae00a91bb4d60c3a04356b2d08152bb8c71265bf2cbc06258df57beaccf1f50a2d1319affc5a6f3494c8cd6adde5cfad518952652628aa6b42108469438b9d380405d8b29c32c42f637d5cac05d314d41da418efc855d15918e9d7f7013772273de3a241b261b9ae6cb6fb83af1742d8f32208aa40ac16f0efe88810207e3e5b90d53aba732d0c8f708dc835", 0x1000, 0x4000090, &(0x7f0000001180)={0x3, {"6aebb11d5564bf"}, 0x40}, 0x10) name_to_handle_at(r0, &(0x7f00000011c0)='./file0\x00', &(0x7f0000001200)={0x107, 0x8, "2b0bee79b18dfaf6e1e71da0545036296c6c3c77643454836e80407a5656714a066fd8b80b3c660134245338e06a97f3da7483b13d4df45e027e9b053754fa90b89a6e9fc44b11837298b2a7b06f9c0d81a0c4838f2f1130afafad9d8979a495c43ed2b17ebdba6cb1e8bd846efa114caf8dfb3b8b861f5ff75c561c461e7a24919824e8afe9079e501418cbaea7a3245f080b85bbd98236919448accec83791d34fa8634ef36faddcd8c58431340f374b43a6d5326ad4d89a026e607ca9d101feeae51545332610b6794424d82c7ee5b5229337f99583bfd3d0ec011f66f8f9657301efd7bb0f6e76593ae010298acfff91a5e68a864015955851479369e4"}, &(0x7f0000001340), 0x1000) syz_kvm_setup_cpu$x86(r0, r0, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000040)="65360fe018ab0f2dbb00300000660f38813066baa100ed0f6e64bd78f30f0137f3df2417660f388116660f38822a", 0x2e}], 0x1, 0x0, &(0x7f0000000140)=[@dstype3={0x7, 0xc}, @dstype0={0x6, 0x6}], 0x2) 2018/06/01 03:16:14 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:14 executing program 2 (fault-call:2 fault-nth:64): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:14 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x91ffffff}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:14 executing program 7: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x244000, 0x0) ioctl$int_in(r0, 0x80000080045017, &(0x7f000082448b)=0x1) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000000)={0x70f, 0x5, 0x6, "717565756531000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009ac27aa4b82c00b900", 0x6}) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000100)) [ 1388.262750] FAULT_INJECTION: forcing a failure. [ 1388.262750] name failslab, interval 1, probability 0, space 0, times 0 [ 1388.274181] CPU: 0 PID: 23115 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1388.281555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1388.290922] Call Trace: [ 1388.293533] dump_stack+0x1b9/0x294 [ 1388.297181] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1388.302561] ? is_bpf_text_address+0xd7/0x170 [ 1388.307077] ? kernel_text_address+0x79/0xf0 2018/06/01 03:16:14 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(cast6)\x00'}, 0x58) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) r1 = accept4(r0, 0x0, &(0x7f0000000100), 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmmsg(r1, &(0x7f00000052c0)=[{{&(0x7f0000000600)=@in={0x2, 0x0, @loopback=0x7f000001}, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000a40)="9b", 0x1}], 0x1, &(0x7f0000000b00)}}, {{&(0x7f0000003100)=@hci={0x1f}, 0x80, &(0x7f00000032c0)}}], 0x8000000000001d3, 0x0) 2018/06/01 03:16:14 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:14 executing program 3: r0 = memfd_create(&(0x7f0000000100)="885d292b00", 0x0) write(r0, &(0x7f0000000080)="a8", 0xfffffffffffffe66) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) sendfile(r0, r0, &(0x7f0000000040), 0xff8) rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000240)='./file0\x00') [ 1388.311522] ? __unwind_start+0x166/0x330 [ 1388.315692] should_fail.cold.4+0xa/0x1a [ 1388.319770] ? __save_stack_trace+0x7e/0xd0 [ 1388.324107] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1388.329239] ? save_stack+0xa9/0xd0 [ 1388.332879] ? save_stack+0x43/0xd0 [ 1388.336516] ? kasan_kmalloc+0xc4/0xe0 [ 1388.340411] ? kasan_slab_alloc+0x12/0x20 [ 1388.344599] ? find_held_lock+0x36/0x1c0 [ 1388.348689] ? check_same_owner+0x320/0x320 [ 1388.353052] ? rcu_note_context_switch+0x710/0x710 [ 1388.358180] __should_failslab+0x124/0x180 [ 1388.362474] should_failslab+0x9/0x14 [ 1388.366291] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1388.371423] __kmalloc_node_track_caller+0x33/0x70 [ 1388.376378] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1388.381154] __alloc_skb+0x14d/0x780 [ 1388.384888] ? skb_scrub_packet+0x580/0x580 [ 1388.389229] ? dst_init+0x459/0x600 [ 1388.392877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1388.398465] ? ip_generic_getfrag+0x11c/0x2d0 [ 1388.402981] ? ip_reply_glue_bits+0xc0/0xc0 [ 1388.407326] ? __sanitizer_cov_trace_cmp4+0x16/0x20 2018/06/01 03:16:15 executing program 7: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f00000001c0)) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$int_out(r0, 0x5462, &(0x7f0000000000)) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x2c, r2, 0x4, 0x70bd2c, 0x25dfdbff, {0x3}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffffffffeff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x101}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) sendmsg$nl_generic(r1, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0xf503}, 0xc, &(0x7f0000000280)={&(0x7f0000000ac0)={0x14, 0x27, 0xffffffffffffffff, 0x0, 0x0, {0x8}}, 0x32a}, 0x1}, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)}) [ 1388.412459] ? skb_put+0x17b/0x1e0 [ 1388.416022] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1388.421061] ? ip_reply_glue_bits+0xc0/0xc0 [ 1388.425413] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1388.431253] ? xfrm_policy_lookup+0x70/0x70 [ 1388.435593] ? ipv4_mtu+0x375/0x580 [ 1388.439237] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1388.444703] ? find_held_lock+0x36/0x1c0 [ 1388.448788] ? ip_setup_cork+0x44d/0x6d0 [ 1388.452870] ip_make_skb+0x2be/0x350 [ 1388.456606] ? ip_reply_glue_bits+0xc0/0xc0 [ 1388.460943] ? ip_flush_pending_frames+0x30/0x30 [ 1388.465737] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1388.471296] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1388.476848] ? xfrm_lookup_route+0x64/0x1f0 [ 1388.481197] udp_sendmsg+0x24ec/0x35e0 [ 1388.485101] ? ip_reply_glue_bits+0xc0/0xc0 [ 1388.489444] ? udp4_lib_lookup2+0x340/0x340 [ 1388.493774] ? graph_lock+0x170/0x170 [ 1388.497608] ? expand_files.part.8+0x9a0/0x9a0 [ 1388.502380] ? check_same_owner+0x320/0x320 [ 1388.506767] ? lock_downgrade+0x8e0/0x8e0 [ 1388.510938] ? lock_release+0xa10/0xa10 [ 1388.514923] ? check_same_owner+0x320/0x320 [ 1388.519254] ? __check_object_size+0x95/0x5d9 [ 1388.523762] inet_sendmsg+0x19f/0x690 [ 1388.527573] ? __might_sleep+0x95/0x190 [ 1388.531554] ? ipip_gro_receive+0x100/0x100 [ 1388.535891] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1388.541472] ? security_socket_sendmsg+0x94/0xc0 [ 1388.546245] ? ipip_gro_receive+0x100/0x100 [ 1388.550595] sock_sendmsg+0xd5/0x120 [ 1388.554326] __sys_sendto+0x3d7/0x670 [ 1388.558139] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1388.562829] ? wait_for_completion+0x870/0x870 [ 1388.567432] ? __lock_is_held+0xb5/0x140 [ 1388.571502] ? __sb_end_write+0xac/0xe0 [ 1388.575696] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1388.581228] ? fput+0x130/0x1a0 [ 1388.584503] ? ksys_write+0x1a6/0x250 [ 1388.588440] ? __do_page_fault+0x441/0xe40 [ 1388.592666] ? __ia32_sys_read+0xb0/0xb0 [ 1388.596723] __ia32_sys_sendto+0xdf/0x1a0 [ 1388.600862] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1388.605874] do_fast_syscall_32+0x345/0xf9b [ 1388.610192] ? do_int80_syscall_32+0x880/0x880 [ 1388.614763] ? _raw_spin_unlock_irq+0x27/0x70 [ 1388.619252] ? finish_task_switch+0x1ca/0x840 [ 1388.623842] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1388.629371] ? syscall_return_slowpath+0x30f/0x5c0 [ 1388.634318] ? sysret32_from_system_call+0x5/0x46 [ 1388.639159] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1388.644087] entry_SYSENTER_compat+0x70/0x7f [ 1388.648486] RIP: 0023:0xf7f63cb9 [ 1388.651937] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:16:15 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:15 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:15 executing program 1: mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000300)='/dev/vcsa#\x00', 0x8, 0x400) ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000340)=""/242) mlock2(&(0x7f00002d3000/0x3000)=nil, 0x3000, 0x0) mremap(&(0x7f000097b000/0x1000)=nil, 0x1000, 0xf000, 0x3, &(0x7f00000bb000/0xf000)=nil) mlock2(&(0x7f0000b30000/0x3000)=nil, 0x3000, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x0, 0x40) ioctl$SG_GET_REQUEST_TABLE(r1, 0x2286, &(0x7f0000000040)) mlockall(0x4) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x100000000, 0x1fe00, 0x6, 0x7, 0x6, 0x2, 0x2, {0x0, @in6={{0xa, 0x4e20, 0x8, @loopback={0x0, 0x1}, 0x5}}, 0x4a61, 0x80000000, 0x4, 0xb03a, 0xe4100}}, &(0x7f0000000280)=0xb0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={r2, 0x8, 0x20}, 0xc) ioctl$DRM_IOCTL_IRQ_BUSID(r1, 0xc0106403, &(0x7f0000000000)={0x6, 0x4622, 0x4}) [ 1388.659815] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1388.667071] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1388.674329] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1388.681612] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1388.688867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:15 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'vmac(blowfish-asm)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) 2018/06/01 03:16:15 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:16 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000003f00"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:16 executing program 1: r0 = socket(0x11, 0x2, 0x0) r1 = syz_open_dev$tun(&(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x222300) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"6966623000fbffffffffffffff00", 0x20110f}) syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x80) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000100)={'ip6gre0\x00', 0x400}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00\x00\x00\x00\x00\x00\x00!\x00', 0xa201}) 2018/06/01 03:16:16 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:16 executing program 6: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x6}, 0x10) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], &(0x7f00000001c0)=0x8) 2018/06/01 03:16:16 executing program 7: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x401, 0xc00) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) r1 = socket$packet(0x11, 0x0, 0x300) getsockopt$packet_buf(r1, 0x107, 0x8, &(0x7f0000000100)=""/119, &(0x7f0000000280)=0x77) 2018/06/01 03:16:16 executing program 2 (fault-call:2 fault-nth:65): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:16 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x3000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:16 executing program 3: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x101000, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0086426, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{}, {}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f00000000c0)={r1, 0x3}) r2 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0xfffffffffffff5ec, 0x480) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000001480)='/dev/qat_adf_ctl\x00', 0x8000, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r3, 0x29, 0xcc, &(0x7f00000014c0)={{0xa, 0x4e24, 0xfff, @local={0xfe, 0x80, [], 0xaa}, 0x80000001}, {0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, [], 0xb}, 0x4}, 0x3, [0x2, 0x1, 0x1d54, 0x9, 0xe1dc, 0x7, 0x5, 0x6]}, 0x5c) getpeername$packet(r0, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000001580)=0x14) ioctl$sock_inet_SIOCDARP(r3, 0x8953, &(0x7f00000015c0)={{0x2, 0x4e23, @multicast1=0xe0000001}, {0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x68, {0x2, 0x4e23, @loopback=0x7f000001}, 'veth0\x00'}) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000001640)=0x1, 0x4) r4 = add_key$keyring(&(0x7f0000001780)='keyring\x00', &(0x7f00000017c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffff9) r5 = add_key$user(&(0x7f0000001680)='user\x00', &(0x7f00000016c0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000001700)="0bc87e3147237a07f908304664565534f5d7c61c0e4b91a44f4c80c6f55b2ee16dbacc7167f5c01ca628d72e6b25838d63169ffab36978c9d1f03ec08416c8c642", 0x41, r4) r6 = getpgrp(0x0) ioctl$BLKTRACESETUP(r3, 0xc0401273, &(0x7f0000001800)={[], 0x0, 0x8001, 0x49, 0x1000, 0x2f, r6}) ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000001880)={0x1, 0x0, [{}]}) sched_getparam(r6, &(0x7f00000018c0)) write(r0, &(0x7f0000001900)="e320d74f92f13d3fb61dbdc149442273cdd7959a258f68a82a9a806793e2bc67ab710fb0c50f5239d31ca12fe702a5d60dbc65155b96c01ca087b171c11fcf0be42a96b454f1e12228567968ab175dc895beda8957f47366f9ba21ee788f1362a2e0556376446cfed1f38c52bf4e98d5e8089a2db25f1cd871aa7cfe8c9ac24607aa674332848feb6ed78623404c15b6a5731e68e6824db90d8a671a872fca36c7214c02243e638216416d258cefaf75c9ce0d32ef80ff712454e31a827aff67702236790e9b9d21ae127cd5284f711925027411cfaebe5c8c39467aa3b38bfdafbd27fa5283d14472", 0xe9) ioctl$EVIOCSFF(r2, 0x402c4580, &(0x7f0000001a00)={0x55, 0x7, 0x8001, {0x7, 0xffffffff}, {0x1, 0x3}, @cond=[{0x100000001, 0x200, 0x7, 0x80, 0x7, 0x2}, {0x8, 0x8727, 0x89c, 0x40, 0x382, 0x8}]}) fremovexattr(r0, &(0x7f0000001a40)=@known='system.advise\x00') ioctl$IOC_PR_REGISTER(r2, 0x401870c8, &(0x7f0000001a80)={0x8000, 0x4, 0x1}) setsockopt$inet_mreqsrc(r0, 0x0, 0x2d, &(0x7f0000001ac0)={@remote={0xac, 0x14, 0x14, 0xbb}, @multicast1=0xe0000001, @broadcast=0xffffffff}, 0xc) keyctl$negate(0xd, r5, 0x8, r4) removexattr(&(0x7f0000001b00)='.\x00', &(0x7f0000001b40)=@known='com.apple.FinderInfo\x00') add_key$user(&(0x7f0000001b80)='user\x00', &(0x7f0000001bc0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000001c00)="382b7f7609e2cbe4729229799ce9f30a046797b82da611f1883ae9892fb889aa394f7751c5847e6dc81d5ee71ee7a36eaab696093d8a8cf8342e76d6968bf85fc90806ca2bf76227a0c424730f05f6d496351726c8dccfe4515c05ba948f46ce85c3430bc6878f57ab3a7dae7f6b7194b9bffe6512a80a94cf08e671c5b7b6880914635126f6a7c0e600bb6e731ab2122e765b79f40291ac77c87f1da10b72e0bfe2652df736f48f72e5e87b533d9fbcee03ba044a5ec56bfb544d60e334ba0de058ef0126f09fe4afc65b8f90af032284f6cbe756e6ef4e5cb6324edb5fd0e0ee749c961ea8a12831f14a17ad", 0xed, r4) ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc00c6419, &(0x7f0000003180)={0x8, &(0x7f0000001d00)=""/60, &(0x7f0000003100)=[{0x100000000, 0xa4, 0x1f, &(0x7f0000001d40)=""/164}, {0x3, 0x2f, 0x2, &(0x7f0000001e00)=""/47}, {0x10000, 0x6d, 0x5, &(0x7f0000001e40)=""/109}, {0x3, 0xda, 0x6, &(0x7f0000001ec0)=""/218}, {0x251, 0x0, 0x7ff, &(0x7f0000001fc0)}, {0x956, 0xb6, 0x6, &(0x7f0000002000)=""/182}, {0x1ff, 0x1000, 0x2, &(0x7f00000020c0)=""/4096}, {0x9, 0x1c, 0x9, &(0x7f00000030c0)=""/28}]}) r7 = syz_open_dev$sndpcmc(&(0x7f00000031c0)='/dev/snd/pcmC#D#c\x00', 0x2, 0x80000) connect$inet(r3, &(0x7f0000003200)={0x2, 0x4e24, @loopback=0x7f000001}, 0x10) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000003240)={0x0, r7, 0xa, 0x3}, 0x14) setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000003280)=0x2, 0x4) r8 = getegid() ioctl$TUNSETGROUP(r3, 0x400454ce, r8) [ 1389.435522] FAULT_INJECTION: forcing a failure. [ 1389.435522] name failslab, interval 1, probability 0, space 0, times 0 [ 1389.447066] CPU: 0 PID: 23193 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1389.454446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1389.464008] Call Trace: [ 1389.466621] dump_stack+0x1b9/0x294 [ 1389.470269] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1389.475527] ? unwind_get_return_address+0x61/0xa0 2018/06/01 03:16:16 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000004003"], 0x60}, 0x1}, 0x0) [ 1389.480491] ? __save_stack_trace+0x7e/0xd0 2018/06/01 03:16:16 executing program 6: prctl$intptr(0x26, 0x0) syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x5, 0x200000) fanotify_init(0x6, 0x1) 2018/06/01 03:16:16 executing program 1: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f00000001c0)={0x18, 0x0, {0x3, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xd}, "626f6e64480000000001000080f100"}}, 0x1e) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x400000, 0x0) getpeername$inet6(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000100)=0x1c) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000400)={'ip6_vti0\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}}) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000200), &(0x7f0000000240)=0x40) r2 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x7, 0x101000) ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000180)={0x100, 0x4}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffe) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0xbe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000180)={&(0x7f0000024000)={0x10}, 0x211, &(0x7f0000023ff0)={&(0x7f0000010ec4)=ANY=[@ANYBLOB="200000003000ff0a0000000000000000040000000c0000000800017f"], 0x20}, 0x1}, 0x0) write$eventfd(r1, &(0x7f00000003c0)=0x7fffffff, 0x8) keyctl$describe(0x6, r4, &(0x7f0000000300)=""/169, 0xa9) perf_event_open(&(0x7f0000223000)={0x0, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r3, 0x8937, &(0x7f0000000040)={'bond0\x00', r6}) syz_open_dev$usbmon(&(0x7f0000000440)='/dev/usbmon#\x00', 0x7ff, 0x0) 2018/06/01 03:16:16 executing program 7: r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, @dev}, &(0x7f00000000c0)=0x10, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000240)={0x7, {0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, {0x2, 0x4e22, @rand_addr=0x3}, {0x2, 0x4e21}, 0x80, 0x3, 0x9, 0x3b, 0x7, &(0x7f0000000100)='dummy0\x00', 0x8, 0x0, 0xfffffffffffffffb}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000002c0)=0x0) sched_getscheduler(r1) r2 = socket(0xa, 0x1, 0x0) syncfs(r2) setsockopt$inet_int(r2, 0x0, 0x8, &(0x7f0000000300)=0x788b0ebd, 0x409e) setsockopt$inet_int(r2, 0x0, 0x18, &(0x7f0000000000)=0x800, 0x4) getsockopt$inet_opts(r2, 0x0, 0x9, &(0x7f0000000140)=""/249, &(0x7f0000000040)=0xf9) 2018/06/01 03:16:16 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1389.480514] should_fail.cold.4+0xa/0x1a [ 1389.480535] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1389.480553] ? save_stack+0xa9/0xd0 2018/06/01 03:16:16 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000400"], 0x60}, 0x1}, 0x0) [ 1389.480570] ? save_stack+0x43/0xd0 [ 1389.480585] ? kasan_kmalloc+0xc4/0xe0 [ 1389.480602] ? __kmalloc_node_track_caller+0x47/0x70 2018/06/01 03:16:16 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000032c0)=@getlink={0x2c, 0x12, 0xf31, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x4, 0x12}, @IFLA_MASTER={0x8, 0xa}]}, 0x2c}, 0x1}, 0x0) r1 = creat(&(0x7f00000002c0)='./file0/file0\x00', 0x130) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000080)={0x1, @multicast1=0xe0000001, 0x4e24, 0x1, 'ovf\x00', 0x1, 0x6, 0x60}, 0x2c) creat(&(0x7f00000001c0)='./file0\x00', 0x20) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, &(0x7f0000000100)=0x8) ioctl$sock_ipx_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={'team_slave_0\x00', {0x4, 0x9, 0x9, "997d97272eae", 0x80000001}}) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000180)={r2, 0x5}, 0x8) statfs(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000300)=""/113) 2018/06/01 03:16:16 executing program 2 (fault-call:2 fault-nth:66): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1389.480618] ? __alloc_skb+0x14d/0x780 [ 1389.480631] ? __ip_append_data.isra.47+0x21d0/0x2a30 2018/06/01 03:16:16 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x5, 0x0) bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) r1 = socket$inet6(0xa, 0x8000000001, 0x6) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000300)=ANY=[@ANYBLOB="6d616eff006500000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cf0000000000ebd02a6fa5580bd1a48fb47cd3dad83c3827078a490a436f3debd693f6091fdd8d10cfe51bc5ed4d90f6c099e57148d70000da7587b440d45e2021f28bcf23af368fc48ea3a9ddff287806686e2bc40bb2f621862fedb8f4978c7c6bd0d32151c5961cfde0483fa98c7ddbc49173f6a4af997b0379c3a9dba0a83d744a2487e4c52d5ad83083ff2e5a44b57376a58b458308bcc751b48bdc955e1db205045a2953355f9aea1845fab68cf5e14cfbef9c2a3c7dc36981fcd5b3f91265faf0122e3e7f86946a4fcfce904e5c50624fe5a96ef5ba5a19003f376727df0472392139dc4c60c17952e76f0aea62fcbea5674ceeb26b38f8bea5ac06d9afb02953923ee675c79923cfc4e6d332b969bf90d05c6bce1c7746ebb0068c8fa4633bbf23f4cb52106c77ab8e7f01636753f1c9502813ce7d5f0cb2a0ddcb2fa2439873b87b598a8500f70d5c6a75d82cd6fb7f9541767b21fb1b179b6b33f45011d59e9eb3239195bf78df23cd2d1c60e12843e482ba98a19ff04fbf0e9fda93dcc7b98330a36bc33ae198f85e1cd2000092a2da578ac35dffed26d41293778c0352a29fd156c45a2856559c2d98635ef6dcbc360b2983d4a920e4632563847da6cc76ded89daa521e68803f2d8fff6f2319bda873e0f2949c523252809279cbf3f2a4ebbee1f5f8a3b565d031cd55172169ee3be8a75e1e90804eb9e5013263360c6c193eced6e079e54d80c5e151bac7c606ac6a4ae1b79aa5c39991db789d8e17f96a5706acb7df3ee197e750e78ad3"], 0x78) bind$inet6(r1, &(0x7f000067efe4)={0xa, 0x4e20, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) openat$full(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/full\x00', 0x2000, 0x0) [ 1389.480644] ? ip_make_skb+0x2be/0x350 [ 1389.480657] ? udp_sendmsg+0x24ec/0x35e0 [ 1389.480669] ? inet_sendmsg+0x19f/0x690 [ 1389.480684] ? sock_sendmsg+0xd5/0x120 [ 1389.480695] ? __sys_sendto+0x3d7/0x670 [ 1389.480707] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1389.480723] ? do_fast_syscall_32+0x345/0xf9b [ 1389.480740] ? find_held_lock+0x36/0x1c0 [ 1389.480774] ? check_same_owner+0x320/0x320 [ 1389.480791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1389.480808] ? rcu_note_context_switch+0x710/0x710 [ 1389.480826] __should_failslab+0x124/0x180 [ 1389.480843] should_failslab+0x9/0x14 [ 1389.480857] kmem_cache_alloc_node+0x272/0x780 [ 1389.480882] __alloc_skb+0x111/0x780 [ 1389.480901] ? skb_scrub_packet+0x580/0x580 [ 1389.480921] ? dst_init+0x459/0x600 [ 1389.480942] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1389.480955] ? ip_generic_getfrag+0x11c/0x2d0 [ 1389.480971] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.480990] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1389.481004] ? skb_put+0x17b/0x1e0 [ 1389.481022] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1389.481040] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.481065] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1389.481082] ? xfrm_policy_lookup+0x70/0x70 [ 1389.481100] ? ipv4_mtu+0x375/0x580 [ 1389.481118] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1389.481130] ? find_held_lock+0x36/0x1c0 [ 1389.481157] ? ip_setup_cork+0x44d/0x6d0 [ 1389.481174] ip_make_skb+0x2be/0x350 [ 1389.481191] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.481208] ? ip_flush_pending_frames+0x30/0x30 [ 1389.481228] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1389.481251] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1389.481264] ? xfrm_lookup_route+0x64/0x1f0 [ 1389.481283] udp_sendmsg+0x24ec/0x35e0 [ 1389.481303] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.481324] ? udp4_lib_lookup2+0x340/0x340 [ 1389.481338] ? graph_lock+0x170/0x170 [ 1389.481370] ? expand_files.part.8+0x9a0/0x9a0 [ 1389.481385] ? check_same_owner+0x320/0x320 [ 1389.481419] ? lock_downgrade+0x8e0/0x8e0 [ 1389.481436] ? lock_release+0xa10/0xa10 [ 1389.481453] ? check_same_owner+0x320/0x320 [ 1389.481472] ? __check_object_size+0x95/0x5d9 [ 1389.481491] inet_sendmsg+0x19f/0x690 [ 1389.481506] ? __might_sleep+0x95/0x190 [ 1389.481522] ? ipip_gro_receive+0x100/0x100 [ 1389.481543] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1389.481560] ? security_socket_sendmsg+0x94/0xc0 [ 1389.481573] ? ipip_gro_receive+0x100/0x100 [ 1389.481590] sock_sendmsg+0xd5/0x120 [ 1389.481605] __sys_sendto+0x3d7/0x670 [ 1389.481622] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1389.481641] ? wait_for_completion+0x870/0x870 [ 1389.481659] ? __lock_is_held+0xb5/0x140 [ 1389.481686] ? __sb_end_write+0xac/0xe0 [ 1389.481706] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1389.481719] ? fput+0x130/0x1a0 [ 1389.481734] ? ksys_write+0x1a6/0x250 [ 1389.481749] ? __do_page_fault+0x441/0xe40 [ 1389.481764] ? __ia32_sys_read+0xb0/0xb0 [ 1389.481784] __ia32_sys_sendto+0xdf/0x1a0 [ 1389.481799] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1389.481817] do_fast_syscall_32+0x345/0xf9b [ 1389.481836] ? do_int80_syscall_32+0x880/0x880 [ 1389.481847] ? _raw_spin_unlock_irq+0x27/0x70 [ 1389.481862] ? finish_task_switch+0x1ca/0x840 [ 1389.481882] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1389.481897] ? syscall_return_slowpath+0x30f/0x5c0 [ 1389.481916] ? sysret32_from_system_call+0x5/0x46 [ 1389.481936] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1389.481956] entry_SYSENTER_compat+0x70/0x7f [ 1389.481968] RIP: 0023:0xf7f63cb9 [ 1389.481976] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1389.481992] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1389.482001] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1389.482009] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1389.482017] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1389.482025] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1389.483881] validate_nla: 4 callbacks suppressed [ 1389.483892] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1389.627487] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1389.643712] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1389.763962] FAULT_INJECTION: forcing a failure. [ 1389.763962] name failslab, interval 1, probability 0, space 0, times 0 [ 1389.763982] CPU: 0 PID: 23238 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1389.763992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1389.763998] Call Trace: [ 1389.764028] dump_stack+0x1b9/0x294 [ 1389.764051] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1389.764069] ? perf_trace_lock_acquire+0xe3/0x980 [ 1389.764086] ? kernel_text_address+0x79/0xf0 [ 1389.764102] ? __unwind_start+0x166/0x330 [ 1389.764123] should_fail.cold.4+0xa/0x1a [ 1389.764140] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1389.764166] ? save_stack+0xa9/0xd0 [ 1389.764182] ? save_stack+0x43/0xd0 [ 1389.764197] ? kasan_slab_alloc+0x12/0x20 [ 1389.764216] ? find_held_lock+0x36/0x1c0 [ 1389.764252] ? check_same_owner+0x320/0x320 [ 1389.764271] ? rcu_note_context_switch+0x710/0x710 [ 1389.764290] __should_failslab+0x124/0x180 [ 1389.764307] should_failslab+0x9/0x14 [ 1389.764330] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1389.764359] __kmalloc_node_track_caller+0x33/0x70 [ 1389.764382] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1389.764401] __alloc_skb+0x14d/0x780 [ 1389.764421] ? skb_scrub_packet+0x580/0x580 [ 1389.764440] ? dst_init+0x459/0x600 [ 1389.764461] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1389.764475] ? ip_generic_getfrag+0x11c/0x2d0 [ 1389.764491] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.764508] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1389.764522] ? skb_put+0x17b/0x1e0 [ 1389.764541] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1389.764563] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.764591] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1389.764609] ? xfrm_policy_lookup+0x70/0x70 [ 1389.764628] ? ipv4_mtu+0x375/0x580 [ 1389.764644] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1389.764657] ? find_held_lock+0x36/0x1c0 [ 1389.764686] ? ip_setup_cork+0x44d/0x6d0 [ 1389.764703] ip_make_skb+0x2be/0x350 [ 1389.764721] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.764739] ? ip_flush_pending_frames+0x30/0x30 [ 1389.764761] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1389.764785] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1389.764797] ? xfrm_lookup_route+0x64/0x1f0 [ 1389.764817] udp_sendmsg+0x24ec/0x35e0 [ 1389.764838] ? ip_reply_glue_bits+0xc0/0xc0 [ 1389.764860] ? udp4_lib_lookup2+0x340/0x340 [ 1389.764874] ? graph_lock+0x170/0x170 [ 1389.764896] ? expand_files.part.8+0x9a0/0x9a0 [ 1389.764930] ? lock_downgrade+0x8e0/0x8e0 [ 1389.764944] ? lock_release+0xa10/0xa10 [ 1389.764963] ? __check_object_size+0x95/0x5d9 [ 1389.764980] inet_sendmsg+0x19f/0x690 [ 1389.764993] ? __might_sleep+0x95/0x190 [ 1389.765007] ? ipip_gro_receive+0x100/0x100 [ 1389.765028] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1389.765046] ? security_socket_sendmsg+0x94/0xc0 [ 1389.765059] ? ipip_gro_receive+0x100/0x100 [ 1389.765079] sock_sendmsg+0xd5/0x120 [ 1389.765094] __sys_sendto+0x3d7/0x670 [ 1389.765112] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1389.765132] ? wait_for_completion+0x870/0x870 [ 1389.765150] ? __lock_is_held+0xb5/0x140 [ 1389.765176] ? __sb_end_write+0xac/0xe0 [ 1389.765193] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1389.765205] ? fput+0x130/0x1a0 [ 1389.765217] ? ksys_write+0x1a6/0x250 [ 1389.765230] ? __do_page_fault+0x441/0xe40 [ 1389.765245] ? __ia32_sys_read+0xb0/0xb0 [ 1389.765265] __ia32_sys_sendto+0xdf/0x1a0 [ 1389.765280] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1389.765300] do_fast_syscall_32+0x345/0xf9b [ 1389.765328] ? do_int80_syscall_32+0x880/0x880 [ 1389.765343] ? _raw_spin_unlock_irq+0x27/0x70 [ 1389.765362] ? finish_task_switch+0x1ca/0x840 [ 1389.765384] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1389.765401] ? syscall_return_slowpath+0x30f/0x5c0 [ 1389.765421] ? sysret32_from_system_call+0x5/0x46 [ 1389.765441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1389.765461] entry_SYSENTER_compat+0x70/0x7f [ 1389.765472] RIP: 0023:0xf7f63cb9 [ 1389.765480] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:16:17 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:17 executing program 6: clone(0x200, &(0x7f0000fbf000), &(0x7f0000000000), &(0x7f0000000100), &(0x7f00000000c0)) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000a7bfc8), &(0x7f00006fcff0)) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000008ff8)=0x3f) recvfrom$unix(r2, &(0x7f0000bf5000), 0x0, 0x0, &(0x7f0000d93ff6)=@file={0x0, './file0\x00'}, 0x6e) r3 = syz_open_procfs(r0, &(0x7f0000000200)='environ\x00') r4 = getpid() fcntl$setown(r1, 0x8, r4) fcntl$setsig(r1, 0xa, 0x12) r5 = dup2(r1, r2) kcmp$KCMP_EPOLL_TFD(r0, r0, 0x7, r5, &(0x7f0000000080)={r3, r5, 0x7}) tkill(r0, 0x16) exit(0x0) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000040)={&(0x7f0000fff000/0x1000)=nil, 0x1000}) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) close(r3) 2018/06/01 03:16:17 executing program 7: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x2000, 0x0) write$binfmt_aout(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="070101033401000070010000020000005302000068470000000000000000000002f97ed21840a5544bab83e73a06080e9081217bb0a4b05b40b77508652a36227512f2a8d5e5e972272716803d95fd7c6dc93b25d2a8506ab8c6d9c18d9795a65f8e55b464fe47a6d06f3b694095534d5f8ac00c3be1ab70df774c4632c92871ecf17849b9a209199e7b66da6ea9051160879bbc56b10bc5e9c1f94dec4decf5f7ff69ab688090ec86340697e528cbde5d4524dfa8f482bb3297191350acf24aba149607074ed7ed5f41352e4f09eb87bde0ce61896807efe4ad77be80c57b3a5ec20e2f942fe39e37c11eff7321138268f0f254f3f6f63550953539ede1c730de0271b770d554bd0cf4e42e7c89093c13610d978eb4289ca99c935f106c7199ba8d3c4f8340074dc9200dcb1de66d0bd571dd75e8873c4e7fe98acc0fceb18c207073117c9527c46c261a228e356557d1a28ab5d2d64691578c42571edcda7c2626bf1a4a8b578d18f1d220b148e53e3c651ba1589bdb1d733c63f661fe92b966d83832c556b577249df91659f2da767b1e4b4788d076af1c6c9c69f0550e9207d89201a4536bc5b4456cd1290846164db5febd6dad84bd52eef6ba3dbc74a6f699f656500b4c2c00b0c253509dfbb720df88c32c9d334bf648b333f4904011f718959979fad7bfcb51397432d97a1dc5436efa8b7370e5171ff77121a41ecfb2d52a449cb200a14902db87567f3cd327a32cf0441684387768980be9ff5860ae1a7af30ca01990b0bb7cece8d8fee1c0a086a196ea0cc45ca3c888b0f88984ed39b3586065ec4971e3ea0f1ed9e39f89e0114efd7706f488e0770d3924f9d9e329396ef583155086e2254a2f6943689b82ca0c25943930867732e66cc8bce738ba3833e1fdef26c9f6239efd6a0d233a8754e9d675b1f52e99a55e40901550886ec6212c72429ed732ecd9feeed27b5b42fd65aaf4bd248b8e07fa69beafa5a5a26a62bcb453552d8d57374f900ad431b6a53138fc7c2ba44df6f41d780fe8a99928416536b7d1c75c2222ddf9a2a19992d4eb4a84bfc081c49e25c21ece711d2fefd77a1b60f61a1db7dd99ec827b14d6b5d3391f6d333962162b3349caf7e7bdab333f1b03e379ad97e715d48615407d7b045b138ffd3e2779fcb164125ca3cfd01ad07a8844857ba23baac47af274df8da74e579a3cdfa61cd7f1e60ac2a1fb988224513412e86c0ff39743610d3af1c1c8221d1fbeec194236b7a003fdf6d8d14e4d2ce1035193434fcdd9d39259152f20bb1e4c6e1053c3336daef62d93ad99d17ffd3a1d1c49bc3493a5e7e7f2122499f77203992b1a8a0bb6d86af9a21b5d48f00182d6155eafb8424efdec0bc043c2fd97d2c7929084b936e24a70ad6ae96a87ed73a0c99d6350e7f8ee8b06f5e0b111dce6d33d63c51377eb8ba9792b94793fb6497406ed96c82e08351c271bec5c84ffd9b2e510d8f49a0e9379140a2c05df854c6de3fbb666c92f01ebd76f80d7d07267f92b2de08b7855e57e2dd516f4ff32d25a4e779cacd62c82d8a012c95b8e415fa0637decc3dfc8932cc89f242a594ff9e43eba2e73572eb93266ceebdd98a889ac7b8178f8f2efa41027b5e4cd683badd07968062a0eb581c49e7c7968385af03ea6191cf347565ec1cb0c6e8f85a767bd52fa63e10d504e800ea5fc964885f2c3fe9357f5598d7ecb102b801a1c0cc2897b5064b975f941057b6c2882dc2a31084d47441b81fe3635a643f425bfedbe9bbeb62f8123430585f80154bfe039e3a2396efca3e1fd4877facd160d23547abd062a3dc4014967e7ec77903e6efddad5020de8ff86deaedabf917da911d85507403c482885a4e2c42fba3c65025bb1f0badaf0d3dfd818aa84ffb1e60e88432f554e50bd841af77e1002c16179bff3541fed9c5fcba59ea0078fe94477ee3879bd1b5a85af6243a7027d735d4ac682324655e662bc2125a1ef11012af99b8b035912698dcd7905e48ea3b93fe0f738ebf8f365b88f211225936f964ae2c19e76b94954c6b7c249d3a059b3bce620e346646ed254c71813ef7ba72720e87d98db300e87ee39ba9ab9bcd1f3a3373ccaafa3be871c5978f737de4dbb76afbe2e829c909712f555908f4bd563af430c5cceee81e99c301a71983392d2d3bd1b57ffecf5a38f48c8e43a891f660d8027eea5d89035f39d6b42090349c0813ff0d3ef33b1c62a4d84cab99b02537b40e3a0e797c5f57e0ad014902e1825c45275fb7a8e1d2bd8ccce641e9f64b1c3c2f45b81921b61c8a80fc471aaa47c0017c233f941b5b5cb6700c1c5bbf4eb6e4451a11d8a9610f59342db58b22f8352e39734662efcbcb091bd0cfc1170e9d29c6195b7313a9de1e3b3f733baa497b972b3528762949f3be411f9b2375dcb258c426102f4a50d348e4bef1172c5830d0bdf04220192e12982814a79be6785bfc87129135ca8067adeddcbc16ea09f5bdfe50c4317a9e896d1da3d96b358b5f3d0a0fcd59bb884de6953165c9cb965e957abc9aec95262f6ed7e9a7f3d2f281a59afdf559343ebfc1cc794f5660a39831943b06af63c49aaedde71be752bcc9cac71f8213778cd482984ba70fd8f271368ff7e5e9dc74619c210550d9182d805fe351835e98ac10cd514455eecb572d5173db262abcfe0631110f7b0e83be2eafdf29835072ab43ca916db8056399dfd479958e25ad2be959976070b12ef9485ae9487ef401ed09b89a96890fcc256f85ae090eb0581f721fcdb3208367c06117865077174fff36ae182b1004121a24314c5bb1f1e4e2bbd96d1f3f18ee622ced48e124b78e8f49e4ba822398bbf917e5b54758325c536d4f4e3c2596428e07f5318d005367c6177b7e4ffd1064aa398b56f16b61ff07e3ca0b227b7b550764c0a3af22d1c9ba62a0f006e1627654f1197f18a0f631b3124b7b78050c65aad70c0e4f254287e58a323e516500b30a17b5bdbf395b2ce8ac29dba130646603f6b1fc4cd6ddf8763773333a9899f635696215535042b8c1a0ad4b94ecf7d53c3f2fc06e38af2e0c37dce5419fafaa8bc22dbd1e1cbe7ce5402c074d07783aab5dee0e780f0a75051c965ae06362437b4e6fba90e160d6cf79c6aedc807f5ad8518ecb66123066749a031c04cdcacb27c1dd3ab5f492629ca5b6ba2476df52d8fe694b6e246b52e44bf00712aa5211239066508f440473498865b58a433aa75922ee0f10ba6bdc3a71a87eb177cfefce15232a59f3399d6b84689b196372fd16f2fda16720b5b2c250c888fc3997c395d812c0e5df4c0fec529ab597a2c7dac251883c105e6b86a9510028278eff166b68c55cd2709fd11142a7e617bcaa8c124721c58b08f4d37acf316b316afbfab4a9617e97396bf427e51f6ceb2e7b8c87db04501abc947168837d168aeb5d9b7d6dc36ad71dac73c8bb05c40138e25c6456993d4f31943b4167e867be5cd06abbe1ddd5f451eb8ee6913d9bbbc98b9fc3db21c14def7a0ce78ccb0b04cb4bd68829d569f180cf3e7ca5bb0287134178f9d7a0f6be16773db66747247229ea7922ad780ed983d1873c4dd36077d3c95b698e79aedf8355f18cf2230c4e9a0f6006dec0e70dc1128b5e4a3f5b9f34df8040d59b83a1714328d4199c93bb1d758d11483f49536905a87e9bbde7b8152809f0731103e5ad5dcb49c10d1cd9306ec0f2a816cf8442bacef3e89f4c4dbdd17d2e509a526d25e865f89cb0e7e3281144b59d9e2330ecf80cb744da53d6accff35f754d109179032666c8d5164e5da4c08d915a2d0110ee4793b3fee52b9750f872796c02801995820e0ae9672901ebfc742a1448669a5e7ce76b3389a812b2e4516dee2aacc25a51b659d4682445bfb0f925e0751180a84bad94c86ff7fc908805b7fa4392a0aedb66499b0c9226bddd4b1794cf137c835c7de27e842bea6495c700bbe01de408d6a3c298c3d3da173499d9390a80305a156b53a0ff8cbde4e7b195aa26f93e379725516644195a0007522e10517833e3dfde9ac3c11a8a605e8b8a939d7dbebbf9e46e92d0821a364b9a56d3a057ea10a753af86875013d7b7e3d0b72789f01ee5309c5750b41d9daf92418af44596b343fa6127ca4b56153847b33f0543e6afca5d8fcdd69d7e6065db724632ffdd78ef78f17e6cc91628671215cd6a7b7c9797a8a3dc26741aadbc5147d63e832ffab6c4b5e0f113c38e0e43a5ff9f516b6dd94c18d674f4a41d779dc2dc855418c67246d5b6cf969fd2379c0d860b21b60200df2abb535b45980de5d912c1513f2477967c0dac3584832233e444d3f0a7a7c4c4565a2ce10c551087a4d6a0420962ef77e16e548d5f79eb0fbb9a76fa0a4d3192266ea5bad8947d1196ff9bb7c86ca44cd063ed576ad2f9ef0314de67ef719a3715bf45faf4f392fbf3997d215f45f837c7cf1aa45b659fca03f5a323addbada976abc5116f73ee86b4b7b4e8ac7b6d3f6fe7f695939dee753dd53c6588cf976d86f4e2e7c0e33670870c926e598f1e561b7775fbb57860d8fc862bd04da8c2b0860e579d37e71b1f38e551ad363b9b8047e029e44597cc1cfb9a43647b95e343859dc4293518439be1c9208c5968252e267cad11c4a77cfcead37dfe574f2d3b1bfc051d3b606fd8f62a871c1ffda5c4de0fd6faac4e0a8751eba2eaf6b122727fd326ae2181075c483cbb7e5f249f3007eff24f93f0b68e65cf83729c6b29495c5982aa4d106300f030bc079245ead66a8656925b50aa250bea924c6693d2ede7dd061415382e1173c2384afb4bef8cb5a9eb305f9aca93b7e3a7512a25f9bad08b92f4cb8fff69031e85d38dc336f14a7638830647357430eba0f31033a0ce95a3f140a5aaf00c958f4d6059689e2221480f6d582f6eb114247a512a53638cf8ec098031f102b7bcacde15f0e50c72471d6e6b74efcaebc6507f41bc1b6c27e7a8a43781e53a1da7efefea17cf80447b5fe91a4e6d5ff6daf71d073c13c5a4ec0d0a2b822a72ff331dc34b7746c82eb988b52b45a282759650a603b3a7a649a0f473f1a8689f526d907ed2d5ad85d85370f6fa3c2fd4ad4be78e26dc2860a8167ce4965d1b8e796aeb23ac490ea1ff002bf0227c74ac70970b526219a3151581cde1ac2a69467347cd3bc160de2a4efb84129aa7376c025657c2eff2c00045d6d29ae78560126f7a5835a0b419addb192518f26ea69fbb038a088010cf656d5fe03111278358dc73dc93795fb4807122830b6c239f8a032163f73cd1f3afb3d177430460fb1b625a8155c9a7128b2b4c039054f5c1cb16bd5fd08be1ae9e832e1c3edddf53768fa37b391bcd295adc1fde37e2d45568a9bf2d07495e37ba0d74ede6f37d5576964a79d11c61f8bf93e3037f755efe10f43a075e2d0125ed0260b1bb5ae80ddc3f4f37ee39cad8c99964858afcb0f4ea68b8e10b7627aa2c027fcbb6766c63e79f01468724b38ea94dca08694cd8e98aeb6649bdeb05492b82dc4d929b2e17726fbf77e31558b88dea34e0a86efab832829350aa121222342bae83b43f11c6120482000835d9122ee83bee883f0ddac20bed52fa24abcf5602d1b79febbf81aad60b95dff3b6728c71c1b864b70618fa0d22a2685e38a7109441a10dd559bef278c170556dbca7929f3b8ec355f1d27fff90cd5bb6eef85be4f53ace2533335e5f289fd8f956af452514c7a76b546e595f6de7e080011ee3e2c56cfff73044aec137d15e5f48cb9fd96c35f20b7dce8fc9f9d762bd15f23ab0a69ab01c4364ff05f0bc5e6b9b7c9adcdd4c880bca39c9f7ab671f96ddf25aaed000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1620) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000000080)) sendmsg$nl_generic(r1, &(0x7f00000000c0)={&(0x7f0000000480)={0x10, 0xbb7f}, 0xc, &(0x7f0000000100)={&(0x7f0000000000)={0x20, 0x28, 0x1, 0x0, 0x0, {0x4}, [@nested={0xc, 0x11, [@typed={0x8, 0x0, @fd}]}]}, 0x20}, 0x1}, 0xffffffffffffffff) 2018/06/01 03:16:17 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000003"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:17 executing program 1: clone(0x200, &(0x7f0000fbf000), &(0x7f0000744000), &(0x7f0000f8b000), &(0x7f0000804000)) mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000a7bfc8), &(0x7f00006fcff0)) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000001c0)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000280)="6e3c9563000000000000000000") ioctl$EVIOCSABS20(r1, 0x401845e0, &(0x7f0000000000)={0x2, 0x1, 0x1000, 0xfffffffffffffff7, 0x8, 0x1}) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000240)="1c", 0x1}], 0x1, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[&(0x7f0000000100)="6e3c956300", &(0x7f0000000180)='cgroup#GPL*\'%\x00', &(0x7f0000000200)='vmnet0GPL\x00', &(0x7f00000002c0)='security%\x00', &(0x7f0000000300)="6e3c956300", &(0x7f0000000380)="6e3c956300", &(0x7f00000003c0)="6e3c956300", &(0x7f0000000400)="6e3c956300", &(0x7f0000000440)='=eth0\x00', &(0x7f0000000500)='mime_typeposix_acl_accesssecurity\x00'], &(0x7f00000000c0)) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$EVIOCSABS20(r2, 0x401845e0, &(0x7f0000000080)={0x8001, 0x200, 0xcd9, 0x7d33, 0x401, 0xfff}) 2018/06/01 03:16:17 executing program 2 (fault-call:2 fault-nth:67): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:17 executing program 3: mkdir(&(0x7f00000018c0)='./file0\x00', 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x42b7, 0x200) ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000100)={0x3, 0x401}) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, &(0x7f0000000380)) mount(&(0x7f00000001c0)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f00000003c0)='\x00\x00\x00\x00\x00', 0x100000, &(0x7f00000002c0)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fanotify_mark(r0, 0x60, 0x10, r0, &(0x7f0000000200)='./file1\x00') mkdir(&(0x7f0000000380)='./file0/file0\x00', 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='proc\x00', 0x0, &(0x7f0000000200)) 2018/06/01 03:16:17 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x4}, 0x1c) shutdown(r0, 0x0) [ 1389.765495] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1389.765504] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1389.765512] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1389.765521] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1389.765529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1390.232419] QAT: Invalid ioctl [ 1390.671111] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1390.673800] FAULT_INJECTION: forcing a failure. [ 1390.673800] name failslab, interval 1, probability 0, space 0, times 0 [ 1390.689850] CPU: 0 PID: 23270 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1390.697226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1390.706688] Call Trace: [ 1390.709304] dump_stack+0x1b9/0x294 [ 1390.712956] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1390.718165] ? lock_repin_lock+0x410/0x410 [ 1390.722434] should_fail.cold.4+0xa/0x1a [ 1390.726522] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1390.731643] ? __sched_text_start+0x8/0x8 [ 1390.735801] ? kasan_kmalloc+0xc4/0xe0 [ 1390.739880] ? __kmalloc_node_track_caller+0x47/0x70 [ 1390.744994] ? __alloc_skb+0x14d/0x780 [ 1390.748891] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1390.754967] ? ip_make_skb+0x2be/0x350 [ 1390.758878] ? udp_sendmsg+0x24ec/0x35e0 [ 1390.763025] ? inet_sendmsg+0x19f/0x690 [ 1390.766999] ? sock_sendmsg+0xd5/0x120 [ 1390.770885] ? __sys_sendto+0x3d7/0x670 [ 1390.774850] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1390.779166] ? do_fast_syscall_32+0x345/0xf9b [ 1390.783661] ? find_held_lock+0x36/0x1c0 [ 1390.787733] ? check_same_owner+0x320/0x320 [ 1390.792058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1390.797593] ? rcu_note_context_switch+0x710/0x710 [ 1390.802523] __should_failslab+0x124/0x180 [ 1390.806755] should_failslab+0x9/0x14 [ 1390.817244] kmem_cache_alloc_node+0x272/0x780 [ 1390.821835] __alloc_skb+0x111/0x780 [ 1390.825548] ? skb_scrub_packet+0x580/0x580 [ 1390.829879] ? dst_init+0x459/0x600 [ 1390.833504] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1390.839038] ? ip_generic_getfrag+0x11c/0x2d0 [ 1390.843537] ? ip_reply_glue_bits+0xc0/0xc0 [ 1390.847856] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1390.852864] ? skb_put+0x17b/0x1e0 [ 1390.856399] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1390.861411] ? ip_reply_glue_bits+0xc0/0xc0 [ 1390.865751] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1390.871550] ? xfrm_policy_lookup+0x70/0x70 [ 1390.875865] ? ipv4_mtu+0x375/0x580 [ 1390.879484] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1390.884923] ? find_held_lock+0x36/0x1c0 [ 1390.888990] ? ip_setup_cork+0x44d/0x6d0 [ 1390.893047] ip_make_skb+0x2be/0x350 [ 1390.896753] ? ip_reply_glue_bits+0xc0/0xc0 [ 1390.901066] ? ip_flush_pending_frames+0x30/0x30 [ 1390.905830] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1390.911367] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1390.916904] ? xfrm_lookup_route+0x64/0x1f0 [ 1390.921750] udp_sendmsg+0x24ec/0x35e0 [ 1390.925636] ? ip_reply_glue_bits+0xc0/0xc0 [ 1390.929957] ? udp4_lib_lookup2+0x340/0x340 [ 1390.934272] ? graph_lock+0x170/0x170 [ 1390.938765] ? expand_files.part.8+0x9a0/0x9a0 [ 1390.943335] ? check_same_owner+0x320/0x320 [ 1390.947666] ? lock_downgrade+0x8e0/0x8e0 [ 1390.951808] ? lock_release+0xa10/0xa10 [ 1390.955782] ? check_same_owner+0x320/0x320 [ 1390.960106] ? __check_object_size+0x95/0x5d9 [ 1390.964598] inet_sendmsg+0x19f/0x690 [ 1390.968405] ? __might_sleep+0x95/0x190 [ 1390.972389] ? ipip_gro_receive+0x100/0x100 [ 1390.976708] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1390.982248] ? security_socket_sendmsg+0x94/0xc0 [ 1390.987001] ? ipip_gro_receive+0x100/0x100 [ 1390.991326] sock_sendmsg+0xd5/0x120 [ 1390.995046] __sys_sendto+0x3d7/0x670 [ 1390.998844] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1391.003515] ? wait_for_completion+0x870/0x870 [ 1391.008099] ? __lock_is_held+0xb5/0x140 [ 1391.012173] ? __sb_end_write+0xac/0xe0 [ 1391.016148] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1391.021687] ? fput+0x130/0x1a0 [ 1391.024962] ? ksys_write+0x1a6/0x250 [ 1391.028757] ? __do_page_fault+0x441/0xe40 [ 1391.032986] ? __ia32_sys_read+0xb0/0xb0 [ 1391.037054] __ia32_sys_sendto+0xdf/0x1a0 [ 1391.041463] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1391.046480] do_fast_syscall_32+0x345/0xf9b [ 1391.050796] ? do_int80_syscall_32+0x880/0x880 [ 1391.055381] ? _raw_spin_unlock_irq+0x27/0x70 [ 1391.059961] ? finish_task_switch+0x1ca/0x840 [ 1391.064453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1391.069984] ? syscall_return_slowpath+0x30f/0x5c0 [ 1391.075615] ? sysret32_from_system_call+0x5/0x46 [ 1391.080461] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1391.085317] entry_SYSENTER_compat+0x70/0x7f [ 1391.089718] RIP: 0023:0xf7f63cb9 [ 1391.093081] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1391.100792] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1391.108064] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1391.115336] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:17 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:17 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'tunl0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x321, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r1}, [@IFA_FLAGS={0x8, 0x8, 0x160}, @IFA_ADDRESS={0x14, 0x1, @mcast1={0xff, 0x1, [], 0x1}}]}, 0x34}, 0x1}, 0x0) 2018/06/01 03:16:17 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1391.122606] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1391.129879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:17 executing program 2 (fault-call:2 fault-nth:68): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1391.237209] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1391.274375] FAULT_INJECTION: forcing a failure. [ 1391.274375] name failslab, interval 1, probability 0, space 0, times 0 [ 1391.285772] CPU: 0 PID: 23294 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1391.293157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1391.302619] Call Trace: [ 1391.305246] dump_stack+0x1b9/0x294 [ 1391.308899] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1391.314128] ? perf_trace_lock_acquire+0xe3/0x980 [ 1391.319002] ? kernel_text_address+0x79/0xf0 [ 1391.323441] ? __unwind_start+0x166/0x330 [ 1391.327640] should_fail.cold.4+0xa/0x1a [ 1391.331735] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1391.336869] ? save_stack+0xa9/0xd0 [ 1391.340516] ? save_stack+0x43/0xd0 [ 1391.344173] ? kasan_slab_alloc+0x12/0x20 [ 1391.348443] ? find_held_lock+0x36/0x1c0 [ 1391.352548] ? check_same_owner+0x320/0x320 [ 1391.356896] ? rcu_note_context_switch+0x710/0x710 [ 1391.361853] __should_failslab+0x124/0x180 [ 1391.366114] should_failslab+0x9/0x14 [ 1391.369944] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1391.375089] __kmalloc_node_track_caller+0x33/0x70 [ 1391.380049] __kmalloc_reserve.isra.38+0x3a/0xe0 2018/06/01 03:16:17 executing program 7: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)={0x20000, 0x2}) ioctl$SG_IO(r0, 0x80046d03, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, &(0x7f00000000c0)}, &(0x7f0000000380), &(0x7f0000000400)=""/140, 0x0, 0x0, 0x0, &(0x7f00000004c0)}) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x2800, 0x0) ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x74, 0x38966520, 0x80000000, 0x10001}) 2018/06/01 03:16:17 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1391.384836] __alloc_skb+0x14d/0x780 [ 1391.388582] ? skb_scrub_packet+0x580/0x580 [ 1391.392934] ? dst_init+0x459/0x600 [ 1391.396584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1391.402140] ? ip_generic_getfrag+0x11c/0x2d0 [ 1391.406658] ? ip_reply_glue_bits+0xc0/0xc0 [ 1391.411003] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1391.416043] ? skb_put+0x17b/0x1e0 [ 1391.419610] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1391.424659] ? ip_reply_glue_bits+0xc0/0xc0 [ 1391.429015] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 2018/06/01 03:16:18 executing program 7: futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x404, &(0x7f0000564000)={0x77359400}, &(0x7f0000048000), 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x4000, 0x10) setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000100)={0x8001, 0x0, 0xffffffff00000001, 0x4}, 0x6) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000180), &(0x7f0000000080)=0x1dd) [ 1391.434843] ? xfrm_policy_lookup+0x70/0x70 [ 1391.439197] ? ipv4_mtu+0x375/0x580 [ 1391.442855] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1391.448344] ? find_held_lock+0x36/0x1c0 [ 1391.452444] ? ip_setup_cork+0x44d/0x6d0 [ 1391.456525] ip_make_skb+0x2be/0x350 [ 1391.460252] ? ip_reply_glue_bits+0xc0/0xc0 [ 1391.464583] ? ip_flush_pending_frames+0x30/0x30 [ 1391.469345] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1391.474891] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1391.480417] ? xfrm_lookup_route+0x64/0x1f0 [ 1391.484742] udp_sendmsg+0x24ec/0x35e0 [ 1391.488624] ? ip_reply_glue_bits+0xc0/0xc0 [ 1391.492941] ? udp4_lib_lookup2+0x340/0x340 [ 1391.497255] ? graph_lock+0x170/0x170 [ 1391.501055] ? expand_files.part.8+0x9a0/0x9a0 [ 1391.505644] ? lock_downgrade+0x8e0/0x8e0 [ 1391.509786] ? lock_release+0xa10/0xa10 [ 1391.513753] ? __check_object_size+0x95/0x5d9 [ 1391.518239] inet_sendmsg+0x19f/0x690 [ 1391.522036] ? __might_sleep+0x95/0x190 [ 1391.525999] ? ipip_gro_receive+0x100/0x100 [ 1391.530495] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1391.536030] ? security_socket_sendmsg+0x94/0xc0 [ 1391.540798] ? ipip_gro_receive+0x100/0x100 [ 1391.545136] sock_sendmsg+0xd5/0x120 [ 1391.548848] __sys_sendto+0x3d7/0x670 [ 1391.552644] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1391.557313] ? wait_for_completion+0x870/0x870 [ 1391.561891] ? __lock_is_held+0xb5/0x140 [ 1391.565954] ? __sb_end_write+0xac/0xe0 [ 1391.569924] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1391.575451] ? fput+0x130/0x1a0 [ 1391.578728] ? ksys_write+0x1a6/0x250 [ 1391.582518] ? __do_page_fault+0x441/0xe40 [ 1391.586745] ? __ia32_sys_read+0xb0/0xb0 [ 1391.590804] __ia32_sys_sendto+0xdf/0x1a0 [ 1391.594940] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1391.599950] do_fast_syscall_32+0x345/0xf9b [ 1391.604271] ? do_int80_syscall_32+0x880/0x880 [ 1391.608845] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1391.613687] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1391.619228] ? syscall_return_slowpath+0x30f/0x5c0 [ 1391.624155] ? sysret32_from_system_call+0x5/0x46 [ 1391.629023] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1391.633866] entry_SYSENTER_compat+0x70/0x7f [ 1391.638266] RIP: 0023:0xf7f63cb9 [ 1391.641614] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1391.650552] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1391.657821] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1391.665438] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1391.672716] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1391.680060] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:18 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:18 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x494f9fb1}, 0x1c) shutdown(r0, 0x0) [ 1391.697753] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:18 executing program 6: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x0) write$fuse(r0, &(0x7f0000000180)={0x50, 0x1, 0x3, @fuse_init_out={0x7, 0x1a, 0x2, 0x2, 0x31, 0x2, 0x8, 0xac}}, 0x50) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0xa, 0x0, 0x7, 0x2}, 0x10}, 0x1}, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000080)) ioctl$KVM_SMI(r2, 0xaeb7) 2018/06/01 03:16:18 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x4002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0) ioctl$HDIO_GETGEO(r0, 0x301, &(0x7f0000000100)) sendfile(r0, r0, &(0x7f00000000c0), 0x400) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x80, 0x0) preadv(r1, &(0x7f0000000200)=[{&(0x7f0000000140)=""/107, 0x6b}, {}, {&(0x7f00000001c0)=""/12, 0xc}], 0x3, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000080)=0x7) 2018/06/01 03:16:18 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000039000)=0x8, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000000)={@random="cd390b081bf2", @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "02290f", 0x38, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@dest_unreach={0x2, 0x0, 0x0, 0x0, [], {0x0, 0x6, "d5cae2", 0x0, 0x3a, 0x0, @empty, @mcast2={0xff, 0x2, [], 0x1}, [], "f601929f106531aa"}}}}}}}, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x8000, 0x0) ioctl$VT_ACTIVATE(r1, 0x5606, 0x8) 2018/06/01 03:16:18 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:18 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000000000003f"], 0x60}, 0x1}, 0x0) [ 1391.886541] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:19 executing program 2 (fault-call:2 fault-nth:69): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:19 executing program 7: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xb8, r1, 0x420, 0x70bd28, 0x25dfdbfc, {0x7}, [@IPVS_CMD_ATTR_DAEMON={0x40, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6tnl0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3f}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x84}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0x10000}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2e}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x4) mprotect(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xa) ioctl$TCGETA(r0, 0x8004552d, &(0x7f0000000180)) 2018/06/01 03:16:19 executing program 1: sync_file_range(0xffffffffffffffff, 0x0, 0xfffffffffffffff8, 0x0) eventfd2(0x100, 0x800) 2018/06/01 03:16:19 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:19 executing program 6: perf_event_open(&(0x7f0000000040)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffff9c, 0xddf211c8b924caee) r0 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x7ff, 0x8000) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, &(0x7f0000000140)) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000180), &(0x7f00000001c0)=0x4) 2018/06/01 03:16:19 executing program 3: connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) io_setup(0x101, &(0x7f00000000c0)=0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x3b, &(0x7f00000001c0)=@srh={0x0, 0x0, 0x4}, 0x8) io_submit(r0, 0x1, &(0x7f0000356ff0)=[&(0x7f0000928fc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000001ec0)="5ba81c8b", 0x4}]) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80000, 0x0) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x100, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000140)={r2}) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x640003, 0x0) getsockopt$inet_tcp_buf(r3, 0x6, 0x0, &(0x7f0000000240)=""/222, &(0x7f0000000040)=0xde) 2018/06/01 03:16:19 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x6000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:19 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1392.737866] FAULT_INJECTION: forcing a failure. [ 1392.737866] name failslab, interval 1, probability 0, space 0, times 0 [ 1392.749213] CPU: 0 PID: 23360 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1392.756590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1392.765957] Call Trace: [ 1392.768561] dump_stack+0x1b9/0x294 [ 1392.772224] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1392.776511] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1392.777428] ? unwind_get_return_address+0x61/0xa0 [ 1392.777445] ? __save_stack_trace+0x7e/0xd0 [ 1392.777464] should_fail.cold.4+0xa/0x1a [ 1392.798415] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1392.803546] ? save_stack+0xa9/0xd0 [ 1392.807194] ? save_stack+0x43/0xd0 [ 1392.810837] ? kasan_kmalloc+0xc4/0xe0 [ 1392.814739] ? __kmalloc_node_track_caller+0x47/0x70 [ 1392.819858] ? __alloc_skb+0x14d/0x780 [ 1392.823780] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1392.823795] ? ip_make_skb+0x2be/0x350 2018/06/01 03:16:19 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:19 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x140, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaa827076750b666d5c770385f24baa1180c200004788d3c047cacd800a0ebc2c610008004500"], &(0x7f0000000000)) openat$md(0xffffffffffffff9c, &(0x7f0000000240)='/dev/md0\x00', 0x200, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f00000001c0)={0x1, 0x9a}) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000200)=0x800, 0x4) ioctl$VHOST_SET_VRING_CALL(r0, 0xc008af12, &(0x7f0000000080)) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0xffffffffffffffff, 0x7, 0x1, 0xeef52d0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000100)=0x800, 0x4) 2018/06/01 03:16:19 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e53fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000007fe0)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000cd8ff4)) epoll_wait(r2, &(0x7f0000000000)=[{}], 0x1, 0x100) epoll_wait(r2, &(0x7f00000000c0)=[{}], 0x1, 0x0) ioctl$UFFDIO_UNREGISTER(r0, 0xc020aa04, &(0x7f0000007ffc)={&(0x7f0000000000/0x2000)=nil, 0x2000}) 2018/06/01 03:16:19 executing program 7: rt_sigsuspend(&(0x7f0000000040)={0x1}, 0x8) clone(0x88100100, &(0x7f0000000100), &(0x7f0000001ffc), &(0x7f0000000080), &(0x7f00000001c0)) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7a, 0x11b802) openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x0, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x2140, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000000100)) [ 1392.823811] ? udp_sendmsg+0x24ec/0x35e0 [ 1392.823823] ? inet_sendmsg+0x19f/0x690 [ 1392.823841] ? sock_sendmsg+0xd5/0x120 [ 1392.823854] ? __sys_sendto+0x3d7/0x670 [ 1392.823868] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1392.823883] ? do_fast_syscall_32+0x345/0xf9b [ 1392.823901] ? find_held_lock+0x36/0x1c0 [ 1392.823934] ? check_same_owner+0x320/0x320 [ 1392.823952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1392.823969] ? rcu_note_context_switch+0x710/0x710 [ 1392.823987] __should_failslab+0x124/0x180 [ 1392.824004] should_failslab+0x9/0x14 [ 1392.824020] kmem_cache_alloc_node+0x272/0x780 [ 1392.824044] __alloc_skb+0x111/0x780 [ 1392.824068] ? skb_scrub_packet+0x580/0x580 [ 1392.824088] ? dst_init+0x459/0x600 [ 1392.824107] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1392.824127] ? ip_generic_getfrag+0x11c/0x2d0 [ 1392.912930] ? ip_reply_glue_bits+0xc0/0xc0 [ 1392.912953] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1392.917988] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1392.922324] ? skb_put+0x17b/0x1e0 [ 1392.922344] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1392.922365] ? ip_reply_glue_bits+0xc0/0xc0 [ 1392.922390] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1392.922407] ? xfrm_policy_lookup+0x70/0x70 [ 1392.922424] ? ipv4_mtu+0x375/0x580 [ 1392.922439] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1392.922456] ? find_held_lock+0x36/0x1c0 [ 1392.967113] ? ip_setup_cork+0x44d/0x6d0 [ 1392.971175] ip_make_skb+0x2be/0x350 [ 1392.975239] ? ip_reply_glue_bits+0xc0/0xc0 [ 1392.979556] ? ip_flush_pending_frames+0x30/0x30 [ 1392.984318] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1392.989853] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1392.995385] ? xfrm_lookup_route+0x64/0x1f0 [ 1392.999796] udp_sendmsg+0x24ec/0x35e0 [ 1393.003679] ? ip_reply_glue_bits+0xc0/0xc0 [ 1393.007998] ? udp4_lib_lookup2+0x340/0x340 [ 1393.012316] ? graph_lock+0x170/0x170 [ 1393.016132] ? expand_files.part.8+0x9a0/0x9a0 [ 1393.020711] ? check_same_owner+0x320/0x320 [ 1393.025064] ? lock_downgrade+0x8e0/0x8e0 [ 1393.029201] ? lock_release+0xa10/0xa10 [ 1393.033433] ? check_same_owner+0x320/0x320 [ 1393.037744] ? __check_object_size+0x95/0x5d9 [ 1393.042231] inet_sendmsg+0x19f/0x690 [ 1393.046024] ? __might_sleep+0x95/0x190 [ 1393.049995] ? ipip_gro_receive+0x100/0x100 [ 1393.054317] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1393.059849] ? security_socket_sendmsg+0x94/0xc0 [ 1393.064596] ? ipip_gro_receive+0x100/0x100 [ 1393.068913] sock_sendmsg+0xd5/0x120 [ 1393.072619] __sys_sendto+0x3d7/0x670 [ 1393.076413] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1393.081091] ? wait_for_completion+0x870/0x870 [ 1393.085669] ? __lock_is_held+0xb5/0x140 [ 1393.089733] ? __sb_end_write+0xac/0xe0 [ 1393.093703] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1393.099232] ? fput+0x130/0x1a0 [ 1393.102512] ? ksys_write+0x1a6/0x250 [ 1393.106302] ? __do_page_fault+0x441/0xe40 [ 1393.110529] ? __ia32_sys_read+0xb0/0xb0 [ 1393.115029] __ia32_sys_sendto+0xdf/0x1a0 [ 1393.119174] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1393.124188] do_fast_syscall_32+0x345/0xf9b [ 1393.128501] ? do_int80_syscall_32+0x880/0x880 [ 1393.133069] ? _raw_spin_unlock_irq+0x27/0x70 [ 1393.137556] ? finish_task_switch+0x1ca/0x840 [ 1393.142054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1393.147583] ? syscall_return_slowpath+0x30f/0x5c0 [ 1393.152512] ? sysret32_from_system_call+0x5/0x46 [ 1393.157352] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1393.162193] entry_SYSENTER_compat+0x70/0x7f [ 1393.166602] RIP: 0023:0xf7f63cb9 [ 1393.169961] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1393.177672] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd 2018/06/01 03:16:19 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1393.184933] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1393.192205] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1393.199479] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1393.206742] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:20 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200001, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e20, 0x1, @ipv4={[], [0xff, 0xff], @rand_addr=0x9}, 0x7}}, 0x41100000, 0x400}, &(0x7f0000000140)=0x88) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000180)={r3, @in={{0x2, 0x4e21, @loopback=0x7f000001}}, 0x8, 0xffff, 0x7, 0x3, 0x80}, 0x98) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000007000)={0x4, 0x0, &(0x7f0000005fd4)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000002000)}) 2018/06/01 03:16:20 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r2}) ioctl$EVIOCGBITSW(r1, 0x80404525, &(0x7f00000001c0)=""/165) poll(&(0x7f0000000000)=[{r2}], 0x1, 0x80000001) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f00000000c0)=""/173) write$eventfd(r2, &(0x7f0000000040), 0x8) 2018/06/01 03:16:20 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000007f52"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:20 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:20 executing program 2 (fault-call:2 fault-nth:70): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:20 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xa00}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:20 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0xc2c45512, &(0x7f0000000080)={0x3, 0x0, 0x0, 0x0, "1059493481b639195a8a2dd9ee3ff7e9c50e58fe75430138d7f00cfe322bea8af5c4de2e32bb0a6e99f963f4"}) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040)) 2018/06/01 03:16:20 executing program 1: r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80800) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="d0000000aa5a64d30510da935c3a6d4e43c95600500fbd1d46eb4b2f716feb205c312b22c03cdbcb9ee5e0dea045be45431b3caafff3fdfd4454784c03633d51c0d94c6e477fbd25bda3e085134f018d567cfc589fad455d06d223dba4339ca60c25efa25e6bb3e498b134ff0a425d82addacd3cae8a7abdc939c112ae597bbb80b610343a385bf7ec7adefad6be2abee74d7d2b4f0496b9d4c09b3684a85529a5463f5651943592217e4815828985ae7d71e901d46d7c3bda0baf43ced81c5eba41e5643fa739903c05d4af824bca1daf51014787b5b9ad76d8746198b30b9d175ac06ca1256a8eda0dca47c14ceea1b573848f9a73c16d48d2a4a57249dedc757b15d207000000cdf59ca43e9ae688060fd0dee8cf8ab58cf0194b3eb6d92cf9c50b92e3916fabc2276fab02a9316cdfa356a339de91131cc41e62a93dec341931faeeafd281babea4774097afccbb61d8216cde6589246ef429116d3b3c6f6e4c5b5ddc7d65952936d9cecbe01db7e97154682ef4a138756ccdcf"], &(0x7f0000000080)=0xd8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r1, 0x3, 0x8}, &(0x7f0000000140)=0xc) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)=@ipv6_deladdr={0x34, 0x15, 0x1, 0x0, 0x0, {0xa}, [@IFA_FLAGS={0x8, 0x8}, @IFA_LOCAL={0x14, 0x2, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}}]}, 0x34}, 0x1}, 0x0) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer\x00', 0x2000, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000340)={0x88, 0x0, &(0x7f0000000500)=[@register_looper={0x630b}, @exit_looper={0x630d}, @request_death={0x400c630e, 0x2, 0x3}, @request_death={0x400c630e, 0x3}, @exit_looper={0x630d}, @acquire={0x40046305, 0x3}, @transaction_sg={0x40486311, {{0x3, 0x0, 0x1, 0x0, 0x10, 0x0, 0x0, 0x40, 0x18, &(0x7f0000000280)=[@fd={0x66642a85, 0x0, r2, 0x0, 0x4}, @ptr={0x70742a85, 0x0, &(0x7f0000000240), 0x1, 0x0, 0x34}], &(0x7f00000002c0)=[0x0, 0x30, 0x68]}, 0x7f}}, @release={0x40046306, 0x1}], 0x7, 0x0, &(0x7f0000000300)="2e68be9782109f"}) [ 1394.056615] FAULT_INJECTION: forcing a failure. [ 1394.056615] name failslab, interval 1, probability 0, space 0, times 0 [ 1394.067923] CPU: 0 PID: 23401 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1394.075383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1394.084744] Call Trace: [ 1394.087336] dump_stack+0x1b9/0x294 [ 1394.090961] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1394.096139] ? unwind_get_return_address+0x61/0xa0 [ 1394.101061] ? __save_stack_trace+0x7e/0xd0 [ 1394.105378] should_fail.cold.4+0xa/0x1a [ 1394.109427] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1394.114522] ? save_stack+0xa9/0xd0 [ 1394.118138] ? save_stack+0x43/0xd0 [ 1394.121754] ? kasan_kmalloc+0xc4/0xe0 [ 1394.125624] ? __kmalloc_node_track_caller+0x47/0x70 [ 1394.130720] ? __alloc_skb+0x14d/0x780 [ 1394.134596] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1394.139778] ? ip_make_skb+0x2be/0x350 [ 1394.143649] ? udp_sendmsg+0x24ec/0x35e0 [ 1394.147711] ? inet_sendmsg+0x19f/0x690 [ 1394.151676] ? sock_sendmsg+0xd5/0x120 [ 1394.155555] ? __sys_sendto+0x3d7/0x670 [ 1394.159511] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1394.163819] ? do_fast_syscall_32+0x345/0xf9b [ 1394.168303] ? find_held_lock+0x36/0x1c0 [ 1394.172363] ? check_same_owner+0x320/0x320 [ 1394.176673] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1394.182196] ? rcu_note_context_switch+0x710/0x710 [ 1394.187124] __should_failslab+0x124/0x180 [ 1394.191350] should_failslab+0x9/0x14 [ 1394.195139] kmem_cache_alloc_node+0x272/0x780 [ 1394.199713] __alloc_skb+0x111/0x780 [ 1394.203415] ? skb_scrub_packet+0x580/0x580 [ 1394.207728] ? dst_init+0x459/0x600 [ 1394.211347] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1394.216869] ? ip_generic_getfrag+0x11c/0x2d0 [ 1394.221350] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.225657] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1394.230670] ? skb_put+0x17b/0x1e0 [ 1394.234199] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1394.239211] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.243523] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1394.249305] ? xfrm_policy_lookup+0x70/0x70 [ 1394.253616] ? ipv4_mtu+0x375/0x580 [ 1394.257228] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1394.262673] ? find_held_lock+0x36/0x1c0 [ 1394.266730] ? ip_setup_cork+0x44d/0x6d0 [ 1394.270778] ip_make_skb+0x2be/0x350 [ 1394.274488] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.278796] ? ip_flush_pending_frames+0x30/0x30 [ 1394.283538] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1394.289068] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1394.294868] ? xfrm_lookup_route+0x64/0x1f0 [ 1394.299179] udp_sendmsg+0x24ec/0x35e0 [ 1394.303071] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.307558] ? udp4_lib_lookup2+0x340/0x340 [ 1394.311865] ? graph_lock+0x170/0x170 [ 1394.315656] ? expand_files.part.8+0x9a0/0x9a0 [ 1394.320233] ? check_same_owner+0x320/0x320 [ 1394.324551] ? lock_downgrade+0x8e0/0x8e0 [ 1394.328687] ? lock_release+0xa10/0xa10 [ 1394.332644] ? check_same_owner+0x320/0x320 [ 1394.336956] ? __check_object_size+0x95/0x5d9 [ 1394.341443] inet_sendmsg+0x19f/0x690 [ 1394.345233] ? __might_sleep+0x95/0x190 [ 1394.349195] ? ipip_gro_receive+0x100/0x100 [ 1394.353507] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1394.359037] ? security_socket_sendmsg+0x94/0xc0 [ 1394.363776] ? ipip_gro_receive+0x100/0x100 [ 1394.368087] sock_sendmsg+0xd5/0x120 [ 1394.371786] __sys_sendto+0x3d7/0x670 [ 1394.375574] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1394.380232] ? wait_for_completion+0x870/0x870 [ 1394.384804] ? __lock_is_held+0xb5/0x140 [ 1394.388860] ? __sb_end_write+0xac/0xe0 [ 1394.392824] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1394.398341] ? fput+0x130/0x1a0 [ 1394.401605] ? ksys_write+0x1a6/0x250 [ 1394.405401] ? __ia32_sys_read+0xb0/0xb0 [ 1394.409455] __ia32_sys_sendto+0xdf/0x1a0 [ 1394.413587] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1394.418590] do_fast_syscall_32+0x345/0xf9b [ 1394.422898] ? do_int80_syscall_32+0x880/0x880 [ 1394.427727] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1394.432556] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1394.438085] ? syscall_return_slowpath+0x30f/0x5c0 [ 1394.443004] ? sysret32_from_system_call+0x5/0x46 [ 1394.447841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1394.452671] entry_SYSENTER_compat+0x70/0x7f [ 1394.457062] RIP: 0023:0xf7f63cb9 [ 1394.460409] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1394.468538] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1394.475791] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1394.483043] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1394.490297] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1394.497548] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1394.510965] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:21 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:21 executing program 1: socketpair(0x3, 0x80003, 0x81, &(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x101002, 0x0) preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/62, 0x3e}], 0x1, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000b94000)=""/246) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000e9f000)=0x600210) pwritev(r0, &(0x7f0000000040), 0x19d, 0x0) 2018/06/01 03:16:21 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:21 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000540)='/dev/usbmon#\x00', 0x3, 0x80) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000580)=0x8001, &(0x7f00000005c0)=0xfdef) syz_emit_ethernet(0x2a, &(0x7f00003f3fd5)={@random="79a65c3e6282", @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @multicast1=0xe0000001}, @udp={0x0, 0x0, 0x8}}}}}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r0, 0x4) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000000)={0x3, 0x4}) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) [ 1394.583142] binder_alloc: binder_alloc_mmap_handler: 23402 20001000-20004000 already mapped failed -16 [ 1394.600435] binder: BINDER_SET_CONTEXT_MGR already set [ 1394.618795] binder: 23402:23417 ioctl 40046207 0 returned -16 2018/06/01 03:16:21 executing program 2 (fault-call:2 fault-nth:71): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1394.644069] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1394.655237] binder_alloc: 23402: binder_alloc_buf, no vma [ 1394.661018] binder: 23402:23420 transaction failed 29189/-3, size 0-0 line 2971 [ 1394.736408] FAULT_INJECTION: forcing a failure. [ 1394.736408] name failslab, interval 1, probability 0, space 0, times 0 [ 1394.747738] CPU: 0 PID: 23436 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1394.755108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1394.764485] Call Trace: [ 1394.767080] dump_stack+0x1b9/0x294 [ 1394.770704] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1394.775881] ? is_bpf_text_address+0xd7/0x170 [ 1394.780376] should_fail.cold.4+0xa/0x1a [ 1394.784431] ? __save_stack_trace+0x7e/0xd0 [ 1394.788745] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1394.793869] ? save_stack+0x43/0xd0 [ 1394.797491] ? kasan_kmalloc+0xc4/0xe0 [ 1394.802234] ? kasan_slab_alloc+0x12/0x20 [ 1394.806376] ? find_held_lock+0x36/0x1c0 [ 1394.810446] ? check_same_owner+0x320/0x320 [ 1394.814761] ? rcu_note_context_switch+0x710/0x710 [ 1394.819693] __should_failslab+0x124/0x180 [ 1394.823928] should_failslab+0x9/0x14 [ 1394.827723] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1394.833095] __kmalloc_node_track_caller+0x33/0x70 [ 1394.838029] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1394.842782] __alloc_skb+0x14d/0x780 [ 1394.846498] ? skb_scrub_packet+0x580/0x580 [ 1394.850988] ? dst_init+0x459/0x600 [ 1394.854613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1394.860140] ? ip_generic_getfrag+0x11c/0x2d0 [ 1394.864626] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.868939] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1394.873945] ? skb_put+0x17b/0x1e0 [ 1394.877474] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1394.882489] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.886812] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1394.892602] ? xfrm_policy_lookup+0x70/0x70 [ 1394.896921] ? ipv4_mtu+0x375/0x580 [ 1394.900551] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1394.905990] ? find_held_lock+0x36/0x1c0 [ 1394.910061] ? ip_setup_cork+0x44d/0x6d0 [ 1394.914122] ip_make_skb+0x2be/0x350 [ 1394.917828] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.922149] ? ip_flush_pending_frames+0x30/0x30 [ 1394.926902] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1394.932443] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1394.937968] ? xfrm_lookup_route+0x64/0x1f0 [ 1394.942283] udp_sendmsg+0x24ec/0x35e0 [ 1394.946159] ? perf_trace_lock+0xd6/0x900 [ 1394.950299] ? ip_reply_glue_bits+0xc0/0xc0 [ 1394.954614] ? udp4_lib_lookup2+0x340/0x340 [ 1394.958925] ? graph_lock+0x170/0x170 [ 1394.962724] ? expand_files.part.8+0x9a0/0x9a0 [ 1394.967403] ? lock_downgrade+0x8e0/0x8e0 [ 1394.971543] ? lock_release+0xa10/0xa10 [ 1394.975512] ? check_same_owner+0x320/0x320 [ 1394.981928] ? __check_object_size+0x95/0x5d9 [ 1394.986418] inet_sendmsg+0x19f/0x690 [ 1394.990209] ? __might_sleep+0x95/0x190 [ 1394.994174] ? ipip_gro_receive+0x100/0x100 [ 1394.998498] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1395.004035] ? security_socket_sendmsg+0x94/0xc0 [ 1395.008785] ? ipip_gro_receive+0x100/0x100 [ 1395.013111] sock_sendmsg+0xd5/0x120 [ 1395.016817] __sys_sendto+0x3d7/0x670 [ 1395.020609] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1395.025270] ? wait_for_completion+0x870/0x870 [ 1395.029866] ? __sb_end_write+0xac/0xe0 [ 1395.033842] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1395.039371] ? fput+0x130/0x1a0 [ 1395.042643] ? ksys_write+0x1a6/0x250 [ 1395.049042] ? __do_page_fault+0x441/0xe40 [ 1395.053275] ? __ia32_sys_read+0xb0/0xb0 [ 1395.057350] __ia32_sys_sendto+0xdf/0x1a0 [ 1395.061501] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1395.066514] do_fast_syscall_32+0x345/0xf9b [ 1395.070832] ? do_int80_syscall_32+0x880/0x880 [ 1395.075413] ? _raw_spin_unlock_irq+0x27/0x70 [ 1395.079903] ? finish_task_switch+0x1ca/0x840 [ 1395.084392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1395.089927] ? syscall_return_slowpath+0x30f/0x5c0 [ 1395.094863] ? sysret32_from_system_call+0x5/0x46 [ 1395.099708] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1395.104550] entry_SYSENTER_compat+0x70/0x7f [ 1395.108946] RIP: 0023:0xf7f63cb9 [ 1395.112308] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1395.120619] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1395.127882] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 2018/06/01 03:16:21 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1395.135136] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1395.142394] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1395.149660] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1395.208541] binder: undelivered TRANSACTION_ERROR: 29189 [ 1395.214414] binder: release 23402:23417 transaction 306 out, still active [ 1395.221490] binder: undelivered TRANSACTION_COMPLETE [ 1395.246159] binder: send failed reply for transaction 306, target dead 2018/06/01 03:16:22 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:22 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) dup2(0xffffffffffffffff, 0xffffffffffffffff) 2018/06/01 03:16:22 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000001680)='/dev/vcs#\x00', 0x2, 0x8000) getsockopt$inet6_tcp_buf(r1, 0x6, 0x1e, &(0x7f00000016c0), &(0x7f0000001700)) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x14, 0x7, 0x1, 0x1}, 0x14}, 0x1}, 0x0) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001640)='/dev/mixer\x00', 0x202002, 0x0) fcntl$F_GET_FILE_RW_HINT(r3, 0x40d, &(0x7f0000000000)) ioctl$TCSETSW(r3, 0x5403, &(0x7f00000000c0)={0xc13, 0x64, 0xe18, 0xf76, 0x10001, 0xfffffffffffffe00, 0xffffffff00000000, 0x4, 0x6, 0x6, 0x672ad5b4, 0x2}) sendmsg$nl_netfilter(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x402600}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x1378, 0xd, 0x3, 0x100, 0x70bd2b, 0x25dfdbfc, {0xa, 0x0, 0x4}, [@generic="71efb5d414a0f60d1a242bf08e33ee709015cab0ca21adf9c65687e1d088ad2e58ae0ff3a28d9b0a8f1cd0f91d57cd7ed114372925ea1436953196d802957ed19f7f3202a9d8c21af040c2781e06afe9733bcf888db71ee964378a72defbd2a2ff08bbd0a872995cd2792bc7c9c5b694", @nested={0x12f4, 0x94, [@generic="2b876e0d4a10868ac9a4f44c6632618c316fc99d86f82b3175724ee4dc83c632de6fe23c2d04b344d98c2e3019b6c239d66ab3af1dd3b01945d7dc3c4a36a385f1c270be6be336dfcb6776b1b00a0b786b71a3a0de518c1caea24c69f1b4d6842dae595106f0755f794e8621178a8fbaaedc6ade84eff687fcc08857034ea260822797f4bb05ecfe87cc86ab4fe5b10f4bde62bf032ba38c701ce3480a1452624e37bd0fe702eb3645a6e8348ab59c70b720f17ec1fc40a322b45e8ef6378dea3f93274887539bd76bcb1e6748dd500758e82782ada3f1485c1abdf3f5653f754bd8d1153d3c9d485a009ca8582bedfc623e657e42187514223d05e99ce1c5c58c70f68ada68832b126217c46be2b5d92d35962b39ac35fb5782fe655731f0b30ed9472960235af08cc2fec9b2d353c8fdd01da6f9b671a4ad4702fe3eec0f27323810c41fe49f2a3f2d4bfe211a3e16e56316dee7799af920158e012354e897a25ace4b1fab3f10fee727cf5a06676ba5593b37aab8562c0b06c445f5a8a2b5608610d90ca3ba30d253aa6c5fc004d3b0f0935308913316206dba95378605b2f31a212a62726cafbfcb3c9de27ee8c80f431b3d08175a14fcef1d7f730e9ee3bf670cf525e7d707fc014392cda40a1ada13d1ed9b1b38c3a57460f3b680aec872f27897f49d58c65dfd10ca0e19902f037fc742a552064e137cad966eafb3cecdeaeb94d7f12868b6b0d90f79b9b2bee3e43d755cefa0ad50fc774d599c788ddcc2b367cab9de37a42f45185598f468d21489319c9bf2e27e43e0e72de95dc5a7f9a3c0a60272414c20e05fd1b817d6f0f8eea4d31f69bbb930d8e5e92dc7699d547161ef6e03639d1561f53384e01a066cf855434addb4824dcb0453213845db8796683b5efd30b83936ddfbb8e1781f14362dacbdbd0007ae8ff5a20245f59620affe363e70fe7d961f6ba043fe702396bb007bee8f1b520b352e52b80315776995212d7e76d3638311350a02c94cbf294691e51c6fd3c8845947e06f048c4271078cf38719bf902c1fafd9678ffaa6d5b17bc39829c8e240461bdf607cdf67c18eae4491894bf4fcb1384b0b206befbf69ad9017954b1d153ecf4706a4f1520a2cc5c8f7c60c796f64bf2aa9a4d1760445610abc013b5162233a7e940d4041a329c66d3ae34de31bec39131be6c0040c77e6d81c16947f510a7d41977da447e682c90d574a7c1dd0f543c89e07f49e347faa0d24695be69c7ab9262438eff34e9558789d3b697780167dd7a6e93616f92e901fad03ab78bb3875ca0bdf14b030d956124ce8fc2d53adb10fe1182a59adff9678d13891140b9742c089dba1cbf2e2daabbafe8e027adb9034b924a86fb2a140da84aa81da28c806ddacb72ad2cf025234a04c422673f0b807e443b47dd5c50f1d279d392d4bc25735de1a8314c8ff14ee2f48e9941fde2899c7298c2382fe97c59ea6863b117b2447e9eedfd3fcb58f95681e914c60a70c7351217f0523f8c7e001bb6c80d9631a40d97216c3ee9b39fe63825f39622c31540fc411bf09e6cf197388f7c991b15be8c6eab4abf0a14fd70084cd4558618437f3566088845bdfb8ad049b78951e4ee0412ce4b7529b4a63ec5c0e8a2cb5cf521b8d0a037d7f32f36b80b9ad57684467356b9130b9b9d49292ef4fcb591a092de1e2d00c9fd4ad757c07a12d063897dfd64ab67fca0eef057b35d6a77600cbc7a1a3e10dc3472624896f81dbcd7e2eb16dffff30061bdd9ed7b462bb1106c4bebf25d73e09fdaf0ff2a054f1b66893ba4cdad9d52cd4fc4e8e261bcf4cb6629b344e3e1acfc97b027e4b9af5ca4d30e19cdda0f6b8a32c153c7209094c4685261135ad08198d9aab053be715a6a8877c77de63f00cafec4ffac14b999f893c82d0d318eb756a5fd1282c64a07f7d0c92d0ee2bd24eb72b60a2bf7cf37bcafd660832d973159d32666d4ca2e28427a98bdbe5a86bb44a24d77fb97e0bdc5549f88513a2e8fcb4a6066527ae70ae6733645f5bceae2c43ec6cd7b864d599917b604df5709da7a091f1a8266ea1d6d65ba0ab8629b68f69e204c0f82572224a0135e6cbe9eafe751c146ed61c72212f27efff909730a21bc0c35ff2e702f24b56d49ba415f95e963b8aa1832c1df386d0cf9dd3d60717600ffcf7efcda79e677774d3773386d5c34cce871f3a26678f76eb76d51a30fca97436010d4d15d05a82ea05454d5297f97eb0c0bd4c32d2522432de3b087d0b6bc13af847625a055eaf6cbf2c5b38b61ccd14ec33ee975bf7be1a9c53e8e1eb89598e1911c1847ea717d4bb5c11add1e57dc90629fa8e6f9f12e754e805d528a4339a85fe990289909bfbac5aebcb647c2a2692eb3a586ef795226a9bd6918436b20a88c461119ddfbb4328701ad794fb5d60f4cf82f586f47a424a01a0603ff7789276756cc7035a0e4ff70b0eae126e2290095c70ba91712a4362ca823b8648d908707d614828f181427c099314afd40f2b44199f3e6a37b28b402cd4cfb23329cd7af14f8538fcb4b2b16ee075dcc4d58b04991cd4e035474ebf89f6fe95c4c8c7035dc7b0273256178f58e3dd7822cefea683e81b93fe0bf0e90576536e7497556523795d389611e357b579127abb7bb4da4c3919c29919fc469902880cb36b5c3a07033b4ebe92f369db6db7aa668cd7dab4068bd2ae89b4b15b53ca51fefbba3c103247d5f5c6231c02f11e62c25038d66c133fab110c13d90f4bf77b50cb24e7de84d9e1aa7966f683874cfce308db36ed64e08fa9728c315343688fbf5b001f71c3fdc0845b83752375b5fd715de5df1858f0eeade5e9359f77c3f83745a14a87674d10da6ab05605b37fef2d4f3f301eed0faf5c55e19e4bb7bf579b41e7e3a8ef39d0e6970081b1ca7c704425d2f4e893255c949d6038da256fdfbec996832a0c3f1ee16b2d1aa874f573b1d8379e1fd0e8e04f2255a8268886f938e62ef08d85db66e9d3a694ffffd5eaa9ff39d892406ce40865afb72dbc917289b773a3a8f3d8813a0dec737a1fd74b5981f27c752e6bcac4aa09c9830c6a611f9d8ee427c9d6e554988ff9feaeeac3cfaebb788842059af927a45e257ffd8a24fc488039c6199d5a7ecb40354801144965b758d575e0d1a0c516bade6572d6557222ecf771e388a67d2de94301144e0d8962291aff329cd26baf6b7bf89d5a310be2e3781be2808aa89243206bdb3f235dd88d84e0d544a5fcd54b2c9638b6a237d70391308bef6b9f7d52b9234bbbb5fc35b6659e752e4a29e10222110973e8d79b4760af97806ae4956c478937de014ed2f2f4e59db14924cdf89ce4fb3e4cba49b4ff68f8da62929e5f3b3a375a08632a4890ccf013197414d368cfb1081376792a2717796999ba171d97a399554814bb0dbf7cd40ec889cc766a78b59b1320844f4326569d21dc3961ac61848c301d4311cd435dd5f144829470521d5f5a2514def1e67a9babdd7f5ad838f9b806d8d795b95289b3b756c56542bd55b47fa5a0bf5c10c39e64932ef128960fd9622c4cd7f3834391115a2f893c0d521349c7c5725b62d52763f588b25c995b60ab69e24ff7b7c6f48d9d81a28e18e72c0b4845b6125ec180bd0cf259d379921bbe7e6ec56872bf3461f7d0d19622b30b17b51ca779635efa89cd9f0577d70f7ad0cdb6b3a0509e4466541a34e30b816f23a3985a5941f5771bf97bd2ac1cd4288d8beb67a10f17552f4430ea16fb92d39bef47d337ca9cd7ab1af6c59de43ff52ee56a62be4d740d07f9f3f2420682571ede98e619ff9ab679f6a375eb60ec66744bbfa4202c06a5bf768460ea325abc735e0ed096a9aa46a998d98193453cc65e94fea61f5dcb83015a94ac1769aa8370797b7f8991d3c3c0a3ca3f841909ae36712115eec7db88496d5cb2fd92f72f76f11174a1ca68982aa0542e3827d021c2053f4eb561fccf4e0853ae3159247f5df3e91b161155207259ddb7ea902d3091c3a01a2cf22f6146d3c6d1be464fe78ee16b65364cfa65b28ee114d2ab70c09479de36a6ab00306539381afe15324086b3b12ece82d128ecf8973ba0bf4ba4cdfc301c3a2f869b74f145a869e4d37760658f7c982dfe82f4ad96ea0d62b647d0d1a6ad71adf9e7008c1d18d6a75827ccc92dcb1255cddff19c663a7b7ae484a6f1d18ccbb7b1e4db47ee4059e69e3821bdffbe0c190669385ed5c09a228d631f9ea69f9d87bcc3bbbe6b4150454e503dd8be26be98c6653d18782b50b0bff2982c873bfc5d9f9c4c8d1a35b839b51dcfbbc1653b4465fc6583cf0913811f274cba02dfb7fea05addac35c48055862b46d6e4303530fda8accd622ce62b122a573489a26d9fc40c7737be1f754045add63182fd2bf09193f474c5ee67ce20b214dbb85ee97ade0cbfe2181e2124beba885aeb3a997cd36326eeec95b35976dda96803a8e595765ec66e9a265487eb56ec12b2427bfbb044a7674a1821fcff91f5ce2af8ee57615f7ac57f2d0cc06ecdfcec781f10d0a782b4a09295f0e52129f5837ccd1bb09a33330bd14945fcea08273e4c2bcec02fcddd561a9a5c2d0f2cc40c25a1ce246e36ad6848ecbb2cf629536671de69395e67deb1830926903a7c35a83a7d7332a5cd5e300aba32d207ded13112a03a97131992f0030595a5a029688e5fe29142ea2572eae3b93b6d3e92865b8b9988614549f2b62ec909bd1ce5bf447d038d00b3fe03407a7a9590af82a3d2b41234416385b0427742397eef7b1ff84770c50678da015126c2815ffd96a3264f5a29521308ad14105045f24680bfc7a8a19b954b216b7a9c1defd8d9d3d1938419b93ab6e9b7a32685b681b87d198d2ddf35aa5df6186e38095f70e38e7360346144e9bc14ee5bd951d87c810247db231fcb10010dbcedba90aa2226a8dca6b14b50ecd9872ccb46710890a1b705585b875a555ba3be22fe847f2fa46f915489bdcecca662e34452564f7274c6fbf914e38b62205ff4fbca5ab07fb7074562734cd341129769c46b86351756adcfa2bddd58eb7bee6180305ceb34dec2e6674d6cfb97ab228348aa7ddbc9d05e302dfa2820452501075ef87f0f570d59bd7e6a3b9c5465f1177b6cca2a548347ae2b0eb16fd4ddaf12ca78307cef9cbe36e05d82b52a02de5ed05a3944a0874a51a6050658c9acf0b5e3d891a5cc1e8d56a3f8ded1983ef7efcda68249020230085a36f2b97e472d2075c39bc6fc2e8eaf9c8b58cfc63e516bdd5da0d77f23f8692cbe1ddc22f67cf60679fb769636095c3315bc9b9e7327fba8836dea2100cf11e04f97e0c64ba0f6c6f19bf9f4e78ecab89bd6830b99030b093b1f807fc19a3ebc4c7814302c202863715f16bd4071b2731824b433e5d5ff8790ba40d2a8ac8ac2308efd6d7445a33a0eb1821f207eec1ccd8c9e88b958457c1b8d8afa61a2ce0b091b9069cd598bcc3566aad1f224c5a20b63627fad03b38b671f0f4ad34201f8fcde6e4221c42222369e9d32325578c1cc494883ee6fa016cf0ed51d18054d96c2eec59f4f75c8418996a782330da5dc3f8e689e129fa7e3ade24ec1b1ded2d3a786de849741386a473b13f984a603bd6d6a331c03f77097b8fd1ab5784d87f70d505f48a13fa392a0deffd516c71eb986e76fef2ba3900757bfeebd16f6d105d4b052e7bfdfa197c67245c3f4d16295f909d197b002431c4ca81cb172001cf797d081e002b17143129b90640d35fa731d9161d1451a7c02b549db97c0874cd593e334b540a2c2b9173bdc66", @generic="3c0d807bd7f4a010eaac174223d625d648a328e1fa2c777b43019abd2f6af3f757c8d7e737ccb19dde2285d91e98ed1dd98597c682dfa2ff7de5179ec75119a57445cf1f80d98b898da86bb5f3e002f7369e24", @typed={0xb8, 0x54, @binary="dfff6d9a03be8670c1d3be73bf655f78e0633b9f0460d38d9f1afd9f63bc395c1b6f5d3d0f43db4475aebda434728f964133d1126edc3f11cc16c1e8c834ecb674af2ee47ac27a6227ff0ffdcbe57f861f676d24c0dfb01ce0e0876998fc8b0c4a6d9acae3a54890deafac471a107448f4fd2c9887b28718c4d07807b712a44b40229ca7506797bf326d8fcfe3ea1ab45c7761b890fab4584d3b21f5fd2ce012a11dbb61912e81a8dc3c4a4527025cdd368b65"}, @generic="47c777ea670285a50c29b2a1dd711e26337afd3780b762811a7fc9a9af44cfdd081457f4140f3d384319904a6136fd39caac58df298f3726ea4674dcdbd503423c94c67cc6973e2b8ad572cd1ec5c33dacee1bb7cd0c5efeb6a456ad0a76b5942753ca4c9ff4da6a37529ca505460366e0819152a565be72060d9f1c68591b7d85fc0997d1f343d2a4c2ebbaf49d5bb6602d816c2c91f69d5204bcc145f1d33f61cad7ef4199937368b294c443adb2287dc3bb87c4344be6be3dea1c414151c22adfd1171af4832d09f9eef8ba9903bbce8a0f35683004d2c81d98c719aaf7afb038fed5ff2faee3c0307b7b30e8", @generic="dffbde4378b4ebe9f70973228f11e31641877ed411b86dc651ae99215faca585f7c9bb07b4aba1567e2ace997442a006362c6f7b9352f3e627b4c41ccdd531ae4d2ed4f6c95818d003a1dc20f41a32ef0b4e1a9841cb148c64ccc718e9567f193135d76772af804f61fa4815c1eda437d86597facea71b2e21974d05d34e9dcbf405672ac27ab389cf3fba7e8bdec9e9bf2390d08b7d5c3a58274491ad283bfe5f889225795ef8c685c4e3f193c29079d37d713c9f4c39503104295c49af5ab0229e966301fff3eb4816cf64480e86b61cdeb92628f08543d9ac475a50852c06a08e8ebc4e6713c44a", @typed={0xc, 0x67, @u64=0xfff}]}]}, 0x1378}, 0x1, 0x0, 0x0, 0x800}, 0x801) write$binfmt_elf32(r0, &(0x7f0000001740)={{0x7f, 0x45, 0x4c, 0x46, 0x200, 0x400, 0xfffffffffffffff7, 0x766, 0x6, 0x3, 0x3e, 0xfffffffffffffffd, 0xe5, 0x38, 0x2ca, 0x80000001, 0x0, 0x20, 0x2, 0xa9, 0x3800, 0x3}, [{0x7, 0x72f0, 0x9, 0x5c, 0xffffffffffffffff, 0x7e90977, 0x4, 0x4}], "6f841ee59bf793e2f615a175ce0b2910385f82ff210cd5af04215d66dfd6704d07cd6215ceb7f545fe12b880d3cd3de9c77aa8663e7ce0fea4dc9652194415d85085b793c2337d", [[], [], [], [], [], [], [], [], [], []]}, 0xa9f) socket$inet6_tcp(0xa, 0x1, 0x0) 2018/06/01 03:16:22 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:22 executing program 1: r0 = syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x5) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0xffffffe8) r1 = gettid() write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0', [], 0xa, "5d7eab3a46"}, 0x10) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000000), &(0x7f0000000100)}}, &(0x7f0000044000)=0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000040000)) r3 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x5, 0x10000) timer_settime(r2, 0x1, &(0x7f00000000c0)={{}, {0x0, 0x989680}}, 0x0) setsockopt$sock_int(r3, 0x1, 0x27, &(0x7f0000000080)=0x9, 0x4) tkill(r1, 0x1004000000016) 2018/06/01 03:16:22 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xffffff91}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:22 executing program 7: r0 = inotify_init() openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x149000, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) unshare(0x400) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000040)={0x2007}, 0x1) r2 = inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x2a) getsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000180)=0x4, &(0x7f0000000100)=0x4) inotify_rm_watch(r0, r2) 2018/06/01 03:16:22 executing program 2 (fault-call:2 fault-nth:72): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1395.452516] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1395.458389] FAULT_INJECTION: forcing a failure. [ 1395.458389] name failslab, interval 1, probability 0, space 0, times 0 [ 1395.471263] CPU: 0 PID: 23460 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1395.478633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1395.487988] Call Trace: [ 1395.490582] dump_stack+0x1b9/0x294 [ 1395.494231] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1395.499428] ? is_bpf_text_address+0xd7/0x170 [ 1395.503936] should_fail.cold.4+0xa/0x1a [ 1395.508040] ? __save_stack_trace+0x7e/0xd0 [ 1395.512365] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1395.517484] ? save_stack+0x43/0xd0 [ 1395.521168] ? kasan_kmalloc+0xc4/0xe0 [ 1395.525068] ? kasan_slab_alloc+0x12/0x20 [ 1395.529227] ? find_held_lock+0x36/0x1c0 [ 1395.533316] ? check_same_owner+0x320/0x320 [ 1395.537731] ? rcu_note_context_switch+0x710/0x710 [ 1395.542677] __should_failslab+0x124/0x180 [ 1395.546924] should_failslab+0x9/0x14 [ 1395.550729] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1395.555856] __kmalloc_node_track_caller+0x33/0x70 [ 1395.560798] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1395.565580] __alloc_skb+0x14d/0x780 [ 1395.569300] ? skb_scrub_packet+0x580/0x580 [ 1395.573765] ? dst_init+0x459/0x600 [ 1395.577398] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1395.582944] ? ip_generic_getfrag+0x11c/0x2d0 [ 1395.587441] ? ip_reply_glue_bits+0xc0/0xc0 [ 1395.591774] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1395.596790] ? skb_put+0x17b/0x1e0 [ 1395.600332] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1395.605357] ? ip_reply_glue_bits+0xc0/0xc0 [ 1395.609717] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1395.615531] ? xfrm_policy_lookup+0x70/0x70 [ 1395.619869] ? ipv4_mtu+0x375/0x580 [ 1395.623506] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1395.628954] ? find_held_lock+0x36/0x1c0 [ 1395.633047] ? ip_setup_cork+0x44d/0x6d0 [ 1395.637113] ip_make_skb+0x2be/0x350 [ 1395.640839] ? ip_reply_glue_bits+0xc0/0xc0 [ 1395.645174] ? ip_flush_pending_frames+0x30/0x30 [ 1395.649940] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1395.655490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1395.661035] ? xfrm_lookup_route+0x64/0x1f0 [ 1395.665799] udp_sendmsg+0x24ec/0x35e0 [ 1395.669697] ? perf_trace_lock+0xd6/0x900 [ 1395.673856] ? ip_reply_glue_bits+0xc0/0xc0 [ 1395.678188] ? udp4_lib_lookup2+0x340/0x340 [ 1395.682511] ? graph_lock+0x170/0x170 [ 1395.686759] ? expand_files.part.8+0x9a0/0x9a0 [ 1395.691363] ? lock_downgrade+0x8e0/0x8e0 [ 1395.695516] ? lock_release+0xa10/0xa10 [ 1395.699509] ? check_same_owner+0x320/0x320 [ 1395.703840] ? __check_object_size+0x95/0x5d9 [ 1395.708340] inet_sendmsg+0x19f/0x690 [ 1395.712140] ? __might_sleep+0x95/0x190 [ 1395.716113] ? ipip_gro_receive+0x100/0x100 [ 1395.720439] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1395.725994] ? security_socket_sendmsg+0x94/0xc0 [ 1395.730750] ? ipip_gro_receive+0x100/0x100 [ 1395.735074] sock_sendmsg+0xd5/0x120 [ 1395.738793] __sys_sendto+0x3d7/0x670 [ 1395.742608] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1395.747280] ? wait_for_completion+0x870/0x870 [ 1395.751897] ? __sb_end_write+0xac/0xe0 [ 1395.755878] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1395.761423] ? fput+0x130/0x1a0 [ 1395.764706] ? ksys_write+0x1a6/0x250 [ 1395.768527] ? __do_page_fault+0x441/0xe40 [ 1395.772778] ? __ia32_sys_read+0xb0/0xb0 [ 1395.776856] __ia32_sys_sendto+0xdf/0x1a0 [ 1395.781007] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1395.786028] do_fast_syscall_32+0x345/0xf9b [ 1395.790356] ? do_int80_syscall_32+0x880/0x880 [ 1395.795050] ? _raw_spin_unlock_irq+0x27/0x70 [ 1395.799547] ? finish_task_switch+0x1ca/0x840 [ 1395.804049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1395.809585] ? syscall_return_slowpath+0x30f/0x5c0 [ 1395.814518] ? sysret32_from_system_call+0x5/0x46 [ 1395.819363] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1395.824386] entry_SYSENTER_compat+0x70/0x7f [ 1395.828797] RIP: 0023:0xf7f63cb9 [ 1395.832177] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1395.839896] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1395.847177] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1395.854450] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1395.861720] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1395.868986] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:22 executing program 7: r0 = getpgrp(0x0) sched_setaffinity(r0, 0xfffffffffffffeed, &(0x7f00009ad000)=0x2) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000480)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) rename(&(0x7f0000000040)='./control/file0\x00', &(0x7f0000000140)='./file0\x00') utime(&(0x7f0000000100)='./control/file0\x00', &(0x7f0000000180)) gettid() close(r1) 2018/06/01 03:16:22 executing program 2 (fault-call:2 fault-nth:73): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1396.134900] FAULT_INJECTION: forcing a failure. [ 1396.134900] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.146624] CPU: 0 PID: 23480 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1396.154006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1396.167801] Call Trace: [ 1396.170410] dump_stack+0x1b9/0x294 [ 1396.174043] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1396.179235] ? is_bpf_text_address+0xd7/0x170 [ 1396.183742] should_fail.cold.4+0xa/0x1a [ 1396.187808] ? __save_stack_trace+0x7e/0xd0 [ 1396.192135] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1396.197252] ? save_stack+0x43/0xd0 [ 1396.200882] ? kasan_kmalloc+0xc4/0xe0 [ 1396.204769] ? kasan_slab_alloc+0x12/0x20 [ 1396.208938] ? find_held_lock+0x36/0x1c0 [ 1396.213025] ? check_same_owner+0x320/0x320 [ 1396.217357] ? rcu_note_context_switch+0x710/0x710 [ 1396.222292] __should_failslab+0x124/0x180 [ 1396.226536] should_failslab+0x9/0x14 [ 1396.230344] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1396.243213] __kmalloc_node_track_caller+0x33/0x70 [ 1396.248173] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1396.253064] __alloc_skb+0x14d/0x780 [ 1396.256807] ? skb_scrub_packet+0x580/0x580 [ 1396.261133] ? dst_init+0x459/0x600 [ 1396.264762] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1396.270300] ? ip_generic_getfrag+0x11c/0x2d0 [ 1396.274805] ? ip_reply_glue_bits+0xc0/0xc0 [ 1396.279128] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1396.284161] ? skb_put+0x17b/0x1e0 [ 1396.287704] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1396.292726] ? ip_reply_glue_bits+0xc0/0xc0 [ 1396.297064] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1396.302873] ? xfrm_policy_lookup+0x70/0x70 [ 1396.307197] ? ipv4_mtu+0x375/0x580 [ 1396.310832] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1396.316277] ? find_held_lock+0x36/0x1c0 [ 1396.320355] ? ip_setup_cork+0x44d/0x6d0 [ 1396.324411] ip_make_skb+0x2be/0x350 [ 1396.328119] ? ip_reply_glue_bits+0xc0/0xc0 [ 1396.332430] ? ip_flush_pending_frames+0x30/0x30 [ 1396.337194] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1396.342736] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1396.348269] ? xfrm_lookup_route+0x64/0x1f0 [ 1396.352590] udp_sendmsg+0x24ec/0x35e0 [ 1396.356485] ? perf_trace_lock+0xd6/0x900 [ 1396.360667] ? ip_reply_glue_bits+0xc0/0xc0 [ 1396.364992] ? udp4_lib_lookup2+0x340/0x340 [ 1396.369312] ? graph_lock+0x170/0x170 [ 1396.373132] ? expand_files.part.8+0x9a0/0x9a0 [ 1396.377985] ? lock_downgrade+0x8e0/0x8e0 [ 1396.382137] ? lock_release+0xa10/0xa10 [ 1396.386120] ? check_same_owner+0x320/0x320 [ 1396.390435] ? __check_object_size+0x95/0x5d9 [ 1396.394931] inet_sendmsg+0x19f/0x690 [ 1396.398728] ? __might_sleep+0x95/0x190 [ 1396.402695] ? ipip_gro_receive+0x100/0x100 [ 1396.407028] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1396.412563] ? security_socket_sendmsg+0x94/0xc0 [ 1396.417313] ? ipip_gro_receive+0x100/0x100 [ 1396.421637] sock_sendmsg+0xd5/0x120 [ 1396.425352] __sys_sendto+0x3d7/0x670 [ 1396.429149] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1396.433813] ? wait_for_completion+0x870/0x870 [ 1396.438928] ? __sb_end_write+0xac/0xe0 [ 1396.442899] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1396.448428] ? fput+0x130/0x1a0 [ 1396.452482] ? ksys_write+0x1a6/0x250 [ 1396.456278] ? __do_page_fault+0x441/0xe40 [ 1396.460517] ? __ia32_sys_read+0xb0/0xb0 [ 1396.464581] __ia32_sys_sendto+0xdf/0x1a0 [ 1396.468727] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1396.473761] do_fast_syscall_32+0x345/0xf9b [ 1396.478090] ? do_int80_syscall_32+0x880/0x880 [ 1396.482677] ? _raw_spin_unlock_irq+0x27/0x70 [ 1396.487179] ? finish_task_switch+0x1ca/0x840 [ 1396.491705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1396.497252] ? syscall_return_slowpath+0x30f/0x5c0 [ 1396.502185] ? sysret32_from_system_call+0x5/0x46 [ 1396.507053] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1396.511911] entry_SYSENTER_compat+0x70/0x7f [ 1396.516326] RIP: 0023:0xf7f63cb9 [ 1396.519680] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1396.527390] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1396.534651] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 2018/06/01 03:16:22 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:23 executing program 3: r0 = socket$inet6(0xa, 0x2, 0xffffffffffffffff) socketpair(0x10, 0x5, 0x3f, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000001c0)=0xffffffffffffffa0) bind$nfc_llcp(r1, &(0x7f0000000400)={0x27, 0x1, 0x0, 0x6, 0x7, 0x8, "5b682f0a3f47379cfb2d38f6a0ebed01b12b6e0e91551109ca5174daff0d8c7fdaecf929baeebf7adca3a11c92a323f68d573c3230d29583c4af2b0cbc8cee", 0x27}, 0x58) sendmsg$can_raw(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x1d, r3}, 0x10, &(0x7f0000000040)={&(0x7f0000000240)=@can={{0x3, 0xc72, 0x4, 0xf8}, 0x6, 0x2, 0x0, 0x0, "f91bbdf6d4d30f83"}, 0x10}, 0x1, 0x0, 0x0, 0x8000}, 0x40805) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000280)={0x0, 0x2}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000380)={r5, 0x7ff, 0x5, [0x7d9, 0x80000001, 0xffff, 0xfffffffffffffffc, 0x0]}, &(0x7f00000003c0)=0x12) capset(&(0x7f0000000140)={0x19980330, r4}, &(0x7f00000000c0)={0x10003ff, 0x10002, 0x3, 0x8, 0x1000008, 0x8001}) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x4}, 0x1c) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000300)={0x100000000, 0x4, 0x3ff, 0x5}, 0x8) sendmmsg(r0, &(0x7f000000ac80)=[{{&(0x7f0000001240)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000400), 0x0, &(0x7f0000001640)}}, {{0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x10}}], 0x2, 0x0) [ 1396.541911] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1396.549172] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1396.556430] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1396.590114] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:23 executing program 3: syz_emit_ethernet(0x7e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800450000300000000000029078ac2314bbac14140014ff907800000001420000000000000000000000ac1414aaac141400"], &(0x7f0000000040)) 2018/06/01 03:16:24 executing program 1: r0 = memfd_create(&(0x7f00000000c0)=':*@em1wlan0:self]selfself\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000080)=ANY=[], 0x0) open(&(0x7f0000000080)='./file0\x00', 0x0, 0x100) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f0000000300), &(0x7f00000003c0), 0x1000) open(&(0x7f0000000040)='./file0\x00', 0x840, 0x0) 2018/06/01 03:16:24 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:24 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3f5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x80000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={r0, 0x50, &(0x7f0000000100)}, 0x10) 2018/06/01 03:16:24 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='memory.swap.max\x00', 0x2, 0x0) setrlimit(0x7, &(0x7f0000000040)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, &(0x7f0000000540)={{0xff, 0x7ff, 0x4, 0x12ba, 0x80, 0x80000000}, 0x6, 0x8001, 0x1f, 0x9, 0x81, "6f754dec70150997049c43c1dae5f44ac98167a496590847e42c851926b6cb2474f4e4e2edafa9cbb3e2990005f0f40685436da8f43199ae2bd740109c42d54fba2788c2c9b0cc6ab1a35dd9e0f8e7919a93f5b51ff658a9edbf446caf4f1fe9f96e5a5b68da83f0db802a7ba7592ac5f7cd0925a4d9cf61f49177ada818050d"}) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r2, 0x0, &(0x7f00000001c0)=""/159) r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x2, 0x3ff, 0x1, 0x0, r3}, 0xfffffffffffffe18) ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0x0) 2018/06/01 03:16:24 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x4000000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:24 executing program 2 (fault-call:2 fault-nth:74): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:24 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f000021e000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xff0f0000) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7fff, 0x1) openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x100, 0x0) sendto$inet6(r0, &(0x7f0000000040)="916b102625e24ae2668f411e83bc04621e4a37f0f69fe42139a37adf322f3c024fc6ae4724621cbd3c5bbd48d8592204e9748e3052d26a7a8d0a80c41f17ea7023fbc0543e5a6a2f54f2c5575b68d31226d1187585ffaf1eca2cdf78a240ca63f48150938d54e30538eb41ae6e69729616611cb8d219207c6dce5bd6d2c0b014cfcae4793f84f5016bdd61b02ccab4fa5df1648ffaae8127a5d2b65aadeea574fb99a15422c681d5c2c185e9e3128fc235", 0xb1, 0x20000804, 0x0, 0x0) 2018/06/01 03:16:24 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1398.019999] FAULT_INJECTION: forcing a failure. [ 1398.019999] name failslab, interval 1, probability 0, space 0, times 0 [ 1398.031502] CPU: 0 PID: 23507 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1398.038879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1398.048270] Call Trace: [ 1398.050886] dump_stack+0x1b9/0x294 [ 1398.054536] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1398.059741] ? perf_trace_lock_acquire+0xe3/0x980 [ 1398.064639] ? kernel_text_address+0x79/0xf0 [ 1398.069068] ? __unwind_start+0x166/0x330 [ 1398.073238] should_fail.cold.4+0xa/0x1a [ 1398.077317] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1398.082442] ? save_stack+0xa9/0xd0 [ 1398.086070] ? save_stack+0x43/0xd0 [ 1398.089695] ? kasan_slab_alloc+0x12/0x20 [ 1398.093842] ? find_held_lock+0x36/0x1c0 [ 1398.097920] ? check_same_owner+0x320/0x320 [ 1398.102239] ? rcu_note_context_switch+0x710/0x710 [ 1398.107167] __should_failslab+0x124/0x180 [ 1398.111402] should_failslab+0x9/0x14 [ 1398.115198] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1398.120340] __kmalloc_node_track_caller+0x33/0x70 [ 1398.125283] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1398.130050] __alloc_skb+0x14d/0x780 [ 1398.133766] ? skb_scrub_packet+0x580/0x580 [ 1398.138087] ? dst_init+0x459/0x600 [ 1398.141718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1398.147251] ? ip_generic_getfrag+0x11c/0x2d0 [ 1398.151743] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.156061] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1398.161073] ? skb_put+0x17b/0x1e0 [ 1398.164635] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1398.169674] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.174020] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1398.179821] ? xfrm_policy_lookup+0x70/0x70 [ 1398.184137] ? ipv4_mtu+0x375/0x580 [ 1398.187767] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1398.193215] ? find_held_lock+0x36/0x1c0 [ 1398.197292] ? ip_setup_cork+0x44d/0x6d0 [ 1398.201346] ip_make_skb+0x2be/0x350 [ 1398.205054] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.209369] ? ip_flush_pending_frames+0x30/0x30 [ 1398.214138] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1398.219674] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1398.225201] ? xfrm_lookup_route+0x64/0x1f0 [ 1398.229520] udp_sendmsg+0x24ec/0x35e0 [ 1398.233406] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.237726] ? udp4_lib_lookup2+0x340/0x340 [ 1398.242043] ? graph_lock+0x170/0x170 [ 1398.245854] ? expand_files.part.8+0x9a0/0x9a0 [ 1398.250457] ? lock_downgrade+0x8e0/0x8e0 [ 1398.254598] ? lock_release+0xa10/0xa10 [ 1398.258573] ? __check_object_size+0x95/0x5d9 [ 1398.263065] inet_sendmsg+0x19f/0x690 [ 1398.266859] ? __might_sleep+0x95/0x190 [ 1398.270828] ? ipip_gro_receive+0x100/0x100 [ 1398.275147] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1398.280681] ? security_socket_sendmsg+0x94/0xc0 [ 1398.285423] ? ipip_gro_receive+0x100/0x100 [ 1398.289736] sock_sendmsg+0xd5/0x120 [ 1398.293440] __sys_sendto+0x3d7/0x670 [ 1398.297235] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1398.301902] ? wait_for_completion+0x870/0x870 [ 1398.306480] ? __lock_is_held+0xb5/0x140 [ 1398.310559] ? __sb_end_write+0xac/0xe0 [ 1398.314532] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1398.320059] ? fput+0x130/0x1a0 [ 1398.323340] ? ksys_write+0x1a6/0x250 [ 1398.327128] ? __do_page_fault+0x441/0xe40 [ 1398.331358] ? __ia32_sys_read+0xb0/0xb0 [ 1398.335418] __ia32_sys_sendto+0xdf/0x1a0 [ 1398.339566] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1398.344588] do_fast_syscall_32+0x345/0xf9b [ 1398.348921] ? do_int80_syscall_32+0x880/0x880 [ 1398.353495] ? _raw_spin_unlock_irq+0x27/0x70 [ 1398.357984] ? finish_task_switch+0x1ca/0x840 [ 1398.362476] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1398.368022] ? syscall_return_slowpath+0x30f/0x5c0 [ 1398.372950] ? sysret32_from_system_call+0x5/0x46 [ 1398.377803] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1398.382645] entry_SYSENTER_compat+0x70/0x7f [ 1398.387044] RIP: 0023:0xf7f63cb9 [ 1398.390397] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1398.398098] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1398.405367] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1398.412636] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1398.419905] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1398.427178] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1398.438575] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:25 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000020"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:25 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:25 executing program 6: r0 = dup(0xffffffffffffff9c) connect$pptp(r0, &(0x7f0000000280)={0x18, 0x2, {0x3}}, 0x1e) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000340)='team\x00') getsockname$packet(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000003c0)=0x14) getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000400)={@empty, @empty, 0x0}, &(0x7f0000000440)=0xc) recvmsg(r0, &(0x7f0000000680)={&(0x7f0000000480)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000500)=""/232, 0xe8}], 0x1, &(0x7f0000000640)=""/43, 0x2b, 0x80000001}, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000780)={'vcan0\x00', 0x0}) getpeername$packet(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000800)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001b40)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000003e80)={{{@in=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000003f80)=0xe8) getsockname$packet(r0, &(0x7f0000003fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000004000)=0x14) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000004040)={@dev, 0x0}, &(0x7f0000004080)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000004240)={{{@in6=@local, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@local}}, &(0x7f0000004340)=0xe8) getsockname(r0, &(0x7f0000004380)=@can={0x0, 0x0}, &(0x7f0000004400)=0x80) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000004700)={0x0, @local, @multicast2}, &(0x7f0000004740)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000004780)={{{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@multicast1}}, &(0x7f0000004880)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000048c0)={'team0\x00', 0x0}) getpeername$packet(r0, &(0x7f0000004a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000004a80)=0x14) getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000004c80)={@remote, @dev, 0x0}, &(0x7f0000004cc0)=0xc) getsockname$packet(r0, &(0x7f0000004d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000004d40)=0x14) getpeername$packet(r0, &(0x7f0000004d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000004dc0)=0x14) getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000004e00)={@broadcast, @multicast1, 0x0}, &(0x7f0000004e40)=0xc) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000004e80)={'bond0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000004ec0)={'vcan0\x00', 0x0}) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000004f00)={@loopback, @multicast1, 0x0}, &(0x7f0000004f40)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000005300)={'team0\x00', 0x0}) getpeername$packet(r0, &(0x7f0000005340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000005380)=0x14) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f00000059c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x108000}, 0xc, &(0x7f0000005980)={&(0x7f00000053c0)={0x5c0, r1, 0x701, 0x70bd25, 0x25dfdbff, {0x2}, [{{0x8, 0x1, r2}, {0xb4, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r3}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r5}}}]}}, {{0x8, 0x1, r6}, {0x40, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r10}, {0xb0, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r12}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}]}}, {{0x8, 0x1, r13}, {0x15c, 0x2, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7dd0}}, {0x8, 0x6, r14}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r15}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xf4e}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}]}}, {{0x8, 0x1, r16}, {0x7c, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r17}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0xddda}}, {0x8, 0x6, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4}}, {0x8, 0x6, r20}}}]}}, {{0x8, 0x1, r21}, {0x168, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7fff}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7000000000000}}, {0x8, 0x6, r22}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r23}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r24}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r25}}}]}}]}, 0x5c0}, 0x1, 0x0, 0x0, 0x4005}, 0x24000001) r26 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x200002, 0x0) r27 = openat$cgroup_int(r26, &(0x7f00000002c0)="6370967365742e63707ae269e7c72befbb86b99343610000000000000000000000000000", 0x2, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x8001, 0xfffffffffffffff7, 0x1, 0x0, 0x101, 0x0, 0x6, 0xfffffffffffffffd, 0x0}, &(0x7f00000001c0)=0x20) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r27, 0x84, 0x71, &(0x7f0000000200)={r28, 0x80}, &(0x7f0000000240)=0x8) pwritev(r27, &(0x7f0000000100)=[{&(0x7f0000000040)='\x00', 0x1}], 0x1, 0x0) 2018/06/01 03:16:25 executing program 3: io_setup(0x20, &(0x7f0000000000)=0x0) io_getevents(r0, 0x0, 0x3, &(0x7f0000000040)=[{}, {}, {}], &(0x7f0000000100)={0x77359400}) pselect6(0x9, &(0x7f00000abfc0), &(0x7f0000768000)={0x1}, &(0x7f00007fbfc0), &(0x7f0000349000)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f00000000c0), 0x8}) 2018/06/01 03:16:25 executing program 2 (fault-call:2 fault-nth:75): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:25 executing program 1: r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000025c0)={0xffffffffffffffff, 0x6, 0x1, 0xac, &(0x7f0000002580)=[0x0, 0x0], 0x2}, 0x20) r1 = syz_open_dev$usbmon(&(0x7f0000002600)='/dev/usbmon#\x00', 0x4127, 0x4000) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000002640)={0x0, r1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x1d, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, &(0x7f0000000300)=0x100) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x10080, 0x0) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f00000000c0), &(0x7f0000000100)=0x4) recvmsg(r2, &(0x7f0000002540)={&(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/241, 0xf1}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/144, 0x90}, {&(0x7f0000001500)=""/4096, 0x1000}], 0x4, &(0x7f0000002500)=""/34, 0x22, 0x6}, 0x100) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/06/01 03:16:25 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$mice(&(0x7f0000003900)='/dev/input/mice\x00', 0x0, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000003940), &(0x7f0000003980)=0xc) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(xts(cbc-blowfish-asm),sha256-avx2)\x00'}, 0x58) signalfd(r1, &(0x7f0000000000)={0x4}, 0x8) [ 1398.592255] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1398.691750] FAULT_INJECTION: forcing a failure. [ 1398.691750] name failslab, interval 1, probability 0, space 0, times 0 [ 1398.703219] CPU: 0 PID: 23549 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1398.710614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1398.719984] Call Trace: [ 1398.722594] dump_stack+0x1b9/0x294 [ 1398.726220] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1398.731410] ? unwind_get_return_address+0x61/0xa0 [ 1398.736340] should_fail.cold.4+0xa/0x1a [ 1398.740411] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1398.745509] ? save_stack+0xa9/0xd0 [ 1398.749128] ? save_stack+0x43/0xd0 [ 1398.752748] ? kasan_kmalloc+0xc4/0xe0 [ 1398.756626] ? __kmalloc_node_track_caller+0x47/0x70 [ 1398.761720] ? __alloc_skb+0x14d/0x780 [ 1398.765600] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1398.770786] ? udp_sendmsg+0x24ec/0x35e0 [ 1398.774852] ? inet_sendmsg+0x19f/0x690 [ 1398.778821] ? sock_sendmsg+0xd5/0x120 [ 1398.782713] ? __sys_sendto+0x3d7/0x670 [ 1398.786681] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1398.791010] ? do_fast_syscall_32+0x345/0xf9b [ 1398.795524] ? find_held_lock+0x36/0x1c0 [ 1398.799604] ? check_same_owner+0x320/0x320 [ 1398.803940] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1398.809486] ? rcu_note_context_switch+0x710/0x710 [ 1398.814413] __should_failslab+0x124/0x180 [ 1398.818649] should_failslab+0x9/0x14 [ 1398.822445] kmem_cache_alloc_node+0x272/0x780 [ 1398.827215] __alloc_skb+0x111/0x780 [ 1398.830929] ? skb_scrub_packet+0x580/0x580 [ 1398.835261] ? dst_init+0x459/0x600 [ 1398.838888] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1398.844417] ? ip_generic_getfrag+0x11c/0x2d0 [ 1398.848906] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.853225] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1398.858233] ? skb_put+0x17b/0x1e0 [ 1398.861767] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1398.866795] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.871119] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1398.876913] ? xfrm_policy_lookup+0x70/0x70 [ 1398.881243] ? ipv4_mtu+0x375/0x580 [ 1398.884869] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1398.890312] ? find_held_lock+0x36/0x1c0 [ 1398.894390] ? ip_setup_cork+0x44d/0x6d0 [ 1398.898447] ip_make_skb+0x2be/0x350 [ 1398.902160] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.906475] ? ip_flush_pending_frames+0x30/0x30 [ 1398.911232] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1398.916771] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1398.922299] ? xfrm_lookup_route+0x64/0x1f0 [ 1398.926614] udp_sendmsg+0x24ec/0x35e0 [ 1398.930496] ? perf_trace_lock+0xd6/0x900 [ 1398.934638] ? ip_reply_glue_bits+0xc0/0xc0 [ 1398.938964] ? udp4_lib_lookup2+0x340/0x340 [ 1398.943283] ? graph_lock+0x170/0x170 [ 1398.947085] ? expand_files.part.8+0x9a0/0x9a0 [ 1398.951679] ? lock_downgrade+0x8e0/0x8e0 [ 1398.955827] ? lock_release+0xa10/0xa10 [ 1398.959795] ? check_same_owner+0x320/0x320 [ 1398.964114] ? __check_object_size+0x95/0x5d9 [ 1398.968604] inet_sendmsg+0x19f/0x690 [ 1398.972408] ? __might_sleep+0x95/0x190 [ 1398.976386] ? ipip_gro_receive+0x100/0x100 [ 1398.980731] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1398.986272] ? security_socket_sendmsg+0x94/0xc0 [ 1398.991029] ? ipip_gro_receive+0x100/0x100 [ 1398.995354] sock_sendmsg+0xd5/0x120 [ 1398.999074] __sys_sendto+0x3d7/0x670 [ 1399.002875] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1399.007556] ? wait_for_completion+0x870/0x870 [ 1399.012149] ? __sb_end_write+0xac/0xe0 [ 1399.016137] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1399.021670] ? fput+0x130/0x1a0 [ 1399.024939] ? ksys_write+0x1a6/0x250 [ 1399.028734] ? __do_page_fault+0x441/0xe40 [ 1399.032973] ? __ia32_sys_read+0xb0/0xb0 [ 1399.037641] __ia32_sys_sendto+0xdf/0x1a0 [ 1399.041783] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1399.046793] do_fast_syscall_32+0x345/0xf9b [ 1399.051139] ? do_int80_syscall_32+0x880/0x880 [ 1399.055713] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1399.060554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1399.066086] ? syscall_return_slowpath+0x30f/0x5c0 [ 1399.071027] ? sysret32_from_system_call+0x5/0x46 [ 1399.075884] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1399.080725] entry_SYSENTER_compat+0x70/0x7f [ 1399.085137] RIP: 0023:0xf7f63cb9 2018/06/01 03:16:25 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000200"], 0x60}, 0x1}, 0x0) [ 1399.088493] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1399.096209] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1399.103651] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1399.111623] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1399.118884] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1399.126152] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:25 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:25 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x900000000000000}, 0x1c) shutdown(r0, 0x0) [ 1399.227562] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:26 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x200000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:26 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000000000fbff"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:26 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:26 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00003de000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000c97ff8)) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000380)=&(0x7f0000000300)) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffffc) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0) close(r1) syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000040)=""/254, &(0x7f0000000140)=""/119, &(0x7f00000001c0)=""/150}) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={"64756d6d7930e77900", 0x1}) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)={0x1, r1}) ioctl$VHOST_SET_MEM_TABLE(r0, 0xaf02, &(0x7f0000001680)) 2018/06/01 03:16:26 executing program 2 (fault-call:2 fault-nth:76): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:26 executing program 7: r0 = syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x5, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={&(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x2, 0x5, 0x9}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(0xffffffffffffffff, &(0x7f0000001e80)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000000c0)=""/78, 0x4e}], 0x1, &(0x7f0000000040)=""/45, 0x2d}}], 0x1, 0x0, &(0x7f0000001f80)={0x77359400}) r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x8001, 0x200200) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000240)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000200)=[0x0], 0x7, 0x6, 0x2, 0x1}) sendmmsg$unix(r1, &(0x7f0000000340), 0x0, 0x0) 2018/06/01 03:16:26 executing program 3: socket$inet(0x2, 0x840000000003, 0x2) 2018/06/01 03:16:26 executing program 6: unshare(0x2000400) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000080)={r2, 0x800, 0x200, 0x7}, 0x10) getegid() sendmmsg$alg(r1, &(0x7f0000007640), 0x0, 0x0) 2018/06/01 03:16:26 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1400.168120] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1400.181105] FAULT_INJECTION: forcing a failure. [ 1400.181105] name failslab, interval 1, probability 0, space 0, times 0 [ 1400.192412] CPU: 0 PID: 23591 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1400.199790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1400.209160] Call Trace: [ 1400.211769] dump_stack+0x1b9/0x294 [ 1400.215419] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1400.220638] ? is_bpf_text_address+0xd7/0x170 [ 1400.225150] ? kernel_text_address+0x79/0xf0 [ 1400.229576] ? __unwind_start+0x166/0x330 [ 1400.233808] should_fail.cold.4+0xa/0x1a [ 1400.237883] ? __save_stack_trace+0x7e/0xd0 [ 1400.242230] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1400.247368] ? save_stack+0xa9/0xd0 [ 1400.251304] ? save_stack+0x43/0xd0 [ 1400.253944] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1400.254945] ? kasan_kmalloc+0xc4/0xe0 [ 1400.254961] ? kasan_slab_alloc+0x12/0x20 [ 1400.254981] ? find_held_lock+0x36/0x1c0 [ 1400.255019] ? check_same_owner+0x320/0x320 [ 1400.255039] ? rcu_note_context_switch+0x710/0x710 [ 1400.255053] __should_failslab+0x124/0x180 [ 1400.255067] should_failslab+0x9/0x14 [ 1400.255081] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1400.255106] __kmalloc_node_track_caller+0x33/0x70 [ 1400.255127] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1400.306746] __alloc_skb+0x14d/0x780 [ 1400.306766] ? skb_scrub_packet+0x580/0x580 [ 1400.306787] ? dst_init+0x459/0x600 2018/06/01 03:16:26 executing program 6: syz_open_dev$mice(&(0x7f0000000480)='/dev/input/mice\x00', 0x0, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x48000, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='comm\x00') process_vm_writev(0x0, &(0x7f0000000280), 0x0, &(0x7f0000000440)=[{&(0x7f00000016c0)=""/169, 0xa9}], 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) writev(r0, &(0x7f0000000140), 0x2000000000000234) 2018/06/01 03:16:26 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x104d}, 0x2c) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x6, 0x2100) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000000c0)={0x0, @multicast2, @rand_addr}, &(0x7f0000000100)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@rand_addr, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast1}}, &(0x7f00000004c0)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000500)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f0000000600)=0xe8) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000700)={0x0, @rand_addr, @rand_addr}, &(0x7f0000000740)=0xc) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'vcan0\x00', 0x0}) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000880)={0x0, @multicast1, @multicast1}, &(0x7f00000008c0)=0xc) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000900)={'vcan0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001b80)={'team0\x00', 0x0}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1d, &(0x7f0000001bc0)={@loopback, 0x0}, &(0x7f0000001c00)=0x14) getsockname$packet(0xffffffffffffff9c, &(0x7f0000001c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000001c80)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000001cc0)={'team0\x00', 0x0}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000001d00)={@loopback, 0x0}, &(0x7f0000001d40)=0x14) getpeername$packet(0xffffffffffffff9c, &(0x7f0000001d80)={0x0, 0x0, 0x0}, &(0x7f0000001dc0)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001e00)={'team_slave_0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001e40)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@remote}}, &(0x7f0000001f40)=0xe8) recvmmsg(0xffffffffffffffff, &(0x7f0000004000)=[{{&(0x7f0000001f80)=@ipx, 0x80, &(0x7f00000024c0)=[{&(0x7f0000002000)=""/176, 0xb0}, {&(0x7f00000020c0)=""/187, 0xbb}, {&(0x7f0000002180)=""/153, 0x99}, {&(0x7f0000002240)=""/87, 0x57}, {&(0x7f00000022c0)=""/219, 0xdb}, {&(0x7f00000023c0)=""/70, 0x46}, {&(0x7f0000002440)=""/126, 0x7e}], 0x7, &(0x7f0000002500)=""/60, 0x3c, 0x200}, 0x3}, {{&(0x7f0000002540)=@pptp={0x0, 0x0, {0x0, @rand_addr}}, 0x80, &(0x7f0000002a40)=[{&(0x7f00000025c0)=""/159, 0x9f}, {&(0x7f0000002680)=""/115, 0x73}, {&(0x7f0000002700)=""/8, 0x8}, {&(0x7f0000002740)=""/253, 0xfd}, {&(0x7f0000002840)=""/230, 0xe6}, {&(0x7f0000002940)=""/239, 0xef}], 0x6, &(0x7f0000002a80)=""/211, 0xd3, 0x80}, 0xa2d0}, {{&(0x7f0000002b80)=@hci, 0x80, &(0x7f0000003d00)=[{&(0x7f0000002c00)=""/133, 0x85}, {&(0x7f0000002cc0)=""/4096, 0x1000}, {&(0x7f0000003cc0)=""/31, 0x1f}], 0x3, &(0x7f0000003d40)=""/240, 0xf0, 0x8}, 0x8}, {{&(0x7f0000003e40)=@can={0x0, 0x0}, 0x80, &(0x7f0000003fc0)=[{&(0x7f0000003ec0)=""/22, 0x16}, {&(0x7f0000003f00)=""/132, 0x84}], 0x2, 0x0, 0x0, 0x8000000000000000}, 0x1}], 0x4, 0x0, &(0x7f0000004080)={0x0, 0x989680}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000040c0)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000044c0)={{{@in6=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@mcast1}}, &(0x7f00000045c0)=0xe8) setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000001c0)={0x8, 0x9, 0x6, 0x8000}, 0x8) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000004600)={{{@in=@remote, @in6=@ipv4={[], [], @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000004700)=0xe8) getsockname(0xffffffffffffff9c, &(0x7f0000004740)=@hci={0x0, 0x0}, &(0x7f00000047c0)=0x80) getsockname$packet(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000004840)=0x14) sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f0000005640)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000005600)={&(0x7f0000004880)={0xd80, r2, 0x120, 0x70bd26, 0x25dfdbfc, {0x3}, [{{0x8, 0x1, r3}, {0xc0, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r4}}}]}}, {{0x8, 0x1, r5}, {0x220, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8000}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xb6}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x14, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1f}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x44e9}}, {0x8, 0x6, r6}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x14, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xe70}}}]}}, {{0x8, 0x1, r7}, {0x88, 0x2, [{0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x14, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r8}}}]}}, {{0x8, 0x1, r9}, {0x16c, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r11}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r12}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8f5e303}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x4}}, {0x8, 0x7}}}]}}, {{0x8, 0x1, r14}, {0xc8, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'broadcast\x00'}}}]}}, {{0x8, 0x1, r15}, {0x27c, 0x2, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x7c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x4c, 0x4, [{0x6, 0x101, 0x5, 0x3ff}, {0x4, 0xdac, 0x2, 0x8}, {0x5, 0x9, 0x9, 0xfb6}, {0x20, 0x1, 0xf280, 0x5}, {0x0, 0xed98, 0x95, 0x100000000}, {0x200, 0x9e5, 0x100000000, 0x7}, {0x7449, 0x7, 0x380, 0x3}, {0x3d, 0x100, 0x5, 0x16}, {0xfffffffffffffffe, 0x7, 0xfff, 0x5}]}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r16}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x400}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x100}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r17}}}]}}, {{0x8, 0x1, r18}, {0x74, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x100000000}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}]}}, {{0x8, 0x1, r19}, {0x138, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r20}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r21}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r22}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r23}, {0xf0, 0x2, [{0x7c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x4c, 0x4, [{0x4, 0x80000001, 0x4fe, 0x4}, {0x2, 0x7ff, 0x9, 0x3}, {0x5, 0x80, 0x5, 0x7}, {0x8, 0x1f, 0xfffffffffffffffa, 0x4}, {0x4, 0x40, 0xc3c, 0x3}, {0x4, 0x1, 0x8, 0x6}, {0x0, 0xffffffffffff30b8, 0x0, 0x3ff}, {0xfffffffffffffffc, 0x2, 0xfffffffffffffffe, 0x9a0}, {0x7a, 0x2, 0x0, 0x3}]}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x800}}}]}}, {{0x8, 0x1, r24}, {0x268, 0x2, [{0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x2705}}, {0x8, 0x6, r25}}}, {0x74, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x44, 0x4, [{0x6, 0x7a0, 0x1, 0x9}, {0x6c, 0xc7, 0x1, 0x9c}, {0x3f, 0xfffffffffffffff9, 0x10000, 0x9fb}, {0x9, 0xfff, 0x100000000, 0xffffffffffff0000}, {0x8, 0x3, 0x4}, {0x4c, 0x1, 0x101, 0x6524a68d}, {0xfff, 0x20, 0x5, 0x1}, {0x4, 0xb08, 0x100000001, 0xdc}]}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x24, 0x4, [{0x4, 0x100000000, 0xffff, 0x2}, {0x7, 0x7fff, 0x401, 0x94}, {0x0, 0x5, 0x3, 0x3f}, {0x7f, 0x0, 0x1, 0x89}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0xc9c5}}, {0x8, 0x6, r26}}}]}}]}, 0xd80}, 0x1, 0x0, 0x0, 0x40004}, 0x40080c0) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x7, 0x1f, 0x1, 0x1, 0x1}], {0x95}}, &(0x7f000031cff6)='syzkaller\x00', 0x5c6e, 0x34d, &(0x7f00001a7f05)=""/251}, 0x48) [ 1400.306810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1400.306825] ? ip_generic_getfrag+0x11c/0x2d0 [ 1400.306841] ? ip_reply_glue_bits+0xc0/0xc0 [ 1400.306859] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1400.306873] ? skb_put+0x17b/0x1e0 [ 1400.306890] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1400.306913] ? ip_reply_glue_bits+0xc0/0xc0 [ 1400.306937] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1400.306954] ? xfrm_policy_lookup+0x70/0x70 [ 1400.306973] ? ipv4_mtu+0x375/0x580 [ 1400.306991] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1400.307005] ? find_held_lock+0x36/0x1c0 [ 1400.307031] ? ip_setup_cork+0x44d/0x6d0 [ 1400.307048] ip_make_skb+0x2be/0x350 [ 1400.307064] ? ip_reply_glue_bits+0xc0/0xc0 [ 1400.307080] ? ip_flush_pending_frames+0x30/0x30 [ 1400.307101] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1400.307123] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1400.307137] ? xfrm_lookup_route+0x64/0x1f0 [ 1400.307156] udp_sendmsg+0x24ec/0x35e0 [ 1400.307177] ? ip_reply_glue_bits+0xc0/0xc0 [ 1400.415807] ? udp4_lib_lookup2+0x340/0x340 [ 1400.415825] ? graph_lock+0x170/0x170 [ 1400.415849] ? expand_files.part.8+0x9a0/0x9a0 [ 1400.415864] ? check_same_owner+0x320/0x320 [ 1400.415894] ? lock_downgrade+0x8e0/0x8e0 [ 1400.415910] ? lock_release+0xa10/0xa10 [ 1400.415924] ? check_same_owner+0x320/0x320 [ 1400.415942] ? __check_object_size+0x95/0x5d9 [ 1400.415960] inet_sendmsg+0x19f/0x690 [ 1400.415974] ? __might_sleep+0x95/0x190 [ 1400.415988] ? ipip_gro_receive+0x100/0x100 [ 1400.416009] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1400.416026] ? security_socket_sendmsg+0x94/0xc0 [ 1400.416039] ? ipip_gro_receive+0x100/0x100 [ 1400.416058] sock_sendmsg+0xd5/0x120 [ 1400.416073] __sys_sendto+0x3d7/0x670 [ 1400.416089] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1400.416109] ? wait_for_completion+0x870/0x870 [ 1400.416127] ? __lock_is_held+0xb5/0x140 [ 1400.416155] ? __sb_end_write+0xac/0xe0 [ 1400.416175] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1400.416187] ? fput+0x130/0x1a0 [ 1400.416202] ? ksys_write+0x1a6/0x250 [ 1400.416216] ? __do_page_fault+0x441/0xe40 [ 1400.416231] ? __ia32_sys_read+0xb0/0xb0 [ 1400.416250] __ia32_sys_sendto+0xdf/0x1a0 [ 1400.416264] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1400.416283] do_fast_syscall_32+0x345/0xf9b [ 1400.416300] ? do_int80_syscall_32+0x880/0x880 [ 1400.416316] ? _raw_spin_unlock_irq+0x27/0x70 [ 1400.546169] ? finish_task_switch+0x1ca/0x840 [ 1400.550671] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1400.556196] ? syscall_return_slowpath+0x30f/0x5c0 [ 1400.561115] ? sysret32_from_system_call+0x5/0x46 [ 1400.565976] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1400.570819] entry_SYSENTER_compat+0x70/0x7f [ 1400.575302] RIP: 0023:0xf7f63cb9 [ 1400.578651] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1400.586347] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1400.593603] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1400.600857] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1400.608110] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 2018/06/01 03:16:27 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:27 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:27 executing program 7: mkdir(&(0x7f00000000c0)='./control/file0/file0\x00', 0x4) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x1032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000080)={0x2, 0x4}) mount(&(0x7f0000000100)='./control\x00', &(0x7f0000000640)='./control/file0\x00', &(0x7f0000000140)='proc\x00', 0x2000, &(0x7f00000001c0)) lchown(&(0x7f0000000040)='./control/file0\x00', 0x0, 0x0) close(r0) 2018/06/01 03:16:27 executing program 6: r0 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x1, 0x0) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f00000000c0)) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @broadcast=0xffffffff}, {0x1, @link_local={0x1, 0x80, 0xc2}}, 0x2, {0x2, 0x0, @multicast1=0xe0000001}, 'ip6gretap0\x00'}) 2018/06/01 03:16:27 executing program 1: r0 = socket(0x10, 0xffffffffffffffff, 0x0) write(r0, &(0x7f0000000000)="7bdcfeb88c9f30f78664dea3db79480d6bdcc31c542689a9518fd9274049db415413a895a818aa0193ce9d2b5612aa210a3a42b2eb65382db9235fa39e3d894e46878e6569", 0x45) setsockopt$ax25_buf(r0, 0x101, 0x19, &(0x7f0000000100)="b835b3a2b7353cd8bff0421c6bb4c077770a02dec58d3c50772cddb14f74d3988a6c5b48dc2284796b2f5cc49a9c37ce17c9aaf822f6a08503724ed9d09f633c563b9aac1f6990f41eab0c650b3d9e", 0x4f) write(r0, &(0x7f00008eb000)="240000004e001f0014f9f4070408f47e568c51f641a59ef76ba552000000000000000000", 0x1cd) fsync(r0) r1 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x7, 0x0) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000180)={[0x12002, 0xd000, 0x7000, 0x10f000], 0x9, 0xb9, 0x3}) [ 1400.616146] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1400.664607] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:27 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:27 executing program 1: stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) r1 = getgid() chown(&(0x7f0000000040)='./file0\x00', r0, r1) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x225df2df, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="3400000012002108000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014000300694535705f76746930000000000000000000"], 0xffffffffffffff8b}, 0x1, 0x0, 0x0, 0x800000000000}, 0x20000800) 2018/06/01 03:16:27 executing program 2 (fault-call:2 fault-nth:77): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:27 executing program 7: r0 = syz_open_dev$urandom(&(0x7f0000000140)='/dev/urandom\x00', 0x0, 0x0) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000080)) readahead(r0, 0x4, 0xffffffffffdffffd) sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x2, 0x16, 0x6, 0x0, 0x3d, 0x0, 0x70bd29, 0x25dfdbfe, [@sadb_x_filter={0x5, 0x1a, @in6=@mcast2={0xff, 0x2, [], 0x1}, @in=@local={0xac, 0x14, 0x14, 0xaa}, 0x1f, 0x4, 0x4}, @sadb_sa={0x2, 0x1, 0x4d5, 0xffffffff, 0x7ff, 0xcc, 0x2, 0xe0000001}, @sadb_sa={0x2, 0x1, 0x7, 0x1ff, 0x2, 0x2c, 0x3, 0x1}, @sadb_x_sa2={0x2, 0x13, 0x5, 0x0, 0x0, 0x70bd2a, 0x3505}, @sadb_x_nat_t_type={0x1, 0x14, 0x1}, @sadb_x_sa2={0x2, 0x13, 0x5, 0x0, 0x0, 0x70bd27, 0x3505}, @sadb_x_sec_ctx={0x1e, 0x18, 0x8, 0x3, 0xe7, "70e0aa38ecb6ee25ac0cacbe0cb62a587e980f709b071bd72ea6c5fa1fb7c9f519fad26cc72bc6b87a55f115e759b3564d0c4a176a45ee0439403694116f1136482e2fb95f604ff1cf6313b65688d89063c8d6d04249e7225f5c141cfe59fec3c3935d0f4badabf68aff1ed76be76772f78913aaa23bd2814dd9dfc085603cb15f79ee941b040a9ba7807c14da66846f159366c2625f32041fa74a879840cf8d23f051d7082f368a1c3caad9e89a4bce217511b733cd305bc3c675ff264a62b949ab94286d0c04b8ad362b220ef76e47055f1a0cee441a894e7e84f76eddaa22b20a1d40b9e53d"}, @sadb_x_sa2={0x2, 0x13, 0x2, 0x0, 0x0, 0x70bd2a, 0x3505}, @sadb_x_filter={0x5, 0x1a, @in=@broadcast=0xffffffff, @in=@local={0xac, 0x14, 0x14, 0xaa}, 0x9, 0x0, 0x4}, @sadb_x_policy={0x8, 0x12, 0x1, 0x3, 0x0, 0x0, 0x1, {0x6, 0x3f, 0x7, 0x100000001, 0x0, 0x9, 0x0, @in=@rand_addr=0x2, @in6=@ipv4={[], [0xff, 0xff]}}}]}, 0x1e8}, 0x1}, 0x40080) 2018/06/01 03:16:27 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setitimer(0x0, &(0x7f0000000000)={{}, {0x77359400}}, &(0x7f0000000040)) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r0, 0x20000003) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) close(r1) r3 = accept4(r0, &(0x7f0000660ff4)=@nl=@unspec, &(0x7f0000000040)=0xf5b19b4c0b1ce647, 0x0) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000000c0)='ip6gretap0\x00', 0x10) recvfrom$inet(r3, &(0x7f0000000200)=""/12, 0xc, 0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x5}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000240)={r4, 0x4}, 0x8) 2018/06/01 03:16:27 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x100000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:27 executing program 3: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x7fffc) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f00000000c0)=0x6d12, 0x4) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0xc0405405, &(0x7f0000000080)={{0x1, 0x3, 0x0, 0x1, 0x6}, 0x1, 0x9, 0xffff}) socket$inet(0x2, 0x5, 0x80000001) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000240), &(0x7f0000000280)=0xc) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a45320, &(0x7f00000004c0)={{0x4000000080}, 'port0\x00', 0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)={0x4, 0xe000000000, 0x200, 0x0, 0x6, 0xffe, 0xfffffffffffffffb, 0xffffffff, 0x81, 0x4, 0x9, 0x7, 0x0, 0x74, 0x2, 0x10000, 0xc, 0x1, 0x1}) ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000000100)) 2018/06/01 03:16:27 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000000000ffff"], 0x60}, 0x1}, 0x0) [ 1401.248410] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1401.248857] FAULT_INJECTION: forcing a failure. [ 1401.248857] name failslab, interval 1, probability 0, space 0, times 0 [ 1401.267381] CPU: 0 PID: 23655 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1401.274758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1401.284123] Call Trace: [ 1401.286750] dump_stack+0x1b9/0x294 [ 1401.290406] ? dump_stack_print_info.cold.2+0x52/0x52 2018/06/01 03:16:27 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f7, &(0x7f00000001c0)={'ip6gre0\x00', @ifru_map={0x0, 0x6, 0x8, 0x0, 0x0, 0x9}}) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001980)='/dev/uinput\x00', 0x1, 0x0) r2 = dup(0xffffffffffffffff) ioctl$KVM_SMI(r2, 0xaeb7) clock_gettime(0x0, &(0x7f0000001b00)={0x0, 0x0}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r5, &(0x7f0000000100)={&(0x7f0000de2ff4)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x20, 0x4, 0x8, 0xffffffffffffffff, 0x0, 0x0, {}, [@typed={0xc, 0x2, @u64}]}, 0x20}, 0x1}, 0x0) accept4$nfc_llcp(r1, &(0x7f0000001b80), &(0x7f0000001c00)=0x58, 0x80800) recvmmsg(r2, &(0x7f0000001ac0)=[{{&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000001540)=[{&(0x7f0000000080)=""/148, 0x94}, {&(0x7f0000000200)=""/67, 0x43}, {&(0x7f0000000280)=""/41, 0x29}, {&(0x7f00000002c0)=""/150, 0x96}, {&(0x7f0000000380)=""/204, 0xcc}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000001480)=""/148, 0x94}], 0x7, &(0x7f0000001580)=""/244, 0xf4, 0xe87}, 0x7}, {{&(0x7f0000001680)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000001a80)=[{&(0x7f0000001700)=""/181, 0xb5}, {&(0x7f00000017c0)=""/122, 0x7a}, {&(0x7f0000001840)=""/169, 0xa9}, {&(0x7f0000001900)=""/97, 0x61}, {&(0x7f0000001980)}, {&(0x7f00000019c0)=""/179, 0xb3}], 0x6, 0x0, 0x0, 0x40}, 0x1}], 0x2, 0x10020, &(0x7f0000001b40)={r3, r4+30000000}) [ 1401.295617] ? unwind_get_return_address+0x61/0xa0 [ 1401.300571] should_fail.cold.4+0xa/0x1a [ 1401.304652] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1401.309774] ? save_stack+0xa9/0xd0 [ 1401.313519] ? save_stack+0x43/0xd0 [ 1401.317160] ? kasan_kmalloc+0xc4/0xe0 [ 1401.321095] ? __kmalloc_node_track_caller+0x47/0x70 [ 1401.326210] ? __alloc_skb+0x14d/0x780 [ 1401.330111] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1401.335319] ? udp_sendmsg+0x24ec/0x35e0 [ 1401.339485] ? inet_sendmsg+0x19f/0x690 [ 1401.343471] ? sock_sendmsg+0xd5/0x120 [ 1401.347379] ? __sys_sendto+0x3d7/0x670 [ 1401.351367] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1401.355698] ? do_fast_syscall_32+0x345/0xf9b [ 1401.360209] ? find_held_lock+0x36/0x1c0 [ 1401.364308] ? check_same_owner+0x320/0x320 [ 1401.368654] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1401.372709] netlink: 'syz-executor1': attribute type 2 has an invalid length. [ 1401.374197] ? rcu_note_context_switch+0x710/0x710 [ 1401.374220] __should_failslab+0x124/0x180 [ 1401.374240] should_failslab+0x9/0x14 [ 1401.374253] kmem_cache_alloc_node+0x272/0x780 2018/06/01 03:16:28 executing program 3: socketpair(0x15, 0x0, 0x1, &(0x7f0000000040)={0xffffffffffffffff}) recvfrom$unix(r0, &(0x7f0000000080)=""/59, 0x3b, 0x2021, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e) socket$can_raw(0x1d, 0x3, 0x1) setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x0, &(0x7f0000000000), 0x4) [ 1401.374277] __alloc_skb+0x111/0x780 [ 1401.403049] ? skb_scrub_packet+0x580/0x580 [ 1401.407426] ? dst_init+0x459/0x600 [ 1401.411075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1401.416633] ? ip_generic_getfrag+0x11c/0x2d0 [ 1401.421146] ? ip_reply_glue_bits+0xc0/0xc0 [ 1401.425838] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1401.430874] ? skb_put+0x17b/0x1e0 [ 1401.434438] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1401.439657] ? ip_reply_glue_bits+0xc0/0xc0 2018/06/01 03:16:28 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:28 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000040)=""/140, 0xffffffffffffff36) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a45320, &(0x7f00000004c0)={{0x4000000080}, 'port0\x00', 0x3f, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000280)={0x3d8cb47d95373deb}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x0, @tick, 0x8, {0x1, 0x2}, 0x7ff, 0x0, 0x1}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x2, @time={0x0, 0x1c9c380}, 0x2, {0x8, 0x6}, 0x0, 0x1, 0x800}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, 0x0}) r3 = fcntl$getown(r1, 0x9) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000200)={r1, r1, 0x5}) [ 1401.441282] netlink: 'syz-executor1': attribute type 2 has an invalid length. [ 1401.443998] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1401.444018] ? xfrm_policy_lookup+0x70/0x70 [ 1401.444038] ? ipv4_mtu+0x375/0x580 [ 1401.444058] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1401.444072] ? find_held_lock+0x36/0x1c0 [ 1401.444103] ? ip_setup_cork+0x44d/0x6d0 [ 1401.478646] ip_make_skb+0x2be/0x350 [ 1401.482384] ? ip_reply_glue_bits+0xc0/0xc0 [ 1401.486722] ? ip_flush_pending_frames+0x30/0x30 [ 1401.491516] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1401.497257] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1401.502812] ? xfrm_lookup_route+0x64/0x1f0 [ 1401.507247] udp_sendmsg+0x24ec/0x35e0 [ 1401.511150] ? perf_trace_lock+0xd6/0x900 [ 1401.515314] ? ip_reply_glue_bits+0xc0/0xc0 [ 1401.519663] ? udp4_lib_lookup2+0x340/0x340 [ 1401.523998] ? graph_lock+0x170/0x170 [ 1401.527822] ? expand_files.part.8+0x9a0/0x9a0 [ 1401.532441] ? lock_downgrade+0x8e0/0x8e0 [ 1401.536603] ? lock_release+0xa10/0xa10 [ 1401.540611] ? check_same_owner+0x320/0x320 [ 1401.542560] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1401.544991] ? __check_object_size+0x95/0x5d9 [ 1401.545013] inet_sendmsg+0x19f/0x690 [ 1401.545033] ? __might_sleep+0x95/0x190 [ 1401.545051] ? ipip_gro_receive+0x100/0x100 [ 1401.545077] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1401.545105] ? security_socket_sendmsg+0x94/0xc0 [ 1401.579364] ? ipip_gro_receive+0x100/0x100 [ 1401.583706] sock_sendmsg+0xd5/0x120 [ 1401.587434] __sys_sendto+0x3d7/0x670 [ 1401.591249] ? __ia32_sys_getpeername+0xb0/0xb0 2018/06/01 03:16:28 executing program 1: r0 = socket$inet(0x15, 0x5, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) connect$inet(r0, &(0x7f0000024ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendmsg(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="ab1ff86d00375953790000d8000000"], 0x10}, 0x0) [ 1401.595933] ? wait_for_completion+0x870/0x870 [ 1401.600551] ? __sb_end_write+0xac/0xe0 [ 1401.604566] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1401.610133] ? fput+0x130/0x1a0 [ 1401.613425] ? ksys_write+0x1a6/0x250 [ 1401.617236] ? __do_page_fault+0x441/0xe40 [ 1401.621490] ? __ia32_sys_read+0xb0/0xb0 [ 1401.625592] __ia32_sys_sendto+0xdf/0x1a0 [ 1401.629754] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1401.634786] do_fast_syscall_32+0x345/0xf9b [ 1401.639127] ? do_int80_syscall_32+0x880/0x880 [ 1401.643743] ? _raw_spin_unlock_irq+0x27/0x70 [ 1401.648256] ? finish_task_switch+0x1ca/0x840 [ 1401.652773] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1401.658357] ? syscall_return_slowpath+0x30f/0x5c0 [ 1401.663301] ? sysret32_from_system_call+0x5/0x46 [ 1401.668163] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1401.673025] entry_SYSENTER_compat+0x70/0x7f [ 1401.677439] RIP: 0023:0xf7f63cb9 [ 1401.680799] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1401.688513] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd 2018/06/01 03:16:28 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:28 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1401.695796] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1401.703607] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1401.710895] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1401.718182] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:28 executing program 1: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) finit_module(r0, &(0x7f0000000040)='/dev/uinput\x00', 0x1) ioctl$LOOP_CTL_REMOVE(r0, 0x40045565, 0x0) 2018/06/01 03:16:28 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000440)=0x0) r2 = syz_open_procfs(r1, &(0x7f0000000680)="7004000000617200cc6d91bc34b1bc84c77f3952ec7f5679438388cff4d6c2e91dee98f2c3914a256e04e7aac47309b3110bced95a99b24ddd37852da2fb66324a65bb26aefa260b1b5c868f414ead81d43f27c3466f85e160b3a3649ae5702cd3c6cea8b4b1616da23c30be0171f4622317880be93f23513f123d014978944941f87e699b1d20d3318e9cc2769f46f729b346461c0624ad39eb04caf7ab8f6f53ae") getsockopt$netrom_NETROM_T2(r2, 0x103, 0x2, &(0x7f00000000c0)=0x8, &(0x7f0000000100)=0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x1}], 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000140)) r4 = socket$inet_tcp(0x2, 0x1, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) ppoll(&(0x7f00000001c0)=[{r0, 0x109}, {r2, 0x60c}, {r2, 0x42c1}, {r4, 0x1000}, {r2, 0x1}, {r2, 0x8}, {r0}, {r2, 0x4000}], 0x8, &(0x7f0000000240)={r5, r6+30000000}, &(0x7f0000000280)={0x7}, 0x8) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000040)=ANY=[@ANYRES32=r3, @ANYBLOB="1c000000fc4d46db1e856a6ef6c7f59f3d880e6dfdd2e91ace19e000fd8ffd4a06525737684e30b557be5b9c1c72889e6866b15ebf9dd594b752cb"], &(0x7f0000000000)=0x24) io_setup(0x0, &(0x7f00000002c0)=0x0) io_submit(r7, 0x3, &(0x7f0000000600)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x9, r2, &(0x7f0000000300)="1567bcd57c4c3fb5cc1e1daaaddce2d3e57a09eebf881df84c3aaa1168437499324fc635153192dd12f659bd3165b0c0962caed4372a4196d44bf3c7ad55e953fd9c818b01b6be8b5beeaedc8cd6ec4ef2f6109d58c2ac61bc86c740fbe127a65438fe4a4cc2cb16026fbd1bf63c123c0e7f6a818c2f03a61b093917b6399d6c7408f3f40d6a18f624dfc4e423018964ca14cf796745ab83a3f05ee2b1f768119c7d5a580fc21fb85c2cd768fd1c5c356b403dc70742e0371040101049ab9c6d243a3fff851d86a9d04b8372d4d790db1ce0386708f8aea2d50bd0f589024ed07bbfc7580ab13005", 0xe8, 0x8, 0x0, 0x0, r2}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f0000000440), 0x0, 0x100000001, 0x0, 0x1, r2}, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0xe, 0x39, r2, &(0x7f00000004c0)="35ca68b34770e9a242e0a202d87c11dacb6e8c5337682f2cac64c7d0c95826af277c7e479e7b001d443836e27da082c5908988047cb1dd2c10472e63dc2f85b3de4ec0cf75ea7550b7c4b21605dddf15a613298dc7141f40690d7006bba5bd4bb369073568ac7e1352d55f48029fa986cb328cbb303e6db9f5797ef8905176b3d330f5b9f52a4fe0f4e79eba81833ec7a7e954497417171f6220db30b18f9857f2783d0a89cc5446220f5349ff1a76d7a60327d5e4da5804cacc3f85e9fbab573a7f61825400", 0xc6, 0x9, 0x0, 0x1, r2}]) 2018/06/01 03:16:28 executing program 2 (fault-call:2 fault-nth:78): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1401.765699] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:28 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:28 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1401.868436] FAULT_INJECTION: forcing a failure. [ 1401.868436] name failslab, interval 1, probability 0, space 0, times 0 [ 1401.879897] CPU: 0 PID: 23700 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1401.887275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1401.896651] Call Trace: [ 1401.899263] dump_stack+0x1b9/0x294 [ 1401.902927] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1401.908136] ? is_bpf_text_address+0xd7/0x170 [ 1401.912663] should_fail.cold.4+0xa/0x1a [ 1401.916744] ? __save_stack_trace+0x7e/0xd0 [ 1401.921092] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1401.926223] ? save_stack+0x43/0xd0 [ 1401.929871] ? kasan_kmalloc+0xc4/0xe0 [ 1401.933773] ? kasan_slab_alloc+0x12/0x20 [ 1401.937940] ? find_held_lock+0x36/0x1c0 [ 1401.942045] ? check_same_owner+0x320/0x320 [ 1401.946393] ? rcu_note_context_switch+0x710/0x710 [ 1401.951340] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1401.955768] __should_failslab+0x124/0x180 [ 1401.960022] should_failslab+0x9/0x14 [ 1401.963837] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1401.968972] __kmalloc_node_track_caller+0x33/0x70 [ 1401.973926] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1401.978708] __alloc_skb+0x14d/0x780 [ 1401.982450] ? skb_scrub_packet+0x580/0x580 [ 1401.986819] ? dst_init+0x459/0x600 [ 1401.990477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1401.996716] ? ip_generic_getfrag+0x11c/0x2d0 [ 1402.001240] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.005594] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1402.010632] ? skb_put+0x17b/0x1e0 [ 1402.014200] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1402.015155] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1402.019262] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.019313] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1402.019332] ? xfrm_policy_lookup+0x70/0x70 [ 1402.019354] ? ipv4_mtu+0x375/0x580 [ 1402.019376] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1402.019394] ? find_held_lock+0x36/0x1c0 [ 1402.054510] ? ip_setup_cork+0x44d/0x6d0 [ 1402.058597] ip_make_skb+0x2be/0x350 [ 1402.062337] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.066681] ? ip_flush_pending_frames+0x30/0x30 [ 1402.071465] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1402.077036] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1402.082600] ? xfrm_lookup_route+0x64/0x1f0 [ 1402.086945] udp_sendmsg+0x24ec/0x35e0 [ 1402.090832] ? perf_trace_lock+0xd6/0x900 [ 1402.094992] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.099340] ? udp4_lib_lookup2+0x340/0x340 [ 1402.103680] ? graph_lock+0x170/0x170 [ 1402.107490] ? expand_files.part.8+0x9a0/0x9a0 [ 1402.112096] ? lock_downgrade+0x8e0/0x8e0 [ 1402.116262] ? lock_release+0xa10/0xa10 [ 1402.120258] ? check_same_owner+0x320/0x320 [ 1402.124590] ? __check_object_size+0x95/0x5d9 [ 1402.129083] inet_sendmsg+0x19f/0x690 [ 1402.132885] ? __might_sleep+0x95/0x190 [ 1402.136861] ? ipip_gro_receive+0x100/0x100 [ 1402.141205] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1402.146742] ? security_socket_sendmsg+0x94/0xc0 [ 1402.151508] ? ipip_gro_receive+0x100/0x100 [ 1402.155843] sock_sendmsg+0xd5/0x120 [ 1402.159588] __sys_sendto+0x3d7/0x670 [ 1402.163384] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1402.168069] ? wait_for_completion+0x870/0x870 [ 1402.172680] ? __sb_end_write+0xac/0xe0 [ 1402.176653] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1402.182193] ? fput+0x130/0x1a0 [ 1402.185477] ? ksys_write+0x1a6/0x250 [ 1402.189290] ? __do_page_fault+0x441/0xe40 [ 1402.193531] ? __ia32_sys_read+0xb0/0xb0 [ 1402.197616] __ia32_sys_sendto+0xdf/0x1a0 [ 1402.201787] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1402.206819] do_fast_syscall_32+0x345/0xf9b [ 1402.211151] ? do_int80_syscall_32+0x880/0x880 [ 1402.215725] ? _raw_spin_unlock_irq+0x27/0x70 [ 1402.220212] ? finish_task_switch+0x1ca/0x840 [ 1402.224709] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1402.230234] ? syscall_return_slowpath+0x30f/0x5c0 [ 1402.235175] ? sysret32_from_system_call+0x5/0x46 [ 1402.240029] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1402.244868] entry_SYSENTER_compat+0x70/0x7f [ 1402.249270] RIP: 0023:0xf7f63cb9 [ 1402.252622] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1402.260330] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd 2018/06/01 03:16:28 executing program 6: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x89}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='smaps_rollup\x00') preadv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/51, 0x17}], 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000240)={0x18, 0x0, {0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, "626f6e645f736c6176655f3000000200"}}, 0xffa6) syz_open_dev$dspn(&(0x7f0000000280)='/dev/dsp#\x00', 0x0, 0x101200) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000300)={0x0, 0xeb, "216f1f5f6ad2e2b619cc3671d946bf855d690fa29afeb3d6bb96c8952af85bd28ca54cca2dba8b674b91524cf051fa6b662948128053d62f699b0f2877d522e5cc6b5eeaa39fc39e88fcb105b70b332cfbf1fd453737b5ee2173b5c29a62e56b35ba309884a171e5c522d08c0acd1c7021b50af47162bbc1a07bdabaa232c8591f4b00d63b4dc2d144075974e04c2688abc1316ea1197d79e0cfdbc2b63847625c662699c1c3bc4053e37ea70d1b0c715f4bf8ef1177fe239c419ff1476b95028483a8e45db0b3f096b6694b07671ef33e7f829136827f4570bfc96f8a5fa40ae730e464299ff5e8f5561e"}, &(0x7f0000000400)=0xf3) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYBLOB="b70100001da9dd151e37e984ffba0d4ae7d971e5c4d25c3f5de3b3cab40100000000000000d0a74953ab06f84347db712e41b5209694802d1b7cd1e7bc667400004df550721ada892eb61b031ea2f389336e93258954e51e9b5c4e6b7207147f048b9b25ecc8c3"], &(0x7f0000000140)=0x1cb) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000200)={r2, 0x20}, 0x8) [ 1402.267597] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1402.274850] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1402.282109] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1402.289366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:29 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xfec00000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:29 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000072fee)='/dev/input/event#\x00', 0x0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x7, 0x20081) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000080)={0x0, 0x5}) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000734ffc)=0x1) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000040)) 2018/06/01 03:16:29 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:29 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000007fff"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:29 executing program 2 (fault-call:2 fault-nth:79): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:29 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x9aba, 0x600) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in=@remote, @in6=@ipv4={[], [], @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@local}}, &(0x7f0000000400)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'team0\x00', 0x0}) sendmsg$nl_xfrm(r3, &(0x7f00000007c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000780)={&(0x7f0000000540)=@delsa={0x238, 0x11, 0x100, 0x70bd27, 0x25dfdbfb, {@in6=@mcast1={0xff, 0x1, [], 0x1}, 0x4d6, 0x2, 0xc23c006944a9ee3b}, [@replay_thresh={0x8, 0xb, 0x2f}, @offload={0xc, 0x1c, {r4, 0x2}}, @algo_crypt={0x148, 0x2, {{'ctr-camellia-aesni\x00'}, 0x7f8, "8885ddfc13b8baad57ceba48be2d3b3b3904b9e439e3584195d894b8b79662b2b5d5116989ccfb19326681079c0487f768ef075563b633e4a96d87f43680ad9509ae35fce3d070c65d0a15497612b402daf88ab70da4aadbb7ad636d94b5834733fe194f0a67b7bfa4fdbb7039fc4701204d616414a90410c2f255c8e783320fb5fd8251e706744b1619fe287fb9338709e4e1b33360451d3941000a41998a16762dbd43b72bdeba34fec18bc012ccbf404e38cad616625de41f5e3fb6ee30ae71bcaf2529ba8c5c68fd0d99c2edf719a24c030726f7952de1df8ce8c3d92c717e234a86d52aef07dab41d828578c6dbf51f8a4cf0a2b99b186e379ee78888"}}, @address_filter={0x28, 0x1a, {@in6=@mcast2={0xff, 0x2, [], 0x1}, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0xa, 0x2, 0x7}}, @offload={0xc, 0x1c, {r5, 0x3}}, @replay_val={0x10, 0xa, {0x70bd29, 0x70bd2d, 0x7}}, @encap={0x1c, 0x4, {0xffffffffffffffff, 0x4e22, 0x4e22, @in6=@remote={0xfe, 0x80, [], 0xbb}}}, @coaddr={0x14, 0xe}, @lifetime_val={0x24, 0x9, {0x7, 0x0, 0x3cc, 0xd512}}, @sec_ctx={0x1c, 0x8, {0x17, 0x8, 0x1, 0x0, 0xf, "b9f4753c23690da1a9d9175817084b"}}]}, 0x238}, 0x1, 0x0, 0x0, 0x80}, 0xc2c1ec7f931543de) ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0) [ 1402.427271] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1402.441787] FAULT_INJECTION: forcing a failure. [ 1402.441787] name failslab, interval 1, probability 0, space 0, times 0 [ 1402.453240] CPU: 0 PID: 23724 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1402.460619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1402.469974] Call Trace: [ 1402.472566] dump_stack+0x1b9/0x294 [ 1402.476188] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1402.481368] ? is_bpf_text_address+0xd7/0x170 [ 1402.485861] should_fail.cold.4+0xa/0x1a [ 1402.489908] ? __save_stack_trace+0x7e/0xd0 [ 1402.494233] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1402.499340] ? save_stack+0x43/0xd0 [ 1402.502954] ? kasan_kmalloc+0xc4/0xe0 [ 1402.506832] ? kasan_slab_alloc+0x12/0x20 [ 1402.510978] ? find_held_lock+0x36/0x1c0 [ 1402.515060] ? check_same_owner+0x320/0x320 [ 1402.519383] ? rcu_note_context_switch+0x710/0x710 [ 1402.524481] __should_failslab+0x124/0x180 [ 1402.528709] should_failslab+0x9/0x14 [ 1402.532504] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1402.537610] __kmalloc_node_track_caller+0x33/0x70 [ 1402.542557] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1402.547317] __alloc_skb+0x14d/0x780 [ 1402.551039] ? skb_scrub_packet+0x580/0x580 [ 1402.555359] ? dst_init+0x459/0x600 [ 1402.558996] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1402.564526] ? ip_generic_getfrag+0x11c/0x2d0 [ 1402.569016] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.573333] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1402.578341] ? skb_put+0x17b/0x1e0 [ 1402.581875] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1402.586886] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.591206] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1402.596998] ? xfrm_policy_lookup+0x70/0x70 [ 1402.601325] ? ipv4_mtu+0x375/0x580 [ 1402.604952] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1402.610995] ? find_held_lock+0x36/0x1c0 [ 1402.615057] ? ip_setup_cork+0x44d/0x6d0 [ 1402.619118] ip_make_skb+0x2be/0x350 [ 1402.622830] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.627146] ? ip_flush_pending_frames+0x30/0x30 [ 1402.631894] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1402.637427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1402.642956] ? xfrm_lookup_route+0x64/0x1f0 [ 1402.647281] udp_sendmsg+0x24ec/0x35e0 [ 1402.651157] ? perf_trace_lock+0xd6/0x900 [ 1402.655294] ? ip_reply_glue_bits+0xc0/0xc0 [ 1402.659612] ? udp4_lib_lookup2+0x340/0x340 [ 1402.663930] ? graph_lock+0x170/0x170 [ 1402.667722] ? expand_files.part.8+0x9a0/0x9a0 [ 1402.672307] ? lock_downgrade+0x8e0/0x8e0 [ 1402.676445] ? lock_release+0xa10/0xa10 [ 1402.680417] ? check_same_owner+0x320/0x320 [ 1402.684726] ? __check_object_size+0x95/0x5d9 [ 1402.689212] inet_sendmsg+0x19f/0x690 [ 1402.693020] ? __might_sleep+0x95/0x190 [ 1402.696988] ? ipip_gro_receive+0x100/0x100 [ 1402.701310] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1402.706859] ? security_socket_sendmsg+0x94/0xc0 [ 1402.711602] ? ipip_gro_receive+0x100/0x100 [ 1402.715924] sock_sendmsg+0xd5/0x120 [ 1402.719628] __sys_sendto+0x3d7/0x670 [ 1402.723430] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1402.728091] ? wait_for_completion+0x870/0x870 [ 1402.732767] ? __sb_end_write+0xac/0xe0 [ 1402.736733] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1402.742255] ? fput+0x130/0x1a0 [ 1402.745523] ? ksys_write+0x1a6/0x250 [ 1402.749310] ? __do_page_fault+0x441/0xe40 [ 1402.753648] ? __ia32_sys_read+0xb0/0xb0 [ 1402.757700] __ia32_sys_sendto+0xdf/0x1a0 [ 1402.762021] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1402.767043] do_fast_syscall_32+0x345/0xf9b [ 1402.771359] ? do_int80_syscall_32+0x880/0x880 [ 1402.775929] ? _raw_spin_unlock_irq+0x27/0x70 [ 1402.780411] ? finish_task_switch+0x1ca/0x840 [ 1402.784897] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1402.790424] ? syscall_return_slowpath+0x30f/0x5c0 [ 1402.795344] ? sysret32_from_system_call+0x5/0x46 [ 1402.800180] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1402.805027] entry_SYSENTER_compat+0x70/0x7f [ 1402.809441] RIP: 0023:0xf7f63cb9 [ 1402.812813] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1402.820524] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1402.827968] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1402.835252] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1402.842512] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1402.849772] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:29 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000000000)={0x77359400}, &(0x7f0000e7fffc), 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0x200000, 0x0) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x8) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) clone(0x0, &(0x7f0000623000), &(0x7f00002cfffc), &(0x7f0000907000), &(0x7f0000553000)) tkill(r0, 0x1000000000016) r2 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a}, &(0x7f0000000280)='k', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000440)={0x0, r2}, &(0x7f0000000480)=""/96, 0x60, 0x0) 2018/06/01 03:16:29 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={r0}) setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000001c0)={0x9, 0x8001, 0x2, 0x9}, 0x8) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000180), &(0x7f0000000240)=0x3cb) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cfb(camellia-asm)\x00'}, 0x58) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000300)={0x0, 'bcsf0\x00'}, 0x18) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="3e244e7e87adeb0717edd8b867042a0dedf14029e85b62f0e04b65b9f0136662c0139bace0f70331c42f6c122ecc017245", 0xfffffffffffffe94) accept4$llc(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000002c0)=0x10, 0x80000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ptmx\x00', 0x20802, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f00000003c0)=r2) fcntl$getflags(r0, 0x40b) 2018/06/01 03:16:29 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x500}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:29 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00007a0000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = geteuid() setfsuid(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000616ff8)={0xffffffffffffffff, 0xffffffffffffffff}) bind$alg(r1, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(ctr-des3_ede-asm,rmd256-generic)\x00'}, 0x58) sendmsg$unix(r4, &(0x7f00000003c0)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000340), 0x0, &(0x7f0000000380)=[@rights={0x18, 0x1, 0x1, [r3]}], 0x18}, 0x0) write$binfmt_elf64(r4, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, 0x216, 0x0, 0x0, 0x38, 0x1}, [], "47ac731e5dcf93de1c5186cac642bc09fc33dedb034453bb195a37beaf2b6850e0f6d519a12a623ec35f71b54fa1b003b3a507dd38dbe62f12790759daa97a99cdb1e3422975966d7b457d3bee5bf5d7ebb2fe488c35eac7e5e1c1a48ad773bae1cd21826f31ac553f5932f205e7d6ec408e30aef4220a34cf99f738e62ac74f874dffe9830141c1ad89b2322468d11bcbb7891ad2f5b4ad7d9efecf69a14e836343cf3142ef6a99654d237344af70ea87586a5dc4548e7d85cc3be16608e788305e222ac5c8eb573b80b892de2434cc4320"}, 0x112) close(r3) close(r0) r5 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000240)={0x0, 0x0, @remote}, &(0x7f0000000280)=0x10, 0x800) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000400)={0x0, @in6={{0xa, 0x4e20, 0x100000000, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x2}}, [0x80000000, 0xffffffffffff0000, 0x3, 0x9, 0x1, 0x6, 0x3, 0x2, 0x40, 0xfc1, 0x7, 0x33, 0x100000000, 0x7, 0x4c]}, &(0x7f00000002c0)=0x100) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000300)={0x3, 0x8, 0x80000000, 0xfffffffffffff000, r6}, &(0x7f0000000340)=0x10) 2018/06/01 03:16:29 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000040"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:29 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:29 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000380)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a45320, &(0x7f00000004c0)={{0x4000000080, 0x400000000}, 'port0\x00', 0x3b, 0x0, 0x0, 0x8, 0x100000, 0x0, 0x0, 0x0, 0xfffffffffffffffe}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000280)={0x3d8cb47d95373def}) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0xc0305302, &(0x7f0000000100)) socketpair(0x47bc70c3c2ec5d8, 0x40000000080f, 0x4, &(0x7f00000001c0)={0xffffffffffffffff}) clock_gettime(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0}) write$evdev(r1, &(0x7f0000000240)=[{{r2, r3/1000+10000}, 0x1ff, 0x8, 0x9c}], 0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000200)={0xbe, 0x7, 0x4, 0x1, 0x8, 0x1673dd8c, 0x248, 0xfffffffffffffff8, 0x0}, &(0x7f0000000300)=0x20) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=r4, @ANYBLOB="89e30403c8dc8a"], 0x10) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000000)=0x3) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000180)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0], 0x9, 0x7, 0x5, 0x2}) 2018/06/01 03:16:29 executing program 2 (fault-call:2 fault-nth:80): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1403.309399] FAULT_INJECTION: forcing a failure. [ 1403.309399] name failslab, interval 1, probability 0, space 0, times 0 [ 1403.320829] CPU: 0 PID: 23765 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1403.328225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1403.337700] Call Trace: [ 1403.340318] dump_stack+0x1b9/0x294 [ 1403.343973] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1403.349188] ? is_bpf_text_address+0xd7/0x170 [ 1403.353712] ? kernel_text_address+0x79/0xf0 [ 1403.358230] ? __unwind_start+0x166/0x330 [ 1403.362403] should_fail.cold.4+0xa/0x1a [ 1403.366487] ? __save_stack_trace+0x7e/0xd0 [ 1403.370834] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1403.375967] ? save_stack+0xa9/0xd0 [ 1403.379614] ? save_stack+0x43/0xd0 [ 1403.383259] ? kasan_kmalloc+0xc4/0xe0 [ 1403.387166] ? kasan_slab_alloc+0x12/0x20 [ 1403.391357] ? find_held_lock+0x36/0x1c0 [ 1403.395469] ? check_same_owner+0x320/0x320 [ 1403.399818] ? rcu_note_context_switch+0x710/0x710 [ 1403.404812] __should_failslab+0x124/0x180 2018/06/01 03:16:30 executing program 1: perf_event_open(&(0x7f0000000040)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x7056c1, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)) r0 = getpid() pipe(&(0x7f0000000440)={0xffffffffffffffff}) r2 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f00000003c0)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10, 0x80800) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000400)={r2}) tkill(r0, 0x35) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc00c64b5, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0], 0x1}) 2018/06/01 03:16:30 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:30 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp\x00') pread64(r0, &(0x7f0000003c00)=""/4096, 0x1000, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x101000, 0x0) [ 1403.409068] should_failslab+0x9/0x14 [ 1403.412899] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1403.418030] __kmalloc_node_track_caller+0x33/0x70 [ 1403.422980] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1403.427766] __alloc_skb+0x14d/0x780 [ 1403.431500] ? skb_scrub_packet+0x580/0x580 [ 1403.435838] ? dst_init+0x459/0x600 [ 1403.439482] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1403.445037] ? ip_generic_getfrag+0x11c/0x2d0 [ 1403.449550] ? ip_reply_glue_bits+0xc0/0xc0 [ 1403.453897] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1403.459001] ? skb_put+0x17b/0x1e0 [ 1403.462548] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1403.467587] ? ip_reply_glue_bits+0xc0/0xc0 [ 1403.471925] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1403.477714] ? xfrm_policy_lookup+0x70/0x70 [ 1403.482034] ? ipv4_mtu+0x375/0x580 [ 1403.485660] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1403.491123] ? find_held_lock+0x36/0x1c0 [ 1403.495444] ? ip_setup_cork+0x44d/0x6d0 [ 1403.499505] ip_make_skb+0x2be/0x350 [ 1403.503214] ? ip_reply_glue_bits+0xc0/0xc0 [ 1403.507531] ? ip_flush_pending_frames+0x30/0x30 [ 1403.512281] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1403.517829] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1403.523454] ? xfrm_lookup_route+0x64/0x1f0 [ 1403.527784] udp_sendmsg+0x24ec/0x35e0 [ 1403.531663] ? ip_reply_glue_bits+0xc0/0xc0 [ 1403.535987] ? udp4_lib_lookup2+0x340/0x340 [ 1403.540313] ? graph_lock+0x170/0x170 [ 1403.544117] ? expand_files.part.8+0x9a0/0x9a0 [ 1403.548712] ? check_same_owner+0x320/0x320 [ 1403.553052] ? lock_downgrade+0x8e0/0x8e0 [ 1403.557190] ? lock_release+0xa10/0xa10 [ 1403.561152] ? check_same_owner+0x320/0x320 [ 1403.565467] ? __check_object_size+0x95/0x5d9 [ 1403.569949] inet_sendmsg+0x19f/0x690 [ 1403.573742] ? __might_sleep+0x95/0x190 [ 1403.577713] ? ipip_gro_receive+0x100/0x100 [ 1403.582034] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1403.587562] ? security_socket_sendmsg+0x94/0xc0 [ 1403.592319] ? ipip_gro_receive+0x100/0x100 [ 1403.596632] sock_sendmsg+0xd5/0x120 [ 1403.600354] __sys_sendto+0x3d7/0x670 [ 1403.604146] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1403.608821] ? wait_for_completion+0x870/0x870 [ 1403.613399] ? __lock_is_held+0xb5/0x140 [ 1403.617458] ? __sb_end_write+0xac/0xe0 [ 1403.621424] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1403.626964] ? fput+0x130/0x1a0 [ 1403.630241] ? ksys_write+0x1a6/0x250 [ 1403.634037] ? __do_page_fault+0x441/0xe40 [ 1403.638263] ? __ia32_sys_read+0xb0/0xb0 [ 1403.642328] __ia32_sys_sendto+0xdf/0x1a0 [ 1403.646482] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1403.651503] do_fast_syscall_32+0x345/0xf9b [ 1403.655820] ? do_int80_syscall_32+0x880/0x880 [ 1403.660402] ? finish_task_switch+0x1ca/0x840 [ 1403.664901] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1403.670437] ? syscall_return_slowpath+0x30f/0x5c0 [ 1403.675378] ? sysret32_from_system_call+0x5/0x46 [ 1403.680213] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1403.685048] entry_SYSENTER_compat+0x70/0x7f [ 1403.689445] RIP: 0023:0xf7f63cb9 [ 1403.692795] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1403.700491] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd 2018/06/01 03:16:30 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1403.707750] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1403.715014] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1403.722280] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1403.729548] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:30 executing program 1: perf_event_open(&(0x7f0000000040)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x7056c1, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)) r0 = getpid() pipe(&(0x7f0000000440)={0xffffffffffffffff}) r2 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f00000003c0)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10, 0x80800) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000400)={r2}) tkill(r0, 0x35) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc00c64b5, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0], 0x1}) 2018/06/01 03:16:30 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:30 executing program 6: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snapshot\x00', 0x0, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x2, 0x1, 0x1, 0x4, {0xa, 0x4e21, 0x100000001, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x766}}}, 0x40a) mincore(&(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)=""/6) close(r1) 2018/06/01 03:16:30 executing program 3: r0 = socket$inet6_sctp(0xa, 0x805, 0x84) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x1) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000080)={r1, 0x10000}, &(0x7f00000000c0)=0x8) 2018/06/01 03:16:31 executing program 7: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000100)={'gre0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="0000000008004b6a307a5c24d273000010000000ff0100000e0000000000000000000001ff0200000000000000000000000000014e224e2106000000000000000000000000000000a0fb9f7d4c522a24ffff0cd80000080000000250b34382e3318a64181437278fb5c2f223879071dc6412caf642d5110dc96cd93129c1be2b6bd0d9e96bc2a991a6d2aea7a8cc6da1e2ea00000000000080010f8a000000090000000000000000000000000000000003000000000000000900000081000000090000000800000003000000ff0000000100000005ffffe50500000000000000"]}) ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000200)={'vlan0\x00', {0x2, 0x4e23}}) bind$alg(r1, &(0x7f0000000340)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58) listen(r0, 0x2) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000001c0)="e180db4e3b23cdde86a3b7ae4fdb961983a44c4bca5351a6904cf9b053d46ee6", 0x19) socket$alg(0x26, 0x5, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000240)='/dev/dsp#\x00', 0xffffffff, 0x109002) ioctl$TCFLSH(r2, 0x540b, 0xcfed) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000003c0)={{{@in6=@mcast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}}}, &(0x7f0000000280)=0xe8) getresuid(&(0x7f00000002c0)=0x0, &(0x7f0000000300), &(0x7f00000004c0)) setsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000500)={{{@in=@multicast2=0xe0000002, @in=@dev={0xac, 0x14, 0x14, 0xd}, 0x4e23, 0x2, 0x4e21, 0x0, 0x2, 0xa0, 0xa0, 0x8, r3, r4}, {0x6, 0x1f, 0x3, 0x0, 0x5, 0x7fffffff, 0x3, 0xf73c}, {0x6, 0x5a, 0x3, 0x8}, 0x94e, 0x6e6bb0, 0x1, 0x0, 0x3, 0x1}, {{@in6=@ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x4d2, 0xff}, 0xa, @in=@rand_addr=0x3, 0x3505, 0x4, 0x8b21e397434098eb, 0xffffffff7fffffff, 0x46, 0xffff, 0xffffffff}}, 0xe8) 2018/06/01 03:16:31 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f00000002c0)=0x3ff, 0x4) bind$inet6(r1, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f00004aaffc)=0x2, 0x4) sendto$inet6(r1, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f000006ffe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) getsockopt$inet6_buf(r1, 0x29, 0x0, &(0x7f0000000080), &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4004240b, &(0x7f00000000c0)={0x3, 0x70, 0x1, 0x7fff, 0x80000001, 0x9, 0x0, 0x4, 0x20, 0x1, 0x6, 0x10001, 0x81, 0x4, 0x8, 0x3, 0x93, 0x9, 0x3, 0x0, 0x1, 0x1, 0x6b7b, 0xae5, 0x5, 0xa5bc, 0x2, 0x8, 0x2, 0x3f, 0xffff, 0x7ff, 0x2862, 0x74b, 0xfffffffffffffff8, 0x7ff, 0xfa8, 0x7fffffff, 0x0, 0xffffffffffffd1f8, 0x1, @perf_bp={&(0x7f0000000080), 0x2}, 0x20080, 0x9fa9, 0x1, 0x7, 0x4, 0x4, 0x2}) 2018/06/01 03:16:31 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:31 executing program 6: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)={'syz1', "3d43264b8ba0b71641a7cbcd5d2d6abc2a6b70c544891024b16c1e847f3173b4df5f53bd340b67b2fa7d297acff798437dbb3fe5bc9e917ffa17acbb3d9556a8c84e27e0ad85d50114e4ecfb1dccf0712f1851270a791024ba738e76e93db9"}, 0x63) r1 = dup2(r0, r0) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa00001}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=@getae={0xd4, 0x1f, 0x10, 0x70bd29, 0x25dfdbfc, {{@in=@local={0xac, 0x14, 0x14, 0xaa}, 0x4d2, 0x2, 0x2b}, @in=@broadcast=0xffffffff, 0x7, 0x3502}, [@ipv6_hthresh={0x8, 0x4, {0x3f, 0x10}}, @sec_ctx={0x20, 0x8, {0x19, 0x8, 0x1, 0x9, 0x11, "033902ef1c8cedf1e45fb1efbf66576f33"}}, @proto={0x8, 0x19, 0xff}, @coaddr={0x14, 0xe, @in6=@mcast2={0xff, 0x2, [], 0x1}}, @address_filter={0x28, 0x1a, {@in=@multicast1=0xe0000001, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0xa, 0x2465894c, 0x4}}, @replay_esn_val={0x20, 0x17, {0x1, 0x70bd26, 0x70bd2d, 0x70bd2d, 0x70bd29, 0x5, [0xc00000]}}, @ipv4_hthresh={0x8, 0x3, {0x1f, 0xb}}]}, 0xd4}, 0x1, 0x0, 0x0, 0x40}, 0x0) 2018/06/01 03:16:31 executing program 2 (fault-call:2 fault-nth:81): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:31 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:31 executing program 1: pipe2(&(0x7f0000000200)={0xffffffffffffffff}, 0x4000) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000240)) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x105000, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f00000001c0)={0xffff}, 0x4) r2 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_opts(r2, 0x0, 0xd, &(0x7f0000000140)="ca", 0x1) getsockopt$inet_opts(r2, 0x0, 0x9, &(0x7f0000000000)=""/193, &(0x7f0000000100)=0x14) 2018/06/01 03:16:31 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x500000000000000}, 0x1c) shutdown(r0, 0x0) [ 1404.529411] FAULT_INJECTION: forcing a failure. [ 1404.529411] name failslab, interval 1, probability 0, space 0, times 0 [ 1404.540765] CPU: 0 PID: 23826 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1404.548160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1404.557537] Call Trace: [ 1404.560153] dump_stack+0x1b9/0x294 [ 1404.563806] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1404.569018] ? unwind_get_return_address+0x61/0xa0 [ 1404.573972] should_fail.cold.4+0xa/0x1a [ 1404.578056] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1404.583190] ? save_stack+0xa9/0xd0 [ 1404.586836] ? save_stack+0x43/0xd0 [ 1404.590483] ? kasan_kmalloc+0xc4/0xe0 [ 1404.594388] ? __kmalloc_node_track_caller+0x47/0x70 [ 1404.599515] ? __alloc_skb+0x14d/0x780 [ 1404.603423] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1404.608649] ? udp_sendmsg+0x24ec/0x35e0 [ 1404.612725] ? inet_sendmsg+0x19f/0x690 [ 1404.616720] ? sock_sendmsg+0xd5/0x120 [ 1404.620630] ? __sys_sendto+0x3d7/0x670 [ 1404.624618] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1404.628982] ? do_fast_syscall_32+0x345/0xf9b [ 1404.633501] ? find_held_lock+0x36/0x1c0 [ 1404.637605] ? check_same_owner+0x320/0x320 [ 1404.641961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1404.647508] ? rcu_note_context_switch+0x710/0x710 [ 1404.652437] __should_failslab+0x124/0x180 [ 1404.656680] should_failslab+0x9/0x14 [ 1404.660474] kmem_cache_alloc_node+0x272/0x780 [ 1404.665060] __alloc_skb+0x111/0x780 [ 1404.668783] ? skb_scrub_packet+0x580/0x580 [ 1404.673119] ? dst_init+0x459/0x600 [ 1404.676754] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1404.682323] ? ip_generic_getfrag+0x11c/0x2d0 [ 1404.686821] ? ip_reply_glue_bits+0xc0/0xc0 [ 1404.691145] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1404.696159] ? skb_put+0x17b/0x1e0 [ 1404.699699] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1404.704719] ? ip_reply_glue_bits+0xc0/0xc0 [ 1404.709050] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1404.714862] ? xfrm_policy_lookup+0x70/0x70 [ 1404.719189] ? ipv4_mtu+0x375/0x580 [ 1404.722817] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1404.728258] ? find_held_lock+0x36/0x1c0 [ 1404.732323] ? ip_setup_cork+0x44d/0x6d0 [ 1404.736376] ip_make_skb+0x2be/0x350 [ 1404.740090] ? ip_reply_glue_bits+0xc0/0xc0 [ 1404.744413] ? ip_flush_pending_frames+0x30/0x30 [ 1404.749166] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1404.754711] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1404.760240] ? xfrm_lookup_route+0x64/0x1f0 [ 1404.764559] udp_sendmsg+0x24ec/0x35e0 [ 1404.768441] ? perf_trace_lock+0xd6/0x900 [ 1404.772587] ? ip_reply_glue_bits+0xc0/0xc0 [ 1404.776908] ? udp4_lib_lookup2+0x340/0x340 [ 1404.781223] ? graph_lock+0x170/0x170 [ 1404.785041] ? expand_files.part.8+0x9a0/0x9a0 [ 1404.789644] ? lock_downgrade+0x8e0/0x8e0 [ 1404.793787] ? lock_release+0xa10/0xa10 [ 1404.797752] ? check_same_owner+0x320/0x320 [ 1404.802072] ? __check_object_size+0x95/0x5d9 [ 1404.806572] inet_sendmsg+0x19f/0x690 [ 1404.810365] ? __might_sleep+0x95/0x190 [ 1404.814328] ? ipip_gro_receive+0x100/0x100 [ 1404.818817] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1404.824350] ? security_socket_sendmsg+0x94/0xc0 [ 1404.829096] ? ipip_gro_receive+0x100/0x100 [ 1404.833410] sock_sendmsg+0xd5/0x120 [ 1404.837201] __sys_sendto+0x3d7/0x670 [ 1404.840993] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1404.845660] ? wait_for_completion+0x870/0x870 [ 1404.850262] ? __sb_end_write+0xac/0xe0 [ 1404.854236] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1404.859855] ? fput+0x130/0x1a0 [ 1404.863134] ? ksys_write+0x1a6/0x250 [ 1404.866947] ? __do_page_fault+0x441/0xe40 [ 1404.871186] ? __ia32_sys_read+0xb0/0xb0 [ 1404.875274] __ia32_sys_sendto+0xdf/0x1a0 [ 1404.879420] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1404.884449] do_fast_syscall_32+0x345/0xf9b [ 1404.888780] ? do_int80_syscall_32+0x880/0x880 [ 1404.893364] ? _raw_spin_unlock_irq+0x27/0x70 [ 1404.897856] ? finish_task_switch+0x1ca/0x840 [ 1404.902364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1404.907897] ? syscall_return_slowpath+0x30f/0x5c0 [ 1404.912827] ? sysret32_from_system_call+0x5/0x46 [ 1404.917677] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1404.922517] entry_SYSENTER_compat+0x70/0x7f [ 1404.926929] RIP: 0023:0xf7f63cb9 [ 1404.930278] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1404.937978] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1404.945237] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1404.952498] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1404.959769] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1404.967052] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:31 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x40, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f00000000c0)={0x3ff, 0x8000, 0x77, 0x4, 0x1000}) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000000)='cpuset\x00', 0x0, &(0x7f000000a000)) 2018/06/01 03:16:31 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x1d, 0x2, 0x10001) bind(r0, &(0x7f0000afb000)=@generic={0x1e, "01030000000000b9000000004700000000a979f321b30c7bc8790405c7bad62e0a63a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb3151d24acef1f1622ca5bdb9c8ea31000077aeb81c90001b6d7c980400000000f70dc136cb184a"}, 0x80) r1 = socket(0x1e, 0x5, 0x0) sendmsg(r1, &(0x7f0000316000)={&(0x7f0000dd7000)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000d0bfd0), 0x0, &(0x7f00002d4000)}, 0x0) 2018/06/01 03:16:31 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:31 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:31 executing program 6: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000001fe8)) seccomp(0x1, 0x1, &(0x7f0000000040)={0x1, &(0x7f0000d92000)=[{0x0, 0x0, 0x0, 0x4}]}) 2018/06/01 03:16:31 executing program 2 (fault-call:2 fault-nth:82): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:31 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x400000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:31 executing program 3: socketpair(0x17, 0x0, 0x3, &(0x7f0000000180)={0xffffffffffffffff}) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/39, 0x27}, {&(0x7f0000000040)=""/191, 0xbf}, {&(0x7f00000001c0)=""/239, 0xef}], 0x3) [ 1405.356540] FAULT_INJECTION: forcing a failure. [ 1405.356540] name failslab, interval 1, probability 0, space 0, times 0 [ 1405.365116] validate_nla: 4 callbacks suppressed [ 1405.365125] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1405.367900] CPU: 0 PID: 23851 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1405.387292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1405.396674] Call Trace: [ 1405.399293] dump_stack+0x1b9/0x294 [ 1405.402935] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1405.408123] ? is_bpf_text_address+0xd7/0x170 [ 1405.412624] ? kernel_text_address+0x79/0xf0 [ 1405.417040] ? __unwind_start+0x166/0x330 [ 1405.421188] should_fail.cold.4+0xa/0x1a [ 1405.425255] ? __save_stack_trace+0x7e/0xd0 [ 1405.429570] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1405.434670] ? save_stack+0xa9/0xd0 [ 1405.438286] ? save_stack+0x43/0xd0 [ 1405.441904] ? kasan_kmalloc+0xc4/0xe0 [ 1405.445783] ? kasan_slab_alloc+0x12/0x20 [ 1405.450021] ? find_held_lock+0x36/0x1c0 [ 1405.454108] ? check_same_owner+0x320/0x320 [ 1405.458426] ? rcu_note_context_switch+0x710/0x710 [ 1405.463352] __should_failslab+0x124/0x180 [ 1405.467594] should_failslab+0x9/0x14 [ 1405.471390] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1405.476498] __kmalloc_node_track_caller+0x33/0x70 [ 1405.481422] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1405.486196] __alloc_skb+0x14d/0x780 [ 1405.490171] ? skb_scrub_packet+0x580/0x580 [ 1405.494491] ? dst_init+0x459/0x600 [ 1405.498129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1405.503659] ? ip_generic_getfrag+0x11c/0x2d0 [ 1405.508332] ? ip_reply_glue_bits+0xc0/0xc0 [ 1405.512651] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1405.517659] ? skb_put+0x17b/0x1e0 [ 1405.521198] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1405.526214] ? ip_reply_glue_bits+0xc0/0xc0 [ 1405.530553] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1405.536349] ? xfrm_policy_lookup+0x70/0x70 [ 1405.540664] ? ipv4_mtu+0x375/0x580 [ 1405.544307] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1405.549750] ? find_held_lock+0x36/0x1c0 [ 1405.553819] ? ip_setup_cork+0x44d/0x6d0 [ 1405.557894] ip_make_skb+0x2be/0x350 [ 1405.561604] ? ip_reply_glue_bits+0xc0/0xc0 [ 1405.565919] ? ip_flush_pending_frames+0x30/0x30 [ 1405.570677] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1405.576215] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1405.581740] ? xfrm_lookup_route+0x64/0x1f0 [ 1405.586059] udp_sendmsg+0x24ec/0x35e0 [ 1405.589945] ? ip_reply_glue_bits+0xc0/0xc0 [ 1405.594266] ? udp4_lib_lookup2+0x340/0x340 [ 1405.598587] ? graph_lock+0x170/0x170 [ 1405.602401] ? expand_files.part.8+0x9a0/0x9a0 [ 1405.606978] ? check_same_owner+0x320/0x320 [ 1405.611317] ? lock_downgrade+0x8e0/0x8e0 [ 1405.615464] ? lock_release+0xa10/0xa10 [ 1405.619516] ? check_same_owner+0x320/0x320 [ 1405.623831] ? __check_object_size+0x95/0x5d9 [ 1405.628322] inet_sendmsg+0x19f/0x690 [ 1405.632115] ? __might_sleep+0x95/0x190 [ 1405.636083] ? ipip_gro_receive+0x100/0x100 [ 1405.640490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1405.646041] ? security_socket_sendmsg+0x94/0xc0 [ 1405.650789] ? ipip_gro_receive+0x100/0x100 [ 1405.655113] sock_sendmsg+0xd5/0x120 [ 1405.658821] __sys_sendto+0x3d7/0x670 [ 1405.662713] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1405.667381] ? wait_for_completion+0x870/0x870 [ 1405.672049] ? __lock_is_held+0xb5/0x140 [ 1405.676123] ? __sb_end_write+0xac/0xe0 [ 1405.681305] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1405.686839] ? fput+0x130/0x1a0 [ 1405.690157] ? ksys_write+0x1a6/0x250 [ 1405.693955] ? __do_page_fault+0x441/0xe40 [ 1405.698204] ? __ia32_sys_read+0xb0/0xb0 [ 1405.702264] __ia32_sys_sendto+0xdf/0x1a0 [ 1405.706764] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1405.711789] do_fast_syscall_32+0x345/0xf9b [ 1405.716114] ? do_int80_syscall_32+0x880/0x880 [ 1405.720687] ? _raw_spin_unlock_irq+0x27/0x70 [ 1405.725176] ? finish_task_switch+0x1ca/0x840 [ 1405.729674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1405.735381] ? syscall_return_slowpath+0x30f/0x5c0 [ 1405.740306] ? sysret32_from_system_call+0x5/0x46 [ 1405.745144] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1405.749991] entry_SYSENTER_compat+0x70/0x7f [ 1405.754400] RIP: 0023:0xf7f63cb9 [ 1405.757752] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1405.765811] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1405.773071] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1405.780330] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1405.787602] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1405.794946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:32 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:32 executing program 6: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xf2, 0x8080) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000080)={0x2, 0x2}) r1 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000180)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) prctl$setptracer(0x59616d61, r2) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000000)={0x2}) 2018/06/01 03:16:32 executing program 1: move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000003000/0x1000)=nil], &(0x7f0000000080)=[0x400], &(0x7f00000000c0), 0x0) r0 = fcntl$getown(0xffffffffffffff9c, 0x9) move_pages(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000002000/0x2000)=nil], &(0x7f00000001c0)=[0x5c80000000, 0x3, 0xb0af, 0x1f6, 0x20, 0x3, 0xfffffffffffffffd], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4) r1 = syz_open_dev$admmidi(&(0x7f0000000340)='/dev/admmidi#\x00', 0x8, 0x80040) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000380)={0x0, 0x80000, 0xffffffffffffff9c}) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f00000003c0)={0x0, 0x0, 0x7}) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000400)={r2, r3}) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000180)={0x6, 0x200, 0x6, 0x3113, 0x0}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000240)={r4, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1f}}}, 0x6, 0x1f, 0x800, 0xa10, 0x97b}, &(0x7f0000000300)=0x98) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000440)={r4, 0x0, 0xde8, 0x8, 0x844, 0x80000000}, 0x14) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000140)={0x82f5, 0x0, 0xffff, 0x2, r4}, 0x10) 2018/06/01 03:16:32 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:32 executing program 3: r0 = socket(0x1d, 0x6, 0x1) ioctl$sock_bt_bnep_BNEPCONNDEL(r0, 0x400442c9, &(0x7f00000001c0)={0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}) r1 = socket$alg(0x26, 0x5, 0x0) r2 = epoll_create(0x7) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x20000000}) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="95aaed144d6a66fcb48845b12a8b0c8e34e7671e2755e6325b464395dc93767afb2ad52fb657ef10941d4b5effebc7a43a7b64a278e7ee1f9396f847b9bb9c55ab414acdf189d1fecb0a7e9d3692f6070352d330e8c2a8ab1d327059a84d363fc39cb371925fe698647880a7e1ca512cddaed262c1d08c7d6974149d9c4198822cf6e5cceb561ba75f367d7e074b5c07e121bc8558fea97bd93e304bcc7041eeec1517c47d7a24ed206818efdd593b5d3c7fe610", 0xb4) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x82000, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f0000000140)=0x3, &(0x7f0000000180)=0x4) [ 1405.983924] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:33 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:33 executing program 6: bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0xfffffffffffffffc, 0x418, &(0x7f00001a7f05)=""/251}, 0x48) r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x3fd, 0x1) ioctl$TUNSETLINK(r0, 0x400454cd, 0x103) 2018/06/01 03:16:33 executing program 1: acct(&(0x7f0000000040)='./file0\x00') madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0) mbind(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x45, 0x2) 2018/06/01 03:16:33 executing program 2 (fault-call:2 fault-nth:83): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:33 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) 2018/06/01 03:16:33 executing program 3: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) fcntl$setsig(r1, 0xa, 0x32) fsync(r0) fcntl$setlease(r1, 0x400, 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000040)=0x1) rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, &(0x7f0000d31ff0), &(0x7f00007adff0)={0x77359400}, 0x8) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x4) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) mkdirat(r2, &(0x7f0000000000)='./file0\x00', 0x100) 2018/06/01 03:16:33 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x8000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:33 executing program 7: r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) listen(r0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$unix(r0, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e20}, 0x6e) r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x80000000, 0x1) getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0), &(0x7f0000000100)=0xb) listen(r0, 0xfffffffffffffff8) [ 1406.771907] FAULT_INJECTION: forcing a failure. [ 1406.771907] name failslab, interval 1, probability 0, space 0, times 0 [ 1406.783267] CPU: 0 PID: 23901 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1406.790645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1406.800011] Call Trace: [ 1406.802626] dump_stack+0x1b9/0x294 [ 1406.806283] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1406.811494] ? perf_trace_lock_acquire+0xe3/0x980 [ 1406.816160] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1406.816355] ? unwind_get_return_address+0x61/0xa0 [ 1406.828652] ? __save_stack_trace+0x7e/0xd0 [ 1406.833004] should_fail.cold.4+0xa/0x1a [ 1406.837119] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1406.842263] ? save_stack+0xa9/0xd0 [ 1406.845919] ? save_stack+0x43/0xd0 [ 1406.849583] ? kasan_kmalloc+0xc4/0xe0 [ 1406.853510] ? __kmalloc_node_track_caller+0x47/0x70 [ 1406.858645] ? __alloc_skb+0x14d/0x780 [ 1406.862560] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1406.867766] ? ip_make_skb+0x2be/0x350 2018/06/01 03:16:33 executing program 6: r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000040)="91f8d1") exit(0x0) getdents64(r1, &(0x7f0000000340)=""/57, 0x39) 2018/06/01 03:16:33 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1406.871670] ? udp_sendmsg+0x24ec/0x35e0 [ 1406.875745] ? inet_sendmsg+0x19f/0x690 [ 1406.879735] ? sock_sendmsg+0xd5/0x120 [ 1406.883633] ? __sys_sendto+0x3d7/0x670 [ 1406.887624] ? do_fast_syscall_32+0x345/0xf9b [ 1406.892152] ? find_held_lock+0x36/0x1c0 [ 1406.896249] ? check_same_owner+0x320/0x320 [ 1406.900586] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1406.903145] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1406.906154] ? rcu_note_context_switch+0x710/0x710 [ 1406.906177] __should_failslab+0x124/0x180 2018/06/01 03:16:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000002c0)=@ioapic={0x2, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1, 0x0, [], 0x7fffffff}]}) r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1c, 0x4200) ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000080)={'veth1_to_team\x00', {0x2, 0x4e21, @loopback=0x7f000001}}) [ 1406.906196] should_failslab+0x9/0x14 [ 1406.906212] kmem_cache_alloc_node+0x272/0x780 [ 1406.906239] __alloc_skb+0x111/0x780 [ 1406.906257] ? skb_scrub_packet+0x580/0x580 [ 1406.906278] ? dst_init+0x459/0x600 [ 1406.942847] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1406.948410] ? ip_generic_getfrag+0x11c/0x2d0 [ 1406.952970] ? ip_reply_glue_bits+0xc0/0xc0 [ 1406.957320] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1406.962370] ? skb_put+0x17b/0x1e0 [ 1406.965944] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1406.970991] ? ip_reply_glue_bits+0xc0/0xc0 [ 1406.975331] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1406.981140] ? xfrm_policy_lookup+0x70/0x70 [ 1406.985463] ? ipv4_mtu+0x375/0x580 [ 1406.989088] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1406.994536] ? find_held_lock+0x36/0x1c0 [ 1406.998617] ? ip_setup_cork+0x44d/0x6d0 [ 1407.002673] ip_make_skb+0x2be/0x350 [ 1407.006397] ? ip_reply_glue_bits+0xc0/0xc0 [ 1407.010728] ? ip_flush_pending_frames+0x30/0x30 [ 1407.015499] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1407.021065] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1407.026610] ? xfrm_lookup_route+0x64/0x1f0 [ 1407.030944] udp_sendmsg+0x24ec/0x35e0 [ 1407.034839] ? ip_reply_glue_bits+0xc0/0xc0 [ 1407.039174] ? udp4_lib_lookup2+0x340/0x340 [ 1407.043496] ? graph_lock+0x170/0x170 [ 1407.047302] ? expand_files.part.8+0x9a0/0x9a0 [ 1407.051922] ? lock_downgrade+0x8e0/0x8e0 [ 1407.056075] ? lock_release+0xa10/0xa10 [ 1407.060053] ? __check_object_size+0x95/0x5d9 [ 1407.064551] inet_sendmsg+0x19f/0x690 [ 1407.068357] ? __might_sleep+0x95/0x190 [ 1407.072329] ? ipip_gro_receive+0x100/0x100 [ 1407.076658] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1407.082192] ? security_socket_sendmsg+0x94/0xc0 [ 1407.086942] ? ipip_gro_receive+0x100/0x100 [ 1407.091273] sock_sendmsg+0xd5/0x120 [ 1407.094984] __sys_sendto+0x3d7/0x670 [ 1407.098785] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1407.103465] ? wait_for_completion+0x870/0x870 [ 1407.108065] ? __lock_is_held+0xb5/0x140 [ 1407.112137] ? __sb_end_write+0xac/0xe0 [ 1407.116125] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1407.121659] ? fput+0x130/0x1a0 [ 1407.124936] ? ksys_write+0x1a6/0x250 [ 1407.128733] ? __do_page_fault+0x441/0xe40 [ 1407.133770] ? __ia32_sys_read+0xb0/0xb0 [ 1407.137836] __ia32_sys_sendto+0xdf/0x1a0 [ 1407.141989] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1407.147006] do_fast_syscall_32+0x345/0xf9b [ 1407.151346] ? do_int80_syscall_32+0x880/0x880 [ 1407.155925] ? _raw_spin_unlock_irq+0x27/0x70 [ 1407.160414] ? finish_task_switch+0x1ca/0x840 [ 1407.164910] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1407.170460] ? syscall_return_slowpath+0x30f/0x5c0 [ 1407.175393] ? sysret32_from_system_call+0x5/0x46 [ 1407.180235] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1407.185077] entry_SYSENTER_compat+0x70/0x7f [ 1407.189474] RIP: 0023:0xf7f63cb9 [ 1407.192828] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1407.200536] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1407.207809] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1407.215080] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:33 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1407.222340] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1407.229604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1407.292073] kvm: apic: phys broadcast and lowest prio 2018/06/01 03:16:33 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1}, 0x0) [ 1407.318616] kvm: apic: phys broadcast and lowest prio [ 1407.362349] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:34 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:34 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0x800, 0x0) ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000000200)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='reiserfs\x00', 0x0, &(0x7f0000000200)) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000014000)=[{&(0x7f0000014f79)="5500000018007fb1b72d1cb2a4a280a80a06050000a8430291052369250009000800001c010000001400a3070e000000030000dc1338d54400009b84226eb75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000040)}, 0x0) 2018/06/01 03:16:34 executing program 7: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/current\x00') creat(&(0x7f0000001200)='./file0\x00', 0x0) fcntl$setpipe(r0, 0x407, 0x1) chroot(&(0x7f0000000100)='./file0\x00') listxattr(&(0x7f0000001240)='./file0\x00', &(0x7f0000001280)=""/74, 0x4a) getrlimit(0x0, &(0x7f0000000040)) pwritev(r0, &(0x7f00000011c0)=[{&(0x7f0000000080)="1364dd70a0951945c58c2c1d6d12", 0xe}, {&(0x7f0000000140)="01df832680bed94b83469e893424767059a22609ca139d45702596ab884cc03db71c378b44b764d34eaa325b2a86431bc4ea230f1468ce6172098678039872b4d4d1cbb5f24fe7662413bbe0ea2cecd85b0b574024bc363508ada0c068c791e5ec7f40d3a9efbf9abb2568", 0x6b}, {&(0x7f00000000c0)="efa32326", 0x4}, {&(0x7f00000001c0)="c1c54f46661cb5f1d4d0e7c13509782a9dc31cbfc629ef178e7135d6341533b9adf396b1f3d7925dfa76a7ee9b42c9c174bdc666f520a3f900f4a0aa7fabe3f3626cd463a80f36c310994bbf67122085c94f1796c1195688c6cd944b83ed1303ec87d3a86d299eccff8e7e63289fc9971b8330930eb5649e5252e310e61abd6d8cccb8c10d985421c0f2c575310cbed33114c141741d4f9b2e9506c0af73e8570164554662a04c18071a4fc7ad0546300dc0f8c58eb5226b6568545453b2e285c71a3ecbfe8ce69136017be65ca3379070c8634c64a235cd8425f3c366bbe2ae6b27373715d36fcbd68825fa6f59e8779ee61b98b135f5ae2e570e6a05411042edbee2d08acd218c0d87cf003869f68d8c23aee3224d0e7704e33500e57f8fe1c9b4a4880249c2c8fc5ec048aaef98b7c1ccb711cbb63ba77e358c5aa94136f695257206cc5b70464d52f344f8ef4e336d9fa81d1aab149756f958c7ca180f61a5139dfc50212e5ce82f2b67876150db7cbf1db6c60665050e047f3e4300919062cc5e3dc30785539641c462863a290fefdcd98a6a9071e08115a5286d17d55f845ac8f0b53bcf0ad3f1cbcada2953b93b424bbc76bda3bd923c180c0de7a016a94a8e5ce2e75d85b33086c5d95426c9fb9568f0b7478898cf175f8afac181a83106e2a812f0ce533b972c5fc4463e082f290082bb5b71f8fffbff96541280f142b1846008d6cba0367b184b2222799b86a522b51f34007cb793cbebc4228c05a1f5f20f552bd4877b9c56e9d5b64a44d4189c0aad1505a3b2294a99a3b646d9db7e02ec197857fb0f46c67247288209a084e50dc1f2c30d4b3cf5176a63610ff9bde60e3acf9de8683dbb8dd14343ac24c1d363254038bdcd1e06607cbb1afecf1370118e59635f7cb6f31a810dc2054e2832545d6701854737eb440d6a2d8b7bc33f8199a1548179cdd50d3a8d9d9eae9cf18a0a0cc396d8673c4eb8ed2c40410eebb9e5158aa34b109f41abd67fbb9ad9dd9c114685b0d796416cdf96c1b296b35676890b68488b948c9196b894b2bcf24756c6628cfde94258dcd2ad9e3f6c84706323077379124fc2ad9b9a428eb23a7712162b4131088bd06bfe04a841b5c570204105c5367e327a288efcb3fcce054256b28bf959ad6e5fbca4b765b56b0c50b1de1ce0db2bd824b9f38c2ee4bff716b4220e2785531db0ccb4576b70c883556fdae27ed0941b3c2d8160f0ee32a7a0085c4947a1cc9d3ea00d60240c61c849d5ace808351b8e66b0501572dcca87243cc8c900e19408119d5cb704572bc02ffeafceae4ed83b7be3345c9d9b2a23e15a2dae38aa7bd1949f264aee42b24b9842ab3868acc604cec4b008c9a9ff5fc5b2bf4a1a99a8cb4fe2413c66e187f916a1a4969a1bf29cf9c8a608a6b08f6f3dc006faebea5e30bdfaa86c18190c85e2fd92956d5fefb40d32052666da82b840e620c7c506b52b5bcf943bb1ecd8419759f973b0f4628e50a9bf24cda3d61eb62868ca9e954eddbd74e90fa4e403b0ae544781df35f0d9cd2403e3c094df6c8f0b0d5014e0d62b6e78cc737e709644571f8aeeaf5d006b69d2ee2df2f215ea3874a3db5f3664600600500d6692e324b7f63430d0c23d2287145757a5f925fdd3f7ebb18bbb5e65280a6796ee4e5acd743eb41fc510275a7b58c6dec1a4dc10cdf1f173dbf98acd53e647956b975810321b29ca97a0e8375f65e26af6130385afbe82e4f636cbcc654b80cb0698bc7070530b23aa974f9ce5d0f00442b40aba4d7409a51ce153dde10632d3942174cef1d7615a7b65b7333ef787460bc6b5fe0fed09562c45c72b03c61f3266a7e86d7126fcab6b1117546c07a513f74bc5b6dda8a07e24878ba3fb304081d664572c943f34d0132929da6f532c7ec261d64a0774b7d37ec87849b5a0d1a2232c184fcfb21381c9273099d809120e0130aa0d576d4acc1fb7e8d1d667d6976ea8b7860b7a7a6912dd69de8994fd030a3597267b6a812e897d319ddf2ccbbc0d110576afb113cc8db793821f1b96957bad457081964ddba5182ed8272fb0314e8927327fa8d46f447014c7fbd44637849e3ff9198f64716c633d27d76cc6077658db4d5b5ca78b1a11c4327db560f2a7d11fe1ac381d0c053ea061394188f45b6e7539b9fd42b7f4f51dcec11563d06ebf4555291f869905f6364cd364417688bd124e40bb267202f24a96f0b4cfe9db6607ae1f3071174414dc6637ae440cf57e44dc58823f3a9a1624846ba239e63265d395ec9b3920bb715ae7d417c04597cfe7b948990a24336d7d867bbbc6387ca5e55936f07ad8877e528c686c45c4fada71416750e1fac18146397a968ba43b45c66dae734418fe60bb265273a4a1e70de5457ac2eb61647a56ffc1e30f8b51ec7d9582bc0227ac64e202faeb8f150511f29c8f0c84fc39a68397aa165da323647460a7238333a6a9d01ac84be2adc968c3f7f04ec03534a985c53b2fc46b019c56ae44460d32467877ec3ce44c4e41019e93206157e21c2d991bbaff204999387e432aaa711db07fc270b408abce68c7d0787152ea1d3aed2d95b2b6ce38898c43c20dc29f1ca8cdbeafe1707fd58298d677022b541bae94b0c13727b286c1ff39925061285c1bedf4058b9e76ce08a634c56c4ef5b58572a598df5c5dcb0c4ccdf6a651ef3669fa99804c9bed2ce065135680329be5ea9ed3bf930e803c0fc0914fea07cf05824c254269ba17620892715bace2445841283b2a7a7ff16703be58edba31956a29ddc40c9f938532b8693c4d48953dcb4eddfdba0c0dfa9145b01f490adad8a4b4227759ff81adcb4bdaeb80db218d95110f875aafc54fece2618e3e61717d49b2654764f107ecd17d0712056057129beadafb9708d379c7fc8672202a6d3dfcfa4b05c14a6a316fd3c16afeebff1ab58dc446be45fb402f6ca7c0ea08d6c456807815050278bd459165d99e1eb44db92e6dff3b64416327a7a17a83b01f37595a4ef5ea03bf1c0ef43639f28f92181c5138bcb61bee6fe58d4efc5de5f2e8fbacbbbe78fd21d3e6891e9b0db1cdc4f228b4908a351b84c993e7143387f24adffac6050a6dd81a75bb549ce9d229416a1ca7d191e4a3a149c7dc275ef6e602ffc99c0f10423ac58836ea78a087c456c9d7a6633fc765cb02d89dc3733ec26ec54aa169652751d2f56bb7f1869aebd59a25fb5bf1f08a26e810124899f420398bf6cd35dacd536736fac8a709004cd2e2c40965084701923dbefb9c94c2627fbfffccdcf58297e87fd9ee23022caf6a76a27ee3b0d7a80e54d3472111216f32c05e5edf0e0927a90a98309eb039c80bf900063d5035c6e4bfe2e7141ee52ce79432a55a3c20b090a42945359be408025486f469afea2309b5477379649c01afc89b14a971bfc7bdd7ac5ec66eb0cf1022e9d951702fcc595c72cce1a9cf51e96cc0e76371fbb4f10662695f165edb0ef873aa883c32205fdb74f4e6ec4afa865d5710ad5c305a71a9f0fca294adec9b88726f34ef6ca006d1d503e01ff277fbc0c37127b0dbb592ac68ebf444a6daa858631d60fd73a78ee2b6fc07dc8d69f157e64b3dc5ac07ec2f7b826ef57c38787bb431f7af5abeba6af553b5613b96b6fcc08816049ccd344ba7fb49e42aff2ece9dfc86e8037d282e2ff8372edc05531e9819d8e23184735a2fbec8fc33ae0444cfe6b88ed458138b6c266eff22b612be5f476b2f58219861c6f5ec7475f8c7d26e2d3c620f9a788c2b9b6660092204fd9f8cb5b41a1b92dc77b1716563b7b63d8de1d2ee6dfff72a7e6d48ce447525919afedf54e9ec12eac24c6bff5e1d0b17dabf23c7b35edb98a8ddec0f369635684769958bfc4e2f5312aee7767f6217d79514c7c84a9f40fff7ed59878795e7474431e832103f868ff0701092ecb669247453fb5ccb607f25937c1e7b36f0b9a21f6827cdd58e1c493652e6da05ced30dffb7dc22694d51b40ca3e164db7f384217c4413aea1f46f1556ef33c26915f8ea223c8dd6a67d00ce96a6e87a798c4786f0761ad39d57394e6217ed11ab29f791af40bc86d576d846c7758bc1c6d3afa1104c185e23b8f0e53132f6f4cf599d6c8c44fb330eb5e575d628aaed7f5b7c69e4a23bffaf819517a4f9e920f7398a77b833c8d5c286f662498c393d49677159b6cf0dc15160a8f5a1d1e8196506e2597d74f141bceabf5d2d66a502c46b23dbd34fc4378430304dede78d11738eabc5db0187faf060476c78c1283782e2bb2ec3f85868f0877ec5dbe5b0a5797b7d12195a217ff699cf95cd11ae0e3d523290bd7c5f710bd67e18ff2937d5744e92d4da7a559ee3469913e1d3f30d48c2c2b1eac140c7cdaf741b0ae378e517607abb14cb3addbf0f01bf4368de6b321512300c9d4a393fd1339f8ddaf15614ff12895cf04d555c8b82990eefd0c3b0b0986c457bab7cf5a87e807da6dd5f594e8ef2c09b41b439da6856109756a0603f2595fdec8ec8164360553a647b4ae05c355c22533273d2227494ab27d7b98629231c153656d12d0829e24ec95f641d9da47fc53fbc43429a276b5c81c4138a80fcd6c0306a736b43072eabe4be048f318206bf9970cdef0cf2fa0443e81f31c368a481365339a42e27b2839f1763b2e6cb994be2df2868732f65aa58da07f7c2852cf01ea8b0411545e45c7d178feeeedfde92f9f7855ec5510be7c02c9138cad3097e233a2a81d887c402594be93eb63c13fe6745facbcd9ef2e0a36be2339be4cdc997fc3ed6280e08c05c87a9c1d45c677fc269f031223a7b61659e5051bf21091bd9dda637211ee7b77c803db0f19083ea1792305200f938be83f48542dd700b36d449e3b898efbf355459bfb6691947d28bc335351702070c22eee4d737d335c24d36dfdb0b60d6ac984972d38dbad26cd1bd3c57f55ef167da8b2637cd3ec4cbdd8de00c437f589e5386837d17fd791bcb63792940b8dd5746d22d500b9b66b8eb99204f7424a7e3ed74ef58cc4b10d85a0c25b09a80713ecccc50cb2440726859a420890168c13792724f1eda2c02a1e16055ab0062635af17fdbeb02caa32e57317bc59f134ee374d1902fe490be1af61e3a8ac94500852a90cedbf9e5001c56d046724a937ae8a148d56db0ae0e17fb17e2d8a5bdcb2a6e6ac50bf47519d3cf3365d6bf4b29a4994b029ef493fb836178b0ecd03500cbba79c8f073a38b552aef6fdfc62bf42c37690bf5cd9884d671b1f8f2ca58332813cf9bd4d89925e51cb4f30678a68fe1fd7903e3f9b130260fa2835b5d947fb68d5c0a337bea004e084eb2d4d685cca83529e474c6bfff600d91c7ba64999fffe4f3e6c292bdfb55aa8379bc99a5e331c291b2899557cdb9eb6f7b42b408cfdfcba70b088be860573f3b293dea8cdf4a9e20e9ee7f9405b2149cf6caa06cb5530ba5fcd00bb0ec331c64cb98a22f1e5808f60f0d6d197a4caf251088c8892792db940363888921e46e3fb258b27bc89f9c8e43b5978320e2eb7f38b991a04dc3c2a940a7f2dd9e1cc0bb59081e9a0a4831ee59b3dbd30813cb54923b37bb32f9c13a83dd71fe021ecd9bfa997494375a1793b88f3c97a1e29b15ab3d7eb91ca788299ca7da8b522cc2a09810f0c3189fbfbd8160313008e84f1cf62530f407f5704ddab304f2cd0a03a5d9a47a455bfc46bb0cfbc3ffc417e03890c3ce0f34409cca7cb1e4d1e6d3a9f14a60aa23def459a4ba4fdbea807718dfc890ce90a20620b768fa6ccb1a1af0bb3a76b39ab5582", 0xc0}], 0x4, 0x0) 2018/06/01 03:16:34 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0x7ffff000}, 0x1}, 0x0) 2018/06/01 03:16:34 executing program 2 (fault-call:2 fault-nth:84): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:34 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000eed000)={0x2, 0x4e21}, 0x10) sendmsg(r0, &(0x7f0000000140)={&(0x7f0000000040)=@in={0x2, 0x4e21}, 0x10, &(0x7f0000000100)}, 0x0) syz_emit_ethernet(0x2a, &(0x7f00003f3fd5)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1=0xe0000001}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000), &(0x7f00000000c0)=0x4) 2018/06/01 03:16:34 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xfc00000000000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:34 executing program 6: unshare(0x4000000) r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x3f, 0x400) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={r0}) fchmod(r1, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x24000000) [ 1407.883460] netlink: 17 bytes leftover after parsing attributes in process `syz-executor1'. [ 1407.896627] FAULT_INJECTION: forcing a failure. [ 1407.896627] name failslab, interval 1, probability 0, space 0, times 0 [ 1407.907998] CPU: 0 PID: 23950 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1407.915383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1407.924760] Call Trace: [ 1407.927377] dump_stack+0x1b9/0x294 [ 1407.931033] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1407.936247] ? is_bpf_text_address+0xd7/0x170 [ 1407.940818] should_fail.cold.4+0xa/0x1a [ 1407.944897] ? __save_stack_trace+0x7e/0xd0 [ 1407.949236] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1407.954367] ? save_stack+0x43/0xd0 [ 1407.958009] ? kasan_kmalloc+0xc4/0xe0 [ 1407.961933] ? kasan_slab_alloc+0x12/0x20 [ 1407.966098] ? find_held_lock+0x36/0x1c0 [ 1407.970200] ? check_same_owner+0x320/0x320 [ 1407.974564] ? rcu_note_context_switch+0x710/0x710 [ 1407.979514] __should_failslab+0x124/0x180 [ 1407.983768] should_failslab+0x9/0x14 [ 1407.987597] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1407.992734] __kmalloc_node_track_caller+0x33/0x70 [ 1407.998484] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1408.003265] __alloc_skb+0x14d/0x780 [ 1408.007004] ? skb_scrub_packet+0x580/0x580 [ 1408.011347] ? dst_init+0x459/0x600 [ 1408.014993] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1408.020540] ? ip_generic_getfrag+0x11c/0x2d0 [ 1408.025055] ? ip_reply_glue_bits+0xc0/0xc0 2018/06/01 03:16:34 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000180)={'team_slave_1\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x12}}}) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x0, @loopback=0x7f000001}, @in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}], 0x3c) r1 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0xfffffffffffff904, 0x8000) ioctl$TCGETS(r1, 0x5401, &(0x7f00000000c0)) 2018/06/01 03:16:34 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0x33fe0}, 0x1}, 0x0) 2018/06/01 03:16:34 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x4000, 0x0, 0x8, 0x0, 0x0, 0x49, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x10000003, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='numa_maps\x00') readv(r0, &(0x7f0000000300)=[{&(0x7f0000001400)=""/4096, 0x1000}], 0x1) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10010, r0, 0x1b) [ 1408.029395] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1408.034432] ? skb_put+0x17b/0x1e0 [ 1408.037999] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1408.043044] ? ip_reply_glue_bits+0xc0/0xc0 [ 1408.047397] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1408.053220] ? xfrm_policy_lookup+0x70/0x70 [ 1408.057572] ? ipv4_mtu+0x375/0x580 [ 1408.062188] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1408.067653] ? find_held_lock+0x36/0x1c0 [ 1408.071740] ? ip_setup_cork+0x44d/0x6d0 [ 1408.075825] ip_make_skb+0x2be/0x350 [ 1408.079561] ? ip_reply_glue_bits+0xc0/0xc0 [ 1408.083900] ? ip_flush_pending_frames+0x30/0x30 [ 1408.086155] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1408.088680] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1408.088707] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1408.088723] ? xfrm_lookup_route+0x64/0x1f0 [ 1408.088745] udp_sendmsg+0x24ec/0x35e0 [ 1408.088766] ? ip_reply_glue_bits+0xc0/0xc0 [ 1408.088794] ? udp4_lib_lookup2+0x340/0x340 [ 1408.124230] ? graph_lock+0x170/0x170 [ 1408.128060] ? expand_files.part.8+0x9a0/0x9a0 2018/06/01 03:16:34 executing program 7: r0 = socket(0x18, 0x0, 0x1) sendmmsg(0xffffffffffffffff, &(0x7f00009d7000)=[{{&(0x7f0000000400)=@in6={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}, 0x80, &(0x7f0000000380)=[{&(0x7f0000002000)="4c5614c00401a0dbf8a669ebdedd102c4f7a79e606457dfdf09e2ec2ed253b", 0x1f}], 0x1, &(0x7f0000000000)}}], 0x1, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x800) accept4$bt_l2cap(r1, &(0x7f0000000240), &(0x7f0000000280)=0xe, 0x800) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000180)=""/188) getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) ioctl$KDSETKEYCODE(r2, 0x4b4d, &(0x7f0000000100)={0xfffffffffffffffa, 0x9}) connect(r0, &(0x7f0000002000)=@sco={0x1f, {0x1}}, 0x26) connect$l2tp(r0, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}}, 0x32) [ 1408.132658] ? check_same_owner+0x320/0x320 [ 1408.137012] ? lock_downgrade+0x8e0/0x8e0 [ 1408.141174] ? lock_release+0xa10/0xa10 [ 1408.145265] ? check_same_owner+0x320/0x320 [ 1408.149608] ? __check_object_size+0x95/0x5d9 [ 1408.154643] inet_sendmsg+0x19f/0x690 [ 1408.158460] ? __might_sleep+0x95/0x190 [ 1408.162453] ? ipip_gro_receive+0x100/0x100 [ 1408.166884] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1408.172436] ? security_socket_sendmsg+0x94/0xc0 [ 1408.177199] ? ipip_gro_receive+0x100/0x100 2018/06/01 03:16:34 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000000)={'mangle\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) r2 = syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCREVOKE(r2, 0x40044591, &(0x7f0000000040)) readv(r0, &(0x7f000085dff0)=[{&(0x7f0000e94000)=""/62, 0x10024}], 0x146) [ 1408.181534] sock_sendmsg+0xd5/0x120 [ 1408.185262] __sys_sendto+0x3d7/0x670 [ 1408.189077] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1408.193762] ? wait_for_completion+0x870/0x870 [ 1408.198365] ? __lock_is_held+0xb5/0x140 [ 1408.202452] ? __sb_end_write+0xac/0xe0 [ 1408.206446] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1408.211997] ? fput+0x130/0x1a0 [ 1408.215294] ? ksys_write+0x1a6/0x250 [ 1408.219104] ? __do_page_fault+0x441/0xe40 [ 1408.223355] ? __ia32_sys_read+0xb0/0xb0 [ 1408.227435] __ia32_sys_sendto+0xdf/0x1a0 [ 1408.231593] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1408.236632] do_fast_syscall_32+0x345/0xf9b [ 1408.240974] ? do_int80_syscall_32+0x880/0x880 [ 1408.245567] ? _raw_spin_unlock_irq+0x27/0x70 [ 1408.250076] ? finish_task_switch+0x1ca/0x840 [ 1408.254592] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1408.260167] ? syscall_return_slowpath+0x30f/0x5c0 [ 1408.265116] ? sysret32_from_system_call+0x5/0x46 [ 1408.269955] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1408.274796] entry_SYSENTER_compat+0x70/0x7f [ 1408.279202] RIP: 0023:0xf7f63cb9 2018/06/01 03:16:34 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0x28}, 0x1}, 0x0) 2018/06/01 03:16:34 executing program 6: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x400, 0x0) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000040)=0xbd39, 0x4) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x9cdc, 0x9, 0x8007, 0x7, 0xfffffffffffff53c, 0x0, 0xfffffffffffffdb4, 0x1ff, 0x0}, &(0x7f00000000c0)=0x20) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={r1, 0x4}, 0x8) write$cgroup_int(r0, &(0x7f0000000140)={[0x3f]}, 0x1) ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000180)={0x4, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, {0x2, 0x4e23, @multicast2=0xe0000002}, {0x2, 0x4e22, @multicast1=0xe0000001}, 0x20, 0x5, 0x80000001, 0x268610e0, 0x0, 0x0, 0xffff, 0x4, 0xfffffffffffffff8}) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={r1, 0x7, 0xa47f}, 0x8) ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000240)) fcntl$setstatus(r0, 0x4, 0x0) ioctl$sock_ipx_SIOCAIPXPRISLT(r0, 0x89e1, &(0x7f0000000280)=0x80000000) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='dctcp\x00', 0x6) flistxattr(r0, &(0x7f0000000300)=""/63, 0x3f) getpeername$llc(r0, &(0x7f0000000340), &(0x7f0000000380)=0x10) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000440)=0x0) r3 = perf_event_open(&(0x7f00000003c0)={0x3, 0x70, 0x80000001, 0x6, 0x3, 0x2, 0x0, 0x1, 0x40400, 0x1, 0x1, 0x10001, 0x1000, 0x1, 0x1, 0x1f, 0x537e, 0x5, 0x1, 0x800, 0x0, 0x0, 0xffffffff, 0x8, 0x4f1, 0x3f, 0x6, 0x1, 0x7, 0x6, 0x10ae, 0xffffffff, 0x80000001, 0x3, 0x4, 0x5bc, 0x80000000, 0x6, 0x0, 0x5, 0x0, @perf_config_ext={0x8}, 0x8001, 0x2, 0x285, 0x0, 0x2, 0x1, 0x5}, r2, 0xe, r0, 0x8) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000480)={r0, 0x78}) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000004c0)={r0}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ptmx\x00', 0x10003, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000540)='/dev/zero\x00', 0x501000, 0x0) rt_sigprocmask(0x3, &(0x7f0000000580)={0xffff}, &(0x7f00000005c0), 0x8) setsockopt$sock_int(r0, 0x1, 0x3f, &(0x7f0000000600)=0x3, 0x4) fcntl$getownex(r3, 0x10, &(0x7f0000000640)) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001780)={r5, &(0x7f0000000680)="be4e8e33d62172912dd5acda6b1f1243d85cc8340153a84c12f1ff228d0d8c31ecd99e616e09825346c6b5d0b4b79b0477b64fe4ea6021c0a87117900e10f0b6703683d2e667b43d0c7aae0f28bc850460e27fc23bb589985190c49bd17abc5675faac12b15ad0880d5280f80813355662f4b69d2131f8754946f62a7df805653daf2de6bdb77366add6e25015c00e40f56bc5417ec2479d701936163c0ec3783fc4f1fc65ef824a07f092146d9312bd889d0363518f75800c6d2959eb71caa4a974045dc585c98e22bbe3defc7d74c58f67787215f0acd3c43e3ed4ac9c2696", &(0x7f0000000780)=""/4096}, 0x18) bind$vsock_stream(r3, &(0x7f00000017c0)={0x28, 0x0, 0xffffffff, @reserved=0x1}, 0x10) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000001800)={r1, 0x2, 0x8}, 0x8) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r5, 0x84, 0x19, &(0x7f0000001840)={r1, 0x6}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000001880)={0x293, 0x1, 0x8004, 0x2db2, 0x6, 0x4, 0x0, 0x8, r1}, &(0x7f00000018c0)=0x20) r6 = creat(&(0x7f0000001900)='./file0\x00', 0x104) ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000001940)) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r6, 0x84, 0x65, &(0x7f0000001980)=[@in={0x2, 0x4e20, @rand_addr=0xfffffffffffff58c}, @in={0x2, 0x4e23, @rand_addr=0x3a}, @in6={0xa, 0x4e24, 0xfffffffffffffc70, @empty, 0x8}, @in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @multicast1=0xe0000001}, @in={0x2, 0x4e21, @rand_addr=0xffffffffffff6174}, @in6={0xa, 0x4e23, 0x6, @loopback={0x0, 0x1}}], 0x88) 2018/06/01 03:16:34 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1408.282553] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1408.290266] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1408.297548] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1408.305332] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1408.312598] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1408.319870] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1408.368776] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:35 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000000000ff"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(r0) sendmsg$rds(r1, &(0x7f00000005c0)={&(0x7f0000000000)={0x2, 0x4e22, @multicast2=0xe0000002}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000040)=""/18, 0x12}, {&(0x7f0000000140)=""/112, 0x70}, {&(0x7f00000001c0)=""/255, 0xff}, {&(0x7f0000000080)=""/19, 0x13}, {&(0x7f00000002c0)=""/87, 0x57}], 0x5, &(0x7f0000000500)=[@rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000000380)=""/159, 0x9f}, &(0x7f0000000440), 0x2}}, @mask_cswp={0x58, 0x114, 0x9, {{0x200, 0x6}, &(0x7f0000000480)=0xff, &(0x7f00000004c0)=0x1, 0x800, 0x100000000, 0x0, 0x5, 0xa, 0x40}}], 0x88, 0x1}, 0x90) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000000c0)={{0x2, 0x0, @broadcast=0xffffffff}, {0x0, @link_local={0x1, 0x80, 0xc2}}, 0x8, {0x2}}) getpeername$inet(r0, &(0x7f0000000600)={0x0, 0x0, @multicast1}, &(0x7f0000000640)=0x10) 2018/06/01 03:16:35 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffc0}, 0x1}, 0x0) 2018/06/01 03:16:35 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/.nforce\x00', 0x6002, 0x0) io_setup(0x8b1, &(0x7f0000000080)=0x0) io_submit(r1, 0x3a, &(0x7f00000015c0)=[&(0x7f0000000300)={0xff0f, 0x0, 0x6, 0x1, 0x0, r0, &(0x7f0000000200), 0x1f7b200}]) ioctl$KVM_PPC_GET_SMMU_INFO(r0, 0x8250aea6, &(0x7f00000000c0)=""/93) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000000), 0x4) [ 1408.479240] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:35 executing program 6: r0 = socket$inet6(0xa, 0x3, 0x8001000000002b) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x4}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='veth0_to_team\x00', 0x10) socketpair$inet(0x2, 0x80a, 0x9, &(0x7f0000000080)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000100)={0x0, 0xfffffffffffffeff}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000180)={r2, 0x1}, &(0x7f00000001c0)=0x8) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000040)) write$binfmt_aout(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000ffff0000000000bdde262aeaae276d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007463e9091f837d9e4cc5cf3883766ec4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000a7f3df77a4f12bd6bee8667332226ca90000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000c7b32e742c5bf54e7fab5b74f107000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000035cc56635142fc59000000000000000020000100008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c1e1549bfada1e3f46028004000000000000000000000000000000000000000000000000000000000000000000000d3790000000036695a7e70b766a5247efffa98000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff03000000000000000000000000000000000000000000000000000000006da7d3a035374d5a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060901e2e0935187dea6d5dacf5634f25278e1588623870a6f42f32ab70c3d050c1df2a02c6bfb411505b73a9eaf596276643c6eeb47a9d4627881cfcf54a7ca18cb37572fde381c1c9d73bfcf7db48e5424d5d04d02620"], 0x5b5) syz_emit_ethernet(0x4f, &(0x7f0000000840)={@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xd}, @random="3e5f23e292ff", [], {@llc={0x4, {@llc={0xf4, 0x4, "fd", "68e232aa7a4c1f2499636097f2b79b359489b435dedc9bcf56c993ea31b815bc61ec070b8adfd8ceb5971a8e972d0da1dd08eaae05dbc5540eff246deffb"}}}}}, &(0x7f00000008c0)={0x1, 0x2, [0xc7b, 0xd9d, 0x6c, 0x6eb]}) 2018/06/01 03:16:35 executing program 2 (fault-call:2 fault-nth:85): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:35 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000000000007f"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:35 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xf}, 0x1}, 0x0) 2018/06/01 03:16:35 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000100)={'irlan0\x00', {0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}}) r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x6, 0x200000) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f00000000c0)=0x8b, 0x4) r2 = socket$can_raw(0x1d, 0x3, 0x1) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) getresuid(&(0x7f00000001c0), &(0x7f00000003c0)=0x0, &(0x7f0000000400)) lstat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r3, r4, r5) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000000)=0x6, 0x4) setsockopt(r2, 0x65, 0x5, &(0x7f0000000000), 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendmsg$can_raw(r2, &(0x7f0000000380)={&(0x7f0000000240)={0x1d, r6}, 0x10, &(0x7f0000000140)={&(0x7f0000000280)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "7748f37cb63d97410f26b25d273c63471a4aea801964650b837c0de5f6704e6cefbe04f5ec1867dc62c9dcd0c6ab798ac9d22a36d96ff25f75c58a213e2d5b9f"}, 0x48}, 0x1}, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) 2018/06/01 03:16:35 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000480)={0x1d}, 0x10) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x4000, 0x0) ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1) ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f00000000c0)) ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f00000001c0)={0x5, 0x4, 0x0, [{0x100000001, 0x42434fa8, 0x8, 0x8000, 0x3f, 0x3, 0xffff}, {0x284, 0x1, 0x7, 0x1ff, 0x7, 0x8000, 0x67}, {0x8000, 0x6, 0x10000, 0x1c, 0x5, 0x200, 0x2}, {0x6, 0x401, 0x401, 0x4, 0x3, 0xffff, 0x5}]}) sendmsg$can_raw(r0, &(0x7f0000001fc8)={&(0x7f0000000000)={0x1d}, 0x10, &(0x7f0000017ff0)={&(0x7f0000007000)=@canfd={{0x1}, 0xffffff7f, 0x0, 0x0, 0x0, "0327e19a2b010000037dc1250200000008990039966a7d5cb2bd00000000000000000007496e6866856b76b5010000000000000000060000000118fa1efd9b0b"}, 0x48}, 0x1}, 0x0) 2018/06/01 03:16:35 executing program 7: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x80) ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f00000002c0)={"72ca46d7507bf0dd3ea08f00cb051b5d2c8da774b104217b244b148f6eccfeb52769dbdd55112289d6d5038bc12c378b80ef0a0a729c1dae9b86e48b635ebc91c0bbc00178dd6b8b6d7a5f38642e1b3dba0388be438bef88888d9fe01c71b3675e8cb908455cfe2ba76197a3bdec4e2f190146737ef50d93fa704b5f03e9c0735952f8f77fbab29a61ebd646731058a2ae3f574089dbda7c7d9142f6544289558ed6eef2cadf01b60935459dbc4606ebd691f53ca7d4e174e20d528aa2e9ef8184131f014a28d97200c79b39556509ad5ac967b091db3f4d7d16d0b904555bac2e1ea1eba223117354f53f2fd59e7a05578a6e4df972880ed672f97fdb11f35e636db8c86119b1e78e8aa20f4506c0e014e005e6ebf685931a2de5294b7003da0634fe34713a100b8545ad2006fd72ca67c818e790fc7c5b352c57977269b96d6fd31051c3a485eb6de62440d2edd190d7bef0c04b0c820c1b1e08f82a967bf38a867df11724500780eee043457c1c40a385ea15ff8ea6d53279b213538ae638c630c050b283c39fcfa2c60b349b69211210fb6ab7045cd8c8dff03661f6bc98f9a73628a5ee73829bce4dc3d3ea0a7145a5cb42646df4e920f4b2fbb463cde8eb6614c4bd1312c9c7792c00f19d10334bc39f4d1ac986e80c1ca6a112ca3967388f9db30824b82b0c548678059db3b05d6b9f5d39dd7a181cdf09485da293e90eba729a96241120bfe7d95a7b931be853b35d2dc9e788ae0945453c9b4aab677b9a685f152c421368d8592481e59e93f70007bff2d54f86f3af3da06abc282c987964f028fa7d309049579ace91d0e5a734ab1dc6ca3fca83b1845fe265e3445b1e96403c3be9c0acab1fd4fe46f3a88031fa2ff5399f7453947d4f0f433243a97e62402621187daa360474408b156728d03b33ecd0315f26b42e296af02c2addd3127348238fca53281754657d33779b82657ab49576fc103aae6935875269fdfeae109f63989c4ab79870e70293e6e932da92bacba70c3912d830e9b210698544bb1e08cc63e8d3e2621ab26a6ce7a68fd0268fe3a136bc4e4bdbbb8ef341864c5e6a3c3a93834e627dc68e648d697a03f61a6f7899f32d11717c446a15a0fc72b4a756a3598976a57e9aa1a5f70631e34bfa3b5479bf2a38925e79dc91cdb198ebaae30449a37b32de133ee4c280b607c65d62b00854a38ac933acc2f0345360fd0d3678b1cd5425c0c966a346f82460048137c1cf04ee91d46b440120f9dd7f666c6a064425ba01b5844d810e9a0cc265f33ca37c4ea902cd77def9f8853b3822ffd772bc9f464af401173b8104e9cd935d80ca2fabe95b2142eae171befd19737d9e049df6eaf07df4e651c7f5eee814ad9f4639ca15fdcbebface3b5917aa828d167e6b76af001e0ccc52d4237a80ae732365a52cc7c419c3106e0266"}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xb4cfce3ada83d206}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x68, r2, 0x300, 0x70bd26, 0x25dfdbff, {0xc}, [@IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback=0x7f000001}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x843}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xfffffffffffffff7}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x3f}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x6e81c9d7cc2248ed}, 0x4804) sendmsg$nl_generic(r1, &(0x7f0000000000)={&(0x7f0000000180)={0x10, 0x40030000000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000000000000000000000020000000c00000008000a000400000000000000"], 0x20}, 0x1}, 0x0) 2018/06/01 03:16:35 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x1000000}, 0x1c) shutdown(r0, 0x0) [ 1409.308475] FAULT_INJECTION: forcing a failure. [ 1409.308475] name failslab, interval 1, probability 0, space 0, times 0 [ 1409.320095] CPU: 0 PID: 24031 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1409.327476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1409.336946] Call Trace: [ 1409.339571] dump_stack+0x1b9/0x294 [ 1409.343226] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1409.348438] ? perf_trace_lock_acquire+0xe3/0x980 [ 1409.353302] ? unwind_get_return_address+0x61/0xa0 [ 1409.358251] ? __save_stack_trace+0x7e/0xd0 [ 1409.362601] should_fail.cold.4+0xa/0x1a [ 1409.366738] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1409.371864] ? save_stack+0xa9/0xd0 [ 1409.375538] ? save_stack+0x43/0xd0 [ 1409.379200] ? kasan_kmalloc+0xc4/0xe0 [ 1409.383108] ? __kmalloc_node_track_caller+0x47/0x70 [ 1409.388231] ? __alloc_skb+0x14d/0x780 [ 1409.392136] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1409.397339] ? ip_make_skb+0x2be/0x350 [ 1409.401241] ? udp_sendmsg+0x24ec/0x35e0 2018/06/01 03:16:36 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xec0}, 0x1}, 0x0) 2018/06/01 03:16:36 executing program 7: r0 = timerfd_create(0x1, 0x0) fsetxattr(r0, &(0x7f0000000040)=@random={'user.', 'security.capability\x00'}, &(0x7f0000000180)='3em1self+%vmnet1)/@\x00', 0xfffffffffffffee8, 0x0) [ 1409.405578] ? inet_sendmsg+0x19f/0x690 [ 1409.409574] ? sock_sendmsg+0xd5/0x120 [ 1409.413473] ? __sys_sendto+0x3d7/0x670 [ 1409.417460] ? do_fast_syscall_32+0x345/0xf9b [ 1409.421977] ? find_held_lock+0x36/0x1c0 [ 1409.426083] ? check_same_owner+0x320/0x320 [ 1409.430426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1409.435984] ? rcu_note_context_switch+0x710/0x710 [ 1409.440957] __should_failslab+0x124/0x180 [ 1409.445214] should_failslab+0x9/0x14 [ 1409.449030] kmem_cache_alloc_node+0x272/0x780 [ 1409.453647] __alloc_skb+0x111/0x780 [ 1409.457394] ? skb_scrub_packet+0x580/0x580 [ 1409.461739] ? dst_init+0x459/0x600 [ 1409.465401] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1409.471048] ? ip_generic_getfrag+0x11c/0x2d0 [ 1409.475549] ? ip_reply_glue_bits+0xc0/0xc0 [ 1409.479889] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1409.484906] ? skb_put+0x17b/0x1e0 [ 1409.488444] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1409.493465] ? ip_reply_glue_bits+0xc0/0xc0 [ 1409.497792] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1409.503603] ? xfrm_policy_lookup+0x70/0x70 [ 1409.508107] ? ipv4_mtu+0x375/0x580 [ 1409.511735] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1409.517186] ? find_held_lock+0x36/0x1c0 [ 1409.521254] ? ip_setup_cork+0x44d/0x6d0 [ 1409.525312] ip_make_skb+0x2be/0x350 [ 1409.529030] ? ip_reply_glue_bits+0xc0/0xc0 [ 1409.533347] ? ip_flush_pending_frames+0x30/0x30 [ 1409.538102] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1409.543664] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1409.549207] ? xfrm_lookup_route+0x64/0x1f0 [ 1409.553555] udp_sendmsg+0x24ec/0x35e0 [ 1409.557458] ? ip_reply_glue_bits+0xc0/0xc0 [ 1409.561808] ? udp4_lib_lookup2+0x340/0x340 [ 1409.566126] ? graph_lock+0x170/0x170 [ 1409.569929] ? expand_files.part.8+0x9a0/0x9a0 [ 1409.574541] ? lock_downgrade+0x8e0/0x8e0 [ 1409.578692] ? lock_release+0xa10/0xa10 [ 1409.582670] ? __check_object_size+0x95/0x5d9 [ 1409.587175] inet_sendmsg+0x19f/0x690 [ 1409.590967] ? __might_sleep+0x95/0x190 [ 1409.594947] ? ipip_gro_receive+0x100/0x100 [ 1409.599268] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1409.604822] ? security_socket_sendmsg+0x94/0xc0 [ 1409.609570] ? ipip_gro_receive+0x100/0x100 [ 1409.613898] sock_sendmsg+0xd5/0x120 [ 1409.617632] __sys_sendto+0x3d7/0x670 [ 1409.621532] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1409.626208] ? wait_for_completion+0x870/0x870 [ 1409.631222] ? __lock_is_held+0xb5/0x140 [ 1409.635391] ? __sb_end_write+0xac/0xe0 [ 1409.639377] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1409.644911] ? fput+0x130/0x1a0 [ 1409.648226] ? ksys_write+0x1a6/0x250 [ 1409.652033] ? __do_page_fault+0x441/0xe40 [ 1409.656531] ? __ia32_sys_read+0xb0/0xb0 [ 1409.660603] __ia32_sys_sendto+0xdf/0x1a0 [ 1409.664746] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1409.669770] do_fast_syscall_32+0x345/0xf9b [ 1409.674352] ? do_int80_syscall_32+0x880/0x880 [ 1409.678926] ? _raw_spin_unlock_irq+0x27/0x70 [ 1409.683511] ? finish_task_switch+0x1ca/0x840 [ 1409.688021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1409.693661] ? syscall_return_slowpath+0x30f/0x5c0 [ 1409.698599] ? sysret32_from_system_call+0x5/0x46 [ 1409.703465] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1409.708326] entry_SYSENTER_compat+0x70/0x7f [ 1409.712729] RIP: 0023:0xf7f63cb9 [ 1409.716084] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1409.723798] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1409.731157] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1409.738435] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1409.745697] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1409.752991] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:36 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000002"], 0x60}, 0x1}, 0x0) [ 1409.773811] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:36 executing program 6: r0 = dup(0xffffffffffffffff) fcntl$addseals(r0, 0x409, 0x4) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a}, &(0x7f0000000200)="157f", 0x2, 0xfffffffffffffffe) 2018/06/01 03:16:36 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xfffffdef}, 0x1}, 0x0) 2018/06/01 03:16:36 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:36 executing program 7: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0xf97646a531206712, 0x0) prctl$seccomp(0x16, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0xa5e7, 0x2, 0x9, 0x2}]}) setsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000100)=0xffff, 0x4) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() r2 = syz_open_procfs(r1, &(0x7f0000000080)='loginuid\x00') sendfile(r2, r2, &(0x7f00000000c0), 0xdd) 2018/06/01 03:16:36 executing program 1: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x101001) fallocate(r0, 0x2, 0x6, 0x3) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) write$tun(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="02050200010001000400471500ec0068007f0532908a848563d35e7ce2313a78ffffffffffffffff071b04ac14140c7fffffffac1414bbffffffffac14141aac1414bb8927fbac1414bbac14141d00000009000000000000005de00000000000007f000001e00000018645000000010008ef7949edf5ea07071e006bdbab070d6bf70c3d29040f66d169cf07047d70070b065460ee296ed91f9b07039a020dadbd253272be923e6963d907045787cc07fbe0b9d1e9441807f300000002ac1414aa00000005ffffffff0000000201940600000002940600000009831308ffffffffffffffffac1414160000727d000022f79078ac1414"], 0xf6) 2018/06/01 03:16:36 executing program 2 (fault-call:2 fault-nth:86): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:36 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0x20010565}, 0x1}, 0x0) 2018/06/01 03:16:36 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc-cast6-avx)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000100), 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@deltfilter={0x24, 0x2d}, 0xffffffffffffffac}, 0x1}, 0x80) recvfrom$ipx(r1, &(0x7f00000003c0)=""/220, 0xfffffffffffffe3d, 0x0, 0x0, 0xa1) 2018/06/01 03:16:36 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x40020000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:36 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f000099e000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000000140)=0x9) sendto$inet(r0, &(0x7f0000de1fff), 0xfffffffffffffd43, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) r1 = gettid() perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setown(r0, 0x8, r1) r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x6, 0x140) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e20, @loopback=0x7f000001}}, 0x1, 0xfffffffffffff800, 0xffff, "a4ac7c8e48f7f270b1e3c4b6f253cd4075c7a7f11e22d9ff98c833db576394f960407881a88b5765c02ffba659ccea318e45bb6b5242972bf39fa65101d180d11ed15ebec271d044a3e4fc56082c0f3f"}, 0xd8) recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x65, 0x120, 0x0, 0xfe33) [ 1410.111871] FAULT_INJECTION: forcing a failure. [ 1410.111871] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.123314] CPU: 0 PID: 24074 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1410.130694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1410.140077] Call Trace: [ 1410.142688] dump_stack+0x1b9/0x294 [ 1410.146336] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1410.151545] ? is_bpf_text_address+0xd7/0x170 [ 1410.156056] ? kernel_text_address+0x79/0xf0 [ 1410.160478] ? __unwind_start+0x166/0x330 [ 1410.164654] should_fail.cold.4+0xa/0x1a [ 1410.168738] ? __save_stack_trace+0x7e/0xd0 [ 1410.173100] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1410.178235] ? save_stack+0xa9/0xd0 [ 1410.181904] ? save_stack+0x43/0xd0 [ 1410.185553] ? kasan_kmalloc+0xc4/0xe0 [ 1410.189462] ? kasan_slab_alloc+0x12/0x20 [ 1410.193647] ? find_held_lock+0x36/0x1c0 [ 1410.198180] ? check_same_owner+0x320/0x320 [ 1410.202523] ? rcu_note_context_switch+0x710/0x710 [ 1410.207819] __should_failslab+0x124/0x180 [ 1410.212072] should_failslab+0x9/0x14 [ 1410.215907] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1410.221031] __kmalloc_node_track_caller+0x33/0x70 [ 1410.225976] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1410.230757] __alloc_skb+0x14d/0x780 [ 1410.234483] ? skb_scrub_packet+0x580/0x580 [ 1410.238814] ? dst_init+0x459/0x600 [ 1410.242449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1410.247982] ? ip_generic_getfrag+0x11c/0x2d0 [ 1410.252471] ? ip_reply_glue_bits+0xc0/0xc0 [ 1410.256791] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1410.261797] ? skb_put+0x17b/0x1e0 [ 1410.265346] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1410.270495] ? ip_reply_glue_bits+0xc0/0xc0 [ 1410.274834] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1410.280631] ? xfrm_policy_lookup+0x70/0x70 [ 1410.284960] ? ipv4_mtu+0x375/0x580 [ 1410.288602] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1410.294046] ? find_held_lock+0x36/0x1c0 [ 1410.298119] ? ip_setup_cork+0x44d/0x6d0 [ 1410.302177] ip_make_skb+0x2be/0x350 [ 1410.305887] ? ip_reply_glue_bits+0xc0/0xc0 [ 1410.310218] ? ip_flush_pending_frames+0x30/0x30 [ 1410.314986] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1410.320527] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1410.326061] ? xfrm_lookup_route+0x64/0x1f0 [ 1410.330380] udp_sendmsg+0x24ec/0x35e0 [ 1410.334270] ? ip_reply_glue_bits+0xc0/0xc0 [ 1410.338597] ? udp4_lib_lookup2+0x340/0x340 [ 1410.342913] ? graph_lock+0x170/0x170 [ 1410.346711] ? expand_files.part.8+0x9a0/0x9a0 [ 1410.351283] ? check_same_owner+0x320/0x320 [ 1410.355967] ? lock_downgrade+0x8e0/0x8e0 [ 1410.360115] ? lock_release+0xa10/0xa10 [ 1410.364088] ? check_same_owner+0x320/0x320 [ 1410.368406] ? __check_object_size+0x95/0x5d9 [ 1410.372909] inet_sendmsg+0x19f/0x690 [ 1410.376710] ? __might_sleep+0x95/0x190 [ 1410.380682] ? ipip_gro_receive+0x100/0x100 [ 1410.385000] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1410.390546] ? security_socket_sendmsg+0x94/0xc0 [ 1410.395305] ? ipip_gro_receive+0x100/0x100 [ 1410.399718] sock_sendmsg+0xd5/0x120 [ 1410.403427] __sys_sendto+0x3d7/0x670 [ 1410.407220] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1410.411888] ? wait_for_completion+0x870/0x870 [ 1410.416469] ? __lock_is_held+0xb5/0x140 [ 1410.420535] ? __sb_end_write+0xac/0xe0 [ 1410.424502] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1410.430032] ? fput+0x130/0x1a0 [ 1410.433301] ? ksys_write+0x1a6/0x250 [ 1410.437103] ? __do_page_fault+0x441/0xe40 [ 1410.441337] ? __ia32_sys_read+0xb0/0xb0 [ 1410.445395] __ia32_sys_sendto+0xdf/0x1a0 [ 1410.449535] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1410.454548] do_fast_syscall_32+0x345/0xf9b [ 1410.458864] ? do_int80_syscall_32+0x880/0x880 [ 1410.463436] ? _raw_spin_unlock_irq+0x27/0x70 [ 1410.467931] ? finish_task_switch+0x1ca/0x840 [ 1410.472422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1410.477947] ? syscall_return_slowpath+0x30f/0x5c0 [ 1410.482872] ? sysret32_from_system_call+0x5/0x46 [ 1410.487709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1410.492553] entry_SYSENTER_compat+0x70/0x7f [ 1410.496957] RIP: 0023:0xf7f63cb9 [ 1410.500309] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:16:37 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$bt_hci(r0, 0x0, 0x61, &(0x7f0000000000)=""/40, &(0x7f0000000040)=0x28) [ 1410.508013] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1410.515272] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1410.522531] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1410.529788] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1410.537041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:37 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x11}, 0x0) 2018/06/01 03:16:37 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:37 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0x0, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f0000000380)=[@increfs={0x40046304}, @decrefs={0x40046307}], 0x0, 0x0, &(0x7f0000000080)}) 2018/06/01 03:16:37 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000e8000)='/dev/cuse\x00', 0x2, 0x0) write$fuse(r0, &(0x7f0000000040)={0x28, 0x3, 0x1, @fuse_notify_retrieve_out={0x5, 0x7, 0x3, 0x7}}, 0xfffffe66) 2018/06/01 03:16:37 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14}}, 0x10) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000300)={0x7fff, {0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0x4e22, @loopback=0x7f000001}, {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x200, 0x1f, 0x20, 0x6, 0x1ff, 0x0, 0x7fffffff, 0xffffffffffffffe0, 0x8}) sendto$inet(r0, &(0x7f0000000000), 0xa4, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb) setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000040), 0x4) r1 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x8, 0x12080) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x400, 0x448}) writev(r0, &(0x7f0000001400)=[{&(0x7f00000013c0)='8', 0x1}], 0x1) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000200)={r0, r0, 0xfffffffffffffffa, 0x9, &(0x7f0000000140)="88372b78280471cb0766b3e17a0f0f5e949484983f0518ce12bc0bfb8e94bbfbbaa1a95af48acbe6aa7818005b6684769c95d3d3a3f433758faa873a8f1cb2154b91f6e395be81dc99e75a88cf02068588be629fe0a1ca3c9587d7621cea2c469cdff82695ffc238b6c4204cf700035dd97cfe71107a962cb602a1831e727d271651b038", 0xce, 0xcf6, 0x4, 0x2, 0x8, 0x2, 0x3f, "db4d811ecea5e11e6e987f0bc1efffc6bf445769c48787bd2cc06cf14c0fe06cf80465557c0357cce95c4174335efe88cb239f65bc340bad9a318e7454ff97e692b459420f793aa23eab2b7354c0b2d9b5e07275816706909dfc266f255a648e475804b67a17551819d3a964674ef793d3455230c5e89cca10a8f21f72c6d596bcb76b240ac19714ce716ea2c95b8d4814baa4edaad40f04d7e8b2dc7cd49f4f4e4e04ff07d372b29851f2a88bd847842b75985b522d214b0ee14980bce0abd883ca8647dd4591d6"}) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2}, 0x6) membarrier(0x8, 0x0) [ 1410.656292] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1410.692234] binder_alloc: binder_alloc_mmap_handler: 24106 20ffe000-21000000 already mapped failed -16 2018/06/01 03:16:37 executing program 2 (fault-call:2 fault-nth:87): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1410.721494] binder: BINDER_SET_CONTEXT_MGR already set [ 1410.744763] binder: 24106:24108 ioctl 40046207 0 returned -16 [ 1410.770486] binder_alloc: 24106: binder_alloc_buf, no vma [ 1410.776358] binder: 24106:24117 transaction failed 29189/-3, size 24-8 line 2971 [ 1410.787361] FAULT_INJECTION: forcing a failure. [ 1410.787361] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.798678] CPU: 0 PID: 24120 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1410.806048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1410.812729] binder: undelivered TRANSACTION_ERROR: 29189 [ 1410.815416] Call Trace: [ 1410.815443] dump_stack+0x1b9/0x294 [ 1410.815465] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1410.815484] ? unwind_get_return_address+0x61/0xa0 [ 1410.815505] should_fail.cold.4+0xa/0x1a [ 1410.815523] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1410.822014] binder: release 24106:24108 transaction 309 out, still active [ 1410.823550] ? save_stack+0xa9/0xd0 [ 1410.823568] ? save_stack+0x43/0xd0 [ 1410.823584] ? kasan_kmalloc+0xc4/0xe0 [ 1410.823601] ? __kmalloc_node_track_caller+0x47/0x70 [ 1410.823617] ? __alloc_skb+0x14d/0x780 [ 1410.823631] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1410.823649] ? udp_sendmsg+0x24ec/0x35e0 [ 1410.827274] binder: unexpected work type, 4, not freed [ 1410.832433] ? inet_sendmsg+0x19f/0x690 [ 1410.832451] ? sock_sendmsg+0xd5/0x120 [ 1410.832469] ? __sys_sendto+0x3d7/0x670 [ 1410.837387] binder: undelivered TRANSACTION_COMPLETE [ 1410.841422] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1410.841436] ? do_fast_syscall_32+0x345/0xf9b [ 1410.841454] ? find_held_lock+0x36/0x1c0 [ 1410.883780] binder: send failed reply for transaction 309, target dead [ 1410.888048] ? check_same_owner+0x320/0x320 [ 1410.888070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1410.888088] ? rcu_note_context_switch+0x710/0x710 [ 1410.888108] __should_failslab+0x124/0x180 [ 1410.888124] should_failslab+0x9/0x14 [ 1410.888142] kmem_cache_alloc_node+0x272/0x780 [ 1410.951696] __alloc_skb+0x111/0x780 [ 1410.955408] ? skb_scrub_packet+0x580/0x580 [ 1410.959719] ? dst_init+0x459/0x600 [ 1410.963337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1410.968864] ? ip_generic_getfrag+0x11c/0x2d0 [ 1410.973355] ? ip_reply_glue_bits+0xc0/0xc0 [ 1410.977671] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1410.982674] ? skb_put+0x17b/0x1e0 [ 1410.986201] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1410.991213] ? ip_reply_glue_bits+0xc0/0xc0 [ 1410.995543] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1411.001325] ? xfrm_policy_lookup+0x70/0x70 [ 1411.005642] ? ipv4_mtu+0x375/0x580 [ 1411.009256] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1411.014695] ? find_held_lock+0x36/0x1c0 [ 1411.018755] ? ip_setup_cork+0x44d/0x6d0 [ 1411.022804] ip_make_skb+0x2be/0x350 [ 1411.026511] ? ip_reply_glue_bits+0xc0/0xc0 [ 1411.030825] ? ip_flush_pending_frames+0x30/0x30 [ 1411.035655] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1411.041182] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1411.046703] ? xfrm_lookup_route+0x64/0x1f0 [ 1411.051021] udp_sendmsg+0x24ec/0x35e0 [ 1411.054893] ? perf_trace_lock+0xd6/0x900 [ 1411.059031] ? ip_reply_glue_bits+0xc0/0xc0 [ 1411.063344] ? udp4_lib_lookup2+0x340/0x340 [ 1411.067647] ? graph_lock+0x170/0x170 [ 1411.071437] ? expand_files.part.8+0x9a0/0x9a0 [ 1411.076028] ? lock_downgrade+0x8e0/0x8e0 [ 1411.080159] ? lock_release+0xa10/0xa10 [ 1411.084120] ? check_same_owner+0x320/0x320 [ 1411.088431] ? __check_object_size+0x95/0x5d9 [ 1411.092917] inet_sendmsg+0x19f/0x690 [ 1411.096704] ? __might_sleep+0x95/0x190 [ 1411.100666] ? ipip_gro_receive+0x100/0x100 [ 1411.104977] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1411.110502] ? security_socket_sendmsg+0x94/0xc0 [ 1411.115259] ? ipip_gro_receive+0x100/0x100 [ 1411.119571] sock_sendmsg+0xd5/0x120 [ 1411.123272] __sys_sendto+0x3d7/0x670 [ 1411.127059] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1411.131719] ? wait_for_completion+0x870/0x870 [ 1411.136299] ? retint_kernel+0x10/0x10 [ 1411.140171] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1411.145175] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1411.149917] ? retint_kernel+0x10/0x10 [ 1411.153792] __ia32_sys_sendto+0xdf/0x1a0 [ 1411.157926] ? do_fast_syscall_32+0x17a/0xf9b [ 1411.162404] ? do_fast_syscall_32+0x181/0xf9b [ 1411.166896] do_fast_syscall_32+0x345/0xf9b [ 1411.171212] ? do_int80_syscall_32+0x880/0x880 [ 1411.175784] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1411.180616] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1411.186136] ? syscall_return_slowpath+0x30f/0x5c0 [ 1411.191051] ? sysret32_from_system_call+0x5/0x46 [ 1411.195878] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1411.200712] entry_SYSENTER_compat+0x70/0x7f [ 1411.205103] RIP: 0023:0xf7f63cb9 [ 1411.208451] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1411.216151] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1411.223412] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1411.230679] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1411.237930] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 2018/06/01 03:16:37 executing program 1: r0 = socket(0x11, 0x100000803, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x20000000002) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"6966623000faffffffffffffff00", 0x5001}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) write$tun(r1, &(0x7f00000004c0)={@void, @val={0xffffff7f}, @ipv6={0x0, 0x6, "af04ca", 0x108, 0x4, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, @mcast2={0xff, 0x2, [], 0x1}, {[], @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}, 0xfdef) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc) ioctl$TUNSETGROUP(r1, 0x400454ce, r2) r3 = dup3(r1, r0, 0x0) ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000140)) 2018/06/01 03:16:37 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:37 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0xb}, 0x0) 2018/06/01 03:16:37 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x12) pipe2(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) accept4$packet(r2, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000006c0)=0xfffffffffffffed6, 0xc0000) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000080)=r3) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mixer\x00', 0x2002, 0x0) ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000300)=r4) quotactl(0x0, &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000140)="99698bdb56082f1f88dd8af1f0f84969b63e79f08b68408d381995717451283bceb8c4e4001a710c761036632a52dd6f5e48de912add2988fdf87db1f68df4f796b22ff855de187e4144e69ee8f4576c0b8bff7576b37447a5182efe3695622e266fcd6e6b10714534bc4336acab21837fd58d7b73458bfb152abf23a51fbac89bd4c55f480737f9fbd0c3b3c066f42637c0293dd4608b6b27ee6e133b97bb315f1be16bc7004b0aa0433b49d3314411d51a67fedaacf929afdc68a7b69b58e56a4e489d60913304010b183ca6df88") r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') preadv(r4, &(0x7f0000000e80)=[{&(0x7f0000000880)=""/242, 0xf2}, {&(0x7f0000000980)=""/138, 0x8a}, {&(0x7f0000000a40)=""/171, 0xab}, {&(0x7f0000000b00)=""/132, 0x84}, {&(0x7f0000000bc0)=""/247, 0xf7}, {&(0x7f0000000340)=""/54, 0x36}, {&(0x7f0000000380)=""/42, 0x2a}, {&(0x7f0000000cc0)=""/236, 0xec}, {&(0x7f0000000640)=""/47, 0x2f}, {&(0x7f0000000dc0)=""/184, 0xb8}], 0xa, 0x0) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000740)={{0x3004, 0x2000, 0x3, 0x359, 0x4, 0x5, 0xec6a, 0xc9, 0xffffffff, 0xce5, 0x8, 0x4c9}, {0x0, 0x4, 0x4, 0x2, 0x3f, 0x58, 0x2f, 0x10000, 0x4, 0x1, 0x7, 0x80000001}, {0x2000, 0xd000, 0x1d, 0x100000000, 0x9, 0x8, 0x65, 0x4, 0x5f271f52, 0x0, 0xff, 0x401}, {0xf000, 0x2, 0x0, 0x40, 0xfffffffffffffffb, 0x7, 0x0, 0x40, 0x101, 0x931f, 0x1f, 0x1}, {0x0, 0x10000, 0xe, 0x40, 0x9, 0x8, 0x7ff, 0x4, 0x8, 0x3, 0x9, 0x9d}, {0xf000, 0x103006, 0x19, 0xe45, 0xd0f, 0x3, 0x8000, 0x8, 0x6, 0x8e31, 0x8, 0x8}, {0x0, 0x5000, 0x0, 0x8f7, 0x8d4, 0x4, 0x10001, 0x2, 0x5, 0x5, 0x3, 0x5a0f}, {0x0, 0x102000, 0xe, 0x9, 0x2, 0x4, 0x972, 0x5, 0x81, 0x21cc3d5a, 0x4, 0x8}, {0x5000}, {0x4, 0x17001}, 0x2, 0x0, 0xf002, 0x304044, 0x4, 0x100, 0x6000, [0x9, 0x8, 0x2, 0x3]}) acct(&(0x7f0000000240)='./file0\x00') ioctl$IOC_PR_REGISTER(r4, 0x401870c8, &(0x7f0000000680)={0x400, 0x7fffffff}) geteuid() ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000500)={'veth1_to_bond\x00', {0x2, 0x4e24}}) capset(&(0x7f00001e8ff8)={0x19980330}, &(0x7f0000032fe8)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f00000003c0)={0xfffffffffffffffb, 0x1, 0xfff, 0x0, 0x0, [], [], [], 0xf2, 0x6}) setns(r5, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) preadv(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)=""/87, 0x57}, {&(0x7f0000000500)}, {&(0x7f0000000540)=""/58, 0x3a}, {&(0x7f0000000580)=""/84, 0x54}], 0x4, 0x0) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000f00)=@assoc_value={0x0, 0x7f}, &(0x7f0000000f40)=0x8) setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000f80)=@assoc_value={r6, 0x10000}, 0x8) [ 1411.245193] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:37 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x900}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:37 executing program 6: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400000, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'veth0_to_bond\x00', 0x0}) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000180)={@empty, @local={0xfe, 0x80, [], 0xaa}, @dev={0xfe, 0x80, [], 0x18}, 0x7ff, 0x6, 0xde3, 0x100, 0x1, 0x40008, r2}) epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x4, &(0x7f0000000040)={0x91a}, 0x8) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)) mlock(&(0x7f00007ca000/0x14000)=nil, 0x14000) mlock(&(0x7f000036d000/0x3000)=nil, 0x3000) 2018/06/01 03:16:38 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1411.357128] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:38 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xff0f}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:38 executing program 3: socketpair$inet(0x1e, 0x5, 0x0, &(0x7f0000000080)={0x0, 0x0}) sendmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0), 0x0, &(0x7f0000001d80)}, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000100)) sendmsg(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000005c0)='m', 0x1}], 0x1, &(0x7f0000001980)=ANY=[]}, 0x0) r2 = fcntl$getown(r0, 0x9) ptrace$peekuser(0x3, r2, 0x0) recvmsg(r1, &(0x7f0000000340)={&(0x7f0000000000)=@alg, 0x80, &(0x7f0000000200)=[{&(0x7f00000001c0)=""/2, 0x2}], 0x1, &(0x7f0000000240)=""/253, 0xfd}, 0x0) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000140)=@generic={0x7f, 0x4, 0x9}) 2018/06/01 03:16:38 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x4}, 0x0) 2018/06/01 03:16:38 executing program 2 (fault-call:2 fault-nth:88): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:38 executing program 6: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) lremovexattr(&(0x7f0000000040)='./control/file0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB='security.)().procFPL\'--nodevkeyring\x00']) close(r0) 2018/06/01 03:16:38 executing program 7: syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7, 0x200080) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10000, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x80) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x400, 0x8, r0}, 0x274) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000007110540000000000000000000000000095000000000000002fef641461c31c419f0da0f3e08c4023242a6c17a72837ed5a90a1981263351f2a63810f5542e2144029266521ea678bf671fbe91d2f4085a72679113ab7d6c7c7a888b3c43788b100ce0b799a9aba8b01abd03fae823c3a5ada9db51cd926329751f71c7e140d01d15cea6bdd3e2332477a7f01a42bb1ed62af8e16b6d3dc4c6c2c416213f632f1a8d6a2bf32eb78d2e0c85f503dedffcab806caffcf03f74fbcf4997b498571e7ee2725b571d98d687473fc1252a98d834ee69a73c7806e1113f9745887c21234"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/06/01 03:16:38 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:38 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0xfffffffffffffffe, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000300)=ANY=[@ANYBLOB="0a000000000000000a0000000700000065c7000007000000390000000000000007000080090000010700000031000000ff0000000000000000000080fdffffff0600000009000000fdffffff0000000006000000ff01000006000000c0ffffff090000000000000007000000080000000001000001000000ffffffff000000000a0000000702000000000000d2b7000005000000000000001900008000000000950800000700000000feffff000000000100004007000000e6000000810000001f000000000000000000000003000000cfd200006b000000020000000400000002000000fbffffff03000000ff0f000000040000000000008d6cc3611fb752f35b409771503a65fd848fb7355589ba75475b0233c0ee5d88dfe40545b6f9f511341669f8d731de67411fc0cd1b8eb8ece45dd82cb3f01bbc7f75b3ab2b9ace810000006f0175ab4fa99deeae52f27b57847f05d7"]) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f0000000040)=""/51) fcntl$setlease(r1, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x1001) fcntl$setlease(r0, 0x400, 0x2) [ 1412.306781] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1412.317507] FAULT_INJECTION: forcing a failure. [ 1412.317507] name failslab, interval 1, probability 0, space 0, times 0 [ 1412.328811] CPU: 0 PID: 24169 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1412.336179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1412.345541] Call Trace: [ 1412.348155] dump_stack+0x1b9/0x294 [ 1412.351807] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1412.357369] ? is_bpf_text_address+0xd7/0x170 [ 1412.361884] ? kernel_text_address+0x79/0xf0 [ 1412.366316] ? __unwind_start+0x166/0x330 [ 1412.370483] should_fail.cold.4+0xa/0x1a [ 1412.374555] ? __save_stack_trace+0x7e/0xd0 [ 1412.378893] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1412.384019] ? save_stack+0xa9/0xd0 [ 1412.387660] ? save_stack+0x43/0xd0 [ 1412.391315] ? kasan_kmalloc+0xc4/0xe0 [ 1412.395219] ? kasan_slab_alloc+0x12/0x20 [ 1412.399386] ? find_held_lock+0x36/0x1c0 [ 1412.403486] ? check_same_owner+0x320/0x320 [ 1412.407826] ? rcu_note_context_switch+0x710/0x710 [ 1412.412777] __should_failslab+0x124/0x180 [ 1412.417037] should_failslab+0x9/0x14 [ 1412.420857] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1412.425993] __kmalloc_node_track_caller+0x33/0x70 [ 1412.430946] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1412.435735] __alloc_skb+0x14d/0x780 [ 1412.439616] ? skb_scrub_packet+0x580/0x580 [ 1412.443960] ? dst_init+0x459/0x600 [ 1412.447608] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1412.453166] ? ip_generic_getfrag+0x11c/0x2d0 [ 1412.457674] ? ip_reply_glue_bits+0xc0/0xc0 [ 1412.462019] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1412.467055] ? skb_put+0x17b/0x1e0 [ 1412.470617] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1412.475670] ? ip_reply_glue_bits+0xc0/0xc0 [ 1412.480024] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1412.485851] ? xfrm_policy_lookup+0x70/0x70 [ 1412.490192] ? ipv4_mtu+0x375/0x580 [ 1412.493835] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1412.499465] ? find_held_lock+0x36/0x1c0 [ 1412.503548] ? ip_setup_cork+0x44d/0x6d0 [ 1412.507641] ip_make_skb+0x2be/0x350 [ 1412.511370] ? ip_reply_glue_bits+0xc0/0xc0 [ 1412.515723] ? ip_flush_pending_frames+0x30/0x30 [ 1412.520493] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1412.526051] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1412.531617] ? xfrm_lookup_route+0x64/0x1f0 [ 1412.535955] udp_sendmsg+0x24ec/0x35e0 [ 1412.539861] ? ip_reply_glue_bits+0xc0/0xc0 [ 1412.544200] ? udp4_lib_lookup2+0x340/0x340 [ 1412.548526] ? graph_lock+0x170/0x170 [ 1412.552353] ? expand_files.part.8+0x9a0/0x9a0 [ 1412.556951] ? check_same_owner+0x320/0x320 [ 1412.561301] ? lock_downgrade+0x8e0/0x8e0 [ 1412.565461] ? lock_release+0xa10/0xa10 [ 1412.569444] ? check_same_owner+0x320/0x320 [ 1412.573795] ? __check_object_size+0x95/0x5d9 [ 1412.578302] inet_sendmsg+0x19f/0x690 [ 1412.582120] ? __might_sleep+0x95/0x190 [ 1412.586099] ? ipip_gro_receive+0x100/0x100 [ 1412.590427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1412.595959] ? security_socket_sendmsg+0x94/0xc0 [ 1412.600705] ? ipip_gro_receive+0x100/0x100 [ 1412.605043] sock_sendmsg+0xd5/0x120 [ 1412.608749] __sys_sendto+0x3d7/0x670 [ 1412.612538] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1412.617196] ? wait_for_completion+0x870/0x870 [ 1412.621769] ? __lock_is_held+0xb5/0x140 [ 1412.625830] ? __sb_end_write+0xac/0xe0 [ 1412.629805] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1412.635423] ? fput+0x130/0x1a0 [ 1412.638691] ? ksys_write+0x1a6/0x250 [ 1412.642477] ? __do_page_fault+0x441/0xe40 [ 1412.646700] ? __ia32_sys_read+0xb0/0xb0 [ 1412.650762] __ia32_sys_sendto+0xdf/0x1a0 [ 1412.654899] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1412.659907] do_fast_syscall_32+0x345/0xf9b [ 1412.664221] ? do_int80_syscall_32+0x880/0x880 [ 1412.668793] ? _raw_spin_unlock_irq+0x27/0x70 [ 1412.673281] ? finish_task_switch+0x1ca/0x840 [ 1412.677771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1412.683298] ? syscall_return_slowpath+0x30f/0x5c0 [ 1412.688221] ? sysret32_from_system_call+0x5/0x46 [ 1412.693055] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1412.697896] entry_SYSENTER_compat+0x70/0x7f [ 1412.702303] RIP: 0023:0xf7f63cb9 2018/06/01 03:16:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x6}, 0x0) 2018/06/01 03:16:39 executing program 1: r0 = timerfd_create(0x7, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000016fe0)={{0x5}, {0x0, 0x5f6c}}, &(0x7f000000ffe0)) r1 = memfd_create(&(0x7f0000000140)='/dev/audio#\x00', 0x0) recvmsg$netrom(r1, &(0x7f00000015c0)={&(0x7f0000000180)=@full={{0x3, {"4f1971921d2503"}, 0x2}, [{"c7479b1ebfd085"}, {"7a14ff94301820"}, {"e819f678658974"}, {"be5ca954a7e230"}, {"e1369dba2954eb"}, {"a6ae18d9955215"}, {"02709bc9991f35"}, {"a4ff23bcbfe788"}]}, 0x48, &(0x7f0000001400)=[{&(0x7f0000000200)="4a2e349fa9857bbb3ddeec72128b4fcd0a24e86e603774f52be646e3a323d7", 0x1f}, {&(0x7f0000000240)="6251993ddd67f2ead71b5547492d96033668d7b29eb82b685dcf72e9e3e5800cf9de19086b2b2903738f97f4a96679dc697d0f7ecaaac6b5ba991910202c884751cb5bb26e7180338eeb76770eb2d040e1cc52947ad13529a154df1a54829f0330c9484009000e9fcb233c8cd27cf89a00c0410e93550404b836d4b8537b510bc88d7e7f8209ca22007c254f2c74eca3852860419c181c1efdcde52a6c126f1240838ec889104558fe02ccd89af2d3131d8888dddfd767786e2bc3fe69bd99a4be68721ed09152bf1e80ec11ebf4dcbebbce5e", 0xd3}, {&(0x7f0000000340)="cf48c06e12e2010919fd29e7964f7bd997df1d5e7056dd5513363013e90743204e3d8c12263c4eff8456e25cc5620a83d36d80b9530a45c2db2a672ea2e90b8d17cdf06f66d38a9dd2e70b4b916a0a738c16b34742d4b816003a3706eff04e1ed523013552f7d9136934956bcc4bfea7fb63b39a177246c3114744c7c67f06dd083f8ec0c254e678845e1fe97fbb01e76d4d8cae215ab6c50de625c3c6f241b9c177436c166e66fd14a073670a7a99333361128ee2d84313bd2afba496c9fa7dda97bf69b45ff8ac5cce3a98035bedeb0c936f8d1e6f56d2fccece2b9adcff66f51a2d548a41291f6b31cd7dd1331d43b04163fefc31e53ed172a526bc48044d520c311f90c82676d49d2bd82d607c7d1607cf0af351f4a1e9e045c406551f002c0708987270eb0d6e33b78dabd1203a98b3c6012ea3280c5c2eab893ef61c223fb5a41e737d5e31c8e0530eddbbc2a0e02d5135cf694326666c074112a5d8af72afd3722fcb2a09354b696ba59876c9da1201eda8648228e174587dd92d83739d264afa7dbb961e38e5aa9660045c6dcff316a915099d140e889487c13259b913d5ab5c200a3d9c4619e004dcce5d6de2c5ead3040a18cd76f00af077894544fae91baca7f3f86f9b057bc6ff49376cfe0e25abe02b6daa7c9cb007eb98d6bf213635c46d38c3d97100ff9874dae5ff7595e650911613a51706328dbfdfc77348b4f99ad2b5856190dd3a32a43cca0d17740cae45e0f49b62772354386ffc949934059df01ebd0710fb21c952cedf304585060a654b0bdde18151401688b1f8a21122f2c42c0ce5a501ec13fb5dc6ae74ffd3250b8468530d869c216c35ce92e8a09c6417d1735c248f539e908e7f6f8f900d43c90c213d40665f5273e9b9c4076624282af664077fc3d01edfe4b156e11ee09d04c27d7148a0134c7f6b92743bbf627d7da0a670fc19d326f2cba5e5d0c61dee31d8203ed67d1fcff42bed3390e4fb3ccadd1e82010b5cd73b753140a7ad84331eedb60ab7e0cc4246052740ab8dcee8ffc7a4f1099b862fc2ec80440dade5561e23fed1c097c3c58ab594a776b901fdbff71327468b6d3c075813fbd45a43dc7216c8428b8b81d1fb9fbaa5a5d7dec10e3d8c506a9d0f26af255b092809c2230c46f0bad5de26bba55135d54a73d9904c8e6a770fafff227434cc613a060f1f23a96bdd574b27a95bffaa19baa61e64ed31fb3cf1395eca82e8b2e49ab8ab8fb50c725c3d69535af4b08eab77972980b4b51a8f71f7f30a2493245278cd6752cb5202c0352a4d0e14fc06f00c853c531a63f445529caef108420c72a18cf532e6c0c60ddc035be6cbca7b1895a3394cb95be2568a3fe9c5686af4c84592d1a3a14d05fff659893504bee8ce67f2a701eeb40befef61762d46a373f633c237e3f19ddbb27a9d2347611ca6931ab80905605cc044eba09ca094e823776d618c0508d7c58a18517be5c64d9c0de5f007eacf6b8564470752801b330bb9b3cb82bfec7be808ed1aa4fbbe86e57c405ecd2f5cd02062bbd5779a968b50ab6a30c36aa76034827d423cbe013ba7141633a0e2d4a90afbbb927ecce5260dc28ec7546444e2cd5eb4148d973a7e7d4c199f559bae731382585e32a628d3e0d4317da18ecbc092fb11c2380993d68cc6639ac02c7ed738a8c2223d496cdbab7befdfaa47d883b601cbeebd1b27d6d4f4133ef10d035a1dea9d30a2eb744a3a0aa9a3e70359da9823bce9925caf212ffb2e69bbfc99055584c3c678691ab515c9ec478facc46b26548f03aef599d817aeb69540b484980dd7cc4ec316130701765a37a73bde819a96c20a7090cb821bb35b699e57e22659c6967428b75af78d43bb692326d886763d44144999864273b74681b38186906df1a4734967e73ecaf22a25b4eb535aa1e0fa7e9a01502a33c7646b2e8362ba887b0deb7f441615367c6f591013f89ceb96873c647a6b9fcbb3996d8862a1d03337fbc43a3dbd9588a655dcc361e29e2ee9617e1ad8f85ea92b470a0eee1d3637a2aa10e4ac3d5f38c6cc73b9e3d5e9b590f3e9cb994916f565210e449879d4c0a73a2ab83f03dabb6eacbfcda71975b65a53f18b969c03f6b1a2d2239bb8736a091bb0f3b7f0d373a7c996bc864e9cc68aae11d58c6520a6214f289baa0fb8b178f03df5b638a54bb93bacc826754aa6eadb27348fe08e1f971993846096c1d724d6acd0d9fbc04a61462d0c3fa4e72650201faa2d7643c5f535636b11dbe475659fba41903cf939a77a7e65a51e6143e78fc8baab838dd2e5ab342b1548149f8c81961f2fea73a1a128f171365b2745a0cc89d04591b2221b6c7744e07f7e00339dd9bd7fad77587f7e1c2c75de8ad92051a0bff9c3a212c804220c1f320201e9bed819b1644909145c0b75b54e52b9b4e4e7cee6e7e5744efa6d568e8ce0e5702271b6b1bf57d9832d7572887a463274bcc7c1f2be8126d40e025b7c1a2df80eb98697b46a7dd8272f4460ef5b4b6f7bcc53ba878e7c9ad74289c23b5e874588adec5a4168109b9501fa70742dc6ba7c66ae581c8d0c995ff72cb9cb809234431b7d13a9da1b99c83a0097dd3b2ee4940e69097ffb2abc79ca0129a645f96cea169888c4e38c0db23cc50f2f7d013904694eb0da6954a7ef3cba33e93e2c38103553decdb385032c1c526f0a97e2aa6197f227eab20627fd0ac648535db4eedb15f4402b3d1ff6de858f9d1d66f5bc4448e77243c2212e9f00319db3064c7c7e939b08a6388e943cedb90e5f79d4e3fb6859da6adb97106e808a8ed870d6cdc7a0632ce4fb1e61e4a80a814e2b78776cad87ec22508b0a73f0b6d81459ad7d2e38f6047e8846287bb0d1643d1a49165a8dd45e901213a820323e327d2593ed1a8cb0fff8e6c643674afc6d9824131738727886a4585d76bca44692e948ee6df4a71fee5cf6487b461ec5d3d34137ec8834a614b0add0cd3b9a5e9c4f50a63800450221fa526ed28510878878420c841afbec24eee589ad5ddbd86f1fe82e7a2a425e05e880b40de29c04e1a833e41613376ae2bf5cd31c1cc0a0b305cb6f07810e67cb22aafd676e2a1706ec3b83040efac022b76f03142c41f0a07802dc5b5bff8977af3dfbc8a81d66d6bc1449340b464e478b330a733f7018cf5673196164918789c5de7d39395ff1c0e900b5779a5070a9be971e3acd5bedea00cd2cac14466b079999a90a888f1d2bb79e33cdcecff8f0c8219a0f2d9ebcf096401c33d533a785c3da1c28052ca7f480cfdf48d2025a97e7dd5b153dd4a08afa790a843aaa282945fb32e0a33216cf0c2f7b6329bc6812acde1d1d8a487a41ee003945a60fcc5a7e2d86f7fc80fb4df89ac0220453ff89af77ec46140fd2c2e6ff88953107562e8cfe811eaf574b4c9de5a2abe0d89a7a92f41a14050e55d0623a682831914b14bcdaf59c571d577dee34b00315eb17e7c64d6677327053bd4be6a76e1ba6838505437db550f151201e7a3be0c5a9af64e003e4eb0563504f14e84d596a5e251bfa1137379092e02366391e7af856b8723bcb067a44ffa7441d9eee908c8f919ce6dd8dfdbf5cf80b51f68970f4fbb9aec9bac8490bb92dd031031bb16169d79e2857b5d7fce6ad1c6a6a24179b2e0e12605aeb8aa88fba8064579da6e8352e3f93063f3fbd4755efb573f07631c1964a7ad105a6d1590b2a28b9acaa9c20c1e79af30698ce5bacb85c371794d37a6d5d6d92d6a6293bb279738b88daaeb552f86f75ba5491117c6be7f916c007aa8dfa87ea743ec2f5e934958c52975200c7f771db706033cbe228119927f15cd8a5fbc18ca73136b5baa7ce956db049180c1239351fec87b9f8cc00586ac26908cb716b8ef1da90286170084cf4652323ae97e49511c7870a44f983f9ff6191d541e578cd2e53f73045e5eed541a0896022db1d393275a45b059480a1a3fc8b4db1480be9f1ba3eb0fd710d2d51e5707e7368ecc48371677190eae57a3826f8b0b063d233cbf54815b5039083cb88a923b7d3f0de9424e99950a4801ace37f658deecd7b1400c9aab3256bde11f05bd9dc930e424db8e35ef84c2c95c877b7994118a08350233378b4c43f9786aecc77aff303789badcd2d12f334852d45adc084c3ad5cb8af728329b77e4f17e506b30d4d3f6b9ca1871d9c4f56310ef7c54ba1274d58ef8faa9ad0dd0284bdfce00293224294884a4b13203b2428fb7710449a1bc89267b34fb5a7cdfcb88ed9cc9c0365870ecada031dc75ff55abf7d53ebe9e418cfea916d6dcdaa634ec2131f3dce9fdc06d6985714fae341a9fd9578ba147e82984b064e5f818517a270fbfa30ed2b68b889e42ac8fd01ceb490e168f1fe3536bd1af88d4b8c1a5d333d4a2851eccab74096a5b8728381c3daffec4df6295f39ef758d82491de6e436eab5bc687f5c5c965af006992b6844c47521301764c93ebac6ee64863c0b6c6e50ee9e451333ae1be0cff1ae4a7b7ad1d90061ad58d608b2213626b8d52948ae6f9bc900b48df40150a483f7e2151ead568b012027b4fa4fc5f9c727c04edaf10ba8b9d15a2ad67dc27c65656656a0740dfb2486e869fb600efaee063ab773eca6a652756411131437a0c4578c563d9e149f54757bbbd42e52a70961a100a8ca84349d506b5101cfc5fdce2b805ec3f5bde7e0998d8ab8a689ea03b2bf67dc98750226f98b3811d4970371edec418a9e5ea79c76e803d447c632f6b0e00d968dfaf313a3eb6c7e87c98379218b1449ed2956577c6034478a35d628ccd0e27f17e4f8724013db22dd16cfd3329255e0fe66b36a877d000aebb1fedb06703c4b19d2cc39274de38576e1ed558d84da531fe0b079995b4056dacb45415d0e8383a79a5392ad2a97e3e2047fdfcbc32d2ae581eef156ff71f918021a4f372d5df3309da264ddb336074808a958bf73fce4a378b3420ae9faae36a105e51a29a5ee3722ca72d489fbd2971dcc2800f96f4ca1225466e739117dcbc3aa33ee1efaa555732b4261b2ab1770dfd9b495b10741b7b259704e87a8b9e14f60989ef882e371e29dea73cbc01f30e0c50d23fde380d80f9546b10543ca7997d6c929abe8fa19781b33afdc7f02af11d940be10e55845fb4edf0d87f43c691936f136dbee531c004884160c3c4b1e229ceb13b0128c7cad5db296cea6737dd3652f54b7b9f861fa50e457b2d5b894dfecb7d8183ef0dc0b4bce275c84a0907f7f28d197e21d905a091256541290fd8083c7c4eec26e7393d859bbfc6477597f86b8fda2a754159b3e4770a34c18440818b37aaf62126861ddb9c996e1e0de267d2f94bad06b35820708553e88169ef6a2a43f959487b7379477dbaa82bdf3dd3484fd2a321dac3ceb652b653d12ce6047a226033da7fbe0744b7a26bcfadd6aa70174e49c085d607c2ada696e267c5db4d60ef5a906e16d1724d2ddc7301e2bdecb37eb61c0377e620abac21868022a5c3e557fe9771ea8cc90af5ba09d55461b4af1ceb9afec8a98af4a5e89b3f266d76271959fe410f3e0e211a0c4e2c508264faa7b9caaf17ed4474dced08b0a8155431b964248570996c7dc5b972d8ec7d6ad97d5aebcebcf2eefa993db0c7a13e890a3f5e1cf46f6a185729a9bacd6c3a95098a75dda437c16286d972f319e2942b94b4393a5cac8f5b5c470be37da32e32f23b6ea8bf5349af507ad1c68d2bb7bfab47f1de04bf5fba063a58562e1d447ffa2c3294c121aca3192638e64b273bcf0482a55279f8b2e4254ad6e4524e8bf8ec", 0x1000}, {&(0x7f0000001340)="67e35ae45520ea02df4f386c3667571c93f8110a27714d51794c77242deffa4d3d039abeffbaecea05e4dea43dfc4a72802f28be54933cc3fd42bbc6e4a5d5", 0x3f}, {&(0x7f0000001380)="eea49fb3e435a73117d3efab0fc09107152360ad726e3087b0362ff766b047901d6beee54bde1bff5c38a055a3d8e0c64ba86b5854c91995a12e14a7efef4905bb0624d36a44b5e364f581894be8d2df4b82aae2", 0x54}], 0x5, &(0x7f0000001440)=[{0x30, 0x105, 0x9, "8fddf8f8ac791bed5b9cf63becd00ab33da87a13eace7140a9d14f3589771054bf5a01bb"}, {0x38, 0x0, 0xcf2, "7b68730f2c2418c5dace841d45d92968cbe4a550851f4864672e365ac0cee75219cdffa64863e06eae7e"}, {0xfc, 0x1, 0x620, "5a0b5a24d3d9c2a3e21966ed013680ee8f090fc1b70a6681145dd0ec1981907a59ceba69b6a268264942c9b07ce13bb96317ca42b826f4109f6b4c43fede100be70df0e44735e944d9af8213f6e9565550045508c14307f9598117dd1ce50d540950984d8c838fe6c040b5a7eedd3b1227511de21a2554d35af5e33d31c91605764f9ab746f2faffee87bbef48d02fc8244e8b37c6a931a53682d0a7f50d9e88af151c29b0d1386c50c7669f1b0719c6856919ab1f5a35938ad4625495be87c7bb79f151e6a36643dc34d930f36e389a90fc7b81ade649280d61f8385b620ac561c98c7c0d0e288437465c3a4ebe"}], 0x164, 0x4044810}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x84000) r3 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0xfffffffffffffffc, 0x100) setsockopt(r3, 0x0, 0x7, &(0x7f0000001600)="89fe5205cbfd118ad8ba36b086fbc056973a7977b5ad73f3628f4bd388cad3b0fcd8ad369d9458dd03eb5d1ffb61f24962f17e882b76b5f2e545f6e204", 0x3d) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f0000000040)=0xffff, 0x4) timerfd_settime(r0, 0x0, &(0x7f0000000080), &(0x7f00000000c0)) 2018/06/01 03:16:39 executing program 7: r0 = syz_open_dev$sndmidi(&(0x7f00000002c0)='/dev/snd/midiC#D#\x00', 0x8, 0x22e00) r1 = add_key(&(0x7f0000000440)='ceph\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000740)="b4bc9db2454a6dc72aaaea26f9d91f264011aaefd79a617dd92df095dc2cb72d16d555556b81a8ed7c51e664a19074", 0x2f, 0xfffffffffffffffd) add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000640)="70988bbe3bcc3f3e287f3ab1887dc550c706aac4a21e83012374c4534687a23ccdd9292db1cb141d42d3aa4b380ceae3ff458f62f2d2450f3045456c24dd794b519c835d4cce29132870c5b7a1b6cbf3be0b46ecd6c9440a7f362f057515389b889e7c2be3384c4d5de326a1db2f04a2d3dd84d1b93a75dbecd5cbce18f8358b7a49fe9dfd6aed933a99c37ba576b94b9f5b1e9a6af37826f53b681604565a178db83f9ff298ab7a7f9a2957a2a431f49b0c2b583b910e65b4d3a8d2e2895b879d601840c5382ea76083a7d526128dc89fa4a97e1e8027af54a86302fac99130a63f96", 0xe3, r1) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x1d, &(0x7f0000000780)=ANY=[@ANYBLOB="eeffffffed0013a4e79d19d8af5835de9d38525e8b05d3439abf82cabdcd70fa2b0a6c770376d595c965aa842fa8b895f06693f8fe1b35cc98e9bc334e86575ac152127c72a2569aaf7fd16dd3bada0b80485bf881a38f54e0c1dd4f8abf0574aaefcc1b8a0c92b0d500bbe58c2490a204", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000340)=0x2c) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000380)={r2, 0xe59c}, 0x8) r3 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, &(0x7f0000000180)="a4", 0x1, 0xffffffffffffffff) r4 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r5 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, &(0x7f0000000080)="84", 0x1, r4) r6 = add_key$user(&(0x7f0000000140)='user\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a}, &(0x7f0000000200)="1f2d", 0x2, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000480)={r3, r5, r6}, &(0x7f00000004c0)=""/155, 0x9b, &(0x7f0000000600)={&(0x7f0000000580)={'sha3-256\x00'}, &(0x7f00000005c0)}) 2018/06/01 03:16:39 executing program 1: r0 = socket$kcm(0x2, 0x6, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$bt_hci(r0, 0x10d, 0x3, &(0x7f0000000000)=""/86, &(0x7f0000000180)=0x56) [ 1412.705653] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1412.713351] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1412.720615] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1412.727872] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1412.735145] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1412.742408] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:39 executing program 7: r0 = socket(0x18, 0x0, 0x1) connect(r0, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x2, {0xa}}}, 0x32) setsockopt(r0, 0x400000000000111, 0x4, &(0x7f0000000040)="04100003", 0x4) sendto(r0, &(0x7f00000002c0)="25b790c9d268d3", 0x7, 0x0, &(0x7f0000000380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x80) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000000)=0x3f, 0x2) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x80000, 0x0) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r1, 0x81785501, &(0x7f0000000500)=""/233) [ 1412.759211] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:39 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:39 executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x4, 0xa8e, 0x20, 0x1}, {0x3, 0x3ff, 0x7f, 0x1}]}, 0x8) 2018/06/01 03:16:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x52}, 0x0) 2018/06/01 03:16:39 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x20) ioctl$KDSETLED(r1, 0x4b32, 0x4) fstat(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000200)={{{@in=@rand_addr, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000300)=0xe8) setreuid(r2, r3) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000000)={0x8, 0xffffffffffff0000, 0x3, 0x8, [], [], [], 0x7, 0xc5, 0x9, 0x101, "646f56655e2771b9f1373e97f407a37f"}) perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000005000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc0485510, &(0x7f0000001000)=""/250) 2018/06/01 03:16:39 executing program 2 (fault-call:2 fault-nth:89): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:39 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xbf2, 0x4200) ioctl$TCFLSH(r0, 0x540b, 0xfff) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0086426, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{}, {0x0}]}) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000240)={r1, 0x7}) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000000c0), &(0x7f0000000100)=0x4) timer_create(0x0, &(0x7f0000000040)={0x0, 0x5}, &(0x7f0000000080)) timer_getoverrun(0x0) ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000280)=""/85) 2018/06/01 03:16:39 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00005a5000)={&(0x7f000059fff4)={0x10}, 0xc, &(0x7f0000007000)={&(0x7f0000070000)={0x28, 0x1c, 0x109, 0x0, 0x0, {0x40000001}, [@nested={0x14, 0x2, [@typed={0x10, 0x0, @u64}]}]}, 0x28}, 0x1}, 0x0) 2018/06/01 03:16:39 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xa}, 0x1c) shutdown(r0, 0x0) [ 1413.238395] FAULT_INJECTION: forcing a failure. [ 1413.238395] name failslab, interval 1, probability 0, space 0, times 0 [ 1413.249748] CPU: 0 PID: 24225 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1413.257120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1413.266484] Call Trace: [ 1413.269091] dump_stack+0x1b9/0x294 [ 1413.272737] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1413.277944] ? unwind_get_return_address+0x61/0xa0 [ 1413.282898] should_fail.cold.4+0xa/0x1a 2018/06/01 03:16:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x25}, 0x0) 2018/06/01 03:16:39 executing program 1: r0 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3f9}, 0x10) bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}}, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg(r0, &(0x7f0000030000)={&(0x7f00004aeb5c)=@generic={0x10000000001e, "02ed01000000000000000001e527cc573c5bf86c483700c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f9b1ff010003000024e7af50dd0700000000000000e3ad316a19830000000000000006cb24281e2780e503000076c3979ac40023bd07020078a1dfd300881a8365b186827436"}, 0x80, &(0x7f0000447ff0), 0x0, &(0x7f00008b2000)}, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000040), &(0x7f0000000080)=0x30) [ 1413.286985] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1413.292103] ? save_stack+0xa9/0xd0 [ 1413.295750] ? save_stack+0x43/0xd0 [ 1413.299393] ? kasan_kmalloc+0xc4/0xe0 [ 1413.303299] ? __kmalloc_node_track_caller+0x47/0x70 [ 1413.308438] ? __alloc_skb+0x14d/0x780 [ 1413.312883] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1413.318090] ? udp_sendmsg+0x24ec/0x35e0 [ 1413.322162] ? inet_sendmsg+0x19f/0x690 [ 1413.326151] ? sock_sendmsg+0xd5/0x120 [ 1413.330054] ? __sys_sendto+0x3d7/0x670 2018/06/01 03:16:39 executing program 6: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup2(r0, r0) recvfrom$inet6(r0, &(0x7f0000000000)=""/4, 0x798c2e70f51d0cc3, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x251) r2 = fcntl$dupfd(r0, 0x0, r1) writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="7951702297e9ebf5ed55c0d60a52cb7bb606b11cbbd623c9939cd0e88a1206592a53ad7291d4f452754cfce8", 0x2c}, {&(0x7f00000000c0)="6d478164cfd56c44884e38e2a7952c59c673ce6352e09b35fabf69ac8c882749b30cfc36600e0136de703ffe8952a0214871b6dbb5c665db83cb18d576529c", 0x3f}, {&(0x7f00000001c0)="a32da7f703d50d320b470632c294a70915788e99ab9c7cbb2e4ae9180b765e8cfbdd6e7de8465a7d236a73c17e09a7fa65f285efdc4c8aea1ad55b8214a5265f3806a841eeb08df2a7a72959ea4128e4b5d25044b952acf8872d502082141ad73947a26c4bc9ab12a7a6a623e738757bb5e75d01f34da0882196862ca7406c0d5722fdd44cf776f918fef81b39ab983382411a22aa961b53762f128e9e7a3add29bf982060a8e40ce2f59f55bc2d031b316528d09a93c571d4c14624e6d3b96aec667017709c099b244f2c9e979dd7c066fa71b2e69eeb2da22759aa6c742ac9e2cb", 0xe2}, {&(0x7f0000000100)="ce6ee32dec301a8f513f1a9d814c72fe", 0x10}], 0x4) bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) futex(&(0x7f0000000080), 0x400000085, 0x0, &(0x7f0000001ff0)={0x77359400}, &(0x7f0000000040), 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000700000004000000a4040000000000004001000040010000c0030000c0030000c003000004000000", @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="00000700000000000000000000000000000000009c15da559b3d8bc53ccdba98ac1f9d0000000000000000000000000000000000000000000000000000000000000000"], @ANYBLOB="e0000001ac1414aa00000000000000ff0000000000000000000000000000000000000000000000000000ff00000000000000000000000000eece15617e8b000000000000000000000000000000000000ffffffffffff00000000000000000000080000040020000000010000766c616e3000000000000000000000006772657461703000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000010000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c65000000000000000000000000000000000000000000000000aaaaaaaaaabb00000000000000000000aaaaaaaaaa1900000000000000000000e0000002ac1414aa01000000000000007f000001ac14141900000000ff0000000000000000000000000000000000000000000000000000000000ffff000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000000100058000006805e900056272696467655f736c6176655f3000007663616e30000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000040000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0000002ac1414bb020000000100000000000002ffffffffffffffffffffffffaaaaaaaaaabb00000000000000000000000000000000000000ffffffff0000000000000000000000ffffffffff50e8b943364597a900000000000000000000000000ffffffff000000000000000000000fff000400808001000000087663616e30000000000000000000000073797a5f74756e00000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000200000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0000001ffffffff05000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e4000000000000000000000000000000000000000000000000002400000000000000000000000000000000000000000000000000000000000000feffffff"], 0x4f0) ioctl$VHOST_SET_VRING_NUM(r2, 0x4008af10, &(0x7f0000000840)={0x3}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc00c64b5, &(0x7f0000000900)={&(0x7f0000000300)=[0x0], 0x1}) dup(r1) sendmsg$inet_sctp(r1, &(0x7f0000a29000)={&(0x7f0000000140)=@in6={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c, &(0x7f0000fc8000)}, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) ioctl$sock_netrom_SIOCGSTAMP(r1, 0x8906, &(0x7f0000000180)) [ 1413.334051] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1413.339546] ? do_fast_syscall_32+0x345/0xf9b [ 1413.344068] ? find_held_lock+0x36/0x1c0 [ 1413.348184] ? check_same_owner+0x320/0x320 [ 1413.352525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1413.358087] ? rcu_note_context_switch+0x710/0x710 [ 1413.363045] __should_failslab+0x124/0x180 [ 1413.363845] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1413.367307] should_failslab+0x9/0x14 [ 1413.367327] kmem_cache_alloc_node+0x272/0x780 [ 1413.367366] __alloc_skb+0x111/0x780 [ 1413.367389] ? skb_scrub_packet+0x580/0x580 [ 1413.367410] ? dst_init+0x459/0x600 [ 1413.367431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1413.367449] ? ip_generic_getfrag+0x11c/0x2d0 [ 1413.404758] ? ip_reply_glue_bits+0xc0/0xc0 [ 1413.409081] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1413.414091] ? skb_put+0x17b/0x1e0 [ 1413.417626] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1413.422653] ? ip_reply_glue_bits+0xc0/0xc0 [ 1413.426977] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1413.432768] ? xfrm_policy_lookup+0x70/0x70 [ 1413.437088] ? ipv4_mtu+0x375/0x580 [ 1413.440706] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1413.446151] ? find_held_lock+0x36/0x1c0 [ 1413.450217] ? ip_setup_cork+0x44d/0x6d0 [ 1413.454360] ip_make_skb+0x2be/0x350 [ 1413.458067] ? ip_reply_glue_bits+0xc0/0xc0 [ 1413.462379] ? ip_flush_pending_frames+0x30/0x30 [ 1413.467486] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1413.473030] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1413.478563] ? xfrm_lookup_route+0x64/0x1f0 [ 1413.482882] udp_sendmsg+0x24ec/0x35e0 [ 1413.486757] ? perf_trace_lock+0xd6/0x900 [ 1413.490906] ? ip_reply_glue_bits+0xc0/0xc0 [ 1413.495227] ? udp4_lib_lookup2+0x340/0x340 [ 1413.499813] ? graph_lock+0x170/0x170 [ 1413.503618] ? expand_files.part.8+0x9a0/0x9a0 [ 1413.508211] ? lock_downgrade+0x8e0/0x8e0 [ 1413.512354] ? lock_release+0xa10/0xa10 [ 1413.516340] ? check_same_owner+0x320/0x320 [ 1413.520662] ? __check_object_size+0x95/0x5d9 [ 1413.525154] inet_sendmsg+0x19f/0x690 [ 1413.528945] ? __might_sleep+0x95/0x190 [ 1413.532907] ? ipip_gro_receive+0x100/0x100 [ 1413.537222] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1413.542748] ? security_socket_sendmsg+0x94/0xc0 [ 1413.547505] ? ipip_gro_receive+0x100/0x100 [ 1413.551827] sock_sendmsg+0xd5/0x120 [ 1413.555548] __sys_sendto+0x3d7/0x670 [ 1413.559350] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1413.564023] ? wait_for_completion+0x870/0x870 [ 1413.568638] ? __sb_end_write+0xac/0xe0 [ 1413.572610] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1413.578134] ? fput+0x130/0x1a0 [ 1413.581405] ? ksys_write+0x1a6/0x250 [ 1413.585193] ? __do_page_fault+0x441/0xe40 [ 1413.589416] ? __ia32_sys_read+0xb0/0xb0 [ 1413.593533] __ia32_sys_sendto+0xdf/0x1a0 [ 1413.597673] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1413.602684] do_fast_syscall_32+0x345/0xf9b [ 1413.607000] ? do_int80_syscall_32+0x880/0x880 [ 1413.611575] ? _raw_spin_unlock_irq+0x27/0x70 [ 1413.616067] ? finish_task_switch+0x1ca/0x840 [ 1413.620555] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1413.626081] ? syscall_return_slowpath+0x30f/0x5c0 [ 1413.631007] ? sysret32_from_system_call+0x5/0x46 [ 1413.635851] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1413.640687] entry_SYSENTER_compat+0x70/0x7f [ 1413.645093] RIP: 0023:0xf7f63cb9 [ 1413.648457] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1413.656163] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1413.663424] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1413.670686] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1413.677950] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 2018/06/01 03:16:40 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e000000100000000000000fb"], 0x60}, 0x1}, 0x0) [ 1413.685206] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:40 executing program 7: r0 = socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0xa00000, 0x400080) openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x10000, 0x0) ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f00000000c0)=""/4) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)={0x2, 0x2, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}, @sadb_sa={0x2, 0x1}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}]}, 0x50}, 0x1}, 0x0) 2018/06/01 03:16:40 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) pread64(r0, &(0x7f00000000c0)=""/86, 0x56, 0x33) setsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000000)=0x6, 0x4) getsockopt$inet_tcp_int(r0, 0x6, 0x9, &(0x7f0000000040), &(0x7f0000000080)=0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000140)=[{0xf, 0x6314}, {0x8}, {0xf, 0xd3}, {0x4, 0x7}, {0x3, 0x400}, {0x2, 0x1}], 0x6) 2018/06/01 03:16:40 executing program 2 (fault-call:2 fault-nth:90): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:40 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x6, 0x10, 0x100, 0x80}, &(0x7f0000000100)=0x18) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000140)={r1, 0x9e, "c19b251c57be50df153ed707dfd0f2d02f3bdf33326d0484e672ab0392a582dbcfa1c7a68348325b6e9b9d132220d15f663df0331731e304f9eb2d9413783a994a67f10b98db79bfbce6d992aa77beb1285feb53b2dadfbcccfdadc032a1a7fb3fc870ee237b67c10a921e22ea0b924460b958d98a6770717f84556c48e5510569c45f27a12e6b12724e1bb4da15f7885c518452d6e98ef8296989d3afc9"}, &(0x7f0000000200)=0xa6) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x0, 0xfffffffffffffffe}, 0x10) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10) r4 = dup3(r2, r3, 0x0) read(r4, &(0x7f0000000000)=""/119, 0x77) 2018/06/01 03:16:40 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:40 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x5}, 0x0) [ 1413.883353] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1413.897482] FAULT_INJECTION: forcing a failure. [ 1413.897482] name failslab, interval 1, probability 0, space 0, times 0 [ 1413.908833] CPU: 0 PID: 24257 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1413.916210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1413.925576] Call Trace: [ 1413.928189] dump_stack+0x1b9/0x294 2018/06/01 03:16:40 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='system.posix_acl_access\x00', &(0x7f0000000080)='$wlan1\x00', 0x7, 0x1) userfaultfd(0x80000) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x1, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x4) [ 1413.931840] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1413.937048] ? is_bpf_text_address+0xd7/0x170 [ 1413.941561] ? kernel_text_address+0x79/0xf0 [ 1413.945995] ? __unwind_start+0x166/0x330 [ 1413.950165] should_fail.cold.4+0xa/0x1a [ 1413.954244] ? __save_stack_trace+0x7e/0xd0 [ 1413.958584] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1413.963715] ? save_stack+0xa9/0xd0 [ 1413.967362] ? save_stack+0x43/0xd0 [ 1413.971011] ? kasan_kmalloc+0xc4/0xe0 [ 1413.974919] ? kasan_slab_alloc+0x12/0x20 [ 1413.979093] ? find_held_lock+0x36/0x1c0 [ 1413.983197] ? check_same_owner+0x320/0x320 [ 1413.987536] ? rcu_note_context_switch+0x710/0x710 [ 1413.992489] __should_failslab+0x124/0x180 [ 1413.997505] should_failslab+0x9/0x14 [ 1414.001324] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1414.006443] __kmalloc_node_track_caller+0x33/0x70 [ 1414.011386] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1414.016164] __alloc_skb+0x14d/0x780 [ 1414.019883] ? skb_scrub_packet+0x580/0x580 [ 1414.024200] ? dst_init+0x459/0x600 [ 1414.027823] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1414.033349] ? ip_generic_getfrag+0x11c/0x2d0 [ 1414.037845] ? ip_reply_glue_bits+0xc0/0xc0 [ 1414.042163] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1414.047173] ? skb_put+0x17b/0x1e0 [ 1414.050708] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1414.055727] ? ip_reply_glue_bits+0xc0/0xc0 [ 1414.060052] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1414.065843] ? xfrm_policy_lookup+0x70/0x70 [ 1414.070155] ? ipv4_mtu+0x375/0x580 [ 1414.073776] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1414.079214] ? find_held_lock+0x36/0x1c0 [ 1414.083291] ? ip_setup_cork+0x44d/0x6d0 [ 1414.087360] ip_make_skb+0x2be/0x350 [ 1414.091068] ? ip_reply_glue_bits+0xc0/0xc0 [ 1414.095379] ? ip_flush_pending_frames+0x30/0x30 [ 1414.100132] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1414.105670] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1414.111288] ? xfrm_lookup_route+0x64/0x1f0 [ 1414.115606] udp_sendmsg+0x24ec/0x35e0 [ 1414.119497] ? ip_reply_glue_bits+0xc0/0xc0 [ 1414.123816] ? udp4_lib_lookup2+0x340/0x340 [ 1414.128126] ? graph_lock+0x170/0x170 [ 1414.131925] ? expand_files.part.8+0x9a0/0x9a0 [ 1414.136497] ? check_same_owner+0x320/0x320 [ 1414.140826] ? lock_downgrade+0x8e0/0x8e0 [ 1414.144962] ? lock_release+0xa10/0xa10 [ 1414.148924] ? check_same_owner+0x320/0x320 [ 1414.153245] ? __check_object_size+0x95/0x5d9 [ 1414.157740] inet_sendmsg+0x19f/0x690 [ 1414.161535] ? __might_sleep+0x95/0x190 [ 1414.165499] ? ipip_gro_receive+0x100/0x100 [ 1414.169812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1414.175346] ? security_socket_sendmsg+0x94/0xc0 [ 1414.180088] ? ipip_gro_receive+0x100/0x100 [ 1414.184405] sock_sendmsg+0xd5/0x120 [ 1414.188106] __sys_sendto+0x3d7/0x670 [ 1414.191898] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1414.196567] ? wait_for_completion+0x870/0x870 [ 1414.201140] ? __lock_is_held+0xb5/0x140 [ 1414.205203] ? __sb_end_write+0xac/0xe0 [ 1414.209167] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1414.214690] ? fput+0x130/0x1a0 [ 1414.217965] ? ksys_write+0x1a6/0x250 [ 1414.221759] ? __ia32_sys_read+0xb0/0xb0 [ 1414.225814] __ia32_sys_sendto+0xdf/0x1a0 [ 1414.229952] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1414.234962] do_fast_syscall_32+0x345/0xf9b [ 1414.239280] ? do_int80_syscall_32+0x880/0x880 [ 1414.243853] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1414.248704] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1414.254244] ? syscall_return_slowpath+0x30f/0x5c0 [ 1414.259176] ? sysret32_from_system_call+0x5/0x46 [ 1414.264037] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1414.268875] entry_SYSENTER_compat+0x70/0x7f [ 1414.273282] RIP: 0023:0xf7f63cb9 [ 1414.276640] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:16:40 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:40 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xb19f4f4900000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:41 executing program 7: ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000080)=0x5) write$binfmt_elf64(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="7f454c46000000000000000000000000000000000000000000000000000000004000000000000000000000000000000006000000000038000000000000000000000000000000000000000000000000000000007caf00000000000000000000000000090000000000000000000000000000000000000000000000eee684a692b26a590231eae43d5c50e770e82040908e8405fef0c09cfcc7618bb59ed2ec9d22864f1a55e8a061ecb383265d130c72d9521456b6459e9003ae0207d26d4613b121841cd6ce35d9f64104b9b3985c9286c966483ea966249a9c4160f52079e49b70432dc558e29e62336e4298b91ffa6c9cbb60a5893f3e220dada37f000015ce053c32221a033540291487f8ca239e61b6810069077951125dcd03ee7a7a3195b7afb1affd1162a2544b82a59f827aba50644c8cb1a989"], 0x263) [ 1414.284335] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1414.291593] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1414.298851] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1414.306108] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1414.313373] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x10}, 0x0) 2018/06/01 03:16:41 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) ioctl$void(r0, 0xc0045c77) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'kw(aes-fixed-time)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000100), 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmmsg(r1, &(0x7f0000003800)=[{{&(0x7f00000002c0)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000003680)=[{&(0x7f0000003580)="47b12c54ee590635558735126154fe42", 0x10}], 0x1, &(0x7f00000036c0)}}], 0x1, 0x0) 2018/06/01 03:16:41 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) r1 = add_key(&(0x7f0000000200)='pkcs7_test\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000280)="afdc7527f568e8265ede504ed47216f33056f1b5e86e28964372a726dce648f81a22d8bd123efa7a4ea8db5cee3661ce375764dad738ac68f93c10eac1", 0x3d, 0xfffffffffffffffa) add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="2d45d0ef0439911515c274431c16464036183b2d2825ea0be1116e16", 0x1c, r1) mlock2(&(0x7f0000bbd000/0x1000)=nil, 0x1000, 0x0) 2018/06/01 03:16:41 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1414.428199] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:41 executing program 6: syz_emit_ethernet(0x32, &(0x7f0000000000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}}, @dccp={{0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, "e57044", 0x0, "cd98e8"}}}}}}, &(0x7f0000000100)) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0xffffffffffffffff, 0x3, 0x2d0614fcbafe4e2f, 0x9, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)="4e71c750b611fc97d7fad0a3f00aa14846db2d115a691378b16ed45e6419a7a575461a278ea950e5480a1d866d7df0bbbff68102ade915662f6ef2a5d415351816493c99a75729ce6483f2cb7e75c115", 0x50}, {&(0x7f00000001c0)="34a540f4de25f4fdf61a0dd49db1f9fb6a433f8cde8fa16dd1e2de049552a6837b2978a22a28211340d1ac6f3811128de907e03ca40a5fdf214a9fe569f979538ebfc892a5743130e0844bd4548e14d487045c6bd21502aea9c080e129c22447204d338edfdbccb24f577a126d6c137912bc1d05c256d7396e5d9399ca9742600014dad4fe3203cd642aa4a1ca3939b9d173852e650f786102f6bd584398ee6b938a97e5c3ff8674b7106d25d7290384832c0db7533df01150a5bf41b777933e6261f3c1a7501fd5888a8114f48e9c879b7ee08ebac2a9caf8815fa07a83cca207b5d8f3e73916ec9b767d64f379689ec6543487f35c5467e7eed438", 0xfc}, {&(0x7f00000002c0)="5015c033f8bde1b1a00073dd140f4bc47bcc2aa634dc3b35dd251a015ad8190bc7ae911d2b58ff2dbf756c2782ce8d512dd01dcec654eb01bbce7ef6193913937f96d3c2a51365471319ac30474c928b5bb140adfc110c4bc5e7f63cccbc8e0ce309dc43c16330446752cf30e1fd91d58058ed8e19589c3302d28d497f07b8c0f3dab4209b8c28bdae7fa9cb11", 0x8d}, {&(0x7f0000000380)="b0106bdb7e06833f4604cb91999c3943abaaa670b0daf022e2e3a658dc1ceba2cf8c985ec9e79df055a86359aa59a3929941fb0a9f3aad53691845ad8d31847d85322ceb82feb2fea3cd786daa09d10d9fc115ae2e8a19ad71e1f1531e38fd012b8c916765274abf2194fa77cbbba1fe925cc0e90a512f44c917536ececc308982fe17667744f554b9ab71a364e7b65792a0a8de85104755eda4b1837f1b027e8e52e2d520c67c3d4737dcfcdaa472894d48afd2cbb8dcbb1a70ae74520c4e5229ddbc2f7b19cfe2cacb05e52ba608610987905680a1db360149bc0103106a6e87084d4c1bcfa0f2d2b23935ad35764f3759fc8165304381bd4742a439b8b719ca4edce1955d4096879dcfc948b17b9716039f2aa411acf87177e550dc6ef0c7578031abcd1bac0624918d66d8be46aec716ace69258c779bd08f8bbd3bdc710a51353b827a4fc032ba287a34127fc1cc0e53240c556fce5027031a3124cd40a46599289345def2926d3e4e811767b96f096201bfe4aeb4946954b0be4f092cb0216dfedf6c2a46d35db67f92e0f84a71cc061795938ec46748e34fb2579db44f31a3b27bf13ca09feb79c33e32095854a315997ae14aeb65433d253793f98ecf1eb0e040652ab390f82579c488a3fdba23f9eef2838fa8183cb3fe2fa3af2cdddd6b1368a5ddd10142664be5cdc2a753536996b7873cecdb1471f61b77bc2c87d0776ca48ba1b453c8cc639bd72cb4b9861229e87a8c387a9a1490010954306f3c7444c27b51df7be586d211d99fdfcaa615c756c304cf16e7761be48d54f1c2e20033bffebf4fb7b8f95413adb75880380c77454b3cdbab2aa4b52b4dfc4ac2d2cc1b147499543e9cd01cb3f4b8f7fb4edca42632580d20ccc2cc104fd194b2388f5ea039c3b40f2aaeef66588832b0cfd217f28a4160d867b89f52ab38d09d948ace3770c378f14ecfcde05f6867b0509c96ab1d8c13cebf00bbb6be021c012dc99bebff8d3cf4a4faa9d0e1b3d2a48b2d419553697755063f125697813c2dabaa515331d8db42df46fa3cab091846d86b53647d2b3cab5c5a9e3d95e5bb9c7180cba31f5b116048e43f9052a0510102cda4182247636b5eb0118460cc4f42954909db8578a8d52af8775a619f74d8d831ec4ee02ec1e417b5a703287078504f8ae78440d221ea4a8ad0ff3bf2587752aa2696b436cb242be34cff9f2f440d6e0615cd1944a5457817494042f77dbb0cc5765c2f34206bace1ede392f13e7ffe698975e102ba5649a3305804babe161cf6f8742ca15f849ea66c1b32c98293e5fb6482424a842af0d1eca1c27cf4def0c89723a74f139ff45900e2bd901ccd59892fdc7a101e710d0d81c31e777125733f79809aa421a64955a8f8ea0e6404128a0cbdcf9a4cc50b75c1f34ed2030823c33ff4e2064014261f0941ca6f5859fa8ad744a11dcb28252f88d046fe4a6ea21b0bacedfab064ad7e2bd389e16f7fb1f30e1942e5d86b80c8749a385e86734c744b8d6b3d80d59919181b098e6d4243fbaa922cb130045a539b74d5cfd3dbb9e6326ec13dad466c309658bb687a28fecf5ea248788a93f08f7f141c53d8da1f97fe804941cf3f6a182842948356aa3f4187e1adfeb015f27ef3b77362bbe485c5b05c7aa019a1dc6587bdbd067da01650a6e7236c69088df2ba19c29b59ca906d30afcf1df5aecfb5fd2aae1d3fc7ab0bdd1bcd0b7da070111cf5aba59b5ba9fdaf52347740eb43c91dd194b329a9b4c1dfb3444eb34c5538cc01711ccf33e62a7c870f2072a47d9ad87d3c2f7fa792f20ab0b86af78ee3e40f58ba222fb8f69135f4d0b4ec7a28d0d646e2630f78284df6fb3a2aff556f574f0d976c85eaad03886172ca3aee9aa32f0c2b748c221d9dd78d664670502c8355c32421d545ad975017bd596c9c6ef891315a815c555c758951c9e2ade63a9bc0f8f90c698cf692e780f9abd3d9440213dfd06ba67e13297373f8f226fa27d16299e2196c2eec1b9078107fe2c7dba9822c37ebc2fb6f6d5a012eac8a542cad54b3a0057dd05a3cf76b1dfe9084ebdae259391698c7c0a62a59f464636dc6190640121bd84c8d1167fc4ffd772a926e04bff6ea2599b523639054fedd9a8e7421129c52c946a0ad460c6493d351e2b153fedaf3b0b53f4abcbed1834b63765a4caaea310e70603a15a1ffdc0afbe7e4d6bcf8c6ff7932266da014ef25e977baa3f4be538872b7a1ce81af5bd148bb1840391c0b60a874a9c157fbcf9f46545ca67dee2e7caff54d92b983b65a967f25d510228c7bdfc084dc0125787191bbf7c8d83fa4f00e605822674c7a574b54567f5ada587c2b7004ac3a76c21764a1c8ac5c3e66dee2f25eb6dea189d7b0134ffc6c284f6ba02a86adbd3950844d1b671e67ec0bb77cd1a1dc1b3ecbe2e684c2f6001c2a2e7c9fa8df4fd3988281146aef0ead11e0b85fcf36739bb3a3cd75ee6b9ac368c6179e14f315faf00369a986257812a2cebb5f758fee307e90a9f01631de1909f2dfa757846978cdac61549cdb268a24ce41127ffa8bdcc7221b297384eac829f8a98c4d45d2ad7d8c7b0cf4ea726284229966e178a22765da69b2958c38a7e80d3d34876502d0629826717719c155eb3f56d2e120c0786e640cd12cc9d29d5dd61f91f00e5b147b354e8a8e8e8f4242357260f689acb611e29a72823eab3b3f2d184c67535c924bcfb692a35406c76043293f08662ef4a1a0a207d0c4c7c0ba88fc80c9dc2d1511e9f4336903208dfd8519378a9e6b1695ece335aca878f9486113f26af3960ddcb22d8255bbef1c75a7150f8739d8fbb771d683384acf6a438003e1c3432f75b2bdcbaee8784db42f97a2333e8d1385edb7ef032bb25d63d5ae2e28a976ae8acad2cd4754c9e1d396ea4d1c9eb2a2680952883c36f6043d22ec8ee74cc9eef03024f8342fb39706906685bae44985c014981ee901b4d15c981de7ccca71dd90f50058edd3a8188b612eadda7a83c9a6b3c47ae7d565e4c506907e919faff253c3d1da672dc7b4039bde4659b7a1fe272f672d23514b774641cb7798dea6ae9bdc0b6a451676fd0ec3b1d4ca0ae8f2a863848aced2ec70023808b7c2f05061ee83e8050eae4eb2f64d6a8e4a13835fd37fb8592a188935ad09dd559e138bc3d3883798dafe84d81de946d16c24d230105528067401a0964798a12729bbb1a09b031c239f2f8479264926725298a1e4b94d72c11bab54a09d1fdfc228e0fbb6740a2ad35621939e692b528fcff4c4b57a7da167804d64e60c020379f5fbde964afa8a76f32b4593161deb4c5e2db065a293fdaad69fca870fcca804aabdfa3485d38e31a50e89c7742b437d5d4cb8b25c319f007f2fa1c1228e40c6056ee40c8743151917b2fbf0098347b2ee8c1b7cc985ef0b5dfc188fde0c455a839f9a5f7bb39a74221dd3be0b68eb22591170de146645bdffd15f1ed50c00e65c2f1dc965409a05f1d8a4325b418edba8f3c0d8d04290c931d870ec00cc5d0c7e487ea7db18ce32e7a897db87d28c3e5c27c031d5c622aa2b09a9c0173af18338bf71648be00bbab9d81867f69ab1d03f8fdaa6424ba523f463f74533bf35a74c3eb5c7069341b62a1ecbe2ae1229174cb74c025c50ed507ffe9a8cd6ca3f54eab39ac2922c9b33bd4c3c816bb32703012fc4da5dccd11daf3deabfd6a621cd0f915d3618506fac935edd8eb6a76edb3337c170224db2916d575bedad22596c26d3fb337d2efee655390185580ccb6d64c8115c05e9db51500dc72922f6123effa87b1bacee7e133b11931f204491f03ecd256a6403c28385d6ef30462950a7fcdaff01d314cf3391a7f9da8003b9db60efe8b47d39bb81db67cd6948fbb0107b48f614acb22d07e7098c8487ef12b6b4203695c74245f194331fee1d435a150d02d66c1dd13077b09206b883c91fbb9e21b229c8006ada9d96482a9fff5284c09fe1c92a3a50a3c24316fd92ae3d7fcacf9e8946befc7bceb35468fc7b77c73ac87b1f9a83f9c85ef4d6b8662d9b9b79bcf3ab27ba330f356dd2741a0cea40ceb2c06fdd79e0604d33a710f90d287455b18606839b118b47f7ff6a9e966987cc2efe358a4d1108b2f0f5c5090fa21960fb8975a12e868f23ca2f1d875b86b159435e5c469050ce7c9590ed470e32606cb01e1dbfaa9954a2f5a8a2dbd8493cae2901ab3df24567820fae635b9996adf4a59d4b3362154e5343691c68d0d9bf4a54ec7ff79242d334c767d6ec90aeae9c86c5bf9a9bbd8af40f995a80cd3996465e7fb24961b6680f67e12b570865a3268dd0ead2539f30490fb0dbb484bf6bdaabeb276a52166cb331d8a36c1edafb788168c21bcb03827c433f27c9ffaabbc8396779a204f1d414568edc4b78a9d3ff0afa50e5bd2e14d208b4edf367b0d45aeb118f8b2364fce75dd5c91edbed19c0a95912ab729dd4d44488ead03eb464b31b788c99c5414baa03da9d8cc7adb64f08314a9677ad91075d8dcc8f48548cdd0bce1b924c6243cb504b8ad0ae6e87d11e1dbc1917be0ffc6745778368db4201b9e6267e2f472ca380745f4a4ab38c647fa923e8f083b2beedfd5b85a505cd71ffd90a7a32586a8764c8c129243e3e875bb0f259c2e3a2e10bf08accfedfae5717a272ae08bee89c871ec9af12bd68636bb8e3c61be54c4eee983744a7a0628e158fa3ffa19720d842ea30ef7e60205bc350685125d3e1c4709b119f2c3f56447ea6157438c2fa9c08c7b706dca66edbfedf3ebbe7f686073444ac2f958db6d6c56718221634eeb6d8b148b703134ef60d14e99ff60df2833f7875c86150ada9b262834cfc265027eb321b891dbe7f345194bf4b86410ffefe7cc718f49ed87eca27cbde90300c95ee05e3fa2ad3de49d0b6e5d5d55ba7a19dd45597baef2d4aa17deb25f9880b33a3884e74bbed210387b069c18faa8f14a2fb12f5b3d27fbb52b533610a0946b3b4a3066b27ce66b90b658a3900b17c34a682402cafe59781d5a7f782ba81603881e947990f6f3c5e6525522d375d61ee3529fa91f85f6b916516e6d61b83675bed51f3d0eb45a5081b60c31604effa64415f4311b93daa754833480a93f918b93c4777a24dcadbdd1a2e30b121b3c6fa256358843072ecbd5bb12890724ff5fdf85f9ba49548b434b7b0496bb1467dee67b475cd667efdfad1247f4ba652b1246bd2d484a36cd93f12747e5e508ea2a35702fc0b33c976b8abcb46c44d6a55667ddab84fb2d88dd3791b0d88fca512055adc094baaff2eb95b6032193ac232f58766e32174c4bfd693b4296db3de5c4fcc8e587d3920a03c7c144a3f02db4492ff4077ea936a1177fcad4bab1e9b10943171324ecfb4ab727716f7c69b447cdc703152fe8b37c6a5af91c11f30ca7dc78df97cb0645160e6449b9371746400e2629474354574b3db3a890fe769ce42554948e798d6a8c794e125daf56e7f675f3d1278774ff7b4f6363a9d1afe36da24b9c7147681ec11e38f8ccc39601a504e08ef027b41a8d658763f773475ce9ee4862fa43354f7d6d9c46bafeb02e22eb0c8a893f43d86dab14b4975a52f982721bf7d7200c3f9a147e527f8b7114b1aab7b1e19d8a1a2a57597da872ebac36199ab19fa5ddd79af534a814d23bdeb6beac693831c6ef9f53bde34f038173d55626dfd2f5482226e72392701259413f64781d817662bb85501d13b5fd07012ca330fc6597c797be8eb9fb87bebeb1b20feaa257b6d229dfe8c295cecdd1242f61aa0d5d90dedb87", 0x1000}], 0x4) 2018/06/01 03:16:41 executing program 7: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$IOC_PR_RESERVE(r0, 0x401070c9, &(0x7f0000000040)={0x4, 0x1, 0x1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f00000000c0)=0x10000) perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shutdown(r2, 0x2) 2018/06/01 03:16:41 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) r1 = add_key(&(0x7f0000000200)='pkcs7_test\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000280)="afdc7527f568e8265ede504ed47216f33056f1b5e86e28964372a726dce648f81a22d8bd123efa7a4ea8db5cee3661ce375764dad738ac68f93c10eac1", 0x3d, 0xfffffffffffffffa) add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="2d45d0ef0439911515c274431c16464036183b2d2825ea0be1116e16", 0x1c, r1) mlock2(&(0x7f0000bbd000/0x1000)=nil, 0x1000, 0x0) 2018/06/01 03:16:41 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x18020000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:41 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x4) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x40000, 0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3}) write(r0, &(0x7f0000000140)="27000000140099942b8fe9baba030a0011000100f5fe00120500ff000000000000004ea2b17216", 0x27) 2018/06/01 03:16:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1400}, 0x0) 2018/06/01 03:16:41 executing program 2 (fault-call:2 fault-nth:91): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:41 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1415.319748] FAULT_INJECTION: forcing a failure. [ 1415.319748] name failslab, interval 1, probability 0, space 0, times 0 [ 1415.331108] CPU: 0 PID: 24312 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1415.338478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1415.347856] Call Trace: [ 1415.350465] dump_stack+0x1b9/0x294 [ 1415.354115] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1415.359345] ? unwind_get_return_address+0x61/0xa0 [ 1415.364301] ? __save_stack_trace+0x7e/0xd0 [ 1415.368648] should_fail.cold.4+0xa/0x1a [ 1415.372737] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1415.377857] ? save_stack+0xa9/0xd0 [ 1415.381501] ? save_stack+0x43/0xd0 [ 1415.385140] ? kasan_kmalloc+0xc4/0xe0 [ 1415.389082] ? __kmalloc_node_track_caller+0x47/0x70 [ 1415.394204] ? __alloc_skb+0x14d/0x780 [ 1415.398105] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1415.403305] ? ip_make_skb+0x2be/0x350 [ 1415.407210] ? udp_sendmsg+0x24ec/0x35e0 [ 1415.411280] ? inet_sendmsg+0x19f/0x690 [ 1415.415267] ? sock_sendmsg+0xd5/0x120 [ 1415.419225] ? __sys_sendto+0x3d7/0x670 [ 1415.423300] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1415.427638] ? do_fast_syscall_32+0x345/0xf9b [ 1415.432250] ? find_held_lock+0x36/0x1c0 [ 1415.436341] ? check_same_owner+0x320/0x320 [ 1415.440681] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1415.446239] ? rcu_note_context_switch+0x710/0x710 [ 1415.451197] __should_failslab+0x124/0x180 [ 1415.455450] should_failslab+0x9/0x14 [ 1415.459275] kmem_cache_alloc_node+0x272/0x780 [ 1415.463883] __alloc_skb+0x111/0x780 [ 1415.467885] ? skb_scrub_packet+0x580/0x580 [ 1415.472230] ? dst_init+0x459/0x600 [ 1415.475880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1415.481433] ? ip_generic_getfrag+0x11c/0x2d0 [ 1415.485950] ? ip_reply_glue_bits+0xc0/0xc0 [ 1415.490563] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1415.495600] ? skb_put+0x17b/0x1e0 [ 1415.499164] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1415.504366] ? ip_reply_glue_bits+0xc0/0xc0 [ 1415.508786] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1415.514582] ? xfrm_policy_lookup+0x70/0x70 [ 1415.518902] ? ipv4_mtu+0x375/0x580 [ 1415.522530] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1415.527975] ? find_held_lock+0x36/0x1c0 [ 1415.532050] ? ip_setup_cork+0x44d/0x6d0 [ 1415.536108] ip_make_skb+0x2be/0x350 [ 1415.539818] ? ip_reply_glue_bits+0xc0/0xc0 [ 1415.544223] ? ip_flush_pending_frames+0x30/0x30 [ 1415.548980] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1415.554532] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1415.560078] ? xfrm_lookup_route+0x64/0x1f0 [ 1415.564399] udp_sendmsg+0x24ec/0x35e0 [ 1415.568290] ? ip_reply_glue_bits+0xc0/0xc0 [ 1415.572612] ? udp4_lib_lookup2+0x340/0x340 [ 1415.576930] ? graph_lock+0x170/0x170 [ 1415.580726] ? expand_files.part.8+0x9a0/0x9a0 [ 1415.585297] ? check_same_owner+0x320/0x320 [ 1415.589627] ? lock_downgrade+0x8e0/0x8e0 [ 1415.593770] ? lock_release+0xa10/0xa10 [ 1415.597736] ? check_same_owner+0x320/0x320 [ 1415.602062] ? __check_object_size+0x95/0x5d9 [ 1415.606559] inet_sendmsg+0x19f/0x690 [ 1415.610366] ? __might_sleep+0x95/0x190 [ 1415.614332] ? ipip_gro_receive+0x100/0x100 [ 1415.618653] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1415.624180] ? security_socket_sendmsg+0x94/0xc0 [ 1415.628924] ? ipip_gro_receive+0x100/0x100 [ 1415.633252] sock_sendmsg+0xd5/0x120 [ 1415.636959] __sys_sendto+0x3d7/0x670 [ 1415.640755] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1415.645420] ? wait_for_completion+0x870/0x870 [ 1415.649996] ? __lock_is_held+0xb5/0x140 [ 1415.654066] ? __sb_end_write+0xac/0xe0 [ 1415.658070] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1415.663615] ? fput+0x130/0x1a0 [ 1415.667017] ? ksys_write+0x1a6/0x250 [ 1415.670820] ? __do_page_fault+0x441/0xe40 [ 1415.675048] ? __ia32_sys_read+0xb0/0xb0 [ 1415.679105] __ia32_sys_sendto+0xdf/0x1a0 [ 1415.683242] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1415.688968] do_fast_syscall_32+0x345/0xf9b [ 1415.693286] ? do_int80_syscall_32+0x880/0x880 [ 1415.697860] ? _raw_spin_unlock_irq+0x27/0x70 [ 1415.702349] ? finish_task_switch+0x1ca/0x840 [ 1415.706840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1415.714893] ? syscall_return_slowpath+0x30f/0x5c0 [ 1415.719817] ? sysret32_from_system_call+0x5/0x46 [ 1415.724656] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1415.729493] entry_SYSENTER_compat+0x70/0x7f [ 1415.733889] RIP: 0023:0xf7f63cb9 [ 1415.737244] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1415.744946] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1415.752209] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1415.760032] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1415.767305] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1415.775126] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:43 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x1802}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:43 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x23c, [0x200008c0, 0x0, 0x0, 0x200009fc, 0x20000a2c], 0x0, &(0x7f0000000000), &(0x7f0000000140)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000001500000000000000000079616d300000000000000000000000006772657461703000000000000000000076657468305f746f5f6272696467650069726c616e3000000000000000000000aaaaaaaaaaaa0000000000000180c20000000000000000000000d0000000d00000000c010000636c7573746572000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000766c616e0000000000000000000000000000000000000000000000000000000008000000000000000000000052415445455354000000000000000000000000000000000000000000000000001800000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000fffffffffffffff500000000000000000000000000000000000000000000000000000000000000000000000100000000000000010000000000000000000074756e6c300000000000000000000000626f6e645f736c6176655f300000000076657468305f746f5f626f6e640000007465616d5f736c6176655f300000000059f139e6d77800000000000096852d1aaa6e00000000000000007000000070000000a00000006172707265706c790000000000000000000000000000000000000000000000000c0000000000000000000000fcffffff6ae5d231c0388a3dd858a3807c53016807dfa09f0a"]}, 0x29e) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000040)) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x8000, 0x0) ioctl$PPPIOCGMRU(r1, 0x80047453, &(0x7f00000003c0)) 2018/06/01 03:16:43 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:43 executing program 2 (fault-call:2 fault-nth:92): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:43 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x7592da1f}, 0x0) 2018/06/01 03:16:43 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGPTPEER(r0, 0x5405, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='task\x00') getdents(r1, &(0x7f00000001c0)=""/143, 0x31) getdents(r1, &(0x7f0000000100)=""/49, 0x31) getdents(r1, &(0x7f0000000040)=""/182, 0x22) 2018/06/01 03:16:43 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x1, 0x80) r1 = fcntl$getown(r0, 0x9) r2 = getpid() setpgid(r1, r2) syz_emit_ethernet(0x36, &(0x7f0000000280)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x4, 0x0, @remote={0xac, 0x28, 0x14, 0xbb}, @remote={0xac, 0x14, 0x14, 0xbb}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f0000000100)) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) 2018/06/01 03:16:43 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) r1 = add_key(&(0x7f0000000200)='pkcs7_test\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000280)="afdc7527f568e8265ede504ed47216f33056f1b5e86e28964372a726dce648f81a22d8bd123efa7a4ea8db5cee3661ce375764dad738ac68f93c10eac1", 0x3d, 0xfffffffffffffffa) add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="2d45d0ef0439911515c274431c16464036183b2d2825ea0be1116e16", 0x1c, r1) mlock2(&(0x7f0000bbd000/0x1000)=nil, 0x1000, 0x0) 2018/06/01 03:16:43 executing program 1: mmap(&(0x7f0000012000/0xe000)=nil, 0xe000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f000034c000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = socket$netlink(0x10, 0x3, 0x0) pread64(r0, &(0x7f0000000100)=""/198, 0xfffffffffffffdde, 0x0) fcntl$lock(r1, 0x6, &(0x7f0000013000)) close(r1) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000002000)={&(0x7f0000011000/0x3000)=nil, 0x3000}) [ 1416.412768] FAULT_INJECTION: forcing a failure. [ 1416.412768] name failslab, interval 1, probability 0, space 0, times 0 [ 1416.416174] kernel msg: ebtables bug: please report to author: Wrong len argument [ 1416.428087] CPU: 0 PID: 24340 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1416.428103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1416.452429] Call Trace: [ 1416.455036] dump_stack+0x1b9/0x294 [ 1416.458693] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1416.463904] ? unwind_get_return_address+0x61/0xa0 [ 1416.468852] ? __save_stack_trace+0x7e/0xd0 [ 1416.473192] should_fail.cold.4+0xa/0x1a [ 1416.477272] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1416.482395] ? save_stack+0xa9/0xd0 [ 1416.486044] ? save_stack+0x43/0xd0 [ 1416.489701] ? kasan_kmalloc+0xc4/0xe0 [ 1416.493623] ? __kmalloc_node_track_caller+0x47/0x70 [ 1416.498744] ? __alloc_skb+0x14d/0x780 [ 1416.502646] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1416.507858] ? ip_make_skb+0x2be/0x350 [ 1416.511762] ? udp_sendmsg+0x24ec/0x35e0 [ 1416.515854] ? inet_sendmsg+0x19f/0x690 [ 1416.519844] ? sock_sendmsg+0xd5/0x120 [ 1416.523740] ? __sys_sendto+0x3d7/0x670 [ 1416.527719] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1416.528896] kernel msg: ebtables bug: please report to author: Wrong len argument [ 1416.532044] ? do_fast_syscall_32+0x345/0xf9b [ 1416.532069] ? find_held_lock+0x36/0x1c0 [ 1416.532104] ? check_same_owner+0x320/0x320 [ 1416.532122] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1416.532137] ? rcu_note_context_switch+0x710/0x710 2018/06/01 03:16:43 executing program 6: connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x6}, 0x1c) recvmmsg(0xffffffffffffffff, &(0x7f0000000c00)=[{{&(0x7f0000000400)=@l2, 0x80, &(0x7f0000000740), 0x0, &(0x7f0000000000)=""/117, 0x75}, 0x7}], 0x1, 0x0, &(0x7f0000000cc0)) sendto(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x8000, &(0x7f0000000080)=@in={0x2, 0x4e23, @loopback=0x7f000001}, 0x80) sendmmsg(0xffffffffffffffff, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000003c0)}}, {{&(0x7f00000004c0)=@in6={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c, &(0x7f0000000680), 0x3ba, &(0x7f0000000140)=ANY=[@ANYBLOB="7ed1a8c4689f08f88fa0fe23a9781b4dafd5670101bba4d21d80c12f49344199e38415379372fbfdb9fd6cb7615d91a69d835400ec3a24a4b9e6ff126c07af97eb0b1be6703801e8000700000000c60f98b6ffff6504d70968ac861b1354281d2b16be180f6a77551a446b75d4a800000000000000000000"], 0x10}}], 0x2, 0x8000) r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x10) r1 = socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f0000000200)={r1, 0xe5d}) [ 1416.532156] __should_failslab+0x124/0x180 [ 1416.567422] should_failslab+0x9/0x14 [ 1416.571264] kmem_cache_alloc_node+0x272/0x780 [ 1416.575868] __alloc_skb+0x111/0x780 [ 1416.579592] ? skb_scrub_packet+0x580/0x580 [ 1416.583926] ? dst_init+0x459/0x600 [ 1416.587568] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1416.593116] ? ip_generic_getfrag+0x11c/0x2d0 [ 1416.597617] ? ip_reply_glue_bits+0xc0/0xc0 [ 1416.601949] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1416.606971] ? skb_put+0x17b/0x1e0 [ 1416.610517] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1416.615548] ? ip_reply_glue_bits+0xc0/0xc0 [ 1416.619886] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1416.625695] ? xfrm_policy_lookup+0x70/0x70 [ 1416.630031] ? ipv4_mtu+0x375/0x580 [ 1416.633674] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1416.639133] ? find_held_lock+0x36/0x1c0 [ 1416.643213] ? ip_setup_cork+0x44d/0x6d0 [ 1416.647285] ip_make_skb+0x2be/0x350 [ 1416.651010] ? ip_reply_glue_bits+0xc0/0xc0 [ 1416.655339] ? ip_flush_pending_frames+0x30/0x30 2018/06/01 03:16:43 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x3}, 0x0) [ 1416.660122] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1416.665672] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1416.671218] ? xfrm_lookup_route+0x64/0x1f0 [ 1416.675558] udp_sendmsg+0x24ec/0x35e0 [ 1416.679468] ? ip_reply_glue_bits+0xc0/0xc0 [ 1416.683812] ? udp4_lib_lookup2+0x340/0x340 [ 1416.688149] ? graph_lock+0x170/0x170 [ 1416.691969] ? expand_files.part.8+0x9a0/0x9a0 [ 1416.696567] ? check_same_owner+0x320/0x320 [ 1416.701005] ? lock_downgrade+0x8e0/0x8e0 [ 1416.705169] ? lock_release+0xa10/0xa10 [ 1416.709160] ? check_same_owner+0x320/0x320 [ 1416.713495] ? __check_object_size+0x95/0x5d9 [ 1416.716426] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1416.718000] inet_sendmsg+0x19f/0x690 [ 1416.718019] ? __might_sleep+0x95/0x190 [ 1416.718034] ? ipip_gro_receive+0x100/0x100 [ 1416.718060] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1416.718078] ? security_socket_sendmsg+0x94/0xc0 [ 1416.718093] ? ipip_gro_receive+0x100/0x100 [ 1416.752281] sock_sendmsg+0xd5/0x120 [ 1416.756011] __sys_sendto+0x3d7/0x670 [ 1416.759830] ? __ia32_sys_getpeername+0xb0/0xb0 2018/06/01 03:16:43 executing program 6: syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f00000b5ff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2, 0x0, 0xffefffffffffffff}}) ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000080)=r2) 2018/06/01 03:16:43 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) r1 = add_key(&(0x7f0000000200)='pkcs7_test\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000280)="afdc7527f568e8265ede504ed47216f33056f1b5e86e28964372a726dce648f81a22d8bd123efa7a4ea8db5cee3661ce375764dad738ac68f93c10eac1", 0x3d, 0xfffffffffffffffa) add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="2d45d0ef0439911515c274431c16464036183b2d2825ea0be1116e16", 0x1c, r1) mlock2(&(0x7f0000bbd000/0x1000)=nil, 0x1000, 0x0) [ 1416.764511] ? wait_for_completion+0x870/0x870 [ 1416.769108] ? __lock_is_held+0xb5/0x140 [ 1416.773186] ? __sb_end_write+0xac/0xe0 [ 1416.777194] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1416.782744] ? fput+0x130/0x1a0 [ 1416.786040] ? ksys_write+0x1a6/0x250 [ 1416.789867] ? __do_page_fault+0x441/0xe40 [ 1416.794122] ? __ia32_sys_read+0xb0/0xb0 [ 1416.798197] __ia32_sys_sendto+0xdf/0x1a0 [ 1416.802354] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1416.807387] do_fast_syscall_32+0x345/0xf9b 2018/06/01 03:16:43 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0xa}, 0x0) [ 1416.811727] ? do_int80_syscall_32+0x880/0x880 [ 1416.816317] ? _raw_spin_unlock_irq+0x27/0x70 [ 1416.820826] ? finish_task_switch+0x1ca/0x840 [ 1416.825336] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1416.830884] ? syscall_return_slowpath+0x30f/0x5c0 [ 1416.835834] ? sysret32_from_system_call+0x5/0x46 [ 1416.840689] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1416.845550] entry_SYSENTER_compat+0x70/0x7f [ 1416.849964] RIP: 0023:0xf7f63cb9 [ 1416.850562] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:43 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:43 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/l2cap\x00') preadv(r1, &(0x7f0000000340)=[{&(0x7f0000000180)=""/210, 0xd2}, {&(0x7f0000000100)=""/28, 0x1c}, {&(0x7f0000000280)=""/153, 0x99}], 0x3, 0x0) getpeername$unix(r1, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0x4020ae76, 0x0) [ 1416.853322] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1416.853338] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1416.853348] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1416.853356] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1416.853364] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1416.853372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:44 executing program 1: r0 = socket$nl_xfrm(0x11, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r2 = socket(0x11, 0x2, 0x0) bind$packet(r2, &(0x7f0000000480)={0x11, 0x3, r1, 0x1, 0x3fffffffffffffc, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) setsockopt(r2, 0x107, 0x5, &(0x7f0000001000), 0xc5) bind$packet(r0, &(0x7f0000000240)={0x11, 0x3, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) syz_emit_ethernet(0xe, &(0x7f0000000280)={@link_local={0x1, 0x80, 0xc2}}, &(0x7f0000000000)) 2018/06/01 03:16:44 executing program 2 (fault-call:2 fault-nth:93): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:44 executing program 6: r0 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xfffffffffffffffc, 0x20011, r1, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f0000003fe8)=[@register_looper={0x630b}], 0x0, 0x0, &(0x7f0000009000)}) write$binfmt_elf64(r1, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x0, 0x800, 0x3ff, 0x100000000, 0x3, 0x7, 0x3, 0x1ef, 0x40, 0x13e, 0x5466, 0xd7, 0x38, 0x1, 0x7ff, 0x7, 0x4}, [{0x3, 0x10001, 0x0, 0x2, 0x407, 0x5, 0x6}], "ce7f71f4dcfe010518d259edc938d64f4b7966aa0e88970311fc83d2d729c8f9f3b0d92b71e655fae4fb31c5cb16d62c893964e5dc1d9899b04dce53fb8042"}, 0xb7) 2018/06/01 03:16:44 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000004"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:44 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x8}, 0x0) 2018/06/01 03:16:44 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mixer\x00', 0x0, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000180)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000280)={{0x0, 0x0, 0x0, 0x0, "d781abbcab9c05e08da91f3f7dd90ef0dd7ca73092b130e3a3f662bc6983ee6480cc5a5857e763776ed24e32"}, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, "1cc5556be76c8978c8c8011dccc120df41e49c583d9f6ee2787e9baf8e7faad5a710bb583a9c30273680f2fd975c22f595042d40c67c5101831d7807f0946a72", &(0x7f00000001c0)='\x00', 0x1}) io_setup(0x3, &(0x7f0000000140)=0x0) io_getevents(r1, 0x5, 0x0, &(0x7f0000000000), &(0x7f0000000100)={0x0, 0x1c9c380}) io_getevents(r1, 0x0, 0x4, &(0x7f0000000000)=[{}, {}, {}, {}], &(0x7f0000000080)) 2018/06/01 03:16:44 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) r1 = add_key(&(0x7f0000000200)='pkcs7_test\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000280)="afdc7527f568e8265ede504ed47216f33056f1b5e86e28964372a726dce648f81a22d8bd123efa7a4ea8db5cee3661ce375764dad738ac68f93c10eac1", 0x3d, 0xfffffffffffffffa) add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000001c0)="2d45d0ef0439911515c274431c16464036183b2d2825ea0be1116e16", 0x1c, r1) 2018/06/01 03:16:44 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x600}, 0x1c) shutdown(r0, 0x0) [ 1417.458928] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1417.470838] binder: 24399:24409 ioctl c0306201 20008fd0 returned -14 [ 1417.482016] FAULT_INJECTION: forcing a failure. [ 1417.482016] name failslab, interval 1, probability 0, space 0, times 0 [ 1417.493501] CPU: 0 PID: 24407 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1417.500877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1417.510240] Call Trace: [ 1417.512838] dump_stack+0x1b9/0x294 [ 1417.516466] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1417.522107] ? unwind_get_return_address+0x61/0xa0 [ 1417.527044] ? __save_stack_trace+0x7e/0xd0 [ 1417.531359] should_fail.cold.4+0xa/0x1a [ 1417.535410] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1417.540500] ? save_stack+0xa9/0xd0 [ 1417.544124] ? save_stack+0x43/0xd0 [ 1417.547913] ? kasan_kmalloc+0xc4/0xe0 [ 1417.551787] ? __kmalloc_node_track_caller+0x47/0x70 [ 1417.556909] ? __alloc_skb+0x14d/0x780 [ 1417.560795] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1417.565968] ? ip_make_skb+0x2be/0x350 [ 1417.569844] ? udp_sendmsg+0x24ec/0x35e0 [ 1417.573890] ? inet_sendmsg+0x19f/0x690 [ 1417.577850] ? sock_sendmsg+0xd5/0x120 [ 1417.581725] ? __sys_sendto+0x3d7/0x670 [ 1417.585693] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1417.590011] ? do_fast_syscall_32+0x345/0xf9b [ 1417.594501] ? find_held_lock+0x36/0x1c0 [ 1417.598561] ? check_same_owner+0x320/0x320 [ 1417.602877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1417.608490] ? rcu_note_context_switch+0x710/0x710 [ 1417.613421] __should_failslab+0x124/0x180 [ 1417.617666] should_failslab+0x9/0x14 [ 1417.621455] kmem_cache_alloc_node+0x272/0x780 [ 1417.626041] __alloc_skb+0x111/0x780 [ 1417.629755] ? skb_scrub_packet+0x580/0x580 [ 1417.634075] ? dst_init+0x459/0x600 [ 1417.637699] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1417.643224] ? ip_generic_getfrag+0x11c/0x2d0 [ 1417.647710] ? ip_reply_glue_bits+0xc0/0xc0 [ 1417.652030] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1417.657040] ? skb_put+0x17b/0x1e0 [ 1417.660568] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1417.665575] ? ip_reply_glue_bits+0xc0/0xc0 [ 1417.669893] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1417.675798] ? xfrm_policy_lookup+0x70/0x70 [ 1417.680114] ? ipv4_mtu+0x375/0x580 [ 1417.683835] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1417.689272] ? find_held_lock+0x36/0x1c0 [ 1417.694110] ? ip_setup_cork+0x44d/0x6d0 [ 1417.698161] ip_make_skb+0x2be/0x350 [ 1417.701864] ? ip_reply_glue_bits+0xc0/0xc0 [ 1417.706184] ? ip_flush_pending_frames+0x30/0x30 [ 1417.710934] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1417.716472] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1417.721999] ? xfrm_lookup_route+0x64/0x1f0 [ 1417.726318] udp_sendmsg+0x24ec/0x35e0 [ 1417.730198] ? ip_reply_glue_bits+0xc0/0xc0 [ 1417.734514] ? udp4_lib_lookup2+0x340/0x340 [ 1417.738842] ? graph_lock+0x170/0x170 [ 1417.742640] ? expand_files.part.8+0x9a0/0x9a0 [ 1417.747218] ? check_same_owner+0x320/0x320 [ 1417.751539] ? lock_downgrade+0x8e0/0x8e0 [ 1417.755675] ? lock_release+0xa10/0xa10 [ 1417.759638] ? check_same_owner+0x320/0x320 [ 1417.763958] ? __check_object_size+0x95/0x5d9 [ 1417.768457] inet_sendmsg+0x19f/0x690 [ 1417.772246] ? __might_sleep+0x95/0x190 [ 1417.776211] ? ipip_gro_receive+0x100/0x100 [ 1417.780524] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1417.786052] ? security_socket_sendmsg+0x94/0xc0 [ 1417.790793] ? ipip_gro_receive+0x100/0x100 [ 1417.795103] sock_sendmsg+0xd5/0x120 [ 1417.798815] __sys_sendto+0x3d7/0x670 [ 1417.802612] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1417.807269] ? wait_for_completion+0x870/0x870 [ 1417.811837] ? __lock_is_held+0xb5/0x140 [ 1417.815903] ? __sb_end_write+0xac/0xe0 [ 1417.819867] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1417.825393] ? fput+0x130/0x1a0 [ 1417.828686] ? ksys_write+0x1a6/0x250 [ 1417.832482] ? __do_page_fault+0x441/0xe40 [ 1417.836704] ? __ia32_sys_read+0xb0/0xb0 [ 1417.840757] __ia32_sys_sendto+0xdf/0x1a0 [ 1417.844895] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1417.849901] do_fast_syscall_32+0x345/0xf9b [ 1417.854224] ? do_int80_syscall_32+0x880/0x880 [ 1417.858793] ? _raw_spin_unlock_irq+0x27/0x70 [ 1417.863283] ? finish_task_switch+0x1ca/0x840 [ 1417.867769] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1417.873301] ? syscall_return_slowpath+0x30f/0x5c0 [ 1417.878220] ? sysret32_from_system_call+0x5/0x46 [ 1417.883063] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1417.887908] entry_SYSENTER_compat+0x70/0x7f [ 1417.892304] RIP: 0023:0xf7f63cb9 [ 1417.895653] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1417.903350] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd 2018/06/01 03:16:44 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1417.910607] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1417.917861] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1417.925289] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1417.932583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:44 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x9}, 0x0) 2018/06/01 03:16:44 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000040), 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="c7da5f1a", 0x4) r2 = syz_open_procfs(0x0, &(0x7f0000000300)='oom_score_adj\x00') recvmmsg(r1, &(0x7f0000003c80)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000080)=""/68, 0x44}, {&(0x7f0000000140)=""/100, 0x64}, {&(0x7f00000001c0)=""/127, 0x7f}, {&(0x7f0000000340)=""/132, 0x84}, {&(0x7f0000000400)=""/152, 0x98}, {&(0x7f0000000000)=""/40, 0x28}, {&(0x7f0000000240)=""/11, 0xb}, {&(0x7f0000000540)=""/66, 0x42}], 0x8, 0x0, 0x0, 0x20}}, {{&(0x7f00000005c0)=@generic, 0x80, &(0x7f0000001640)=[{&(0x7f0000000640)=""/4096, 0x1000}], 0x1, &(0x7f0000001680)=""/31, 0x1f, 0x1400000000}, 0xd5c}, {{&(0x7f00000016c0)=@hci, 0x80, &(0x7f0000002c40)=[{&(0x7f0000001740)=""/147, 0x93}, {&(0x7f0000001800)=""/161, 0xa1}, {&(0x7f00000018c0)=""/162, 0xa2}, {&(0x7f0000001980)=""/150, 0x96}, {&(0x7f0000001a40)=""/4096, 0x1000}, {&(0x7f0000002a40)=""/61, 0x3d}, {&(0x7f0000002a80)=""/133, 0x85}, {&(0x7f0000002b40)=""/224, 0xe0}], 0x8, &(0x7f0000002c80)=""/4096, 0x1000, 0x7}, 0x80000001}], 0x3, 0x100, 0x0) sendfile(r1, r2, &(0x7f00000002c0), 0x10000000000443) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000003d00)=0x4) 2018/06/01 03:16:44 executing program 1: r0 = socket(0xc, 0x20000000000007, 0x3ffffffffffec) write(r0, &(0x7f0000944fde)="220000005e000721004f10f7e2ffd90000000000000000edff000000e700ff02f157", 0x22) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000ff7)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000000f0a)=""/246) recvfrom(r0, &(0x7f0000362f74)=""/140, 0x8c, 0x0, 0x0, 0x0) [ 1418.056569] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:45 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:45 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x240}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:45 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) add_key(&(0x7f0000000200)='pkcs7_test\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000280)="afdc7527f568e8265ede504ed47216f33056f1b5e86e28964372a726dce648f81a22d8bd123efa7a4ea8db5cee3661ce375764dad738ac68f93c10eac1", 0x3d, 0xfffffffffffffffa) 2018/06/01 03:16:45 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x7592da19}, 0x0) 2018/06/01 03:16:45 executing program 6: r0 = open$dir(&(0x7f0000000080)='./0ile/\x00', 0x80, 0x4) mknodat(r0, &(0x7f00000000c0)='./0ile/\x00', 0x4, 0x9) mkdir(&(0x7f0000000040)='./0ile/\x00', 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000100)) unlink(&(0x7f0000000000)='./0ile/\x00') 2018/06/01 03:16:45 executing program 2 (fault-call:2 fault-nth:94): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:45 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() waitid(0x1, r0, 0x0, 0xb, 0x0) 2018/06/01 03:16:45 executing program 7: io_setup(0x6, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0}) io_getevents(r0, 0x1, 0x1, &(0x7f0000000000)=[{}], &(0x7f00000000c0)={r1}) r2 = socket$unix(0x1, 0x1, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x410400) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="9809bfe9", @ANYRES16=r4, @ANYBLOB="10002cbd7000fbdbdf250a00000008000500050000003c000300080004000000000008000500ffffffff080001000100000008000400080000000800040001040000080004000600000008000500e00000010800040009000000080005000e0400001c0001000800050004000000080002007f000000080006006c630000"], 0x84}, 0x1}, 0x4004804) setsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x2, &(0x7f0000000140)={0x5, 0x800, 0x40, 0x9}, 0x6) io_submit(r0, 0x0, &(0x7f00000026c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2, 0x0, r2, &(0x7f0000000200)="068f9e02a2096f207fa6c33841a2eb5a41dde572d1b1a1bb3eafa24572778bea332ffbb0a5078db263c08a01f9447c306aa5ad7d1140c509cdc263ff4bfcfcc073f0669ea290de0ce0d1d5f9affdfd556879c8ce79f2d800872c1610fbbd02467722db7fda2338ab4983cc4a96", 0xfffffdcb, 0x3, 0x0, 0x100000000000}]) io_submit(r0, 0x1, &(0x7f0000000940)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, r2, &(0x7f0000000280), 0x0, 0x400000}]) ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000180)={0x80000000}) 2018/06/01 03:16:45 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x2}, 0x0) [ 1418.456609] FAULT_INJECTION: forcing a failure. [ 1418.456609] name failslab, interval 1, probability 0, space 0, times 0 [ 1418.467999] CPU: 0 PID: 24457 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1418.475378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1418.484751] Call Trace: [ 1418.487357] dump_stack+0x1b9/0x294 [ 1418.491017] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1418.496234] ? perf_trace_lock_acquire+0xe3/0x980 [ 1418.501097] ? kernel_text_address+0x79/0xf0 [ 1418.505523] ? __unwind_start+0x166/0x330 [ 1418.509695] should_fail.cold.4+0xa/0x1a [ 1418.513775] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1418.518908] ? save_stack+0xa9/0xd0 [ 1418.522548] ? save_stack+0x43/0xd0 [ 1418.526191] ? kasan_slab_alloc+0x12/0x20 [ 1418.530357] ? find_held_lock+0x36/0x1c0 [ 1418.534456] ? check_same_owner+0x320/0x320 [ 1418.537672] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1418.538793] ? rcu_note_context_switch+0x710/0x710 [ 1418.538816] __should_failslab+0x124/0x180 2018/06/01 03:16:45 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:45 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x68}, 0x0) [ 1418.538833] should_failslab+0x9/0x14 [ 1418.538855] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1418.564313] __kmalloc_node_track_caller+0x33/0x70 [ 1418.569710] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1418.574490] __alloc_skb+0x14d/0x780 [ 1418.578228] ? skb_scrub_packet+0x580/0x580 [ 1418.582706] ? dst_init+0x459/0x600 [ 1418.586351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1418.591908] ? ip_generic_getfrag+0x11c/0x2d0 [ 1418.596434] ? ip_reply_glue_bits+0xc0/0xc0 [ 1418.600778] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1418.605804] ? skb_put+0x17b/0x1e0 [ 1418.609362] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1418.614401] ? ip_reply_glue_bits+0xc0/0xc0 [ 1418.618755] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1418.624576] ? xfrm_policy_lookup+0x70/0x70 [ 1418.628928] ? ipv4_mtu+0x375/0x580 [ 1418.632574] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1418.635434] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1418.638032] ? find_held_lock+0x36/0x1c0 [ 1418.638066] ? ip_setup_cork+0x44d/0x6d0 [ 1418.638083] ip_make_skb+0x2be/0x350 2018/06/01 03:16:45 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:45 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x3}, 0x0) [ 1418.638101] ? ip_reply_glue_bits+0xc0/0xc0 [ 1418.661593] ? ip_flush_pending_frames+0x30/0x30 [ 1418.666369] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1418.671938] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1418.677495] ? xfrm_lookup_route+0x64/0x1f0 [ 1418.681836] udp_sendmsg+0x24ec/0x35e0 [ 1418.685742] ? ip_reply_glue_bits+0xc0/0xc0 [ 1418.690082] ? udp4_lib_lookup2+0x340/0x340 [ 1418.694757] ? graph_lock+0x170/0x170 [ 1418.698577] ? expand_files.part.8+0x9a0/0x9a0 [ 1418.703193] ? lock_downgrade+0x8e0/0x8e0 [ 1418.707356] ? lock_release+0xa10/0xa10 [ 1418.711346] ? __check_object_size+0x95/0x5d9 [ 1418.715854] inet_sendmsg+0x19f/0x690 [ 1418.719667] ? __might_sleep+0x95/0x190 [ 1418.723650] ? ipip_gro_receive+0x100/0x100 [ 1418.727994] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1418.733544] ? security_socket_sendmsg+0x94/0xc0 [ 1418.738312] ? ipip_gro_receive+0x100/0x100 [ 1418.742656] sock_sendmsg+0xd5/0x120 [ 1418.743782] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1418.746377] __sys_sendto+0x3d7/0x670 [ 1418.746397] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1418.746419] ? wait_for_completion+0x870/0x870 [ 1418.746441] ? __lock_is_held+0xb5/0x140 [ 1418.770916] ? __sb_end_write+0xac/0xe0 [ 1418.774918] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1418.780467] ? fput+0x130/0x1a0 [ 1418.783762] ? ksys_write+0x1a6/0x250 [ 1418.787566] ? __do_page_fault+0x441/0xe40 [ 1418.791812] ? __ia32_sys_read+0xb0/0xb0 [ 1418.795888] __ia32_sys_sendto+0xdf/0x1a0 [ 1418.800040] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1418.805066] do_fast_syscall_32+0x345/0xf9b [ 1418.809400] ? do_int80_syscall_32+0x880/0x880 [ 1418.813990] ? _raw_spin_unlock_irq+0x27/0x70 [ 1418.818493] ? finish_task_switch+0x1ca/0x840 [ 1418.823004] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1418.828550] ? syscall_return_slowpath+0x30f/0x5c0 [ 1418.833496] ? sysret32_from_system_call+0x5/0x46 [ 1418.838353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1418.843207] entry_SYSENTER_compat+0x70/0x7f [ 1418.847611] RIP: 0023:0xf7f63cb9 [ 1418.850966] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1418.858663] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1418.865918] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1418.873172] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1418.880429] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1418.887685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:46 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x6}, 0x0) 2018/06/01 03:16:46 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:46 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e0000001000000000000007f"], 0x60}, 0x1}, 0x0) 2018/06/01 03:16:46 executing program 6: r0 = memfd_create(&(0x7f0000000580)='dev ', 0x3) write(r0, &(0x7f0000000000)="2135de63ec9564db56b22066870d8f0400dfff5345b4e1de04b2b2db0973c70574b4cf527ed731f7", 0xfffffffffffffd72) sendfile(r0, r0, &(0x7f0000001000), 0xffff) fcntl$addseals(r0, 0x409, 0x8) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) 2018/06/01 03:16:46 executing program 1: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x1, 0x400) setsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000240)="1d336e80393a78bbb8296de75de8ffbe6e22e82aa056c8a1ebbced432cf328f23f138743ed0e3aecdc54b1914c373986be68defee354bc4a43be3390d8623f23a110aaae0e19920487d39306e36e5cbd103bf8664f3cfbde854a6d1d250836f1cbc3766777436d2fa00f148978288f86e583dac4f9cc21d99ce3328bbe3145b5de47a3ae33d7af66cf0ca29a0c1afd090e7d168e8c7495a2cc106fcd202eca3954b45cd8cba6940aed0012e3e1ef6d432beab0e53b2db5d2c1539b1594e01ce0bccaddaac8d23b88fd6bd9cd628eb7e539aa8635adc35416", 0xd8) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000100)={{0x7002, 0x100004, 0xe, 0x8000, 0xffff, 0x4, 0x10000, 0x6, 0x4, 0x6, 0xbe3, 0x6}, {0x1f004, 0x0, 0xc, 0x20, 0xff, 0x2, 0x2, 0x5, 0x8, 0x4653, 0x80000001, 0x9}, {0x100001, 0x3002, 0x3, 0x7, 0x7, 0x8001, 0x3, 0x980c, 0x5, 0x7, 0xffffffffffffffff, 0x1ff}, {0xd002, 0xf000, 0x0, 0x0, 0x7ff, 0x7fff, 0x0, 0x6, 0x7, 0x821d, 0x6, 0xfb0f}, {0x0, 0xd000, 0x13, 0x4, 0x16, 0x100000000, 0x0, 0x40, 0x6, 0x8001, 0x4, 0x80000000}, {0x2000, 0x6000, 0xf, 0xd70, 0xffffffffffffff78, 0xc7, 0x401, 0xfffffffffffff1c5, 0x5, 0x0, 0x2, 0x9}, {0xf000, 0x2, 0xf, 0xf91a, 0x9, 0x9, 0x100, 0x6, 0xff, 0x3440, 0x6, 0x9}, {0x4000, 0xf000, 0x0, 0x1e34f628, 0x7, 0x1, 0x1, 0x1, 0x2, 0x9, 0x20, 0x3}, {0x13000, 0x6001}, {0x105000, 0x6000}, 0x20040000, 0x0, 0x5000, 0x0, 0x5, 0x2000, 0x4000, [0x9, 0xffffffffffffffff, 0x101, 0x9]}) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xc) flock(r1, 0x7) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x2, 0x10001, 0xaf6, 0x6d9}, 0x8) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_DIRTY_TLB(r1, 0x400caeaa, &(0x7f0000000340)={0x0, 0x9}) close(r0) 2018/06/01 03:16:46 executing program 2 (fault-call:2 fault-nth:95): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:46 executing program 7: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) readahead(r1, 0x0, 0x0) readahead(r1, 0x3, 0x5) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0, 0x7}, &(0x7f0000000040)=0x8) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000180)=0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000001c0)=0x0) setpgid(r3, r4) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000080)={r2, @in6={{0xa, 0x4e20, 0x2, @loopback={0x0, 0x1}}}, 0x5, 0x6}, &(0x7f0000000140)=0x88) 2018/06/01 03:16:46 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x9}, 0x1c) shutdown(r0, 0x0) [ 1419.730653] FAULT_INJECTION: forcing a failure. [ 1419.730653] name failslab, interval 1, probability 0, space 0, times 0 [ 1419.742079] CPU: 0 PID: 24497 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1419.749453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1419.758868] Call Trace: [ 1419.761489] dump_stack+0x1b9/0x294 [ 1419.765143] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1419.770360] ? unwind_get_return_address+0x61/0xa0 [ 1419.775317] ? __save_stack_trace+0x7e/0xd0 [ 1419.779709] should_fail.cold.4+0xa/0x1a [ 1419.783812] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1419.789038] ? save_stack+0xa9/0xd0 [ 1419.792689] ? save_stack+0x43/0xd0 [ 1419.796339] ? kasan_kmalloc+0xc4/0xe0 [ 1419.800252] ? __kmalloc_node_track_caller+0x47/0x70 [ 1419.805380] ? __alloc_skb+0x14d/0x780 [ 1419.809302] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1419.815042] ? ip_make_skb+0x2be/0x350 [ 1419.818953] ? udp_sendmsg+0x24ec/0x35e0 [ 1419.823037] ? inet_sendmsg+0x19f/0x690 [ 1419.827035] ? sock_sendmsg+0xd5/0x120 [ 1419.830961] ? __sys_sendto+0x3d7/0x670 [ 1419.834958] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1419.839302] ? do_fast_syscall_32+0x345/0xf9b [ 1419.843823] ? find_held_lock+0x36/0x1c0 [ 1419.847945] ? check_same_owner+0x320/0x320 [ 1419.852292] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1419.857962] ? rcu_note_context_switch+0x710/0x710 [ 1419.862919] __should_failslab+0x124/0x180 [ 1419.867171] should_failslab+0x9/0x14 [ 1419.871000] kmem_cache_alloc_node+0x272/0x780 [ 1419.875616] __alloc_skb+0x111/0x780 [ 1419.879357] ? skb_scrub_packet+0x580/0x580 [ 1419.883713] ? dst_init+0x459/0x600 [ 1419.887378] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1419.892938] ? ip_generic_getfrag+0x11c/0x2d0 [ 1419.897461] ? ip_reply_glue_bits+0xc0/0xc0 [ 1419.901819] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1419.906857] ? skb_put+0x17b/0x1e0 [ 1419.910416] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1419.915453] ? ip_reply_glue_bits+0xc0/0xc0 [ 1419.919819] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1419.925643] ? xfrm_policy_lookup+0x70/0x70 [ 1419.930005] ? ipv4_mtu+0x375/0x580 [ 1419.933680] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1419.939153] ? find_held_lock+0x36/0x1c0 [ 1419.943249] ? ip_setup_cork+0x44d/0x6d0 [ 1419.947329] ip_make_skb+0x2be/0x350 [ 1419.951063] ? ip_reply_glue_bits+0xc0/0xc0 [ 1419.955403] ? ip_flush_pending_frames+0x30/0x30 [ 1419.960177] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1419.965739] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1419.971327] ? xfrm_lookup_route+0x64/0x1f0 [ 1419.975677] udp_sendmsg+0x24ec/0x35e0 [ 1419.979586] ? ip_reply_glue_bits+0xc0/0xc0 [ 1419.983935] ? udp4_lib_lookup2+0x340/0x340 [ 1419.988276] ? graph_lock+0x170/0x170 [ 1419.992103] ? expand_files.part.8+0x9a0/0x9a0 [ 1419.997574] ? check_same_owner+0x320/0x320 [ 1420.001932] ? lock_downgrade+0x8e0/0x8e0 [ 1420.006100] ? lock_release+0xa10/0xa10 [ 1420.010089] ? check_same_owner+0x320/0x320 [ 1420.014422] ? __check_object_size+0x95/0x5d9 [ 1420.018933] inet_sendmsg+0x19f/0x690 [ 1420.022745] ? __might_sleep+0x95/0x190 [ 1420.026736] ? ipip_gro_receive+0x100/0x100 [ 1420.031075] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1420.036629] ? security_socket_sendmsg+0x94/0xc0 [ 1420.041416] ? ipip_gro_receive+0x100/0x100 [ 1420.045757] sock_sendmsg+0xd5/0x120 [ 1420.049498] __sys_sendto+0x3d7/0x670 [ 1420.053310] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1420.058078] ? wait_for_completion+0x870/0x870 [ 1420.062667] ? __lock_is_held+0xb5/0x140 [ 1420.066748] ? __sb_end_write+0xac/0xe0 [ 1420.070739] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1420.076309] ? fput+0x130/0x1a0 2018/06/01 03:16:46 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0xe0000000, 0x0, 0x1e, 0x9, 0x8, "9589ef8ed6bc9cd4aed5132cd9f1d37b2adde05ce0a3dd1c1aee6b37dd780b2b63a578efbe5ddb543f84250582fa07fabe3b3e519b30cd41326f96e1eb6b116a", "59fee21d1a63c7e6f3d77d969167ad353dcdc5d5d53e4ea5767c8775e14511eab2f38a3db490077bd25ec2c694156d20af1f4fa363dc9aedcea4ed99d1e4f1ae", "fe897e666664f8bfba840460585bf009a848d330d3cd2d369542a315b82769f1", [0x6, 0xcf1]}) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) [ 1420.079597] ? ksys_write+0x1a6/0x250 [ 1420.083406] ? __do_page_fault+0x441/0xe40 [ 1420.087654] ? __ia32_sys_read+0xb0/0xb0 [ 1420.091732] __ia32_sys_sendto+0xdf/0x1a0 [ 1420.095895] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1420.100983] do_fast_syscall_32+0x345/0xf9b [ 1420.105583] ? do_int80_syscall_32+0x880/0x880 [ 1420.110176] ? _raw_spin_unlock_irq+0x27/0x70 [ 1420.114684] ? finish_task_switch+0x1ca/0x840 [ 1420.116580] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1420.119193] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 2018/06/01 03:16:46 executing program 6: r0 = memfd_create(&(0x7f0000000580)='dev ', 0x3) write(r0, &(0x7f0000000000)="2135de63ec9564db56b22066870d8f0400dfff5345b4e1de04b2b2db0973c70574b4cf527ed731f7", 0xfffffffffffffd72) sendfile(r0, r0, &(0x7f0000001000), 0xffff) fcntl$addseals(r0, 0x409, 0x8) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) [ 1420.119216] ? syscall_return_slowpath+0x30f/0x5c0 [ 1420.137130] ? sysret32_from_system_call+0x5/0x46 [ 1420.141999] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1420.146860] entry_SYSENTER_compat+0x70/0x7f [ 1420.151270] RIP: 0023:0xf7f63cb9 [ 1420.154635] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1420.162352] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1420.169632] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 2018/06/01 03:16:46 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1}, 0x0) [ 1420.176939] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1420.184220] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1420.191677] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:46 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x700000000000000}, 0x0) 2018/06/01 03:16:46 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0xfffffdef}, 0x1}, 0x0) 2018/06/01 03:16:47 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/.nforce\x00', 0x6002, 0x0) utimensat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={{0x77359400}}, 0x100) io_setup(0xfffffffffffffff8, &(0x7f0000000000)=0x0) io_submit(r1, 0x4000000000000018, &(0x7f0000000080)) 2018/06/01 03:16:47 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x20333fe8}, 0x1}, 0x0) [ 1420.344771] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:47 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x6000000000000000}, 0x0) 2018/06/01 03:16:47 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x7ffff000}, 0x1}, 0x0) 2018/06/01 03:16:47 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:47 executing program 2 (fault-call:2 fault-nth:96): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:47 executing program 7: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) r2 = socket$can_raw(0x1d, 0x3, 0x1) accept4$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000180)=0x6e, 0x800) r3 = syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0x0, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000001c0)={'vcan0\x00', 0x0}) bind$can_raw(r3, &(0x7f0000000200)={0x1d, r4}, 0xffffffffffffff98) io_setup(0x8, &(0x7f0000000100)=0x0) io_submit(r5, 0x1, &(0x7f0000000600)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000000)="100000004ee793000000000000000000", 0x10}]) [ 1420.461457] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1420.690556] FAULT_INJECTION: forcing a failure. [ 1420.690556] name failslab, interval 1, probability 0, space 0, times 0 [ 1420.701994] CPU: 0 PID: 24563 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1420.709372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1420.718821] Call Trace: [ 1420.721430] dump_stack+0x1b9/0x294 [ 1420.725083] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1420.730284] ? is_bpf_text_address+0xd7/0x170 [ 1420.734796] ? kernel_text_address+0x79/0xf0 [ 1420.739217] ? __unwind_start+0x166/0x330 [ 1420.743381] should_fail.cold.4+0xa/0x1a [ 1420.747455] ? __save_stack_trace+0x7e/0xd0 [ 1420.751836] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1420.757050] ? save_stack+0xa9/0xd0 [ 1420.760692] ? save_stack+0x43/0xd0 [ 1420.764353] ? kasan_kmalloc+0xc4/0xe0 [ 1420.768251] ? kasan_slab_alloc+0x12/0x20 [ 1420.772410] ? find_held_lock+0x36/0x1c0 [ 1420.776504] ? check_same_owner+0x320/0x320 [ 1420.780855] ? rcu_note_context_switch+0x710/0x710 [ 1420.785822] __should_failslab+0x124/0x180 [ 1420.790073] should_failslab+0x9/0x14 [ 1420.793902] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1420.799030] __kmalloc_node_track_caller+0x33/0x70 [ 1420.803979] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1420.808756] __alloc_skb+0x14d/0x780 [ 1420.812489] ? skb_scrub_packet+0x580/0x580 [ 1420.816829] ? dst_init+0x459/0x600 [ 1420.820476] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1420.826025] ? ip_generic_getfrag+0x11c/0x2d0 [ 1420.830550] ? ip_reply_glue_bits+0xc0/0xc0 [ 1420.834892] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1420.839922] ? skb_put+0x17b/0x1e0 [ 1420.843455] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1420.848465] ? ip_reply_glue_bits+0xc0/0xc0 [ 1420.852781] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1420.858581] ? xfrm_policy_lookup+0x70/0x70 [ 1420.862902] ? ipv4_mtu+0x375/0x580 [ 1420.866519] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1420.871954] ? find_held_lock+0x36/0x1c0 [ 1420.876030] ? ip_setup_cork+0x44d/0x6d0 [ 1420.880085] ip_make_skb+0x2be/0x350 [ 1420.883815] ? ip_reply_glue_bits+0xc0/0xc0 [ 1420.888135] ? ip_flush_pending_frames+0x30/0x30 [ 1420.892882] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1420.898435] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1420.903970] ? xfrm_lookup_route+0x64/0x1f0 [ 1420.908280] udp_sendmsg+0x24ec/0x35e0 [ 1420.912155] ? ip_reply_glue_bits+0xc0/0xc0 [ 1420.916473] ? udp4_lib_lookup2+0x340/0x340 [ 1420.920786] ? graph_lock+0x170/0x170 [ 1420.924583] ? expand_files.part.8+0x9a0/0x9a0 [ 1420.929158] ? check_same_owner+0x320/0x320 [ 1420.933479] ? lock_downgrade+0x8e0/0x8e0 [ 1420.937614] ? lock_release+0xa10/0xa10 [ 1420.941583] ? check_same_owner+0x320/0x320 [ 1420.945896] ? __check_object_size+0x95/0x5d9 [ 1420.950376] inet_sendmsg+0x19f/0x690 [ 1420.954161] ? __might_sleep+0x95/0x190 [ 1420.958119] ? ipip_gro_receive+0x100/0x100 [ 1420.962431] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1420.967970] ? security_socket_sendmsg+0x94/0xc0 [ 1420.972717] ? ipip_gro_receive+0x100/0x100 [ 1420.977134] sock_sendmsg+0xd5/0x120 [ 1420.980842] __sys_sendto+0x3d7/0x670 [ 1420.984630] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1420.989303] ? wait_for_completion+0x870/0x870 [ 1420.993885] ? __lock_is_held+0xb5/0x140 [ 1420.997941] ? __sb_end_write+0xac/0xe0 [ 1421.001908] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1421.007436] ? fput+0x130/0x1a0 [ 1421.010703] ? ksys_write+0x1a6/0x250 [ 1421.014489] ? __do_page_fault+0x441/0xe40 [ 1421.018717] ? __ia32_sys_read+0xb0/0xb0 [ 1421.022783] __ia32_sys_sendto+0xdf/0x1a0 [ 1421.026921] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1421.031926] do_fast_syscall_32+0x345/0xf9b [ 1421.036249] ? do_int80_syscall_32+0x880/0x880 [ 1421.040841] ? _raw_spin_unlock_irq+0x27/0x70 [ 1421.045325] ? finish_task_switch+0x1ca/0x840 [ 1421.049811] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1421.055336] ? syscall_return_slowpath+0x30f/0x5c0 [ 1421.060261] ? sysret32_from_system_call+0x5/0x46 [ 1421.065097] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1421.069941] entry_SYSENTER_compat+0x70/0x7f [ 1421.074339] RIP: 0023:0xf7f63cb9 [ 1421.077692] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 2018/06/01 03:16:47 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0xf0ffffff00000000}, 0x0) 2018/06/01 03:16:47 executing program 6: r0 = memfd_create(&(0x7f0000000580)='dev ', 0x3) write(r0, &(0x7f0000000000)="2135de63ec9564db56b22066870d8f0400dfff5345b4e1de04b2b2db0973c70574b4cf527ed731f7", 0xfffffffffffffd72) sendfile(r0, r0, &(0x7f0000001000), 0xffff) fcntl$addseals(r0, 0x409, 0x8) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) 2018/06/01 03:16:47 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x5000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:47 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0xc0}, 0x1}, 0x0) 2018/06/01 03:16:47 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x100) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x1, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xa}, 'lo\x00'}}, 0x1e) r2 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000000)) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)=0x0) r4 = fcntl$getown(r0, 0x9) kcmp(r3, r4, 0x1, r1, r2) writev(r1, &(0x7f00000012c0)=[{&(0x7f00000001c0)='>;', 0x2}], 0x1) r5 = creat(&(0x7f0000000200)='./file0\x00', 0x100) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r5, 0x800443d2, &(0x7f00000002c0)={0x5, &(0x7f0000000240)=[{}, {}, {}, {}, {}]}) 2018/06/01 03:16:47 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:47 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) listen(r0, 0xffffffffffffff7f) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, [], 0x21}, 0x400}}}, &(0x7f0000000100)=0x84) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000140)={r1, 0x4}, 0x8) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/06/01 03:16:47 executing program 2 (fault-call:2 fault-nth:97): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1421.085393] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1421.092652] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1421.099909] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1421.107171] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1421.114432] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1421.157788] FAULT_INJECTION: forcing a failure. [ 1421.157788] name failslab, interval 1, probability 0, space 0, times 0 [ 1421.169090] CPU: 0 PID: 24571 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1421.176470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1421.185828] Call Trace: [ 1421.188423] dump_stack+0x1b9/0x294 [ 1421.192070] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1421.197255] ? unwind_get_return_address+0x61/0xa0 [ 1421.202180] ? __save_stack_trace+0x7e/0xd0 [ 1421.206496] should_fail.cold.4+0xa/0x1a [ 1421.210550] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1421.215648] ? save_stack+0xa9/0xd0 [ 1421.219269] ? save_stack+0x43/0xd0 [ 1421.222887] ? kasan_kmalloc+0xc4/0xe0 [ 1421.226763] ? __kmalloc_node_track_caller+0x47/0x70 [ 1421.231862] ? __alloc_skb+0x14d/0x780 [ 1421.235749] ? __ip_append_data.isra.47+0x21d0/0x2a30 [ 1421.240937] ? ip_make_skb+0x2be/0x350 [ 1421.244815] ? udp_sendmsg+0x24ec/0x35e0 [ 1421.248876] ? inet_sendmsg+0x19f/0x690 [ 1421.252847] ? sock_sendmsg+0xd5/0x120 [ 1421.256729] ? __sys_sendto+0x3d7/0x670 [ 1421.260690] ? __ia32_sys_sendto+0xdf/0x1a0 [ 1421.265005] ? do_fast_syscall_32+0x345/0xf9b [ 1421.269510] ? find_held_lock+0x36/0x1c0 [ 1421.273585] ? check_same_owner+0x320/0x320 [ 1421.278434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1421.283968] ? rcu_note_context_switch+0x710/0x710 [ 1421.288898] __should_failslab+0x124/0x180 [ 1421.293133] should_failslab+0x9/0x14 [ 1421.296935] kmem_cache_alloc_node+0x272/0x780 [ 1421.301524] __alloc_skb+0x111/0x780 [ 1421.305239] ? skb_scrub_packet+0x580/0x580 [ 1421.309554] ? dst_init+0x459/0x600 [ 1421.313177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1421.318702] ? ip_generic_getfrag+0x11c/0x2d0 [ 1421.323189] ? ip_reply_glue_bits+0xc0/0xc0 [ 1421.327509] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1421.332516] ? skb_put+0x17b/0x1e0 [ 1421.336052] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1421.341069] ? ip_reply_glue_bits+0xc0/0xc0 [ 1421.345395] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1421.351188] ? xfrm_policy_lookup+0x70/0x70 [ 1421.355509] ? ipv4_mtu+0x375/0x580 [ 1421.359130] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1421.364567] ? find_held_lock+0x36/0x1c0 [ 1421.368640] ? ip_setup_cork+0x44d/0x6d0 [ 1421.372698] ip_make_skb+0x2be/0x350 [ 1421.376406] ? ip_reply_glue_bits+0xc0/0xc0 [ 1421.380727] ? ip_flush_pending_frames+0x30/0x30 [ 1421.389650] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1421.395198] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1421.400726] ? xfrm_lookup_route+0x64/0x1f0 [ 1421.405051] udp_sendmsg+0x24ec/0x35e0 [ 1421.408937] ? ip_reply_glue_bits+0xc0/0xc0 [ 1421.413261] ? udp4_lib_lookup2+0x340/0x340 [ 1421.417575] ? graph_lock+0x170/0x170 [ 1421.421375] ? expand_files.part.8+0x9a0/0x9a0 [ 1421.425947] ? check_same_owner+0x320/0x320 [ 1421.430276] ? lock_downgrade+0x8e0/0x8e0 [ 1421.435899] ? lock_release+0xa10/0xa10 [ 1421.439865] ? check_same_owner+0x320/0x320 [ 1421.444178] ? __check_object_size+0x95/0x5d9 [ 1421.448672] inet_sendmsg+0x19f/0x690 [ 1421.452462] ? __might_sleep+0x95/0x190 [ 1421.456423] ? ipip_gro_receive+0x100/0x100 [ 1421.460749] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1421.466280] ? security_socket_sendmsg+0x94/0xc0 [ 1421.471036] ? ipip_gro_receive+0x100/0x100 [ 1421.475357] sock_sendmsg+0xd5/0x120 [ 1421.479065] __sys_sendto+0x3d7/0x670 [ 1421.482865] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1421.487530] ? wait_for_completion+0x870/0x870 [ 1421.492107] ? __lock_is_held+0xb5/0x140 [ 1421.496527] ? __sb_end_write+0xac/0xe0 [ 1421.500503] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1421.506117] ? fput+0x130/0x1a0 [ 1421.509390] ? ksys_write+0x1a6/0x250 [ 1421.513180] ? __do_page_fault+0x441/0xe40 [ 1421.517411] ? __ia32_sys_read+0xb0/0xb0 [ 1421.521467] __ia32_sys_sendto+0xdf/0x1a0 [ 1421.525604] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1421.530609] do_fast_syscall_32+0x345/0xf9b [ 1421.534923] ? do_int80_syscall_32+0x880/0x880 [ 1421.539493] ? _raw_spin_unlock_irq+0x27/0x70 [ 1421.543975] ? finish_task_switch+0x1ca/0x840 [ 1421.548462] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1421.553990] ? syscall_return_slowpath+0x30f/0x5c0 [ 1421.558928] ? sysret32_from_system_call+0x5/0x46 [ 1421.563773] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1421.568618] entry_SYSENTER_compat+0x70/0x7f [ 1421.573022] RIP: 0023:0xf7f63cb9 [ 1421.576377] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1421.584076] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1421.591333] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1421.598587] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1421.605847] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1421.613105] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:48 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x81000000}, 0x0) 2018/06/01 03:16:48 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x33fe0}, 0x1}, 0x0) 2018/06/01 03:16:48 executing program 3: madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) [ 1421.754244] validate_nla: 1 callbacks suppressed [ 1421.754285] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:48 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x5}, 0x0) 2018/06/01 03:16:48 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0xf}, 0x1}, 0x0) 2018/06/01 03:16:48 executing program 2 (fault-call:2 fault-nth:98): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:48 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x18}, 0x0) [ 1421.893169] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1421.959575] FAULT_INJECTION: forcing a failure. [ 1421.959575] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1421.971449] CPU: 0 PID: 24608 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1421.978824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1421.988191] Call Trace: [ 1421.990808] dump_stack+0x1b9/0x294 [ 1421.995321] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1422.000529] ? graph_lock+0x170/0x170 [ 1422.004358] should_fail.cold.4+0xa/0x1a [ 1422.008442] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1422.013588] ? debug_check_no_locks_freed+0x310/0x310 [ 1422.018810] ? lock_downgrade+0x8e0/0x8e0 [ 1422.022984] ? rcu_is_watching+0x85/0x140 [ 1422.027152] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1422.032363] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1422.037567] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1422.042788] ? perf_trace_lock+0xd6/0x900 [ 1422.046954] ? is_bpf_text_address+0xd7/0x170 [ 1422.051473] ? zap_class+0x720/0x720 [ 1422.055205] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1422.060754] ? should_fail+0x21b/0xbcd [ 1422.064742] ? __save_stack_trace+0x7e/0xd0 [ 1422.069086] __alloc_pages_nodemask+0x34e/0xd70 [ 1422.073775] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1422.078807] ? save_stack+0x43/0xd0 [ 1422.082447] ? kasan_kmalloc+0xc4/0xe0 [ 1422.086349] ? kasan_slab_alloc+0x12/0x20 [ 1422.090513] ? find_held_lock+0x36/0x1c0 [ 1422.094621] ? check_same_owner+0x320/0x320 [ 1422.098964] cache_grow_begin+0x6e/0x6c0 [ 1422.103054] kmem_cache_alloc_node_trace+0x692/0x770 [ 1422.108192] __kmalloc_node_track_caller+0x33/0x70 [ 1422.113144] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1422.117924] __alloc_skb+0x14d/0x780 [ 1422.121664] ? skb_scrub_packet+0x580/0x580 [ 1422.126009] ? dst_init+0x459/0x600 [ 1422.129662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1422.135222] ? ip_generic_getfrag+0x11c/0x2d0 [ 1422.139996] ? ip_reply_glue_bits+0xc0/0xc0 [ 1422.144336] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1422.149367] ? skb_put+0x17b/0x1e0 [ 1422.152917] __ip_append_data.isra.47+0x21d0/0x2a30 [ 1422.157928] ? ip_reply_glue_bits+0xc0/0xc0 [ 1422.162248] ? __ip_flush_pending_frames.isra.43+0x2d0/0x2d0 [ 1422.168043] ? xfrm_policy_lookup+0x70/0x70 [ 1422.172358] ? ipv4_mtu+0x375/0x580 [ 1422.175986] ? __build_flow_key.constprop.55+0x5f0/0x5f0 [ 1422.181427] ? find_held_lock+0x36/0x1c0 [ 1422.185490] ? ip_setup_cork+0x44d/0x6d0 [ 1422.189544] ip_make_skb+0x2be/0x350 [ 1422.193247] ? ip_reply_glue_bits+0xc0/0xc0 [ 1422.197560] ? ip_flush_pending_frames+0x30/0x30 [ 1422.202317] ? ip_route_output_key_hash_rcu+0x3380/0x3380 [ 1422.207854] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1422.213379] ? xfrm_lookup_route+0x64/0x1f0 [ 1422.217704] udp_sendmsg+0x24ec/0x35e0 [ 1422.221581] ? perf_trace_lock+0xd6/0x900 [ 1422.225725] ? ip_reply_glue_bits+0xc0/0xc0 [ 1422.230057] ? udp4_lib_lookup2+0x340/0x340 [ 1422.234366] ? graph_lock+0x170/0x170 [ 1422.238163] ? expand_files.part.8+0x9a0/0x9a0 [ 1422.242751] ? lock_downgrade+0x8e0/0x8e0 [ 1422.246889] ? lock_release+0xa10/0xa10 [ 1422.250855] ? check_same_owner+0x320/0x320 [ 1422.255169] ? __check_object_size+0x95/0x5d9 [ 1422.259666] inet_sendmsg+0x19f/0x690 [ 1422.263471] ? __might_sleep+0x95/0x190 [ 1422.267441] ? ipip_gro_receive+0x100/0x100 [ 1422.271767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1422.277318] ? security_socket_sendmsg+0x94/0xc0 [ 1422.282064] ? ipip_gro_receive+0x100/0x100 [ 1422.286379] sock_sendmsg+0xd5/0x120 [ 1422.290087] __sys_sendto+0x3d7/0x670 [ 1422.293897] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1422.298565] ? wait_for_completion+0x870/0x870 [ 1422.303186] ? __sb_end_write+0xac/0xe0 [ 1422.307254] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1422.312788] ? fput+0x130/0x1a0 [ 1422.316434] ? ksys_write+0x1a6/0x250 [ 1422.320227] ? __do_page_fault+0x441/0xe40 [ 1422.324452] ? __ia32_sys_read+0xb0/0xb0 [ 1422.328513] __ia32_sys_sendto+0xdf/0x1a0 [ 1422.332651] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1422.337666] do_fast_syscall_32+0x345/0xf9b [ 1422.341981] ? do_int80_syscall_32+0x880/0x880 [ 1422.346554] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1422.351743] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1422.357268] ? syscall_return_slowpath+0x30f/0x5c0 [ 1422.362189] ? sysret32_from_system_call+0x5/0x46 [ 1422.367035] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1422.371880] entry_SYSENTER_compat+0x70/0x7f [ 1422.376283] RIP: 0023:0xf7f63cb9 [ 1422.379638] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1422.387340] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1422.394599] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1422.402294] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 1422.409557] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1422.417257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0xfffffffc}, 0x0) 2018/06/01 03:16:49 executing program 3: madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:49 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'nat\x00', 0x19, 0x7592da12, 0x30c, [0x20000140, 0x0, 0x0, 0x20000170, 0x20000444], 0x0, &(0x7f0000000000), &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007465616d30000000000000000000000062726964676530000000000000000000697036677265746170300000000000b932797a6b616c6c657231000000000000aaaaaaaaaaaa000000000000aaaaaaaaaaaa0000000000000000e80000001801000040010000636f6e6e6279746573000000001c0000000000000000000000000000000000001800000000000000df667c5bca98c78d00000000000000000000000074696d650000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000736e61740000000000000000000000000019cc4530d8bae712167920c9f628c800000000000000000000000000f1ff0b000000aaaaaaaaaab800000000000072656469726563740000000000000000000000000000000000000000000000000400000000000000000000000000000000006970365f7674693000000000000000007465616d5f736c6176655f30000000006272696467655f736c6176655f3100007465616d300000000000000000000000aaaaaaaaaaaa0000000000000180c200000000000000000000009c0000000c0100003c0100003830325f330000000000000000000000000000000000000000000000000000000800000000000000000000006e666c6f67000000000000000000000000000000000000000000deffffff00004c000000000000000000000000000000c90a54b600784a17bc810abb66f6996951ed4a4089548c94ad504abb15fa28406674dc6cc9e554cff94dd3165c19c2e3a67243519fe48541732257b94016e1456172707265706c790000000000000000000000000000000000000000000000000c000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000"]}, 0x360) 2018/06/01 03:16:49 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1300}, 0x0) 2018/06/01 03:16:49 executing program 2 (fault-call:2 fault-nth:99): r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:49 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x80fe}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:49 executing program 7: unshare(0x60000000) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40186417, &(0x7f0000000100)={0x8, 0x400, 0x5, 0x6, 0x15, 0x1601b700}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)="7379736673002a864f4bc00bce1bdb20637213b1e894d120715f9dc1125b042c7226eb0136d9624ea1d23374a660fe5ac173722fd367ad22e8553025a2e8be0bc5514379af7213d32b8d5d06dc8fbf2c849ed9cdefc74b03dfa9cb5a90b28b4b24d7862c3d66fca53167d5424235435a3dbb76bc7d3c42fc2e9c696114a6f888f0da85277683cfc1c4d2bf71c255a3134d64cc3fed8e97798deb8631cbf7682c9fa2ed031465aa191df922f764297cba22a8499d177f49fba940f55bbc8b723fd374f1fed78c8aeec6811d9b5879487387d56594a14c2588274de84fa27610302b3fb54172a8c910a07e7c76ea465aa68402", 0x0, &(0x7f0000000080)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={0x0, r0, 0xb, 0x1}, 0x14) 2018/06/01 03:16:49 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000080)) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=@gettclass={0x24, 0x2a, 0x701}, 0x24}, 0x1}, 0x0) [ 1422.630114] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1422.649228] kernel msg: ebtables bug: please report to author: Wrong len argument [ 1422.667656] FAULT_INJECTION: forcing a failure. [ 1422.667656] name failslab, interval 1, probability 0, space 0, times 0 [ 1422.679136] CPU: 0 PID: 24637 Comm: syz-executor2 Not tainted 4.17.0-rc7+ #102 [ 1422.686509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1422.695972] Call Trace: [ 1422.698591] dump_stack+0x1b9/0x294 [ 1422.702246] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1422.707457] should_fail.cold.4+0xa/0x1a [ 1422.711540] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1422.716672] ? ip_vs_conn_in_get_proto+0xb4/0xf0 [ 1422.721447] ? ip_vs_conn_in_get+0x1750/0x1750 [ 1422.726054] ? ip_vs_conn_out_get+0x9c0/0x9c0 [ 1422.730583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1422.736147] ? ip_vs_in+0x2b9/0x2910 [ 1422.739891] ? ip_vs_in_icmp+0x2950/0x2950 [ 1422.744169] ? ip_vs_out_icmp_v6.isra.27+0x6c0/0x6c0 [ 1422.748592] IPVS: ftp: loaded support on port[0] = 21 [ 1422.749283] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1422.749306] ? __local_bh_enable_ip+0x161/0x230 [ 1422.764685] __should_failslab+0x124/0x180 [ 1422.768937] should_failslab+0x9/0x14 [ 1422.772757] kmem_cache_alloc+0x47/0x760 [ 1422.776834] ? trace_hardirqs_on+0xd/0x10 2018/06/01 03:16:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x4c}, 0x0) 2018/06/01 03:16:49 executing program 1: recvfrom(0xffffffffffffffff, &(0x7f00000011c0)=""/4096, 0x1000, 0x0, &(0x7f0000001140)=@ipx={0x4, 0x0, 0x0, "5d6f634e9e66"}, 0x80) r0 = open(&(0x7f0000103ff8)='./file0\x00', 0x141042, 0x0) ftruncate(r0, 0x7ffe) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x20000000805, 0x0) lseek(r1, 0x0, 0x3) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000140)={0x0, 0x2, {0xffffffffffffffff, 0x2, 0xaa, 0x2, 0xa7}}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) sendfile(r1, r0, &(0x7f0000335ff8), 0x2) readv(r1, &(0x7f0000000100)=[{&(0x7f0000000080)=""/4, 0x4}], 0x235) 2018/06/01 03:16:49 executing program 3: madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) [ 1422.781000] ? __local_bh_enable_ip+0x161/0x230 [ 1422.785695] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1422.791281] ? ipt_do_table+0xf85/0x1b20 [ 1422.795369] skb_clone+0x1ed/0x4f0 [ 1422.798928] ? skb_split+0x11d0/0x11d0 [ 1422.802865] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1422.808076] ip_mc_output+0x3d7/0x15a0 [ 1422.811983] ? ip_queue_xmit+0x1f70/0x1f70 [ 1422.816231] ? lock_downgrade+0x8e0/0x8e0 [ 1422.820394] ? kasan_check_read+0x11/0x20 [ 1422.824568] ? rcu_is_watching+0x85/0x140 2018/06/01 03:16:49 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)={0x1, 0x0, [{0x1, 0x0, 0x0, 0xfffffdfd, 0x2000000}]}) [ 1422.828733] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1422.830983] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1422.833933] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1422.833959] ? nf_hook_slow+0x11e/0x1c0 [ 1422.833980] ? __ip_local_out+0x5cf/0xb20 [ 1422.833998] ? ip_finish_output+0xf80/0xf80 [ 1422.858784] ? ip_make_skb+0x226/0x350 [ 1422.862691] ? ip_append_data.part.48+0x180/0x180 [ 1422.867561] ? ip_flush_pending_frames+0x30/0x30 [ 1422.872342] ip_local_out+0xc5/0x1b0 [ 1422.876079] ip_send_skb+0x40/0xe0 [ 1422.879642] udp_send_skb+0x581/0xcc0 [ 1422.883456] ? xfrm_lookup_route+0x64/0x1f0 [ 1422.887807] udp_sendmsg+0x254f/0x35e0 [ 1422.891720] ? ip_reply_glue_bits+0xc0/0xc0 [ 1422.896152] ? udp4_lib_lookup2+0x340/0x340 [ 1422.900488] ? graph_lock+0x170/0x170 [ 1422.904310] ? expand_files.part.8+0x9a0/0x9a0 [ 1422.908914] ? check_same_owner+0x320/0x320 [ 1422.913250] ? lock_downgrade+0x8e0/0x8e0 [ 1422.917397] ? lock_release+0xa10/0xa10 [ 1422.921365] ? check_same_owner+0x320/0x320 [ 1422.925693] ? __check_object_size+0x95/0x5d9 [ 1422.930278] inet_sendmsg+0x19f/0x690 [ 1422.934076] ? __might_sleep+0x95/0x190 [ 1422.938050] ? ipip_gro_receive+0x100/0x100 [ 1422.942364] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1422.947891] ? security_socket_sendmsg+0x94/0xc0 [ 1422.952632] ? ipip_gro_receive+0x100/0x100 [ 1422.956957] sock_sendmsg+0xd5/0x120 [ 1422.960660] __sys_sendto+0x3d7/0x670 [ 1422.964453] ? __ia32_sys_getpeername+0xb0/0xb0 [ 1422.969113] ? wait_for_completion+0x870/0x870 [ 1422.973721] ? __lock_is_held+0xb5/0x140 [ 1422.977784] ? __sb_end_write+0xac/0xe0 [ 1422.981754] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1422.987288] ? fput+0x130/0x1a0 [ 1422.990560] ? ksys_write+0x1a6/0x250 [ 1422.994349] ? __ia32_sys_read+0xb0/0xb0 [ 1422.998405] __ia32_sys_sendto+0xdf/0x1a0 [ 1423.002553] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1423.007559] do_fast_syscall_32+0x345/0xf9b [ 1423.011873] ? do_int80_syscall_32+0x880/0x880 [ 1423.016446] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1423.021283] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1423.026813] ? syscall_return_slowpath+0x30f/0x5c0 [ 1423.031748] ? sysret32_from_system_call+0x5/0x46 [ 1423.036586] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1423.041424] entry_SYSENTER_compat+0x70/0x7f [ 1423.045932] RIP: 0023:0xf7f63cb9 [ 1423.049293] RSP: 002b:00000000f5f5f0ac EFLAGS: 00000282 ORIG_RAX: 0000000000000171 [ 1423.057015] RAX: ffffffffffffffda RBX: 0000000000000013 RCX: 0000000020c95ffd [ 1423.064287] RDX: 000000000000ffaa RSI: 0000000000000000 RDI: 000000002057bff0 [ 1423.071557] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:49 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x2}, 0x0) [ 1423.078910] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1423.086174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x48}, 0x0) 2018/06/01 03:16:49 executing program 1: r0 = add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000140)="de17546022fc48b6a4a162a5776860afb64b91439001ae285310203ded0089b31919e60339166ba98c57a9641e92fceed9e2f9be92fd3efa5ae7f331", 0x3c, 0xfffffffffffffffe) keyctl$get_keyring_id(0x0, r0, 0xfffffffffffff7f0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) write$binfmt_aout(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="0000063fc900000000008c01000004"], 0xf) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x0) readv(r2, &(0x7f00000006c0)=[{&(0x7f0000000000)=""/184, 0xb8}], 0x2000000000000005) 2018/06/01 03:16:49 executing program 7: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000500)=""/246) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000100)=""/212) poll(&(0x7f00000000c0)=[{r0}], 0x1, 0x7) 2018/06/01 03:16:49 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xffaa, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1423.286636] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:50 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x8}, 0x0) 2018/06/01 03:16:50 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x0) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:50 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001280)='/dev/kvm\x00', 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vsock\x00', 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000000)={'bcsh0\x00', 0x2200}) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f}) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4138ae84, &(0x7f0000000100)) 2018/06/01 03:16:50 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x4e48, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:50 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x600000000000000}, 0x0) 2018/06/01 03:16:50 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000040)) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_mcast\x00') ioctl$GIO_FONT(r0, 0x4b60, &(0x7f00000000c0)=""/103) preadv(r0, &(0x7f0000000100), 0x20000000000002c9, 0x2000000) 2018/06/01 03:16:50 executing program 7: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='stack\x00') perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000700)=[{&(0x7f0000000580)=""/237, 0xed}, {&(0x7f0000000680)=""/114, 0x72}], 0x2, 0x4c) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f00000000c0)=0x1, 0x4) r1 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"79616d300001178b00", 0x4012}) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000000)={0x3, 0x6, [@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1b}]}) 2018/06/01 03:16:50 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x5000000000000}, 0x1c) shutdown(r0, 0x0) [ 1423.513824] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1423.543469] Unknown ioctl 35092 2018/06/01 03:16:50 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x9700, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1423.573288] Unknown ioctl 35092 2018/06/01 03:16:50 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x17}, 0x0) 2018/06/01 03:16:50 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x200000000000000}, 0x0) 2018/06/01 03:16:50 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000000)={'irlan0\x00', 0xffff}) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001940)=@broute={'broute\x00', 0x20, 0x1, 0x284, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001680], 0x0, &(0x7f0000001640), &(0x7f0000001680)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000110000000000000000006970646470300000000000000000000076657468315f746f5f7465616d0000007663616e30000000000000000000000069703667726530000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaaaa000000000000000070000000c8000000f40100006d61726b0000000000000000000000ddff0000000000000000000000000000000800000000000000ffffffff6d61726b000000000000000000000000000000000000000000000000000000000800000000000000ffffffff5345434d41524b0000000000000000000000000000000000000000000000000008010000000000000000000073797374656d5f753a6f626a6563745f723a736861646f775f743a7330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000001000000feffffff00000000"]}, 0x2d4) 2018/06/01 03:16:50 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x37e8, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:50 executing program 6: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000180)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000280)='/exe\x00\x00X\x00\x00') fadvise64(r1, 0x0, 0x0, 0x3) 2018/06/01 03:16:50 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x0) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) [ 1423.706236] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1423.742864] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'broute' 2018/06/01 03:16:50 executing program 7: r0 = dup(0xffffffffffffffff) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000100)={0xc44, 0x6}, 0x2) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) renameat2(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00', 0x4) r2 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGMASK(r2, 0x80104592, &(0x7f0000000200)={0x80000000, 0x0, &(0x7f00000001c0)}) 2018/06/01 03:16:50 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1a}, 0x0) [ 1423.779351] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'broute' 2018/06/01 03:16:50 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x7000000}, 0x0) [ 1423.974622] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_NMI(r2, 0xae9a) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="fbff00000000000000ddff"], 0xb) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x8000) ioctl$EVIOCRMFF(r3, 0x40044581, &(0x7f0000000100)=0x8) 2018/06/01 03:16:51 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xc958, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:51 executing program 6: r0 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) pwrite64(r0, &(0x7f0000001200)='?', 0x1, 0x0) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000880)='bond_slave_1\x00') mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$kcm(0x2, 0x5, 0x0) getsockopt$bt_hci(r1, 0x10d, 0x0, &(0x7f0000000000)=""/86, &(0x7f0000000100)=0xfffffffffffffdf8) recvmsg(r0, &(0x7f0000000840)={&(0x7f0000000140)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @remote}}}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000080)=""/36, 0x24}, {&(0x7f00000001c0)=""/202, 0xca}, {&(0x7f00000002c0)=""/135, 0x87}, {&(0x7f0000000380)=""/92, 0x5c}, {&(0x7f0000000400)=""/146, 0x92}, {&(0x7f00000004c0)=""/93, 0x5d}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000000540)=""/158, 0x9e}, {&(0x7f0000000600)=""/175, 0xaf}], 0x9, &(0x7f0000000740)=""/253, 0xfd, 0x1}, 0x20) 2018/06/01 03:16:51 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x4}, 0x0) 2018/06/01 03:16:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x130b}, 0x0) 2018/06/01 03:16:51 executing program 7: pipe(&(0x7f0000000040)) 2018/06/01 03:16:51 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xa000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:51 executing program 3: ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x0) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) [ 1424.500368] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:51 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xdfb8, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:51 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$TTUNGETFILTER(0xffffffffffffffff, 0x800854db, &(0x7f0000000080)=""/120) r2 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x1, 0x8000) sendto(r2, &(0x7f0000000240)="a440d127fc6acd0f7b540da1c3fde11638431215d0907978a72441092099672f6fa8e5f9b2f09dd8928461a470e3d559f09a96bb15640a69dc24e40b16d8fd9b88d17b187fbd4f1291992413f2bd91c340eca514bb9b64b8b867165dfb0bd8b18e5a492ed0fe56cf9666fd45cdc34fe5086913795e673e2b8e8a984c47c2572000abb64c34e63ba99f9a707c27e069c4c93c57667186bc531b77b0111bca", 0x9e, 0x20040004, &(0x7f0000000300)=@rc={0x1f, {0x33f, 0x9, 0x7fff, 0x2, 0x80000000, 0x40000000000}, 0x7}, 0x80) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000380)=0x0) capset(&(0x7f0000000400)={0x20071026, r3}, &(0x7f0000000440)={0x100, 0x57, 0x4, 0x100000000, 0x7, 0x83}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r4 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) write$evdev(r4, &(0x7f00000001c0)=[{{}, 0x100, 0x0, 0x6}, {{r5, r6/1000+30000}, 0x62f, 0x9, 0x1}, {{0x77359400}, 0x0, 0x7a1, 0x7fff}, {{0x0, 0x7530}, 0x1, 0xfffffffffffffffd, 0xd2}], 0x40) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000040)) 2018/06/01 03:16:51 executing program 6: r0 = socket$can_bcm(0x1d, 0x2, 0x2) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}}, 0x104) connect$can_bcm(r0, &(0x7f0000000480)={0x1d}, 0x10) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x1000, 0x0) ioctl$GIO_FONT(r1, 0x4b60, &(0x7f00000000c0)=""/93) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000001fc8)={&(0x7f0000000000)={0x1d, r2}, 0x10, &(0x7f0000017ff0)={&(0x7f0000007000)=@canfd={{0x4}, 0x0, 0x0, 0x0, 0x0, "0327e19a2b010000037dc1250200000008990039966a7d5cb2bd00000000000000000007496e6866856b76b5010000000000000000060000000118fa1efd9b0b"}, 0x48}, 0x1}, 0x0) 2018/06/01 03:16:51 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0x3f00000000000000}, 0x0) 2018/06/01 03:16:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x7dff000000000000}, 0x0) 2018/06/01 03:16:51 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x80000000007) 2018/06/01 03:16:51 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x2cb8, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:51 executing program 3 (fault-call:2 fault-nth:0): ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) [ 1424.728483] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:51 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0x100000000000000}, 0x0) [ 1424.820476] FAULT_INJECTION: forcing a failure. [ 1424.820476] name failslab, interval 1, probability 0, space 0, times 0 [ 1424.831850] CPU: 0 PID: 24806 Comm: syz-executor3 Not tainted 4.17.0-rc7+ #102 [ 1424.839327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1424.848700] Call Trace: [ 1424.851313] dump_stack+0x1b9/0x294 [ 1424.854963] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1424.860166] ? perf_trace_lock_acquire+0xe3/0x980 [ 1424.865006] ? graph_lock+0x170/0x170 [ 1424.868823] should_fail.cold.4+0xa/0x1a [ 1424.872880] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1424.878060] ? print_usage_bug+0xc0/0xc0 [ 1424.882123] ? print_usage_bug+0xc0/0xc0 [ 1424.886179] ? lock_acquire+0x1dc/0x520 [ 1424.890149] ? find_held_lock+0x36/0x1c0 [ 1424.894218] ? check_same_owner+0x320/0x320 [ 1424.898544] ? rcu_note_context_switch+0x710/0x710 [ 1424.903902] __should_failslab+0x124/0x180 [ 1424.908133] should_failslab+0x9/0x14 [ 1424.911927] kmem_cache_alloc_node+0x272/0x780 [ 1424.916513] ? print_usage_bug+0xc0/0xc0 [ 1424.920566] ? page_add_new_anon_rmap+0x850/0x850 [ 1424.925405] copy_process.part.38+0x169d/0x6e70 [ 1424.930066] ? print_usage_bug+0xc0/0xc0 [ 1424.934642] ? mark_held_locks+0xc9/0x160 [ 1424.938783] ? retint_kernel+0x10/0x10 [ 1424.942674] ? print_usage_bug+0xc0/0xc0 [ 1424.946724] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1424.951479] ? __cleanup_sighand+0x70/0x70 [ 1424.955708] ? reacquire_held_locks+0xbc/0x3e0 [ 1424.960283] ? alloc_set_pte+0x1013/0x1600 [ 1424.964519] ? print_usage_bug+0xc0/0xc0 [ 1424.968587] ? debug_check_no_locks_freed+0x310/0x310 [ 1424.973780] ? kasan_check_read+0x11/0x20 [ 1424.977923] ? print_usage_bug+0xc0/0xc0 [ 1424.982004] ? debug_check_no_locks_freed+0x310/0x310 [ 1424.987196] ? __lock_acquire+0x7f5/0x5140 [ 1424.991425] ? perf_trace_lock+0x900/0x900 [ 1424.995654] ? debug_check_no_locks_freed+0x310/0x310 [ 1425.000849] ? debug_check_no_locks_freed+0x310/0x310 [ 1425.006038] ? perf_trace_lock_acquire+0xe3/0x980 [ 1425.010877] ? perf_trace_lock+0x900/0x900 [ 1425.015097] ? perf_trace_lock_acquire+0xe3/0x980 [ 1425.019929] ? graph_lock+0x170/0x170 [ 1425.023716] ? lock_acquire+0x1dc/0x520 [ 1425.027688] ? __fdget_pos+0x1a9/0x1e0 [ 1425.031577] ? perf_trace_lock_acquire+0xe3/0x980 [ 1425.036413] ? perf_trace_lock+0x900/0x900 [ 1425.040638] ? find_held_lock+0x36/0x1c0 [ 1425.044694] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1425.050220] ? _parse_integer+0x13b/0x190 [ 1425.054362] ? graph_lock+0x170/0x170 [ 1425.058152] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1425.063677] ? _kstrtoull+0x180/0x230 [ 1425.067465] ? _parse_integer+0x190/0x190 [ 1425.071603] ? graph_lock+0x170/0x170 [ 1425.075397] ? lock_release+0xa10/0xa10 [ 1425.079370] ? find_held_lock+0x36/0x1c0 [ 1425.083423] ? graph_lock+0x170/0x170 [ 1425.087229] ? lock_downgrade+0x8e0/0x8e0 [ 1425.091388] ? find_held_lock+0x36/0x1c0 [ 1425.095553] ? lock_downgrade+0x8e0/0x8e0 [ 1425.099694] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1425.105220] ? proc_fail_nth_write+0x96/0x1f0 [ 1425.109712] ? proc_cwd_link+0x1d0/0x1d0 [ 1425.113848] ? find_held_lock+0x36/0x1c0 [ 1425.117900] ? find_held_lock+0x36/0x1c0 [ 1425.121953] _do_fork+0x291/0x12a0 [ 1425.125490] ? fork_idle+0x1a0/0x1a0 [ 1425.129196] ? __lock_is_held+0xb5/0x140 [ 1425.133260] ? __sb_end_write+0xac/0xe0 [ 1425.137234] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1425.142770] ? fput+0x130/0x1a0 [ 1425.146039] ? ksys_write+0x1a6/0x250 [ 1425.149830] ? __do_page_fault+0x441/0xe40 [ 1425.154057] ? __ia32_sys_read+0xb0/0xb0 [ 1425.158115] __ia32_compat_sys_x86_clone+0xbc/0x140 [ 1425.163122] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1425.168133] do_fast_syscall_32+0x345/0xf9b [ 1425.172477] ? do_int80_syscall_32+0x880/0x880 [ 1425.177048] ? _raw_spin_unlock_irq+0x27/0x70 [ 1425.181570] ? finish_task_switch+0x1ca/0x840 [ 1425.186060] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1425.191594] ? syscall_return_slowpath+0x30f/0x5c0 [ 1425.196519] ? sysret32_from_system_call+0x5/0x46 [ 1425.201357] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1425.206193] entry_SYSENTER_compat+0x70/0x7f [ 1425.210587] RIP: 0023:0xf7f56cb9 [ 1425.213938] RSP: 002b:00000000f5f520ac EFLAGS: 00000282 ORIG_RAX: 0000000000000078 2018/06/01 03:16:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x9effffff00000000}, 0x0) 2018/06/01 03:16:51 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x9168, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1425.221646] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020b53000 [ 1425.228903] RDX: 000000002084effc RSI: 0000000020c35ffc RDI: 0000000020b3bfff [ 1425.236161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1425.243427] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1425.250687] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0xffffff7f00000000}, 0x0) 2018/06/01 03:16:51 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0x400000000000000}, 0x0) 2018/06/01 03:16:52 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xad60, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:52 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x2000000}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:52 executing program 1: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/.nforce\x00', 0x6002, 0x0) io_setup(0x8b1, &(0x7f0000000080)=0x0) io_submit(r1, 0x1, &(0x7f00000015c0)=[&(0x7f0000000300)={0xff0f, 0x0, 0x12, 0x1, 0x0, r0, &(0x7f0000000340)="81b1e418b9525b82d6e2c4b42d3da93e6c2a064419838bb0cdec3c36355e4324d45ea445dca2bcd4b40cbff5d5ffd97b482b4532edaed62c9d4b668e8315e4df30d889de1c9be1310bebce845fa90c3c73daf61894f0f618783ec4033f13ba1020e70000000000000000000dc29f4da443a43ba74213aff0a1ddb549fcad8616d410802451c2a7cc633cfb46755df13563a2cee4284ad59bed582d607bbfd4c16e36164e8a88c08abbbe51f86041d8d9fd869b14449a4c4b3ccf0279458ff7ca37e136d0a52aea4a1ee0e7c216623c2ce764f5a80357000000000000000000f8ffffff00c67328efb31c3f6decb2b32bb5fb690d5ffac4b1509447f7e9cf12d75314f2e227564e815fef907becc02b093021d45dd1dba3a033692d111b37949bc07834c4256c276cea62185f53d5e6161e9f7408c94d6d4a4b95feb85f262e2f55e019d156", 0x145}]) 2018/06/01 03:16:52 executing program 3 (fault-call:2 fault-nth:1): ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) [ 1425.648961] FAULT_INJECTION: forcing a failure. [ 1425.648961] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1425.660930] CPU: 0 PID: 24850 Comm: syz-executor3 Not tainted 4.17.0-rc7+ #102 [ 1425.668299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1425.677652] Call Trace: [ 1425.680250] dump_stack+0x1b9/0x294 [ 1425.683890] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1425.689084] ? kasan_check_read+0x11/0x20 [ 1425.693236] ? rcu_is_watching+0x85/0x140 [ 1425.697413] should_fail.cold.4+0xa/0x1a [ 1425.701485] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1425.706593] ? kernel_text_address+0x79/0xf0 [ 1425.711005] ? __unwind_start+0x166/0x330 [ 1425.715158] ? unwind_get_return_address+0x61/0xa0 [ 1425.720085] ? find_held_lock+0x36/0x1c0 [ 1425.724164] ? check_same_owner+0x320/0x320 [ 1425.728498] ? rcu_note_context_switch+0x710/0x710 [ 1425.733432] ? __might_sleep+0x95/0x190 [ 1425.737411] __alloc_pages_nodemask+0x34e/0xd70 [ 1425.742077] ? rcu_is_watching+0x85/0x140 [ 1425.746336] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1425.751359] ? rcu_is_watching+0x85/0x140 [ 1425.755499] ? rcu_pm_notify+0xc0/0xc0 [ 1425.759379] ? copy_process.part.38+0x169d/0x6e70 [ 1425.764214] ? rcu_read_lock_sched_held+0x108/0x120 [ 1425.769227] copy_process.part.38+0x4e2/0x6e70 [ 1425.773907] ? attach_entity_load_avg+0x850/0x850 [ 1425.778762] ? update_load_avg+0x2d9/0x2570 [ 1425.783078] ? print_usage_bug+0xc0/0xc0 [ 1425.787143] ? __cleanup_sighand+0x70/0x70 [ 1425.791385] ? reacquire_held_locks+0xbc/0x3e0 [ 1425.795967] ? alloc_set_pte+0x1013/0x1600 [ 1425.800209] ? print_usage_bug+0xc0/0xc0 [ 1425.804266] ? debug_check_no_locks_freed+0x310/0x310 [ 1425.809452] ? kasan_check_read+0x11/0x20 [ 1425.813606] ? print_usage_bug+0xc0/0xc0 [ 1425.817671] ? debug_check_no_locks_freed+0x310/0x310 [ 1425.822857] ? __lock_acquire+0x7f5/0x5140 [ 1425.827090] ? debug_check_no_locks_freed+0x310/0x310 [ 1425.832280] ? debug_check_no_locks_freed+0x310/0x310 [ 1425.837476] ? debug_check_no_locks_freed+0x310/0x310 [ 1425.842681] ? __account_cfs_rq_runtime+0x600/0x600 [ 1425.847861] ? print_usage_bug+0xc0/0xc0 [ 1425.851917] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1425.857453] ? __perf_event_task_sched_out+0x2e8/0x1a30 [ 1425.862806] ? graph_lock+0x170/0x170 [ 1425.866593] ? lock_acquire+0x1dc/0x520 [ 1425.870554] ? __fdget_pos+0x1a9/0x1e0 [ 1425.874431] ? graph_lock+0x170/0x170 [ 1425.878224] ? __lock_acquire+0x7f5/0x5140 [ 1425.882457] ? find_held_lock+0x36/0x1c0 [ 1425.886513] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1425.892125] ? _parse_integer+0x13b/0x190 [ 1425.896351] ? graph_lock+0x170/0x170 [ 1425.900152] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1425.905705] ? _kstrtoull+0x180/0x230 [ 1425.909504] ? _parse_integer+0x190/0x190 [ 1425.913649] ? graph_lock+0x170/0x170 [ 1425.917437] ? lock_release+0xa10/0xa10 [ 1425.921401] ? check_same_owner+0x320/0x320 [ 1425.925710] ? find_held_lock+0x36/0x1c0 [ 1425.929775] ? graph_lock+0x170/0x170 [ 1425.933592] ? lock_downgrade+0x8e0/0x8e0 [ 1425.937730] ? find_held_lock+0x36/0x1c0 [ 1425.941792] ? lock_downgrade+0x8e0/0x8e0 [ 1425.945947] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1425.951490] ? proc_fail_nth_write+0x96/0x1f0 [ 1425.955988] ? proc_cwd_link+0x1d0/0x1d0 [ 1425.960060] ? find_held_lock+0x36/0x1c0 [ 1425.964117] _do_fork+0x291/0x12a0 [ 1425.967647] ? fork_idle+0x1a0/0x1a0 [ 1425.971354] ? __lock_is_held+0xb5/0x140 [ 1425.975408] ? __sb_end_write+0xac/0xe0 [ 1425.979385] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1425.984908] ? fput+0x130/0x1a0 [ 1425.988176] ? ksys_write+0x1a6/0x250 [ 1425.991962] ? __ia32_sys_read+0xb0/0xb0 [ 1425.996672] __ia32_compat_sys_x86_clone+0xbc/0x140 [ 1426.001682] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1426.006691] do_fast_syscall_32+0x345/0xf9b [ 1426.011016] ? do_int80_syscall_32+0x880/0x880 [ 1426.015591] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1426.020422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1426.025948] ? syscall_return_slowpath+0x30f/0x5c0 [ 1426.030874] ? sysret32_from_system_call+0x5/0x46 [ 1426.035719] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1426.040566] entry_SYSENTER_compat+0x70/0x7f [ 1426.044972] RIP: 0023:0xf7f56cb9 [ 1426.048322] RSP: 002b:00000000f5f520ac EFLAGS: 00000282 ORIG_RAX: 0000000000000078 [ 1426.056022] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020b53000 [ 1426.063286] RDX: 000000002084effc RSI: 0000000020c35ffc RDI: 0000000020b3bfff [ 1426.070565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1426.077865] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1426.085125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/06/01 03:16:53 executing program 7: mkdir(&(0x7f0000027000)='./file0\x00', 0x0) mount(&(0x7f0000018000)='./file0\x00', &(0x7f000001c000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, &(0x7f000000a000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffff9c, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000040)=ANY=[@ANYBLOB="03000000680000e989e5a088bbe86687390dd19eed8956221cbf2a2389f35aaffa74eceff73b72ed34816d14ced852a6441634217428f80287608f7ba2c094445314ef302727334d352e8c12f64691884ad579cc9c37e697331540b5ceefcf1a09f6c4768f83500681161d828dac93da"]) open$dir(&(0x7f00000000c0)='./file0/bus\x00', 0x40, 0x0) mount(&(0x7f0000033ff4)='./file0/bus\x00', &(0x7f000000fff8)='./file0\x00', &(0x7f0000032ffb)='fuse\x00', 0x7ffbf, &(0x7f0000032000)) truncate(&(0x7f0000000180)='./file0/bus\x00', 0x0) 2018/06/01 03:16:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$setlease(r0, 0x400, 0x3) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000080)={0x20, 0x2d, 0x119, 0x0, 0x0, {0x1801}, [@nested={0xc, 0x0, [@typed={0x8, 0x3, @binary='U'}]}]}, 0x20}, 0x1}, 0x0) 2018/06/01 03:16:53 executing program 3 (fault-call:2 fault-nth:2): ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:53 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0xff00}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:53 executing program 6: r0 = memfd_create(&(0x7f0000000580)='dev ', 0x3) write(r0, &(0x7f0000000040)="16", 0x1) sendfile(r0, r0, &(0x7f0000001000), 0xffff) splice(r0, &(0x7f0000000000), r0, &(0x7f0000000080), 0x2, 0xe) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)=0x0) move_pages(r1, 0x5, &(0x7f0000000100)=[&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil], &(0x7f0000000140)=[0x7, 0xffffffff80000001, 0x4, 0x3], &(0x7f0000000180)=[0x0], 0x0) exit_group(0x7f) fcntl$addseals(r0, 0x409, 0x8) lseek(r0, 0x0, 0x3) sendfile(r0, r0, 0x0, 0xa6e) 2018/06/01 03:16:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x7dff0000}, 0x0) 2018/06/01 03:16:53 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0xfbffffff}, 0x0) 2018/06/01 03:16:53 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xfbb0, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:53 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x9) writev(r0, &(0x7f0000000140)=[{&(0x7f00000000c0)="480000001400199009004b0101048c01010000ebbd2e2ab912450000632379eb000000000000551f5f0028213ee20607000000000000003f666674a8ffff00c7e5ed5e00000000c8", 0x48}], 0x1) 2018/06/01 03:16:53 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0xf21c0e527f}, 0x0) 2018/06/01 03:16:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x700}, 0x0) 2018/06/01 03:16:53 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x48b0, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) [ 1426.519778] FAULT_INJECTION: forcing a failure. [ 1426.519778] name failslab, interval 1, probability 0, space 0, times 0 [ 1426.531514] CPU: 0 PID: 24875 Comm: syz-executor3 Not tainted 4.17.0-rc7+ #102 [ 1426.538890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1426.548263] Call Trace: [ 1426.550873] dump_stack+0x1b9/0x294 [ 1426.554521] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1426.559741] should_fail.cold.4+0xa/0x1a [ 1426.563913] ? rcu_bh_force_quiescent_state+0x20/0x20 2018/06/01 03:16:53 executing program 1: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = memfd_create(&(0x7f000003e000)='\'', 0x0) r2 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0xfffffffffffffffc) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000000)) r3 = dup2(r2, r1) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000001000)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f0000000080)={0x0, 0x0, 0x26}) ftruncate(r3, 0xffffffff80000001) [ 1426.569134] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1426.574281] ? memcg_kmem_charge_memcg+0x74/0x110 [ 1426.579181] ? percpu_ref_tryget+0x2b0/0x2b0 [ 1426.583644] ? find_held_lock+0x36/0x1c0 [ 1426.588057] ? check_same_owner+0x320/0x320 [ 1426.592404] ? rcu_note_context_switch+0x710/0x710 [ 1426.597895] __should_failslab+0x124/0x180 [ 1426.602149] should_failslab+0x9/0x14 [ 1426.605974] kmem_cache_alloc+0x2af/0x760 [ 1426.610143] ? rcu_is_watching+0x85/0x140 [ 1426.615090] ? do_raw_spin_unlock+0x9e/0x2e0 2018/06/01 03:16:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x6c00}, 0x0) [ 1426.619515] ? rcu_pm_notify+0xc0/0xc0 [ 1426.623423] prepare_creds+0x78/0x3e0 [ 1426.627241] ? abort_creds+0x170/0x170 [ 1426.631146] ? __raw_spin_lock_init+0x1c/0x100 [ 1426.635752] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1426.640781] copy_creds+0x7b/0x470 [ 1426.644335] ? lockdep_init_map+0x9/0x10 [ 1426.648419] copy_process.part.38+0xcd2/0x6e70 [ 1426.653012] ? print_usage_bug+0xc0/0xc0 [ 1426.657074] ? print_usage_bug+0xc0/0xc0 [ 1426.661142] ? lock_acquire+0x1dc/0x520 [ 1426.665118] ? print_usage_bug+0xc0/0xc0 [ 1426.669194] ? __cleanup_sighand+0x70/0x70 [ 1426.673447] ? reacquire_held_locks+0xbc/0x3e0 [ 1426.678033] ? alloc_set_pte+0x1013/0x1600 [ 1426.682281] ? print_usage_bug+0xc0/0xc0 [ 1426.686360] ? debug_check_no_locks_freed+0x310/0x310 [ 1426.691569] ? kasan_check_read+0x11/0x20 [ 1426.695712] ? print_usage_bug+0xc0/0xc0 [ 1426.699777] ? debug_check_no_locks_freed+0x310/0x310 [ 1426.704977] ? __lock_acquire+0x7f5/0x5140 [ 1426.709206] ? debug_check_no_locks_freed+0x310/0x310 [ 1426.714395] ? debug_check_no_locks_freed+0x310/0x310 [ 1426.719595] ? debug_check_no_locks_freed+0x310/0x310 [ 1426.725215] ? print_usage_bug+0xc0/0xc0 [ 1426.729270] ? print_usage_bug+0xc0/0xc0 [ 1426.733345] ? lock_downgrade+0x8e0/0x8e0 [ 1426.737490] ? graph_lock+0x170/0x170 [ 1426.741282] ? lock_acquire+0x1dc/0x520 [ 1426.745245] ? __fdget_pos+0x1a9/0x1e0 [ 1426.749125] ? graph_lock+0x170/0x170 [ 1426.753017] ? __lock_acquire+0x7f5/0x5140 [ 1426.757259] ? find_held_lock+0x36/0x1c0 [ 1426.761322] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1426.766863] ? _parse_integer+0x13b/0x190 [ 1426.771018] ? graph_lock+0x170/0x170 [ 1426.774929] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1426.780471] ? _kstrtoull+0x180/0x230 [ 1426.784274] ? _parse_integer+0x190/0x190 [ 1426.788422] ? graph_lock+0x170/0x170 [ 1426.792217] ? lock_release+0xa10/0xa10 [ 1426.796193] ? check_same_owner+0x320/0x320 [ 1426.800514] ? find_held_lock+0x36/0x1c0 [ 1426.804568] ? graph_lock+0x170/0x170 [ 1426.808364] ? lock_downgrade+0x8e0/0x8e0 [ 1426.812508] ? find_held_lock+0x36/0x1c0 [ 1426.816572] ? lock_downgrade+0x8e0/0x8e0 [ 1426.820728] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1426.826259] ? proc_fail_nth_write+0x96/0x1f0 [ 1426.830744] ? proc_cwd_link+0x1d0/0x1d0 [ 1426.834806] ? find_held_lock+0x36/0x1c0 [ 1426.838862] ? find_held_lock+0x36/0x1c0 [ 1426.842920] _do_fork+0x291/0x12a0 [ 1426.846453] ? fork_idle+0x1a0/0x1a0 [ 1426.850159] ? __lock_is_held+0xb5/0x140 [ 1426.854239] ? __sb_end_write+0xac/0xe0 [ 1426.858213] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1426.863749] ? fput+0x130/0x1a0 [ 1426.867029] ? ksys_write+0x1a6/0x250 [ 1426.870822] ? __do_page_fault+0x441/0xe40 [ 1426.875056] ? __ia32_sys_read+0xb0/0xb0 [ 1426.879127] __ia32_compat_sys_x86_clone+0xbc/0x140 [ 1426.884156] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1426.889167] do_fast_syscall_32+0x345/0xf9b [ 1426.893501] ? do_int80_syscall_32+0x880/0x880 [ 1426.898082] ? _raw_spin_unlock_irq+0x27/0x70 [ 1426.902572] ? finish_task_switch+0x1ca/0x840 [ 1426.907065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1426.912594] ? syscall_return_slowpath+0x30f/0x5c0 [ 1426.917517] ? sysret32_from_system_call+0x5/0x46 [ 1426.922353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1426.927199] entry_SYSENTER_compat+0x70/0x7f [ 1426.931598] RIP: 0023:0xf7f56cb9 [ 1426.934948] RSP: 002b:00000000f5f520ac EFLAGS: 00000282 ORIG_RAX: 0000000000000078 [ 1426.942662] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020b53000 [ 1426.949923] RDX: 000000002084effc RSI: 0000000020c35ffc RDI: 0000000020b3bfff [ 1426.957183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1426.964453] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 2018/06/01 03:16:53 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0xffffff7f00000000}, 0x0) [ 1426.971715] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1427.007708] validate_nla: 4 callbacks suppressed [ 1427.007718] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:53 executing program 7: r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x10}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'vcan0\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000280)={@dev={0xfe, 0x80, [], 0x11}, 0x7e, r2}) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r4 = openat$cgroup_subtree(r3, &(0x7f00000000c0)='cgroup.subtree_control\x00', 0x2, 0x0) write$cgroup_subtree(r4, &(0x7f0000000040)={[{0x2d, 'pids', 0x20}]}, 0x6) 2018/06/01 03:16:53 executing program 3 (fault-call:2 fault-nth:3): ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000a1cffc)) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000b3bfff)) 2018/06/01 03:16:53 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0x7f520e1cf2000000}, 0x0) 2018/06/01 03:16:53 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0xc3c0, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x7400000000000000}, 0x0) 2018/06/01 03:16:53 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0xb1, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) r1 = syz_open_procfs(r0, &(0x7f0000000100)='net/ip_mr_cache\x00') r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/mcfilter6\x00') sendfile(r2, r1, &(0x7f00000000c0)=0x2000000, 0x400) 2018/06/01 03:16:53 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000280), 0xfffffdf7, 0x20000004, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty={[0x40020000]}}, 0x1c) shutdown(r0, 0x0) 2018/06/01 03:16:53 executing program 6: r0 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x3, 0x80441) splice(r0, &(0x7f00000000c0), 0xffffffffffffffff, &(0x7f0000000080), 0x43, 0x0) fchmod(r0, 0x0) [ 1427.293113] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:54 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x8638, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:54 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0x2000000000000000}, 0x0) 2018/06/01 03:16:54 executing program 6: r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) fcntl$setsig(r0, 0xa, 0x2e) fcntl$setlease(r0, 0x400, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000280)={0x5, 0x70, 0x5, 0x7fff, 0x2, 0x0, 0x0, 0x19, 0x8000, 0x2, 0x7, 0x4, 0x400, 0x6, 0x4, 0x6, 0x200, 0x7, 0x1, 0x9, 0x8, 0x800, 0xda, 0x1f, 0x6, 0xffffffffffffff11, 0x4, 0x8, 0x4, 0x4, 0x7, 0x4, 0xffff, 0x6, 0xfffffffffffffffc, 0x100000000, 0xfff, 0x100, 0x0, 0x27, 0x5, @perf_config_ext={0x3, 0x5}, 0x0, 0x40, 0x100, 0x7, 0x9, 0x7, 0x9}, r1, 0x7, r0, 0x3) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="df0000008aba2e69821c5c340631b5b17f31ad1950cff97c80df4c66f75a8841e5e195e92f0bed7118c9f0a8b6331109d44666980b081965129f6707ed16fad871f7d8cf1cacae68f1a296df4fae46e8fc8182d49d854b72c165ea86ef3948a70ab5a09c9d382b9cb1e9704acfaf7b01b246e8a4fe820f6016f1630e5d946f13537e0b6c234d2d9cc23eb75d6081dc9ed10dc274d37d1e88928e67b4a8a7885bad4dc455bfdb6f5ea0b05f92929c0c5450b17761780c75d2359db01c04ba5492b3a2294c1735fee42a1817bfa47d97734915b58ccebfa8930eded079635da0973849f1b79604d60e34e02ae7c9242713d8c55277609858012bff98e91c7ff3c3ac50cd2d6ef07d529a2bb69e177ba5cff21c03c2180180f6b215f47226b3948b8e59a80b451a866d9718d4066ab44f4db0902bc283184bcc7b9546b5791f1640e7ab18d8750e34108235216a77e827f30a56e00b12fba8"], &(0x7f0000000000)=0xe7) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYBLOB="0900640044ffdec9499d6bc513325ef226f42550eabe64f8b587bde0ed13258a6f673271bf64222117e619041691b0936eb2e2ebc54fe7da50e4806c478c9af940fffda02f1227a41f2ffddbce5d456733e6770fc913d50d83e2c6d1e32d8a4674a481872302b5147b49a11f63f008097402a6dfb845b1d9"], 0x6c) rt_sigprocmask(0x0, &(0x7f0000000040)={0xfffffffffffffffc}, 0x0, 0x8) r3 = creat(&(0x7f0000000140)='./file0\x00', 0x0) getsockopt$netrom_NETROM_T4(r3, 0x103, 0x6, &(0x7f0000000080)=0x4, &(0x7f00000000c0)=0x4) fcntl$setlease(r0, 0x400, 0x2) ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x5) 2018/06/01 03:16:54 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)=@setlink={0x28, 0x13, 0xf2f, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_OPERSTATE={0x8, 0x10, 0x5}]}, 0xffa5}, 0x1, 0x4000000}, 0x0) 2018/06/01 03:16:54 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) r1 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x4cfac366, 0x200000) ioctl$TIOCSCTTY(r1, 0x540e, 0xb99a) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000003000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x1}}, 0x2e) ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000180)="25c97b5e2be6937417a72f7bd8cf30a40ed586c11aeb316d728f37803dc99710c74257164c01a7e2f91c8d68d7190350ee6dc1a7a3e17171ce9dfe9f6730ebcdefd74e4b923d3b56603f70a21b8e1c03f75027c94eab9c4388504473d3d58df255b3ae06f2ef2445a65537d7077ed117a293a227e3e3706beb3c3f5a89b9e19c11c35dcd9ad01ed2034b773d3bad7833fc566528a6036856c230f435305d7e1a90a8393a59b9c967bcf86ebc31bc479d07f1") r3 = dup3(r2, r0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x26) ioctl$TIOCSLCKTRMIOS(r1, 0x5457, &(0x7f0000000080)) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x5, @empty, 0x200}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xa}}, @in6={0xa, 0x4e24, 0x8, @dev={0xfe, 0x80, [], 0xf}, 0x8001}, @in={0x2, 0x4e21}, @in={0x2, 0x4e24, @loopback=0x7f000001}, @in={0x2, 0x4e20, @rand_addr=0xffffffffffff8000}, @in6={0xa, 0x4e23, 0x5, @local={0xfe, 0x80, [], 0xaa}, 0x1}, @in={0x2, 0x4e22, @multicast1=0xe0000001}, @in={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e20, 0x9602, @loopback={0x0, 0x1}, 0x10001}], 0xd0) ioctl$SG_GET_KEEP_ORPHAN(r3, 0x2288, &(0x7f00000000c0)) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$PPPIOCGL2TPSTATS(r3, 0x80487436, &(0x7f00000000c0)) 2018/06/01 03:16:54 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) socket$inet(0x2, 0xeecc8f616621c659, 0x10000) syz_emit_ethernet(0x2d5, &(0x7f00000001c0)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @local={0xfe, 0x80, [], 0xaa}, {[], @udp={0x0, 0x4e20, 0x8}}}}}}, &(0x7f0000000040)) ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80206433, &(0x7f0000000080)=""/225) [ 1427.444906] netlink: 'syz-executor0': attribute type 16 has an invalid length. 2018/06/01 03:16:54 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000fffeffffffffffff02001300020000000000000000000000030006000000000002004e20e004001a000000000000002402000100e00000010000000200000000030005000000000002004e20e00000010000000000000000"], 0x60}, 0x1, 0x1000000}, 0x0) [ 1427.530596] FAULT_INJECTION: forcing a failure. [ 1427.530596] name failslab, interval 1, probability 0, space 0, times 0 [ 1427.542070] CPU: 1 PID: 24928 Comm: syz-executor3 Not tainted 4.17.0-rc7+ #102 [ 1427.549466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1427.558828] Call Trace: [ 1427.561436] dump_stack+0x1b9/0x294 [ 1427.565083] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1427.570289] ? save_stack+0x43/0xd0 [ 1427.574031] ? kasan_kmalloc+0xc4/0xe0 [ 1427.577936] ? kasan_slab_alloc+0x12/0x20 [ 1427.582099] ? kmem_cache_alloc+0x12e/0x760 [ 1427.586434] ? prepare_creds+0x78/0x3e0 [ 1427.590419] ? copy_creds+0x7b/0x470 [ 1427.594153] should_fail.cold.4+0xa/0x1a [ 1427.598238] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1427.603364] ? kasan_check_read+0x11/0x20 [ 1427.607520] ? rcu_is_watching+0x85/0x140 [ 1427.611666] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1427.616855] ? find_held_lock+0x36/0x1c0 [ 1427.620928] ? check_same_owner+0x320/0x320 [ 1427.625238] ? rcu_is_watching+0x85/0x140 [ 1427.629378] ? rcu_note_context_switch+0x710/0x710 [ 1427.634299] ? security_prepare_creds+0x94/0xc0 [ 1427.638959] __should_failslab+0x124/0x180 [ 1427.643186] should_failslab+0x9/0x14 [ 1427.646974] kmem_cache_alloc+0x2af/0x760 [ 1427.651109] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1427.656292] __delayacct_tsk_init+0x20/0x80 [ 1427.660606] copy_process.part.38+0x301c/0x6e70 [ 1427.665293] ? print_usage_bug+0xc0/0xc0 [ 1427.669705] ? print_usage_bug+0xc0/0xc0 [ 1427.673847] ? lock_acquire+0x1dc/0x520 [ 1427.677808] ? print_usage_bug+0xc0/0xc0 [ 1427.681864] ? __cleanup_sighand+0x70/0x70 [ 1427.686089] ? reacquire_held_locks+0xbc/0x3e0 [ 1427.690666] ? alloc_set_pte+0x1013/0x1600 [ 1427.694889] ? print_usage_bug+0xc0/0xc0 [ 1427.698949] ? debug_check_no_locks_freed+0x310/0x310 [ 1427.704134] ? kasan_check_read+0x11/0x20 [ 1427.708279] ? print_usage_bug+0xc0/0xc0 [ 1427.712334] ? debug_check_no_locks_freed+0x310/0x310 [ 1427.717509] ? __lock_acquire+0x7f5/0x5140 [ 1427.721727] ? debug_check_no_locks_freed+0x310/0x310 [ 1427.726903] ? debug_check_no_locks_freed+0x310/0x310 [ 1427.732084] ? debug_check_no_locks_freed+0x310/0x310 [ 1427.737257] ? print_usage_bug+0xc0/0xc0 [ 1427.741307] ? print_usage_bug+0xc0/0xc0 [ 1427.745361] ? lock_downgrade+0x8e0/0x8e0 [ 1427.749511] ? graph_lock+0x170/0x170 [ 1427.753299] ? lock_acquire+0x1dc/0x520 [ 1427.757267] ? __fdget_pos+0x1a9/0x1e0 [ 1427.761146] ? graph_lock+0x170/0x170 [ 1427.764942] ? __lock_acquire+0x7f5/0x5140 [ 1427.769175] ? find_held_lock+0x36/0x1c0 [ 1427.773239] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1427.778767] ? _parse_integer+0x13b/0x190 [ 1427.782901] ? graph_lock+0x170/0x170 [ 1427.786690] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1427.792211] ? _kstrtoull+0x180/0x230 [ 1427.796007] ? _parse_integer+0x190/0x190 [ 1427.800146] ? graph_lock+0x170/0x170 [ 1427.803933] ? lock_release+0xa10/0xa10 [ 1427.807892] ? check_same_owner+0x320/0x320 [ 1427.812198] ? find_held_lock+0x36/0x1c0 [ 1427.816248] ? graph_lock+0x170/0x170 [ 1427.820122] ? lock_downgrade+0x8e0/0x8e0 [ 1427.824268] ? find_held_lock+0x36/0x1c0 [ 1427.829027] ? lock_downgrade+0x8e0/0x8e0 [ 1427.833168] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1427.838691] ? proc_fail_nth_write+0x96/0x1f0 [ 1427.843180] ? proc_cwd_link+0x1d0/0x1d0 [ 1427.847226] ? find_held_lock+0x36/0x1c0 [ 1427.851275] ? find_held_lock+0x36/0x1c0 [ 1427.855326] _do_fork+0x291/0x12a0 [ 1427.858857] ? fork_idle+0x1a0/0x1a0 [ 1427.862560] ? __lock_is_held+0xb5/0x140 [ 1427.866635] ? __sb_end_write+0xac/0xe0 [ 1427.870599] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1427.876138] ? fput+0x130/0x1a0 [ 1427.879405] ? ksys_write+0x1a6/0x250 [ 1427.883195] ? __do_page_fault+0x441/0xe40 [ 1427.887418] ? __ia32_sys_read+0xb0/0xb0 [ 1427.891471] __ia32_compat_sys_x86_clone+0xbc/0x140 [ 1427.896473] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1427.901487] do_fast_syscall_32+0x345/0xf9b [ 1427.905796] ? do_int80_syscall_32+0x880/0x880 [ 1427.910364] ? _raw_spin_unlock_irq+0x27/0x70 [ 1427.914845] ? finish_task_switch+0x1ca/0x840 [ 1427.919338] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1427.924863] ? syscall_return_slowpath+0x30f/0x5c0 [ 1427.929785] ? sysret32_from_system_call+0x5/0x46 [ 1427.934900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1427.939731] entry_SYSENTER_compat+0x70/0x7f [ 1427.944125] RIP: 0023:0xf7f56cb9 [ 1427.947469] RSP: 002b:00000000f5f520ac EFLAGS: 00000282 ORIG_RAX: 0000000000000078 [ 1427.955165] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020b53000 [ 1427.962419] RDX: 000000002084effc RSI: 0000000020c35ffc RDI: 0000000020b3bfff [ 1427.969682] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 2018/06/01 03:16:54 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r0, &(0x7f0000c95ffd), 0x5978, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 2018/06/01 03:16:54 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000600)="646374637000d3c221b7a734beb26bffb3c3f07ac167cda9fab4947dc493331d35f6f2035f5cdff72458fff24a17802e7b5e406572239195a596615ac2cc3783b9aaff42433f800e401c1c9f9830da9ad044294cbf3efe0c2a2fc699124233b70f2148c967ffea44f21262eaf3bbcc084295fef55e63935469338be8eeed967da16f0a46ff8550fd9a510fabf6305599048981fc265b58c4e179de7433a7e292d458eed10056b66c41dbf3c7428a86759807c35e6393c7813d5b40c061327414aa36", 0x46) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0xfffffeb0) sendto$inet(r0, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e399aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0201c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x51, &(0x7f0000e66000)={0x2, 0x0, @rand_addr}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='yeah\x00', 0xffffffffffffffee) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000000)="15", 0x1}], 0x1) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000700)={'filter\x00', 0x7, 0x4, 0x454, 0x258, 0x118, 0x118, 0x370, 0x370, 0x370, 0x4, &(0x7f0000000040), {[{{@uncond, 0xf0, 0x118}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x80000001, 0x4, 0x2}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @dev={0xac, 0x14, 0x14, 0x10}, @multicast1=0xe0000001, 0xf, 0xffffffff}}}, {{@uncond, 0xf0, 0x118}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x8000, 0x382a, 0x1}}}], {{[], 0xc0, 0xe4}, {0x24, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4a0) [ 1427.976938] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1427.984192] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1428.128386] kasan: CONFIG_KASAN_INLINE enabled [ 1428.135501] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 1428.142873] general protection fault: 0000 [#1] SMP KASAN [ 1428.148411] Dumping ftrace buffer: [ 1428.151949] (ftrace buffer empty) [ 1428.155659] Modules linked in: [ 1428.158862] CPU: 0 PID: 24928 Comm: syz-executor3 Not tainted 4.17.0-rc7+ #102 [ 1428.166221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1428.175569] RIP: 0010:__delayacct_blkio_end+0x4f/0xc0 [ 1428.180780] RSP: 0018:ffff880164d64d58 EFLAGS: 00010002 [ 1428.186127] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc900028cd000 [ 1428.193392] RDX: 0000000000000007 RSI: ffffffff817a4de1 RDI: 0000000000000038 [ 1428.200732] RBP: ffff880164d64d70 R08: ffffed003b5c46d3 R09: 0000000000000001 [ 1428.207985] R10: ffff880164d64e00 R11: ffff8801dae23693 R12: ffff8801b8f3e440 [ 1428.215246] R13: ffff880190f96600 R14: ffff880190f9663c R15: 0000000000000002 [ 1428.222500] FS: 0000000000000000(0000) GS:ffff8801dae00000(0063) knlGS:00000000f5f52b40 [ 1428.230713] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 1428.236578] CR2: 00007ffe6bcf0e9c CR3: 00000001cb83c000 CR4: 00000000001406f0 [ 1428.243834] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1428.251091] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1428.258342] Call Trace: [ 1428.260928] try_to_wake_up+0xa89/0x1190 [ 1428.264979] ? migrate_swap_stop+0x850/0x850 [ 1428.269377] ? retint_kernel+0x10/0x10 [ 1428.273266] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1428.278792] ? anon_vma_interval_tree_iter_next+0xf7/0x240 [ 1428.284407] default_wake_function+0x30/0x50 [ 1428.288800] ? rmap_walk_anon+0x73a/0xe80 [ 1428.292930] autoremove_wake_function+0x7a/0x350 [ 1428.297674] ? finish_wait+0x420/0x420 [ 1428.301545] ? invalid_page_referenced_vma+0x5e0/0x5e0 [ 1428.306811] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1428.311553] wake_page_function+0x15f/0x1c0 [ 1428.315865] __wake_up_common+0x189/0x730 [ 1428.319997] ? wait_woken+0x2a0/0x2a0 [ 1428.323786] ? total_mapcount+0x2c7/0x910 [ 1428.327922] ? kasan_check_write+0x14/0x20 [ 1428.332143] ? do_raw_spin_lock+0xc1/0x200 [ 1428.336376] __wake_up_locked_key_bookmark+0x16/0x20 [ 1428.341466] wake_up_page_bit+0x297/0x580 [ 1428.345603] ? filemap_fdatawait_keep_errors+0xc0/0xc0 [ 1428.350864] ? try_to_munlock+0x670/0x670 [ 1428.354998] ? __lock_acquire+0x7f5/0x5140 [ 1428.359223] ? mark_held_locks+0xc9/0x160 [ 1428.363364] ? putback_movable_pages+0xac0/0xac0 [ 1428.368104] ? do_pages_stat+0x420/0x420 [ 1428.372149] unlock_page+0x214/0x2b0 [ 1428.375848] ? wake_up_page_bit+0x580/0x580 [ 1428.380154] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1428.385671] ? unfreeze_page+0x132/0x1b0 [ 1428.389712] ? compound_mapcount+0x300/0x300 [ 1428.394112] ? _raw_spin_unlock_irqrestore+0xa1/0xc0 [ 1428.399200] __split_huge_page+0xfc7/0x17b0 [ 1428.403522] ? vmf_insert_pfn_pud+0x5b0/0x5b0 [ 1428.408010] ? debug_check_no_locks_freed+0x310/0x310 [ 1428.413194] ? vma_adjust_trans_huge+0x310/0x310 [ 1428.417944] ? check_pte+0x4b0/0x4b0 [ 1428.421648] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1428.427169] ? vma_kernel_pagesize+0xb0/0xb0 [ 1428.431560] ? graph_lock+0x170/0x170 [ 1428.435346] ? try_to_munlock+0x670/0x670 [ 1428.439480] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1428.445004] ? total_mapcount+0x2c7/0x910 [ 1428.449141] ? graph_lock+0x170/0x170 [ 1428.452927] ? vma_adjust_trans_huge+0x310/0x310 [ 1428.457669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1428.463203] ? try_to_unmap+0x37f/0x850 [ 1428.467165] ? rmap_walk_locked+0x340/0x340 [ 1428.471472] ? find_held_lock+0x36/0x1c0 [ 1428.475533] ? lock_downgrade+0x8e0/0x8e0 [ 1428.479669] ? kasan_check_read+0x11/0x20 [ 1428.483804] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1428.488196] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1428.492764] ? kasan_check_write+0x14/0x20 [ 1428.496984] ? do_raw_spin_lock+0xc1/0x200 [ 1428.501205] split_huge_page_to_list+0x15a2/0x1bf0 [ 1428.506119] ? can_split_huge_page+0x770/0x770 [ 1428.510686] ? vma_adjust_trans_huge+0x310/0x310 [ 1428.515429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1428.520961] ? page_mapped+0x34e/0x760 [ 1428.524834] ? __page_mapcount+0x530/0x530 [ 1428.529070] ? rmap_walk+0x243/0x350 [ 1428.532768] ? page_get_anon_vma+0x570/0x570 [ 1428.537343] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1428.542873] ? page_rmapping+0xd3/0x150 [ 1428.546839] ? vm_mmap+0xc0/0xc0 [ 1428.550192] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1428.555977] ? page_referenced+0x2c5/0xaa0 [ 1428.560265] ? rmap_walk+0x350/0x350 [ 1428.563961] ? lock_downgrade+0x8e0/0x8e0 [ 1428.568217] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1428.574614] ? page_mapping+0x447/0x5c0 [ 1428.578675] ? shmem_parse_options.cold.49+0x49/0x49 [ 1428.583761] ? rcu_is_watching+0x85/0x140 [ 1428.587894] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1428.593074] ? page_evictable+0x23b/0x340 [ 1428.597223] ? page_mapcount_is_zero+0x30/0x30 [ 1428.601790] ? __anon_vma_prepare+0x700/0x700 [ 1428.606273] shrink_page_list+0x4a4b/0x5fe0 [ 1428.610616] ? page_evictable+0x340/0x340 [ 1428.614752] ? rb_erase_cached+0xc6a/0x32a0 [ 1428.619075] ? kernel_poison_pages+0x136/0x220 [ 1428.623642] ? kasan_unpoison_shadow+0x35/0x50 [ 1428.628208] ? rb_next+0x140/0x140 [ 1428.631731] ? graph_lock+0x170/0x170 [ 1428.635688] ? __lock_acquire+0x7f5/0x5140 [ 1428.639918] ? __update_load_avg_se.isra.34+0x61e/0x980 [ 1428.645268] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 1428.651314] ? graph_lock+0x170/0x170 [ 1428.655101] ? print_usage_bug+0xc0/0xc0 [ 1428.659145] ? update_load_avg+0x2d9/0x2570 [ 1428.663886] ? print_usage_bug+0xc0/0xc0 [ 1428.667932] ? attach_entity_load_avg+0x850/0x850 [ 1428.672762] ? graph_lock+0x170/0x170 [ 1428.676551] ? __lock_acquire+0x7f5/0x5140 [ 1428.680771] ? print_usage_bug+0xc0/0xc0 [ 1428.684814] ? __lock_is_held+0xb5/0x140 [ 1428.688856] ? graph_lock+0x170/0x170 [ 1428.692644] ? rb_erase_cached+0xc6a/0x32a0 [ 1428.696952] ? rb_next+0x140/0x140 [ 1428.700485] ? update_cfs_rq_load_avg.part.67+0x2c0/0x2c0 [ 1428.706018] ? __update_load_avg_cfs_rq.isra.35+0x435/0x590 [ 1428.711725] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 1428.717770] ? graph_lock+0x170/0x170 [ 1428.721567] ? update_load_avg+0x2d9/0x2570 [ 1428.725878] ? __update_load_avg_se.isra.34+0x61e/0x980 [ 1428.731233] ? attach_entity_load_avg+0x850/0x850 [ 1428.736072] ? update_load_avg+0x2d9/0x2570 [ 1428.740386] ? attach_entity_load_avg+0x850/0x850 [ 1428.745225] ? print_usage_bug+0xc0/0xc0 [ 1428.749283] ? rcu_read_lock_sched_held+0x108/0x120 [ 1428.754288] ? rb_erase+0x3530/0x3530 [ 1428.758073] ? print_usage_bug+0xc0/0xc0 [ 1428.762117] ? graph_lock+0x170/0x170 [ 1428.765901] ? __lock_acquire+0x7f5/0x5140 [ 1428.770121] ? print_usage_bug+0xc0/0xc0 [ 1428.774168] ? attach_entity_load_avg+0x850/0x850 [ 1428.778996] ? cgroup_cpu_stat_updated+0xa5/0x410 [ 1428.783828] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 1428.789869] ? graph_lock+0x170/0x170 [ 1428.793655] ? update_load_avg+0x2d9/0x2570 [ 1428.797962] ? attach_entity_load_avg+0x850/0x850 [ 1428.802791] ? update_load_avg+0x2d9/0x2570 [ 1428.807095] ? debug_check_no_locks_freed+0x310/0x310 [ 1428.812272] ? attach_entity_load_avg+0x850/0x850 [ 1428.817098] ? __lock_is_held+0xb5/0x140 [ 1428.821145] ? __account_cfs_rq_runtime+0x600/0x600 [ 1428.826145] ? graph_lock+0x170/0x170 [ 1428.829929] ? graph_lock+0x170/0x170 [ 1428.833803] ? rb_erase+0x3530/0x3530 [ 1428.837604] ? print_usage_bug+0xc0/0xc0 [ 1428.841650] ? print_usage_bug+0xc0/0xc0 [ 1428.845695] ? graph_lock+0x170/0x170 [ 1428.849480] ? find_held_lock+0x36/0x1c0 [ 1428.853526] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1428.859053] ? __isolate_lru_page+0x751/0x9d0 [ 1428.863539] ? putback_lru_page+0x270/0x270 [ 1428.867848] ? graph_lock+0x170/0x170 [ 1428.871641] ? graph_lock+0x170/0x170 [ 1428.875431] ? __lock_acquire+0x7f5/0x5140 [ 1428.879654] ? graph_lock+0x170/0x170 [ 1428.883464] ? debug_check_no_locks_freed+0x310/0x310 [ 1428.889339] ? kasan_check_write+0x14/0x20 [ 1428.893557] ? __mod_zone_page_state+0xa0/0xd0 [ 1428.898125] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1428.903648] ? isolate_lru_pages.isra.52+0x103c/0x18d0 [ 1428.908918] ? __isolate_lru_page+0x9d0/0x9d0 [ 1428.913400] ? debug_check_no_locks_freed+0x310/0x310 [ 1428.918577] ? graph_lock+0x170/0x170 [ 1428.922381] ? debug_check_no_locks_freed+0x310/0x310 [ 1428.927560] ? debug_check_no_locks_freed+0x310/0x310 [ 1428.932738] ? find_held_lock+0x36/0x1c0 [ 1428.936875] ? print_usage_bug+0xc0/0xc0 [ 1428.940922] ? flush_plug_callbacks+0x553/0x7f0 [ 1428.945577] ? bio_cur_bytes+0x1e0/0x1e0 [ 1428.949620] ? graph_lock+0x170/0x170 [ 1428.953404] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1428.957795] ? print_usage_bug+0xc0/0xc0 [ 1428.961838] ? __lock_acquire+0x7f5/0x5140 [ 1428.966058] ? find_held_lock+0x36/0x1c0 [ 1428.970106] ? lock_downgrade+0x8e0/0x8e0 [ 1428.974250] ? kasan_check_read+0x11/0x20 [ 1428.978384] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1428.982966] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1428.987965] shrink_inactive_list+0x73a/0x1c60 [ 1428.992537] ? putback_inactive_pages+0x1b00/0x1b00 [ 1428.997534] ? graph_lock+0x170/0x170 [ 1429.001319] ? kasan_check_read+0x11/0x20 [ 1429.005454] ? mem_cgroup_get_nr_swap_pages+0x182/0x320 [ 1429.010814] ? blk_start_plug+0xc4/0x360 [ 1429.015140] ? blk_lld_busy+0x70/0x70 [ 1429.018925] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1429.024445] ? lruvec_lru_size+0x2a4/0x430 [ 1429.028662] ? graph_lock+0x170/0x170 [ 1429.032449] ? throttle_direct_reclaim+0x9d0/0x9d0 [ 1429.037366] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 1429.042538] shrink_node_memcg+0x78c/0x1910 [ 1429.046846] ? shrink_active_list+0x17f0/0x17f0 [ 1429.051498] ? kasan_check_read+0x11/0x20 [ 1429.055627] ? rcu_is_watching+0x85/0x140 [ 1429.059759] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1429.065277] ? mem_cgroup_iter+0x4b0/0x9d0 [ 1429.069498] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1429.075050] shrink_node+0x481/0x1740 [ 1429.078850] ? shrink_node_memcg+0x1910/0x1910 [ 1429.083419] ? kvm_clock_read+0x25/0x30 [ 1429.087378] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1429.092406] ? ktime_get+0x2d9/0x430 [ 1429.096107] ? do_gettimeofday+0x170/0x170 [ 1429.100328] ? lock_downgrade+0x8e0/0x8e0 [ 1429.104460] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1429.109989] do_try_to_free_pages+0x3c9/0x1240 [ 1429.114569] ? shrink_node+0x1740/0x1740 [ 1429.118614] ? rcu_is_watching+0x85/0x140 [ 1429.122747] ? rcu_pm_notify+0xc0/0xc0 [ 1429.126628] try_to_free_mem_cgroup_pages+0x475/0xc50 [ 1429.131804] ? try_to_free_pages+0xb30/0xb30 [ 1429.136197] ? lock_downgrade+0x8e0/0x8e0 [ 1429.140590] ? kasan_check_read+0x11/0x20 [ 1429.144728] ? kasan_check_read+0x11/0x20 [ 1429.148875] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1429.153265] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1429.157833] ? trace_hardirqs_on+0xd/0x10 [ 1429.161965] reclaim_high.constprop.67+0x12f/0x1d0 [ 1429.166878] ? memcg_event_wake+0x410/0x410 [ 1429.171185] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1429.176795] ? exit_to_usermode_loop+0x87/0x310 [ 1429.181451] mem_cgroup_handle_over_high+0x8d/0x130 [ 1429.186457] exit_to_usermode_loop+0x274/0x310 [ 1429.191035] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1429.195866] do_fast_syscall_32+0xcc3/0xf9b [ 1429.200171] ? do_int80_syscall_32+0x880/0x880 [ 1429.204736] ? _raw_spin_unlock_irq+0x27/0x70 [ 1429.209236] ? finish_task_switch+0x1ca/0x840 [ 1429.213720] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1429.219245] ? syscall_return_slowpath+0x30f/0x5c0 [ 1429.224160] ? sysret32_from_system_call+0x5/0x46 [ 1429.228991] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1429.233832] entry_SYSENTER_compat+0x70/0x7f [ 1429.238223] RIP: 0023:0xf7f56cb9 [ 1429.241568] RSP: 002b:00000000f5f520ac EFLAGS: 00000282 ORIG_RAX: 0000000000000078 [ 1429.249261] RAX: 0000000000001e4f RBX: 0000000000000000 RCX: 0000000020b53000 [ 1429.256598] RDX: 000000002084effc RSI: 0000000020c35ffc RDI: 0000000020b3bfff [ 1429.263849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1429.271115] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 1429.278380] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1429.285637] Code: fa 48 c1 ea 03 80 3c 02 00 0f 85 80 00 00 00 48 8b 9b 30 12 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 38 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 04 3c 03 7e 51 44 8b 63 38 31 ff 41 83 e4 [ 1429.304836] RIP: __delayacct_blkio_end+0x4f/0xc0 RSP: ffff880164d64d58 [ 1429.311487] [ 1429.311492] ====================================================== [ 1429.311496] WARNING: possible circular locking dependency detected [ 1429.311499] 4.17.0-rc7+ #102 Not tainted [ 1429.311503] ------------------------------------------------------ [ 1429.311507] syz-executor3/24928 is trying to acquire lock: [ 1429.311509] 0000000088567bb7 ((console_sem).lock){-.-.}, at: down_trylock+0x13/0x70 [ 1429.311520] [ 1429.311523] but task is already holding lock: [ 1429.311526] 000000009d0c7cc3 (&p->pi_lock){-.-.}, at: try_to_wake_up+0xca/0x1190 [ 1429.311536] [ 1429.311539] which lock already depends on the new lock. [ 1429.311541] [ 1429.311542] [ 1429.311546] the existing dependency chain (in reverse order) is: [ 1429.311548] [ 1429.311549] -> #1 (&p->pi_lock){-.-.}: [ 1429.311560] _raw_spin_lock_irqsave+0x96/0xc0 [ 1429.311563] try_to_wake_up+0xca/0x1190 [ 1429.311566] wake_up_process+0x10/0x20 [ 1429.311568] __up.isra.1+0x1b8/0x290 [ 1429.311571] up+0x12f/0x1b0 [ 1429.311574] __up_console_sem+0xbe/0x1b0 [ 1429.311577] console_unlock+0x7d6/0x1100 [ 1429.311580] do_con_write+0x12b2/0x2280 [ 1429.311582] con_write+0x25/0xc0 [ 1429.311585] n_tty_write+0x6b9/0x1180 [ 1429.311588] tty_write+0x3f1/0x880 [ 1429.311591] __vfs_write+0x10b/0x960 [ 1429.311593] vfs_write+0x1f8/0x560 [ 1429.311596] ksys_write+0xf9/0x250 [ 1429.311599] __x64_sys_write+0x73/0xb0 [ 1429.311602] do_syscall_64+0x1b1/0x800 [ 1429.311605] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1429.311607] [ 1429.311608] -> #0 ((console_sem).lock){-.-.}: [ 1429.311618] lock_acquire+0x1dc/0x520 [ 1429.311621] _raw_spin_lock_irqsave+0x96/0xc0 [ 1429.311624] down_trylock+0x13/0x70 [ 1429.311627] __down_trylock_console_sem+0xae/0x200 [ 1429.311630] console_trylock+0x15/0xa0 [ 1429.311633] vprintk_emit+0x694/0xdd0 [ 1429.311636] vprintk_default+0x28/0x30 [ 1429.311639] vprintk_func+0x7a/0xe7 [ 1429.311641] printk+0x9e/0xba [ 1429.311645] kasan_die_handler.cold.22+0x11/0x30 [ 1429.311648] notifier_call_chain+0x178/0x380 [ 1429.311651] atomic_notifier_call_chain+0x98/0x190 [ 1429.311654] notify_die+0x1a3/0x2b0 [ 1429.311657] do_general_protection+0x248/0x2f0 [ 1429.311660] general_protection+0x1e/0x30 [ 1429.311663] __delayacct_blkio_end+0x4f/0xc0 [ 1429.311666] try_to_wake_up+0xa89/0x1190 [ 1429.311669] default_wake_function+0x30/0x50 [ 1429.311673] autoremove_wake_function+0x7a/0x350 [ 1429.311676] wake_page_function+0x15f/0x1c0 [ 1429.311679] __wake_up_common+0x189/0x730 [ 1429.311682] __wake_up_locked_key_bookmark+0x16/0x20 [ 1429.311685] wake_up_page_bit+0x297/0x580 [ 1429.311688] unlock_page+0x214/0x2b0 [ 1429.311691] __split_huge_page+0xfc7/0x17b0 [ 1429.311694] split_huge_page_to_list+0x15a2/0x1bf0 [ 1429.311697] shrink_page_list+0x4a4b/0x5fe0 [ 1429.311701] shrink_inactive_list+0x73a/0x1c60 [ 1429.311704] shrink_node_memcg+0x78c/0x1910 [ 1429.311707] shrink_node+0x481/0x1740 [ 1429.311710] do_try_to_free_pages+0x3c9/0x1240 [ 1429.311714] try_to_free_mem_cgroup_pages+0x475/0xc50 [ 1429.311717] reclaim_high.constprop.67+0x12f/0x1d0 [ 1429.311721] mem_cgroup_handle_over_high+0x8d/0x130 [ 1429.311724] exit_to_usermode_loop+0x274/0x310 [ 1429.311727] do_fast_syscall_32+0xcc3/0xf9b [ 1429.311730] entry_SYSENTER_compat+0x70/0x7f [ 1429.311731] [ 1429.311735] other info that might help us debug this: [ 1429.311736] [ 1429.311739] Possible unsafe locking scenario: [ 1429.311741] [ 1429.311744] CPU0 CPU1 [ 1429.311747] ---- ---- [ 1429.311749] lock(&p->pi_lock); [ 1429.311756] lock((console_sem).lock); [ 1429.311763] lock(&p->pi_lock); [ 1429.311768] lock((console_sem).lock); [ 1429.311774] [ 1429.311776] *** DEADLOCK *** [ 1429.311778] [ 1429.311781] 4 locks held by syz-executor3/24928: [ 1429.311782] #0: 00000000e959f8ae (&anon_vma->rwsem){++++}, at: split_huge_page_to_list+0xd54/0x1bf0 [ 1429.311795] #1: 00000000d997cd2b (&page_wait_table[i]){-.-.}, at: wake_up_page_bit+0x27d/0x580 [ 1429.311808] #2: 000000009d0c7cc3 (&p->pi_lock){-.-.}, at: try_to_wake_up+0xca/0x1190 [ 1429.311820] #3: 000000008b462473 (rcu_read_lock){....}, at: atomic_notifier_call_chain+0x0/0x190 [ 1429.311832] [ 1429.311834] stack backtrace: [ 1429.311839] CPU: 0 PID: 24928 Comm: syz-executor3 Not tainted 4.17.0-rc7+ #102 [ 1429.311845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1429.311847] Call Trace: [ 1429.311850] dump_stack+0x1b9/0x294 [ 1429.311853] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1429.311856] ? print_lock+0xd1/0xd6 [ 1429.311859] ? vprintk_func+0xd0/0xe7 [ 1429.311863] print_circular_bug.isra.36.cold.54+0x1bd/0x27d [ 1429.311865] ? save_trace+0xe0/0x290 [ 1429.311868] __lock_acquire+0x343e/0x5140 [ 1429.311872] ? debug_check_no_locks_freed+0x310/0x310 [ 1429.311875] ? debug_check_no_locks_freed+0x310/0x310 [ 1429.311878] ? update_load_avg+0x2d9/0x2570 [ 1429.311881] ? __lock_acquire+0x7f5/0x5140 [ 1429.311884] ? update_load_avg+0x2d9/0x2570 [ 1429.311887] ? print_usage_bug+0xc0/0xc0 [ 1429.311890] ? attach_entity_load_avg+0x850/0x850 [ 1429.311893] ? graph_lock+0x170/0x170 [ 1429.311896] ? graph_lock+0x170/0x170 [ 1429.311899] lock_acquire+0x1dc/0x520 [ 1429.311901] ? down_trylock+0x13/0x70 [ 1429.311904] ? lock_release+0xa10/0xa10 [ 1429.311907] ? lock_downgrade+0x8e0/0x8e0 [ 1429.311910] ? kvm_sched_clock_read+0x9/0x20 [ 1429.311913] ? sched_clock+0x31/0x40 [ 1429.311916] ? vprintk_emit+0x694/0xdd0 [ 1429.311919] _raw_spin_lock_irqsave+0x96/0xc0 [ 1429.311922] ? down_trylock+0x13/0x70 [ 1429.311924] down_trylock+0x13/0x70 [ 1429.311928] __down_trylock_console_sem+0xae/0x200 [ 1429.311930] console_trylock+0x15/0xa0 [ 1429.311933] vprintk_emit+0x694/0xdd0 [ 1429.311936] ? find_held_lock+0x36/0x1c0 [ 1429.311939] ? console_unlock+0x1100/0x1100 [ 1429.311942] ? lock_downgrade+0x8e0/0x8e0 [ 1429.311945] ? __lock_acquire+0x7f5/0x5140 [ 1429.311948] ? kasan_check_read+0x11/0x20 [ 1429.311951] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1429.311954] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1429.311957] ? page_rmapping+0x150/0x150 [ 1429.311960] vprintk_default+0x28/0x30 [ 1429.311963] vprintk_func+0x7a/0xe7 [ 1429.311965] printk+0x9e/0xba [ 1429.311968] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 1429.311971] ? check_pte+0x4b0/0x4b0 [ 1429.311974] ? kasan_die_handler.cold.22+0x5/0x30 [ 1429.311977] kasan_die_handler.cold.22+0x11/0x30 [ 1429.311981] notifier_call_chain+0x178/0x380 [ 1429.311984] ? unregister_die_notifier+0x20/0x20 [ 1429.311987] ? rcu_is_watching+0x85/0x140 [ 1429.311994] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1429.311997] ? cmp_ex_search+0x8c/0xb0 [ 1429.312000] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1429.312005] atomic_notifier_call_chain+0x98/0x190 [ 1429.312008] notify_die+0x1a3/0x2b0 [ 1429.312013] ? __atomic_notifier_call_chain+0x1a0/0x1a0 [ 1429.312017] ? search_exception_tables+0x47/0x50 [ 1429.312021] do_general_protection+0x248/0x2f0 [ 1429.312024] general_protection+0x1e/0x30 [ 1429.312027] RIP: 0010:__delayacct_blkio_end+0x4f/0xc0 [ 1429.312031] RSP: 0018:ffff880164d64d58 EFLAGS: 00010002 [ 1429.312037] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc900028cd000 [ 1429.312042] RDX: 0000000000000007 RSI: ffffffff817a4de1 RDI: 0000000000000038 [ 1429.312046] RBP: ffff880164d64d70 R08: ffffed003b5c46d3 R09: 0000000000000001 [ 1429.312051] R10: ffff880164d64e00 R11: ffff8801dae23693 R12: ffff8801b8f3e440 [ 1429.312055] R13: ffff880190f96600 R14: ffff880190f9663c R15: 0000000000000002 [ 1429.312058] ? __delayacct_blkio_end+0x11/0xc0 [ 1429.312061] ? __delayacct_blkio_end+0x11/0xc0 [ 1429.312064] try_to_wake_up+0xa89/0x1190 [ 1429.312067] ? migrate_swap_stop+0x850/0x850 [ 1429.312070] ? retint_kernel+0x10/0x10 [ 1429.312074] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1429.312077] ? anon_vma_interval_tree_iter_next+0xf7/0x240 [ 1429.312080] default_wake_function+0x30/0x50 [ 1429.312083] ? rmap_walk_anon+0x73a/0xe80 [ 1429.312087] autoremove_wake_function+0x7a/0x350 [ 1429.312089] ? finish_wait+0x420/0x420 [ 1429.312093] ? invalid_page_referenced_vma+0x5e0/0x5e0 [ 1429.312096] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1429.312099] wake_page_function+0x15f/0x1c0 [ 1429.312102] __wake_up_common+0x189/0x730 [ 1429.312105] ? wait_woken+0x2a0/0x2a0 [ 1429.312108] ? total_mapcount+0x2c7/0x910 [ 1429.312111] ? kasan_check_write+0x14/0x20 [ 1429.312114] ? do_raw_spin_lock+0xc1/0x200 [ 1429.312117] __wake_up_locked_key_bookmark+0x16/0x20 [ 1429.312120] wake_up_page_bit+0x297/0x580 [ 1429.312123] ? filemap_fdatawait_keep_errors+0xc0/0xc0 [ 1429.312126] ? try_to_munlock+0x670/0x670 [ 1429.312129] ? __lock_acquire+0x7f5/0x5140 [ 1429.312132] ? mark_held_locks+0xc9/0x160 [ 1429.312136] ? putback_movable_pages+0xac0/0xac0 [ 1429.312139] ? do_pages_stat+0x420/0x420 [ 1429.312141] unlock_page+0x214/0x2b0 [ 1429.312144] ? wake_up_page_bit+0x580/0x580 [ 1429.312148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1429.312151] ? unfreeze_page+0x132/0x1b0 [ 1429.312154] ? compound_mapcount+0x300/0x300 [ 1429.312158] ? _raw_spin_unlock_irqrestore+0xa1/0xc0 [ 1429.312161] __split_huge_page+0xfc7/0x17b0 [ 1429.312164] ? vmf_insert_pfn_pud+0x5b0/0x5b0 [ 1429.312167] ? debug_check_no_locks_freed+0x310/0x310 [ 1429.312171] ? vma_adjust_trans_huge+0x310/0x310 [ 1429.312173] ? check_pte+0x4b0/0x4b0 [ 1429.312177] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1429.312180] ? vma_kernel_pagesize+0xb0/0xb0 [ 1429.312183] ? graph_lock+0x170/0x170 [ 1429.312186] ? try_to_munlock+0x670/0x670 [ 1429.312189] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1429.312192] ? total_mapcount+0x2c7/0x910 [ 1429.312195] ? graph_lock+0x170/0x170 [ 1429.312198] ? vma_adjust_trans_huge+0x310/0x310 [ 1429.312202] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1429.312204] ? try_to_unmap+0x37f/0x850 [ 1429.312207] ? rmap_walk_locked+0x340/0x340 [ 1429.312210] ? find_held_lock+0x36/0x1c0 [ 1429.312213] ? lock_downgrade+0x8e0/0x8e0 [ 1429.312216] ? kasan_check_read+0x11/0x20 [ 1429.312219] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1429.312223] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1429.312226] ? kasan_check_write+0x14/0x20 [ 1429.312228] ? do_raw_spin_lock+0xc1/0x200 [ 1429.312232] split_huge_page_to_list+0x15a2/0x1bf0 [ 1429.312235] ? can_split_huge_page+0x770/0x770 [ 1429.312238] ? vma_adjust_trans_huge+0x310/0x310 [ 1429.312242] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1429.312245] ? page_mapped+0x34e/0x760 [ 1429.312248] ? __page_mapcount+0x530/0x530 [ 1429.312250] ? rmap_walk+0x243/0x350 [ 1429.312253] ? page_get_anon_vma+0x570/0x570 [ 1429.312256] ? __sanitizer_cov_tr [ 1429.312262] Lost 163 message(s)! [ 1430.339437] ---[ end trace b71f5feca21fdc7b ]--- [ 1430.344184] Kernel panic - not syncing: Fatal exception [ 1430.350056] Dumping ftrace buffer: [ 1430.353591] (ftrace buffer empty) [ 1430.357286] Kernel Offset: disabled [ 1430.360897] Rebooting in 86400 seconds..